PAC: Practical Accountability for CCF

Permissioned ledger systems execute transactions on a set of replicas governed by members of a consortium. They use Byzantine fault tolerance protocols to distribute trust among the replicas, and thus can ensure linearizability if fewer than 1/3 of the replicas misbehave. With more misbehaving replicas, current systems provide no guarantees, and all replicas and members share the blame. We describe PAC, a permissioned ledger system that assigns blame to misbehaving replicas while supporting governance transactions to change the consortium membership and the set of replicas. PAC signs and stores protocol messages in the ledger and provides clients with signed, universallyverifiable receipts as evidence that a transaction executed at a certain ledger position. If clients obtain a sequence of receipts that violate linearizability, anyone can audit the ledger and the sequence of receipts to assign blame to at least 1/3 of the replicas, even if all replicas and members misbehave. Auditing assigns blame by finding contradictory statements signed by the same replica. Since the set of replicas changes, PAC determines the valid signing keys at any point in the ledger using a shorter sub-ledger of governance transactions. PAC provides a strong disincentive to misbehavior at low cost: it can execute more than 48,000 transactions per second, and clients receive receipts in two network round trips.

[1]  Vincent Gramoli,et al.  Polygraph: Accountable Byzantine Agreement , 2021, 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS).

[2]  Kartik Nayak,et al.  BFT Protocol Forensics , 2020, CCS.

[3]  Srinath T. V. Setty,et al.  Byzantine Ordered Consensus without Byzantine Oligarchy , 2020, IACR Cryptol. ePrint Arch..

[4]  Vincent Gramoli,et al.  Blockchain Is Dead, Long Live Blockchain! Accountable State Machine Replication for Longlasting Blockchain , 2020, ArXiv.

[5]  Takuya Nakaike,et al.  Hyperledger Fabric Performance Characterization and Optimization Using GoLevelDB Benchmark , 2020, 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC).

[6]  Nikhil Swamy,et al.  EverCrypt: A Fast, Verified, Cross-Platform Cryptographic Provider , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[7]  Henrique Moniz,et al.  The Istanbul BFT Consensus Algorithm , 2020, ArXiv.

[8]  Henrique S. Malvar,et al.  MULTI-STAKEHOLDER MEDIA PROVENANCE MANAGEMENT TO COUNTER SYNTHETIC MEDIA RISKS IN NEWS PUBLISHING , 2020 .

[9]  David Hyland-Wood,et al.  IBFT 2.0: A Safe and Live Variation of the IBFT Blockchain Consensus Protocol for Eventually Synchronous Networks , 2019, ArXiv.

[10]  C. Stathakopoulou,et al.  Mir-BFT: High-Throughput BFT for Blockchains , 2019, ArXiv.

[11]  Kartik Nayak,et al.  CCF: A Framework for Building Confidential Verifiable Replicated Services , 2019 .

[12]  Benny Pinkas,et al.  SBFT: A Scalable and Decentralized Trust Infrastructure , 2018, 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[13]  A. Sonnino,et al.  State Machine Replication in the Libra Blockchain , 2019 .

[14]  Timothy A. K. Zakian,et al.  The Libra Blockchain , 2019 .

[15]  Michel Raynal,et al.  DBFT: Efficient Leaderless Byzantine Consensus and its Application to Blockchains , 2018, 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA).

[16]  Ronen Tamari,et al.  A Fair Consensus Protocol for Transaction Ordering , 2018, 2018 IEEE 26th International Conference on Network Protocols (ICNP).

[17]  Ittai Abraham,et al.  HotStuff: BFT Consensus in the Lens of Blockchain , 2018, 1803.05069.

[18]  Marko Vukolic,et al.  Hyperledger fabric: a distributed operating system for permissioned blockchains , 2018, EuroSys.

[19]  Vitalik Buterin,et al.  Casper the Friendly Finality Gadget , 2017, ArXiv.

[20]  Elaine Shi,et al.  The Honey Badger of BFT Protocols , 2016, CCS.

[21]  Maurice Herlihy,et al.  Blockchains and the Logic of Accountability: Keynote Address , 2016, LICS.

[22]  Ethan Buchman,et al.  Tendermint: Byzantine Fault Tolerance in the Age of Blockchains , 2016 .

[23]  Bryan Ford,et al.  Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing , 2016, USENIX Security Symposium.

[24]  Alysson Neves Bessani,et al.  State Machine Replication for the Masses with BFT-SMART , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[25]  John K. Ousterhout,et al.  In Search of an Understandable Consensus Algorithm , 2014, USENIX Annual Technical Conference.

[26]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[27]  Andreas Haeberlen,et al.  Secure network provenance , 2011, SOSP.

[28]  Andreas Haeberlen,et al.  Accountable Virtual Machines , 2010, OSDI.

[29]  Ramakrishna Kotla,et al.  Zyzzyva , 2007, SOSP.

[30]  Srinath T. V. Setty,et al.  Depot : Cloud storage with minimal trust ( extended version ) ∗ , 2010 .

[31]  Edmund L. Wong,et al.  BFT: the time is now , 2008, LADIS '08.

[32]  Alan Fekete,et al.  The Cost of Serializability on Platforms That Use Snapshot Isolation , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[33]  Andreas Haeberlen,et al.  PeerReview: practical accountability for distributed systems , 2007, SOSP.

[34]  David Mazières,et al.  Beyond One-Third Faulty Replicas in Byzantine Fault Tolerant Systems , 2007, NSDI.

[35]  Michael Dahlin,et al.  BAR fault tolerance for cooperative services , 2005, SOSP '05.

[36]  Jeffrey S. Chase,et al.  The role of accountability in dependable distributed systems , 2005 .

[37]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[38]  Miguel Castro,et al.  Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.

[39]  Miguel Castro,et al.  A Correctness Proof for a Practical Byzantine-Fault-Tolerant Replication Algorithm , 1999 .

[40]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[41]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[42]  李念祖,et al.  American Bar Association , 1988, Journal of International Arbitration.

[43]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[44]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.