Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Permissionless Consensus

Andrew Lewis-Pye, Tim Roughgarden

TL;DR

The goal of this paper is to provide a framework for reasoning about the rich design space of blockchain protocols and their capabilities and limitations in the permissionless setting by proposing a hierarchy of settings with different "degrees of permissionlessness", specified by the amount of knowledge that a protocol has about the current participants.

Abstract

Blockchain protocols typically aspire to run in the permissionless setting, in which nodes are owned and operated by a large number of diverse and unknown entities, with each node free to start or stop running the protocol at any time. This setting is more challenging than the traditional permissioned setting, in which the set of nodes that will be running the protocol is fixed and known at the time of protocol deployment. The goal of this paper is to provide a framework for reasoning about the rich design space of blockchain protocols and their capabilities and limitations in the permissionless setting. We propose a hierarchy of settings with different "degrees of permissionlessness", specified by the amount of knowledge that a protocol has about the current participants: These are the fully permissionless, dynamically available and quasi-permissionless settings. The paper also proves several results illustrating the utility of our analysis framework for reasoning about blockchain protocols in these settings. For example: (1) In the fully permissionless setting, even with synchronous communication and with severe restrictions on the total size of the Byzantine players, every deterministic protocol for Byzantine agreement has a non-terminating execution. (2) In the dynamically available and partially synchronous setting, no protocol can solve the Byzantine agreement problem with high probability, even if there are no Byzantine players at all. (3) In the quasi-permissionless and partially synchronous setting, by contrast, assuming a bound on the total size of the Byzantine players, there is a deterministic protocol solving state machine replication. (4) In the quasi-permissionless and synchronous setting, every proof-of-stake state machine replication protocol that uses only time-malleable cryptographic primitives is vulnerable to long-range attacks.

Permissionless Consensus

TL;DR

The goal of this paper is to provide a framework for reasoning about the rich design space of blockchain protocols and their capabilities and limitations in the permissionless setting by proposing a hierarchy of settings with different "degrees of permissionlessness", specified by the amount of knowledge that a protocol has about the current participants.

Abstract

Blockchain protocols typically aspire to run in the permissionless setting, in which nodes are owned and operated by a large number of diverse and unknown entities, with each node free to start or stop running the protocol at any time. This setting is more challenging than the traditional permissioned setting, in which the set of nodes that will be running the protocol is fixed and known at the time of protocol deployment. The goal of this paper is to provide a framework for reasoning about the rich design space of blockchain protocols and their capabilities and limitations in the permissionless setting. We propose a hierarchy of settings with different "degrees of permissionlessness", specified by the amount of knowledge that a protocol has about the current participants: These are the fully permissionless, dynamically available and quasi-permissionless settings. The paper also proves several results illustrating the utility of our analysis framework for reasoning about blockchain protocols in these settings. For example: (1) In the fully permissionless setting, even with synchronous communication and with severe restrictions on the total size of the Byzantine players, every deterministic protocol for Byzantine agreement has a non-terminating execution. (2) In the dynamically available and partially synchronous setting, no protocol can solve the Byzantine agreement problem with high probability, even if there are no Byzantine players at all. (3) In the quasi-permissionless and partially synchronous setting, by contrast, assuming a bound on the total size of the Byzantine players, there is a deterministic protocol solving state machine replication. (4) In the quasi-permissionless and synchronous setting, every proof-of-stake state machine replication protocol that uses only time-malleable cryptographic primitives is vulnerable to long-range attacks.
Paper Structure (70 sections, 10 theorems, 2 equations, 4 tables, 1 algorithm)

This paper contains 70 sections, 10 theorems, 2 equations, 4 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Consensus: Permissioned vs. Permissionless
  3. Degrees of Permissionlessness: A Hierarchy of Four Settings
  4. Five Representative Results
  5. Main Ingredients of the Analysis Framework
  6. Possibility vs. Impossibility Results
  7. Organization of this Paper
  8. Related work
  9. Previous work on consensus without an a priori fixed and known player set
  10. Previous work on consensus with intermittently active players
  11. Previous work on consensus with sybils
  12. Comparison with existing results
  13. The fully permissionless setting without resource restrictions
  14. The set of players and the means of communication
  15. Players and oracles
  16. ...and 55 more sections

Key Result

Proposition 3.1

Consider the fully permissionless setting (with oracles but without resources) and suppose that the player set $\mathcal{P}$ is finite. For every $\rho > 0$, no protocol solves Byzantine agreement when up to a $\rho$ fraction of the players may be Byzantine. This result holds even in the synchronous

Theorems & Definitions (10)

  • Proposition 3.1
  • theorem 1
  • theorem 2: Losa and Gafni losa2023consensus
  • theorem 3
  • theorem 4: Neu, Tas, and Tse neu2022availability
  • theorem 5
  • theorem 6
  • theorem 7
  • theorem 8
  • theorem 9