Fangyu Gai

Fangyu Gai, Ali Farahbakhsh, Jianyu Niu et al.

Permissioned blockchains employ Byzantine fault-tolerant (BFT) state machine replication (SMR) to reach agreement on an ever-growing, linearly ordered log of transactions. A new paradigm, combined with decades of research in BFT SMR and blockchain (namely chained-BFT, or cBFT), has emerged for directly constructing blockchain protocols. Chained-BFT protocols have a unifying propose-vote scheme instead of multiple different voting phases with a set of voting and commit rules to guarantee safety and liveness. However, distinct voting and commit rules impose varying impacts on performance under different workloads, network conditions, and Byzantine attacks. Therefore, a fair comparison of the proposed protocols poses a challenge that has not yet been addressed by existing work. We fill this gap by studying a family of cBFT protocols with a two-pronged systematic approach. First, we present an evaluation framework, Bamboo, for quick prototyping of cBFT protocols and that includes helpful benchmarking facilities. To validate Bamboo, we introduce an analytic model using queuing theory which also offers a back-of-the-envelope guide for dissecting these protocols. We build multiple cBFT protocols using Bamboo and we are the first to fairly compare three representatives (i.e., HotStuff, two-chain HotStuff, and Streamlet). We evaluated these protocols under various parameters and scenarios, including two Byzantine attacks that have not been widely discussed in the literature. Our findings reveal interesting trade-offs (e.g., responsiveness vs. forking-resilience) between different cBFT protocols and their design choices, which provide developers and researchers with insights into the design and implementation of this protocol family.

Jianyu Niu, Ziyu Wang, Fangyu Gai et al.

Bitcoin-NG is among the first blockchain protocols to approach the \emph{near-optimal} throughput by decoupling blockchain operation into two planes: leader election and transaction serialization. Its decoupling idea has inspired a new generation of high-performance blockchain protocols. However, the existing incentive analysis of Bitcoin-NG has several limitations. First, the impact of network capacity is ignored. Second, an integrated incentive analysis that jointly considers both key blocks and microblocks is still missing. In this paper, we aim to address these two limitations. First, we propose a new incentive analysis that takes the network capacity into account, showing that Bitcoin-NG can still maintain incentive compatibility against the microblock mining attack even under limited network capacity. Second, we leverage a Markov decision process (MDP) to jointly analyze the incentive of both key blocks and microblocks, showing that the selfish mining revenue of Bitcoin-NG is a little higher than that in Bitcoin only when the selfish miner controls more than 35\% of the mining power. We hope that our in-depth incentive analysis for Bitcoin-NG can shed some light on the mechanism design and incentive analysis of next-generation blockchain protocols.

Fangyu Gai, Cesar Grajales, Jianyu Niu et al.

Sidechain technology has been envisioned as a promising solution to accelerate today's public blockchains in terms of scalability and interoperability. By relying on the mainchain for security, different sidechains can formulate their own rules to reach consensus. Although the literature has considered the possibility of using consensus protocols in the sidechain, so far a tailor-made consensus protocol for sidechains with high performance and formal security proof has not been attempted. To fill this gap, we introduce Cumulus, a low overhead, highly efficient, security provable sidechain protocol. Cumulus makes use of smart contracts to ensure that only one block proposed in the sidechain will be enforced on the mainchain in each round, thereby achieving consensus in an efficient manner. We give a formal specification of Cumulus which ensures safety and liveness without any online requirements of clients. For security analysis, we provide formal security definitions and proofs under Universally Composable Security (UCS) model. As a proof of concept, we implement Cumulus and evaluate it in an Ethereum testnet.