BCube and Flint: Overcoming the 50% Barrier in Blockchains
1. Background on blockchains
Blockchain is a disruptive technology that enables data exchange and processing among a large number of mutually-distrusting parties. Blockchains are the foundation of many crypto-currencies such as Bitcoin, but the utilities of blockchains extend far beyond crypto-currencies: People believe that blockchains can bring more extensive collaboration and data sharing in many industries, such as trading, finance, and even healthcare.
2. The 50% barrier in blockchains
Security is one of the most important properties of blockchains. Blockchains today can remain secure, even if some of the nodes in the blockchain system are completely malicious. In fact, many blockchains today can tolerate up to almost 50% of the nodes being malicious, or more generally, up to 50% of the computational power, or hash power, or stake being malicious. However, there are growing needs for blockchains to remain secure, even when more than 50% of the nodes are malicious.
Is 50% a fundamental barrier for blockchains?
People are usually pessimistic about this question: First, there is simply no existing blockchain system can remain secure, when more than 50% of the nodes are malicious. For example, the well-known 51% attack breaks Bitcoin. Second, many people even believe that it is simply impossible to remain secure when more than 50% of the nodes are malicious. The intuition is that when half of the nodes are bad, the bad nodes can form their own world, that is separate from and symmetric with the world formed by the good nodes. This results in "split-brain" for the blockchain: We now have two symmetric worlds, and we cannot tell which is the one formed by good nodes.
3. Our work: Overcoming the 50% barrier
Perhaps somewhat surprisingly, in our research, we have invented the very first practical blockchain system (called BCube) that remains secure even when more then 50% of the nodes are malicious. Before proceeding, let us quickly clarify why the "split-brain" argument does not actually apply to blockchains: Indeed, there can be two symmetric worlds. But for a given user of the blockchain, assuming the user is an honest node, then the user can trust the world to which he/she belongs. This breaks the symmetry.
We have proved the security of BCube via formal proofs. We have also implemented a research prototype of BCube, and done experiments with up to 10000 nodes. Our results show that BCube can comfortably tolerate 70% of the nodes being malicious. Such tolerance can further increase, if one does not have stringent requirements on the performance of the blockchain. To achieve these strong results, at the core of BCube, we use a novel byzantine broadcast protocol (called OverlayBB) that we invent. OverlayBB is able to remain secure even when majority of the nodes are malicious. At the same time, it can deliver excellent end-to-end throughput, by using (among other things) for example, aggressive pipelining.
Flint is our follow-up work on BCube. While using byzantine broadcast enables BCube to tolerate a malicious majority, it also results in large block confirmation latency. For example, to confirm a transaction in BCube, it can take several hours. Under certain conditions, such a large confirmation latency is fundamental if the malicious nodes indeed constitute a majority of the entire system. However, one would expect that in common/typical cases, only a small fraction of the nodes will be malicious.
Given such, Flint strives to achieve the best of both worlds. First, under the common cases where the fraction of malicious nodes is small (e.g., 20%), then Flint can guarantee security and also provide fast confirmation. Such fast confirmation only takes a few minutes, rather than a few hours. Second, under the worst-case where the fraction of malicious nodes is large (e.g., 60%), Flint still guarantees security while providing normal confirmation latency (i.e., a few hours). Flint achieves this by have an optimistic track, which confirms transactions fast under the normal case, and a normal track, which guarantees security even under the worst-case.
4. Find more about BCube and Flint in our papers:
Ruomu Hou, Haifeng Yu, and Prateek Saxena, "Using Throughput-Centric Byzantine Broadcast to Tolerate Malicious Majority in Blockchains". IEEE Symposium on Security and Privacy (Oakland), May 2022.
Ruomu Hou and Haifeng Yu, "Optimistic Fast Confirmation While Tolerating Malicious Majority in Blockchains". IEEE Symposium on Security and Privacy (Oakland), May 2023.