BFT in Lens of Blockchain Ted Yin 1,2 , Dahlia Malkhi 2 , Michael K. - - PowerPoint PPT Presentation

bft in lens of blockchain
SMART_READER_LITE
LIVE PREVIEW

BFT in Lens of Blockchain Ted Yin 1,2 , Dahlia Malkhi 2 , Michael K. - - PowerPoint PPT Presentation

Oct 08, 2023 313 likes •568 views

BFT in Lens of Blockchain Ted Yin 1,2 , Dahlia Malkhi 2 , Michael K. Reiter 2,3 Guy Golan Gueta 2 and Ittai Abraham 2 1 Cornell University, 2 VMware Research, 3 UNC-Chapel Hill About Me {Design,prov,build}ing practical distributed systems with

slide-1
SLIDE 1

BFT in Lens of Blockchain

Ted Yin1,2, Dahlia Malkhi2, Michael K. Reiter2,3 Guy Golan Gueta2 and Ittai Abraham2

1Cornell University, 2VMware Research, 3UNC-Chapel Hill

slide-2
SLIDE 2

About Me

  • {Design,prov,build}ing practical distributed systems with

fundamental (algorithmic) improvements

  • Major work:

○ Avalanche Consensus (permission-less, extremely scalable) ○ HotStuff Consensus (permission-ed, elegant and drop-in replacement for PBFT/PBFT-like use cases)

  • Two other on-going projects (Cornell, VMware)
slide-3
SLIDE 3

BFT Consensus: Research In Our Eyes

What others think we do What we think we do

slide-4
SLIDE 4

BFT Consensus: Why Another Protocol?

The Saddest Moment, Mickens 2013

slide-5
SLIDE 5

BFT Consensus: Why Another Protocol?

Bitcoin: a Peer-to-Peer Electronic Cash System, Nakamoto 2008

slide-6
SLIDE 6

BFT Consensus: Problem Definition

  • N nodes replicate the same sequence of commands
  • Consistent in asynchronous network (safety)
  • During period of synchrony, it’d better progress (liveness)
  • When the proposer (leader) is correct, it should be fast

Replica

...

1 2 3 4

Replica

...

1 2 3 4

Replica

...

1 2 3 4

Byz

slide-7
SLIDE 7

Reducing the Complexity

“Complexity”

Protocol Spec Network Cost

Conferences probably don’t care. But we do! Possibly the first protocol with linear cost during a view change

“Protocol Complexity” “Communication Complexity”

slide-8
SLIDE 8

Protocol Complexity

Classical BFT

  • PoW-free
  • Quorum invariants
  • From single-decree (1)
  • (1) => Sequence numbers
  • (1) => View numbers
  • Hard to comprehend

Nakamoto’s Consensus

  • PoW based
  • Longest chain
  • Naturally multi-decree (2)
  • (2) => Block heights
  • (2) => Views == Forks
  • Easy to understand
slide-9
SLIDE 9

HotStuff: Protocol Framework & Simplicity

Framework

  • Classical BFT variant (same/better guarantee)
  • Bridges classical BFT and blockchain
  • View change is everywhere, and nowhere
  • Locking mechanism (reducing protocol state space)
  • Decouples safety and liveness
  • “Liveness gadget” could be RR, PoW based, etc.
slide-10
SLIDE 10

Challenge: BFT consensus in 10 min

Ingredients to Make a 2-step HotStuff

  • Protocol state variables
  • Message types
  • Voting rule
  • Commit rule
slide-11
SLIDE 11

Quorum Certificate

QC: Proof of the Existence of 2f+1 (positive) Votes

2f + 1: QC1 ≥ f + 1 ≥ f + 1 ≥ 1 2f + 1: QC2

slide-12
SLIDE 12

Blockchain!

B1 B2 B3 B4 B7 B8 B5 B6

slide-13
SLIDE 13

Branch Preference

Locking mechanism: a replica sticks to qref(Bhqc) unless... Bhqc: block containing QC for the preferred block “Preferred block” or qref(Bhqc): highest block receives a QC

B1 B2 B3 B4 B7 B8 B5 B6 Bhqc

QC

qref(Bhqc)

slide-14
SLIDE 14
  • Bhqc= block containing a reference to the preferred branch
  • Bexec= last committed block
  • vheight = height of the block last voted for

Challenge: BFT consensus in 10 min

Protocol State Variables

B1 B2 B3 B4 B7 B8 B5 B6 Bexec Bhqc

qref(Bhqc)

slide-15
SLIDE 15

Challenge: BFT consensus in 10 min

Message Types <propose, v, Bnew, Bhqc’> <vote, <v, Bnew>signed by v, Bhqc’>

  • Proposer broadcasts the propose message for block Bnew
  • Voters give back their opinions to the next proposer via votes
  • Only one type of messages for voting/view change, etc.
slide-16
SLIDE 16

Challenge: BFT consensus in 10 min

How to Vote?

  • Only vote positively for Bnewif the following constraints hold:

○ Bnew.height > vheight ○ Bnewis on the same branch as qref(Bhqc)

B1 B2 B3 B4 B7 B5 B6 Bexec Bhqc Yes B8 No

How to Vote?

qref(Bhqc)

slide-17
SLIDE 17

Challenge: BFT consensus in 10 min

When to Commit?

  • Every block could contain a QC for some previous block
  • Block B will be committed when a child having QC for B also

gets a QC. (What…? )

B1 B2 B3 B4 B7 B8 B5 B6

QC QC

slide-18
SLIDE 18

Challenge: BFT consensus in 10 min

When to Commit?

  • Every block could contain a QC for some previous block
  • Block B will be committed when a child having QC for B also

gets a QC.

B1 B2 B3 B4 B7 B8 B5 B6

QC QC

slide-19
SLIDE 19

HotStuff: Protocol in a Single Slide (2-step version)

slide-20
SLIDE 20

HotStuff: Protocol in a Single Slide (3-step version)

slide-21
SLIDE 21

HotStuff vs. State of the Art Performance

slide-22
SLIDE 22

HotStuff vs. State of the Art Performance

slide-23
SLIDE 23

BFT Solutions & Communication Complexity

DLS PBFT

Casper Tendermint HotStuff HotStuff+

VC: O(N3) Normal: O(N4) VC: O(N3) or O(N2) Normal: O(N2)

PBFT*

VC: O(N2) Normal: O(N) VC: O(N2) Normal: O(N2)

HotStuff*

VC: O(N) Normal: O(N)

SBFT

VC = View Change

slide-24
SLIDE 24

That’d be all.

Special Thanks

VMware Research Group

https://arxiv.org/abs/1803.05069 Open-sourced code coming soon