Hybrid Consensus: Efficient Consensus in the Permissionless Model

Pass, Rafael; Shi, Elaine

doi:10.4230/LIPIcs.DISC.2017.39

File

LIPIcs.DISC.2017.39.pdf

Filesize: 0.54 MB
16 pages

Document Identifiers

DOI: 10.4230/LIPIcs.DISC.2017.39
URN: urn:nbn:de:0030-drops-80040

Author Details

Rafael Pass

Elaine Shi

Cite AsGet BibTex

Rafael Pass and Elaine Shi. Hybrid Consensus: Efficient Consensus in the Permissionless Model. In 31st International Symposium on Distributed Computing (DISC 2017). Leibniz International Proceedings in Informatics (LIPIcs), Volume 91, pp. 39:1-39:16, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2017)
https://doi.org/10.4230/LIPIcs.DISC.2017.39

Abstract

Consensus, or state machine replication is a foundational building block of distributed systems and modern cryptography. Consensus in the classical, "permissioned" setting has been extensively studied in the 30 years of distributed systems literature. Recent developments in Bitcoin and other decentralized cryptocurrencies popularized a new form of consensus in a "permissionless" setting, where anyone can join and leave dynamically, and there is no a-priori knowledge of the number of consensus nodes. So far, however, all known permissionless consensus protocols assume network synchrony, i.e., the protocol must know an upper bound of the network's delay, and transactions confirm slower than this a-priori upper bound. We initiate the study of the feasibilities and infeasibilities of achieving responsiveness in permissionless consensus. In a responsive protocol, the transaction confirmation time depends only on the actual network delay, but not on any a-priori known upper bound such as a synchronous round. Classical protocols in the partial synchronous and asynchronous models naturally achieve responsiveness, since the protocol does not even know any delay upper bound. Unfortunately, we show that in the permissionless setting, consensus is impossible in the asynchronous or partially synchronous models. On the positive side, we construct a protocol called Hybrid Consensus by combining classical-style and blockchain-style consensus. Hybrid Consensus shows that responsiveness is nonetheless possible to achieve in permissionless consensus (assuming proof-of-work) when 1) the protocol knows an upper bound on the network delay; 2) we allow a non-responsive warmup period after which transaction confirmation can become responsive; 3) honesty has some stickiness, i.e., it takes a short while for an adversary to corrupt a node or put it to sleep; and 4) less than 1/3 of the nodes are corrupt. We show that all these conditions are in fact necessary - if only one of them is violated, responsiveness would have been impossible. Our work makes a step forward in our understanding of the permissionless model and its differences and relations to classical consensus.

Keywords

Distributed Consensus
Permissionless
Responsiveness

Metrics

Access Statistics
Total Accesses (updated on a weekly basis)

0

PDF Downloads

0

Metadata Views

References

Byzcoin: Securely scaling blockchains. URL: http://hackingdistributed.com/2016/08/04/byzcoin/.
Untangling mining incentives in bitcoin and byzcoin. URL: http://bford.github.io/2016/10/25/mining/.
Personal communication with Kartik Nayak and Ling Ren.
Ittai Abraham, Dahlia Malkhi, Kartik Nayak, Ling Ren, and Alexander Spiegelman. Solidus: An incentive-compatible cryptocurrency based on permissionless byzantine consensus. CoRR, abs/1612.02916, 2016.
Marcin Andrychowicz and Stefan Dziembowski. Pow-based distributed cryptography with no trusted setup. In CRYPTO, pages 379-399, 2015.
Hagit Attiya, Cynthia Dwork, Nancy Lynch, and Larry Stockmeyer. Bounds on the time to reach agreement in the presence of timing uncertainty. J. ACM, 41(1):122-152, 1994.
Boaz Barak, Ran Canetti, Yehuda Lindell, Rafael Pass, and Tal Rabin. Secure computation without authentication. In CRYPTO, pages 361-377, 2005.
Alysson Neves Bessani, João Sousa, and Eduardo Adílio Pelinson Alchieri. State machine replication for the masses with BFT-SMART. In DSN, pages 355-362, 2014.
Christian Decker, Jochen Seidel, and Roger Wattenhofer. Bitcoin meets strong consistency. In ICDCN, 2016.
Danny Dolev, Ruediger Reischuk, and H. Raymond Strong. Early stopping in byzantine agreement. J. ACM, 37(4):720-741, October 1990.
Cynthia Dwork, Nancy Lynch, and Larry Stockmeyer. Consensus in the presence of partial synchrony. J. ACM, 1988.
Ittay Eyal and Emin Gun Sirer. Majority is not enough: Bitcoin mining is vulnerable. In FC, 2014.
Juan A. Garay, Aggelos Kiayias, and Nikos Leonardos. The bitcoin backbone protocol: Analysis and applications. In Eurocrypt, 2015.
Jonathan Katz, Andrew Miller, and Elaine Shi. Pseudonymous secure computation from time-lock puzzles. IACR Cryptology ePrint Archive, 2014:857, 2014.
Eleftherios Kokoris-Kogias, Philipp Jovanovic, Nicolas Gailly, Ismail Khoffi, Linus Gasser, and Bryan Ford. Enhancing bitcoin security and performance with strong consistency via collective signing. In Usenix Security, 2016.
Leslie Lamport, Dahlia Malkhi, and Lidong Zhou. Vertical paxos and primary-backup replication. In PODC, pages 312-313, 2009.
Silvio Micali. Algorand: The efficient and democratic ledger. https://arxiv.org/abs/1607.01341, 2016.
Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system, 2008.
Rafael Pass, Lior Seeman, and Abhi Shelat. Analysis of the blockchain protocol in asynchronous networks. In Eurocrypt, 2017.
Rafael Pass and Elaine Shi. Hybrid consensus: Efficient consensus in the permissionless model. Technical report version, https://eprint.iacr.org/2016/917, 2016.
Rafael Pass and Elaine Shi. Fruitchains: A fair blockchain. In PODC, 2017.
Yonatan Sompolinsky, Yoad Lewenberg, and Aviv Zohar. SPECTRE: A fast and scalable cryptocurrency protocol. IACR Cryptology ePrint Archive, 2016:1159, 2016.