A New Broadcast Primitive for BFT Protocols

TL;DR

This paper introduces abortable broadcast, a weaker yet practical networking primitive for BFT protocols that guarantees strong delivery, bandwidth efficiency, and bounded data structures, enabling secure blockchain implementations.

Contribution

It defines and implements abortable broadcast, a new primitive that ensures reliable delivery and bounded memory usage even with malicious peers in BFT systems.

Findings

Provides strong delivery guarantees under network failures

Ensures bandwidth efficiency and bounded data structures

Enables secure BFT protocols in the Internet Computer blockchain

Abstract

Byzantine fault tolerant (BFT) protocol descriptions often assume application-layer networking primitives, such as best-effort and reliable broadcast, which are impossible to implement in practice in a Byzantine environment as they require either unbounded buffering of messages or giving up liveness, under certain circumstances. However, many of these protocols do not (or can be modified to not) need such strong networking primitives. In this paper, we define a new, slightly weaker networking primitive that we call abortable broadcast. We describe an implementation of this new primitive and show that it (1) still provides strong delivery guarantees, even in the case of network congestion, link or peer failure, and backpressure, (2) preserves bandwidth, and (3) enforces all data structures to be bounded even in the presence of malicious peers. The latter prevents out-of-memory DoS attacks by malicious peers, an issue often overlooked in the literature. The new primitive and its implementation are not just theoretical. We use them to implement the BFT protocols in the IC (Internet Computer), a publicly available blockchain network that enables replicated execution of general-purpose computation, serving hundreds of thousands of applications and their users.