Consensus in the Age of Blockchains

The blockchain initially gained traction in 2008 as the technology underlying bitcoin, but now has been employed in a diverse range of applications and created a global market worth over $150B as of 2017. What distinguishes blockchains from traditional distributed databases is the ability to operate in a decentralized setting without relying on a trusted third party. As such their core technical component is consensus: how to reach agreement among a group of nodes. This has been extensively studied already in the distributed systems community for closed systems, but its application to open blockchains has revitalized the field and led to a plethora of new designs. The inherent complexity of consensus protocols and their rapid and dramatic evolution makes it hard to contextualize the design landscape. We address this challenge by conducting a systematic and comprehensive study of blockchain consensus protocols. After first discussing key themes in classical consensus protocols, we describe: first protocols based on proof-of-work (PoW), second proof-of-X (PoX) protocols that replace PoW with more energy-efficient alternatives, and third hybrid protocols that are compositions or variations of classical consensus protocols. We develop a framework to evaluate their performance, security and design properties, and use it to systematize key themes in the protocol categories described above. This evaluation leads us to identify research gaps and challenges for the community to consider in future research endeavours.

[1]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[2]  Flavio Paiva Junqueira,et al.  Zab: High-performance broadcast for primary-backup systems , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN).

[3]  Jason Teutsch,et al.  SmartPool: Practical Decentralized Pooled Mining , 2017, USENIX Security Symposium.

[4]  Aviv Zohar,et al.  Accelerating Bitcoin's Transaction Processing. Fast Money Grows on Trees, Not Chains , 2013, IACR Cryptol. ePrint Arch..

[5]  Marko Vukolic,et al.  Eventually Returning to Strong Consistency , 2016, IEEE Data Eng. Bull..

[6]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[7]  Barbara Liskov,et al.  Viewstamped Replication: A New Primary Copy Method to Support Highly-Available Distributed Systems , 1999, PODC '88.

[8]  Ariel Gabizon,et al.  Cryptocurrencies Without Proof of Work , 2014, Financial Cryptography Workshops.

[9]  Rachid Guerraoui,et al.  Introduction to Reliable and Secure Distributed Programming , 2011 .

[10]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[11]  Elaine Shi,et al.  Permacoin: Repurposing Bitcoin Work for Data Preservation , 2014, 2014 IEEE Symposium on Security and Privacy.

[12]  DR. Gavin Wood POLKADOT: VISION FOR A HETEROGENEOUS MULTI-CHAIN FRAMEWORK , 2016 .

[13]  George Danezis,et al.  Chainspace: A Sharded Smart Contracts Platform , 2017, NDSS.

[14]  Aviv Zohar,et al.  Optimal Selfish Mining Strategies in Bitcoin , 2015, Financial Cryptography.

[15]  David Mazières The Stellar Consensus Protocol : A Federated Model for Internet-level Consensus , 2015 .

[16]  Aviv Zohar Securing and scaling cryptocurrencies , 2017, IJCAI.

[17]  Ueli Maurer,et al.  Rational Protocol Design: Cryptography against Incentive-Driven Adversaries , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[18]  George Danezis,et al.  Centrally Banked Cryptocurrencies , 2015, NDSS.

[19]  Elaine Shi,et al.  Snow White: Provably Secure Proofs of Stake , 2016, IACR Cryptol. ePrint Arch..

[20]  John K. Ousterhout,et al.  In Search of an Understandable Consensus Algorithm , 2014, USENIX Annual Technical Conference.

[21]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[22]  Christian Decker,et al.  Information propagation in the Bitcoin network , 2013, IEEE P2P 2013 Proceedings.

[23]  Sergio Demian Lerner,et al.  DECOR + HOP : A Scalable Blockchain Protocol , 2015 .

[24]  Jeremy Clark,et al.  Bitcoin's academic pedigree , 2017, Commun. ACM.

[25]  Michael Dahlin,et al.  BAR fault tolerance for cooperative services , 2005, SOSP '05.

[26]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[27]  Michael J. Fischer,et al.  Scalable Bias-Resistant Distributed Randomness , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[28]  Bryan Ford,et al.  Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing , 2016, USENIX Security Symposium.

[29]  Silvio Micali,et al.  Algorand: Scaling Byzantine Agreements for Cryptocurrencies , 2017, IACR Cryptol. ePrint Arch..

[30]  Emin Gün Sirer,et al.  Service-Oriented Sharding with Aspen , 2016, ArXiv.

[31]  David Wolinsky,et al.  Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning , 2015, 2016 IEEE Symposium on Security and Privacy (SP).

[32]  Christian Cachin,et al.  Architecture of the Hyperledger Blockchain Fabric , 2016 .

[33]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[34]  Candelaria Hernández-Goya,et al.  A rational approach to cryptographic protocols , 2007, Math. Comput. Model..

[35]  Marko Vukolic,et al.  Non-determinism in Byzantine Fault-Tolerant Replication , 2016, OPODIS.

[36]  Alysson Neves Bessani,et al.  Elastic State Machine Replication , 2017, IEEE Transactions on Parallel and Distributed Systems.

[37]  Georg Fuchsbauer,et al.  SpaceMint: A Cryptocurrency Based on Proofs of Space , 2018, ERCIM News.

[38]  David Schwartz,et al.  The Ripple Protocol Consensus Algorithm , 2014 .

[39]  Elaine Shi,et al.  The Honey Badger of BFT Protocols , 2016, CCS.

[40]  Kartik Nayak,et al.  Solidus: An Incentive-compatible Cryptocurrency Based on Permissionless Byzantine Consensus , 2016, ArXiv.

[41]  Elaine Shi,et al.  Hybrid Consensus: Efficient Consensus in the Permissionless Model , 2016, DISC.

[42]  Ittay Eyal,et al.  The Miner's Dilemma , 2014, 2015 IEEE Symposium on Security and Privacy.

[43]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[44]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[45]  Jason Teutsch,et al.  Demystifying Incentives in the Consensus Computer , 2015, CCS.

[46]  Ivan Beschastnikh,et al.  Scalable consistency in Scatter , 2011, SOSP.

[47]  Joshua A. Kroll,et al.  The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries , 2013 .

[48]  T. Maugh Why buy when you can rent? , 1984, Science.

[49]  Leslie Lamport,et al.  Consensus on transaction commit , 2004, TODS.

[50]  Elaine Shi,et al.  Nonoutsourceable Scratch-Off Puzzles to Discourage Bitcoin Mining Coalitions , 2015, CCS.

[51]  Jim Gray,et al.  Notes on Data Base Operating Systems , 1978, Advanced Course: Operating Systems.

[52]  Leslie Lamport,et al.  The part-time parliament , 1998, TOCS.

[53]  Moshe Babaioff,et al.  On Bitcoin and red balloons , 2011, SECO.

[54]  Fernando Pedone,et al.  Dynamic Scalable State Machine Replication , 2016, 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[55]  Prateek Saxena,et al.  A Secure Sharding Protocol For Open Blockchains , 2016, CCS.

[56]  George Danezis,et al.  The Road to Scalable Blockchain Designs , 2017, Login: The Usenix Magazine.

[57]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[58]  Johan A. Pouwelse,et al.  Implicit Consensus: Blockchain with Unbounded Throughput , 2017, ArXiv.

[59]  Jens Groth,et al.  Short Pairing-Based Non-interactive Zero-Knowledge Arguments , 2010, ASIACRYPT.

[60]  Nikita Borisov,et al.  SmartCast: An Incentive Compatible Consensus Protocol Using Smart Contracts , 2017, Financial Cryptography Workshops.

[61]  Jae Kwon,et al.  Tendermint : Consensus without Mining , 2014 .

[62]  Kartik Nayak,et al.  Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[63]  Alysson Neves Bessani,et al.  State Machine Replication for the Masses with BFT-SMART , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[64]  Alexander Chepurnoy Interactive Proof-of-stake , 2016, ArXiv.

[65]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[66]  Mahadev Konar,et al.  ZooKeeper: Wait-free Coordination for Internet-scale Systems , 2010, USENIX Annual Technical Conference.

[67]  Justin Cappos,et al.  CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds , 2017, USENIX Security Symposium.

[68]  Iddo Bentov,et al.  Proof of Activity: Extending Bitcoin's Proof of Work via Proof of Stake [Extended Abstract]y , 2014, PERV.

[69]  Marko Vukolic,et al.  Blockchain Consensus Protocols in the Wild , 2017, DISC.

[70]  Marko Vukolic,et al.  The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication , 2015, iNetSeC.

[71]  Victor Shoup,et al.  Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography , 2000, Journal of Cryptology.

[72]  Kartik Nayak,et al.  Practical Synchronous Byzantine Consensus , 2017, IACR Cryptol. ePrint Arch..

[73]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[74]  Emin Gün Sirer,et al.  Bitcoin-NG: A Scalable Blockchain Protocol , 2015, NSDI.

[75]  Elaine Shi,et al.  FruitChains: A Fair Blockchain , 2017, IACR Cryptol. ePrint Arch..

[76]  Bart Preneel,et al.  Publish or Perish: A Backward-Compatible Defense Against Selfish Mining in Bitcoin , 2017, CT-RSA.

[77]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[78]  Aggelos Kiayias,et al.  Ouroboros Praos: An adaptively-secure, semi-synchronous proof-of-stake protocol , 2017, IACR Cryptol. ePrint Arch..

[79]  D. He,et al.  Fintech and Financial Services , 2017 .

[80]  Christopher Frost,et al.  Spanner: Google's Globally-Distributed Database , 2012, OSDI.

[81]  Bryan Ford,et al.  OmniLedger: A Secure, Scale-Out, Decentralized Ledger , 2017, IACR Cryptol. ePrint Arch..

[82]  Marko Vukolic,et al.  XFT: Practical Fault Tolerance beyond Crashes , 2015, OSDI.

[83]  Joseph Bonneau,et al.  Why Buy When You Can Rent? - Bribery Attacks on Bitcoin-Style Consensus , 2016, Financial Cryptography Workshops.

[84]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[85]  Ghassan O. Karame,et al.  Towards Scalable and Private Industrial Blockchains , 2017, SEMA SIMAI Springer Series.

[86]  Fan Zhang,et al.  REM: Resource-Efficient Mining for Blockchains , 2017, IACR Cryptol. ePrint Arch..

[87]  B. Laurie An Efficient Distributed Currency , 2011 .

[88]  Christian Decker,et al.  Bitcoin meets strong consistency , 2014, ICDCN.

[89]  Marko Vukolić,et al.  Rethinking Permissioned Blockchains , 2017 .

[90]  S. Matthew Weinberg,et al.  On the Instability of Bitcoin Without the Block Reward , 2016, CCS.

[91]  Dale Skeen,et al.  Nonblocking commit protocols , 1981, SIGMOD '81.

[92]  Iddo Bentov,et al.  Tortoise and Hares Consensus: the Meshcash Framework for Incentive-Compatible, Scalable Cryptocurrencies , 2017, IACR Cryptol. ePrint Arch..

[93]  Christian Scheideler,et al.  Robust random number generation for peer-to-peer systems , 2006, Theor. Comput. Sci..

[94]  Yacov Manevich,et al.  Scalable communication middleware for permissioned distributed ledgers , 2017, SYSTOR.

[95]  Ethan Buchman,et al.  Tendermint: Byzantine Fault Tolerance in the Age of Blockchains , 2016 .

[96]  Beng Chin Ooi,et al.  BLOCKBENCH: A Framework for Analyzing Private Blockchains , 2017, SIGMOD Conference.

[97]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[98]  Sooyong Park,et al.  Where Is Current Research on Blockchain Technology?—A Systematic Review , 2016, PloS one.

[99]  Yoad Lewenberg,et al.  SPECTRE: A Fast and Scalable Cryptocurrency Protocol , 2016, IACR Cryptol. ePrint Arch..