SlideShare a Scribd company logo

Byzantine ordered consensus

Y
YongraeJo

.

Technology
1 of 40
Download to read offline
Yongrae Jo Pohang University of Science and Technology System Software Laboratory Byzantine Ordered Consensus without Byzantine Oligarchy Yunhao Zhang, Cornell University; Srinath Setty, Qi Chen, and Lidong Zhou, Microsoft Research; Lorenzo Alvisi, Cornell University 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2020)
2 State Machine Replication (SMR) State Machine Replication b c a e d n n+1 n-1 n-2 n+2 Sequence# Commands b c d e a The SMR guarantees consistent states by executing totally ordered sequence of commands Set of commands Total-ordered commands
3 State Machine Replication (SMR) Leader b c d e a Set of commands Replica Replica Replica Can control which commands are processed first Replica b c a e d n n+1 n-1 n-2 n+2 Order 1 e d b c a Order 2 a c e d b Order 3 Depending on the leader’s choice, different total order made possible
4 Importance of Transaction Order Ledger Ledger Ledger Ledger Order does not matter for fault-tolerance (as long as consistency is guaranteed) … 자본 시장의 첨단을 달리는 미국 월스트 리트에서도 이와 비슷한 일이 벌어지고 있다. 이른바 ‘초단타매매(HTF· High Freqeuncy Trading)’다. 이런 초미세 시간 차 매매로 수익을 올리는 어둠의 약탈자 들이 존재한다는 사실은 비교적 최근에 알려졌다. 이들은 1000분의 1초(밀리세컨 드) 단위 속도로 진행되는 일종의 선행매 매(Front running)를 통해 막대한 이익을 챙긴다. 규모도 정확히 파악하기 어려울 정도다. 주로 누군가의 주문을 먼저 보고 같은 주문을 미리 내 가격을 올려 파는 방 식을 구사한다. … ([북리뷰] 플래시 보이 스, 조선비즈) Traditional BFT Blockchain https://biz.chosun.com/site/data/html_dir/2014/10/10/2014101002481.html Order matters for financial transactions
5 BFT-SMR Specification ⚫ Safety • All non-faulty replicas agree on a total order for the execution of comman ds despite Byzantine failures ⚫ Liveness • Clients eventually receive replies to their requests • i.e., a system should make progress despite Byzantine failures
6 BFT-SMR Specification ⚫ Safety • All non-faulty replicas agree on a total order for the execution of comman ds despite Byzantine failures ⚫ Liveness • Clients eventually receive replies to their requests • i.e., a system should make progress despite Byzantine failures b c a e d n n+1 n-1 n-2 n+2 Order 1 e d b c a Order 2 a c e d b Order 3 Order itself does not matter so long as consistency is guaranteed ! Which order is the most desirable ?
7 Motivation ⚫ Safety • All non-faulty replicas agree on a total order for the execution of comman ds despite Byzantine failures ⚫ Liveness • Clients eventually receive replies to their requests • i.e., a system should make progress despite Byzantine failures b c a e d n n+1 n-1 n-2 n+2 Order 1 e d b c a Order 2 a c e d b Order 3 Order itself does not matter so long as consistency is guaranteed ! Is it possible to formally define an ordering property to put a constraint on the order of commands? Which order is the most desirable ?
8 Contribution ⚫ A new BFT specification: Byzantine ordered consensus • Expand BFT-SMR correctness specification to express ordering requirement rigorously ⚫ A new BFT architecture: Factoring ordering out of consensus • Consensus-agnostic ordering phase • Preprocessing for locking a position in the ledger ⚫ Design, implement, and evaluate Pompe • BFT-SMR protocol based on Byzantine ordered consensus Ordering Consensus HotStuff, SBFT, … Locks #n-th entry in the ledger Consensus on the #n-th entry in the ledger
9 Byzantine ordered consensus : Concepts introduced A consensus, in which any node can propose a command with an ordering preference that allows each node to express how the command is ordered, while minimizing Byzantine influence Byzantine Ordered Consensus
10 Byzantine ordered consensus : Concepts introduced Politics of Byzantium Byzantine Oligarchy Byzantine Democracy Byzantine nodes can fully control order of commands Byzantine nodes can only have a limited effect on the order of commands = The ordering preferences of the honest nodes appear in the final ledger. + Free will https://thereader.mitpress.mit.edu/american- democracy-is-less-broken-than-you-think/ https://issuetoktok1177.tistory.com/18
11 Terms & Notations Term Notation Definition Command c A request to be executed Ordering Indicator o A metadata that represents a node’s ordering preference Proposal (o,c) A node’s proposal request with an ordering preference Order-before relation <o A comparison operator on two proposals. i.e., For (o1, c1), (o2, c2), if o1 <o o2, then c1 before c2 Profile Pi A set of proposal from node i PC A set of proposal from all correct nodes Trace - An execution sequence of a profile by following the ordering preference.
12 Terms & Notations Term Notation Definition Command c A request to be executed Ordering Indicator o A metadata that represents a node’s ordering preference Proposal (o,c) A node’s proposal request with an ordering preference Order-before relation <o A comparison operator on two proposals. i.e., For (o1, c1), (o2, c2), if o1 <o o2, then c1 before c2 Profile Pi A set of proposal from node i PC A set of proposal from all correct nodes Trace - An execution sequence of a profile by following the ordering preference. E.g., timestamp, dependency set/graph, sequence number
13 Byzantine Oligarchy For all profiles of PC, For all pairs of commands (c1, c2) in PC, There exists, a trace for PC that results in c1 <o c2 , and a trace for PC that results in c2 <o c1 in the ledgers of correct nodes Byzantine nodes can determine the ordering of any two commands, regardl ess of the ordering indicators from correct nodes. Meaning A protocol is subject to a Byzantine oligarchy if and only if …
14 Free Will For all profiles of PC, 1) There exists, a trace for PC that all commands in PC appear in the ledgers of correct nodes 2) There exists, two profiles PA, PB that for all commands c1, c2 that appear in both profiles, there exists a trace for PA that results in c1 <o c2 there exists a trace for PB that results in c2 <o c1 A protocol respects the nodes’ free will, if and only if ….
15 Byzantine Democracy There exists, a profile of PC that for all pairs of commands c1 and c2 , there exists a trace for PC that results in c1 <o c2 and there exists a trace for PC that results in c2 <o c1 in the ledgers of correct nodes a protocol upholds Byzantine democracy if and only if …
16 If Politics of Byzantium allows Free will, then Byzantine democracy
17 If Politics of Byzantium allows Free will, then Byzantine democracy Byzantine Oligarchy Byzantine Democracy Byzantine nodes can fully control order of commands + Free will (of correct nodes) Theorem 3.1 places fundamental limits to the degree to which it is possible to curb the influence of Byzantine nodes. Byzantine nodes can only have a limited effect on the order of commands = The ordering preferences of the honest nodes appear in the final ledger.
18 Fundamental Limitation ⚫ In real-world scenario, we cannot distinguish which one is Byzantine or not. ⚫ Therefore, we cannot completely eliminate Byzantine node’s influence from their order manipulation https://www.youtube.com/watch?v=m2wVye5FCS8&ab_channel=USENIX
19 Ordering properties (1) : Ordering Unanimity Ordering Unanimity Node1 prefers c1 < c2 < c3 Node2 prefers c1 < c3 < c2 Node3 prefers c3 < c1 < c2 c1 ... c2 … … express ordering preference from majority of nodes If all correct nodes prefer c1 < c2, then c1 < c2 in the output ledger
20 Ordering properties (1) : Ordering Unanimity Ordering Unanimity Node1 prefers c1 < c2 < c3 Node2 prefers c1 < c3 < c2 Node3 prefers c3 < c1 < c2 c1 ... c2 … … express ordering preference from majority of nodes Impossibility of ordering unanimity Node1 prefers c1 < c2 < c3 < c4 Node2 prefers c2 < c3 < c4 < c1 Node3 prefers c3 < c4 < c1 < c2 Node4 prefers c4 < c1 < c2 < c3 c1 < c2 : Node1, Node3, Node4 c2 < c3 : Node1, Node2, Node4 c3 < c4 : Node1, Node2, Node3 c4 < c1 : Node2, Node3, Node4 Ordering results : (Condorcet) Cycle Ordering results If all correct nodes prefer c1 < c2, then c1 < c2 in the output ledger
21 Ordering properties (1) : Ordering Unanimity Ordering Unanimity If all correct nodes prefer c1 < c2, then c1 < c2 in the output ledger Node1 prefers c1 < c2 < c3 Node2 prefers c1 < c3 < c2 Node3 prefers c3 < c1 < c2 c1 ... c2 … … express ordering preference from majority of nodes Impossibility of ordering unanimity Node1 prefers c1 < c2 < c3 < c4 Node2 prefers c2 < c3 < c4 < c1 Node3 prefers c3 < c4 < c1 < c2 Node4 prefers c4 < c1 < c2 < c3 c1 < c2 : Node1, Node3, Node4 c2 < c3 : Node1, Node2, Node4 c3 < c4 : Node1, Node2, Node3 c4 < c1 : Node2, Node3, Node4 Ordering results : (Condorcet) Cycle Ordering results
22 Ordering properties (2) : Ordering Linearizability Ordering Linearizability Escape the Condorcet cycle trap → real-time happened before, a relation that is inherently acyclic express ordering preference as timestamp Cmd 1 Cmd 2 Highest timestamp Lowest timestamp If all correct nodes confirms that cmd1’s highest timestamp is lower than cmd2’s lowest timestamp, then cmd1 is ordered before cmd2 Collect all correct node’s timestamp for cmd1
23 Pompe ⚫ A new protocol designed for Byzantine ordered consensus ⚫ A cleanly separate ordering phase for Byzantine ordered consensus and prevents Byzantine oligarchies by enforcing ordering linearizability ⚫ Two phase architecture: Ordering / (modular) Consensus phase Ordering phase Consensus phase Node 1 <Request TS, c> <ResponseTS, c, ts> <Sequence, c, T> <SequenceResponse, ack, h> Node 2 Node 3 Node 4 Ordering Linearizability HotStuff SBFT Locks #n-th entry in the ledger In a way that Byzantine nodes cannot alter Reach consensus on a stable prefix of the final sequence, following the total ordering decisions in the ordering phase
24 System Model ⚫ A distributed system with a set of n = 3f + 1, where up to f nodes can be Byzantine ⚫ Standard cryptographic primitives ⚫ Each node holds a private / public key to digitally sign / verify messages ⚫ An adversarial network that can drop, reorder, or delay messages, but weak synchrony for liveness ⚫ Each node has access to a timer, which produces monotonically increasing timestamps each time it is queried.
25 Pompe: Ordering Phase ⚫ Uses timestamps as ordering indicators. ⚫ Two steps • 1. Pick the median timestamp to exclude Byzantine timestamps • 2. Determine ledger position based on median timestamp Node 1 <RequestTS, c> <ResponseTS, c, ts> <Sequence, c, T> <SequenceResponse, ack, h> Node 2 Node 3 Node 4 Wait for 2f+1 timestamps → Pick the median Wait for 2f+1 responses (quorum) → Determine c’s position (k) in the ledger h: (hash of sequence)
26 Pompe: Consensus Phase ⚫ Ensure that all correct nodes reach consensus on a certain prefix of the total order constructed in the ordering phase ⚫ Can employ any standard leader-based BFT SMR protocol <Collect, k> <CollectResponse, k, S> Leader-based BFT SMR (e.g., HotStuff) Node 1 Node 2 Node 3 Node 4 k: consensus slot (ledger position)
27 Implementation ⚫ Implementing Pompe extends existing leader-based consensus protocols • SBFT (DSN’19) , HotStuff (PODC’19) https://github.com/vmware/concord-bft https://github.com/hot-stuff/libhotstuff
28 Experimental Setup ⚫ Deploy nodes at Azure cloud platform • 100 Standard D16s_v3 (16 vcpus, 64 GB memory) VMs • Each running Ubuntu Linux 18.04 • 34 in West US, 33 in SouthEast Asia, and 33 in North Europe ⚫ Experiments only for failure-free executions ⚫ Clients that submit their commands in a closed loop • Submits a next command after receiving a response ⚫ Benchmark that writes a random value to a randomly selected key in a key-value store. ⚫ Performance metrics • client-perceived latency (measured in ms) • Ordering latency / Consensus latency • throughput (in commands/second).
29 Evaluation: Pompe at Single Datacenter Batch size of consensus phase Batch size of ordering phase Pompe’s separation of ordering / consensus phase enables higher batching opportunities Pompe has higher latency than its baseline four-node configuration in single datacenter 50ms 58.8ms
30 Evaluation: Pompe at Geo-distribution Geo-distributed
31 Evaluation: Pompe at Geo-distribution
32 Conclusion ⚫ There is a fundamental gap between the traditional SMR correctness specification and the threat from order manipulation in blockchain ⚫ Proposes, a new primitive, Byzantine Ordered Consensus, that allows rigorous expression and efficient enforcement of ordering requirements ⚫ Design a modular architecture for Byzantine ordered consensus and built Pompe which enforces ordering linearizability with performance comparable to state-of-the-art systems
33 Thanks
34 Byzantine Fault Tolerance Consensus on the order of commands cmd cmd cmd cmd n n+1 n-1 n-2 Sequence number cmd Primary determines order of comma nds
35 Byzantine Oligarchy Definition. Byzantine Oligarchy A protocol execution is subject to a Byzantine oligarchy if and only if, for all profiles of correct nodes PC, for all pairs of commands c1 and c2 in PC, there exists a trace for PC that results in c1 before c2 in the ledgers of correct nodes and another trace for PC that results in c2 before c1 in the ledgers of correct nodes.
36 Free will & Byzantine Democracy Definition. Byzantine Democracy We say that a protocol upholds Byzantine democracy if and only if there exists a profile of correct nodes PC, such that for all pairs of commands c1 and c2 in PC, there exists a trace for PC that results in c1 before c2 in the ledgers of correct nodes and another trace for PC that results in c2 before c1 in the ledgers of correct nodes. Definition. Free will We say that a protocol respects the nodes’ free will if and only if (i) for all profiles of correct nodes PC , there exists a trace for PC, such that all commands in PC appear in the ledgers of correct nodes in the trace and (ii) there exist two profiles PA and PB, such that, for all commands c1 and c2 that appear in both profiles, there exists a trace for PA that results in c1 before c2 in the ledgers of correct nodes and there exists a trace for PB that results in c2 before c1 in the ledgers of correct nodes.
37
38
39
40

Recommended

Binary Hash Tree based Certificate Access Management for Connected Vehicles (...
Binary Hash Tree based Certificate Access Management for Connected Vehicles (...Binary Hash Tree based Certificate Access Management for Connected Vehicles (...
Binary Hash Tree based Certificate Access Management for Connected Vehicles (...OnBoard Security, Inc. - a Qualcomm Company
 
Stm
StmStm
StmV C
 
Akka for realtime multiplayer mobile games
Akka for realtime multiplayer mobile gamesAkka for realtime multiplayer mobile games
Akka for realtime multiplayer mobile gamesYan Cui
 
Akka for realtime multiplayer mobile games
Akka for realtime multiplayer mobile gamesAkka for realtime multiplayer mobile games
Akka for realtime multiplayer mobile gamesYan Cui
 
blockchain-and-trusted-computing
blockchain-and-trusted-computingblockchain-and-trusted-computing
blockchain-and-trusted-computingYongraeJo
 
FastBFT
FastBFTFastBFT
FastBFTYongraeJo
 
Ekiden
EkidenEkiden
EkidenYongraeJo
 
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeDeploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeHorea Porutiu
 

Recommended

Binary Hash Tree based Certificate Access Management for Connected Vehicles (...
Binary Hash Tree based Certificate Access Management for Connected Vehicles (...Binary Hash Tree based Certificate Access Management for Connected Vehicles (...
Binary Hash Tree based Certificate Access Management for Connected Vehicles (...OnBoard Security, Inc. - a Qualcomm Company
 
Stm
StmStm
StmV C
 
Akka for realtime multiplayer mobile games
Akka for realtime multiplayer mobile gamesAkka for realtime multiplayer mobile games
Akka for realtime multiplayer mobile gamesYan Cui
 
Akka for realtime multiplayer mobile games
Akka for realtime multiplayer mobile gamesAkka for realtime multiplayer mobile games
Akka for realtime multiplayer mobile gamesYan Cui
 
blockchain-and-trusted-computing
blockchain-and-trusted-computingblockchain-and-trusted-computing
blockchain-and-trusted-computingYongraeJo
 
FastBFT
FastBFTFastBFT
FastBFTYongraeJo
 
Ekiden
EkidenEkiden
EkidenYongraeJo
 
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeDeploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeHorea Porutiu
 
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703Nevruz Mesut Sahin
 
Basic Consensus Algorithms
Basic Consensus AlgorithmsBasic Consensus Algorithms
Basic Consensus Algorithms상문 오
 
How to be a smart contract engineer
How to be a smart contract engineerHow to be a smart contract engineer
How to be a smart contract engineerOded Noam
 
Cryptomonday #3: Algorand @ CryptoLab
Cryptomonday #3: Algorand @ CryptoLabCryptomonday #3: Algorand @ CryptoLab
Cryptomonday #3: Algorand @ CryptoLabAdrianoDiLuzio
 
Chapter7.pptx
Chapter7.pptxChapter7.pptx
Chapter7.pptxradhushri
 
TXGX 2019_Albert_High Availability Architecture of Klaytn Service Chain
TXGX 2019_Albert_High Availability Architecture of Klaytn Service ChainTXGX 2019_Albert_High Availability Architecture of Klaytn Service Chain
TXGX 2019_Albert_High Availability Architecture of Klaytn Service ChainKlaytn
 
Lecture 5 from virtual university of pakistan
Lecture 5 from virtual university of pakistanLecture 5 from virtual university of pakistan
Lecture 5 from virtual university of pakistanSaba Hanif
 
Distributed system TimeNState-Tanenbaum.ppt
Distributed system TimeNState-Tanenbaum.pptDistributed system TimeNState-Tanenbaum.ppt
Distributed system TimeNState-Tanenbaum.pptTantraNathjha1
 
PyConUK 2018 - Journey from HTTP to gRPC
PyConUK 2018 - Journey from HTTP to gRPCPyConUK 2018 - Journey from HTTP to gRPC
PyConUK 2018 - Journey from HTTP to gRPCTatiana Al-Chueyr
 
basil.pptx
basil.pptxbasil.pptx
basil.pptxYongraeJo
 
Distributed System by Pratik Tambekar
Distributed System by Pratik TambekarDistributed System by Pratik Tambekar
Distributed System by Pratik TambekarPratik Tambekar
 
Blockchain and Smart Contract Simulation
Blockchain and Smart Contract SimulationBlockchain and Smart Contract Simulation
Blockchain and Smart Contract SimulationJun Furuse
 
Building a blockchain on tendermint
Building a blockchain on tendermintBuilding a blockchain on tendermint
Building a blockchain on tendermintLviv Startup Club
 
Dgw birch eris_presentation
Dgw birch eris_presentationDgw birch eris_presentation
Dgw birch eris_presentationPreston J. Byrne
 
Scaling blockchain poart II: Rollups by Dan Boneh
Scaling blockchain poart II: Rollups by Dan BonehScaling blockchain poart II: Rollups by Dan Boneh
Scaling blockchain poart II: Rollups by Dan Bonehr1tretyakov
 
20170620 MEETUP intro to blockchain and smart contracts (1)
20170620 MEETUP intro to blockchain and smart contracts (1)20170620 MEETUP intro to blockchain and smart contracts (1)
20170620 MEETUP intro to blockchain and smart contracts (1)Brussels Legal Hackers
 
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Codemotion
 
Ethereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software UniversityEthereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software UniversityOpen Source University
 
Scalability & Big Data challenges in real time multiplayer games
Scalability & Big Data challenges in real time multiplayer gamesScalability & Big Data challenges in real time multiplayer games
Scalability & Big Data challenges in real time multiplayer gamesYan Cui
 
Frame Relay
Frame RelayFrame Relay
Frame RelayKishore Kumar
 
Zeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptxZeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptxYongraeJo
 
HotStuff
HotStuff HotStuff
HotStuff YongraeJo
 

More Related Content

Similar to Byzantine ordered consensus

Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703Nevruz Mesut Sahin
 
Basic Consensus Algorithms
Basic Consensus AlgorithmsBasic Consensus Algorithms
Basic Consensus Algorithms상문 오
 
How to be a smart contract engineer
How to be a smart contract engineerHow to be a smart contract engineer
How to be a smart contract engineerOded Noam
 
Cryptomonday #3: Algorand @ CryptoLab
Cryptomonday #3: Algorand @ CryptoLabCryptomonday #3: Algorand @ CryptoLab
Cryptomonday #3: Algorand @ CryptoLabAdrianoDiLuzio
 
Chapter7.pptx
Chapter7.pptxChapter7.pptx
Chapter7.pptxradhushri
 
TXGX 2019_Albert_High Availability Architecture of Klaytn Service Chain
TXGX 2019_Albert_High Availability Architecture of Klaytn Service ChainTXGX 2019_Albert_High Availability Architecture of Klaytn Service Chain
TXGX 2019_Albert_High Availability Architecture of Klaytn Service ChainKlaytn
 
Lecture 5 from virtual university of pakistan
Lecture 5 from virtual university of pakistanLecture 5 from virtual university of pakistan
Lecture 5 from virtual university of pakistanSaba Hanif
 
Distributed system TimeNState-Tanenbaum.ppt
Distributed system TimeNState-Tanenbaum.pptDistributed system TimeNState-Tanenbaum.ppt
Distributed system TimeNState-Tanenbaum.pptTantraNathjha1
 
PyConUK 2018 - Journey from HTTP to gRPC
PyConUK 2018 - Journey from HTTP to gRPCPyConUK 2018 - Journey from HTTP to gRPC
PyConUK 2018 - Journey from HTTP to gRPCTatiana Al-Chueyr
 
Distributed System by Pratik Tambekar
Distributed System by Pratik TambekarDistributed System by Pratik Tambekar
Distributed System by Pratik TambekarPratik Tambekar
 
Blockchain and Smart Contract Simulation
Blockchain and Smart Contract SimulationBlockchain and Smart Contract Simulation
Blockchain and Smart Contract SimulationJun Furuse
 
Building a blockchain on tendermint
Building a blockchain on tendermintBuilding a blockchain on tendermint
Building a blockchain on tendermintLviv Startup Club
 
Dgw birch eris_presentation
Dgw birch eris_presentationDgw birch eris_presentation
Dgw birch eris_presentationPreston J. Byrne
 
Scaling blockchain poart II: Rollups by Dan Boneh
Scaling blockchain poart II: Rollups by Dan BonehScaling blockchain poart II: Rollups by Dan Boneh
Scaling blockchain poart II: Rollups by Dan Bonehr1tretyakov
 
20170620 MEETUP intro to blockchain and smart contracts (1)
20170620 MEETUP intro to blockchain and smart contracts (1)20170620 MEETUP intro to blockchain and smart contracts (1)
20170620 MEETUP intro to blockchain and smart contracts (1)Brussels Legal Hackers
 
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Codemotion
 
Ethereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software UniversityEthereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software UniversityOpen Source University
 
Scalability & Big Data challenges in real time multiplayer games
Scalability & Big Data challenges in real time multiplayer gamesScalability & Big Data challenges in real time multiplayer games
Scalability & Big Data challenges in real time multiplayer gamesYan Cui
 

Similar to Byzantine ordered consensus (20)

Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
Deployablockchainwebappwithhyperledgerfabricpresentation 190820170703
 
Basic Consensus Algorithms
Basic Consensus AlgorithmsBasic Consensus Algorithms
Basic Consensus Algorithms
 
How to be a smart contract engineer
How to be a smart contract engineerHow to be a smart contract engineer
How to be a smart contract engineer
 
Cryptomonday #3: Algorand @ CryptoLab
Cryptomonday #3: Algorand @ CryptoLabCryptomonday #3: Algorand @ CryptoLab
Cryptomonday #3: Algorand @ CryptoLab
 
Chapter7.pptx
Chapter7.pptxChapter7.pptx
Chapter7.pptx
 
TXGX 2019_Albert_High Availability Architecture of Klaytn Service Chain
TXGX 2019_Albert_High Availability Architecture of Klaytn Service ChainTXGX 2019_Albert_High Availability Architecture of Klaytn Service Chain
TXGX 2019_Albert_High Availability Architecture of Klaytn Service Chain
 
Lecture 5 from virtual university of pakistan
Lecture 5 from virtual university of pakistanLecture 5 from virtual university of pakistan
Lecture 5 from virtual university of pakistan
 
Distributed system TimeNState-Tanenbaum.ppt
Distributed system TimeNState-Tanenbaum.pptDistributed system TimeNState-Tanenbaum.ppt
Distributed system TimeNState-Tanenbaum.ppt
 
PyConUK 2018 - Journey from HTTP to gRPC
PyConUK 2018 - Journey from HTTP to gRPCPyConUK 2018 - Journey from HTTP to gRPC
PyConUK 2018 - Journey from HTTP to gRPC
 
basil.pptx
basil.pptxbasil.pptx
basil.pptx
 
Distributed System by Pratik Tambekar
Distributed System by Pratik TambekarDistributed System by Pratik Tambekar
Distributed System by Pratik Tambekar
 
Blockchain and Smart Contract Simulation
Blockchain and Smart Contract SimulationBlockchain and Smart Contract Simulation
Blockchain and Smart Contract Simulation
 
Building a blockchain on tendermint
Building a blockchain on tendermintBuilding a blockchain on tendermint
Building a blockchain on tendermint
 
Dgw birch eris_presentation
Dgw birch eris_presentationDgw birch eris_presentation
Dgw birch eris_presentation
 
Scaling blockchain poart II: Rollups by Dan Boneh
Scaling blockchain poart II: Rollups by Dan BonehScaling blockchain poart II: Rollups by Dan Boneh
Scaling blockchain poart II: Rollups by Dan Boneh
 
20170620 MEETUP intro to blockchain and smart contracts (1)
20170620 MEETUP intro to blockchain and smart contracts (1)20170620 MEETUP intro to blockchain and smart contracts (1)
20170620 MEETUP intro to blockchain and smart contracts (1)
 
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
Simone Bronzini - Weaknesses of blockchain applications - Codemotion Milan 2018
 
Ethereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software UniversityEthereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software University
 
Scalability & Big Data challenges in real time multiplayer games
Scalability & Big Data challenges in real time multiplayer gamesScalability & Big Data challenges in real time multiplayer games
Scalability & Big Data challenges in real time multiplayer games
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
 

More from YongraeJo

Zeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptxZeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptxYongraeJo
 
Blockchain meets database
Blockchain meets databaseBlockchain meets database
Blockchain meets databaseYongraeJo
 
BlockLot: Blockchain-based verifiable lottery
BlockLot: Blockchain-based verifiable lotteryBlockLot: Blockchain-based verifiable lottery
BlockLot: Blockchain-based verifiable lotteryYongraeJo
 
Simple robot pets with three emotions (uC/OS III)
Simple robot pets with three emotions (uC/OS III)Simple robot pets with three emotions (uC/OS III)
Simple robot pets with three emotions (uC/OS III)YongraeJo
 
Honeybadger of BFT Protocols
Honeybadger of BFT ProtocolsHoneybadger of BFT Protocols
Honeybadger of BFT ProtocolsYongraeJo
 
Practical Byzantine Fault Tolernace
Practical Byzantine Fault TolernacePractical Byzantine Fault Tolernace
Practical Byzantine Fault TolernaceYongraeJo
 
Making BFT Protocols Really Adaptive
Making BFT Protocols Really AdaptiveMaking BFT Protocols Really Adaptive
Making BFT Protocols Really AdaptiveYongraeJo
 
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...YongraeJo
 
Trap Handling in Linux
Trap Handling in LinuxTrap Handling in Linux
Trap Handling in LinuxYongraeJo
 

More from YongraeJo (20)

Zeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptxZeus Locality aware distributed transaction upload.pptx
Zeus Locality aware distributed transaction upload.pptx
 
HotStuff
HotStuff HotStuff
HotStuff
 
Fbft
FbftFbft
Fbft
 
Blockchain meets database
Blockchain meets databaseBlockchain meets database
Blockchain meets database
 
Beat
BeatBeat
Beat
 
Stellar
StellarStellar
Stellar
 
Ledgerdb
LedgerdbLedgerdb
Ledgerdb
 
Blockene
BlockeneBlockene
Blockene
 
BlockLot: Blockchain-based verifiable lottery
BlockLot: Blockchain-based verifiable lotteryBlockLot: Blockchain-based verifiable lottery
BlockLot: Blockchain-based verifiable lottery
 
Simple robot pets with three emotions (uC/OS III)
Simple robot pets with three emotions (uC/OS III)Simple robot pets with three emotions (uC/OS III)
Simple robot pets with three emotions (uC/OS III)
 
FlexSC
FlexSCFlexSC
FlexSC
 
Honeybadger of BFT Protocols
Honeybadger of BFT ProtocolsHoneybadger of BFT Protocols
Honeybadger of BFT Protocols
 
Cheapbft
Cheapbft Cheapbft
Cheapbft
 
Practical Byzantine Fault Tolernace
Practical Byzantine Fault TolernacePractical Byzantine Fault Tolernace
Practical Byzantine Fault Tolernace
 
Making BFT Protocols Really Adaptive
Making BFT Protocols Really AdaptiveMaking BFT Protocols Really Adaptive
Making BFT Protocols Really Adaptive
 
Pileus
PileusPileus
Pileus
 
Vft
VftVft
Vft
 
Xft
XftXft
Xft
 
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
A Byzantine Fault-Tolerant Ordering Service for the Hyperledger/Fabric Blockc...
 
Trap Handling in Linux
Trap Handling in LinuxTrap Handling in Linux
Trap Handling in Linux
 

Recently uploaded

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Recently uploaded (20)

Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Byzantine ordered consensus

  • 1. Yongrae Jo Pohang University of Science and Technology System Software Laboratory Byzantine Ordered Consensus without Byzantine Oligarchy Yunhao Zhang, Cornell University; Srinath Setty, Qi Chen, and Lidong Zhou, Microsoft Research; Lorenzo Alvisi, Cornell University 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2020)
  • 2. 2 State Machine Replication (SMR) State Machine Replication b c a e d n n+1 n-1 n-2 n+2 Sequence# Commands b c d e a The SMR guarantees consistent states by executing totally ordered sequence of commands Set of commands Total-ordered commands
  • 3. 3 State Machine Replication (SMR) Leader b c d e a Set of commands Replica Replica Replica Can control which commands are processed first Replica b c a e d n n+1 n-1 n-2 n+2 Order 1 e d b c a Order 2 a c e d b Order 3 Depending on the leader’s choice, different total order made possible
  • 4. 4 Importance of Transaction Order Ledger Ledger Ledger Ledger Order does not matter for fault-tolerance (as long as consistency is guaranteed) … 자본 시장의 첨단을 달리는 미국 월스트 리트에서도 이와 비슷한 일이 벌어지고 있다. 이른바 ‘초단타매매(HTF· High Freqeuncy Trading)’다. 이런 초미세 시간 차 매매로 수익을 올리는 어둠의 약탈자 들이 존재한다는 사실은 비교적 최근에 알려졌다. 이들은 1000분의 1초(밀리세컨 드) 단위 속도로 진행되는 일종의 선행매 매(Front running)를 통해 막대한 이익을 챙긴다. 규모도 정확히 파악하기 어려울 정도다. 주로 누군가의 주문을 먼저 보고 같은 주문을 미리 내 가격을 올려 파는 방 식을 구사한다. … ([북리뷰] 플래시 보이 스, 조선비즈) Traditional BFT Blockchain https://biz.chosun.com/site/data/html_dir/2014/10/10/2014101002481.html Order matters for financial transactions
  • 5. 5 BFT-SMR Specification ⚫ Safety • All non-faulty replicas agree on a total order for the execution of comman ds despite Byzantine failures ⚫ Liveness • Clients eventually receive replies to their requests • i.e., a system should make progress despite Byzantine failures
  • 6. 6 BFT-SMR Specification ⚫ Safety • All non-faulty replicas agree on a total order for the execution of comman ds despite Byzantine failures ⚫ Liveness • Clients eventually receive replies to their requests • i.e., a system should make progress despite Byzantine failures b c a e d n n+1 n-1 n-2 n+2 Order 1 e d b c a Order 2 a c e d b Order 3 Order itself does not matter so long as consistency is guaranteed ! Which order is the most desirable ?
  • 7. 7 Motivation ⚫ Safety • All non-faulty replicas agree on a total order for the execution of comman ds despite Byzantine failures ⚫ Liveness • Clients eventually receive replies to their requests • i.e., a system should make progress despite Byzantine failures b c a e d n n+1 n-1 n-2 n+2 Order 1 e d b c a Order 2 a c e d b Order 3 Order itself does not matter so long as consistency is guaranteed ! Is it possible to formally define an ordering property to put a constraint on the order of commands? Which order is the most desirable ?
  • 8. 8 Contribution ⚫ A new BFT specification: Byzantine ordered consensus • Expand BFT-SMR correctness specification to express ordering requirement rigorously ⚫ A new BFT architecture: Factoring ordering out of consensus • Consensus-agnostic ordering phase • Preprocessing for locking a position in the ledger ⚫ Design, implement, and evaluate Pompe • BFT-SMR protocol based on Byzantine ordered consensus Ordering Consensus HotStuff, SBFT, … Locks #n-th entry in the ledger Consensus on the #n-th entry in the ledger
  • 9. 9 Byzantine ordered consensus : Concepts introduced A consensus, in which any node can propose a command with an ordering preference that allows each node to express how the command is ordered, while minimizing Byzantine influence Byzantine Ordered Consensus
  • 10. 10 Byzantine ordered consensus : Concepts introduced Politics of Byzantium Byzantine Oligarchy Byzantine Democracy Byzantine nodes can fully control order of commands Byzantine nodes can only have a limited effect on the order of commands = The ordering preferences of the honest nodes appear in the final ledger. + Free will https://thereader.mitpress.mit.edu/american- democracy-is-less-broken-than-you-think/ https://issuetoktok1177.tistory.com/18
  • 11. 11 Terms & Notations Term Notation Definition Command c A request to be executed Ordering Indicator o A metadata that represents a node’s ordering preference Proposal (o,c) A node’s proposal request with an ordering preference Order-before relation <o A comparison operator on two proposals. i.e., For (o1, c1), (o2, c2), if o1 <o o2, then c1 before c2 Profile Pi A set of proposal from node i PC A set of proposal from all correct nodes Trace - An execution sequence of a profile by following the ordering preference.
  • 12. 12 Terms & Notations Term Notation Definition Command c A request to be executed Ordering Indicator o A metadata that represents a node’s ordering preference Proposal (o,c) A node’s proposal request with an ordering preference Order-before relation <o A comparison operator on two proposals. i.e., For (o1, c1), (o2, c2), if o1 <o o2, then c1 before c2 Profile Pi A set of proposal from node i PC A set of proposal from all correct nodes Trace - An execution sequence of a profile by following the ordering preference. E.g., timestamp, dependency set/graph, sequence number
  • 13. 13 Byzantine Oligarchy For all profiles of PC, For all pairs of commands (c1, c2) in PC, There exists, a trace for PC that results in c1 <o c2 , and a trace for PC that results in c2 <o c1 in the ledgers of correct nodes Byzantine nodes can determine the ordering of any two commands, regardl ess of the ordering indicators from correct nodes. Meaning A protocol is subject to a Byzantine oligarchy if and only if …
  • 14. 14 Free Will For all profiles of PC, 1) There exists, a trace for PC that all commands in PC appear in the ledgers of correct nodes 2) There exists, two profiles PA, PB that for all commands c1, c2 that appear in both profiles, there exists a trace for PA that results in c1 <o c2 there exists a trace for PB that results in c2 <o c1 A protocol respects the nodes’ free will, if and only if ….
  • 15. 15 Byzantine Democracy There exists, a profile of PC that for all pairs of commands c1 and c2 , there exists a trace for PC that results in c1 <o c2 and there exists a trace for PC that results in c2 <o c1 in the ledgers of correct nodes a protocol upholds Byzantine democracy if and only if …
  • 16. 16 If Politics of Byzantium allows Free will, then Byzantine democracy
  • 17. 17 If Politics of Byzantium allows Free will, then Byzantine democracy Byzantine Oligarchy Byzantine Democracy Byzantine nodes can fully control order of commands + Free will (of correct nodes) Theorem 3.1 places fundamental limits to the degree to which it is possible to curb the influence of Byzantine nodes. Byzantine nodes can only have a limited effect on the order of commands = The ordering preferences of the honest nodes appear in the final ledger.
  • 18. 18 Fundamental Limitation ⚫ In real-world scenario, we cannot distinguish which one is Byzantine or not. ⚫ Therefore, we cannot completely eliminate Byzantine node’s influence from their order manipulation https://www.youtube.com/watch?v=m2wVye5FCS8&ab_channel=USENIX
  • 19. 19 Ordering properties (1) : Ordering Unanimity Ordering Unanimity Node1 prefers c1 < c2 < c3 Node2 prefers c1 < c3 < c2 Node3 prefers c3 < c1 < c2 c1 ... c2 … … express ordering preference from majority of nodes If all correct nodes prefer c1 < c2, then c1 < c2 in the output ledger
  • 20. 20 Ordering properties (1) : Ordering Unanimity Ordering Unanimity Node1 prefers c1 < c2 < c3 Node2 prefers c1 < c3 < c2 Node3 prefers c3 < c1 < c2 c1 ... c2 … … express ordering preference from majority of nodes Impossibility of ordering unanimity Node1 prefers c1 < c2 < c3 < c4 Node2 prefers c2 < c3 < c4 < c1 Node3 prefers c3 < c4 < c1 < c2 Node4 prefers c4 < c1 < c2 < c3 c1 < c2 : Node1, Node3, Node4 c2 < c3 : Node1, Node2, Node4 c3 < c4 : Node1, Node2, Node3 c4 < c1 : Node2, Node3, Node4 Ordering results : (Condorcet) Cycle Ordering results If all correct nodes prefer c1 < c2, then c1 < c2 in the output ledger
  • 21. 21 Ordering properties (1) : Ordering Unanimity Ordering Unanimity If all correct nodes prefer c1 < c2, then c1 < c2 in the output ledger Node1 prefers c1 < c2 < c3 Node2 prefers c1 < c3 < c2 Node3 prefers c3 < c1 < c2 c1 ... c2 … … express ordering preference from majority of nodes Impossibility of ordering unanimity Node1 prefers c1 < c2 < c3 < c4 Node2 prefers c2 < c3 < c4 < c1 Node3 prefers c3 < c4 < c1 < c2 Node4 prefers c4 < c1 < c2 < c3 c1 < c2 : Node1, Node3, Node4 c2 < c3 : Node1, Node2, Node4 c3 < c4 : Node1, Node2, Node3 c4 < c1 : Node2, Node3, Node4 Ordering results : (Condorcet) Cycle Ordering results
  • 22. 22 Ordering properties (2) : Ordering Linearizability Ordering Linearizability Escape the Condorcet cycle trap → real-time happened before, a relation that is inherently acyclic express ordering preference as timestamp Cmd 1 Cmd 2 Highest timestamp Lowest timestamp If all correct nodes confirms that cmd1’s highest timestamp is lower than cmd2’s lowest timestamp, then cmd1 is ordered before cmd2 Collect all correct node’s timestamp for cmd1
  • 23. 23 Pompe ⚫ A new protocol designed for Byzantine ordered consensus ⚫ A cleanly separate ordering phase for Byzantine ordered consensus and prevents Byzantine oligarchies by enforcing ordering linearizability ⚫ Two phase architecture: Ordering / (modular) Consensus phase Ordering phase Consensus phase Node 1 <Request TS, c> <ResponseTS, c, ts> <Sequence, c, T> <SequenceResponse, ack, h> Node 2 Node 3 Node 4 Ordering Linearizability HotStuff SBFT Locks #n-th entry in the ledger In a way that Byzantine nodes cannot alter Reach consensus on a stable prefix of the final sequence, following the total ordering decisions in the ordering phase
  • 24. 24 System Model ⚫ A distributed system with a set of n = 3f + 1, where up to f nodes can be Byzantine ⚫ Standard cryptographic primitives ⚫ Each node holds a private / public key to digitally sign / verify messages ⚫ An adversarial network that can drop, reorder, or delay messages, but weak synchrony for liveness ⚫ Each node has access to a timer, which produces monotonically increasing timestamps each time it is queried.
  • 25. 25 Pompe: Ordering Phase ⚫ Uses timestamps as ordering indicators. ⚫ Two steps • 1. Pick the median timestamp to exclude Byzantine timestamps • 2. Determine ledger position based on median timestamp Node 1 <RequestTS, c> <ResponseTS, c, ts> <Sequence, c, T> <SequenceResponse, ack, h> Node 2 Node 3 Node 4 Wait for 2f+1 timestamps → Pick the median Wait for 2f+1 responses (quorum) → Determine c’s position (k) in the ledger h: (hash of sequence)
  • 26. 26 Pompe: Consensus Phase ⚫ Ensure that all correct nodes reach consensus on a certain prefix of the total order constructed in the ordering phase ⚫ Can employ any standard leader-based BFT SMR protocol <Collect, k> <CollectResponse, k, S> Leader-based BFT SMR (e.g., HotStuff) Node 1 Node 2 Node 3 Node 4 k: consensus slot (ledger position)
  • 27. 27 Implementation ⚫ Implementing Pompe extends existing leader-based consensus protocols • SBFT (DSN’19) , HotStuff (PODC’19) https://github.com/vmware/concord-bft https://github.com/hot-stuff/libhotstuff
  • 28. 28 Experimental Setup ⚫ Deploy nodes at Azure cloud platform • 100 Standard D16s_v3 (16 vcpus, 64 GB memory) VMs • Each running Ubuntu Linux 18.04 • 34 in West US, 33 in SouthEast Asia, and 33 in North Europe ⚫ Experiments only for failure-free executions ⚫ Clients that submit their commands in a closed loop • Submits a next command after receiving a response ⚫ Benchmark that writes a random value to a randomly selected key in a key-value store. ⚫ Performance metrics • client-perceived latency (measured in ms) • Ordering latency / Consensus latency • throughput (in commands/second).
  • 29. 29 Evaluation: Pompe at Single Datacenter Batch size of consensus phase Batch size of ordering phase Pompe’s separation of ordering / consensus phase enables higher batching opportunities Pompe has higher latency than its baseline four-node configuration in single datacenter 50ms 58.8ms
  • 30. 30 Evaluation: Pompe at Geo-distribution Geo-distributed
  • 31. 31 Evaluation: Pompe at Geo-distribution
  • 32. 32 Conclusion ⚫ There is a fundamental gap between the traditional SMR correctness specification and the threat from order manipulation in blockchain ⚫ Proposes, a new primitive, Byzantine Ordered Consensus, that allows rigorous expression and efficient enforcement of ordering requirements ⚫ Design a modular architecture for Byzantine ordered consensus and built Pompe which enforces ordering linearizability with performance comparable to state-of-the-art systems
  • 34. 34 Byzantine Fault Tolerance Consensus on the order of commands cmd cmd cmd cmd n n+1 n-1 n-2 Sequence number cmd Primary determines order of comma nds
  • 35. 35 Byzantine Oligarchy Definition. Byzantine Oligarchy A protocol execution is subject to a Byzantine oligarchy if and only if, for all profiles of correct nodes PC, for all pairs of commands c1 and c2 in PC, there exists a trace for PC that results in c1 before c2 in the ledgers of correct nodes and another trace for PC that results in c2 before c1 in the ledgers of correct nodes.
  • 36. 36 Free will & Byzantine Democracy Definition. Byzantine Democracy We say that a protocol upholds Byzantine democracy if and only if there exists a profile of correct nodes PC, such that for all pairs of commands c1 and c2 in PC, there exists a trace for PC that results in c1 before c2 in the ledgers of correct nodes and another trace for PC that results in c2 before c1 in the ledgers of correct nodes. Definition. Free will We say that a protocol respects the nodes’ free will if and only if (i) for all profiles of correct nodes PC , there exists a trace for PC, such that all commands in PC appear in the ledgers of correct nodes in the trace and (ii) there exist two profiles PA and PB, such that, for all commands c1 and c2 that appear in both profiles, there exists a trace for PA that results in c1 before c2 in the ledgers of correct nodes and there exists a trace for PB that results in c2 before c1 in the ledgers of correct nodes.
  • 37. 37
  • 38. 38
  • 39. 39
  • 40. 40