TY - GEN
T1 - The Honey Badger of BFT Protocols
AU - Miller, Andrew
AU - Xia, Yu
AU - Croman, Kyle
AU - Shi, Elaine
AU - Song, Dawn
N1 - Funding Information:
We thank Jay Lorch, Jonathan Katz, and Emin G?n Sirer for helpful suggestions, and especially Dominic Williams for several excellent discussions that inspired us to tackle this problem. This work is supported in part by NSF grants CNS-1314857, CNS-1453634, CNS-1518765, CNS-1514261, and CNS-1518899, DARPA grant N66001-15-C-4066, a Packard Fellowship, a Sloan Fellowship, two Google Faculty Research Awards, and a VMWare Research Award. This work was done in part while a subset of the authors were visiting students at UC Berkeley, and while a subset of the authors were visiting the Simons Institute for the Theory of Computing, supported by the Simons Foundation and by the DIMACS/Simons Collaboration in Cryptography through NSF grant CNS-1523467.
PY - 2016/10/24
Y1 - 2016/10/24
N2 - The surprising success of cryptocurrencies has led to a surge of interest in deploying large scale, highly robust, Byzantine fault tolerant (BFT) protocols for mission-critical applications, such as financial transactions. Although the conventional wisdom is to build atop a (weakly) synchronous protocol such as PBFT (or a variation thereof), such protocols rely critically on network timing assumptions, and only guarantee liveness when the network behaves as expected. We argue these protocols are ill-suited for this deployment scenario. We present an alternative, HoneyBadgerBFT, the first practical asynchronous BFT protocol, which guarantees liveness without making any timing assumptions. We base our solution on a novel atomic broadcast protocol that achieves optimal asymptotic efficiency. We present an implementation and experimental results to show our system can achieve throughput of tens of thousands of transactions per second, and scales to over a hundred nodes on a wide area network. We even conduct BFT experiments over Tor, without needing to tune any parameters. Unlike the alternatives, HoneyBadgerBFT simply does not care about the underlying network.
AB - The surprising success of cryptocurrencies has led to a surge of interest in deploying large scale, highly robust, Byzantine fault tolerant (BFT) protocols for mission-critical applications, such as financial transactions. Although the conventional wisdom is to build atop a (weakly) synchronous protocol such as PBFT (or a variation thereof), such protocols rely critically on network timing assumptions, and only guarantee liveness when the network behaves as expected. We argue these protocols are ill-suited for this deployment scenario. We present an alternative, HoneyBadgerBFT, the first practical asynchronous BFT protocol, which guarantees liveness without making any timing assumptions. We base our solution on a novel atomic broadcast protocol that achieves optimal asymptotic efficiency. We present an implementation and experimental results to show our system can achieve throughput of tens of thousands of transactions per second, and scales to over a hundred nodes on a wide area network. We even conduct BFT experiments over Tor, without needing to tune any parameters. Unlike the alternatives, HoneyBadgerBFT simply does not care about the underlying network.
UR - http://www.scopus.com/inward/record.url?scp=84995495375&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84995495375&partnerID=8YFLogxK
U2 - 10.1145/2976749.2978399
DO - 10.1145/2976749.2978399
M3 - Conference contribution
SN - 978-1-4503-4139-4
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 31
EP - 42
BT - CCS '16
PB - ACM
CY - New York
T2 - the 2016 ACM SIGSAC Conference
Y2 - 24 October 2016 through 28 October 2016
ER -