A Lightweight Approach for State Machine Replication
Christian Cachin, Jinfeng Dou, Christian Scheideler, Philipp Schneider
TL;DR
This work tackles state machine replication under an adaptive blocking adversary by marrying a leaderless median-rule consensus with lightweight, client-held commitment certificates. It introduces a compact, log-based approach where servers store only the shared state and uncommitted commands, while clients maintain short certificates (via a Merkle forest) proving that their commands were committed. The methodology includes an extended median-rule SMR with a $(k,\ell)$-Gossip broadcasting mechanism, a compact rule to trim logs, and a recovery protocol that preserves monotonicity and enables fast restoration after surges, all with logarithmic communication, latency, and per-client storage. The framework provides liveness under $1$-late, $\Theta(1)$-blocking adversaries and strong safety under arbitrary blocking, offering a practical, scalable, and partition-tolerant SMR solution with potential extensions to higher blocking or churn by adjusting parameters. Overall, the approach advances scalable, leaderless SMR with provable guarantees and minimal server-side state, suitable for lightweight, verifiable transaction histories where clients shoulder commitment proofs.
Abstract
We present a lightweight solution for state machine replication with commitment certificates. Specifically, we adapt and analyze a median rule for the stabilizing consensus problem [Doerr11] to operate in a client-server setting where arbitrary servers may be blocked adaptively based on past system information. We further extend our protocol by compressing information about committed commands, thus keeping the protocol lightweight, while still enabling clients to easily prove that their commands have indeed been committed on the shared state. Our approach guarantees liveness as long as at most a constant fraction of servers are blocked, ensures safety under any number of blocked servers, and supports fast recovery even after all servers are blocked. In addition to offering near-optimal asymptotic performance in several respects, our method is fully decentralized, unlike other near-optimal solutions that rely on leaders. In particular, our solution is robust against adversaries that target key servers (which captures insider-based denial-of-service attacks), whereas leader-based approaches fail under such a blocking model.