## Cryptology ePrint Archive: Report 2019/587

Polygraph: Accountable Byzantine Agreement

Pierre Civit and Seth Gilbert and Vincent Gramoli

Abstract: In this paper, we introduce \emph{Polygraph}, the first accountable Byzantine consensus algorithm. If among $n$ users $t<n/3$ are malicious then it ensures consensus; otherwise (if $t \geq n/3$), it eventually detects malicious users that cause disagreement. Polygraph is appealing for blockchain applications as it allows them to totally order blocks in a chain whenever possible, hence avoiding forks and double spending and, otherwise, to punish (e.g., via slashing) at least $n/3$ malicious users when a fork occurs. This problem is more difficult than perhaps it first appears. One could try identifying malicious senders by extending classic Byzantine consensus algorithms to piggyback signed messages. We show however that to achieve accountability the resulting algorithms would then need to exchange $\Omega(\kappa \cdot n^2)$ more bits, where $\kappa$ is the security parameter of the signature scheme. By contrast, Polygraph has communication complexity $O(\kappa \cdot n^4)$. Finally, we implement Polygraph in a blockchain committing more than 10,000\,TPS when deployed on 80 geodistributed machines.

Category / Keywords: cryptographic protocols / accountability, blockchain, red belly, DBFT

Date: received 29 May 2019, last revised 18 Jan 2021

Contact author: vincent gramoli at sydney edu au

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2019/587

[ Cryptology ePrint archive ]