Cryptology ePrint Archive: Report 2021/628

The Availability-Accountability Dilemma and its Resolution via Accountability Gadgets

Joachim Neu and Ertem Nusret Tas and David Tse

Abstract: For applications of Byzantine fault tolerant (BFT) consensus protocols where the participants are economic agents, recent works highlighted the importance of accountability: the ability to identify participants who provably violate the protocol. At the same time, being able to reach consensus under dynamic levels of participation is desirable for censorship resistance. We identify an availability-accountability dilemma: in an environment with dynamic participation, no protocol can simultaneously be accountably-safe and live. We provide a resolution to this dilemma by constructing an optimally-resilient accountability gadget to checkpoint a longest chain protocol, such that the full ledger is live under dynamic participation and the checkpointed prefix ledger is accountable. Our accountability gadget construction is black-box and can use any BFT protocol which is accountable under static participation. Using HotStuff as the black box, we implemented our construction as a protocol for the Ethereum 2.0 beacon chain, and our Internet-scale experiments with more than 4000 nodes show that the protocol can achieve the required scalability and has better latency than the current solution Gasper, while having the advantage of being provably secure.

Category / Keywords: cryptographic protocols / blockchain, consensus

Date: received 12 May 2021, last revised 23 Sep 2021

Contact author: jneu at stanford edu, nusret at stanford edu, dntse at stanford edu

Available format(s): PDF | BibTeX Citation

Version: 20210923:102328 (All versions of this report)

Short URL: ia.cr/2021/628


[ Cryptology ePrint archive ]