l edger c ombiners for f ast
play

L EDGER C OMBINERS FOR F AST S ETTLEMENT Matthias Fitzi 1 , Peter Gai - PowerPoint PPT Presentation

Dec 19, 2022 •317 likes •994 views

L EDGER C OMBINERS FOR F AST S ETTLEMENT Matthias Fitzi 1 , Peter Gai 1 , Aggelos Kiayias 1,2 , Alexander Russell 1,3 1 IOHK Research 2 University of Edinburgh 3 University of Connecticut TCC 2020 Nakamoto Ledgers in a Nutshell ? Cartoon

  1. L EDGER C OMBINERS FOR F AST S ETTLEMENT Matthias Fitzi 1 , Peter Gaži 1 , Aggelos Kiayias 1,2 , Alexander Russell 1,3 1 IOHK Research 2 University of Edinburgh 3 University of Connecticut TCC 2020

  2. Nakamoto Ledgers in a Nutshell ? Cartoon description: ● transactions-carrying blocks appended in ever-growing tree ● current state: longest chain, extended by honest parties ● block-creation rights distributed “fairly” using anti-Sybil lottery

  3. Nakamoto Ledgers in a Nutshell ? Cartoon description: ● transactions-carrying blocks appended in ever-growing tree ● current state: longest chain, extended by honest parties ● block-creation rights distributed “fairly” using anti-Sybil lottery Properties: ● sufficient fraction honest ⇒ “eventual” consensus on winning chain ● immutability measure: #blocks on top

  4. Anti-Sybil Lotteries for Nakamoto Consensus Proof of Work (PoW): [Bitcoin, Ethereum, ...] ● parties solve a computational puzzle ● success proportional to invested computation Proof of Stake (PoS): [Ouroboros, Snow White, ...] ● parties own stake on the blockchain ● success proportional to owned stake Proof of Space (PoSp): [SpaceMint, Chia, ...] ● parties dedicate storage space ● success proportional to dedicated storage

  5. Nakamoto Consensus: Advantages NC very resilient, can tolerate hostile environments: ● Dishonest Minority ○ in principle, up to 1/2 of the underlying resource can be controlled by an adversary ○ cf. classical: typically up to 1/3 ● Sleepiness/Dynamic Availability ○ fluctuating level of participation, parties come and go without notifying others, lose access to necessary resources, ... ○ cf. classical: fix party sets, typically rely on counting

  6. Settlement Time for Ledger Protocols ● a.k.a. latency time tx enters tx the system stabilized “How long does it take a transaction from being injected into the system until universally recognized as a stable ledger entry?”

  7. Latency Barrier of Nakamoto Consensus time ∊ tx

  8. Latency Barrier of Nakamoto Consensus time ∊ tx ● tx stability proportional to number of blocks on top

  9. Latency Barrier of Nakamoto Consensus time ∊ tx ● tx stability proportional to number of blocks on top Intrinsic Latency Barrier: limited block creation rate ⇒ limited settlement speed (to avoid forks)

  10. Overcoming Nakamoto Latency Barrier Overlay structures for improved latency: ● stronger assumptions ● latency improved in optimistic settings ● e.g. Hybrid Consensus [PS16], Thunderella [PS17], Afgjort [MMNT19] ● layer-2 solutions ● no longer maintains a distributed ledger of all transactions ● e.g. payment channels and state channels [PD16,DFH18,DEFM19,DEFHH19] Best latency guarantees achievable by Nakamoto? Our approach: Parallel Composition (also taken in Prism [BKTFV19])

  11. Our Contributions 1. An Abstract Model for Ledgers 2. A Combiner for Security Amplification (= Latency Reduction) 3. A Robust Ledger Combiner

  12. Abstract Ledgers ➢ ledger ● a static set of transactions T ● rank function: T ⟶ ℝ + ○ orders transactions ○ captures their stability ○ loosely related to time ○ e.g.: block timestamp

  13. Abstract Ledgers ➢ ledger ● a static set of transactions T ● rank function: T ⟶ ℝ + ○ orders transactions ○ captures their stability ○ loosely related to time ○ e.g.: block timestamp ➢ dynamic ledger ● time-indexed sequence of ledgers ● sufficient to express persistence, liveness

  14. Ledger Combiner for Security Amplification/Latency Reduction ( ) ... ⇒ m parallel, independent 1 “virtual” dynamic ledger ⇒ dynamic ledgers

  15. Ledger Combiner for Security Amplification/Latency Reduction ( ) ... ⇒ m parallel, independent 1 “virtual” dynamic ledger ⇒ dynamic ledgers rank 1 ( tx ) , … , rank m ( tx ) rank( tx ) := F(rank 1 ( tx ), …, rank m ( tx )) ⇒

  16. Ledger Combiner for Security Amplification/Latency Reduction ( ) ... ⇒ m parallel, independent 1 “virtual” dynamic ledger ⇒ dynamic ledgers Fast (m-fold) submission: settlement time t t / Θ(m) ⇒

  17. Ledger Combiner for Security Amplification/Latency Reduction ( ) ... ⇒ m parallel, independent 1 “virtual” dynamic ledger ⇒ dynamic ledgers Fast (m-fold) submission: settlement time t t / Θ(m) ⇒ Slow (single-ledger) submission: settlement time t t . O(ln m) ⇒

  18. Ledger Combiner for - weaker condition suffices: subindependence Security Amplification/Latency Reduction - achievable for PoW, PoS ( ) ... ⇒ m parallel, independent 1 “virtual” dynamic ledger ⇒ dynamic ledgers Fast (m-fold) submission: settlement time t t / Θ(m) ⇒ Slow (single-ledger) submission: settlement time t t . O(ln m) ⇒

  19. Ledger Combiner for Security Amplification/Latency Reduction ( ) ... ⇒ m parallel, independent 1 “virtual” dynamic ledger ⇒ dynamic ledgers m scales with λ: constant-time settlement with negligible error Fast (m-fold) submission: settlement time t t / Θ(m) ⇒ Slow (single-ledger) submission: settlement time t t . O(ln m) ⇒

  20. Ledger Combiner for Security Amplification/Latency Reduction ( ) ... ⇒ m parallel, independent 1 “virtual” dynamic ledger ⇒ dynamic ledgers Fast (m-fold) submission: settlement time t t / Θ(m) ⇒ tradeoff: tx fee ⇔ settlement time Slow (single-ledger) submission: settlement time t t . O(ln m) ⇒

  21. Robust Combiner for Dynamic Ledgers ( ) ... ⇒ m parallel dynamic 1 “virtual” dynamic ledger ⇒ ledgers

  22. Robust Combiner for Dynamic Ledgers ( ) ... ⇒ m parallel dynamic 1 “virtual” dynamic ledger ⇒ ledgers ● robust : some persistence+liveness guarantees maintained even if minority of ledgers fully corrupted ● illustrates versatility of our dynamic ledger notion

  23. 1. An Abstract Model for Ledgers

  24. Abstract Ledgers ➢ ledger: 𝕄 = (T, rank) ● set of transactions T ● rank function: T ⟶ ℝ + ○ transactions ordered by increasing rank

  25. Abstract Ledgers ➢ ledger: 𝕄 = (T, rank) ● set of transactions T ● rank function: T ⟶ ℝ + ➢ dynamic ledger: 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ● time-indexed sequence of ledgers 𝕄 (0) 𝕄 (1) 𝕄 (2) 𝕄 (3) 𝕄 (4) ⋮

  26. Abstract Ledgers ➢ ledger: 𝕄 = (T, rank) ● set of transactions T ● rank function: T ⟶ ℝ + ➢ dynamic ledger: 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ● time-indexed sequence of ledgers ● sufficient to express liveness, persistence 𝕄 (0) 𝕄 (1) 𝕄 (2) 𝕄 (3) 𝕄 (4) ⋮

  27. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Liveness. For any r, t 0 , t ≥ t 0 +r: tx 𝕄 (t) : t 0 t 0 + r

  28. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Liveness. For any r, t 0 , t ≥ t 0 +r: tx 𝕄 (t) : t 0 t 0 + r

  29. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Liveness. For any r, t 0 , t ≥ t 0 +r: tx 𝕄 (t) : except with error l(r). t 0 t 0 + r

  30. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Liveness. For any r, t 0 , t ≥ t 0 +r: tx 𝕄 (t) : except with error l(r). t 0 t 0 + r ➢ Persistence. For any r, t: t-r t 𝕄 (t) : 𝕄 (t+1) : 𝕄 (t+2) : ⋮ r

  31. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Liveness. For any r, t 0 , t ≥ t 0 +r: tx 𝕄 (t) : except with error l(r). t 0 t 0 + r ➢ Persistence. For any r, t: t-r t 𝕄 (t) : = 𝕄 (t+1) : = 𝕄 (t+2) : except with error p(r). ⋮ ⋮ r

  32. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Liveness. For any r, t 0 , t ≥ t 0 +r: tx 𝕄 (t) : except with error l(r). t 0 t 0 + r ➢ Absolute persistence. For any r, t: t-r t 𝕄 (t) : = 𝕄 (t+1) : = 𝕄 (t+2) : except with error p A (r). ⋮ ⋮ r

  33. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Relative persistence. For any r, s, t: t - r - s t - s t 𝕄 (t) : ⋮ 𝕄 (t’) : ⋮ r s

  34. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Relative persistence. For any r, s, t: t - r - s t - s t 𝕄 (t) : ⋮ ⊆ 𝕄 (t’) : ⋮ r s

  35. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Relative persistence. For any r, s, t: t - r - s t - s t 𝕄 (t) : ⊆ ⋮ ⊆ 𝕄 (t’) : ⋮ r s

  36. Dynamic Ledger Properties Dynamic ledger 𝔼 = 𝕄 (0) , 𝕄 (1) , 𝕄 (2) , ... ➢ Relative persistence. For any r, s, t: t - r - s t - s t 𝕄 (t) : ⊆ ⋮ ⊆ 𝕄 (t’) : ⋮ except with error p R (r,s). r s

  37. Why Relative Persistence? ● weaker than absolute persistence, occurs faster ● often sufficient for settlement!

  38. Why Relative Persistence? ● weaker than absolute persistence, occurs faster ● often sufficient for settlement! l(r) -liveness (absolute) settlement in r+s steps p A (s) -absolute persistence } ⇒ with error l(r) + p A (s)

  39. Why Relative Persistence? ● weaker than absolute persistence, occurs faster ● often sufficient for settlement! “ledger up to tx will not change” l(r) -liveness (absolute) settlement in r+s steps p A (s) -absolute persistence } ⇒ with error l(r) + p A (s)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Rec econcil oncilia iations: tions: Led edger gers s an and Cas ash Suzette Baker, CPA,

Rec econcil oncilia iations: tions: Led edger gers s an and Cas ash Suzette Baker, CPA,

Office of Operations 2013 Fall Conference November 6-7 Back to Basics Rec econcil oncilia iations: tions: Led edger gers s an and Cas ash Suzette Baker, CPA, CGFM Executive Director Jennifer Hallanan, CGFM Supervising Accountant

515 views • 32 slides
The e disruptive potential of of Bloc ockchain and Distri tributed L Ledg edger r Tech

The e disruptive potential of of Bloc ockchain and Distri tributed L Ledg edger r Tech

The e disruptive potential of of Bloc ockchain and Distri tributed L Ledg edger r Tech echnology Alex Sims, 6 September 2017 University of Auckland Brief Outline Some context: Autonomous car scenario with blockchain and

573 views • 44 slides
Reconcil iliatio tion Beyond ond t the Gene General L Led edger CPA Ontario Public Sector

Reconcil iliatio tion Beyond ond t the Gene General L Led edger CPA Ontario Public Sector

Reconcil iliatio tion Beyond ond t the Gene General L Led edger CPA Ontario Public Sector Accounting Symposium June 20, 2018 Who is is the FM e FMB? We are a national non-profit First Nations Institution We support First Nations

415 views • 17 slides
Bitcoin Portland State University CS 410/510 Blockchain Development & Security Pecursor #1:

Bitcoin Portland State University CS 410/510 Blockchain Development & Security Pecursor #1:

Bitcoin Portland State University CS 410/510 Blockchain Development & Security Pecursor #1: Ledgers Portland State University CS 410/510 Blockchain Development & Security Led edger gers At the beginning of written history (~3000

1.19k views • 61 slides
MKM Business Meeting 0. We need a scribe 1. Report from the track chair 2. Track chair 2013 3.

MKM Business Meeting 0. We need a scribe 1. Report from the track chair 2. Track chair 2013 3.

MKM Business Meeting 0. We need a scribe 1. Report from the track chair 2. Track chair 2013 3. Trustees election 4. Any other business Report from the MKM 2012 track chair Makarius Wenzel 03-July-2012 CICM Integration joint CICM

441 views • 16 slides
Election Methods Is It Possible to Choose the Winner? Will Best October 2, 2020 Draws heavily

Election Methods Is It Possible to Choose the Winner? Will Best October 2, 2020 Draws heavily

Election Methods Is It Possible to Choose the Winner? Will Best October 2, 2020 Draws heavily on A talk by Dr. Donald Saari A presentation by Michael Buescher Plurality Vote for your favorite candidate. Whoever gets the most

866 views • 27 slides
bp third quarter 2020 financial results presentation Craig Marshall SVP investor relations

bp third quarter 2020 financial results presentation Craig Marshall SVP investor relations

bp third quarter 2020 financial results presentation Craig Marshall SVP investor relations Cautionary statement Forward-looking statements - cautionary statement In order to utilize the safe harbor provisions of the United States Private

492 views • 23 slides
A Multi-purpose Bayesian Model for Word-Based Morphology Maciej Janicki University of Leipzig

A Multi-purpose Bayesian Model for Word-Based Morphology Maciej Janicki University of Leipzig

Introduction The Model Experiments Conclusion A Multi-purpose Bayesian Model for Word-Based Morphology Maciej Janicki University of Leipzig September 17, 2015 Maciej Janicki A Multi-purpose Bayesian Model for Word-Based Morphology

470 views • 20 slides
r sss s r rstr

r sss s r rstr

r sss s r rstr str rstr r sss s

728 views • 27 slides
Measuring the neutrino mass hierarchy with PINGU Justin Evans 11th May 2012 Oscillation

Measuring the neutrino mass hierarchy with PINGU Justin Evans 11th May 2012 Oscillation

Measuring the neutrino mass hierarchy with PINGU Justin Evans 11th May 2012 Oscillation parameters Smallest mass splitting Solar mass splitting Require L/E ~ O (10 5 km/GeV) Solar neutrinos SNO, Borexino, etc Reactor neutrinos

603 views • 49 slides
SKILLS IN THE SOUTH EAST ECONOMY Session 1: How will Brexit affect migration, border security and

SKILLS IN THE SOUTH EAST ECONOMY Session 1: How will Brexit affect migration, border security and

SEEC-SESPM WORKSHOP Friday, 23 June 2017 BREXIT, MIGRATION & SKILLS IN THE SOUTH EAST ECONOMY Session 1: How will Brexit affect migration, border security and the skills gap? EU workers in the South East Economy 1.Skills gaps Dr CARLOS

476 views • 9 slides
Health Insurance Portability and Accountability Act of 1996 Compliance at Purdue

Health Insurance Portability and Accountability Act of 1996 Compliance at Purdue

Health Insurance Portability and Accountability Act of 1996 Compliance at Purdue https://www.purdue.edu/legalcounsel/HIPAA/index.html legalcounsel@purdue.edu Health Insurance Portability and Accountability Act of 1996 (HIPAA) Federal

333 views • 31 slides
Privacy in Context A panel discussion Karen Sollins Overview Sollins: Introduction, some

Privacy in Context A panel discussion Karen Sollins Overview Sollins: Introduction, some

Privacy in Context A panel discussion Karen Sollins Overview Sollins: Introduction, some thoughts for framing Panelists: Tschofenig, Sowell, Clark Discussion: Everyone What is privacy? Information privacy concerns the

310 views • 12 slides
Data & Visual Analytics Mahdi Roozbahani Lecturer, Computational Science and Engineering,

Data & Visual Analytics Mahdi Roozbahani Lecturer, Computational Science and Engineering,

CX4242: Data & Visual Analytics Mahdi Roozbahani Lecturer, Computational Science and Engineering, Georgia Tech Assignments Overview (Tentative and subject to change) CX 4242 Assignment 1 Platforms, Languages & Technologies Python,

1.1k views • 30 slides
How Secret-sharing can Defeat Terrorist Fraud Gildas Avoine 1 Cdric Lauradoux 2 Benjamin Martin 1

How Secret-sharing can Defeat Terrorist Fraud Gildas Avoine 1 Cdric Lauradoux 2 Benjamin Martin 1

How Secret-sharing can Defeat Terrorist Fraud Gildas Avoine 1 Cdric Lauradoux 2 Benjamin Martin 1 1 Universit catholique de Louvain Belgium 2 INRIA, Universit de Lyon France 17 June 2011 Plan 1 General Context 2 Relay Attacks 3 Distance

570 views • 35 slides
Security Analysis of Distance Bounding Protocols Agnes BRELURUT, Pascal LAFOURCADE, David GERAULT

Security Analysis of Distance Bounding Protocols Agnes BRELURUT, Pascal LAFOURCADE, David GERAULT

Security Analysis of Distance Bounding Protocols Agnes BRELURUT, Pascal LAFOURCADE, David GERAULT LIMOS, Universit dAuvergne, France September 17th 2015 BRELURUT, LAFOURCADE, GERAULT (LIMOS, France) Security Analysis of Distance Bounding

704 views • 42 slides
VIGOR: INTERACTIVE VISUAL EXPLORATION OF GRAPH QUERY RESULTS Author: Robert Pienta, Fred Hohman,

VIGOR: INTERACTIVE VISUAL EXPLORATION OF GRAPH QUERY RESULTS Author: Robert Pienta, Fred Hohman,

VIGOR: INTERACTIVE VISUAL EXPLORATION OF GRAPH QUERY RESULTS Author: Robert Pienta, Fred Hohman, Alex Endert, Acar Tamersoy,Kevin Roundy, Chris Gates, Shamkant Navathe, Duen Horng Chau PRESENTER: JIAHONG CHEN INSTRUCTOR: PROF. TAMARA MUNZNER

242 views • 22 slides
Build it, Break it, Fix it Break it Today Build It Presentations Theoretical Part:

Build it, Break it, Fix it Break it Today Build It Presentations Theoretical Part:

Build it, Break it, Fix it Break it Today Build It Presentations Theoretical Part: How to Approach Vulnerability Finding Hints for Break It Prof. Eric Bodden Build It, Break It, Fix It SS 17 2 How to Approach Vulnerability

573 views • 56 slides
CERTIFICATION SYSTEM INFORMATION SESSION PRESENTED BY ROBERT FOOTE, MANAGER DEVELOPMENT Case for

CERTIFICATION SYSTEM INFORMATION SESSION PRESENTED BY ROBERT FOOTE, MANAGER DEVELOPMENT Case for

CERTIFICATION SYSTEM INFORMATION SESSION PRESENTED BY ROBERT FOOTE, MANAGER DEVELOPMENT Case for change to system was clear Accreditation system is 40 years old in 2017 No review of the basis of the accreditation system in that time

518 views • 15 slides
Oncology(Nursing(Training(in(Low2( and(Middle2(income(Countries:( Challenges(and(Opportuni<es(

Oncology(Nursing(Training(in(Low2( and(Middle2(income(Countries:( Challenges(and(Opportuni<es(

Oncology(Nursing(Training(in(Low2( and(Middle2(income(Countries:( Challenges(and(Opportuni<es( Sanchia(Aranda( Board(Member(2(UICC( Immediate(Past(President((Interna<onal(Society( of(Nurses(in(Cancer(Care( ( #3: Advancing and

377 views • 20 slides
Strong Limits on Accreting IMBHs in Globular Clusters Laura Chomiuk (Michigan State) with Jay

Strong Limits on Accreting IMBHs in Globular Clusters Laura Chomiuk (Michigan State) with Jay

Strong Limits on Accreting IMBHs in Globular Clusters Laura Chomiuk (Michigan State) with Jay Strader (MSU) Laura Shishkovsky (MSU) Evangelia Tremou (MSU) Tom Maccarone (Texas Tech) James Miller-Jones (Curtin) Anil Seth (Utah) Craig

486 views • 19 slides
Gravitational waves from accretion onto Schwarzschild black holes: A perturbative approach

Gravitational waves from accretion onto Schwarzschild black holes: A perturbative approach

Gravitational waves from accretion onto Schwarzschild black holes: A perturbative approach Alessandro Nagar Relativity and Gravitation Group, Politecnico di Torino and INFN, sez. di Torino www.polito.it/relgrav/ alessandro.nagar@polito.it In

593 views • 27 slides
An accretion disk-corona model for X-ray spectra of active galactic nuclei Xinwu Cao Shanghai

An accretion disk-corona model for X-ray spectra of active galactic nuclei Xinwu Cao Shanghai

An accretion disk-corona model for X-ray spectra of active galactic nuclei Xinwu Cao Shanghai Astronomical Observatory Typical SED of AGN X-ray observations as constraints on accretion disk-corona models 1. correlation between photon spectral

358 views • 16 slides
IGRINS Survey of T Tauri Stars in Tau-Aur Status Report Kyoung Hee Kim (KHU) 2017 IGRINS Users

IGRINS Survey of T Tauri Stars in Tau-Aur Status Report Kyoung Hee Kim (KHU) 2017 IGRINS Users

IGRINS Survey of T Tauri Stars in Tau-Aur Status Report Kyoung Hee Kim (KHU) 2017 IGRINS Users Workshop 2017.07.28 Star Formation & Young Stellar Objects Overview of star formation (Greene, 2001) Dullemond+2010 Schematic picture of

313 views • 17 slides

More recommend