Sisi Duan,Haibin Zhang,Boxin Zhao

2022-01-01

Abstract:This paper refutes the conventional wisdom that information-theoretic BFT is impractical. We design and implement WaterBear, the first practical information-theoretic asynchronous Byzantine fault-tolerant (BFT) protocol. We also present a more efficient, quantum-secure asynchronous BFT protocol, WaterBear-QS, which, compared to WaterBear, additionally uses a collision-resistant hash function. We show that WaterBear and WaterBear-QS are efficient under both failure-free and failure scenarios, achieving comparable performance to the state-of-the-art asynchronous BFT protocols. In particular, our failure case evaluation is thus far the most comprehensive evaluation for asynchronous BFT settings.

Sisi Duan,Michael K. Reiter,Haibin Zhang

DOI: https://doi.org/10.1145/3243734.3243812

2018-01-01

Abstract:We present BEAT, a set of practical Byzantine fault-tolerant (BFT) protocols for completely asynchronous environments. BEAT is flexible, versatile, and extensible, consisting of five asynchronous BFT protocols that are designed to meet different goals (e.g., different performance metrics, different application scenarios). Due to modularity in its design, features of these protocols can be mixed to achieve even more meaningful trade-offs between functionality and performance for various applications. Through a 92-instance, five-continent deployment of BEAT on Amazon EC2, we show that BEAT is efficient: roughly, all our BEAT instances significantly outperform, in terms of both latency and throughput, HoneyBadgerBFT, the most efficient asynchronous BFT known.

Jian Liu,Wenting Li,Ghassan O. Karame,N. Asokan

DOI: https://doi.org/10.1109/tc.2018.2860009

IF: 3.183

2019-01-01

IEEE Transactions on Computers

Abstract:The surging interest in blockchain technology has revitalized the search for effective Byzantine consensus schemes. In particular, the blockchain community has been looking for ways to effectively integrate traditional Byzantine fault-tolerant (BFT) protocols into a blockchain consensus layer allowing various financial institutions to securely agree on the order of transactions. However, existing BFT protocols can only scale to tens of nodes due to their $O(n^2)$ message complexity. In this paper, we propose FastBFT, a fast and scalable BFT protocol. At the heart of FastBFT is a novel message aggregation technique that combines hardware-based trusted execution environments (TEEs) with lightweight secret sharing. Combining this technique with several other optimizations (i.e., optimistic execution, tree topology and failure detection), FastBFT achieves low latency and high throughput even for large scale networks. Via systematic analysis and experiments, we demonstrate that FastBFT has better scalability and performance than previous BFT protocols.

Tian Qin,Jian Liu,Peng Gao

2020-01-01

Abstract:In this work, we propose Leaderless Byzantine Fault Tolerance (LBFT), a novel consensus algorithm that combines Snowball algorithm and Practical Byzantine Fault Tolerance (pBFT) algorithm, two existing consensus algorithms. Achieving consensus in decentralized systems has been dicult as they lack certain properties that many algorithms assume. Our approach looks to take advantage of the decentralized aspect of Snowball and the deterministic property of pBFT so that the weaknesses of Snowball’s probabilistic property and pBFT’s reliance on "leader" are eliminated. The algorithm we propose is applicable to decentralized systems such as blockchain systems even though Snowball and pBFT both make stronger assumptions than decentralized systems allow. By simulating real-world environments and comparing with pBFT performances, we show that LBFT is feasible in the context of real-world decentralized systems and has sucient performances that are close to those of pBFT.

Bingyong Guo,Zhenliang Lu,Qiang Tang,Jing Xu,Zhenfeng Zhang

DOI: https://doi.org/10.1145/3372297.3417262

2020-10-30

Abstract:HoneyBadgerBFT, proposed by Miller et al. [34] as the first practical asynchronous atomic broadcast protocol, demonstrated impressive performance. The core of HoneyBadgerBFT (HB-BFT) is to achieve batching consensus using asynchronous common subset protocol (ACS) of Ben-Or et al., constituted with n reliable broadcast protocol (RBC) to have each node propose its input, followed by n asynchronous binary agreement protocol (ABA) to make a decision for each proposed value (n is the total number of nodes). In this paper, we propose two new atomic broadcast protocols (called Dumbo1, Dumbo2) both of which have asymptotically and practically better efficiency. In particular, the ACS of Dumbo1 only runs a small κ (independent of n) instances of ABA, while that of Dumbo2 further reduces it to constant! At the core of our techniques are two major observations: (1) reducing the number of ABA instances significantly improves efficiency; and (2) using multi-valued validated Byzantine agreement (MVBA) which was considered sub-optimal for ACS in [34] in a more careful way could actually lead to a much more efficient ACS. We implement both Dumbo1, Dumbo2 and deploy them as well as HB-BFT on 100 Amazon EC2 t2.medium instances uniformly distributed throughout 10 different regions across the globe, and run extensive experiments in the same environments. The experimental results show that our protocols achieve multi-fold improvements over HoneyBadgerBFT on both latency and throughput, especially when the system scale becomes moderately large.

Diogo S. Antunes,Afonso N. Oliveira,André Breda,Matheus Guilherme Franco,Henrique Moniz,Rodrigo Rodrigues

2024-07-14

Abstract:Traditional Byzantine Fault Tolerance (BFT) state machine replication protocols assume a partial synchrony model, leading to a design where a leader replica drives the protocol and is replaced after a timeout. Recently, we witnessed a surge of asynchronous BFT protocols, which use randomization to remove the need for bounds on message delivery times, making them more resilient to adverse network conditions. However, existing research proposals still fall short of gaining practical adoption, plausibly because they are not able to combine good performance with a simple design that can be readily understood and adopted. In this paper, we present Alea-BFT, a simple and highly efficient asynchronous BFT protocol, which is gaining practical adoption, namely in Ethereum distributed validators. Alea-BFT brings the key design insight from classical protocols of concentrating part of the work on a single designated replica and incorporates this principle in a simple two-stage pipelined design, with an efficient broadcast led by the designated replica, followed by an inexpensive binary agreement. The evaluation of our research prototype implementation and two real-world integrations in cryptocurrency ecosystems shows excellent performance, improving on the fastest protocol (Dumbo-NG) in terms of latency and displaying good performance under faults.

Distributed, Parallel, and Cluster Computing

Chao Liu,Sisi Duan,Haibin Zhang

2021-01-01

Abstract:State-of-the-art asynchronous Byzantine fault-tolerant (BFT) protocols, such as HoneyBadgerBFT, BEAT, and Dumbo, have shown a performance comparable to partially synchronous BFT protocols. This paper studies two practical directions in asynchronous BFT. First, while all these asynchronous BFT protocols assume optimal resilience with 3f+1 replicas (where f is an upper bound on the number of Byzantine replicas), it is interesting to ask whether more efficient protocols are possible if relaxing the resilience level. Second, these recent BFT protocols evaluate their performance under failure-free scenarios. It is unclear if these protocols indeed perform well during failures and attacks. This work first studies asynchronous BFT with suboptimal resilience using 5f+1 and 7f+1 replicas. We present MiB, a novel and efficient asynchronous BFT framework using new distributed system constructions as building blocks. MiB consists of two main BFT instances and five other variants. As another contribution, we systematically design experiments for asynchronous BFT protocols with failures and evaluate their performance in various failure scenarios. We report interesting findings, showing asynchronous BFT indeed performs consistently well during various failure scenarios. In particular, via a five-continent deployment on Amazon EC2 using 140 replicas, we show the MiB instances have lower latency and much higher throughput than their asynchronous BFT counterparts.

Haibin Zhang,Sisi Duan

DOI: https://doi.org/10.1145/3548606.3559348

2022-01-01

Abstract:The classic asynchronous Byzantine fault tolerance (BFT) framework of Ben-Or, Kemler, and Rabin (BKR) and its descendants rely on reliable broadcast (RBC) and asynchronous binary agreement (ABA). However, BKR does not allow all ABA instances to run in parallel, a well-known performance bottleneck. We propose PACE, a generic framework that removes the bottleneck, allowing fully parallelizable ABA instances. PACE is built on RBC and reproposable ABA (RABA). Different from the conventional ABA, RABA allows a replica to change its mind and vote twice. We show how to efficiently build RABA protocols from existing ABA protocols and a new ABA protocol that we introduce. We implement six new BFT protocols: three in the BKR framework, and three in the PACE framework. Via a deployment using 91 replicas on Amazon EC2 across five continents, we show that all PACE instantiations, in both failure-free and failure scenarios, significantly outperform their BKR counterparts, and prior BFT protocols such as BEAT and Dumbo, in terms of latency, throughput, latency vs. throughput, and scalability.

Shengyun Liu,Wenbo Xu,Chen Shan,Xiaofeng Yan,Tianjing Xu,Bo Wang,Lei Fan,Fuxi Deng,Ying Yan,Hui Zhang

DOI: https://doi.org/10.1145/3600006.3613164

2023-01-01

Abstract:Byzantine fault tolerant (BFT) consensus protocols are becoming an appealing solution to blockchains. As most blockchain systems are deployed on Wide Area Networks (WANs), with each node acting on behalf of its entity, partially synchronous BFT protocols that rely on network synchrony to elect a single leader can be ill-suited. In contrast, asynchronous protocols have no such timing assumptions. Existing asynchronous protocols confront challenges in terms of both flexibility and performance. Towards enabling adaptability of asynchronous BFT protocols, we propose a new paradigm for bridging ordering and agreement components. Nodes in the new paradigm can propose and commit blocks in a more flexible manner, in order to suit various workloads in our production environment. To boost performance, we propose SuperMA, an efficient multi-valued agreement protocol. SuperMA in the best case can terminate in three message delays, achieving optimal latency. We further present MyTumbler, a timestamp-based state machine replication protocol. MyTumbler is enhanced by our new paradigm and uses SuperMA as its agreement component. Large-scale experiments on WAN cloud clusters demonstrate the viability of MyTumbler for a wide range of application scenarios.

Fangyu Gai,Ali Farahbakhsh,Jianyu Niu,Chen Feng,Ivan Beschastnikh,Hao Duan

DOI: https://doi.org/10.48550/arXiv.2103.00777

2021-03-01

Abstract:Permissioned blockchains employ Byzantine fault-tolerant (BFT) state machine replication (SMR) to reach agreement on an ever-growing, linearly ordered log of transactions. A new paradigm, combined with decades of research in BFT SMR and blockchain (namely chained-BFT, or cBFT), has emerged for directly constructing blockchain protocols. Chained-BFT protocols have a unifying propose-vote scheme instead of multiple different voting phases with a set of voting and commit rules to guarantee safety and liveness. However, distinct voting and commit rules impose varying impacts on performance under different workloads, network conditions, and Byzantine attacks. Therefore, a fair comparison of the proposed protocols poses a challenge that has not yet been addressed by existing work. We fill this gap by studying a family of cBFT protocols with a two-pronged systematic approach. First, we present an evaluation framework, Bamboo, for quick prototyping of cBFT protocols and that includes helpful benchmarking facilities. To validate Bamboo, we introduce an analytic model using queuing theory which also offers a back-of-the-envelope guide for dissecting these protocols. We build multiple cBFT protocols using Bamboo and we are the first to fairly compare three representatives (i.e., HotStuff, two-chain HotStuff, and Streamlet). We evaluated these protocols under various parameters and scenarios, including two Byzantine attacks that have not been widely discussed in the literature. Our findings reveal interesting trade-offs (e.g., responsiveness vs. forking-resilience) between different cBFT protocols and their design choices, which provide developers and researchers with insights into the design and implementation of this protocol family.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Neil Giridharan,Florian Suri-Payer,Ittai Abraham,Lorenzo Alvisi,Natacha Crooks

2024-10-23

Abstract:Today's practical, high performance Byzantine Fault Tolerant (BFT) consensus protocols operate in the partial synchrony model. However, existing protocols are inefficient when deployments are indeed partially synchronous. They deliver either low latency during fault-free, synchronous periods (good intervals) or robust recovery from events that interrupt progress (blips). At one end, traditional, view-based BFT protocols optimize for latency during good intervals, but, when blips occur, can suffer from performance degradation (hangovers) that can last beyond the return of a good interval. At the other end, modern DAG-based BFT protocols recover more gracefully from blips, but exhibit lackluster latency during good intervals. To close the gap, this work presents Autobahn, a novel high-throughput BFT protocol that offers both low latency and seamless recovery from blips. By combining a highly parallel asynchronous data dissemination layer with a low-latency, partially synchronous consensus mechanism, Autobahn (i) avoids the hangovers incurred by traditional BFT protocols and (ii) matches the throughput of state of the art DAG-based BFT protocols while cutting their latency in half, matching the latency of traditional BFT protocols.

Distributed, Parallel, and Cluster Computing

Sitong Ling,Zhuotao Liu,Qi Li,Xinle Du,Jing Chen,Ke Xu

DOI: https://doi.org/10.1109/tnet.2024.3461872

2024-01-01

Abstract:With the increasing demand for blockchain technology in various industry sectors, there has been a growing interest in the Byzantine Fault Tolerance (BFT) consensus that is the backbone of most of these blockchains. However, many state-of-the-art algorithms that require reliable connections can only offer limited throughput in wide-area networks (WANs), where participants are connected over long distances and may experience unpredictable network failures. The partially-connected BFTs are designed for unreliable and highly dynamic networks yet impose exponential communication complexity. This paper proposes Stable Byzantine Fault Tolerance (SBFT), a BFT communication abstraction that can sustain high throughput and low latency in WAN. SBFT separates the leader from consensus in pipelined BFT consensus and uses an adaptive consensus mechanism to resist dynamic faulty links, maintaining consensus efficiency when network connectivity is high while adapting to dynamic networks with low connectivity. We implemented a prototype of SBFT and tested it on the WAN. The results demonstrate that SBFT has a throughput similar to HotStuff in a fault-free environment but can reduce about 80% of consensus latency. Besides, SBFT retains 40% of the original throughput when the link failure probability is $0.4$ , while the baseline HotStuff retains less than 40% when the link failure probability is only $0.1$ .

Yuan Lu,Zhenliang Lu,Qiang Tang

DOI: https://doi.org/10.48550/arXiv.2103.09425

2022-09-01

Abstract:An urgent demand of deploying BFT consensus over the Internet is raised for implementing blockchain services. The deterministic (partial) synchronous protocols can be simple and fast in good network conditions, but are subject to denial-of-service when synchrony assumption fails. Asynchronous protocols, on the contrary, are robust against the adversarial network, but are substantially more complicated and slower for the inherent use of randomness. Facing the issues, optimistic asynchronous atomic broadcast ( Kursawe-Shoup, 2002; Ramasamy-Cachin, 2005) was proposed to improve the normal-case performance of the slow asynchronous consensus. They run a deterministic fastlane if the network condition remains good, and can fall back to a fully asynchronous protocol via a pace-synchronization mechanism if the fastlane fails. Unfortunately, existing pace-synchronization directly uses a heavy tool of asynchronous multi-valued validated Byzantine agreement (MVBA). We present Bolt-Dumbo Transformer (BDT), a generic framework for practical optimistic asynchronous atomic broadcast. At the core of BDT, we set forth a new fastlane abstraction that is simple and fast, while preparing honest parties to gracefully face potential fastlane failures caused by malicious leader or bad network. This enables a highly efficient pace-synchronization to handle fallback. The resulting design reduces a cumbersome MVBA to a variant of the conceptually simplest binary agreement only. Besides detailed security analyses, we also give concrete instantiations of our framework and implement them. Extensive experiments demonstrate that BDT can enjoy both the low latency of deterministic protocols (e.g. 2-chain version of HotStuff) and the robustness of state-of-the-art asynchronous protocols in practice.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Qianyu Yu,Giuliano Losa,Xuechao Wang

2024-05-04

Abstract:This paper presents TetraBFT, a novel unauthenticated Byzantine fault tolerant protocol for solving consensus in partial synchrony, eliminating the need for public key cryptography and ensuring resilience against computationally unbounded adversaries. TetraBFT has several compelling features: it necessitates only constant local storage, has optimal communication complexity, satisfies optimistic responsiveness -- allowing the protocol to operate at actual network speeds under ideal conditions -- and can achieve consensus in just 5 message delays, which outperforms all known unauthenticated protocols achieving the other properties listed. We validate the correctness of TetraBFT through rigorous security analysis and formal verification. Furthermore, we extend TetraBFT into a multi-shot, chained consensus protocol, making a pioneering effort in applying pipelining techniques to unauthenticated protocols. This positions TetraBFT as a practical and deployable solution for blockchain systems aiming for high efficiency.

Cryptography and Security

Chuanwang Mai,Yu Zhang,Binxing Fang,Hongli Zhang

DOI: https://doi.org/10.1109/icc45855.2022.9838903

2022-01-01

Abstract:The surprising wave of blockchain has led to rapid progress of Byzantine fault tolerant protocol. However, most researches concentrate on the centralized trust such as PBFT, in which all participants trust each other equally. This paper presents DWBFT, a weighted Byzantine fault tolerant protocol with decentralized trust under the weak synchrony assumption. In DWBFT, the nodes can assign weights to each other depending on their decentralized trust relationship, which are adopted to make decisions. DWBFT can achieve safety under the condition that the weight of Byzantine nodes is less than 1/5 of the total weight of all nodes under any weight assignment. The experimental results show that DWBFT can achieve a throughput of nearly 13,000 tps under 32 nodes, and has no significant performance degradation compared with PBFT.

Dahlia Malkhi,Kartik Nayak,Ling Ren

DOI: https://doi.org/10.48550/arXiv.1904.10067

2019-05-31

Abstract:This paper introduces Flexible BFT, a new approach for BFT consensus solution design revolving around two pillars, stronger resilience and diversity. The first pillar, stronger resilience, involves a new fault model called alive-but-corrupt faults. Alive-but-corrupt replicas may arbitrarily deviate from the protocol in an attempt to break safety of the protocol. However, if they cannot break safety, they will not try to prevent liveness of the protocol. Combining alive-but-corrupt faults into the model, Flexible BFT is resilient to higher corruption levels than possible in a pure Byzantine fault model. The second pillar, diversity, designs consensus solutions whose protocol transcript is used to draw different commit decisions under diverse beliefs. With this separation, the same Flexible BFT solution supports synchronous and asynchronous beliefs, as well as varying resilience threshold combinations of Byzantine and alive-but-corrupt faults. At a technical level, Flexible BFT achieves the above results using two new ideas. First, it introduces a synchronous BFT protocol in which only the commit step requires to know the network delay bound and thus replicas execute the protocol without any synchrony assumption. Second, it introduces a notion called Flexible Byzantine Quorums by dissecting the roles of different quorums in existing consensus protocols.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Feng Shen,Yu Long,Zhen Liu,Zhiqiang Liu,Hongyang Liu,Dawu Gu,Ning Liu

DOI: https://doi.org/10.1007/978-3-030-36938-5_17

2019-01-01

Abstract:Emerging as a distributed system maintaining a public ledger via consensus protocol, blockchain technology is showing its great potential in various scenarios such as supply chain, financial industry, internet of things (IoT), etc. Among kinds of consensus protocols, Byzantine Fault Tolerance (BFT) protocols are playing an important part in the design of the blockchain system. Most BFT protocols, however, are static with no support for a dynamic property (i.e. nodes can join/leave a working system) and lack mechanisms to punish faulty nodes, which highly limit their wider adoption in the practical settings. This paper presents a dynamic enhanced BFT (DEBFT) protocol that is designed to support dynamic property and faulty nodes punishment. Based on HoneyBadger BFT, DEBFT employs Dynamic Threshold Identity-based Encryption and Distributed Key Generation to enable changes of the consensus group without reconfiguring the whole system, besides, evaluation metrics are also introduced to evaluate consensus nodes and clear faulty ones out of the system.

Jiashuo Zhang,Jianbo Gao,Ke Wang,Zhiyou Wu,Yaqi Lan,Zhi Guan,Zhong Chen

2021-01-01

Abstract:While the requirements for reliability increasing rapidly in distributed systems, byzantine fault tolerance protocols have attracted more and more attention for the ability to tolerate arbitrary failures. Although traditional BFT protocols have achieved significant performance improvements after decades of research, they still cannot meet the increasing scalability requirements. Thanks to the recent development of trusted execution environment, researchers have opportunities to improve BFT protocols with hardware assistance, including increasing the ratio of byzantine nodes that the system can tolerate and improving the scalability of the system. However, existing TEE-based BFT protocols are mostly designed via improving traditional BFT protocols and using complex operations to overcome security issues introduced by TEE, which makes the protocols difficult to understand and implement. In fact, after introducing TEE, many byzantine failures can be eliminated naturally so that the adversary assumption of TEE-based BFT is more similar to CFT rather than traditional BFT. Therefore, it would be better to design a TEE-based BFT protocol on the basis of CFT protocols to inherit the advantages of CFT, i.e., understandable and efficient. In this paper, we summarize the key differences between TEE-based BFT and CFT protocols and propose four principles to help bridge the gap between TEE-based BFT and CFT. Based on these principles, we present TBFT, a novel TEEbased BFT protocol with inspirations from CFT protocols, which is simple and understandable enough to be applied in practice. Besides, we make comprehensive improvements to TBFT for both performance and security, including pipeline mechanisms, TEEassisted secret sharing, and trusted leader election. Our evaluation shows that TBFT has better performance and scalability compared to previous protocols.

Sisi Duan,Haibin Zhang,Xiao Sui,Baohan Huang,Changchun Mu,Gang Di,Xiaoyun Wang

DOI: https://doi.org/10.1145/3627703.3650073

2024-01-01

Abstract:State-of-the-art Byzantine fault-tolerant (BFT) protocols assuming partial synchrony such as SBFT and HotStuff use regular certificates obtained from 2f + 1 (partial) signatures. We show that one can use weak certificates obtained from only f + 1 signatures to assist in designing more robust and more efficient BFT protocols. We design and implement two BFT systems: Dashing (a family of two HotStuff-style BFT protocols) and Star (a parallel BFT framework). We first present Dashingl that targets both efficiency and robustness using weak certificates. Dashingl is also network-adaptive in the sense that it can leverage network connection discrepancy to improve performance. We show that Dashing1 outperforms HotStuff in various failure-free and failure scenarios. We then present Dashing2 enabling a one-phase fast path by using strong certificates from 3f + 1 signatures. We then leverage weak certificates to build Star, a highly scalable BFT framework that delivers transactions from n - f replicas. Star compares favorably with existing protocols in terms of liveness, communication, state transfer, scalability, and/or robustness under failures. We demonstrate that Dashing achieves 47%-107% higher peak throughput than HotStuff for experiments on Amazon EC2. Meanwhile, unlike all known BFT protocols whose performance degrades as f grows large, the peak throughput of Star increases as f grows. When deployed in a WAN with 91 replicas across five continents, Star achieves an impressive throughput of 256 ktx/sec, 2.38x that of Narwhal.

Jiashuo Zhang,Jianbo Gao,Ke Wang,Zhenhao Wu,Yue Li,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1109/ICC45855.2022.9839169

2022-01-01

Abstract:With the rapid development of blockchain, Byzantine fault-tolerant protocols have attracted revived interest recently. To overcome the theoretical bounds of Byzantine fault tolerance, many protocols attempt to use Trusted Execution Environment (TEE) to prevent equivocation and improve fault tolerance from less than 1/3 to minority. However, due to the broken quorum intersection assumption caused by the reduction of replica number, most improvements introduce higher communication complexity or more protocol phases, which affects the performance and scalability of existing TEE-based protocols and prevents them to be applied to large-scale blockchain systems. In this paper, we propose TBFT, an efficient Byzantine fault-tolerant protocol in the partial synchrony setting, which has O(n) message complexity and only two protocol phases in normal-case. The key insight behind TBFT is introducing novel TEE-assisted primitives to limit malicious behaviors of replicas including not only equivocation but also message log forgery and message history forgery, therefore both the communication complexity and protocol phases can be reduced. We have implemented TBFT and evaluated it through systematic analysis and experiments, and the results show that TBFT has better performance and scalability compared to other protocols.