Accountability of Blockchains
Background
Ralf Küsters, Tomasz Truderung, Andreas Vogt (University of Trier)
CCS'10
A new definition of accountability, with interpretations both in symbolic and computational models.
Verifiability can be interpreted as a restricted form of accountability
Example with three different tasks: contract-signing, voting, and auctions
PeerReview
Collection of works by Andreas Haeberlen et al.
Applicable for wide range of systems
Only requires that a correct node’s actions are deterministic, that nodes can sign messages, and that each node is periodically checked by a correct node.
Apply PeerReview to three different systems: a network filesystem, a peer-to-peer system, and an overlay multicast system.
Downsides argued in Accountability in a Permissioned Blockchain: Formal Analysis of Hyperledger Fabric
(i) PeerReview assumes eventual message delivery and loosely synchronized clocks
(ii) PeerReview runs in an additional layer on top of the actual protocol, requires complete message logs from all parties, and produces a communication overhead by requiring parties to broadcast information on their current state
(iii) to identify misbehaving parties, PeerReview requires “auditors” to recalculate the full internal state of suspects.
Safety
Ralf Kusters, Daniel Rausch, Mike Simon (University of Stuttgart)
EuroS&P'20
Important for permissioned blockchains: incentivizes all parties to behave honestly
Target security property: consistency (in the backbone paper)
Hyperledger Fabric (Kafka): weak accountability (one can blame a set of parties with the guarantee that at least of one of them misbehaved.)
In a case where consistency is broken , It is not clear whether
1. Kafka cluster has maliciously sent different transaction sequences to different orderers or
2. a malicious orderer has not formed blocks correctly, given the transaction sequence received from the Kafka cluster.
Propose Fabric*: small modifications to Fabric with Kafka for individual accountability
IITM (Inexhaustible Interactive Turing Machines) model (a model for universal composability similar to the UC model)
Fully asynchronous
Alejandro Ranchal-Pedrosa, Vincent Gramoli
Demonstration in Libra
Liveness
Censorship
Maurice Herlihy (Brown University and Oracle Labs), Mark Moir (Oracle Labs)
Based on Tendermint
Censorship, Order manipulation, Transaction injection
A node accepts a transaction and return a receipt with signature (or reject for a legitimate censorship)