---
OA_place: repository
OA_type: green
_id: '21243'
abstract:
- lang: eng
  text: Widely deployed consensus protocols in the cloud are often leader-based and
    optimized for low latency under synchronous network conditions. However, cloud
    networks can experience disruptions such as network partitions, high-loss links,
    and configuration errors. These disruptions interfere with the operation of leader-based
    protocols, as their view change mechanisms interrupt the normal case replication
    and cause the system to stall. We propose RACS, a novel randomized consensus protocol
    that ensures robustness against adversarial network conditions. RACS achieves
    optimal one-round trip latency under synchronous network conditions while remaining
    resilient to adversarial network conditions. RACS follows a simple design inspired
    by Raft, the most widely used consensus protocol in the cloud, and therefore enables
    seamless integration with the existing cloud software stack. Experiments with
    a prototype running on Amazon EC2 show that RACS achieves 28k cmd/sec throughput,
    ninefold higher than Raft under adversarial cloud network conditions. Under synchronous
    network conditions, RACS matches the performance of Multi-Paxos and Raft, achieving
    a throughput of 200k cmd/sec with a median latency of 300ms, confirming that RACS
    introduces no unnecessary overhead. Finally, SADL-RACS, a throughput-optimized
    version of RACS, achieves a throughput of 500k cmd/sec, delivering 150 percent
    higher throughput than Raft.
article_processing_charge: No
arxiv: 1
author:
- first_name: Pasindu
  full_name: Tennage, Pasindu
  last_name: Tennage
- first_name: Antoine
  full_name: Desjardins, Antoine
  id: 06d0c166-aec1-11ee-a7c0-b96e840a602b
  last_name: Desjardins
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
  orcid: 0000-0002-8827-3382
citation:
  ama: 'Tennage P, Desjardins A, Kokoris Kogias E. RACS-SADL: Robust and understandable
    randomized consensus in the cloud. In: <i>2025 IEEE 18th International Conference
    on Cloud Computing</i>. IEEE; 2025. doi:<a href="https://doi.org/10.1109/cloud67622.2025.00044">10.1109/cloud67622.2025.00044</a>'
  apa: 'Tennage, P., Desjardins, A., &#38; Kokoris Kogias, E. (2025). RACS-SADL: Robust
    and understandable randomized consensus in the cloud. In <i>2025 IEEE 18th International
    Conference on Cloud Computing</i>. Helsinki, Finland: IEEE. <a href="https://doi.org/10.1109/cloud67622.2025.00044">https://doi.org/10.1109/cloud67622.2025.00044</a>'
  chicago: 'Tennage, Pasindu, Antoine Desjardins, and Eleftherios Kokoris Kogias.
    “RACS-SADL: Robust and Understandable Randomized Consensus in the Cloud.” In <i>2025
    IEEE 18th International Conference on Cloud Computing</i>. IEEE, 2025. <a href="https://doi.org/10.1109/cloud67622.2025.00044">https://doi.org/10.1109/cloud67622.2025.00044</a>.'
  ieee: 'P. Tennage, A. Desjardins, and E. Kokoris Kogias, “RACS-SADL: Robust and
    understandable randomized consensus in the cloud,” in <i>2025 IEEE 18th International
    Conference on Cloud Computing</i>, Helsinki, Finland, 2025.'
  ista: 'Tennage P, Desjardins A, Kokoris Kogias E. 2025. RACS-SADL: Robust and understandable
    randomized consensus in the cloud. 2025 IEEE 18th International Conference on
    Cloud Computing. CLOUD: Conference on Cloud Computing.'
  mla: 'Tennage, Pasindu, et al. “RACS-SADL: Robust and Understandable Randomized
    Consensus in the Cloud.” <i>2025 IEEE 18th International Conference on Cloud Computing</i>,
    IEEE, 2025, doi:<a href="https://doi.org/10.1109/cloud67622.2025.00044">10.1109/cloud67622.2025.00044</a>.'
  short: P. Tennage, A. Desjardins, E. Kokoris Kogias, in:, 2025 IEEE 18th International
    Conference on Cloud Computing, IEEE, 2025.
conference:
  end_date: 2025-07-12
  location: Helsinki, Finland
  name: 'CLOUD: Conference on Cloud Computing'
  start_date: 2025-07-07
corr_author: '1'
date_created: 2026-02-16T15:21:27Z
date_published: 2025-07-30T00:00:00Z
date_updated: 2026-05-05T11:52:57Z
day: '30'
department:
- _id: ElKo
doi: 10.1109/cloud67622.2025.00044
external_id:
  arxiv:
  - '2404.04183'
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://doi.org/10.48550/arXiv.2404.04183
month: '07'
oa: 1
oa_version: Preprint
publication: 2025 IEEE 18th International Conference on Cloud Computing
publication_identifier:
  eisbn:
  - '9798331555573'
publication_status: published
publisher: IEEE
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'RACS-SADL: Robust and understandable randomized consensus in the cloud'
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
year: '2025'
...
---
_id: '18071'
abstract:
- lang: eng
  text: Recent advancements on DAG-based consensus protocols allow for blockchains
    with improved metrics and properties, such as throughput and censorship-resistance.
    Variants of the Bullshark [18] consensus protocol are adopted for practical use
    by the Sui blockchain, for improved latency. However, the protocol is leader-based,
    and is strongly affected by crashed leaders that can lead to various performance
    issues, for example, decreased transaction throughput. In this paper, we propose
    HammerHead, a DAG-based consensus protocol, that is inspired by Carousel [8] and
    provides Leader-Utilization. Our proposal differs from Carousel, which is built
    for a chained consensus protocol; in HammerHead chain quality is inherited by
    the DAG. HammerHead needs to preserve safety and liveness, despite validators
    committing leader vertices asynchronously. The key idea is to update leader schedules
    dynamically, based on the validators' scores during the previous schedule. We
    implement HammerHead and show a minor improvement in performance for cases without
    faults. The major improvements in comparison to Bullshark appear in faulty settings.
    Specifically, we show a drastic, 2x-latency improvement and up to 40% increased
    throughput when crash faults occur (100 validators, 33 faults).
acknowledgement: This work is supported by Mysten Labs. We thank the Mysten Labs Engineering
  teams for valuable feedback broadly, and specifically to Laura Makdah for helping
  implementing the early reputation score system for validators and Dmitry Perelman
  for managing the overall implementation effort.
article_processing_charge: No
arxiv: 1
author:
- first_name: Giorgos
  full_name: Tsimos, Giorgos
  last_name: Tsimos
- first_name: Anastasios
  full_name: Kichidis, Anastasios
  last_name: Kichidis
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
citation:
  ama: 'Tsimos G, Kichidis A, Sonnino A, Kokoris Kogias E. HammerHead: Leader reputation
    for dynamic scheduling. In: <i>Proceedings - International Conference on Distributed
    Computing Systems</i>. IEEE; 2024:1377-1387. doi:<a href="https://doi.org/10.1109/ICDCS60910.2024.00129">10.1109/ICDCS60910.2024.00129</a>'
  apa: 'Tsimos, G., Kichidis, A., Sonnino, A., &#38; Kokoris Kogias, E. (2024). HammerHead:
    Leader reputation for dynamic scheduling. In <i>Proceedings - International Conference
    on Distributed Computing Systems</i> (pp. 1377–1387). Jersey City, NJ, United
    States: IEEE. <a href="https://doi.org/10.1109/ICDCS60910.2024.00129">https://doi.org/10.1109/ICDCS60910.2024.00129</a>'
  chicago: 'Tsimos, Giorgos, Anastasios Kichidis, Alberto Sonnino, and Eleftherios
    Kokoris Kogias. “HammerHead: Leader Reputation for Dynamic Scheduling.” In <i>Proceedings
    - International Conference on Distributed Computing Systems</i>, 1377–87. IEEE,
    2024. <a href="https://doi.org/10.1109/ICDCS60910.2024.00129">https://doi.org/10.1109/ICDCS60910.2024.00129</a>.'
  ieee: 'G. Tsimos, A. Kichidis, A. Sonnino, and E. Kokoris Kogias, “HammerHead: Leader
    reputation for dynamic scheduling,” in <i>Proceedings - International Conference
    on Distributed Computing Systems</i>, Jersey City, NJ, United States, 2024, pp.
    1377–1387.'
  ista: 'Tsimos G, Kichidis A, Sonnino A, Kokoris Kogias E. 2024. HammerHead: Leader
    reputation for dynamic scheduling. Proceedings - International Conference on Distributed
    Computing Systems. ICDCS: International Conference on Distributed Computing Systems,
    1377–1387.'
  mla: 'Tsimos, Giorgos, et al. “HammerHead: Leader Reputation for Dynamic Scheduling.”
    <i>Proceedings - International Conference on Distributed Computing Systems</i>,
    IEEE, 2024, pp. 1377–87, doi:<a href="https://doi.org/10.1109/ICDCS60910.2024.00129">10.1109/ICDCS60910.2024.00129</a>.'
  short: G. Tsimos, A. Kichidis, A. Sonnino, E. Kokoris Kogias, in:, Proceedings -
    International Conference on Distributed Computing Systems, IEEE, 2024, pp. 1377–1387.
conference:
  end_date: 2024-07-26
  location: Jersey City, NJ, United States
  name: 'ICDCS: International Conference on Distributed Computing Systems'
  start_date: 2024-07-23
date_created: 2024-09-15T22:01:41Z
date_published: 2024-07-26T00:00:00Z
date_updated: 2025-09-08T09:42:36Z
day: '26'
department:
- _id: ElKo
doi: 10.1109/ICDCS60910.2024.00129
external_id:
  arxiv:
  - '2309.12713'
  isi:
  - '001304430200120'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://arxiv.org/abs/2309.12713
month: '07'
oa: 1
oa_version: Preprint
page: 1377-1387
publication: Proceedings - International Conference on Distributed Computing Systems
publication_identifier:
  eissn:
  - 2575-8411
  isbn:
  - '9798350386059'
  issn:
  - 1063-6927
publication_status: published
publisher: IEEE
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'HammerHead: Leader reputation for dynamic scheduling'
type: conference
user_id: 317138e5-6ab7-11ef-aa6d-ffef3953e345
year: '2024'
...
---
OA_place: publisher
OA_type: hybrid
_id: '18913'
abstract:
- lang: eng
  text: "With the proliferation of blockchain technology in high-value sectors, consensus
    protocols are becoming critical infrastructures. The rapid innovation cycle in
    Byzantine fault tolerant (BFT) consensus protocols has culminated in HotStuff,
    which provides linear message complexity in the partially synchronous setting.
    To achieve this, HotStuff leverages a leader that collects, aggregates, and broadcasts
    the messages of other validators. This paper analyzes the security implications
    of such approaches in practice, from the perspective of liveness and availability.\r\nBy
    implementing attacks in a globally-distributed testbed, we show that state-of-the-art
    leader-based protocols are vulnerable to denial-of-service (DoS) attacks on the
    leader. Our attacks, demonstrated on committees of up to 64 validators, manage
    to disrupt liveness within seconds, using only a few tens of Mbps of attack bandwidth
    per validator. Crucially, the cost and effectiveness of the attacks are independent
    of the committee size. Based on the outcome of these experiments, we then propose
    and test effective mitigations. Our findings show that advancements in both protocol
    design and network-layer defenses can greatly improve the practical resilience
    of BFT consensus protocols."
acknowledgement: This work was mostly realized while Alberto Sonnino and Lefteris
  Kokoris-Kogias were employed at Meta. We gratefully acknowledge support for this
  project from ETH Zurich and Mysten Labs.
article_processing_charge: Yes (in subscription journal)
author:
- first_name: Giacomo
  full_name: Giuliari, Giacomo
  last_name: Giuliari
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Marc
  full_name: Frei, Marc
  last_name: Frei
- first_name: Fabio
  full_name: Streun, Fabio
  last_name: Streun
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Adrian
  full_name: Perrig, Adrian
  last_name: Perrig
citation:
  ama: 'Giuliari G, Sonnino A, Frei M, Streun F, Kokoris Kogias E, Perrig A. An empirical
    study of consensus protocols’ DoS resilience. In: <i>Proceedings of the 19th ACM
    Asia Conference on Computer and Communications Security</i>. ACM; 2024:1345-1360.
    doi:<a href="https://doi.org/10.1145/3634737.3656997">10.1145/3634737.3656997</a>'
  apa: 'Giuliari, G., Sonnino, A., Frei, M., Streun, F., Kokoris Kogias, E., &#38;
    Perrig, A. (2024). An empirical study of consensus protocols’ DoS resilience.
    In <i>Proceedings of the 19th ACM Asia Conference on Computer and Communications
    Security</i> (pp. 1345–1360). Singapore, Singapore: ACM. <a href="https://doi.org/10.1145/3634737.3656997">https://doi.org/10.1145/3634737.3656997</a>'
  chicago: Giuliari, Giacomo, Alberto Sonnino, Marc Frei, Fabio Streun, Eleftherios
    Kokoris Kogias, and Adrian Perrig. “An Empirical Study of Consensus Protocols’
    DoS Resilience.” In <i>Proceedings of the 19th ACM Asia Conference on Computer
    and Communications Security</i>, 1345–60. ACM, 2024. <a href="https://doi.org/10.1145/3634737.3656997">https://doi.org/10.1145/3634737.3656997</a>.
  ieee: G. Giuliari, A. Sonnino, M. Frei, F. Streun, E. Kokoris Kogias, and A. Perrig,
    “An empirical study of consensus protocols’ DoS resilience,” in <i>Proceedings
    of the 19th ACM Asia Conference on Computer and Communications Security</i>, Singapore,
    Singapore, 2024, pp. 1345–1360.
  ista: 'Giuliari G, Sonnino A, Frei M, Streun F, Kokoris Kogias E, Perrig A. 2024.
    An empirical study of consensus protocols’ DoS resilience. Proceedings of the
    19th ACM Asia Conference on Computer and Communications Security. ASIACCS: Asia
    Conference on Computer and Communications Security, 1345–1360.'
  mla: Giuliari, Giacomo, et al. “An Empirical Study of Consensus Protocols’ DoS Resilience.”
    <i>Proceedings of the 19th ACM Asia Conference on Computer and Communications
    Security</i>, ACM, 2024, pp. 1345–60, doi:<a href="https://doi.org/10.1145/3634737.3656997">10.1145/3634737.3656997</a>.
  short: G. Giuliari, A. Sonnino, M. Frei, F. Streun, E. Kokoris Kogias, A. Perrig,
    in:, Proceedings of the 19th ACM Asia Conference on Computer and Communications
    Security, ACM, 2024, pp. 1345–1360.
conference:
  end_date: 2024-07-05
  location: Singapore, Singapore
  name: 'ASIACCS: Asia Conference on Computer and Communications Security'
  start_date: 2024-07-01
date_created: 2025-01-27T13:57:00Z
date_published: 2024-07-01T00:00:00Z
date_updated: 2025-09-09T12:07:28Z
day: '01'
ddc:
- '000'
department:
- _id: ElKo
doi: 10.1145/3634737.3656997
external_id:
  isi:
  - '001283918100095'
file:
- access_level: open_access
  checksum: 1e743ddf49d35390eb56e11eb0759150
  content_type: application/pdf
  creator: dernst
  date_created: 2025-01-27T14:04:12Z
  date_updated: 2025-01-27T14:04:12Z
  file_id: '18914'
  file_name: 2024_ACMAsiaCCS_Giuliari.pdf
  file_size: 951940
  relation: main_file
  success: 1
file_date_updated: 2025-01-27T14:04:12Z
has_accepted_license: '1'
isi: 1
language:
- iso: eng
license: https://creativecommons.org/licenses/by/4.0/
month: '07'
oa: 1
oa_version: Published Version
page: 1345-1360
publication: Proceedings of the 19th ACM Asia Conference on Computer and Communications
  Security
publication_identifier:
  isbn:
  - '9798400704826'
publication_status: published
publisher: ACM
quality_controlled: '1'
scopus_import: '1'
status: public
title: An empirical study of consensus protocols’ DoS resilience
tmp:
  image: /images/cc_by.png
  legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode
  name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)
  short: CC BY (4.0)
type: conference
user_id: 317138e5-6ab7-11ef-aa6d-ffef3953e345
year: '2024'
...
---
OA_place: repository
OA_type: hybrid
_id: '18957'
abstract:
- lang: eng
  text: Sui Lutris is the first smart-contract platform to sustainably achieve sub-second
    finality. It achieves this significant decrease by employing consensusless agreement
    not only for simple payments but for a large variety of transactions. Unlike prior
    work, Sui Lutris neither compromises expressiveness nor throughput and can run
    perpetually without restarts. Sui Lutris achieves this by safely integrating consensuless
    agreement with a high-throughput consensus protocol that is invoked out of the
    critical finality path but ensures that when a transaction is at risk of inconsistent
    concurrent accesses, its settlement is delayed until the total ordering is resolved.
    Building such a hybrid architecture is especially delicate during reconfiguration
    events, where the system needs to preserve the safety of the consensusless path
    without compromising the long-term liveness of potentially misconfigured clients.
    We thus develop a novel reconfiguration protocol, the first to provably show the
    safe and efficient reconfiguration of a consensusless blockchain. Sui Lutris is
    currently running in production and underpins the Sui smart-contract platform.
    Combined with the use of Objects instead of accounts it enables the safe execution
    of smart contracts that expose objects as a first-class resource. In our experiments
    Sui Lutris achieves latency lower than 0.5 seconds for throughput up to 5,000
    certificates per second (150k ops/s with transaction blocks), compared to the
    state-of-the-art real-world consensus latencies of 3 seconds. Furthermore, it
    gracefully handles validators crash-recovery and does not suffer visible performance
    degradation during reconfiguration.
acknowledgement: 'This work is funded by MystenLabs. We thank the Mysten Labs Engineering
  teams for valuable feedback broadly, and specifically Dmitry Perelman and Todd Fiala
  for managing the implementation effort. A number of folks contributed to specific
  aspects of the implementation of Sui Lutris (amongst many other contributions to
  the overall blockchain): Francois Garillot, Laura Makdah, Mingwei Tian, Andrew Schran,
  Sadhan Sood and William Smith implemented and optimized aspects of both Sui Lutris
  and Narwhal / Bullshark consensus; Alonso de Gortari oversaw the cryptoeconomics
  of the blockchain, and Emma Zhong, Ade Adepoju, Tim Zakia and Dario Russi designed
  and implemented staking and gas mechanisms. Adam Welc designed several Move tools
  and provided great feedback on the manuscript. We also extend our thanks to Patrick
  Kuo, Ge Gao, Chris Li, and Arun Koshy for their work on the Sui Lutris SDK, clients,
  and RPC layer; Kostas Chalkias, Jonas Lindstrøm, and Joy Wang built cryptographic
  components.'
article_processing_charge: No
arxiv: 1
author:
- first_name: Sam
  full_name: Blackshear, Sam
  last_name: Blackshear
- first_name: Andrey
  full_name: Chursin, Andrey
  last_name: Chursin
- first_name: George
  full_name: Danezis, George
  last_name: Danezis
- first_name: Anastasios
  full_name: Kichidis, Anastasios
  last_name: Kichidis
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Xun
  full_name: Li, Xun
  last_name: Li
- first_name: Mark
  full_name: Logan, Mark
  last_name: Logan
- first_name: Ashok
  full_name: Menon, Ashok
  last_name: Menon
- first_name: Todd
  full_name: Nowacki, Todd
  last_name: Nowacki
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Brandon
  full_name: Williams, Brandon
  last_name: Williams
- first_name: Lu
  full_name: Zhang, Lu
  last_name: Zhang
citation:
  ama: 'Blackshear S, Chursin A, Danezis G, et al. Sui Lutris: A blockchain combining
    broadcast and consensus. In: <i>Proceedings of the 2024 on ACM SIGSAC Conference
    on Computer and Communications Security</i>. ACM; 2024:2606-2620. doi:<a href="https://doi.org/10.1145/3658644.3670286">10.1145/3658644.3670286</a>'
  apa: 'Blackshear, S., Chursin, A., Danezis, G., Kichidis, A., Kokoris Kogias, E.,
    Li, X., … Zhang, L. (2024). Sui Lutris: A blockchain combining broadcast and consensus.
    In <i>Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications
    Security</i> (pp. 2606–2620). Salt Lake City, UT, United States: ACM. <a href="https://doi.org/10.1145/3658644.3670286">https://doi.org/10.1145/3658644.3670286</a>'
  chicago: 'Blackshear, Sam, Andrey Chursin, George Danezis, Anastasios Kichidis,
    Eleftherios Kokoris Kogias, Xun Li, Mark Logan, et al. “Sui Lutris: A Blockchain
    Combining Broadcast and Consensus.” In <i>Proceedings of the 2024 on ACM SIGSAC
    Conference on Computer and Communications Security</i>, 2606–20. ACM, 2024. <a
    href="https://doi.org/10.1145/3658644.3670286">https://doi.org/10.1145/3658644.3670286</a>.'
  ieee: 'S. Blackshear <i>et al.</i>, “Sui Lutris: A blockchain combining broadcast
    and consensus,” in <i>Proceedings of the 2024 on ACM SIGSAC Conference on Computer
    and Communications Security</i>, Salt Lake City, UT, United States, 2024, pp.
    2606–2620.'
  ista: 'Blackshear S, Chursin A, Danezis G, Kichidis A, Kokoris Kogias E, Li X, Logan
    M, Menon A, Nowacki T, Sonnino A, Williams B, Zhang L. 2024. Sui Lutris: A blockchain
    combining broadcast and consensus. Proceedings of the 2024 on ACM SIGSAC Conference
    on Computer and Communications Security. CCS: Conference on Computer and Communications
    Security, 2606–2620.'
  mla: 'Blackshear, Sam, et al. “Sui Lutris: A Blockchain Combining Broadcast and
    Consensus.” <i>Proceedings of the 2024 on ACM SIGSAC Conference on Computer and
    Communications Security</i>, ACM, 2024, pp. 2606–20, doi:<a href="https://doi.org/10.1145/3658644.3670286">10.1145/3658644.3670286</a>.'
  short: S. Blackshear, A. Chursin, G. Danezis, A. Kichidis, E. Kokoris Kogias, X.
    Li, M. Logan, A. Menon, T. Nowacki, A. Sonnino, B. Williams, L. Zhang, in:, Proceedings
    of the 2024 on ACM SIGSAC Conference on Computer and Communications Security,
    ACM, 2024, pp. 2606–2620.
conference:
  end_date: 2024-10-18
  location: Salt Lake City, UT, United States
  name: 'CCS: Conference on Computer and Communications Security'
  start_date: 2024-10-14
date_created: 2025-01-29T12:42:21Z
date_published: 2024-12-09T00:00:00Z
date_updated: 2025-09-09T12:13:55Z
day: '09'
department:
- _id: ElKo
doi: 10.1145/3658644.3670286
external_id:
  arxiv:
  - '2310.18042'
  isi:
  - '001436367300178'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://doi.org/10.48550/arXiv.2310.18042
month: '12'
oa: 1
oa_version: Preprint
page: 2606-2620
publication: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications
  Security
publication_identifier:
  isbn:
  - '9798400706363'
publication_status: published
publisher: ACM
quality_controlled: '1'
status: public
title: 'Sui Lutris: A blockchain combining broadcast and consensus'
type: conference
user_id: 317138e5-6ab7-11ef-aa6d-ffef3953e345
year: '2024'
...
---
_id: '13988'
abstract:
- lang: eng
  text: Most permissionless blockchains inherently suffer from throughput limitations.
    Layer-2 systems, such as side-chains or Rollups, have been proposed as a possible
    strategy to overcome this limitation. Layer-2 systems interact with the main-chain
    in two ways. First, users can move funds from/to the main-chain to/from the layer-2.
    Second, layer-2 systems periodically synchronize with the main-chain to keep some
    form of log of their activity on the main-chain - this log is key for security.
    Due to this interaction with the main-chain, which is necessary and recurrent,
    layer-2 systems impose some load on the main-chain. The impact of such load on
    the main-chain has been, so far, poorly understood. In addition to that, layer-2
    approaches typically sacrifice decentralization and security in favor of higher
    throughput. This paper presents an experimental study that analyzes the current
    state of Ethereum layer-2 projects. Our goal is to assess the load they impose
    on Ethereum and to understand their scalability potential in the long-run. Our
    analysis shows that the impact of any given layer-2 on the main-chain is the result
    of both technical aspects (how state is logged on the main-chain) and user behavior
    (how often users decide to transfer funds between the layer-2 and the main-chain).
    Based on our observations, we infer that without efficient mechanisms that allow
    users to transfer funds in a secure and fast manner directly from one layer-2
    project to another, current layer-2 systems will not be able to scale Ethereum
    effectively, regardless of their technical solutions. Furthermore, from our results,
    we conclude that the layer-2 systems that offer similar security guarantees as
    Ethereum have limited scalability potential, while approaches that offer better
    performance, sacrifice security and lead to an increase in centralization which
    runs against the end-goals of permissionless blockchains.
acknowledgement: This work was supported in part by the Coordenação de Aperfeiçoamento
  de Pessoal de Nivel Superior (CAPES)—Brazil (CAPES), in part by the Fundação para
  a Ciência e Tecnologia (FCT) under Project UIDB/50021/2020 and Grant 2020.05270.BD,
  in part by the Project COSMOS (via the Orçamento de Estado (OE) with ref. PTDC/EEI-COM/29271/2017
  and via the ‘‘Programa Operacional Regional de Lisboa na sua componente Fundo Europeu
  de Desenvolvimento Regional (FEDER)’’ with ref. Lisboa-01-0145-FEDER-029271), and
  in part by the project Angainor with reference LISBOA-01-0145-FEDER-031456 as well
  as supported by Meta Platforms for the project key Transparency at Scale.
article_processing_charge: Yes
article_type: original
author:
- first_name: Ray
  full_name: Neiheiser, Ray
  id: f09651b9-fec0-11ec-b5d8-934aff0e52a4
  last_name: Neiheiser
  orcid: 0000-0001-7227-8309
- first_name: Gustavo
  full_name: Inacio, Gustavo
  last_name: Inacio
- first_name: Luciana
  full_name: Rech, Luciana
  last_name: Rech
- first_name: Carlos
  full_name: Montez, Carlos
  last_name: Montez
- first_name: Miguel
  full_name: Matos, Miguel
  last_name: Matos
- first_name: Luis
  full_name: Rodrigues, Luis
  last_name: Rodrigues
citation:
  ama: Neiheiser R, Inacio G, Rech L, Montez C, Matos M, Rodrigues L. Practical limitations
    of Ethereum’s layer-2. <i>IEEE Access</i>. 2023;11:8651-8662. doi:<a href="https://doi.org/10.1109/access.2023.3237897">10.1109/access.2023.3237897</a>
  apa: Neiheiser, R., Inacio, G., Rech, L., Montez, C., Matos, M., &#38; Rodrigues,
    L. (2023). Practical limitations of Ethereum’s layer-2. <i>IEEE Access</i>. Institute
    of Electrical and Electronics Engineers. <a href="https://doi.org/10.1109/access.2023.3237897">https://doi.org/10.1109/access.2023.3237897</a>
  chicago: Neiheiser, Ray, Gustavo Inacio, Luciana Rech, Carlos Montez, Miguel Matos,
    and Luis Rodrigues. “Practical Limitations of Ethereum’s Layer-2.” <i>IEEE Access</i>.
    Institute of Electrical and Electronics Engineers, 2023. <a href="https://doi.org/10.1109/access.2023.3237897">https://doi.org/10.1109/access.2023.3237897</a>.
  ieee: R. Neiheiser, G. Inacio, L. Rech, C. Montez, M. Matos, and L. Rodrigues, “Practical
    limitations of Ethereum’s layer-2,” <i>IEEE Access</i>, vol. 11. Institute of
    Electrical and Electronics Engineers, pp. 8651–8662, 2023.
  ista: Neiheiser R, Inacio G, Rech L, Montez C, Matos M, Rodrigues L. 2023. Practical
    limitations of Ethereum’s layer-2. IEEE Access. 11, 8651–8662.
  mla: Neiheiser, Ray, et al. “Practical Limitations of Ethereum’s Layer-2.” <i>IEEE
    Access</i>, vol. 11, Institute of Electrical and Electronics Engineers, 2023,
    pp. 8651–62, doi:<a href="https://doi.org/10.1109/access.2023.3237897">10.1109/access.2023.3237897</a>.
  short: R. Neiheiser, G. Inacio, L. Rech, C. Montez, M. Matos, L. Rodrigues, IEEE
    Access 11 (2023) 8651–8662.
corr_author: '1'
date_created: 2023-08-09T12:09:57Z
date_published: 2023-08-01T00:00:00Z
date_updated: 2024-10-09T21:06:38Z
day: '01'
ddc:
- '000'
department:
- _id: ElKo
doi: 10.1109/access.2023.3237897
external_id:
  isi:
  - '000927831000001'
file:
- access_level: open_access
  checksum: 4b80b0ff212edf7e5842fbdd53784432
  content_type: application/pdf
  creator: dernst
  date_created: 2023-08-22T06:37:48Z
  date_updated: 2023-08-22T06:37:48Z
  file_id: '14166'
  file_name: 2023_IEEEAccess_Neiheiser.pdf
  file_size: 1289285
  relation: main_file
  success: 1
file_date_updated: 2023-08-22T06:37:48Z
has_accepted_license: '1'
intvolume: '        11'
isi: 1
keyword:
- General Engineering
- General Materials Science
- General Computer Science
- Electrical and Electronic Engineering
language:
- iso: eng
month: '08'
oa: 1
oa_version: Published Version
page: 8651-8662
publication: IEEE Access
publication_identifier:
  issn:
  - 2169-3536
publication_status: published
publisher: Institute of Electrical and Electronics Engineers
quality_controlled: '1'
scopus_import: '1'
status: public
title: Practical limitations of Ethereum’s layer-2
tmp:
  image: /images/cc_by.png
  legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode
  name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)
  short: CC BY (4.0)
type: journal_article
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 11
year: '2023'
...
---
_id: '14516'
abstract:
- lang: eng
  text: 'We revisit decentralized random beacons with a focus on practical distributed
    applications. Decentralized random beacons (Beaver and So, Eurocrypt''93) provide
    the functionality for n parties to generate an unpredictable sequence of bits
    in a way that cannot be biased, which is useful for any decentralized protocol
    requiring trusted randomness. Existing beacon constructions are highly inefficient
    in practical settings where protocol parties need to rejoin after crashes or disconnections,
    and more significantly where smart contracts may rely on arbitrary index points
    in high-volume streams. For this, we introduce a new notion of history-generating
    decentralized random beacons (HGDRBs). Roughly, the history-generation property
    of HGDRBs allows for previous beacon outputs to be efficiently generated knowing
    only the current value and the public key. At application layers, history-generation
    supports registering a sparser set of on-chain values if desired, so that apps
    like lotteries can utilize on-chain values without incurring high-frequency costs,
    enjoying all the benefits of DRBs implemented off-chain or with decoupled, special-purpose
    chains. Unlike rollups, HG is tailored specifically to recovering and verifying
    pseudorandom bit sequences and thus enjoys unique optimizations investigated in
    this work. We introduce STROBE: an efficient HGDRB construction which generalizes
    the original squaring-based RSA approach of Beaver and So. STROBE enjoys several
    useful properties that make it suited for practical applications that use beacons:
    1) history-generating: it can regenerate and verify high-throughput beacon streams,
    supporting sparse (thus cost-effective) ledger entries; 2) concisely self-verifying:
    NIZK-free, with state and validation employing a single ring element; 3) eco-friendly:
    stake-based rather than work based; 4) unbounded: refresh-free, addressing limitations
    of Beaver and So; 5) delay-free: results are immediately available. 6) storage-efficient:
    the last beacon suffices to derive all past outputs, thus O(1) storage requirements
    for nodes serving the whole history.'
acknowledgement: Work done when all the authors were at Novi Research, Meta.
alternative_title:
- LIPIcs
article_number: '7'
article_processing_charge: Yes
author:
- first_name: Donald
  full_name: Beaver, Donald
  last_name: Beaver
- first_name: Mahimna
  full_name: Kelkar, Mahimna
  last_name: Kelkar
- first_name: Kevin
  full_name: Lewi, Kevin
  last_name: Lewi
- first_name: Valeria
  full_name: Nikolaenko, Valeria
  last_name: Nikolaenko
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Konstantinos
  full_name: Chalkias, Konstantinos
  last_name: Chalkias
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Ladi De
  full_name: Naurois, Ladi De
  last_name: Naurois
- first_name: Arnab
  full_name: Roy, Arnab
  last_name: Roy
citation:
  ama: 'Beaver D, Kelkar M, Lewi K, et al. STROBE: Streaming Threshold Random Beacons.
    In: <i>5th Conference on Advances in Financial Technologies</i>. Vol 282. Schloss
    Dagstuhl - Leibniz-Zentrum für Informatik; 2023. doi:<a href="https://doi.org/10.4230/LIPIcs.AFT.2023.7">10.4230/LIPIcs.AFT.2023.7</a>'
  apa: 'Beaver, D., Kelkar, M., Lewi, K., Nikolaenko, V., Sonnino, A., Chalkias, K.,
    … Roy, A. (2023). STROBE: Streaming Threshold Random Beacons. In <i>5th Conference
    on Advances in Financial Technologies</i> (Vol. 282). Princeton, NJ, United States:
    Schloss Dagstuhl - Leibniz-Zentrum für Informatik. <a href="https://doi.org/10.4230/LIPIcs.AFT.2023.7">https://doi.org/10.4230/LIPIcs.AFT.2023.7</a>'
  chicago: 'Beaver, Donald, Mahimna Kelkar, Kevin Lewi, Valeria Nikolaenko, Alberto
    Sonnino, Konstantinos Chalkias, Eleftherios Kokoris Kogias, Ladi De Naurois, and
    Arnab Roy. “STROBE: Streaming Threshold Random Beacons.” In <i>5th Conference
    on Advances in Financial Technologies</i>, Vol. 282. Schloss Dagstuhl - Leibniz-Zentrum
    für Informatik, 2023. <a href="https://doi.org/10.4230/LIPIcs.AFT.2023.7">https://doi.org/10.4230/LIPIcs.AFT.2023.7</a>.'
  ieee: 'D. Beaver <i>et al.</i>, “STROBE: Streaming Threshold Random Beacons,” in
    <i>5th Conference on Advances in Financial Technologies</i>, Princeton, NJ, United
    States, 2023, vol. 282.'
  ista: 'Beaver D, Kelkar M, Lewi K, Nikolaenko V, Sonnino A, Chalkias K, Kokoris
    Kogias E, Naurois LD, Roy A. 2023. STROBE: Streaming Threshold Random Beacons.
    5th Conference on Advances in Financial Technologies. AFT: Conference on Advances
    in Financial Technologies, LIPIcs, vol. 282, 7.'
  mla: 'Beaver, Donald, et al. “STROBE: Streaming Threshold Random Beacons.” <i>5th
    Conference on Advances in Financial Technologies</i>, vol. 282, 7, Schloss Dagstuhl
    - Leibniz-Zentrum für Informatik, 2023, doi:<a href="https://doi.org/10.4230/LIPIcs.AFT.2023.7">10.4230/LIPIcs.AFT.2023.7</a>.'
  short: D. Beaver, M. Kelkar, K. Lewi, V. Nikolaenko, A. Sonnino, K. Chalkias, E.
    Kokoris Kogias, L.D. Naurois, A. Roy, in:, 5th Conference on Advances in Financial
    Technologies, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2023.
conference:
  end_date: 2023-10-25
  location: Princeton, NJ, United States
  name: 'AFT: Conference on Advances in Financial Technologies'
  start_date: 2023-10-23
corr_author: '1'
date_created: 2023-11-12T23:00:55Z
date_published: 2023-10-01T00:00:00Z
date_updated: 2024-10-09T21:07:17Z
day: '01'
ddc:
- '000'
department:
- _id: ElKo
doi: 10.4230/LIPIcs.AFT.2023.7
file:
- access_level: open_access
  checksum: c1f98831cb5149d6c030c41999e6e960
  content_type: application/pdf
  creator: dernst
  date_created: 2023-11-13T08:44:34Z
  date_updated: 2023-11-13T08:44:34Z
  file_id: '14521'
  file_name: 2023_LIPIcs_Beaver.pdf
  file_size: 793495
  relation: main_file
  success: 1
file_date_updated: 2023-11-13T08:44:34Z
has_accepted_license: '1'
intvolume: '       282'
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://eprint.iacr.org/2021/1643
month: '10'
oa: 1
oa_version: Published Version
publication: 5th Conference on Advances in Financial Technologies
publication_identifier:
  isbn:
  - '9783959773034'
  issn:
  - 1868-8969
publication_status: published
publisher: Schloss Dagstuhl - Leibniz-Zentrum für Informatik
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'STROBE: Streaming Threshold Random Beacons'
tmp:
  image: /images/cc_by.png
  legal_code_url: https://creativecommons.org/licenses/by/4.0/legalcode
  name: Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)
  short: CC BY (4.0)
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 282
year: '2023'
...
---
_id: '14609'
abstract:
- lang: eng
  text: "Distributed Key Generation (DKG) is a technique to bootstrap threshold cryptosystems
    without a trusted party. DKG is an essential building block to many decentralized
    protocols such as randomness beacons, threshold signatures, Byzantine consensus,
    and multiparty computation. While significant progress has been made recently,
    existing asynchronous DKG constructions are inefficient when the reconstruction
    threshold is larger than one-third of the total nodes. In this paper, we present
    a simple and concretely efficient asynchronous DKG (ADKG) protocol among n = 3t
    + 1 nodes that can tolerate up to t malicious nodes and support any reconstruction
    threshold ℓ ≥ t. Our protocol has an expected O(κn3) communication cost, where
    κ is the security parameter, and only assumes the hardness of the Discrete Logarithm.
    The\r\ncore ingredient of our ADKG protocol is an asynchronous protocol to secret
    share a random polynomial of degree ℓ ≥ t, which has other applications, such
    as asynchronous proactive secret sharing and asynchronous multiparty computation.
    We implement our high-threshold ADKG protocol and evaluate it using a network
    of up to 128 geographically distributed nodes. Our evaluation shows that our high-threshold
    ADKG protocol reduces the running time by 90% and bandwidth usage by 80% over
    the state-of-the-art."
acknowledgement: The authors would like to thank Amit Agarwal, Andrew Miller, and
  Tom Yurek for the helpful discussions related to the paper. This work is funded
  in part by a VMware early career faculty grant, a Chainlink Labs Ph.D. fellowship,
  the National Science Foundation, and the Austrian Science Fund (FWF) F8512-N.
article_processing_charge: No
author:
- first_name: Sourav
  full_name: Das, Sourav
  last_name: Das
- first_name: Zhuolun
  full_name: Xiang, Zhuolun
  last_name: Xiang
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Ling
  full_name: Ren, Ling
  last_name: Ren
citation:
  ama: 'Das S, Xiang Z, Kokoris Kogias E, Ren L. Practical asynchronous high-threshold
    distributed key generation and distributed polynomial sampling. In: <i>32nd USENIX
    Security Symposium</i>. Vol 8. Usenix; 2023:5359-5376.'
  apa: 'Das, S., Xiang, Z., Kokoris Kogias, E., &#38; Ren, L. (2023). Practical asynchronous
    high-threshold distributed key generation and distributed polynomial sampling.
    In <i>32nd USENIX Security Symposium</i> (Vol. 8, pp. 5359–5376). Anaheim, CA,
    United States: Usenix.'
  chicago: Das, Sourav, Zhuolun Xiang, Eleftherios Kokoris Kogias, and Ling Ren. “Practical
    Asynchronous High-Threshold Distributed Key Generation and Distributed Polynomial
    Sampling.” In <i>32nd USENIX Security Symposium</i>, 8:5359–76. Usenix, 2023.
  ieee: S. Das, Z. Xiang, E. Kokoris Kogias, and L. Ren, “Practical asynchronous high-threshold
    distributed key generation and distributed polynomial sampling,” in <i>32nd USENIX
    Security Symposium</i>, Anaheim, CA, United States, 2023, vol. 8, pp. 5359–5376.
  ista: Das S, Xiang Z, Kokoris Kogias E, Ren L. 2023. Practical asynchronous high-threshold
    distributed key generation and distributed polynomial sampling. 32nd USENIX Security
    Symposium. USENIX Security Symposium vol. 8, 5359–5376.
  mla: Das, Sourav, et al. “Practical Asynchronous High-Threshold Distributed Key
    Generation and Distributed Polynomial Sampling.” <i>32nd USENIX Security Symposium</i>,
    vol. 8, Usenix, 2023, pp. 5359–76.
  short: S. Das, Z. Xiang, E. Kokoris Kogias, L. Ren, in:, 32nd USENIX Security Symposium,
    Usenix, 2023, pp. 5359–5376.
conference:
  end_date: 2023-08-11
  location: Anaheim, CA, United States
  name: USENIX Security Symposium
  start_date: 2023-08-09
corr_author: '1'
date_created: 2023-11-26T23:00:55Z
date_published: 2023-08-15T00:00:00Z
date_updated: 2025-04-15T08:16:55Z
day: '15'
ddc:
- '000'
department:
- _id: ElKo
file:
- access_level: open_access
  checksum: 1a730765930138e23c6efd2575872641
  content_type: application/pdf
  creator: dernst
  date_created: 2023-11-28T09:14:34Z
  date_updated: 2023-11-28T09:14:34Z
  file_id: '14621'
  file_name: 2023_USENIX_Das.pdf
  file_size: 704331
  relation: main_file
  success: 1
file_date_updated: 2023-11-28T09:14:34Z
has_accepted_license: '1'
intvolume: '         8'
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://eprint.iacr.org/2022/1389
month: '08'
oa: 1
oa_version: Published Version
page: 5359-5376
project:
- _id: 34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f
  grant_number: F8512
  name: Security and Privacy by Design for Complex Systems
publication: 32nd USENIX Security Symposium
publication_identifier:
  isbn:
  - '9781713879497'
publication_status: published
publisher: Usenix
quality_controlled: '1'
scopus_import: '1'
status: public
title: Practical asynchronous high-threshold distributed key generation and distributed
  polynomial sampling
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
volume: 8
year: '2023'
...
---
_id: '14735'
abstract:
- lang: eng
  text: "Scaling blockchain protocols to perform on par with the expected needs of
    Web3.0 has been proven to be a challenging task with almost a decade of research.
    In the forefront of the current solution is the idea of separating the execution
    of the updates encoded in a block from the ordering of blocks. In order to achieve
    this, a new class of protocols called rollups has emerged. Rollups have as input
    a total ordering of valid and invalid transactions and as output a new valid state-transition.\r\nIf
    we study rollups from a distributed computing perspective, we uncover that rollups
    take as input the output of a Byzantine Atomic Broadcast (BAB) protocol and convert
    it to a State Machine Replication (SMR) protocol. BAB and SMR, however, are considered
    equivalent as far as distributed computing is concerned and a solution to one
    can easily be retrofitted to solve the other simply by adding/removing an execution
    step before the validation of the input.\r\nThis “easy” step of retrofitting an
    atomic broadcast solution to implement an SMR has, however, been overlooked in
    practice. In this paper, we formalize the problem and show that after BAB is solved,
    traditional impossibility results for consensus no longer apply towards an SMR.
    Leveraging this we propose a distributed execution protocol that allows reduced
    execution and storage cost per executor (O(log2n/n)) without relaxing the network
    assumptions of the underlying BAB protocol and providing censorship-resistance.
    Finally, we propose efficient non-interactive light client constructions that
    leverage our efficient execution protocols and do not require any synchrony assumptions
    or expensive ZK-proofs."
acknowledgement: 'Eleftherios Kokoris-Kogias is partially supported by Austrian Science
  Fund (FWF) grant No: F8512-N.'
alternative_title:
- LNCS
article_processing_charge: No
author:
- first_name: Christos
  full_name: Stefo, Christos
  id: a20e8902-32b0-11ee-9fa8-b23fa638b793
  last_name: Stefo
- first_name: Zhuolun
  full_name: Xiang, Zhuolun
  last_name: Xiang
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
citation:
  ama: 'Stefo C, Xiang Z, Kokoris Kogias E. Executing and proving over dirty ledgers.
    In: <i>27th International Conference on Financial Cryptography and Data Security</i>.
    Vol 13950. Springer Nature; 2023:3-20. doi:<a href="https://doi.org/10.1007/978-3-031-47754-6_1">10.1007/978-3-031-47754-6_1</a>'
  apa: 'Stefo, C., Xiang, Z., &#38; Kokoris Kogias, E. (2023). Executing and proving
    over dirty ledgers. In <i>27th International Conference on Financial Cryptography
    and Data Security</i> (Vol. 13950, pp. 3–20). Bol, Brac, Croatia: Springer Nature.
    <a href="https://doi.org/10.1007/978-3-031-47754-6_1">https://doi.org/10.1007/978-3-031-47754-6_1</a>'
  chicago: Stefo, Christos, Zhuolun Xiang, and Eleftherios Kokoris Kogias. “Executing
    and Proving over Dirty Ledgers.” In <i>27th International Conference on Financial
    Cryptography and Data Security</i>, 13950:3–20. Springer Nature, 2023. <a href="https://doi.org/10.1007/978-3-031-47754-6_1">https://doi.org/10.1007/978-3-031-47754-6_1</a>.
  ieee: C. Stefo, Z. Xiang, and E. Kokoris Kogias, “Executing and proving over dirty
    ledgers,” in <i>27th International Conference on Financial Cryptography and Data
    Security</i>, Bol, Brac, Croatia, 2023, vol. 13950, pp. 3–20.
  ista: 'Stefo C, Xiang Z, Kokoris Kogias E. 2023. Executing and proving over dirty
    ledgers. 27th International Conference on Financial Cryptography and Data Security.
    FC: Financial Cryptography and Data Security, LNCS, vol. 13950, 3–20.'
  mla: Stefo, Christos, et al. “Executing and Proving over Dirty Ledgers.” <i>27th
    International Conference on Financial Cryptography and Data Security</i>, vol.
    13950, Springer Nature, 2023, pp. 3–20, doi:<a href="https://doi.org/10.1007/978-3-031-47754-6_1">10.1007/978-3-031-47754-6_1</a>.
  short: C. Stefo, Z. Xiang, E. Kokoris Kogias, in:, 27th International Conference
    on Financial Cryptography and Data Security, Springer Nature, 2023, pp. 3–20.
conference:
  end_date: 2023-05-05
  location: Bol, Brac, Croatia
  name: 'FC: Financial Cryptography and Data Security'
  start_date: 2023-05-01
corr_author: '1'
date_created: 2024-01-08T09:17:38Z
date_published: 2023-12-01T00:00:00Z
date_updated: 2025-09-09T14:07:16Z
day: '01'
department:
- _id: ElKo
- _id: GradSch
doi: 10.1007/978-3-031-47754-6_1
external_id:
  isi:
  - '001150222600001'
intvolume: '     13950'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://eprint.iacr.org/2022/1554
month: '12'
oa: 1
oa_version: Preprint
page: 3-20
project:
- _id: 34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f
  grant_number: F8512
  name: Security and Privacy by Design for Complex Systems
publication: 27th International Conference on Financial Cryptography and Data Security
publication_identifier:
  eisbn:
  - '9783031477546'
  eissn:
  - 0302-9743
  isbn:
  - '9783031477539'
  issn:
  - 1611-3349
publication_status: published
publisher: Springer Nature
quality_controlled: '1'
scopus_import: '1'
status: public
title: Executing and proving over dirty ledgers
type: conference
user_id: 317138e5-6ab7-11ef-aa6d-ffef3953e345
volume: 13950
year: '2023'
...
---
_id: '14744'
abstract:
- lang: eng
  text: "Sharding distributed ledgers is a promising on-chain solution for scaling
    blockchains but lacks formal grounds, nurturing skepticism on whether such complex
    systems can scale blockchains securely. We fill this gap by introducing the first
    formal framework as well as a roadmap to robust sharding. In particular, we first
    define the properties sharded distributed ledgers should fulfill. We build upon
    and extend the Bitcoin backbone protocol by defining consistency and scalability.
    Consistency encompasses the need for atomic execution of cross-shard transactions
    to preserve safety, whereas scalability encapsulates the speedup a sharded system
    can gain in comparison to a non-sharded system.\r\nUsing our model, we explore
    the limitations of sharding. We show that a sharded ledger with n participants
    cannot scale under a fully adaptive adversary, but it can scale up to m shards
    where n=c'm log m, under an epoch-adaptive adversary; the constant c' encompasses
    the trade-off between security and scalability. This is possible only if the sharded
    ledgers create succinct proofs of the valid state updates at every epoch. We leverage
    our results to identify the sufficient components for robust sharding, which we
    incorporate in a protocol abstraction termed Divide & Scale. To demonstrate the
    power of our framework, we analyze the most prominent sharded blockchains (Elastico,
    Monoxide, OmniLedger, RapidChain) and pinpoint where they fail to meet the desired
    properties."
acknowledgement: The work was partially supported by the Austrian Science Fund (FWF)
  through the project CoRaF (grant agreement 2020388).
alternative_title:
- LNCS
article_processing_charge: No
author:
- first_name: Zeta
  full_name: Avarikioti, Zeta
  last_name: Avarikioti
- first_name: Antoine
  full_name: Desjardins, Antoine
  id: 06d0c166-aec1-11ee-a7c0-b96e840a602b
  last_name: Desjardins
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Roger
  full_name: Wattenhofer, Roger
  last_name: Wattenhofer
citation:
  ama: 'Avarikioti Z, Desjardins A, Kokoris Kogias E, Wattenhofer R. Divide &#38;
    Scale: Formalization and roadmap to robust sharding. In: <i>30th International
    Colloquium on Structural Information and Communication Complexity</i>. Vol 13892.
    Springer Nature; 2023:199-245. doi:<a href="https://doi.org/10.1007/978-3-031-32733-9_10">10.1007/978-3-031-32733-9_10</a>'
  apa: 'Avarikioti, Z., Desjardins, A., Kokoris Kogias, E., &#38; Wattenhofer, R.
    (2023). Divide &#38; Scale: Formalization and roadmap to robust sharding. In <i>30th
    International Colloquium on Structural Information and Communication Complexity</i>
    (Vol. 13892, pp. 199–245). Alcalá de Henares, Spain: Springer Nature. <a href="https://doi.org/10.1007/978-3-031-32733-9_10">https://doi.org/10.1007/978-3-031-32733-9_10</a>'
  chicago: 'Avarikioti, Zeta, Antoine Desjardins, Eleftherios Kokoris Kogias, and
    Roger Wattenhofer. “Divide &#38; Scale: Formalization and Roadmap to Robust Sharding.”
    In <i>30th International Colloquium on Structural Information and Communication
    Complexity</i>, 13892:199–245. Springer Nature, 2023. <a href="https://doi.org/10.1007/978-3-031-32733-9_10">https://doi.org/10.1007/978-3-031-32733-9_10</a>.'
  ieee: 'Z. Avarikioti, A. Desjardins, E. Kokoris Kogias, and R. Wattenhofer, “Divide
    &#38; Scale: Formalization and roadmap to robust sharding,” in <i>30th International
    Colloquium on Structural Information and Communication Complexity</i>, Alcalá
    de Henares, Spain, 2023, vol. 13892, pp. 199–245.'
  ista: 'Avarikioti Z, Desjardins A, Kokoris Kogias E, Wattenhofer R. 2023. Divide
    &#38; Scale: Formalization and roadmap to robust sharding. 30th International
    Colloquium on Structural Information and Communication Complexity. SIROCCO: Structural
    Information and Communication Complexity, LNCS, vol. 13892, 199–245.'
  mla: 'Avarikioti, Zeta, et al. “Divide &#38; Scale: Formalization and Roadmap to Robust
    Sharding.” <i>30th International Colloquium on Structural Information and Communication
    Complexity</i>, vol. 13892, Springer Nature, 2023, pp. 199–245, doi:<a href="https://doi.org/10.1007/978-3-031-32733-9_10">10.1007/978-3-031-32733-9_10</a>.'
  short: Z. Avarikioti, A. Desjardins, E. Kokoris Kogias, R. Wattenhofer, in:, 30th
    International Colloquium on Structural Information and Communication Complexity,
    Springer Nature, 2023, pp. 199–245.
conference:
  end_date: 2023-06-09
  location: Alcalá de Henares, Spain
  name: 'SIROCCO: Structural Information and Communication Complexity'
  start_date: 2023-06-06
date_created: 2024-01-08T12:56:46Z
date_published: 2023-06-01T00:00:00Z
date_updated: 2025-09-09T14:10:46Z
day: '01'
department:
- _id: ElKo
doi: 10.1007/978-3-031-32733-9_10
external_id:
  isi:
  - '001292782600010'
intvolume: '     13892'
isi: 1
language:
- iso: eng
month: '06'
oa_version: None
page: 199-245
publication: 30th International Colloquium on Structural Information and Communication
  Complexity
publication_identifier:
  eisbn:
  - '9783031327339'
  eissn:
  - 1611-3349
  isbn:
  - '9783031327322'
  issn:
  - 0302-9743
publication_status: published
publisher: Springer Nature
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'Divide & Scale: Formalization and roadmap to robust sharding'
type: conference
user_id: 317138e5-6ab7-11ef-aa6d-ffef3953e345
volume: 13892
year: '2023'
...
---
_id: '14829'
abstract:
- lang: eng
  text: 'This paper explores a modular design architecture aimed at helping blockchains
    (and other SMR implementation) to scale to a very large number of processes. This
    comes in contrast to existing monolithic architectures that interleave transaction
    dissemination, ordering, and execution in a single functionality. To achieve this
    we first split the monolith to multiple layers which can use existing distributed
    computing primitives. The exact specifications of the data dissemination part
    are formally defined by the Proof of Availability & Retrieval (PoA &R) abstraction.
    Solutions to the PoA &R problem contain two related sub-protocols: one that “pushes”
    information into the network and another that “pulls” this information. Regarding
    the latter, there is a dearth of research literature which is rectified in this
    paper. We present a family of pulling sub-protocols and rigorously analyze them.
    Extensive simulations support the theoretical claims of efficiency and robustness
    in case of a very large number of players. Finally, actual implementation and
    deployment on a small number of machines (roughly the size of several industrial
    systems) demonstrates the viability of the architecture’s paradigm.'
acknowledgement: 'This work is partially supported by Meta. Eleftherios Kokoris-Kogias
  is partially supported by Austrian Science Fund (FWF) grant No: F8512-N. Shir Cohen
  is supported by the Adams Fellowship Program of the Israel Academy of Sciences and
  Humanities.'
alternative_title:
- LNCS
article_processing_charge: No
author:
- first_name: Shir
  full_name: Cohen, Shir
  last_name: Cohen
- first_name: Guy
  full_name: Goren, Guy
  last_name: Goren
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Alexander
  full_name: Spiegelman, Alexander
  last_name: Spiegelman
citation:
  ama: 'Cohen S, Goren G, Kokoris Kogias E, Sonnino A, Spiegelman A. Proof of availability
    and retrieval in a modular blockchain architecture. In: <i>27th International
    Conference on Financial Cryptography and Data Security</i>. Vol 13951. Springer
    Nature; 2023:36-53. doi:<a href="https://doi.org/10.1007/978-3-031-47751-5_3">10.1007/978-3-031-47751-5_3</a>'
  apa: 'Cohen, S., Goren, G., Kokoris Kogias, E., Sonnino, A., &#38; Spiegelman, A.
    (2023). Proof of availability and retrieval in a modular blockchain architecture.
    In <i>27th International Conference on Financial Cryptography and Data Security</i>
    (Vol. 13951, pp. 36–53). Bol, Brac, Croatia: Springer Nature. <a href="https://doi.org/10.1007/978-3-031-47751-5_3">https://doi.org/10.1007/978-3-031-47751-5_3</a>'
  chicago: Cohen, Shir, Guy Goren, Eleftherios Kokoris Kogias, Alberto Sonnino, and
    Alexander Spiegelman. “Proof of Availability and Retrieval in a Modular Blockchain
    Architecture.” In <i>27th International Conference on Financial Cryptography and
    Data Security</i>, 13951:36–53. Springer Nature, 2023. <a href="https://doi.org/10.1007/978-3-031-47751-5_3">https://doi.org/10.1007/978-3-031-47751-5_3</a>.
  ieee: S. Cohen, G. Goren, E. Kokoris Kogias, A. Sonnino, and A. Spiegelman, “Proof
    of availability and retrieval in a modular blockchain architecture,” in <i>27th
    International Conference on Financial Cryptography and Data Security</i>, Bol,
    Brac, Croatia, 2023, vol. 13951, pp. 36–53.
  ista: 'Cohen S, Goren G, Kokoris Kogias E, Sonnino A, Spiegelman A. 2023. Proof
    of availability and retrieval in a modular blockchain architecture. 27th International
    Conference on Financial Cryptography and Data Security. FC: Financial Cryptography
    and Data Security, LNCS, vol. 13951, 36–53.'
  mla: Cohen, Shir, et al. “Proof of Availability and Retrieval in a Modular Blockchain
    Architecture.” <i>27th International Conference on Financial Cryptography and
    Data Security</i>, vol. 13951, Springer Nature, 2023, pp. 36–53, doi:<a href="https://doi.org/10.1007/978-3-031-47751-5_3">10.1007/978-3-031-47751-5_3</a>.
  short: S. Cohen, G. Goren, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, in:, 27th
    International Conference on Financial Cryptography and Data Security, Springer
    Nature, 2023, pp. 36–53.
conference:
  end_date: 2023-05-05
  location: Bol, Brac, Croatia
  name: 'FC: Financial Cryptography and Data Security'
  start_date: 2023-05-01
date_created: 2024-01-18T07:41:12Z
date_published: 2023-12-01T00:00:00Z
date_updated: 2025-09-09T14:22:38Z
day: '01'
department:
- _id: ElKo
doi: 10.1007/978-3-031-47751-5_3
external_id:
  isi:
  - '001150231600003'
intvolume: '     13951'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://fc23.ifca.ai/preproceedings/150.pdf
month: '12'
oa: 1
oa_version: Submitted Version
page: 36-53
project:
- _id: 34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f
  grant_number: F8512
  name: Security and Privacy by Design for Complex Systems
publication: 27th International Conference on Financial Cryptography and Data Security
publication_identifier:
  eisbn:
  - '9783031477515'
  eissn:
  - 1611-3349
  isbn:
  - '9783031477508'
  issn:
  - 0302-9743
publication_status: published
publisher: Springer Nature
quality_controlled: '1'
scopus_import: '1'
status: public
title: Proof of availability and retrieval in a modular blockchain architecture
type: conference
user_id: 317138e5-6ab7-11ef-aa6d-ffef3953e345
volume: 13951
year: '2023'
...
---
_id: '14743'
abstract:
- lang: eng
  text: Leader-based consensus algorithms are fast and efficient under normal conditions,
    but lack robustness to adverse conditions due to their reliance on timeouts for
    liveness. We present QuePaxa, the first protocol offering state-of-the-art normal-case
    efficiency without depending on timeouts. QuePaxa uses a novel randomized asynchronous
    consensus core to tolerate adverse conditions such as denial-of-service (DoS)
    attacks, while a one-round-trip fast path preserves the normal-case efficiency
    of Multi-Paxos or Raft. By allowing simultaneous proposers without destructive
    interference, and using short hedging delays instead of conservative timeouts
    to limit redundant effort, QuePaxa permits rapid recovery after leader failure
    without risking costly view changes due to false timeouts. By treating leader
    choice and hedging delay as a multi-armed-bandit optimization, QuePaxa achieves
    responsiveness to prevalent conditions, and can choose the best leader even if
    the current one has not failed. Experiments with a prototype confirm that QuePaxa
    achieves normal-case LAN and WAN performance of 584k and 250k cmd/sec in throughput,
    respectively, comparable to Multi-Paxos. Under conditions such as DoS attacks,
    misconfigurations, or slow leaders that severely impact existing protocols, we
    find that QuePaxa remains live with median latency under 380ms in WAN experiments.
acknowledgement: The authors would like to thank Marcos K. Aguilera, Pierluca Borsò,
  Aleksey Charapko, Rachid Guerraoui, Jovan Komatovic, Derek Leung, Louis-Henri Merino,
  Shailesh Mishra, Haochen Pan, Rodrigo Rodrigues, Lewis Tseng, and Haoqian Zhang
  for their helpful feedback on early drafts of this paper.
article_processing_charge: No
author:
- first_name: Pasindu
  full_name: Tennage, Pasindu
  last_name: Tennage
- first_name: Cristina
  full_name: Basescu, Cristina
  last_name: Basescu
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
  orcid: 0000-0002-8827-3382
- first_name: Ewa
  full_name: Syta, Ewa
  last_name: Syta
- first_name: Philipp
  full_name: Jovanovic, Philipp
  last_name: Jovanovic
- first_name: Vero
  full_name: Estrada-Galinanes, Vero
  last_name: Estrada-Galinanes
- first_name: Bryan
  full_name: Ford, Bryan
  last_name: Ford
citation:
  ama: 'Tennage P, Basescu C, Kokoris Kogias E, et al. QuePaxa: Escaping the tyranny
    of timeouts in consensus. In: <i>Proceedings of the 29th Symposium on Operating
    Systems Principles</i>. Association for Computing Machinery; 2023:281-297. doi:<a
    href="https://doi.org/10.1145/3600006.3613150">10.1145/3600006.3613150</a>'
  apa: 'Tennage, P., Basescu, C., Kokoris Kogias, E., Syta, E., Jovanovic, P., Estrada-Galinanes,
    V., &#38; Ford, B. (2023). QuePaxa: Escaping the tyranny of timeouts in consensus.
    In <i>Proceedings of the 29th Symposium on Operating Systems Principles</i> (pp.
    281–297). Koblenz, Germany: Association for Computing Machinery. <a href="https://doi.org/10.1145/3600006.3613150">https://doi.org/10.1145/3600006.3613150</a>'
  chicago: 'Tennage, Pasindu, Cristina Basescu, Eleftherios Kokoris Kogias, Ewa Syta,
    Philipp Jovanovic, Vero Estrada-Galinanes, and Bryan Ford. “QuePaxa: Escaping
    the Tyranny of Timeouts in Consensus.” In <i>Proceedings of the 29th Symposium
    on Operating Systems Principles</i>, 281–97. Association for Computing Machinery,
    2023. <a href="https://doi.org/10.1145/3600006.3613150">https://doi.org/10.1145/3600006.3613150</a>.'
  ieee: 'P. Tennage <i>et al.</i>, “QuePaxa: Escaping the tyranny of timeouts in consensus,”
    in <i>Proceedings of the 29th Symposium on Operating Systems Principles</i>, Koblenz,
    Germany, 2023, pp. 281–297.'
  ista: 'Tennage P, Basescu C, Kokoris Kogias E, Syta E, Jovanovic P, Estrada-Galinanes
    V, Ford B. 2023. QuePaxa: Escaping the tyranny of timeouts in consensus. Proceedings
    of the 29th Symposium on Operating Systems Principles. SOSP: Symposium on Operating
    Systems Principles, 281–297.'
  mla: 'Tennage, Pasindu, et al. “QuePaxa: Escaping the Tyranny of Timeouts in Consensus.”
    <i>Proceedings of the 29th Symposium on Operating Systems Principles</i>, Association
    for Computing Machinery, 2023, pp. 281–97, doi:<a href="https://doi.org/10.1145/3600006.3613150">10.1145/3600006.3613150</a>.'
  short: P. Tennage, C. Basescu, E. Kokoris Kogias, E. Syta, P. Jovanovic, V. Estrada-Galinanes,
    B. Ford, in:, Proceedings of the 29th Symposium on Operating Systems Principles,
    Association for Computing Machinery, 2023, pp. 281–297.
conference:
  end_date: 2023-10-26
  location: Koblenz, Germany
  name: 'SOSP: Symposium on Operating Systems Principles'
  start_date: 2023-10-23
date_created: 2024-01-08T12:54:35Z
date_published: 2023-10-01T00:00:00Z
date_updated: 2026-06-18T17:38:12Z
day: '01'
ddc:
- '000'
department:
- _id: ElKo
doi: 10.1145/3600006.3613150
external_id:
  isi:
  - '001135072900018'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://doi.org/10.1145/3600006.3613150
month: '10'
oa: 1
oa_version: Published Version
page: 281-297
publication: Proceedings of the 29th Symposium on Operating Systems Principles
publication_identifier:
  isbn:
  - '9798400702297'
publication_status: published
publisher: Association for Computing Machinery
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'QuePaxa: Escaping the tyranny of timeouts in consensus'
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
year: '2023'
...
---
_id: '14989'
abstract:
- lang: eng
  text: "Encryption alone is not enough for secure end-to end encrypted messaging:
    a server must also honestly serve public keys to users. Key transparency has been
    presented as an efficient\r\nsolution for detecting (and hence deterring) a server
    that attempts to dishonestly serve keys. Key transparency involves two major components:
    (1) a username to public key mapping, stored and cryptographically committed to
    by the server, and, (2) an outof-band consistency protocol for serving short commitments
    to users. In the setting of real-world deployments and supporting production scale,
    new challenges must be considered for both of these components. We enumerate these
    challenges and provide solutions to address them. In particular, we design and
    implement a memory-optimized and privacy-preserving verifiable data structure
    for committing to the username to public key store.\r\nTo make this implementation
    viable for production, we also integrate support for persistent and distributed
    storage. We also propose a future-facing solution, termed “compaction”, as\r\na
    mechanism for mitigating practical issues that arise from dealing with infinitely
    growing server data structures. Finally, we implement a consensusless solution
    that achieves the minimum requirements for a service that consistently distributes
    commitments for a transparency application, providing a much more efficient protocol
    for distributing small and consistent\r\ncommitments to users. This culminates
    in our production-grade implementation of a key transparency system (Parakeet)
    which we have open-sourced, along with a demonstration of feasibility through
    our benchmarks."
acknowledgement: This work is supported by the Novi team at Meta and funded in part
  by IC3 industry partners and NSF grant 1943499.
article_processing_charge: No
author:
- first_name: Harjasleen
  full_name: Malvai, Harjasleen
  last_name: Malvai
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
  orcid: 0000-0002-8827-3382
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Esha
  full_name: Ghosh, Esha
  last_name: Ghosh
- first_name: Ercan
  full_name: Oztürk, Ercan
  last_name: Oztürk
- first_name: Kevin
  full_name: Lewi, Kevin
  last_name: Lewi
- first_name: Sean
  full_name: Lawlor, Sean
  last_name: Lawlor
citation:
  ama: 'Malvai H, Kokoris Kogias E, Sonnino A, et al. Parakeet: Practical key transparency
    for end-to-end eEncrypted messaging. In: <i>Proceedings of the 2023 Network and
    Distributed System Security Symposium</i>. Internet Society; 2023. doi:<a href="https://doi.org/10.14722/ndss.2023.24545">10.14722/ndss.2023.24545</a>'
  apa: 'Malvai, H., Kokoris Kogias, E., Sonnino, A., Ghosh, E., Oztürk, E., Lewi,
    K., &#38; Lawlor, S. (2023). Parakeet: Practical key transparency for end-to-end
    eEncrypted messaging. In <i>Proceedings of the 2023 Network and Distributed System
    Security Symposium</i>. San Diego, CA, United States: Internet Society. <a href="https://doi.org/10.14722/ndss.2023.24545">https://doi.org/10.14722/ndss.2023.24545</a>'
  chicago: 'Malvai, Harjasleen, Eleftherios Kokoris Kogias, Alberto Sonnino, Esha
    Ghosh, Ercan Oztürk, Kevin Lewi, and Sean Lawlor. “Parakeet: Practical Key Transparency
    for End-to-End EEncrypted Messaging.” In <i>Proceedings of the 2023 Network and
    Distributed System Security Symposium</i>. Internet Society, 2023. <a href="https://doi.org/10.14722/ndss.2023.24545">https://doi.org/10.14722/ndss.2023.24545</a>.'
  ieee: 'H. Malvai <i>et al.</i>, “Parakeet: Practical key transparency for end-to-end
    eEncrypted messaging,” in <i>Proceedings of the 2023 Network and Distributed System
    Security Symposium</i>, San Diego, CA, United States, 2023.'
  ista: 'Malvai H, Kokoris Kogias E, Sonnino A, Ghosh E, Oztürk E, Lewi K, Lawlor
    S. 2023. Parakeet: Practical key transparency for end-to-end eEncrypted messaging.
    Proceedings of the 2023 Network and Distributed System Security Symposium. NDSS:
    Network and Distributed Systems Security.'
  mla: 'Malvai, Harjasleen, et al. “Parakeet: Practical Key Transparency for End-to-End
    EEncrypted Messaging.” <i>Proceedings of the 2023 Network and Distributed System
    Security Symposium</i>, Internet Society, 2023, doi:<a href="https://doi.org/10.14722/ndss.2023.24545">10.14722/ndss.2023.24545</a>.'
  short: H. Malvai, E. Kokoris Kogias, A. Sonnino, E. Ghosh, E. Oztürk, K. Lewi, S.
    Lawlor, in:, Proceedings of the 2023 Network and Distributed System Security Symposium,
    Internet Society, 2023.
conference:
  end_date: 2023-03-03
  location: San Diego, CA, United States
  name: 'NDSS: Network and Distributed Systems Security'
  start_date: 2023-02-27
date_created: 2024-02-14T14:20:40Z
date_published: 2023-03-01T00:00:00Z
date_updated: 2026-06-18T17:41:59Z
day: '01'
ddc:
- '000'
department:
- _id: ElKo
doi: 10.14722/ndss.2023.24545
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://eprint.iacr.org/2023/081
month: '03'
oa: 1
oa_version: Published Version
publication: Proceedings of the 2023 Network and Distributed System Security Symposium
publication_identifier:
  isbn:
  - '1891562835'
publication_status: published
publisher: Internet Society
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'Parakeet: Practical key transparency for end-to-end eEncrypted messaging'
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
year: '2023'
...
---
_id: '12160'
abstract:
- lang: eng
  text: We present the Filecoin Hierarchical Consensus framework, which aims to overcome
    the throughput challenges of blockchain consensus by horizontally scaling the
    network. Unlike traditional sharding designs, based on partitioning the state
    of the network, our solution centers on the concept of subnets -which are organized
    hierarchically- and can be spawned on-demand to manage new state. Child sub nets
    are firewalled from parent subnets, have their own specific policies, and run
    a different consensus algorithm, increasing the network capacity and enabling
    new applications. Moreover, they benefit from the security of parent subnets by
    periodically checkpointing state. In this paper, we introduce the overall system
    architecture, our detailed designs for cross-net transaction handling, and the
    open questions that we are still exploring.
article_processing_charge: No
author:
- first_name: Alfonso
  full_name: De la Rocha, Alfonso
  last_name: De la Rocha
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Jorge M.
  full_name: Soares, Jorge M.
  last_name: Soares
- first_name: Marko
  full_name: Vukolic, Marko
  last_name: Vukolic
citation:
  ama: 'De la Rocha A, Kokoris Kogias E, Soares JM, Vukolic M. Hierarchical consensus:
    A horizontal scaling framework for blockchains. In: <i>42nd International Conference
    on Distributed Computing Systems Workshops</i>. Vol 2022. Institute of Electrical
    and Electronics Engineers; 2022:45-52. doi:<a href="https://doi.org/10.1109/icdcsw56584.2022.00018">10.1109/icdcsw56584.2022.00018</a>'
  apa: 'De la Rocha, A., Kokoris Kogias, E., Soares, J. M., &#38; Vukolic, M. (2022).
    Hierarchical consensus: A horizontal scaling framework for blockchains. In <i>42nd
    International Conference on Distributed Computing Systems Workshops</i> (Vol.
    2022, pp. 45–52). Bologna, Italy: Institute of Electrical and Electronics Engineers.
    <a href="https://doi.org/10.1109/icdcsw56584.2022.00018">https://doi.org/10.1109/icdcsw56584.2022.00018</a>'
  chicago: 'De la Rocha, Alfonso, Eleftherios Kokoris Kogias, Jorge M. Soares, and
    Marko Vukolic. “Hierarchical Consensus: A Horizontal Scaling Framework for Blockchains.”
    In <i>42nd International Conference on Distributed Computing Systems Workshops</i>,
    2022:45–52. Institute of Electrical and Electronics Engineers, 2022. <a href="https://doi.org/10.1109/icdcsw56584.2022.00018">https://doi.org/10.1109/icdcsw56584.2022.00018</a>.'
  ieee: 'A. De la Rocha, E. Kokoris Kogias, J. M. Soares, and M. Vukolic, “Hierarchical
    consensus: A horizontal scaling framework for blockchains,” in <i>42nd International
    Conference on Distributed Computing Systems Workshops</i>, Bologna, Italy, 2022,
    vol. 2022, pp. 45–52.'
  ista: 'De la Rocha A, Kokoris Kogias E, Soares JM, Vukolic M. 2022. Hierarchical
    consensus: A horizontal scaling framework for blockchains. 42nd International
    Conference on Distributed Computing Systems Workshops. ICDCSW: International Conference
    on Distributed Computing Systems Workshop vol. 2022, 45–52.'
  mla: 'De la Rocha, Alfonso, et al. “Hierarchical Consensus: A Horizontal Scaling
    Framework for Blockchains.” <i>42nd International Conference on Distributed Computing
    Systems Workshops</i>, vol. 2022, Institute of Electrical and Electronics Engineers,
    2022, pp. 45–52, doi:<a href="https://doi.org/10.1109/icdcsw56584.2022.00018">10.1109/icdcsw56584.2022.00018</a>.'
  short: A. De la Rocha, E. Kokoris Kogias, J.M. Soares, M. Vukolic, in:, 42nd International
    Conference on Distributed Computing Systems Workshops, Institute of Electrical
    and Electronics Engineers, 2022, pp. 45–52.
conference:
  end_date: 2022-07-10
  location: Bologna, Italy
  name: 'ICDCSW: International Conference on Distributed Computing Systems Workshop'
  start_date: 2022-07-10
date_created: 2023-01-12T12:09:28Z
date_published: 2022-11-29T00:00:00Z
date_updated: 2023-08-04T09:06:02Z
day: '29'
department:
- _id: ElKo
doi: 10.1109/icdcsw56584.2022.00018
external_id:
  isi:
  - '000895984800009'
intvolume: '      2022'
isi: 1
language:
- iso: eng
month: '11'
oa_version: None
page: 45-52
publication: 42nd International Conference on Distributed Computing Systems Workshops
publication_identifier:
  eisbn:
  - '9781665488792'
  eissn:
  - 2332-5666
publication_status: published
publisher: Institute of Electrical and Electronics Engineers
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'Hierarchical consensus: A horizontal scaling framework for blockchains'
type: conference
user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8
volume: 2022
year: '2022'
...
---
OA_place: repository
OA_type: green
_id: '12168'
abstract:
- lang: eng
  text: "Advances in blockchains have influenced the State-Machine-Replication (SMR)
    world and many state-of-the-art blockchain-SMR solutions are based on two pillars:
    Chaining and Leader-rotation. A predetermined round-robin mechanism used for Leader-rotation,
    however, has an undesirable behavior: crashed parties become designated leaders
    infinitely often, slowing down overall system performance. In this paper, we provide
    a new Leader-Aware SMR framework that, among other desirable properties, formalizes
    a Leader-utilization requirement that bounds the number of rounds whose leaders
    are faulty in crash-only executions.\r\nWe introduce Carousel, a novel, reputation-based
    Leader-rotation solution to achieve Leader-Aware SMR. The challenge in adaptive
    Leader-rotation is that it cannot rely on consensus to determine a leader, since
    consensus itself needs a leader. Carousel uses the available on-chain information
    to determine a leader locally and achieves Liveness despite this difficulty. A
    HotStuff implementation fitted with Carousel demonstrates drastic performance
    improvements: it increases throughput over 2x in faultless settings and provided
    a 20x throughput increase and 5x latency reduction in the presence of faults."
alternative_title:
- LNCS
article_processing_charge: No
arxiv: 1
author:
- first_name: Shir
  full_name: Cohen, Shir
  last_name: Cohen
- first_name: Rati
  full_name: Gelashvili, Rati
  last_name: Gelashvili
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Zekun
  full_name: Li, Zekun
  last_name: Li
- first_name: Dahlia
  full_name: Malkhi, Dahlia
  last_name: Malkhi
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Alexander
  full_name: Spiegelman, Alexander
  last_name: Spiegelman
citation:
  ama: 'Cohen S, Gelashvili R, Kokoris Kogias E, et al. Be aware of your leaders.
    In: <i>International Conference on Financial Cryptography and Data Security</i>.
    Vol 13411. Springer Nature; 2022:279-295. doi:<a href="https://doi.org/10.1007/978-3-031-18283-9_13">10.1007/978-3-031-18283-9_13</a>'
  apa: 'Cohen, S., Gelashvili, R., Kokoris Kogias, E., Li, Z., Malkhi, D., Sonnino,
    A., &#38; Spiegelman, A. (2022). Be aware of your leaders. In <i>International
    Conference on Financial Cryptography and Data Security</i> (Vol. 13411, pp. 279–295).
    Grenada: Springer Nature. <a href="https://doi.org/10.1007/978-3-031-18283-9_13">https://doi.org/10.1007/978-3-031-18283-9_13</a>'
  chicago: Cohen, Shir, Rati Gelashvili, Eleftherios Kokoris Kogias, Zekun Li, Dahlia
    Malkhi, Alberto Sonnino, and Alexander Spiegelman. “Be Aware of Your Leaders.”
    In <i>International Conference on Financial Cryptography and Data Security</i>,
    13411:279–95. Springer Nature, 2022. <a href="https://doi.org/10.1007/978-3-031-18283-9_13">https://doi.org/10.1007/978-3-031-18283-9_13</a>.
  ieee: S. Cohen <i>et al.</i>, “Be aware of your leaders,” in <i>International Conference
    on Financial Cryptography and Data Security</i>, Grenada, 2022, vol. 13411, pp.
    279–295.
  ista: 'Cohen S, Gelashvili R, Kokoris Kogias E, Li Z, Malkhi D, Sonnino A, Spiegelman
    A. 2022. Be aware of your leaders. International Conference on Financial Cryptography
    and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13411,
    279–295.'
  mla: Cohen, Shir, et al. “Be Aware of Your Leaders.” <i>International Conference
    on Financial Cryptography and Data Security</i>, vol. 13411, Springer Nature,
    2022, pp. 279–95, doi:<a href="https://doi.org/10.1007/978-3-031-18283-9_13">10.1007/978-3-031-18283-9_13</a>.
  short: S. Cohen, R. Gelashvili, E. Kokoris Kogias, Z. Li, D. Malkhi, A. Sonnino,
    A. Spiegelman, in:, International Conference on Financial Cryptography and Data
    Security, Springer Nature, 2022, pp. 279–295.
conference:
  end_date: 2022-05-06
  location: Grenada
  name: 'FC: Financial Cryptography and Data Security'
  start_date: 2022-05-02
date_created: 2023-01-12T12:10:49Z
date_published: 2022-10-22T00:00:00Z
date_updated: 2025-09-10T09:48:54Z
day: '22'
department:
- _id: ElKo
doi: 10.1007/978-3-031-18283-9_13
external_id:
  arxiv:
  - '2110.00960'
  isi:
  - '001423640200013'
intvolume: '     13411'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://doi.org/10.48550/arXiv.2110.00960
month: '10'
oa: 1
oa_version: Preprint
page: 279-295
publication: International Conference on Financial Cryptography and Data Security
publication_identifier:
  eisbn:
  - '9783031182839'
  eissn:
  - 1611-3349
  isbn:
  - '9783031182822'
  issn:
  - 0302-9743
publication_status: published
publisher: Springer Nature
quality_controlled: '1'
scopus_import: '1'
status: public
title: Be aware of your leaders
type: conference
user_id: 317138e5-6ab7-11ef-aa6d-ffef3953e345
volume: 13411
year: '2022'
...
---
_id: '12229'
abstract:
- lang: eng
  text: "We present Bullshark, the first directed acyclic graph (DAG) based asynchronous
    Byzantine Atomic Broadcast protocol that is optimized for the common synchronous
    case. Like previous DAG-based BFT protocols [19, 25], Bullshark requires no extra
    communication to achieve consensus on top of building the DAG. That is, parties
    can totally order the vertices of the DAG by interpreting their local view of
    the DAG edges. Unlike other asynchronous DAG-based protocols, Bullshark provides
    a practical low latency fast-path that exploits synchronous periods and deprecates
    the need for notoriously complex view-change and view-synchronization mechanisms.
    Bullshark achieves this while maintaining all the desired properties of its predecessor
    DAG-Rider [25]. Namely, it has optimal amortized communication complexity, it
    provides fairness and asynchronous liveness, and safety is guaranteed even under
    a quantum adversary.\r\n\r\nIn order to show the practicality and simplicity of
    our approach, we also introduce a standalone partially synchronous version of
    Bullshark, which we evaluate against the state of the art. The implemented protocol
    is embarrassingly simple (200 LOC on top of an existing DAG-based mempool implementation).
    It is highly efficient, achieving for example, 125,000 transactions per second
    with a 2 seconds latency for a deployment of 50 parties. In the same setting,
    the state of the art pays a steep 50% latency increase as it optimizes for asynchrony."
article_processing_charge: No
arxiv: 1
author:
- first_name: Alexander
  full_name: Spiegelman, Alexander
  last_name: Spiegelman
- first_name: Neil
  full_name: Giridharan, Neil
  last_name: Giridharan
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
citation:
  ama: 'Spiegelman A, Giridharan N, Sonnino A, Kokoris Kogias E. Bullshark: DAG BFT
    protocols made practical. In: <i>Proceedings of the 2022 ACM SIGSAC Conference
    on Computer and Communications Security</i>. Association for Computing Machinery;
    2022:2705–2718. doi:<a href="https://doi.org/10.1145/3548606.3559361">10.1145/3548606.3559361</a>'
  apa: 'Spiegelman, A., Giridharan, N., Sonnino, A., &#38; Kokoris Kogias, E. (2022).
    Bullshark: DAG BFT protocols made practical. In <i>Proceedings of the 2022 ACM
    SIGSAC Conference on Computer and Communications Security</i> (pp. 2705–2718).
    Los Angeles, CA, United States: Association for Computing Machinery. <a href="https://doi.org/10.1145/3548606.3559361">https://doi.org/10.1145/3548606.3559361</a>'
  chicago: 'Spiegelman, Alexander, Neil Giridharan, Alberto Sonnino, and Eleftherios
    Kokoris Kogias. “Bullshark: DAG BFT Protocols Made Practical.” In <i>Proceedings
    of the 2022 ACM SIGSAC Conference on Computer and Communications Security</i>,
    2705–2718. Association for Computing Machinery, 2022. <a href="https://doi.org/10.1145/3548606.3559361">https://doi.org/10.1145/3548606.3559361</a>.'
  ieee: 'A. Spiegelman, N. Giridharan, A. Sonnino, and E. Kokoris Kogias, “Bullshark:
    DAG BFT protocols made practical,” in <i>Proceedings of the 2022 ACM SIGSAC Conference
    on Computer and Communications Security</i>, Los Angeles, CA, United States, 2022,
    pp. 2705–2718.'
  ista: 'Spiegelman A, Giridharan N, Sonnino A, Kokoris Kogias E. 2022. Bullshark:
    DAG BFT protocols made practical. Proceedings of the 2022 ACM SIGSAC Conference
    on Computer and Communications Security. CCS: Conference on Computer and Communications
    Security, 2705–2718.'
  mla: 'Spiegelman, Alexander, et al. “Bullshark: DAG BFT Protocols Made Practical.”
    <i>Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications
    Security</i>, Association for Computing Machinery, 2022, pp. 2705–2718, doi:<a
    href="https://doi.org/10.1145/3548606.3559361">10.1145/3548606.3559361</a>.'
  short: A. Spiegelman, N. Giridharan, A. Sonnino, E. Kokoris Kogias, in:, Proceedings
    of the 2022 ACM SIGSAC Conference on Computer and Communications Security, Association
    for Computing Machinery, 2022, pp. 2705–2718.
conference:
  end_date: 2022-11-11
  location: Los Angeles, CA, United States
  name: 'CCS: Conference on Computer and Communications Security'
  start_date: 2022-11-07
date_created: 2023-01-16T09:49:48Z
date_published: 2022-11-01T00:00:00Z
date_updated: 2025-07-10T11:50:26Z
day: '01'
department:
- _id: ElKo
doi: 10.1145/3548606.3559361
external_id:
  arxiv:
  - '2201.05677'
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://doi.org/10.48550/arXiv.2201.05677
month: '11'
oa: 1
oa_version: Preprint
page: 2705–2718
publication: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications
  Security
publication_identifier:
  isbn:
  - '9781450394505'
publication_status: published
publisher: Association for Computing Machinery
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'Bullshark: DAG BFT protocols made practical'
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
year: '2022'
...
---
_id: '12298'
abstract:
- lang: eng
  text: 'Existing committee-based Byzantine state machine replication (SMR) protocols,
    typically deployed in production blockchains, face a clear trade-off: (1) they
    either achieve linear communication cost in the steady state, but sacrifice liveness
    during periods of asynchrony, or (2) they are robust (progress with probability
    one) but pay quadratic communication cost. We believe this trade-off is unwarranted
    since existing linear protocols still have asymptotic quadratic cost in the worst
    case. We design Ditto, a Byzantine SMR protocol that enjoys the best of both worlds:
    optimal communication on and off the steady state (linear and quadratic, respectively)
    and progress guarantee under asynchrony and DDoS attacks. We achieve this by replacing
    the view-synchronization of partially synchronous protocols with an asynchronous
    fallback mechanism at no extra asymptotic cost. Specifically, we start from HotStuff,
    a state-of-the-art linear protocol, and gradually build Ditto. As a separate contribution
    and an intermediate step, we design a 2-chain version of HotStuff, Jolteon, which
    leverages a quadratic view-change mechanism to reduce the latency of the standard
    3-chain HotStuff. We implement and experimentally evaluate all our systems to
    prove that breaking the robustness-efficiency trade-off is in the realm of practicality.'
acknowledgement: We thank our shepherd Aniket Kate and the anonymous reviewers at
  FC 2022 for their helpful feedback. This work is supported by the Novi team at Facebook.
  We also thank the Novi Research and Engineering teams for valuable feedback, and
  in particular Mathieu Baudet, Andrey Chursin, George Danezis, Zekun Li, and Dahlia
  Malkhi for discussions that shaped this work.
alternative_title:
- LNCS
article_processing_charge: No
arxiv: 1
author:
- first_name: Rati
  full_name: Gelashvili, Rati
  last_name: Gelashvili
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Alexander
  full_name: Spiegelman, Alexander
  last_name: Spiegelman
- first_name: Zhuolun
  full_name: Xiang, Zhuolun
  last_name: Xiang
citation:
  ama: 'Gelashvili R, Kokoris Kogias E, Sonnino A, Spiegelman A, Xiang Z. Jolteon
    and ditto: Network-adaptive efficient consensus with asynchronous fallback. In:
    <i>Financial Cryptography and Data Security</i>. Vol 13411. Springer Nature; 2022:296-315.
    doi:<a href="https://doi.org/10.1007/978-3-031-18283-9_14">10.1007/978-3-031-18283-9_14</a>'
  apa: 'Gelashvili, R., Kokoris Kogias, E., Sonnino, A., Spiegelman, A., &#38; Xiang,
    Z. (2022). Jolteon and ditto: Network-adaptive efficient consensus with asynchronous
    fallback. In <i>Financial Cryptography and Data Security</i> (Vol. 13411, pp.
    296–315). Radisson Grenada Beach Resort, Grenada: Springer Nature. <a href="https://doi.org/10.1007/978-3-031-18283-9_14">https://doi.org/10.1007/978-3-031-18283-9_14</a>'
  chicago: 'Gelashvili, Rati, Eleftherios Kokoris Kogias, Alberto Sonnino, Alexander
    Spiegelman, and Zhuolun Xiang. “Jolteon and Ditto: Network-Adaptive Efficient
    Consensus with Asynchronous Fallback.” In <i>Financial Cryptography and Data Security</i>,
    13411:296–315. Springer Nature, 2022. <a href="https://doi.org/10.1007/978-3-031-18283-9_14">https://doi.org/10.1007/978-3-031-18283-9_14</a>.'
  ieee: 'R. Gelashvili, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, and Z. Xiang,
    “Jolteon and ditto: Network-adaptive efficient consensus with asynchronous fallback,”
    in <i>Financial Cryptography and Data Security</i>, Radisson Grenada Beach Resort,
    Grenada, 2022, vol. 13411, pp. 296–315.'
  ista: 'Gelashvili R, Kokoris Kogias E, Sonnino A, Spiegelman A, Xiang Z. 2022. Jolteon
    and ditto: Network-adaptive efficient consensus with asynchronous fallback. Financial
    Cryptography and Data Security. FC: Financial Cryptography, LNCS, vol. 13411,
    296–315.'
  mla: 'Gelashvili, Rati, et al. “Jolteon and Ditto: Network-Adaptive Efficient Consensus
    with Asynchronous Fallback.” <i>Financial Cryptography and Data Security</i>,
    vol. 13411, Springer Nature, 2022, pp. 296–315, doi:<a href="https://doi.org/10.1007/978-3-031-18283-9_14">10.1007/978-3-031-18283-9_14</a>.'
  short: R. Gelashvili, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, Z. Xiang, in:,
    Financial Cryptography and Data Security, Springer Nature, 2022, pp. 296–315.
conference:
  end_date: 2022-05-06
  location: Radisson Grenada Beach Resort, Grenada
  name: 'FC: Financial Cryptography'
  start_date: 2022-05-02
date_created: 2023-01-16T10:05:51Z
date_published: 2022-10-22T00:00:00Z
date_updated: 2025-09-10T09:52:23Z
day: '22'
department:
- _id: ElKo
doi: 10.1007/978-3-031-18283-9_14
external_id:
  arxiv:
  - '2106.10362'
  isi:
  - '001423640200014'
intvolume: '     13411'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: ' https://doi.org/10.48550/arXiv.2106.10362'
month: '10'
oa: 1
oa_version: Preprint
page: 296-315
publication: Financial Cryptography and Data Security
publication_identifier:
  eisbn:
  - '9783031182839'
  eissn:
  - 1611-3349
  isbn:
  - '9783031182822'
  issn:
  - 0302-9743
publication_status: published
publisher: Springer Nature
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'Jolteon and ditto: Network-adaptive efficient consensus with asynchronous
  fallback'
type: conference
user_id: 317138e5-6ab7-11ef-aa6d-ffef3953e345
volume: 13411
year: '2022'
...
---
_id: '12300'
abstract:
- lang: eng
  text: Distributed Key Generation (DKG) is a technique to bootstrap threshold cryptosystems
    without a trusted third party and is a building block to decentralized protocols
    such as randomness beacons, threshold signatures, and general multiparty computation.
    Until recently, DKG protocols have assumed the synchronous model and thus are
    vulnerable when their underlying network assumptions do not hold. The recent advancements
    in asynchronous DKG protocols are insufficient as they either have poor efficiency
    or limited functionality, resulting in a lack of concrete implementations. In
    this paper, we present a simple and concretely efficient asynchronous DKG (ADKG)
    protocol. In a network of n nodes, our ADKG protocol can tolerate up to t<n/3
    malicious nodes and have an expected O(κn3) communication cost, where κ is the
    security parameter. Our ADKG protocol produces a field element as the secret and
    is thus compatible with off-the-shelf threshold cryptosystems. We implement our
    ADKG protocol and evaluate it using a network of up to 128 nodes in geographically
    distributed AWS instances. Our evaluation shows that our protocol takes as low
    as 3 and 9.5 seconds to terminate for 32 and 64 nodes, respectively. Also, each
    node sends only 0.7 Megabytes and 2.9 Megabytes of data during the two experiments,
    respectively.
acknowledgement: "The authors would like to thank Amit Agarwal, Adithya Bhat, Kobi
  Gurkan, Dakshita Khurana, Nibesh Shrestha, and Gilad Stern for the helpful discussions
  related to the paper.\r\nAlso, the authors would like to thank Sylvain Bellemare
  for helping with the hbACSS codebase and Nicolas Gailly for helping with running
  the Drand experiments."
article_processing_charge: No
author:
- first_name: Sourav
  full_name: Das, Sourav
  last_name: Das
- first_name: Thomas
  full_name: Yurek, Thomas
  last_name: Yurek
- first_name: Zhuolun
  full_name: Xiang, Zhuolun
  last_name: Xiang
- first_name: Andrew
  full_name: Miller, Andrew
  last_name: Miller
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Ling
  full_name: Ren, Ling
  last_name: Ren
citation:
  ama: 'Das S, Yurek T, Xiang Z, Miller A, Kokoris Kogias E, Ren L. Practical asynchronous
    distributed key generation. In: <i>2022 IEEE Symposium on Security and Privacy</i>.
    Institute of Electrical and Electronics Engineers; 2022:2518-2534. doi:<a href="https://doi.org/10.1109/sp46214.2022.9833584">10.1109/sp46214.2022.9833584</a>'
  apa: 'Das, S., Yurek, T., Xiang, Z., Miller, A., Kokoris Kogias, E., &#38; Ren,
    L. (2022). Practical asynchronous distributed key generation. In <i>2022 IEEE
    Symposium on Security and Privacy</i> (pp. 2518–2534). San Francisco, CA, United
    States: Institute of Electrical and Electronics Engineers. <a href="https://doi.org/10.1109/sp46214.2022.9833584">https://doi.org/10.1109/sp46214.2022.9833584</a>'
  chicago: Das, Sourav, Thomas Yurek, Zhuolun Xiang, Andrew Miller, Eleftherios Kokoris
    Kogias, and Ling Ren. “Practical Asynchronous Distributed Key Generation.” In
    <i>2022 IEEE Symposium on Security and Privacy</i>, 2518–34. Institute of Electrical
    and Electronics Engineers, 2022. <a href="https://doi.org/10.1109/sp46214.2022.9833584">https://doi.org/10.1109/sp46214.2022.9833584</a>.
  ieee: S. Das, T. Yurek, Z. Xiang, A. Miller, E. Kokoris Kogias, and L. Ren, “Practical
    asynchronous distributed key generation,” in <i>2022 IEEE Symposium on Security
    and Privacy</i>, San Francisco, CA, United States, 2022, pp. 2518–2534.
  ista: 'Das S, Yurek T, Xiang Z, Miller A, Kokoris Kogias E, Ren L. 2022. Practical
    asynchronous distributed key generation. 2022 IEEE Symposium on Security and Privacy.
    SP: Symposium on Security and Privacy, 2518–2534.'
  mla: Das, Sourav, et al. “Practical Asynchronous Distributed Key Generation.” <i>2022
    IEEE Symposium on Security and Privacy</i>, Institute of Electrical and Electronics
    Engineers, 2022, pp. 2518–34, doi:<a href="https://doi.org/10.1109/sp46214.2022.9833584">10.1109/sp46214.2022.9833584</a>.
  short: S. Das, T. Yurek, Z. Xiang, A. Miller, E. Kokoris Kogias, L. Ren, in:, 2022
    IEEE Symposium on Security and Privacy, Institute of Electrical and Electronics
    Engineers, 2022, pp. 2518–2534.
conference:
  end_date: 2022-05-26
  location: San Francisco, CA, United States
  name: 'SP: Symposium on Security and Privacy'
  start_date: 2022-05-23
date_created: 2023-01-16T10:06:11Z
date_published: 2022-07-27T00:00:00Z
date_updated: 2023-02-16T07:43:53Z
day: '27'
department:
- _id: ElKo
doi: 10.1109/sp46214.2022.9833584
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://eprint.iacr.org/2021/1591
month: '07'
oa: 1
oa_version: Preprint
page: 2518-2534
publication: 2022 IEEE Symposium on Security and Privacy
publication_identifier:
  eisbn:
  - '9781665413169'
  eissn:
  - 2375-1207
publication_status: published
publisher: Institute of Electrical and Electronics Engineers
quality_controlled: '1'
scopus_import: '1'
status: public
title: Practical asynchronous distributed key generation
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
year: '2022'
...
---
_id: '11331'
abstract:
- lang: eng
  text: "We propose separating the task of reliable transaction dissemination from
    transaction ordering, to enable high-performance Byzantine fault-tolerant quorum-based
    consensus. We design and evaluate a mempool protocol, Narwhal, specializing in
    high-throughput reliable dissemination and storage of causal histories of transactions.
    Narwhal tolerates an asynchronous network and maintains high performance despite
    failures. Narwhal is designed to easily scale-out using multiple workers at each
    validator, and we demonstrate that there is no foreseeable limit to the throughput
    we can achieve.\r\nComposing Narwhal with a partially synchronous consensus protocol
    (Narwhal-HotStuff) yields significantly better throughput even in the presence
    of faults or intermittent loss of liveness due to asynchrony. However, loss of
    liveness can result in higher latency. To achieve overall good performance when
    faults occur we design Tusk, a zero-message overhead asynchronous consensus protocol,
    to work with Narwhal. We demonstrate its high performance under a variety of configurations
    and faults.\r\nAs a summary of results, on a WAN, Narwhal-Hotstuff achieves over
    130,000 tx/sec at less than 2-sec latency compared with 1,800 tx/sec at 1-sec
    latency for Hotstuff. Additional workers increase throughput linearly to 600,000
    tx/sec without any latency increase. Tusk achieves 160,000 tx/sec with about 3
    seconds latency. Under faults, both protocols maintain high throughput, but Narwhal-HotStuff
    suffers from increased latency."
article_processing_charge: No
arxiv: 1
author:
- first_name: George
  full_name: Danezis, George
  last_name: Danezis
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Alberto
  full_name: Sonnino, Alberto
  last_name: Sonnino
- first_name: Alexander
  full_name: Spiegelman, Alexander
  last_name: Spiegelman
citation:
  ama: 'Danezis G, Kokoris Kogias E, Sonnino A, Spiegelman A. Narwhal and Tusk: A
    DAG-based mempool and efficient BFT consensus. In: <i>Proceedings of the 17th
    European Conference on Computer Systems</i>. Association for Computing Machinery;
    2022:34-50. doi:<a href="https://doi.org/10.1145/3492321.3519594">10.1145/3492321.3519594</a>'
  apa: 'Danezis, G., Kokoris Kogias, E., Sonnino, A., &#38; Spiegelman, A. (2022).
    Narwhal and Tusk: A DAG-based mempool and efficient BFT consensus. In <i>Proceedings
    of the 17th European Conference on Computer Systems</i> (pp. 34–50). Rennes, France:
    Association for Computing Machinery. <a href="https://doi.org/10.1145/3492321.3519594">https://doi.org/10.1145/3492321.3519594</a>'
  chicago: 'Danezis, George, Eleftherios Kokoris Kogias, Alberto Sonnino, and Alexander
    Spiegelman. “Narwhal and Tusk: A DAG-Based Mempool and Efficient BFT Consensus.”
    In <i>Proceedings of the 17th European Conference on Computer Systems</i>, 34–50.
    Association for Computing Machinery, 2022. <a href="https://doi.org/10.1145/3492321.3519594">https://doi.org/10.1145/3492321.3519594</a>.'
  ieee: 'G. Danezis, E. Kokoris Kogias, A. Sonnino, and A. Spiegelman, “Narwhal and
    Tusk: A DAG-based mempool and efficient BFT consensus,” in <i>Proceedings of the
    17th European Conference on Computer Systems</i>, Rennes, France, 2022, pp. 34–50.'
  ista: 'Danezis G, Kokoris Kogias E, Sonnino A, Spiegelman A. 2022. Narwhal and Tusk:
    A DAG-based mempool and efficient BFT consensus. Proceedings of the 17th European
    Conference on Computer Systems. EuroSys: European Conference on Computer Systems,
    34–50.'
  mla: 'Danezis, George, et al. “Narwhal and Tusk: A DAG-Based Mempool and Efficient
    BFT Consensus.” <i>Proceedings of the 17th European Conference on Computer Systems</i>,
    Association for Computing Machinery, 2022, pp. 34–50, doi:<a href="https://doi.org/10.1145/3492321.3519594">10.1145/3492321.3519594</a>.'
  short: G. Danezis, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, in:, Proceedings
    of the 17th European Conference on Computer Systems, Association for Computing
    Machinery, 2022, pp. 34–50.
conference:
  end_date: 2022-04-08
  location: Rennes, France
  name: 'EuroSys: European Conference on Computer Systems'
  start_date: 2022-04-05
date_created: 2022-04-24T22:01:43Z
date_published: 2022-03-28T00:00:00Z
date_updated: 2023-08-03T06:38:40Z
day: '28'
department:
- _id: ElKo
doi: 10.1145/3492321.3519594
external_id:
  arxiv:
  - '2105.11827'
  isi:
  - '000926506800003'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: ' https://doi.org/10.48550/arXiv.2105.11827'
month: '03'
oa: 1
oa_version: Preprint
page: 34-50
publication: Proceedings of the 17th European Conference on Computer Systems
publication_identifier:
  isbn:
  - '9781450391627'
publication_status: published
publisher: Association for Computing Machinery
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'Narwhal and Tusk: A DAG-based mempool and efficient BFT consensus'
type: conference
user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8
year: '2022'
...
---
_id: '10553'
abstract:
- lang: eng
  text: The popularity of permissioned blockchain systems demands BFT SMR protocols
    that are efficient under good network conditions (synchrony) and robust under
    bad network conditions (asynchrony). The state-of-the-art partially synchronous
    BFT SMR protocols provide optimal linear communication cost per decision under
    synchrony and good leaders, but lose liveness under asynchrony. On the other hand,
    the state-of-the-art asynchronous BFT SMR protocols are live even under asynchrony,
    but always pay quadratic cost even under synchrony. In this paper, we propose
    a BFT SMR protocol that achieves the best of both worlds -- optimal linear cost
    per decision under good networks and leaders, optimal quadratic cost per decision
    under bad networks, and remains always live.
article_processing_charge: No
arxiv: 1
author:
- first_name: Rati
  full_name: Gelashvili, Rati
  last_name: Gelashvili
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Alexander
  full_name: Spiegelman, Alexander
  last_name: Spiegelman
- first_name: Zhuolun
  full_name: Xiang, Zhuolun
  last_name: Xiang
citation:
  ama: 'Gelashvili R, Kokoris Kogias E, Spiegelman A, Xiang Z. Brief announcement:
    Be prepared when network goes bad: An asynchronous view-change protocol. In: <i>Proceedings
    of the 2021 ACM Symposium on Principles of Distributed Computing</i>. Association
    for Computing Machinery; 2021:187-190. doi:<a href="https://doi.org/10.1145/3465084.3467941">10.1145/3465084.3467941</a>'
  apa: 'Gelashvili, R., Kokoris Kogias, E., Spiegelman, A., &#38; Xiang, Z. (2021).
    Brief announcement: Be prepared when network goes bad: An asynchronous view-change
    protocol. In <i>Proceedings of the 2021 ACM Symposium on Principles of Distributed
    Computing</i> (pp. 187–190). Virtual, Italy: Association for Computing Machinery.
    <a href="https://doi.org/10.1145/3465084.3467941">https://doi.org/10.1145/3465084.3467941</a>'
  chicago: 'Gelashvili, Rati, Eleftherios Kokoris Kogias, Alexander Spiegelman, and
    Zhuolun Xiang. “Brief Announcement: Be Prepared When Network Goes Bad: An Asynchronous
    View-Change Protocol.” In <i>Proceedings of the 2021 ACM Symposium on Principles
    of Distributed Computing</i>, 187–90. Association for Computing Machinery, 2021.
    <a href="https://doi.org/10.1145/3465084.3467941">https://doi.org/10.1145/3465084.3467941</a>.'
  ieee: 'R. Gelashvili, E. Kokoris Kogias, A. Spiegelman, and Z. Xiang, “Brief announcement:
    Be prepared when network goes bad: An asynchronous view-change protocol,” in <i>Proceedings
    of the 2021 ACM Symposium on Principles of Distributed Computing</i>, Virtual,
    Italy, 2021, pp. 187–190.'
  ista: 'Gelashvili R, Kokoris Kogias E, Spiegelman A, Xiang Z. 2021. Brief announcement:
    Be prepared when network goes bad: An asynchronous view-change protocol. Proceedings
    of the 2021 ACM Symposium on Principles of Distributed Computing. PODC: Principles
    of Distributed Computing, 187–190.'
  mla: 'Gelashvili, Rati, et al. “Brief Announcement: Be Prepared When Network Goes
    Bad: An Asynchronous View-Change Protocol.” <i>Proceedings of the 2021 ACM Symposium
    on Principles of Distributed Computing</i>, Association for Computing Machinery,
    2021, pp. 187–90, doi:<a href="https://doi.org/10.1145/3465084.3467941">10.1145/3465084.3467941</a>.'
  short: R. Gelashvili, E. Kokoris Kogias, A. Spiegelman, Z. Xiang, in:, Proceedings
    of the 2021 ACM Symposium on Principles of Distributed Computing, Association
    for Computing Machinery, 2021, pp. 187–190.
conference:
  end_date: 2021-07-30
  location: Virtual, Italy
  name: 'PODC: Principles of Distributed Computing'
  start_date: 2021-07-26
date_created: 2021-12-16T13:20:19Z
date_published: 2021-07-21T00:00:00Z
date_updated: 2023-09-04T11:42:10Z
day: '21'
department:
- _id: ElKo
doi: 10.1145/3465084.3467941
external_id:
  arxiv:
  - '2103.03181'
  isi:
  - '000744439800018'
isi: 1
keyword:
- optimal
- state machine replication
- fallback
- asynchrony
- byzantine faults
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://arxiv.org/abs/2103.03181
month: '07'
oa: 1
oa_version: Preprint
page: 187-190
publication: Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing
publication_identifier:
  isbn:
  - 9-781-4503-8548-0
publication_status: published
publisher: Association for Computing Machinery
quality_controlled: '1'
scopus_import: '1'
status: public
title: 'Brief announcement: Be prepared when network goes bad: An asynchronous view-change
  protocol'
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
year: '2021'
...
---
_id: '10554'
abstract:
- lang: eng
  text: 'We present DAG-Rider, the first asynchronous Byzantine Atomic Broadcast protocol
    that achieves optimal resilience, optimal amortized communication complexity,
    and optimal time complexity. DAG-Rider is post-quantum safe and ensures that all
    values proposed by correct processes eventually get delivered. We construct DAG-Rider
    in two layers: In the first layer, processes reliably broadcast their proposals
    and build a structured Directed Acyclic Graph (DAG) of the communication among
    them. In the second layer, processes locally observe their DAGs and totally order
    all proposals with no extra communication.'
acknowledgement: "Oded Naor is grateful to the Technion Hiroshi Fujiwara Cyber-Security
  Research Center for providing a research grant. Part of Oded’s work was done while
  at Novi Research. This work was funded by the Novi team at Facebook. We also wish
  to thank the Novi Research team for valuable feedback, and in particular George
  Danezis, Alberto Sonnino, and Dahlia Malkhi.\r\n"
article_processing_charge: No
arxiv: 1
author:
- first_name: Idit
  full_name: Keidar, Idit
  last_name: Keidar
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Oded
  full_name: Naor, Oded
  last_name: Naor
- first_name: Alexander
  full_name: Spiegelman, Alexander
  last_name: Spiegelman
citation:
  ama: 'Keidar I, Kokoris Kogias E, Naor O, Spiegelman A. All You Need is DAG. In:
    <i>Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing</i>.
    Association for Computing Machinery; 2021:165-175. doi:<a href="https://doi.org/10.1145/3465084.3467905">10.1145/3465084.3467905</a>'
  apa: 'Keidar, I., Kokoris Kogias, E., Naor, O., &#38; Spiegelman, A. (2021). All
    You Need is DAG. In <i>Proceedings of the 2021 ACM Symposium on Principles of
    Distributed Computing</i> (pp. 165–175). Virtual, Italy: Association for Computing
    Machinery. <a href="https://doi.org/10.1145/3465084.3467905">https://doi.org/10.1145/3465084.3467905</a>'
  chicago: Keidar, Idit, Eleftherios Kokoris Kogias, Oded Naor, and Alexander Spiegelman.
    “All You Need Is DAG.” In <i>Proceedings of the 2021 ACM Symposium on Principles
    of Distributed Computing</i>, 165–75. Association for Computing Machinery, 2021.
    <a href="https://doi.org/10.1145/3465084.3467905">https://doi.org/10.1145/3465084.3467905</a>.
  ieee: I. Keidar, E. Kokoris Kogias, O. Naor, and A. Spiegelman, “All You Need is
    DAG,” in <i>Proceedings of the 2021 ACM Symposium on Principles of Distributed
    Computing</i>, Virtual, Italy, 2021, pp. 165–175.
  ista: 'Keidar I, Kokoris Kogias E, Naor O, Spiegelman A. 2021. All You Need is DAG.
    Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing.
    PODC: Principles of Distributed Computing, 165–175.'
  mla: Keidar, Idit, et al. “All You Need Is DAG.” <i>Proceedings of the 2021 ACM
    Symposium on Principles of Distributed Computing</i>, Association for Computing
    Machinery, 2021, pp. 165–75, doi:<a href="https://doi.org/10.1145/3465084.3467905">10.1145/3465084.3467905</a>.
  short: I. Keidar, E. Kokoris Kogias, O. Naor, A. Spiegelman, in:, Proceedings of
    the 2021 ACM Symposium on Principles of Distributed Computing, Association for
    Computing Machinery, 2021, pp. 165–175.
conference:
  end_date: 2021-07-30
  location: Virtual, Italy
  name: 'PODC: Principles of Distributed Computing'
  start_date: 2021-07-26
date_created: 2021-12-16T13:21:13Z
date_published: 2021-07-21T00:00:00Z
date_updated: 2023-08-17T06:24:44Z
day: '21'
department:
- _id: ElKo
doi: 10.1145/3465084.3467905
external_id:
  arxiv:
  - '2102.08325'
  isi:
  - '000744439800016'
isi: 1
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://arxiv.org/abs/2102.08325
month: '07'
oa: 1
oa_version: Preprint
page: 165-175
publication: Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing
publication_identifier:
  isbn:
  - 978-1-4503-8548-0
publication_status: published
publisher: Association for Computing Machinery
quality_controlled: '1'
scopus_import: '1'
status: public
title: All You Need is DAG
type: conference
user_id: 4359f0d1-fa6c-11eb-b949-802e58b17ae8
year: '2021'
...