AT2: Asynchronous Trustworthy Transfers

Many blockchain-based protocols, such as Bitcoin, implement a decentralized asset transfer (or exchange) system. As clearly stated in the original paper by Nakamoto, the crux of this problem lies in prohibiting any participant from engaging in double-spending. There seems to be a common belief that consensus is necessary for solving the double-spending problem. Indeed, whether it is for a permissionless or a permissioned environment, the typical solution uses consensus to build a totally ordered ledger of submitted transfers. In this paper we show that this common belief is false: consensus is not needed to implement of a decentralized asset transfer system. We do so by introducing AT2 (Asynchronous Trustworthy Transfers), a class of consensusless algorithms. To show formally that consensus is unnecessary for asset transfers, we consider this problem first in the shared-memory context. We introduce AT2$_{SM}$, a wait-free algorithm that asynchronously implements asset transfer in the read-write shared-memory model. In other words, we show that the consensus number of an asset-transfer object is one. In the message passing model with Byzantine faults, we introduce a generic asynchronous algorithm called AT2$_{MP}$ and discuss two instantiations of this solution. First, AT2$_{D}$ ensures deterministic guarantees and consequently targets a small scale deployment (tens to hundreds of nodes), typically for a permissioned environment. Second, AT2$_{P}$ provides probabilistic guarantees and scales well to a very large system size (tens of thousands of nodes), ensuring logarithmic latency and communication complexity. Instead of consensus, we construct AT2$_{D}$ and AT2$_{P}$ on top of a broadcast primitive with causal ordering guarantees offering deterministic and probabilistic properties, respectively.

[1]  Elaine Shi,et al.  The Honey Badger of BFT Protocols , 2016, CCS.

[2]  Sam Toueg,et al.  Fault-tolerant broadcasts and related problems , 1993 .

[3]  Ariel Gabizon,et al.  Cryptocurrencies Without Proof of Work , 2014, Financial Cryptography Workshops.

[4]  André Schiper,et al.  Handling message semantics with Generic Broadcast protocols , 2002, Distributed Computing.

[5]  Bryan Ford,et al.  Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing , 2016, USENIX Security Symposium.

[6]  Silvio Micali,et al.  Algorand: Scaling Byzantine Agreements for Cryptocurrencies , 2017, IACR Cryptol. ePrint Arch..

[7]  Rachid Guerraoui,et al.  Introduction to Reliable and Secure Distributed Programming , 2011 .

[8]  Christian Cachin,et al.  Secure INtrusion-Tolerant Replication on the Internet , 2002, Proceedings International Conference on Dependable Systems and Networks.

[9]  Christian Decker,et al.  Bitcoin meets strong consistency , 2014, ICDCN.

[10]  Saurabh Gupta A Non-Consensus Based Decentralized Financial Transaction Processing Model with Support for Efficient Auditing , 2016 .

[11]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[12]  Idit Keidar,et al.  Brahms: byzantine resilient random membership sampling , 2008, PODC '08.

[13]  Sam Toueg,et al.  Asynchronous consensus and broadcast protocols , 1985, JACM.

[14]  Stephen B. Wicker,et al.  Vegvisir: A Partition-Tolerant Blockchain for the Internet-of-Things , 2018, 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS).

[15]  Gabriel Bracha,et al.  Asynchronous Byzantine Agreement Protocols , 1987, Inf. Comput..

[16]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[17]  Michael K. Reiter,et al.  A high-throughput secure reliable multicast protocol , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[18]  Nickolai Zeldovich,et al.  Vuvuzela: scalable private messaging resistant to traffic analysis , 2015, SOSP.

[19]  Annette Bieniusa,et al.  Cure: Strong Semantics Meets High Availability and Low Latency , 2016, 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS).

[20]  Piotr Berman,et al.  Towards optimal distributed consensus , 1989, 30th Annual Symposium on Foundations of Computer Science.

[21]  Jared Saia,et al.  Scalable byzantine computation , 2010, SIGA.

[22]  Marc Shapiro,et al.  Conflict-Free Replicated Data Types , 2011, SSS.

[23]  C. Lemahieu,et al.  Nano : A Feeless Distributed Cryptocurrency Network , 2018 .

[24]  Michael K. Reiter,et al.  Secure agreement protocols: reliable and atomic group multicast in rampart , 1994, CCS '94.

[25]  Benny Pinkas,et al.  SBFT: a Scalable Decentralized Trust Infrastructure for Blockchains , 2018, ArXiv.

[26]  Rachid Guerraoui,et al.  State Machine Replication Is More Expensive Than Consensus , 2018, DISC.

[27]  Haibin Zhang,et al.  BEAT: Asynchronous BFT Made Practical , 2018, CCS.

[28]  Marko Vukolic,et al.  Blockchain Consensus Protocols in the Wild , 2017, DISC.

[29]  David A. Pike,et al.  A NOTE ON THRESHOLDS AND CONNECTIVITY IN RANDOM DIRECTED GRAPHS , 2008 .

[30]  Ramakrishna Kotla,et al.  Revisiting Fast Practical Byzantine Fault Tolerance , 2017, ArXiv.

[31]  Dahlia Malkhi,et al.  Secure reliable multicast protocols in a WAN , 2000, Distributed Computing.

[32]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[33]  Marko Vukolic,et al.  Hyperledger fabric: a distributed operating system for permissioned blockchains , 2018, EuroSys.

[34]  Colin J. Fidge,et al.  Timestamps in Message-Passing Systems That Preserve the Partial Ordering , 1988 .

[35]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[36]  Marko Vukolic,et al.  The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication , 2015, iNetSeC.

[37]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[38]  Philipp Jovanovic,et al.  OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[39]  Emin Gün Sirer,et al.  Bitcoin-NG: A Scalable Blockchain Protocol , 2015, NSDI.

[40]  Dan Alistarh,et al.  Communication-efficient randomized consensus , 2017, Distributed Computing.

[41]  Sam Toueg,et al.  Some Results on the Impossibility, Universality, and Decidability of Consensus , 1992, WDAG.

[42]  Alysson Bessani,et al.  A Byzantine Fault-Tolerant Ordering Service for the Hyperledger Fabric Blockchain Platform , 2017, 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[43]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[44]  Kartik Nayak,et al.  Solida: A Blockchain Protocol Based on Reconfigurable Byzantine Consensus , 2016, OPODIS.

[45]  Lorenzo Alvisi,et al.  I Can't Believe It's Not Causal! Scalable Causal Consistency with No Slowdown Cascades , 2017, NSDI.

[46]  David Mazières The Stellar Consensus Protocol : A Federated Model for Internet-level Consensus , 2015 .

[47]  Nick Szabo,et al.  Formalizing and Securing Relationships on Public Networks , 1997, First Monday.

[48]  Michael Dahlin,et al.  Making Byzantine Fault Tolerant Systems Tolerate Byzantine Faults , 2009, NSDI.

[49]  Maurice Herlihy,et al.  Clairvoyant State Machine Replications , 2018, SSS.

[50]  Ali Ghodsi,et al.  The potential dangers of causal consistency and an explicit solution , 2012, SoCC '12.

[51]  R. Guerraoui,et al.  Blockchain Protocols : The Adversary is in the Details , 2018 .

[52]  Aviv Zohar,et al.  Accelerating Bitcoin's Transaction Processing. Fast Money Grows on Trees, Not Chains , 2013, IACR Cryptol. ePrint Arch..

[53]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[54]  Elaine Shi,et al.  Hybrid Consensus: Efficient Consensus in the Permissionless Model , 2016, DISC.

[55]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[56]  Hagit Attiya,et al.  Sequential consistency versus linearizability , 1994, TOCS.

[57]  Maurice Herlihy,et al.  Wait-free synchronization , 1991, TOPL.

[58]  Alysson Neves Bessani,et al.  State Machine Replication for the Masses with BFT-SMART , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.