In the blockchain setting, certainty is to ensure that all valid blocks will not be revoked once they are submitted to the blockchain. When users conduct transactions, they also want to ensure that the transfer operation cannot be changed or cancelled at will after the transfer is completed. Therefore, certainty becomes crucial when designing a blockchain consensus protocol. In the current system based on the Satoshi Nakamoto consensus, 51% attacks and selfish mining behaviors threaten the integrity of the system because they allow the possibility of revoking blocks (for example, if the perpetrator accumulates 51% of the mining capacity, They can carry out a double-spend attack). This kind of agreement provides probabilistic certainty, while some other protocols achieve absolute certainty.
Deterministic type
Probabilistic Finality (Probabilistic Finality) is the type of certainty proposed by blockchain-based protocols (for example, Bitcoin's Nakamoto Consensus). In probabilistic determination, the deeper the block containing the transaction is buried in the chain, the lower the probability that the transaction will be cancelled. Because the more blocks behind a block, the more likely the (fork) chain that contains the block is the longest chain. This is why it is recommended to wait until the block containing the transaction is 6 blocks deep in the Bitcoin blockchain to confirm the completion of the transaction (it takes about 1 hour), because the possibility of canceling the transaction is very low at this time.
Absolute Finality (Absolute Finality) is a type of determinism based on Byzantine Fault Tolerance (PBFT) protocols (such as Tendermint). In absolute determination, once a transaction is included in the block and added to the blockchain, the transaction is immediately considered final. In this case, a validator will first propose a block, and the block must be approved by enough validators in the committee before it can be submitted to the blockchain.
There is also a concept called Economic Finality, which means that the cost of funds required to cancel a block is very high. In the basic equity proof system (such as Casper FFG, Tendermint) that uses the penalty and forfeiture mechanism, if the equity holder signs on two blocks (school note: the same height), then all their rights and interests will be confiscated. This is the costly price of undermining certainty. For example, if a network has 100 equity holders, and each equity holder holds equity worth 1 million US dollars, then the entire network has a total of 100 million US dollars worth of equity. If two blocks appear at the same height of the blockchain, named B and B', then B gets 66% of the votes of the equity holders (66 million USD), and B'also gets 66% of the votes Voting ($66 million), then the intersection of B and B'(at least 33% of malicious equity holders) will lose all their equity (at least $33 million).
CAP theorem and certainty
It seems that absolute certainty is more feasible than probabilistic certainty, but there are still some basic trade-offs that indicate that it is better to choose a blockchain that supports probabilistic certainty. When considering how to strike an appropriate balance between probabilistic certainty and Byzantine fault-tolerant certainty, Eric Brewer's CAP theorem comes into play. The CAP theorem states that in the case of network partitions, distributed systems can only meet consistency or availability. The system that meets the consistency will stop running and prevent wrong transactions from passing through. A system that satisfies availability will continue to operate even if erroneous transactions are allowed to pass. A consistent system has Byzantine fault-tolerant determinism (check note: absolute certainty), while an availability system has probabilistic certainty.
In the payment scenario, users usually choose the availability provided by the probabilistic blockchain (this is why many DAG-based protocols focus on supporting payment, because these protocols support availability rather than consistency ), however, many blockchain platforms provide more than just payment, but also support decentralized applications (DApps) based on smart contracts. Different DApps may have different preferences in terms of determinism: Those DApps that require feasibility will always allow transactions to pass even if the transaction information is inaccurate, and prefer a probabilistic deterministic chain; while DApps that tend to be consistent will make the whole The application stops running to prevent incorrect transactions from passing, and prefers to absolutely determine the chain. Therefore, certainty fundamentally affects the user experience.
Certainty in Proof of Stake Consensus
In the meta-analysis of alternative consensus protocols, we considered the certainty guarantees of some major PoS (Proof of Stake) platforms, including Tendermint, Thunderella, Algorand, Dfinity, Ouroboros Genesis, Casper FFG and Casper CBC. Here, we will briefly outline how these platforms achieve certainty, but deciding which protocol to use is more important to look at as a whole, rather than just consider a parameter (here refers to the guarantee of certainty).
Tendermint: Tendermint achieves absolute certainty. Any block that gets â…” or more pre-votes and pre-commits will be finalized, and this process will continue indefinitely. Unless â…“ or above verifiers do not respond, causing the network to stop functioning. Therefore, Tendermint prefers consistency over usability. In addition, when the penalty rules for proof of rights are applied to Tendermint, the Tendermint protocol can also achieve economic certainty.
Thunderella: Thunderella's fast path provides absolute certainty. Any notarized maximum transaction sequence is considered a fully confirmed output. If 3/4 of the fast-path committee is honest and online, and the proposer is also honest, then valid transactions can be confirmed instantly. However, fast path confirmation is different from general certainty, it is optimistic certainty. Once the transaction is recorded on the basic blockchain, the transaction is fully determined. This situation can be either chain-based or Byzantine fault-tolerant. But when there is a problem with the fast path, Thunderella will fall back to the basic blockchain, so Thunderella prioritizes availability.
Algorand: Algorand achieves probabilistic determination. As long as the currency value of the protocol controlled by the attacker is less than 1/3 of the total value, Algorand can guarantee that forking is almost impossible, allowing the protocol to operate in a strong synchronization manner, so that each block is ultimately consistent. In weak synchronization, Algorand may fork, but BA* is used to determine which fork chain to choose. Therefore, when the agreement resumes strong synchronization, the transaction in Algorand can finally be finalized. Algorand prioritizes consistency over availability, because it would rather produce blank blocks than sacrifice consistency.
Dfinity: Dfinity achieves probabilistic determination, and its deterministic probability increases as the weight of the block on the chain increases. Suppose we refuse to receive more notarized blocks in each cycle of r. In this cycle, we can finally determine the rth round, because we know that the notarized block for the rth round contains all the transactions on the chain before the rth round. In the rth round, as long as the operation is correct, the almost instantaneous certainty can be guaranteed. After two confirmations plus the network transmission delay, any transaction included in the block in the rth round is finalized for the observer. . Dfinity prioritizes consistency. If the network partitions form two halves of almost the same size, it will automatically suspend the work of random beacons and will not allow any half of the network to continue running.
Ouroboros Genesis: The Genesis protocol can be probabilistically determined according to the rules of how it selects the blockchain. The specific rule is that for short-range attacks (up to k blocks, where k is a security parameter), the longest chain principle is adopted; for long-range attacks (more than k blocks), the plenitude rule is adopted, which is also That is to say, check the time period immediately after the current chain is forked, and then select the chain with a higher density.
Casper FFG: The goal of Casper FFG is to provide absolute/economic certainty for chain-based systems. The committee is weighted by equity and gets the majority of votes and then signs a block to achieve certainty. With this construction method of Casper FFG, even if an attacker controls the proposal mechanism of the underlying blockchain, conflicting checkpoints will never be finalized. However, FFG provides security and the proposal mechanism provides liveness, so attackers can delay consensus to prevent Casper from determining future checkpoints. FFG prioritizes consistency, because it does not allow the checkpoint to be finalized without ⅔ the verifier’s consent, otherwise the determination is invalid. In addition, FFG can also achieve economic certainty through a penalty mechanism.
Casper TFG: TFG achieves absolute determination through validators with different fault tolerance thresholds. In other words, the protocol is asynchronously safe and Byzantine fault tolerant, allowing validators to have different fault tolerance thresholds.
Revocation of blocks may result in millions of dollars in losses or affect the basic operation of decentralized applications. Therefore, certainty plays a vital role in building a robust blockchain platform and how to choose a platform for developing applications.
Interface Codecs,Ic Chip Transitor,Integrated Circuit Ic Microcontroller,Ic Chips Integrated Circuits
Shenzhen Kaixuanye Technology Co., Ltd. , https://www.icoilne.com