Don't Mine, Wait in Line: Fair and Efficient Blockchain Consensus with Robust Round Robin

Proof-of-Stake systems randomly choose, on each round, one of the participants as a consensus leader that extends the chain with the next block such that the selection probability is proportional to the owned stake. However, distributed random number generation is notoriously difficult. Systems that derive randomness from the previous blocks are completely insecure; solutions that provide secure random selection are inefficient due to their high communication complexity; and approaches that balance security and performance exhibit selection bias. When block creation is rewarded with new stake, even a minor bias can have a severe cumulative effect. In this paper, we propose Robust Round Robin, a new consensus scheme that addresses this selection problem. We create reliable long-term identities by bootstrapping from an existing infrastructure, such as Intel's SGX processors, or by mining them starting from an initial fair distribution. For leader selection we use a deterministic approach. On each round, we select a set of the previously created identities as consensus leader candidates in round robin manner. Because simple round-robin alone is vulnerable to attacks and offers poor liveness, we complement such deterministic selection policy with a lightweight endorsement mechanism that is an interactive protocol between the leader candidates and a small subset of other system participants. Our solution has low good efficiency as it requires no expensive distributed randomness generation and it provides block creation fairness which is crucial in deployments that reward it with new stake.

[1]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[2]  Silvio Micali,et al.  Verifiable random functions , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[3]  Stefan Savage,et al.  A fistful of bitcoins: characterizing payments among men with no names , 2013, Internet Measurement Conference.

[4]  Aggelos Kiayias,et al.  Ouroboros Praos: An Adaptively-Secure, Semi-synchronous Proof-of-Stake Blockchain , 2018, EUROCRYPT.

[5]  Victor Shoup,et al.  Secure and Efficient Asynchronous Broadcast Protocols , 2001, CRYPTO.

[6]  Christian Decker,et al.  Bitcoin meets strong consistency , 2014, ICDCN.

[7]  Alex Biryukov,et al.  Deanonymisation of Clients in Bitcoin P2P Network , 2014, CCS.

[8]  Christian Decker,et al.  Information propagation in the Bitcoin network , 2013, IEEE P2P 2013 Proceedings.

[9]  Ghassan O. Karame,et al.  PoTS: A Secure Proof of TEE-Stake for Permissionless Blockchains , 2022, IEEE Transactions on Services Computing.

[10]  Michael J. Fischer,et al.  Scalable Bias-Resistant Distributed Randomness , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[11]  Srdjan Capkun,et al.  Software Grand Exposure: SGX Cache Attacks Are Practical , 2017, WOOT.

[12]  Mariana Raykova,et al.  RapidChain: Scaling Blockchain via Full Sharding , 2018, CCS.

[13]  Dominic Williams,et al.  DFINITY Technology Overview Series, Consensus System , 2018, ArXiv.

[14]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[15]  George Danezis,et al.  Consensus in the Age of Blockchains , 2017, ArXiv.

[16]  Silvio Micali,et al.  ALGORAND: The Efficient and Democratic Ledger , 2016, ArXiv.

[17]  Stefan Mangard,et al.  Malware Guard Extension: Using SGX to Conceal Cache Attacks , 2017, DIMVA.

[18]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[19]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[20]  Prateek Saxena,et al.  A Secure Sharding Protocol For Open Blockchains , 2016, CCS.

[21]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[22]  Kartik Nayak,et al.  Solidus: An Incentive-compatible Cryptocurrency Based on Permissionless Byzantine Consensus , 2016, ArXiv.

[23]  Warren He,et al.  Proof of Luck: an Efficient Blockchain Consensus Protocol , 2016, SysTEX@Middleware.

[24]  Sunny King,et al.  PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake , 2012 .

[25]  Moni Naor,et al.  NSEC5 from Elliptic Curves: Provably Preventing DNSSEC Zone Enumeration with Shorter Responses , 2016, IACR Cryptol. ePrint Arch..

[26]  Fan Zhang,et al.  REM: Resource-Efficient Mining for Blockchains , 2017, IACR Cryptol. ePrint Arch..

[27]  Bryan Ford,et al.  OmniLedger: A Secure, Scale-Out, Decentralized Ledger , 2017, IACR Cryptol. ePrint Arch..

[28]  Thomas F. Wenisch,et al.  Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution , 2018, USENIX Security Symposium.

[29]  Yuan Xiao,et al.  SgxPectre Attacks: Leaking Enclave Secrets via Speculative Execution , 2018, ArXiv.