### TaiJi: Longest Chain Availability with BFT Fast Confirmation

Songze Li and David Tse

##### Abstract

Most state machine replication protocols are either based on the 40-years-old Byzantine Fault Tolerance (BFT) theory or the more recent Nakamoto’s longest chain design. Longest chain protocols, designed originally in the Proof-of-Work (PoW) setting, are available under dynamic participation, but has probabilistic confirmation with long latency dependent on the security parameter. BFT protocols, designed for the permissioned setting, has fast deterministic confirmation, but assume a fixed number of nodes always online. We present a new construction which combines a longest chain protocol and a BFT protocol to get the best of both worlds. Using this construction, we design TaiJi, the first dynamically available PoW protocol which has almost deterministic confirmation with latency independent of the security parameter. In contrast to previous hybrid approaches which use a single longest chain to sample participants to run a BFT protocol, our native PoW construction uses many independent longest chains to sample propose actions and vote actions for the BFT protocol. This design enables TaiJi to inherit the full dynamic availability of Bitcoin, as well as its full unpredictability, making it secure against fully-adaptive adversaries with up to 50% of online hash power.

Available format(s)
Category
Foundations
Publication info
Preprint. MINOR revision.
Keywords
blockchainsconsensus protocolsdynamic availabilityunpredictabilityfast confirmation latency
Contact author(s)
songzeli8824 @ gmail com
History
Short URL
https://ia.cr/2020/1470

CC BY

BibTeX

@misc{cryptoeprint:2020/1470,
author = {Songze Li and David Tse},
title = {TaiJi: Longest Chain Availability with BFT Fast Confirmation},
howpublished = {Cryptology ePrint Archive, Paper 2020/1470},
year = {2020},
note = {\url{https://eprint.iacr.org/2020/1470}},
url = {https://eprint.iacr.org/2020/1470}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.