Dissecting Tendermint

TL;DR

This paper thoroughly analyzes the Tendermint blockchain consensus protocol, examining its behavior under different communication models and adversarial conditions, and establishing its correctness in the most challenging Byzantine fault scenarios.

Contribution

It introduces a systematic methodology to dissect Tendermint's algorithmic principles across various models, identifying bugs and proving correctness under strict Byzantine adversaries.

Findings

Identified bugs in early versions of Tendermint

Proved Tendermint's correctness under asynchronous communication and Byzantine faults

Provided insights into Tendermint's robustness and limitations

Abstract

In this paper we analyze Tendermint proposed in [7], one of the most popular blockchains based on PBFT Consensus. The current paper dissects Tendermint under various system communication models and Byzantine adversaries. Our methodology consists in identifying the algorithmic principles of Tendermint necessary for a specific combination of communication model-adversary. This methodology allowed to identify bugs [3] in preliminary versions of the protocol ([19], [7]) and to prove its correctness under the most adversarial conditions: an eventually synchronous communication model and asymmetric Byzantine faults.