Paper 2021/211

GearBox: Optimal-size Shard Committees by Leveraging the Safety-Liveness Dichotomy

Bernardo David, IT University of Copenhagen
Bernardo Magri, University of Manchester
Christian Matt, Concordium
Jesper Buus Nielsen, Concordium Blockchain Research Center, Aarhus University
Daniel Tschudi, Concordium
Abstract

Sharding is an emerging technique to overcome scalability issues on blockchain based public ledgers. Without sharding, every node in the network has to listen to and process all ledger protocol messages. The basic idea of sharding is to parallelize the ledger protocol: the nodes are divided into smaller subsets that each take care of a fraction of the original load by executing lighter instances of the ledger protocol, also called shards. The smaller the shards, the higher the efficiency, as by increasing parallelism there is less overhead in the shard consensus. In this vein, we propose a novel approach that leverages the sharding safety-liveness dichotomy. We separate the liveness and safety in shard consensus, allowing us to dynamically tune shard parameters to achieve essentially optimal efficiency for the current corruption ratio of the system. We start by sampling a relatively small shard (possibly with a small honesty ratio), and we carefully trade-off safety for liveness in the consensus mechanism to tolerate small honesty without losing safety. However, for a shard to be live, a higher honesty ratio is required in the worst case. To detect liveness failures, we use a so-called control chain that is always live and safe. Shards that are detected to be not live are resampled with increased shard size and liveness tolerance until they are live, ensuring that all shards are always safe and run with optimal efficiency. As a concrete example, considering a population of 10K parties with at most 30% corruption and 60-bit security, previous designs required over 5800 parties in each shard to guarantee security. Our design requires only 1713 parties in the worst case with maximal corruption, and in the optimistic case works with only 35 parties without compromising security. Moreover, in this highly concurrent execution setting, it is paramount to guarantee that both the sharded ledger protocol and its sub protocols (i.e., the shards) are secure under composition. To prove the security of our approach, we present ideal functionalities capturing a sharded ledger as well as ideal functionalities capturing the control chain and individual shard consensus, which needs adjustable liveness. We further formalize our protocols and prove that they securely realize the sharded ledger functionality in the UC framework.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. ACM CCS 2022
Keywords
Sharding Blockchain Committee selection Safety-Liveness dichotomy Transaction ledger
Contact author(s)
bernardo @ bmdavid com
bernardo magri @ manchester ac uk
cm @ concordium com
jbn @ cs au dk
dt @ concordium com
History
2022-07-05: last of 3 revisions
2021-03-02: received
See all versions
Short URL
https://ia.cr/2021/211
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/211,
      author = {Bernardo David and Bernardo Magri and Christian Matt and Jesper Buus Nielsen and Daniel Tschudi},
      title = {{GearBox}: Optimal-size Shard Committees by Leveraging the Safety-Liveness Dichotomy},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/211},
      year = {2021},
      url = {https://eprint.iacr.org/2021/211}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.