Decentralized ThoughtsDecentralized thoughts about decentralization
https://decentralizedthoughts.github.io
Simpler Security proof for Nakamoto Consensus
Four years ago (time flies!), I made a post on a simple security proof for Nakamoto consensus. While the proof intuition, as outlined in that post, is still reasonably simple, the actual proof has become quite delicate and crafty over the years. What happened was that some colleagues – Chen...
Mon, 30 Oct 2023 02:55:00 -0400
https://decentralizedthoughts.github.io/2023-10-30-Analysis-Nakamoto/
https://decentralizedthoughts.github.io/2023-10-30-Analysis-Nakamoto/Scaling Blockchains: the Power of Batching
A few years ago if you asked “Can blockchains scale?” most people would give three reasons why, fundamentally, the answer is “No!” Data: every transaction needs to be replicated by every miner (validator). So increasing security by adding more validators inherently causes more replication. Having $n$ validators implies that your...
Sat, 30 Sep 2023 08:00:00 -0400
https://decentralizedthoughts.github.io/2023-09-30-scaling/
https://decentralizedthoughts.github.io/2023-09-30-scaling/The Fast Fourier Transform over finite fields
The Fast Fourier Transform (FFT) developed by Cooley and Tukey in 1965 has its origins in the work of Gauss. The FFT, its variants and extensions to finite fields, are a fundamental algorithmic tool and a beautiful example of interplay between algebra and combinatorics. There are many great resources on...
Fri, 01 Sep 2023 08:00:00 -0400
https://decentralizedthoughts.github.io/2023-09-01-FFT/
https://decentralizedthoughts.github.io/2023-09-01-FFT/Asynchronous Agreement on a Core Set
A challenging step in many asynchronous protocols is agreeing on a set of parties that completed some task. For example, an asynchronous protocol might start off with parties reliably broadcasting a value. Due to asynchrony and having $\leq f$ corruptions, honest parties can only wait for $n-f$ parties to complete...
Sat, 22 Jul 2023 08:00:00 -0400
https://decentralizedthoughts.github.io/2023-07-22-agreeemnt-on-a-core-set/
https://decentralizedthoughts.github.io/2023-07-22-agreeemnt-on-a-core-set/Can we Obtain Privacy in a Private Proof-of-Stake Blockchain? Part-II
This is Part-II of a two-part post on privacy in private proof-of-stake blockchains. In Part-I, we explored attacks on existing private PoS approaches. In this post, we will discuss some ways to obtain privacy (at the expense of safety and/or liveness). A Three-Way Trade-Off between Safety, Liveness, and Privacy Madathil...
Fri, 21 Jul 2023 01:00:00 -0400
https://decentralizedthoughts.github.io/2023-07-21-ppos2/
https://decentralizedthoughts.github.io/2023-07-21-ppos2/Can we Obtain Privacy in a Private Proof-of-Stake Blockchain? Part-I
In this two-part post, we focus on the challenges and subtleties involved in obtaining privacy in private proof-of-stake (PoS) blockchains. For instance, designs that attempt to obtain privacy for transaction details while still relying on PoS, such as Ouroboros Crypsinous. The first part explains attacks on existing approaches, and the...
Fri, 21 Jul 2023 01:00:00 -0400
https://decentralizedthoughts.github.io/2023-07-21-ppos1/
https://decentralizedthoughts.github.io/2023-07-21-ppos1/The CAP Theorem and why State Machine Replication for Two Servers and One Crash Failure is Impossible in Partial Synchrony
In 1999, Fox and Brewer published a paper on the CAP principle, where they wrote: Strong CAP Principle. Strong Consistency, High Availability, Partition-resilience: Pick at most 2. At PODC 2000, Brewer gave an invited talk where he popularized the CAP theorem (an unproven conjecture at the time), which was later...
Sun, 09 Jul 2023 14:00:00 -0400
https://decentralizedthoughts.github.io/2023-07-09-CAP-two-servers-in-psynch/
https://decentralizedthoughts.github.io/2023-07-09-CAP-two-servers-in-psynch/$3f+1$ is needed in Partial Synchrony even against a Rollback adversary
We covered the classic DLS88 split brain impossibility result against a Byzantine adversary in a previous post: DLS88: (Theorem 4.4) It is impossible to solve Agreement under partial synchrony against a Byzantine adversary if $f \geq n/3$. In a follow up post, we discussed how CJKR12 strengthen this result by...
Mon, 26 Jun 2023 07:00:00 -0400
https://decentralizedthoughts.github.io/2023-06-26-dls-meets-rollback/
https://decentralizedthoughts.github.io/2023-06-26-dls-meets-rollback/Blockchains + TEEs Day 2 Summary
This is the second of the two part post on the workshop on Blockchains + TEEs that concluded last week. Here are the key ideas from Day 2. You can find the post summarizing Day 1 here. Nick Hynes: Practical Secure Decentralized Computing Nick discussed the use of TEEs by...
Mon, 17 Apr 2023 01:00:00 -0400
https://decentralizedthoughts.github.io/2023-04-17-blockchainsplustees-day2-summary/
https://decentralizedthoughts.github.io/2023-04-17-blockchainsplustees-day2-summary/Blockchains + TEEs Day 1 Summary
Our workshop on Blockchains + TEEs concluded last week. We had a fantastic series of talks and discussions on both days of the workshop. In this two part post, we highlight some key takeaways from each of the days. Natacha Crooks: In Trusted BFT Components, we (Mostly?) Trust In her...
Sun, 09 Apr 2023 01:00:00 -0400
https://decentralizedthoughts.github.io/2023-04-09-blockchainsplustees-day1-summary/
https://decentralizedthoughts.github.io/2023-04-09-blockchainsplustees-day1-summary/What is the difference between PBFT, Tendermint, HotStuff, and HotStuff-2?
We recently published our work HotStuff-2 on eprint, introducing a two-phase HotStuff variant which simultaneously achieves $O(n^2)$ worst-case communication, optimistically linear communication, a two-phase commit regime within a view, and optimistic responsiveness in partially-synchronous BFT. The main takeaway is that two phases are enough for BFT after all. In this...
Sat, 01 Apr 2023 01:00:00 -0400
https://decentralizedthoughts.github.io/2023-04-01-hotstuff-2/
https://decentralizedthoughts.github.io/2023-04-01-hotstuff-2/Randomization and Consensus - synchronous binary agreement for minority omission failures
Continuing the series on simple ways where randomization can help solve consensus. The model is lock-step (synchrony) with $f<n/2$ omission failures. We know that in the worst case reaching agreement takes at least $f+1$ rounds. Can randomization help reduce the expected number of rounds? In the post, we show a...
Sun, 19 Feb 2023 06:00:00 -0500
https://decentralizedthoughts.github.io/2023-02-19-rand-and-consensus-2/
https://decentralizedthoughts.github.io/2023-02-19-rand-and-consensus-2/Randomization and Consensus - synchronous binary agreement for crash failures with a perfect common coin
What is the simplest setting where randomization can help solve consensus? Assume lock-step (synchrony) with $f<n$ crash failures. We know that in the worst case reaching agreement takes at least $f+1$ rounds. This lower bound holds even if the protocol is randomized so the natural question is: Can randomization help...
Sat, 18 Feb 2023 06:00:00 -0500
https://decentralizedthoughts.github.io/2023-02-18-rand-and-consensus-1/
https://decentralizedthoughts.github.io/2023-02-18-rand-and-consensus-1/Can we Obtain Player Replaceability and Forensic Support Simultaneously?
Forensic support is an important property of BFT protocols that addresses the other side of security: what happens when the number of malicious parties exceeds the allowable threshold? In a previous post, we systematically studied different BFT protocols to assess their ability to detect and prove malicious behavior when safety...
Mon, 30 Jan 2023 20:00:00 -0500
https://decentralizedthoughts.github.io/2023-01-30-player-replaceability-forensic-support/
https://decentralizedthoughts.github.io/2023-01-30-player-replaceability-forensic-support/What are Blockchains Useful for, Really?
Blockchains, or the decentralized ledger, are touted as the next big disruptive technology, as big as the Internet was in the 90s. What are these blockchains useful for, really? While there are relevant use cases, many examples people use that are either far too academic to be useful or are...
Thu, 12 Jan 2023 00:00:00 -0500
https://decentralizedthoughts.github.io/2023-01-12-what-are-blockchains-useful-for-really/
https://decentralizedthoughts.github.io/2023-01-12-what-are-blockchains-useful-for-really/Pairing-based Anonymous Credentials and the Power of Re-randomization
David Chaum wrote in 1985: Large-scale automated transaction systems are imminent. The architecture chosen for these systems may have a long-term impact on the centralization of our economic system, on some of our basic liberties, and even on our democracy. The initial choice of direction will gather economic and societal...
Sun, 08 Jan 2023 04:00:00 -0500
https://decentralizedthoughts.github.io/2023-01-08-re-rand-cred/
https://decentralizedthoughts.github.io/2023-01-08-re-rand-cred/Player Replaceability - Towards Adaptive Security and Sub-quadratic Communication Simultaneously (Part II)
This is part II of a two-part post on player-replaceability. Part I can be found here. Towards Adaptive Security for a Committee-based Protocol The protocol described in the previous post achieved sub-quadratic communication. At a high-level, the key idea is to randomly sample an appropriate number parties in a committee,...
Thu, 05 Jan 2023 00:00:00 -0500
https://decentralizedthoughts.github.io/2023-01-05-player-replaceability-II/
https://decentralizedthoughts.github.io/2023-01-05-player-replaceability-II/Player Replaceability - Towards Adaptive Security and Sub-quadratic Communication Simultaneously (Part I)
This is part I of a two-part post on the concept of player-replaceability. In Nakamoto consensus, proof-of-work (PoW) provides us with an interesting set of properties with respect to the adaptivity of the adversary: Unpredictability. Block winners are elected uniformly at random proportional to their computation power, thus, an adversary...
Thu, 05 Jan 2023 00:00:00 -0500
https://decentralizedthoughts.github.io/2023-01-05-player-replaceability-I/
https://decentralizedthoughts.github.io/2023-01-05-player-replaceability-I/Responsiveness under omission failures
In this post, we discuss log replication responsiveness in the context of omission failures. We show how to transform the protocol in our previous post to a multi-shot version of Paxos for omission faults. The Byzantine failure case uses similar ideas and is covered in the next post of this...
Tue, 27 Dec 2022 08:00:00 -0500
https://decentralizedthoughts.github.io/2022-12-27-responsiveness-omission/
https://decentralizedthoughts.github.io/2022-12-27-responsiveness-omission/Set Replication - fault tolerance without total ordering
While state machine replication is the gold standard for implementing any (public) ideal functionality, its power comes at the cost of needing to totally order all transactions and as a consequence solve (Byzantine) agreement. In some cases this overhead is unnecessary. In the non-byzantine setting, the fundamental observation that sometimes...
Tue, 27 Dec 2022 04:00:00 -0500
https://decentralizedthoughts.github.io/2022-12-27-set-replication/
https://decentralizedthoughts.github.io/2022-12-27-set-replication/