Blockchain Consensus Protocols in the Wild

TL;DR

This paper reviews and compares various blockchain consensus protocols, emphasizing the importance of rigorous security analysis and formal proofs to ensure resilience against faults and adversarial attacks.

Contribution

It provides a comprehensive comparison of consensus protocols in permissioned blockchains and advocates for formal security assessments in their design.

Findings

Many protocols lack formal security proofs

Protocols vary significantly in fault tolerance

Formal analysis improves trustworthiness

Abstract

A blockchain is a distributed ledger for recording transactions, maintained by many nodes without central authority through a distributed cryptographic protocol. All nodes validate the information to be appended to the blockchain, and a consensus protocol ensures that the nodes agree on a unique order in which entries are appended. Consensus protocols for tolerating Byzantine faults have received renewed attention because they also address blockchain systems. This work discusses the process of assessing and gaining confidence in the resilience of a consensus protocols exposed to faults and adversarial nodes. We advocate to follow the established practice in cryptography and computer security, relying on public reviews, detailed models, and formal proofs; the designers of several practical systems appear to be unaware of this. Moreover, we review the consensus protocols in some prominent permissioned blockchain platforms with respect to their fault models and resilience against attacks. The protocol comparison covers Hyperledger Fabric, Tendermint, Symbiont, R3~Corda, Iroha, Kadena, Chain, Quorum, MultiChain, Sawtooth Lake, Ripple, Stellar, and IOTA.