Fault Independence in Blockchain
share
Byzantine Fault-Tolerant (BFT) protocols have been proposed to tolerate malicious behaviors in state machine replications. With classic BFT protocols, the total number of replicas is known and fixed a priori. The resilience of BFT protocols, i.e., the number of tolerated Byzantine replicas (denoted f ), is derived from the total number of replicas according to the quorum theory. To guarantee that an attacker cannot control more than f replicas, so to guarantee safety, it is vital to ensure fault independence among all replicas. This in practice is achieved by enforcing diverse configurations of replicas, i.e., each replica has a unique configuration, avoiding f fault compromises more than f replicas. While managing replica diversity in BFT protocols has been studied in permissioned environments with a small number of replicas, no prior work has discussed the fault independence in a permissionless environment (such as public blockchains) where anyone can join and leave the system at any time. This is particularly challenging due to the following two facts. First, with permissionless environment, any one can join as a replica at any time and no global coordinator can be relied on to manage replica diversity. Second, while great progress has been made to scale consensus algorithms to thousands of replicas, the replica diversity cannot provide fault independence at this scale, limiting practical and meaningful resilience. This paper provides the first discussion on the impact of fault independence on permissionless blockchains, provides discussions on replica configuration diversity, quantifies replica diversity by using entropy, and defines optimal fault independence.
READ FULL TEXT