Abstract. Most cryptocurrencies are practically limited, mostly because of their significant time to finality and lack of scalability. Moreover, most of the existing literature for blockchain consensus protocols assumes the miners as honest. The assumption results in the protocols being susceptible to strategic attacks such as selfish mining, undercutting. Consequently, designing scalable, strategy-proof blockchain consensus protocol forms the basis of this work. Towards this, we present ASHWAChain, which deploys committees, generated through an underlying Proof-of-Work blockchain, to reach consensus using PBFT. Through a sophisticated analysis of system performance, we show that ASHWAChain’s performance is significantly better than the current state-of-the-art. Additionally, we analyze miners’ strategic behavior in ASHWAChain and prove that at equilibrium, the miners will honestly follow the protocol under certain assumptions.
Introduction and Motivation
Most cryptocurrencies today are practically limited due to 3 major reasons, which are as follows:
- Low Scalability: Scalability refers to the financial system’s ability to handle increased market demands. In the case of cryptocurrencies, this can be measured in terms of transaction throughput or transactions-per-second (TPS). Most popular cryptocurrencies like Bitcoin, Ethereum, etc., handle only up-to 7-15 TPS, which is low for a financial platform considering VISA, which can handle over 24,000 TPS.
- High Time to finality or Weak Consistency: Time to finality refers to the time it takes for a transaction/block to be considered “final” or irreversible with very high probability. In general, this time is considerably high for cryptocurrencies making their applicability practically low. For reference, this time is around 60 minutes in Bitcoin, which is considerably large for other centralized transaction platforms.
- Honest Miner Assumption: Some cryptocurrencies also assume that their participants or “miners” are honest. This assumption limits their practicality because, in reality, these miners are either Byzantine, rational, or honest. So game-theoretic analysis and security analysis considering these types of players is necessary for a more practically applicable system.
Researchers have proposed several protocols to improve blockchain technology’s practical performance for better applicability. These protocols provide3-5times improvement over Bitcoin in terms of TPS. Chen et al. use game-theory to establish the trade-off between full verification, scalability, and finality-duration. This follows an impossibility result which states that it is impossible to have a scalable, consistent, and fully decentralized blockchain.
Proposal and Contributions
Keeping all this in mind, we propose ASHWAChain, a novel protocol blockchain consensus protocol that uses a balance between centralization and decentralization and selects a committee using similar ideas from Delegated Proof-of-Stake (DPoS) for running the protocol. ASHWAChain provides up-to 300 TPS and negligible time to finality. One key feature of this protocol is that it decouples the computational work used in mining from transaction confirmations, which also allows achieving high consistency. We then also provide security, scalability, and game-theoretic analysis for ASHWAChain.
We consider a peer-to-peer network consisting of participants or “miners” who control identities in the network. These identities are denoted by their public-private (pk, sk) key pair. Miners are connected by a broadcast network over which they can send messages to everyone.
ASHWAChain comprises two layers:
- PoW Blockchain layer (PBL): This layer is responsible for providing Sybil-resistant identities to the Agreement Layer. PBL maintains a blockchain running a Proof-of-Work consensus. Each block is of the form bi = <h, d, x, p>, where h is the hash of the previous block, d is the difficulty of the network, x is the nonce of the block, and p is the identity included in the block by the miner. This layer interacts with the Agreement Layer in with an operation, namely proposeBlock(b), and once this block is accepted in the Agreement layer, an event is triggered in this layer and all the miners acknowledge this as the latest block and mines on this chain.
- Agreement Layer (AL): This layer is responsible for maintaining consensus, i.e., fork-resolution and transaction confirmation. The purpose of AL is to maintain a shared state by running SGMP and PBFT agreement protocols. AL is maintained by a committee of nc identities, referred to as validators. The shared state can only be modified by predefined operations. AL proceeds in epochs where each epoch consists of tepoch rounds. This shared state stores account balances, Transaction Blockchain, PBL blockchain copy, a committee blockchain, the list of transaction validators, and operation log. The block-rewards and transaction fee is distributed equally among the validators who signed the blocks.
We first define our adversary model and then provide security analysis. Following from that is scalability analysis, and finally, we game-theoretically analyze ASHWAChain.
We consider an adversary A controlling αA fraction of computational resources. The remaining resources are controlled by a meta entity H. The goal of the adversary is to control more than nag identities, the minimum number of identities required for agreement or tamper with the network. In PBFT nag is one-third of the total committee size, nc. The analysis is considered in a steady state, i.e., a state in which all the system parameters are governed by their respective expected value. For our security analysis, we formally define the secure state of the system as follows.
Secure State. The system is said to be in a secure state if nA, i.e., the number of validators controlled by an adversary, is strictly less than nc/3.
Proposition. The system will be in a secure state with a high probability depending on nthreshold and β if (i) αA, the fraction of computational resources in the network controlled by the adversary A is upper bounded by a fraction β and (ii) nC >= nthreshold, where nthreshold ∈ Z+.
Observe that the probability of a block being added to PBL is directly proportional to αminer, i.e., the computational power it holds in the system. Consequently, we can model the probability distribution of the identities that will be added to PBL as a binomial distribution. The following figure shows the different minimum values of nc, committee size, required with 1 in “X” chance of the system not being in a secure state for a given fraction of computational power controlled by an adversary. It is worth noting that in Bitcoin, if we consider 10% power in an adversary’s hands, then the system is not in a safe state with a 1/5000 probability.
From our security analysis, if we consider αA= 0.18, the fraction of the computational power controlled by the adversary, then for nC= 90, the probability of the system being in a secure state will be greater than 1.44×10−4, which is less than 1 in 5000. For this committee size, ASHWAChain can support at-least 300 TPS, which is a significant improvement over existing cryptocurrency protocols.
In ASHWAChain, we consider Bayesian Nash Equilibrium (BNE) for analysis and we consider the miners to be strategic and 3 types of players which are as follows:
- Honest (H): Do not deviate from the defined protocol.
- Rational (R): Follow the strategy which yields them the highest utility.
- Byzantine (B): Actively try to compromise the system, irrespective of the utilities they obtain.
Assumptions. We assume that all rational players incur a cost κ >0, if any invalid transaction block is committed. This assumption is based on the premise that the entire ecosystem of the currency inflicts harm when an invalid block is accepted and, since rational players have invested resources and possess a stake in the system, they must incur some cost depending on it. We also assume that the objective of Byzantine players is to minimize the utility of the rational players and prevent the protocol from achieving its goal, regardless of the cost they incur.
We consider the cost of validating a transaction, making our analysis more practical. Finally, we proved that under certain constraints for system parameters, there exists a BNE for rational players where they follow only the protocol strategy, i.e., validate all the blocks and sign only if it’s valid.
In this work, we introduced a blockchain consensus protocol, namely ASHWAChain that provides strong consistency and high scalability, by using a committee-based system for consensus. Our security analysis shows that the system is in a secure state, with high probability. Lastly, we proved that under certain assumptions on the protocol parameters, there exists a Bayesian Nash Equilibrium in which the rational players validate the transactions before signing any block.