Towards Rational Consensus in Honest Majority
2405.07557
0
0
📈
Abstract
Distributed consensus protocols reach agreement among $n$ players in the presence of $f$ adversaries; different protocols support different values of $f$. Existing works study this problem for different adversary types (captured by threat models). There are three primary threat models: (i) Crash fault tolerance (CFT), (ii) Byzantine fault tolerance (BFT), and (iii) Rational fault tolerance (RFT), each more general than the previous. Agreement in repeated rounds on both (1) the proposed value in each round and (2) the ordering among agreed-upon values across multiple rounds is called Atomic BroadCast (ABC). ABC is more generalized than consensus and is employed in blockchains. This work studies ABC under the RFT threat model. We consider $t$ byzantine and $k$ rational adversaries among $n$ players. We also study different types of rational players based on their utility towards (1) liveness attack, (2) censorship or (3) disagreement (forking attack). We study the problem of ABC under this general threat model in partially-synchronous networks. We show (1) ABC is impossible for $n/3< (t+k) <n/2$ if rational players prefer liveness or censorship attacks and (2) the consensus protocol proposed by Ranchal-Pedrosa and Gramoli cannot be generalized to solve ABC due to insecure Nash equilibrium (resulting in disagreement). For ABC in partially synchronous network settings, we propose a novel protocol textsf{pRFT}(practical Rational Fault Tolerance). We show textsf{pRFT} achieves ABC if (a) rational players prefer only disagreement attacks and (b) $t < frac{n}{4}$ and $(t + k) < frac{n}{2}$. In textsf{pRFT}, we incorporate accountability (capturing deviating players) within the protocol by leveraging honest players. We also show that the message complexity of textsf{pRFT} is at par with the best consensus protocols that guarantee accountability.
Create account to get full access
Overview
- Distributed consensus protocols allow a group of players to reach agreement, even in the presence of adversaries.
- There are three main threat models: Crash Fault Tolerance (CFT), Byzantine Fault Tolerance (BFT), and Rational Fault Tolerance (RFT), with RFT being the most general.
- Atomic Broadcast (ABC) is a more generalized form of consensus that ensures agreement on both the proposed values and their ordering across multiple rounds, and is used in blockchains.
- This work studies ABC under the RFT threat model, considering Byzantine and rational adversaries with different motivations.
Plain English Explanation
Distributed consensus protocols are algorithms that allow a group of computers or "players" to reach an agreement, even if some of the players are trying to disrupt the process. The three main types of threat models are:
- Crash Fault Tolerance (CFT): Players may suddenly stop participating, but they won't try to actively sabotage the process.
- Byzantine Fault Tolerance (BFT): Players may behave in completely unpredictable and malicious ways, trying to undermine the agreement.
- Rational Fault Tolerance (RFT): Players are "rational," meaning they have specific goals and will try to achieve them, but they won't necessarily be outright malicious.
Atomic Broadcast (ABC) is a more advanced form of consensus that not only agrees on the proposed values in each round, but also ensures that the agreed-upon values are consistently ordered across multiple rounds. This is important for applications like blockchains.
This research paper focuses on studying ABC under the RFT threat model, where some players may be Byzantine and others may be "rational" players with specific goals, like trying to disrupt the process (a "forking attack") or censor certain information.
Technical Explanation
The paper considers a scenario with $n$ players, $t$ of whom are Byzantine adversaries and $k$ are rational adversaries. It investigates different types of rational players based on their goals: (1) liveness attack, (2) censorship, or (3) disagreement (forking attack).
The researchers show that ABC is impossible if $n/3 < (t+k) < n/2$ and rational players prefer liveness or censorship attacks. They also find that the consensus protocol proposed by Ranchal-Pedrosa and Gramoli cannot be generalized to solve ABC due to an insecure Nash equilibrium that leads to disagreement.
To address this, the paper proposes a new protocol called pRFT (practical Rational Fault Tolerance) for ABC in partially synchronous network settings. The researchers show that pRFT achieves ABC if (a) rational players prefer only disagreement attacks and (b) $t < n/4$ and $(t + k) < n/2$.
In pRFT, the researchers incorporate accountability (identifying deviating players) within the protocol by leveraging honest players. They also show that the message complexity of pRFT is comparable to the best consensus protocols that guarantee accountability, such as the work by Yin et al. and the work by Buchman et al..
Critical Analysis
The paper provides a comprehensive study of Atomic Broadcast (ABC) under the Rational Fault Tolerance (RFT) threat model, which is an important and generalized setting for distributed consensus protocols. The researchers have carefully considered different types of rational adversaries and their motivations, and have proposed a novel protocol (pRFT) that addresses the identified limitations of existing approaches.
One potential limitation of the research is that the proposed pRFT protocol still has some restrictions on the number of adversaries (e.g., $t < n/4$ and $(t + k) < n/2$) in order to achieve ABC. It would be interesting to see if these bounds can be further relaxed or if the protocol can be adapted to work in a wider range of settings.
Additionally, the paper does not provide a detailed analysis of the practical implications and real-world applicability of the pRFT protocol. It would be helpful to understand the performance characteristics, implementation challenges, and potential use cases of this protocol in the context of blockchain and other distributed systems.
Overall, this research represents a significant contribution to the field of distributed consensus, and the proposed pRFT protocol could be a valuable tool for building secure and reliable distributed systems in the presence of rational and Byzantine adversaries.
Conclusion
This paper presents a comprehensive study of Atomic Broadcast (ABC) under the Rational Fault Tolerance (RFT) threat model, which is a more general and realistic setting than the traditional Crash Fault Tolerance (CFT) and Byzantine Fault Tolerance (BFT) models. The researchers have identified key limitations of existing approaches and proposed a novel protocol called pRFT that can achieve ABC in partially synchronous network settings with rational and Byzantine adversaries.
The pRFT protocol incorporates accountability mechanisms to detect and penalize deviating players, and its message complexity is comparable to the best consensus protocols with accountability guarantees. This work advances the state of the art in distributed consensus and could have significant implications for the design and implementation of secure and reliable distributed systems, particularly in the context of blockchain technologies.
This summary was produced with help from an AI and may contain inaccuracies - check out the links to read the original source documents!
Related Papers
Probabilistic Byzantine Fault Tolerance (Extended Version)
Diogo Avel~as, Hasan Heydari, Eduardo Alchieri, Tobias Distler, Alysson Bessani
0
0
Consensus is a fundamental building block for constructing reliable and fault-tolerant distributed services. Many Byzantine fault-tolerant consensus protocols designed for partially synchronous systems adopt a pessimistic approach when dealing with adversaries, ensuring safety in a deterministic way even under the worst-case scenarios that adversaries can create. Following this approach typically results in either an increase in the message complexity (e.g., PBFT) or an increase in the number of communication steps (e.g., HotStuff). In practice, however, adversaries are not as powerful as the ones assumed by these protocols. Furthermore, it might suffice to ensure safety and liveness properties with high probability. In order to accommodate more realistic and optimistic adversaries and improve the scalability of the BFT consensus, we propose ProBFT (Probabilistic Byzantine Fault Tolerance). ProBFT is a leader-based probabilistic consensus protocol with a message complexity of $O(nsqrt{n})$ and an optimal number of communication steps that tolerates Byzantine faults in permissioned partially synchronous systems. It is built on top of well-known primitives, such as probabilistic Byzantine quorums and verifiable random functions. ProBFT guarantees safety and liveness with high probabilities even with faulty leaders, as long as a supermajority of replicas is correct, and using only a fraction of messages employed in PBFT (e.g., $20%$). We provide a detailed description of ProBFT's protocol and its analysis.
6/12/2024
⚙️
CFT-Forensics: High-Performance Byzantine Accountability for Crash Fault Tolerant Protocols
Weizhao Tang, Peiyao Sheng, Ronghao Ni, Pronoy Roy, Xuechao Wang, Giulia Fanti, Pramod Viswanath
0
0
Crash fault tolerant (CFT) consensus algorithms are commonly used in scenarios where system components are trusted -- e.g., enterprise settings and government infrastructure. However, CFT consensus can be broken by even a single corrupt node. A desirable property in the face of such potential Byzantine faults is emph{accountability}: if a corrupt node breaks protocol and affects consensus safety, it should be possible to identify the culpable components with cryptographic integrity from the node states. Today, the best-known protocol for providing accountability to CFT protocols is called PeerReview; it essentially records a signed transcript of all messages sent during the CFT protocol. Because PeerReview is agnostic to the underlying CFT protocol, it incurs high communication and storage overhead. We propose CFT-Forensics, an accountability framework for CFT protocols. We show that for a special family of emph{forensics-compliant} CFT protocols (which includes widely-used CFT protocols like Raft and multi-Paxos), CFT-Forensics gives provable accountability guarantees. Under realistic deployment settings, we show theoretically that CFT-Forensics operates at a fraction of the cost of PeerReview. We subsequently instantiate CFT-Forensics for Raft, and implement Raft-Forensics as an extension to the popular nuRaft library. In extensive experiments, we demonstrate that Raft-Forensics adds low overhead to vanilla Raft. With 256 byte messages, Raft-Forensics achieves a peak throughput 87.8% of vanilla Raft at 46% higher latency ($+44$ ms). We finally integrate Raft-Forensics into the open-source central bank digital currency OpenCBDC, and show that in wide-area network experiments, Raft-Forensics achieves 97.8% of the throughput of Raft, with 14.5% higher latency ($+326$ ms).
6/4/2024
🛠️
Nearly-Optimal Consensus Tolerating Adaptive Omissions: Why is a Lot of Randomness is Needed?
Mohammad T. Hajiaghayi, Dariusz R. Kowalski, Jan Olkowski
0
0
We study the problem of reaching agreement in a synchronous distributed system by $n$ autonomous parties, when the communication links from/to faulty parties can omit messages. The faulty parties are selected and controlled by an adaptive, full-information, computationally unbounded adversary. We design a randomized algorithm that works in $O(sqrt{n}log^2 n)$ rounds and sends $O(n^2log^3 n)$ communication bits, where the number of faulty parties is $Theta(n)$. Our result is simultaneously tight for both these measures within polylogarithmic factors: due to the $Omega(n^2)$ lower bound on communication by Abraham et al. (PODC'19) and $Omega(sqrt{n/log n})$ lower bound on the number of rounds by Bar-Joseph and Ben-Or (PODC'98). We also quantify how much randomness is necessary and sufficient to reduce time complexity to a certain value, while keeping the communication complexity (nearly) optimal. We prove that no MC algorithm can work in less than $Omega(frac{n^2}{max{R,n}log n})$ rounds if it uses less than $O(R)$ calls to a random source, assuming a constant fraction of faulty parties. This can be contrasted with a long line of work on consensus against an {em adversary limited to polynomial computation time}, thus unable to break cryptographic primitives, culminating in a work by Ghinea et al. (EUROCRYPT'22), where an optimal $O(r)$-round solution with probability $1-(cr)^{-r}$ is given. Our lower bound strictly separates these two regimes, by excluding such results if the adversary is computationally unbounded. On the upper bound side, we show that for $Rintilde{O}(n^{3/2})$ there exists an algorithm solving consensus in $tilde{O}(frac{n^2}{R})$ rounds with high probability, where tilde notation hides a polylogarithmic factor. The communication complexity of the algorithm does not depend on the amount of randomness $R$ and stays optimal within polylogarithmic factor.
5/27/2024
Knowledge Connectivity Requirements for Solving BFT Consensus with Unknown Participants and Fault Threshold (Extended Version)
Hasan Heydari, Robin Vassantlal, Alysson Bessani
0
0
Consensus stands as a fundamental building block for constructing reliable and fault-tolerant distributed services. The increasing demand for high-performance and scalable blockchain protocols has brought attention to solving consensus in scenarios where each participant joins the system knowing only a subset of participants. In such scenarios, the participants' initial knowledge about the existence of other participants can collectively be represented by a directed graph known as knowledge connectivity graph. The Byzantine Fault Tolerant Consensus with Unknown Participants (BFT-CUP) problem aims to solve consensus in those scenarios by identifying the necessary and sufficient conditions that the knowledge connectivity graphs must satisfy when a fault threshold is provided to all participants. This work extends BFT-CUP by eliminating the requirement to provide the fault threshold to the participants. We indeed address the problem of solving BFT consensus in settings where each participant initially knows a subset of participants, and although a fault threshold exists, no participant is provided with this information -- referred to as BFT Consensus with Unknown Participants and Fault Threshold (BFT-CUPFT). With this aim, we first demonstrate that the conditions for knowledge connectivity graphs identified by BFT-CUP are insufficient to solve BFT-CUPFT. Accordingly, we introduce a new type of knowledge connectivity graphs by determining the necessary and sufficient conditions they must satisfy to solve BFT-CUPFT. Furthermore, we design a protocol for solving BFT-CUPFT.
5/13/2024