Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

TrustChain: A Blockchain Framework for Auditing and Verifying Aggregators in Decentralized Federated Learning

Ehsan Hallaji, Roozbeh Razavi-Far, Mehrdad Saif

TL;DR

TrustChain addresses the risk of rogue aggregators in decentralized federated learning by introducing a two-stage, blockchain-based verification: a Pre-Selection Evaluation that scores candidates using concept-drift-inspired cosine similarity over a sliding window, and a Post-Aggregation Auditing that uses HSIC to test the independence between the aggregated model and current updates. The approach combines a lightweight, topology-agnostic trust mechanism with auditable on-chain records, supported by a simple permissioned blockchain and smart contracts to trigger pre- and post-checks. Empirical results across multiple datasets and attack scenarios show that TrustChain effectively mitigates malicious aggregators, maintaining accuracy close to benign conditions and outperforming non-audited baselines. The work contributes a practical, low-overhead framework for continuous aggregator verification in DFL, with potential for integration into broader secure, privacy-preserving distributed learning systems.

Abstract

The server-less nature of Decentralized Federated Learning (DFL) requires allocating the aggregation role to specific participants in each federated round. Current DFL architectures ensure the trustworthiness of the aggregator node upon selection. However, most of these studies overlook the possibility that the aggregating node may turn rogue and act maliciously after being nominated. To address this problem, this paper proposes a DFL structure, called TrustChain, that scores the aggregators before selection based on their past behavior and additionally audits them after the aggregation. To do this, the statistical independence between the client updates and the aggregated model is continuously monitored using the Hilbert-Schmidt Independence Criterion (HSIC). The proposed method relies on several principles, including blockchain, anomaly detection, and concept drift analysis. The designed structure is evaluated on several federated datasets and attack scenarios with different numbers of Byzantine nodes.

TrustChain: A Blockchain Framework for Auditing and Verifying Aggregators in Decentralized Federated Learning

TL;DR

TrustChain addresses the risk of rogue aggregators in decentralized federated learning by introducing a two-stage, blockchain-based verification: a Pre-Selection Evaluation that scores candidates using concept-drift-inspired cosine similarity over a sliding window, and a Post-Aggregation Auditing that uses HSIC to test the independence between the aggregated model and current updates. The approach combines a lightweight, topology-agnostic trust mechanism with auditable on-chain records, supported by a simple permissioned blockchain and smart contracts to trigger pre- and post-checks. Empirical results across multiple datasets and attack scenarios show that TrustChain effectively mitigates malicious aggregators, maintaining accuracy close to benign conditions and outperforming non-audited baselines. The work contributes a practical, low-overhead framework for continuous aggregator verification in DFL, with potential for integration into broader secure, privacy-preserving distributed learning systems.

Abstract

The server-less nature of Decentralized Federated Learning (DFL) requires allocating the aggregation role to specific participants in each federated round. Current DFL architectures ensure the trustworthiness of the aggregator node upon selection. However, most of these studies overlook the possibility that the aggregating node may turn rogue and act maliciously after being nominated. To address this problem, this paper proposes a DFL structure, called TrustChain, that scores the aggregators before selection based on their past behavior and additionally audits them after the aggregation. To do this, the statistical independence between the client updates and the aggregated model is continuously monitored using the Hilbert-Schmidt Independence Criterion (HSIC). The proposed method relies on several principles, including blockchain, anomaly detection, and concept drift analysis. The designed structure is evaluated on several federated datasets and attack scenarios with different numbers of Byzantine nodes.

Paper Structure

This paper contains 34 sections, 13 equations, 5 figures, 2 algorithms.

Table of Contents

  1. Introduction
  2. Background
  3. Decentralized Federated Learning
  4. Threats
  5. Defenses
  6. Knowledge Gap
  7. Problem Formulation
  8. Threat Models
  9. Label flipping
  10. Sign flipping
  11. Gradient manipulation
  12. Training objective manipulation
  13. Blockchain-Enabled Trustworthy Aggregation
  14. Robust Aggregation
  15. Pre-Selection Evaluation
  16. ...and 19 more sections

Figures (5)

  • Figure 1: Block diagram of the proposed TrustChain structure for one DFL round at time $t$. Aggr denotes the robust aggregation algorithm. For simplicity, the diagram assumes each block number $i$ corresponds to node $c_i^t$. In this formulation, $t$ indicates the DFL iteration number. In addition, $b$ and $\bar{b}$ refer to blocks containing user updates $\theta$ and aggregated models $\bar{\theta}$, respectively.
  • Figure 2: Classification accuracy of DFL for different datasets. On the left side, aggregator is benign. Plots in the middle column use TrustChain and aggregator is not trusted. On the right side, DFL do not use TrustChain and aggregator is not trusted.
  • Figure 3: Effect of $q$ on the precision of PSE and PAA. Each component is studied separately, and the precision is averaged for all attack scenarios and datasets.
  • Figure 4: Overall detection performance of PSE (used in SC1) and PAA (used SC2) for different attacks.
  • Figure 5: Critical difference diagram obtained from the post-hoc Friedman test. The significance level is set to $0.05$.