[论文解读] Blockchain Consensus Protocols in the Wild
本文综述了在许可区块链中使用的共识协议,倡导正式的安全模型和公开评审,并比较了各平台的鲁棒性。
A blockchain is a distributed ledger for recording transactions, maintained by many nodes without central authority through a distributed cryptographic protocol. All nodes validate the information to be appended to the blockchain, and a consensus protocol ensures that the nodes agree on a unique order in which entries are appended. Consensus protocols for tolerating Byzantine faults have received renewed attention because they also address blockchain systems. This work discusses the process of assessing and gaining confidence in the resilience of a consensus protocols exposed to faults and adversarial nodes. We advocate to follow the established practice in cryptography and computer security, relying on public reviews, detailed models, and formal proofs; the designers of several practical systems appear to be unaware of this. Moreover, we review the consensus protocols in some prominent permissioned blockchain platforms with respect to their fault models and resilience against attacks. The protocol comparison covers Hyperledger Fabric, Tendermint, Symbiont, R3~Corda, Iroha, Kadena, Chain, Quorum, MultiChain, Sawtooth Lake, Ripple, Stellar, and IOTA.
研究动机与目标
- 倡导以密码学风格的方法来评估共识协议,使用正式模型和公开评审。
- 调查许可区块链中使用的共识机制,并对比它们的故障模型与鲁棒性。
- 突出随意设计协议的风险以及对标准化验证实践的需求。
- 提供现实实现中各个平台在鲁棒性和安全性方面的逐平台对比。
提出的方法
- 讨论在区块链协议中对正式安全模型、信任假设和公开验证的需要。
- 回顾状态机复制作为区块链共识的基础及其在最终同步性下的两个关键属性:安全性和活性。
- 比较容错(Paxos/VSR)与拜占庭容错(PBFT)共识族及它们在许可区块链中的适用性。
- 分析一个具体的有缺陷的协议(Tangaroa)以说明常见设计陷阱以及正确的 BRB/BCB 原语的重要性。
实验结果
研究问题
- RQ1当前许可区块链协议所依托的共识模型和故障假设是什么?
- RQ2著名的许可区块链平台在对崩溃故障与拜占庭故障的鲁棒性方面有何差异?
- RQ3行业实现中采用了哪些形式化方法和验证实践,哪些又缺乏?
- RQ4在实际应用中,基于 Paxos/VSR 与 PBFT 的方法各自的代表性优点与缺点是什么?
- RQ5从已识别的陷阱(如 Tangaroa)中可以为未来的协议设计汲取哪些经验教训?
主要发现
- Consensus protocols in permissioned blockchains require clearly stated trust assumptions and formal reasoning to be considered trustworthy.
- There is a broad gap between cryptographic practice and industry deployment in blockchain protocol design, with many implementations lacking formal validation.
- Paxos/VSR and PBFT families underpin most crash-tolerant and Byzantine fault-tolerant protocols, respectively, with well-understood progress through views and leader election.
- PBFT/BFT-SMaRt provide robust Byzantine fault tolerance with demonstrated performance in LAN/WAN settings, whereas ad-hoc extensions (e.g., Tangaroa) can fail safety or liveness.
- Some platforms separate ordering from transaction validation to improve scalability and flexibility (e.g., Hyperledger Fabric V1 with Kafka-based ordering).
- Fewer implementations achieve rigorous live and safe Byzantine consensus in practice, underscoring the value of formal proofs and public review.
更好的研究,从现在开始
从论文设计到论文写作,大幅缩短您的研究时间。
无需绑定信用卡
本解读由 AI 生成,并经人工编辑审核。