PiLi : A Simple , Fast , and Robust Family of Blockchain Protocols ∗

In every epoch, an eligible proposer proposes a next block extending from the freshest notarized chain it has seen. Everyone votes on the first proposal heard if 1) the proposed block extends from a parent block that is not too “stale”, and 2) no conflicting notarizations have been observed in the recent past. When a block collects majority votes, it becomes notarized but not yet final. If a notarized chain ends at 13 consecutive epochs the trailing 8 blocks and the prefix is final. If a block of the present epoch collects 3/4 fraction (and not just majority) votes, a node may advance to the next epoch immediately. Otherwise a node sends a timeout message when an epoch exipres and advances to the next epoch when majority timeout messages have been heard. This very simple protocol can achieve the following properties where n denotes the total number of nodes: 1) during a period in which 3n/4 honest nodes remain online, we can confirm transactions at raw network speed (i.e., asynchronously) as soon as we rotate to an honest and online proposer; 2) if more than n/2 of honest nodes have online presence for sufficiently long (w.r.t. the protocol’s confirmation delay), transactions get confirmed in expected constant number of synchronous rounds; and 3) we guarantee consistency for all honest nodes — including those who might have unstable network connections and drop offline every now and then — as long as at any point of time the total number of offline and corrupt nodes is less than n/2. In this sense, our protocol is strictly more robust than classical, synchronous honest-majority consensus.

[1]  Ittai Abraham,et al.  Hot-Stuff the Linear, Optimal-Resilience, One-Message BFT Devil , 2018, ArXiv.

[2]  Elaine Shi,et al.  Synchronous, with a Chance of Partition Tolerance , 2019, IACR Cryptol. ePrint Arch..

[3]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[4]  Kartik Nayak,et al.  Efficient Synchronous Byzantine Consensus , 2017, 1704.02397.

[5]  Elaine Shi,et al.  PaLa: A Simple Partially Synchronous Blockchain , 2018, IACR Cryptol. ePrint Arch..

[6]  Elaine Shi,et al.  Snow White: Provably Secure Proofs of Stake , 2016, IACR Cryptol. ePrint Arch..

[7]  Tal Moran,et al.  Combining Asynchronous and Synchronous Byzantine Agreement: The Best of Both Worlds , 2018, IACR Cryptol. ePrint Arch..

[8]  Abhi Shelat,et al.  Analysis of the Blockchain Protocol in Asynchronous Networks , 2017, EUROCRYPT.

[9]  Elaine Shi,et al.  Thunderella: Blockchains with Optimistic Instant Confirmation , 2018, IACR Cryptol. ePrint Arch..

[10]  Silvio Micali,et al.  Optimal and Player-Replaceable Consensus with an Honest Majority , 2017 .

[11]  Victor Shoup,et al.  Secure and Efficient Asynchronous Broadcast Protocols , 2001, CRYPTO.

[12]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[13]  Elaine Shi,et al.  Rethinking Large-Scale Consensus , 2017, 2017 IEEE 30th Computer Security Foundations Symposium (CSF).

[14]  Elaine Shi,et al.  The Honey Badger of BFT Protocols , 2016, CCS.

[15]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[16]  Silvio Micali,et al.  ALGORAND: The Efficient and Democratic Ledger , 2016, ArXiv.

[17]  Leslie Lamport,et al.  The part-time parliament , 1998, TOCS.

[18]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[19]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[20]  Amit Sahai,et al.  Secure MPC: Laziness Leads to GOD , 2018, IACR Cryptol. ePrint Arch..

[21]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[22]  Elaine Shi,et al.  FruitChains: A Fair Blockchain , 2017, IACR Cryptol. ePrint Arch..