Decentralized ThoughtsDecentralized thoughts about decentralization
https://decentralizedthoughts.github.io
BFT Protocol Forensics
An important property satisfied by any Byzantine fault tolerant consensus protocol is agreement, which requires non-faulty replicas to not decide on conflicting values. Depending on the network model, typical consensus protocols tolerate only a fraction of Byzantine replicas. In particular, under partial synchrony or asynchrony, no consensus protocol with $n$...
Thu, 19 Nov 2020 14:00:00 -1100
https://decentralizedthoughts.github.io/2020-11-19-bft-protocol-forensics/
https://decentralizedthoughts.github.io/2020-11-19-bft-protocol-forensics/Resolving the Availability-Finality Dilemma
Guest post by Joachim Neu, Ertem Nusret Tas, and David Tse DLS and Nakamoto: Where to Go From Synchrony? An earlier blog post has explained classical models of the consensus literature from the 1980s, synchrony, asynchrony and partial synchrony. To recapitulate, the most basic network/adversary model is synchrony, where it...
Sat, 31 Oct 2020 18:16:00 -1100
https://decentralizedthoughts.github.io/2020-10-31-ebb-and-flow-protocols-a-resolution-of-the-availability-finality-dilemma/
https://decentralizedthoughts.github.io/2020-10-31-ebb-and-flow-protocols-a-resolution-of-the-availability-finality-dilemma/Living with Asynchrony: Bracha's Reliable Broadcast
In this series of posts, we explore what can be done in the Asynchronous model. This model seems challenging because the adversary can delay messages by any bounded time. By the end of this series, you will see that almost everything that can be done in synchrony can be obtained...
Sat, 19 Sep 2020 02:05:00 -1100
https://decentralizedthoughts.github.io/2020-09-19-living-with-asynchrony-brachas-reliable-broadcast/
https://decentralizedthoughts.github.io/2020-09-19-living-with-asynchrony-brachas-reliable-broadcast/Broadcast from Agreement and Agreement from Broadcast
In this post, we highlight the connection between Broadcast and Agreement in the synchronous model. Broadcast and Agreement: How can you implement one from the other? We defined Agreement and Broadcast in a previous post, here is a recap: Agreement A set of $n$ nodes where each node $i$ has...
Mon, 14 Sep 2020 03:07:00 -1100
https://decentralizedthoughts.github.io/2020-09-14-broadcast-from-agreement-and-agreement-from-broadcast/
https://decentralizedthoughts.github.io/2020-09-14-broadcast-from-agreement-and-agreement-from-broadcast/Commit-Notify Paradigm for Synchronous Consensus with Omission Faults
We continue our series of posts on State Machine Replication (SMR). In this post, we move from consensus under crash failures to consensus under omission failures. We still keep the synchrony assumption. Let’s begin with a quick overview of what we covered in previous posts: Upper bound: We can tolerate...
Sun, 13 Sep 2020 08:09:00 -1100
https://decentralizedthoughts.github.io/2020-09-13-synchronous-consensus-omission-faults/
https://decentralizedthoughts.github.io/2020-09-13-synchronous-consensus-omission-faults/What is a Cryptographic Hash Function?
If you ever tried to understand Bitcoin, you’ve probably banged your head against the wall trying to understand what is a cryptographic hash function? The goal of this post is to: Give you a very simple mental model for how hash functions work, called the random oracle model Give you...
Fri, 28 Aug 2020 06:05:00 -1100
https://decentralizedthoughts.github.io/2020-08-28-what-is-a-cryptographic-hash-function/
https://decentralizedthoughts.github.io/2020-08-28-what-is-a-cryptographic-hash-function/Private Set Intersection #2
In the first post on Private Set Intersection, I presented the problem of Private Set Intersection, its applications and the simple protocol of [KMRS14], that allows Alice and Bob to learn the intersection of their sets with the aid of an untrusted third party Steve who is assumed to not...
Sun, 26 Jul 2020 12:00:00 -1100
https://decentralizedthoughts.github.io/2020-07-26-private-set-intersection-2/
https://decentralizedthoughts.github.io/2020-07-26-private-set-intersection-2/Polynomial Secret Sharing and the Lagrange Basis
In this post, we highlight an amazing result: Shamir’s secret sharing scheme. This is one of the most powerful uses of polynomials over a finite field in distributed computing. Intuitively, this scheme allows a $Dealer$ to commit to a secret $s$ by splitting it into shares distributed to $n$ parties....
Fri, 17 Jul 2020 07:23:00 -1100
https://decentralizedthoughts.github.io/2020-07-17-polynomial-secret-sharing-and-the-lagrange-basis/
https://decentralizedthoughts.github.io/2020-07-17-polynomial-secret-sharing-and-the-lagrange-basis/The Marvels of Polynomials over a Field
In this series of posts, we explore the mathematical foundations of polynomials over a field. These objects are at the heart of several results in computer science: secret sharing, Multi Party Computation, Complexity, and Zero Knowledge protocols. All this wonder and more can be traced back to a very useful...
Fri, 17 Jul 2020 06:55:00 -1100
https://decentralizedthoughts.github.io/2020-07-17-the-marvels-of-polynomials-over-a-field/
https://decentralizedthoughts.github.io/2020-07-17-the-marvels-of-polynomials-over-a-field/Asynchronous Fault Tolerant Computation with Optimal Resilience
A basic question of distributed computing: Is there a fundamental limit to fault tolerant computation in the Asynchronous model? The celebrated FLP theorem says that any protocol that solves Agreement in the asynchronous model that is resilient to at least one crash failure must have a non-terminating execution. This means...
Tue, 14 Jul 2020 21:39:00 -1100
https://decentralizedthoughts.github.io/2020-07-14-asynchronous-fault-tolerant-computation-with-optimal-resilience/
https://decentralizedthoughts.github.io/2020-07-14-asynchronous-fault-tolerant-computation-with-optimal-resilience/Encrypted Blockchain Databases (Part II)
In this second part of the series on Encrypted Blockchain Databases, we are going to describe three schemes to store dynamic encrypted multi-maps (EMMs) on blockchains, each of which achieves different tradeoffs between query, add and delete efficiency. A List-Based Scheme (LSX) Recall that a multi-map is a collection of...
Fri, 10 Jul 2020 09:25:00 -1100
https://decentralizedthoughts.github.io/2020-07-10-encrypted-blockchain-databases-part-ii/
https://decentralizedthoughts.github.io/2020-07-10-encrypted-blockchain-databases-part-ii/Encrypted Blockchain Databases (Part I)
Blockchain databases are storage systems that combine properties of both blockchains and databases like decentralization, tamper-resistance, low query latency, and support for complex queries. As they gain wider adoption, concerns over the confidentiality of the data they manage will increase. Already, several projects use blockchains to store sensitive data like...
Fri, 10 Jul 2020 09:10:00 -1100
https://decentralizedthoughts.github.io/2020-07-10-encrypted-blockchain-databases-part-i/
https://decentralizedthoughts.github.io/2020-07-10-encrypted-blockchain-databases-part-i/The First Blockchain or How to Time-Stamp a Digital Document
This post is about the work of Stuart Haber and W. Scott Stornetta from 1991 on How to Time-Stamp a Digital Document and their followup paper Improving the Efficiency and Reliability of Digital Time-Stamping. In many ways, this work introduced the idea of a chain of hashes to create a...
Sun, 05 Jul 2020 15:58:00 -1100
https://decentralizedthoughts.github.io/2020-07-05-the-first-blockchain-or-how-to-time-stamp-a-digital-document/
https://decentralizedthoughts.github.io/2020-07-05-the-first-blockchain-or-how-to-time-stamp-a-digital-document/On the Optimality of Optimistic Responsiveness
Synchronous consensus protocols tolerating Byzantine failures depend on the maximum network delay $\Delta$ for their safety and progress. The delay, $\Delta$ is usually much larger than actual network delay $\delta$ since $\Delta$ is a pessimistic value. While synchronous protocols tolerating more than one-third will have executions with at least a...
Thu, 11 Jun 2020 21:10:00 -1100
https://decentralizedthoughts.github.io/2020-06-11-optimal-optimistic-responsiveness/
https://decentralizedthoughts.github.io/2020-06-11-optimal-optimistic-responsiveness/Streamlet: A Simple Textbook Blockchain Protocol
Guest post by Benjamin Chan and Elaine Shi In this post, we describe an extraordinarily simple blockchain protocol called Streamlet. Consensus is a complex problem and has been studied since the 1980s. More recently, blockchain research has spawned many new works aiming for performance and ease-of-implementation. However, simple, understandable protocols...
Thu, 14 May 2020 06:48:00 -1100
https://decentralizedthoughts.github.io/2020-05-14-streamlet/
https://decentralizedthoughts.github.io/2020-05-14-streamlet/Bilinear Accumulators for Cryptocurrency Enthusiasts
Accumulator schemes are an alternative to Merkle Hash Trees (MHTs) for committing to sets of elements. Their main advantages are: Constant-sized membership and non-membership proofs, an improvement over logarithmic-sized proofs in MHTs, Algebraic structure that enables more efficient proofs about committed elements1 (e.g., ZeroCoin2 uses RSA accumulators for anonymity), Constant-sized...
Wed, 01 Apr 2020 21:10:00 -1100
https://decentralizedthoughts.github.io/2020-04-01-bilinear-accumulators-for-cryptocurrency/
https://decentralizedthoughts.github.io/2020-04-01-bilinear-accumulators-for-cryptocurrency/Private Set Intersection
Private Set Intersection (PSI) is a problem within the broader field of secure computation. The PSI problem There are two friends Alice and Bob such that Alice has a set of items $A=(a_1,\ldots,a_n)$ and Bob has the set $B=(b_1,\ldots,b_n)$. The goal is to design a protocol by which Alice and...
Sun, 29 Mar 2020 07:00:00 -1100
https://decentralizedthoughts.github.io/2020-03-29-private-set-intersection-a-soft-introduction/
https://decentralizedthoughts.github.io/2020-03-29-private-set-intersection-a-soft-introduction/Range Proofs from Polynomial Commitments, Re-explained
This is a re-exposition of a post here by Dan Boneh, Ben Fisch, Ariel Gabizon, and Zac Williamson, with a few more details on why the polynomial relations hold. They construct a simple zero knowledge range proof from a hiding polynomial commitment scheme (PCS), such as KZG1. $$ \def\Fp{\mathbb{F}_p} \def\FF{\Fp^{\scriptscriptstyle{(<n)}}[X]}...
Mon, 02 Mar 2020 21:00:00 -1100
https://decentralizedthoughts.github.io/2020-03-02-range-proofs-from-polynomial-commitments-reexplained/
https://decentralizedthoughts.github.io/2020-03-02-range-proofs-from-polynomial-commitments-reexplained/Blockchain Selfish Mining
Proof of Work (PoW) Blockchains implement a form of State Machine Replication (SMR). Unlike classical SMR protocols, they are open, i.e., anyone can join the system, and the system incentivizes participants, called miners, to follow the protocol. Therefore, unlike classical SMR protocols, reasoning about blockchain security relies not only on...
Wed, 26 Feb 2020 04:00:00 -1100
https://decentralizedthoughts.github.io/2020-02-26-selfish-mining/
https://decentralizedthoughts.github.io/2020-02-26-selfish-mining/Dolev-Strong Authenticated Broadcast
This post is about the classic result from 1983 on authenticated broadcast against a Byzantine adversary: Theorem (Dolev-Strong [1983]): there exists an authenticated protocol for solving broadcast, against any adversary controlling $t<n$ out of $n$ parties, in $t+1$ rounds, using $O(n^2t)$ words Recall Broadcast properties: (1) Termination - all honest...
Sun, 22 Dec 2019 06:05:00 -1100
https://decentralizedthoughts.github.io/2019-12-22-dolev-strong/
https://decentralizedthoughts.github.io/2019-12-22-dolev-strong/