zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6 Commits
183 Branches
291 MiB
Tree: 87abbf78e6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '87abbf78e6'
${ noResults }
tendermint/consensus/definitions.tex

117 lines
6.8 KiB
Raw Normal View History

Prepare to Nuke Develop (#47) * state -> step * vote -> v * New version of the algorithm and the proof * New version of the algorithm and the proofs * Added algorithm description * Add algorithm description * Add introduction * Add conclusion * Add conclusion file * fix warnings (caption was defined twice) - only the latter is used anyways (centers captions) - this makes it possible to autom. building the paper * Update grammar * s/state_p/step_p * Address Ismail's comments * intro: language fixes * definitions: language fixes * consensus: various fixes * proof: some fixes * try to improve reviewability * \eq -> = * textwrap to 79 * various minor fixes * proof: fix itemization * proof: more minor fixes * proof: timeouts are functions * proof: fixes to lemma6 * Intro changes and improve title page * Add Marko and Ming to acks * add readme * Format algorithm correctly Clarify condition semantic and timeouts Improve descriptions * patform -> platform * Ensure that rules are mutually exclusive - various clarifications and small improvements * Release v0.6 * small nits for smoother readability
5 years ago
 
  1. \section{Definitions} \label{sec:definitions}
  2. 

  3. \subsection{Model}
  4. 

  5. We consider a system of processes that communicate by exchanging messages.
  6. Processes can be correct or faulty, where a faulty process can behave in an
  7. arbitrary way, i.e., Byzantine faults. We assume that each process
  8. has some amount of voting power (voting power of a process can be $0$).
  9. Processes in our model are not part of a single administrative domain;
  10. therefore we cannot enforce a direct network connectivity between all
  11. processes. Instead, we assume that each process is connected to a subset of
  12. processes called peers, such that there is an indirect communication channel
  13. between all correct processes. Communication between processes is established
  14. using a gossip protocol \cite{Dem1987:gossip}.
  15. 

  16. Formally, we model the network communication using the \emph{partially
  17. synchronous system model}~\cite{DLS88:jacm}: in all executions of the system
  18. there is a bound $\Delta$ and an instant GST (Global Stabilization Time) such
  19. that all communication among correct processes after GST is reliable and
  20. $\Delta$-timely, i.e., if a correct process $p$ sends message $m$ at time $t

  21. \ge GST$ to correct process $q$, then $q$ will receive $m$ before $t +
  22. \Delta$\footnote{Note that as we do not assume direct communication channels

  23.     among all correct processes, this implies that before the message $m$
  24.     reaches $q$, it might pass through a number of correct processes that will
  25. forward the message $m$ using gossip protocol towards $q$.}. Messages among
  26. correct processes can be delayed, dropped or duplicated before GST.
  27. Spoofing/impersonation attacks are assumed to be impossible at all times due to
  28. the use of public-key cryptography. The bound $\Delta$ and GST are system
  29. parameters whose values are not required to be known for the safety of our
  30. algorithm. Termination of the algorithm is guaranteed within a bounded duration
  31. after GST.  In practice, the algorithm will work correctly in the slightly
  32. weaker variant of the model where the system alternates between (long enough)
  33. good periods (corresponds to the \emph{after} GST period where system is
  34. reliable and $\Delta$-timely) and bad periods (corresponds to the period
  35. \emph{before} GST during which the system is asynchronous and messages can be
  36. lost), but consideration of the GST model simplifies the discussion.  
  37. 

  38. We assume that process steps (which might include sending and receiving
  39. messages) take zero time.  Processes are equipped with clocks so they can
  40. measure local timeouts.  All protocol messages are signed, i.e., when a correct
  41. process $q$ receives a signed message $m$ from its peer, the process $q$ can
  42. verify who was the original sender of the message $m$.
  43. 

  44. The details of the Tendermint gossip protocol will be discussed in a separate
  45. technical report. For the sake of this paper it is sufficient to assume that
  46. messages are being gossiped between processes and the following property holds
  47. (in addition to the partial synchrony network assumptions):
  48. 

  49. \begin{itemize} \item \emph{Gossip communication:} If a correct process $p$
  50.     receives some message $m$ at time $t$, all correct processes will receive
  51.     $m$ before $max\{t, GST\} + \Delta$.    \end{itemize}
  52. 

  53. 

  54. %Messages that are being gossiped are created by the consensus layer. We can

  55.     %think about consensus protocol as a content creator, which %defines what

  56.     %messages should be disseminated using the gossip protocol. A correct

  57.     %process creates the message for dissemination either i) %explicitly, by

  58.     %invoking \emph{send} function as part of the consensus protocol or ii)

  59.     %implicitly, by receiving a message from some other %process. Note that in

  60.     %the case ii) gossiping of messages is implicit, i.e., it happens without

  61.     %explicit send clause in the consensus algorithm %whenever a correct

  62.     %process receives some messages in the consensus algorithm\footnote{If a

  63.     %message is received by a correct process at %the consensus level then it

  64.     %is considered valid from the protocol point of view, i.e., it has a

  65.     %correct signature, a proper message structure %and a valid height and

  66.     %round number.}. 

  67. 

  68. %\item Processes keep resending messages (in case of failures or message loss)

  69.     %until all its peers get them. This ensures that every message %sent or

  70.     %received by a correct process is eventually received by all correct

  71.     %processes. 

  72. 

  73. \subsection{State Machine Replication}
  74. 

  75. State machine replication (SMR) is a general approach for replicating services
  76. modeled as a deterministic state machine~\cite{Lam78:cacm,Sch90:survey}.  The
  77. key idea of this approach is to guarantee that all replicas start in the same
  78. state and then apply requests from clients in the same order, thereby
  79. guaranteeing that the replicas' states will not diverge.  Following
  80. Schneider~\cite{Sch90:survey}, we note that the following is key for
  81. implementing a replicated state machine tolerant to (Byzantine) faults:
  82. 

  83. \begin{itemize} \item \emph{Replica Coordination.} All [non-faulty] replicas
  84.     receive and process the same sequence of requests.  \end{itemize}
  85. 

  86. Moreover, as Schneider also notes, this property can be decomposed into two
  87. parts, \emph{Agreement} and \emph{Order}: Agreement requires all (non-faulty)
  88. replicas to receive all requests, and Order requires that the order of received
  89. requests is the same at all replicas.
  90. 

  91. There is an additional requirement that needs to be ensured by Byzantine
  92. tolerant state machine replication: only requests (called transactions in the
  93. Tendermint terminology) proposed by clients are executed. In Tendermint,
  94. transaction verification is the responsibility of the service that is being
  95. replicated; upon receiving a transaction from the client, the Tendermint
  96. process will ask the service if the request is valid, and only valid requests
  97. will be processed. 
  98. 

  99.  \subsection{Consensus} \label{sec:consensus}
  100. 

  101. Tendermint solves state machine replication by sequentially executing consensus
  102. instances to agree on each block of transactions that are
  103. then executed by the service being replicated. We consider a variant of the
  104. Byzantine consensus problem called Validity Predicate-based Byzantine consensus
  105. that is motivated by blockchain systems~\cite{GLR17:red-belly-bc}. The problem
  106. is defined by an agreement, a termination, and a validity property.
  107. 

  108.  \begin{itemize} \item \emph{Agreement:} No two correct processes decide on
  109.          different values.  \item \emph{Termination:} All correct processes
  110.          eventually decide on a value.  \item \emph{Validity:} A decided value
  111.              is valid, i.e., it satisfies the predefined predicate denoted
  112.              \emph{valid()}.  \end{itemize}
  113. 

  114.  This variant of the Byzantine consensus problem has an application-specific
  115.  \emph{valid()} predicate to indicate whether a value is valid. In the context
  116.  of blockchain systems, for example, a value is not valid if it does not
  117.  contain an appropriate hash of the last value (block) added to the blockchain.