On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine...
Transcript of On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine...
![Page 1: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/1.jpg)
On the Design and Accountability of Byzantine Fault Tolerant Protocols
Ethan BuchmanTendermint, University of Guelph
Jan 27 2017 BPASE - Stanford
![Page 2: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/2.jpg)
Holy Grail
- Formal framework for reasoning about and proving properties of consensus protocols
- A general purpose abstraction over consensus protocols
- “Protocol Picker” - client provides assumptions (trust, time, failures, crypto, etc), we return optimal protocol
![Page 3: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/3.jpg)
Contents
- Background: - Safety, Liveness, Asynchrony, Byzantium
- Accountability and Justification- Failure Detectors, Evidence
- PBFT and co.
- Application-Blockchain-Interface
![Page 4: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/4.jpg)
Background
![Page 5: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/5.jpg)
It’s Impossible!
(in deterministic protocols in
asynchronous networks)
Consensus
![Page 6: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/6.jpg)
Not so fast ...
![Page 7: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/7.jpg)
Partial Synchrony
![Page 8: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/8.jpg)
Common Coin (or, that random trick)
![Page 9: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/9.jpg)
Safety and Liveness
![Page 10: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/10.jpg)
Primaries and Views
Yahya Jammeh
Adama Barrow
![Page 11: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/11.jpg)
Quorum
![Page 12: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/12.jpg)
Byzantium
Additional phases of communication are required to detect a liar
Three processes is not enough to tolerate one liar across a network partition.
![Page 13: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/13.jpg)
Accountability and Justification
![Page 14: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/14.jpg)
Failure Detectors
“Unreliable failure detectors for reliable distributed systems”
→ an abstraction over “timeouts”→ alternative way to model synchrony
Chandra, Tushar Deepak, and Sam Toueg. "Unreliable failure detectors for reliable distributed systems." Journal of the ACM (JACM) 43.2 (1996): 225-267
Chandra, Tushar Deepak, Vassos Hadzilacos, and Sam Toueg. "The weakest failure detector for solving consensus." Journal of the ACM (JACM) 43.4 (1996): 685-722.
![Page 15: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/15.jpg)
Failure Detectors
♦S
Strong Completeness: Eventually every process that crashes is permanently suspected by (the FD of) every correct process.
Eventual Weak Accuracy (EWA): Eventually some correct process is never suspected by (the FD of) any correct process.
Ω
Eventual Perpetual Uniform Trust: Eventually all correct processes always trust the same correct process.
Nestmann, Uwe, Rachele Fuzzati, and Massimo Merro. "Modeling consensus in a process calculus." International Conference on Concurrency Theory. Springer Berlin Heidelberg, 2003.
![Page 16: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/16.jpg)
Byzantine Failure Detectors
- Byzantine version of Chandra & Toueg- Omission and Commission - All messages contain “justification”
- PeerReview- Shared tamper-evident, append-only record of every node’s activity - Uses hash-chains and local witnesses ensure each node has one log
Kihlstrom, Kim Potter, Louise E. Moser, and P. Michael Melliar-Smith. "Byzantine fault detectors for solving consensus." The Computer Journal 46.1 (2003): 16-35.
Haeberlen, Andreas, Petr Kouznetsov, and Peter Druschel. "PeerReview: Practical accountability for distributed systems." ACM SIGOPS operating systems review. Vol. 41. No. 6. ACM, 2007.
![Page 17: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/17.jpg)
Byzantine Faults
Eliminated:- Random Junk (input validation)- Impersonation (public key crypto)
Tolerated (up to f):- Omission - Duplicity- Fraud
![Page 18: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/18.jpg)
Tolerance vs Detection
Tolerance simply masks the fault
Detection exposes it and the perpetrator
![Page 19: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/19.jpg)
Accountability
![Page 20: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/20.jpg)
Accountability
A BFT protocol is accountable if, in the event of a safety violation, it is possible for correct nodes to eventually determine exactly which nodes caused the violation
![Page 21: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/21.jpg)
Evidence and Justification
![Page 22: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/22.jpg)
Evidence and Justification
“Slasher”
https://blog.ethereum.org/2014/01/15/slasher-a-punitive-proof-of-stake-algorithm/
![Page 23: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/23.jpg)
Evidence and Justification
Conjectures:
1) All safe BFT protocols are accountable 2) BFT protocols which are accountable by detection of fraud
can be transformed to ones that are accountable by detection of duplicity by including “justification” in messages
![Page 24: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/24.jpg)
PBFT
![Page 25: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/25.jpg)
PBFT
![Page 26: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/26.jpg)
Tendermint
![Page 27: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/27.jpg)
Tendermint Performance
https://github.com/tendermint/network_testing
7 datacenters on 5 continents (AWS - c3.8xlarge)
![Page 28: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/28.jpg)
Application Blockchain Interface (ABCI)
![Page 29: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/29.jpg)
Somebody else’s state machine
- Zookeeper, etcd, consul- Fancy key-value store- Emphasis on distributed systems tasks (dynamic config, locking,
etc.)
- Bitcoin- “Programmable money”- “Functional programming” - no state (!), contracts renewed
every transaction- Forth like, purposefully not Turing-complete
- Ethereum- “Smart contracts”- “Contract-oriented” - stateful contracts live independently on the
blockchain- Turing complete (Ethereum Virtual Machine)
![Page 30: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/30.jpg)
ABCI
SECURITY & NETWORKING PLATFORMS
APPLICATION PLATFORMS
SOCKET PROTOCOLSCGI ABCI
Tendermint
![Page 31: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/31.jpg)
ABCI
![Page 32: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/32.jpg)
ABCI
![Page 33: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/33.jpg)
ABCI
![Page 34: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/34.jpg)
Cosmos Network (Scalable Cryptocurrency)
https://cosmos.network
![Page 35: On the Design and Accountability of Byzantine Fault ...On the Design and Accountability of Byzantine Fault Tolerant Protocols Ethan Buchman Tendermint, University of Guelph Jan 27](https://reader033.fdocuments.us/reader033/viewer/2022042002/5e6e5499a9177c09ac18a56b/html5/thumbnails/35.jpg)
Thanks!
https://tendermint.com
https://cosmos.network
https://github.com/tendermint/tendermint