TY - GEN
T1 - CFT-Forensics
T2 - 6th Conference on Advances in Financial Technologies, AFT 2024
AU - Tang, Weizhao
AU - Sheng, Peiyao
AU - Ni, Ronghao
AU - Roy, Pronoy
AU - Wang, Xuechao
AU - Fanti, Giulia
AU - Viswanath, Pramod
N1 - Weizhao Tang, Ronghao Ni, Pronoy Roy and Giulia Fanti: This work was supported in part by the National Science Foundation under grants CNS-2325477, CIF-1705007, and CCF-2338772, and the Air Force Office of Scientific Research under award number FA9550-21-1-0090. We also thank Chainlink Labs, Ripple Labs, and IC3 industry partners for their generous support, as well as Bosch, the Sloan Foundation, Intel, and the CyLab Secure Blockchain Initiative. Xuechao Wang: This work is supported in part by a gift from Stellar Development Foundation and by the Guangzhou-HKUST(GZ) Joint Funding Program (No. 2024A03J0630). Pramod Viswanath: This work is supported in part by NSF CNS-2325477, ARO W911NF2310147 and C3.AI. Acknowledgements We wish to thank Chris Meiklejohn and Heather Miller for their valuable insights and advice on this project. We also thank Sam Stuewe and the MIT Digital Currency Initiative for their feedback and insights regarding integration with OpenCBDC and applications to central bank digital currency.
PY - 2024/9
Y1 - 2024/9
N2 - Crash fault tolerant (CFT) consensus algorithms are commonly used in scenarios where system components are trusted – e.g., enterprise settings and government infrastructure. However, CFT consensus can be broken by even a single corrupt node. A desirable property in the face of such potential Byzantine faults is accountability: if a corrupt node breaks the protocol and affects consensus safety, it should be possible to identify the culpable components with cryptographic integrity from the node states. Today, the best-known protocol for providing accountability to CFT protocols is called PeerReview; it essentially records a signed transcript of all messages sent during the CFT protocol. Because PeerReview is agnostic to the underlying CFT protocol, it incurs high communication and storage overhead. We propose CFT-Forensics, an accountability framework for CFT protocols. We show that for a special family of forensics-compliant CFT protocols (which includes widely-used CFT protocols like Raft and multi-Paxos), CFT-Forensics gives provable accountability guarantees. Under realistic deployment settings, we show theoretically that CFT-Forensics operates at a fraction of the cost of PeerReview. We subsequently instantiate CFT-Forensics for Raft, and implement Raft-Forensics as an extension to the popular nuRaft library. In extensive experiments, we demonstrate that Raft-Forensics adds low overhead to vanilla Raft. With 256 byte messages, Raft-Forensics achieves a peak throughput 87.8% of vanilla Raft at 46% higher latency (+44 ms). We finally integrate Raft-Forensics into the open-source central bank digital currency OpenCBDC, and show that in wide-area network experiments, Raft-Forensics achieves 97.8% of the throughput of Raft, with 14.5% higher latency (+326 ms).
AB - Crash fault tolerant (CFT) consensus algorithms are commonly used in scenarios where system components are trusted – e.g., enterprise settings and government infrastructure. However, CFT consensus can be broken by even a single corrupt node. A desirable property in the face of such potential Byzantine faults is accountability: if a corrupt node breaks the protocol and affects consensus safety, it should be possible to identify the culpable components with cryptographic integrity from the node states. Today, the best-known protocol for providing accountability to CFT protocols is called PeerReview; it essentially records a signed transcript of all messages sent during the CFT protocol. Because PeerReview is agnostic to the underlying CFT protocol, it incurs high communication and storage overhead. We propose CFT-Forensics, an accountability framework for CFT protocols. We show that for a special family of forensics-compliant CFT protocols (which includes widely-used CFT protocols like Raft and multi-Paxos), CFT-Forensics gives provable accountability guarantees. Under realistic deployment settings, we show theoretically that CFT-Forensics operates at a fraction of the cost of PeerReview. We subsequently instantiate CFT-Forensics for Raft, and implement Raft-Forensics as an extension to the popular nuRaft library. In extensive experiments, we demonstrate that Raft-Forensics adds low overhead to vanilla Raft. With 256 byte messages, Raft-Forensics achieves a peak throughput 87.8% of vanilla Raft at 46% higher latency (+44 ms). We finally integrate Raft-Forensics into the open-source central bank digital currency OpenCBDC, and show that in wide-area network experiments, Raft-Forensics achieves 97.8% of the throughput of Raft, with 14.5% higher latency (+326 ms).
KW - blockchain
KW - CFT Protocols
KW - forensics
UR - http://www.scopus.com/inward/record.url?scp=85204484278&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85204484278&partnerID=8YFLogxK
U2 - 10.4230/LIPIcs.AFT.2024.3
DO - 10.4230/LIPIcs.AFT.2024.3
M3 - Conference contribution
AN - SCOPUS:85204484278
T3 - Leibniz International Proceedings in Informatics, LIPIcs
BT - 6th Conference on Advances in Financial Technologies, AFT 2024
A2 - Bohme, Rainer
A2 - Kiffer, Lucianna
PB - Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
Y2 - 23 September 2024 through 25 September 2024
ER -