Accountability (1) L2 (1) SMR (10) VSS (1) accountability (1) accumulators (1) asynchrony (7) bilinear accumulators (1) bilinear maps (1) blockchain (10) blockchain 101 (1) blockchain databases (2) blockchain101 (11) collision-resistance (1) collision-resistant-hash-function (1) consensus (3) crypto101 (2) cryptography (6) dist101 (54) encrypted search (2) ethereum (1) game_theory (2) hash-function (1) hashing (1) incentives (2) integrity (2) kzg (1) lowerbound (16) merkle-hash-tree (1) models (4) non-equivocation (1) omission (3) one-wayness (1) paxos (1) permissionless (1) polynomials (2) privacy (1) private-set-intersection (3) raft (1) random-oracle (1) randomness (3) range-proofs (1) research (15) responsiveness (1) secret sharing (5) synchronous protocols (3) zero-knowledge (2)

 Accountability (1)

BFT Protocol Forensics

 L2 (1)

He-HTLC - Revisiting Incentives in HTLC

 SMR (10)

Consensus by Dfinity - Part I
Consensus by Dfinity - Part II (Internet Computer Consensus)
2-round BFT SMR with n=4, f=1
Good-case Latency of Byzantine Broadcast: a Complete Categorization
Resolving the Availability-Finality Dilemma
Commit-Notify Paradigm for Synchronous Consensus with Omission Faults
On the Optimality of Optimistic Responsiveness
Sync HotStuff, A Simple and Practical State Machine Replication
Primary-Backup for Two Servers and One Omission Failure is Impossible
Primary-Backup State Machine Replication for Crash Failures

 VSS (1)

Asynchronous Fault Tolerant Computation with Optimal Resilience

 accountability (1)

Can we Obtain Player Replaceability and Forensic Support Simultaneously?

 accumulators (1)

Bilinear Accumulators for Cryptocurrency Enthusiasts

 asynchrony (7)

Asynchronous Agreement Part 5: Binary Byzantine Agreement from a strong common coin
Asynchronous Agreement Part 4: Crusader Agreement and Binding Crusader Agreement
Asynchronous Agreement Part Three: a Modern version of Ben-Or's protocol
Asynchronous Agreement Part Two: Ben-Or's protocol
Asynchronous Agreement Part One: Defining the problem
Living with Asynchrony: the Gather protocol
Living with Asynchrony: Bracha's Reliable Broadcast

 bilinear accumulators (1)

Bilinear Accumulators for Cryptocurrency Enthusiasts

 bilinear maps (1)

Bilinear Accumulators for Cryptocurrency Enthusiasts

 blockchain (10)

What are Blockchains Useful for, Really?
Player Replaceability - Towards Adaptive Security and Sub-quadratic Communication Simultaneously (Part II)
Player Replaceability - Towards Adaptive Security and Sub-quadratic Communication Simultaneously (Part I)
He-HTLC - Revisiting Incentives in HTLC
Consensus by Dfinity - Part I
Consensus by Dfinity - Part II (Internet Computer Consensus)
EIP-1559 In Retrospect
Colordag: From always-almost to almost-always 50% selfish mining resilience
Blockchain Resource Pools and a CAP-esque Impossibility Result
Blockchain Selfish Mining

 blockchain 101 (1)

On the Optimality of Optimistic Responsiveness

 blockchain databases (2)

Encrypted Blockchain Databases (Part II)
Encrypted Blockchain Databases (Part I)

 blockchain101 (11)

What is a Blockchain?
Nakamoto's Longest-Chain Wins Protocol
Benign Hotstuff
Resolving the Availability-Finality Dilemma
The First Blockchain or How to Time-Stamp a Digital Document
Streamlet: A Simple Textbook Blockchain Protocol
Data, Consensus, Execution: Three Scalability Bottlenecks for State Machine Replication
Security proof for Nakamoto Consensus
A Payment Channel is a two person BFS-SMR system
Dont Trust. Verify. and Checkpoint?
Do Bitcoin and Ethereum have any trusted setup assumptions?

 collision-resistance (1)

What is a Cryptographic Hash Function?

 collision-resistant-hash-function (1)

What is a Merkle Tree?

 consensus (3)

A new Dolev-Reischuk style Lower Bound
DAG Meets BFT - The Next Generation of BFT Consensus
Safe Permissionless Consensus

 crypto101 (2)

A Simple and Succinct Zero Knowledge Proof
The Trusted Setup Phase

 cryptography (6)

Dining Cryptographers and the additivity of polynomial secret sharing
What is a Merkle Tree?
What is a Cryptographic Hash Function?
Private Set Intersection #2
Bilinear Accumulators for Cryptocurrency Enthusiasts
Private Set Intersection

 dist101 (54)

Randomization and Consensus - synchronous binary agreement for minority omission failures
Randomization and Consensus - synchronous binary agreement for crash failures with a perfect common coin
Responsiveness under omission failures
Set Replication - fault tolerance without total ordering
What is Responsiveness?
What about Validity?
Two Round HotStuff
On PBFT from Locked Broadcast
From Single-Shot Agreement to State Machine Replication
On Paxos from Recoverable Broadcast
Provable Broadcast
Crusader Broadcast
Phase-King through the lens of Gradecast: A simple unauthenticated synchronous Byzantine Agreement protocol
Approximate Agreement: definitions and the robust midpoint protocol
Asynchronous Agreement Part 5: Binary Byzantine Agreement from a strong common coin
Asynchronous Agreement Part 4: Crusader Agreement and Binding Crusader Agreement
Asynchronous Agreement Part Three: a Modern version of Ben-Or's protocol
Asynchronous Agreement Part Two: Ben-Or's protocol
Asynchronous Agreement Part One: Defining the problem
Consensus cheat sheet
The Ideal State Machine Model: Multiple Clients and Linearizability
Crusader Agreement with $\leq 1/3$ Error is Impossible for $n\leq 3f$ if the Adversary can Simulate
Distributed consensus made simple (for real this time!)
The round complexity of Reliable Broadcast
Information Theoretic HotStuff (IT-HS): Part One
Neither Non-equivocation nor Transferability alone is enough for tolerating minority corruptions in asynchrony
Benign Hotstuff
Living with Asynchrony: the Gather protocol
Raft does not Guarantee Liveness in the face of Network Faults
The Lock-Commit Paradigm: Multi-shot and Mixed Faults
The Lock-Commit Paradigm
Living with Asynchrony: Bracha's Reliable Broadcast
Broadcast from Agreement and Agreement from Broadcast
Commit-Notify Paradigm for Synchronous Consensus with Omission Faults
The Marvels of Polynomials over a Field
Dolev-Strong Authenticated Broadcast
The FLP Impossibility, Asynchronous Consensus Lower Bound via Uncommitted Configurations
Synchronous Consensus Lower Bound via Uncommitted Configurations
Consensus Lower Bounds via Uncommitted Configurations
Sync HotStuff, A Simple and Practical State Machine Replication
Primary-Backup for Two Servers and One Omission Failure is Impossible
Primary-Backup State Machine Replication for Crash Failures
A Payment Channel is a two person BFS-SMR system
Flavours of State Machine Replication
Consensus for State Machine Replication
Flavours of Partial Synchrony
The Dolev and Reischuk Lower Bound: Does Agreement need Quadratic Messages?
Byzantine Agreement is Impossible for $n \leq 3 f$ if the Adversary can Simulate
The Trusted Setup Phase
What is Consensus?
Byzantine Agreement is impossible for $n \leq 3 f$ under partial synchrony
The threshold adversary
The power of the adversary
Synchrony, Asynchrony and Partial synchrony
Encrypted Blockchain Databases (Part II)
Encrypted Blockchain Databases (Part I)

 ethereum (1)

EIP-1559 In Retrospect

 game_theory (2)

Colordag: From always-almost to almost-always 50% selfish mining resilience
Blockchain Selfish Mining

 hash-function (1)

What is a Cryptographic Hash Function?

 hashing (1)

What is a Cryptographic Hash Function?

 incentives (2)

He-HTLC - Revisiting Incentives in HTLC
EIP-1559 In Retrospect

 integrity (2)

What is a Merkle Tree?
What is a Cryptographic Hash Function?

 kzg (1)

Range Proofs from Polynomial Commitments, Re-explained

 lowerbound (16)

What about Validity?
A new Dolev-Reischuk style Lower Bound
Blockchain Resource Pools and a CAP-esque Impossibility Result
Crusader Agreement with $\leq 1/3$ Error is Impossible for $n\leq 3f$ if the Adversary can Simulate
The round complexity of Reliable Broadcast
Neither Non-equivocation nor Transferability alone is enough for tolerating minority corruptions in asynchrony
Good-case Latency of Byzantine Broadcast: the Synchronous Case
Good-case Latency of Byzantine Broadcast: a Complete Categorization
Asynchronous Fault Tolerant Computation with Optimal Resilience
The FLP Impossibility, Asynchronous Consensus Lower Bound via Uncommitted Configurations
Synchronous Consensus Lower Bound via Uncommitted Configurations
Consensus Lower Bounds via Uncommitted Configurations
Primary-Backup for Two Servers and One Omission Failure is Impossible
The Dolev and Reischuk Lower Bound: Does Agreement need Quadratic Messages?
Byzantine Agreement is Impossible for $n \leq 3 f$ if the Adversary can Simulate
Byzantine Agreement is impossible for $n \leq 3 f$ under partial synchrony

 merkle-hash-tree (1)

What is a Merkle Tree?

 models (4)

The Trusted Setup Phase
The threshold adversary
The power of the adversary
Synchrony, Asynchrony and Partial synchrony

 non-equivocation (1)

Neither Non-equivocation nor Transferability alone is enough for tolerating minority corruptions in asynchrony

 omission (3)

Responsiveness under omission failures
From Single-Shot Agreement to State Machine Replication
On Paxos from Recoverable Broadcast

 one-wayness (1)

What is a Cryptographic Hash Function?

 paxos (1)

Distributed consensus made simple (for real this time!)

 permissionless (1)

Safe Permissionless Consensus

 polynomials (2)

Bilinear Accumulators for Cryptocurrency Enthusiasts
Range Proofs from Polynomial Commitments, Re-explained

 privacy (1)

Pairing-based Anonymous Credentials and the Power of Re-randomization

 private-set-intersection (3)

The Private Set Intersection (PSI) Protocol of the Apple CSAM Detection System
Private Set Intersection #2
Private Set Intersection

 raft (1)

Raft does not Guarantee Liveness in the face of Network Faults

 random-oracle (1)

What is a Cryptographic Hash Function?

 randomness (3)

Randomization and Consensus - synchronous binary agreement for minority omission failures
Randomization and Consensus - synchronous binary agreement for crash failures with a perfect common coin
Pairing-based Anonymous Credentials and the Power of Re-randomization

 range-proofs (1)

Range Proofs from Polynomial Commitments, Re-explained

 research (15)

Can we Obtain Player Replaceability and Forensic Support Simultaneously?
Asynchronous Agreement Part 5: Binary Byzantine Agreement from a strong common coin
Asynchronous Agreement Part 4: Crusader Agreement and Binding Crusader Agreement
Asynchronous Agreement Part Three: a Modern version of Ben-Or's protocol
Blockchain Resource Pools and a CAP-esque Impossibility Result
Good-case Latency of Rotating Leader Synchronous BFT
The round complexity of Reliable Broadcast
Optimal Communication Complexity of Authenticated Byzantine Agreement
2-round BFT SMR with n=4, f=1
Good-case Latency of Byzantine Broadcast: a Complete Categorization
BFT Protocol Forensics
Resolving the Availability-Finality Dilemma
On the Optimality of Optimistic Responsiveness
Sync HotStuff, A Simple and Practical State Machine Replication
What is the difference between PBFT, Tendermint, SBFT and HotStuff ?

 responsiveness (1)

Responsiveness under omission failures

 secret sharing (5)

Dining Cryptographers and the additivity of polynomial secret sharing
The BGW Verifiable Secret Sharing Protocol
Polynomial Secret Sharing with crash failures
Polynomial Secret Sharing and the Lagrange Basis
The Marvels of Polynomials over a Field

 synchronous protocols (3)

Good-case Latency of Rotating Leader Synchronous BFT
Optimal Communication Complexity of Authenticated Byzantine Agreement
Good-case Latency of Byzantine Broadcast: the Synchronous Case

 zero-knowledge (2)

A Simple and Succinct Zero Knowledge Proof
Range Proofs from Polynomial Commitments, Re-explained