The Stellar Consensus Protocol (SCP)

Similar documents
The Stellar Consensus Protocol (SCP) draft-mazieres-dinrg-scp-00

The Stellar Consensus Protocol

Distributed Systems. 11. Consensus: Paxos. Paul Krzyzanowski. Rutgers University. Fall 2015

Quorums. Christian Plattner, Gustavo Alonso Exercises for Verteilte Systeme WS05/06 Swiss Federal Institute of Technology (ETH), Zürich

DPaxos: Managing Data Closer to Users for Low-Latency and Mobile Applications

Fast Paxos (Leslie Lamport) Yuxin Liu, Hua Zhu EECS 591 Distributed systems

What can happen if two quorums try to lock their nodes at the same time?

Hello everyone. This is Trang. Let s give it a couple of more minutes for people to dial in, so we ll get started in a couple of minutes. Thank you.

Summary of Registration Changes

ICANN 45 TORONTO INTRODUCTION TO ICANN MULTI-STAKEHOLDER MODEL

Bigdata High Availability Quorum Design

P2P Content Distribution BitTorrent and Spotify

In a previous lecture, we used Aristotle s syllogisms to emphasize the

TAF_RZERC Executive Session_29Oct17

CONSTITUTION. NOWRA CHURCH OF CHRIST April 2014

BYLAWS FOR ELDER LED CHURCH

Load balanced Scalable Byzantine Agreement through Quorum Building, with Full Information

ST. CASIMIR CATHOLIC PARISH CLEVELAND, OHIO PARISH PASTORAL COUNCIL GUIDELINES Approved August 31, 2010 Updated March 5, 2013 with Amendment 1

APRIL 2017 KNX DALI-Gateways DG/S x BU EPBP GPG Building Automation. Thorsten Reibel, Training & Qualification

EQUAL EMPLOYMENT OPPORTUNITY GUIDELINES PRESBYTERY OF NORTHERN KANSAS COMMITTEE ON MINISTRY

BYLAWS OF THE UNITED CHURCH OF CHRIST

PHILOSOPHY OF LOGIC AND LANGUAGE OVERVIEW LOGICAL CONSTANTS WEEK 5: MODEL-THEORETIC CONSEQUENCE JONNY MCINTOSH

Whatever happened to cman?

Transcription ICANN London IDN Variants Saturday 21 June 2014

HOW TO WRITE AN NDES POLICY MODULE

ABB STOTZ-KONTAKT GmbH ABB i-bus KNX DGN/S DALI Gateway for emergency lighting

BY-LAWS THE MISSIONARY CHURCH, INC., WESTERN REGION

AUTOMATION. Presents DALI

CRISP Team teleconference held on Friday, January 2 nd 2015 (13:00 UTC) CRISP members present:

Carolina Bachenheimer-Schaefer, Thorsten Reibel, Jürgen Schilder & Ilija Zivadinovic Global Application and Solution Team

BYLAWS THE SUMMIT CHURCH HOMESTEAD HEIGHTS BAPTIST CHURCH, INC. PREAMBLE ARTICLE I NAME

1. Preliminary Definitions Application of Legislation Act

DALI HELP & TROUBLESHOOTING

Accountability and Transparency Review Team Meeting - Part II Page 1 of 11

BYLAWS OF THE BETHEL EVANGELICAL FREE CHURCH

SINGAPORE At Large Registration Issues Working Group

Artificial Intelligence Prof. Deepak Khemani Department of Computer Science and Engineering Indian Institute of Technology, Madras

AMENDMENTS TO THE MODEL CONSTITUTION FOR CONGREGATIONS

EXAMPLE THE APOSTOLIC FAITH MISSION OF SOUTH AFRICA - ASSEMBLY:.. POLICY (IN TERMS OF SECTION OF THE CONSTITUTION OF THE CHURCH)

Introduction. Foursquare covenants to support the ministry of its local churches, including Local Church, by:

Proposed Constitution of Zion United Church of Christ Baroda, Michigan Preamble

Why use perfect money and what are its benefits?

Volusia Community Organizations Active in Disaster Bylaws. As Updated November 19, 2014

BYLAWS OF WHITE ROCK BAPTIST CHURCH

BY-LAWS OF UNITY CHRIST CHURCH As Amended Through March, 2011 ARTICLE I

Presenting DALI Control your light easy, versatile and digital:

15 Does God have a Nature?

Draft reflecting proposed amendments as of January 5, 2017 CONSTITUTION OF THE NORTHWEST WISCONSIN ASSOCIATION UNITED CHURCH OF CHRIST

IN a distributed database system, data is

Artificial Intelligence Prof. Deepak Khemani Department of Computer Science and Engineering Indian Institute of Technology, Madras

Health Information Exchange Policy and Procedures

Circularity in ethotic structures

Holy Trinity Greek Orthodox Church of Biloxi Mississippi. Bylaws. February 8, Preamble

Module 1: Health Information Exchange Policy and Procedures

2017 Constitutional Updates. Based upon ELCA Model Constitution adopted 2016 at 14th Church Wide Assembly

BYLAWS OF FIRST BAPTIST CHURCH 1100 Malone Denton, Texas

Transcription ICANN Los Angeles Translation and Transliteration Contact Information PDP WG Update to the Council meeting Saturday 11 October 2014

Device Agnostic: Why You Need to Transform Now

By-Laws Of Victory Baptist Church Of Maple Grove Minnesota 55311

Additions are underlined. Deletions are struck through in the text.

Verification and Validation

INDEX THE MANUAL OF THE FREE METHODIST CHURCH IN CANADA

LONDON - GAC Meeting: High Level Governmental Meeting - Pre-Meeting Overview. Good afternoon, everyone. If you could take your seats, please.

Probabilistic Quorum-Based Accounting for Peer-to-Peer Systems

Quantificational logic and empty names

Parish Pastoral Council GUIDELINES ON CONSTITUTION AND BYLAWS

BYLAWS The Mount 860 Keller Smithfield Road Keller, TX 76248

Constitution 01/29/2017 Revision

This is the Newcomer ICANN Overview Day in the [Tabooki] Room from 0930 to Marrakech ICANN 55.

6. Truth and Possible Worlds

Hume. Hume the Empiricist. Judgments about the World. Impressions as Content of the Mind. The Problem of Induction & Knowledge of the External World

Oxford Scholarship Online

Q-OPT: Self-tuning Quorum System for Strongly Consistent Software Defined Storage

Personal Data Protection Policy

MARRAKECH CCWG-Accountability Engagement Session

Bylaws Of The Sanctuary A Georgia Non-Profit Religious Corporation

2nd International Workshop on Argument for Agreement and Assurance (AAA 2015), Kanagawa Japan, November 2015

DUBLIN Thick Whois Policy Implementation - IRT Meeting

BYLAWS OF FIRST BAPTIST CHURCH OF BRYAN, TEXAS PREAMBLE ARTICLE I NAME ARTICLE II MISSION STATEMENT ARTICLE III MEMBERSHIP

The Constitution of the Central Baptist Church of Jamestown, Rhode Island

1 EVALUATING CORROBORATIVE EVIDENCE

Transcription ICANN Durban Meeting. IDN Variants Meeting. Saturday 13 July 2013 at 15:30 local time

The Constitution of The Coptic Orthodox Church of Western Australia Incorporated

THE CONSTITUTION AND BYLAWS OF GLENVIEW COMMUNITY CHURCH

CHAPTER 3: LOCAL CHURCH ORGANIZATION

Sacrament of Confirmation

CONSTITUTION AND BYLAWS OF THE CONGREGATIONAL CHURCH OF NEEDHAM

THE INTERIM MINISTRY HANDBOOK of the New Hampshire Conference, United Church of Christ

OCTOBER SUNDAY SERVICE a.m. ALL ARE WELCOME

BYLAWS OF CALVARY CHURCH Pueblo, Colorado

Bylaws of Westoak Woods Baptist Church

Interview with Roberto Gaetano

Interview of Charles Bachman

BYLAWS FIRST BAPTIST CHURCH DECATUR, TEXAS. Adopted: 7/19/00 Last Revised: 2/14/16

CONSTITUTION OF THE NORTHWEST WISCONSIN ASSOCIATION UNITED CHURCH OF CHRIST

Guidelines for Intervention/Response To Clergy Addicted to a Substance or Behavior

Southside Baptist Church of Jacksonville, Florida Bylaws

The recordings and transcriptions of the calls are posted on the GNSO Master Calendar page

Transcript ICANN Marrakech GNSO Session Saturday, 05 March 2016 New Meeting Strategy

Device Agnostic: Why You Need to Transform Now

Transcription:

The Stellar Consensus Protocol (SCP) draft-mazieres-dinrg-scp-04 Nicolas Barry, Giuliano Losa, David Mazières, Jed McCaleb, Stanislas Polu IETF102 Friday, July 20, 2018

Motivation: Internet-level consensus Atomically transact across incompatible/distrustful systems - E.g., Transfer domain name in exchange for payment - Can we leverage the Internet and its decentralized governance to create a secure, reliable two-phase commit coordinator? Irrevocably delegate identifiers - E.g., certify email user public key w/o ability to equivocate - Can the Internet enforce delegation rules? Verify public disclosure & timestamp of information - Build IoT device that only upgrades to public firmware - Can the Internet maintain a software transparency log? All of these can be addressed w. public append-only log 2 / 18

What is the Internet? We think of IANA, ICANN, recursive delegation - But if Google, Netflix, Amazon, Comcast, etc. moved to a parallel IP network, most people in US wouldn t care about IANA or ICANN - People in China care about different sites can t even reach Google Hypothesis: all notions of the Internet transitively converge - Inherent Brinkmanship to network build out of pairwise peering - But huge disincentive to leaving keeps network transitively connected 3 / 18

Consensus based on Internet hypothesis Idea: Everyone picks a quorum slice that speaks for the Internet - E.g., I pick Stanford, IETF - You pick Baidu, Wechat, Alibaba - Alibaba and Stanford both include Google in their quorum slices - Transitively, we both depend on Google - Want guaranteed agreement so long as Google honest For fault tolerance, pick multiple quorum slices - E.g., depend on 4/5 FAANG companies - More realistically 3/4 of servers from each of 5 FAANGs Define quorums as transitive closure of slices - Let V be all nodes, Q(v) be all of node v s quorum slices Definition (Quorum) A quorum U V is a set of nodes that contains at least one slice of each of its members: v U, q Q(v) such that q U 4 / 18

v 1,..., v 4 is the smallest quorum containing v 1 5 / 18 Definition (Quorum) A quorum U V is a set of nodes that encompasses at least one slice of each of its members: v U, q Q(v) such that q U v 4 quorum for v 2, v 3, v 4 v 2 v 3 Q(v 1 ) = {{v 1, v 2, v 3 }} Q(v 2 ) = Q(v 3 ) = Q(v 4 ) = {{v 2, v 3, v 4 }} v 1 quorum slice for v 1, but not a quorum quorum for v 1,..., v 4 Visualize quorum slice dependencies with arrows v 2, v 3, v 4 is a quorum contains a slice of each member v 1, v 2, v 3 is a slice for v 1, but not a quorum - Doesn t contain a slice for v 2, v 3, who demand v 4 s agreement

v 1,..., v 4 is the smallest quorum containing v 1 5 / 18 Definition (Quorum) A quorum U V is a set of nodes that encompasses at least one slice of each of its members: v U, q Q(v) such that q U v 4 quorum for v 2, v 3, v 4 v 2 v 3 Q(v 1 ) = {{v 1, v 2, v 3 }} Q(v 2 ) = Q(v 3 ) = Q(v 4 ) = {{v 2, v 3, v 4 }} v 1 quorum slice for v 1, but not a quorum quorum for v 1,..., v 4 Visualize quorum slice dependencies with arrows v 2, v 3, v 4 is a quorum contains a slice of each member v 1, v 2, v 3 is a slice for v 1, but not a quorum - Doesn t contain a slice for v 2, v 3, who demand v 4 s agreement

v 1,..., v 4 is the smallest quorum containing v 1 5 / 18 Definition (Quorum) A quorum U V is a set of nodes that encompasses at least one slice of each of its members: v U, q Q(v) such that q U v 4 quorum for v 2, v 3, v 4 v 2 v 3 Q(v 1 ) = {{v 1, v 2, v 3 }} Q(v 2 ) = Q(v 3 ) = Q(v 4 ) = {{v 2, v 3, v 4 }} v 1 quorum slice for v 1, but not a quorum quorum for v 1,..., v 4 Visualize quorum slice dependencies with arrows v 2, v 3, v 4 is a quorum contains a slice of each member v 1, v 2, v 3 is a slice for v 1, but not a quorum - Doesn t contain a slice for v 2, v 3, who demand v 4 s agreement

v 1,..., v 4 is the smallest quorum containing v 1 5 / 18 Definition (Quorum) A quorum U V is a set of nodes that encompasses at least one slice of each of its members: v U, q Q(v) such that q U v 4 quorum for v 2, v 3, v 4 v 2 v 3 Q(v 1 ) = {{v 1, v 2, v 3 }} Q(v 2 ) = Q(v 3 ) = Q(v 4 ) = {{v 2, v 3, v 4 }} v 1 quorum slice for v 1, but not a quorum quorum for v 1,..., v 4 Visualize quorum slice dependencies with arrows v 2, v 3, v 4 is a quorum contains a slice of each member v 1, v 2, v 3 is a slice for v 1, but not a quorum - Doesn t contain a slice for v 2, v 3, who demand v 4 s agreement

Quorum slice representation struct SCPSlices { uint32 threshold; PublicKey validators<>; SCPSlices1 innersets<>; }; struct SCPSlices1 { uint32 threshold; PublicKey validators<>; SCPSlices2 innersets<>; }; struct SCPSlices2 { uint32 threshold; }; PublicKey validators<>; // the k in k-of-n // the k in k-of-n // the k in k-of-n Can t represent arbitrary quorum slices compactly Instead, use k-of-n configuration that can recurse twice - E.g., allows policies like 51% of each organization for 3/4 of organizations 6 / 18

Vote messages struct SCPStatement { PublicKey nodeid; // v (node signing message) uint64 slotindex; Hash quorumsethash; union switch (SCPStatementType type) { case SCP_ST_PREPARE: SCPPrepare prepare; case SCP_ST_COMMIT: SCPCommit commit; case SCP_ST_EXTERNALIZE: SCPExternalize externalize; case SCP_ST_NOMINATE: SCPNominate nominate; } pledges; }; struct SCPEnvelope { SCPStatement statement; Signature signature; }; Transmit quorum slices as SHA-256 hash of SCPQuorumSet - Use side protocol to request preimage if not cached 7 / 18

Main subroutine: federated voting vote a accept a quorum thresh. accept a quorum thresh. a is valid voted a accepted a confirmed a uncommitted voted a accept a blocking thresh. Nodes vote for or against a conceptual statement a Can t accept contradictory statements if quorum intersection despite faulty nodes (intertwined) and in honest quorum (intact) Can t confirm contradictory statements if intertwined Could get stuck in voted or accepted stage - But if one intact node confirms statement, all will 8 / 18

Federated voting outcomes a-valent a agreed bivalent stuck a-valent a agreed If you can vote for or against statement a, vote may get stuck - E.g., split vote precludes quorum (since no way to change vote) - Or was quorum but nodes failed before everyone learned of it If you can t vote against a, then vote can always terminate - As long as there s a non-failed quorum, it can always vote for a - Call a irrefutable if honest nodes can t vote against it 9 / 18

Federated voting outcomes a-valent a agreed bivalent stuck a-valent a agreed If you can vote for or against statement a, vote may get stuck - E.g., split vote precludes quorum (since no way to change vote) - Or was quorum but nodes failed before everyone learned of it If you can t vote against a, then vote can always terminate - As long as there s a non-failed quorum, it can always vote for a - Call a irrefutable if honest nodes can t vote against it 9 / 18

SCP nomination message typedef opaque Value<>; struct SCPNominate { Value voted<>; // vote to nominate these values Value accepted<>; // assert that these are accepted }; union SCPStatement switch (SCPStatementType type) { case SCP_ST_NOMINATE: SCPNominate nominate; /*... */ }; Nodes broadcast nominated values in voted - Initially vote values in all received votes (ignoring optimization here) Upon accepting nomination of a, move from voted to accepted Stop voting for new values once any is confirmed nominated - But continue accepting and repeating votes already cast New: stop sending SCPNominate when ballot confirmed prepared - Means NOMINATION phase overlaps with PREPARE phase 10 / 18

Nomination flow NOMINATE tx 1, tx 2 NOMINATE tx 3 NOMINATE v 1 v 2 v 3 Nodes nominate values and re-nominate any nominations seen Stop adding to votes once any value confirmed nominated Nomination irrefutable, so will converge on set of values Deterministically combine nominations into composite value x Nodes guaranteed to converge on same value x - Complication: impossible to know when protocol has converged [FLP] - c.f. asynchronous reliable broadcast 11 / 18

Nomination flow NOMINATE tx 1, tx 2, tx 3 NOMINATE tx 1, tx 2, tx 3 NOMINATE tx 3 v 1 v 2 v 3 Nodes nominate values and re-nominate any nominations seen Stop adding to votes once any value confirmed nominated Nomination irrefutable, so will converge on set of values Deterministically combine nominations into composite value x Nodes guaranteed to converge on same value x - Complication: impossible to know when protocol has converged [FLP] - c.f. asynchronous reliable broadcast 11 / 18

Nomination flow NOMINATE tx 1, tx 2, tx 3 NOMINATE tx 1, tx 2, tx 3 NOMINATE tx 1, tx 2, tx 3 v 1 v 2 v 3 Nodes nominate values and re-nominate any nominations seen Stop adding to votes once any value confirmed nominated Nomination irrefutable, so will converge on set of values Deterministically combine nominations into composite value x Nodes guaranteed to converge on same value x - Complication: impossible to know when protocol has converged [FLP] - c.f. asynchronous reliable broadcast 11 / 18

Nomination flow x = i tx i x = i tx i x = i tx i v 1 v 2 v 3 Nodes nominate values and re-nominate any nominations seen Stop adding to votes once any value confirmed nominated Nomination irrefutable, so will converge on set of values Deterministically combine nominations into composite value x Nodes guaranteed to converge on same value x - Complication: impossible to know when protocol has converged [FLP] - c.f. asynchronous reliable broadcast 11 / 18

SCP ballots struct SCPBallot { uint32 counter; Value value; }; // n // x Composite nomination output must be run through balloting - Guarantees safety even if started before nomination converges A ballot b is a pair b.counter, b.value where b.counter is a candidate output value - Ballots totally ordered with counter more significant than value - Nodes may vote to commit or abort a ballot, not both - If a node confirms commit b for any b, it outputs b.value Let prepared(b) = {abort b b < b and b.value b.value} Invariant: cannot vote commit b unless federated voting has confirmed every statement in prepared(b) 12 / 18

SCP prepare message struct SCPPrepare { SCPBallot ballot; SCPBallot *prepared; SCPBallot *preparedprime; uint32 hcounter; uint32 ccounter; }; vote-or-accept prepare(ballot) if prepared NULL: accept prepare(*prepared) if preparedprime NULL: accept prepare(*preparedprime) if hcounter 0: confirm prepare( hcounter, ballot.value ) if ccounter 0: {vote commit( n, ballot.value ) ccounter n hcounter} Progress to COMMIT phase upon accepting commit of any ballot 13 / 18

Setting the prepare fields ballot.counter starts at 1, increases w. timeouts and received messages (details in a few slides) ballot.value b.value from highest b with confirmed prepared(b) (if any), otherwise composite nomination value prepared highest b for which sender accepted prepared(b) prepared highest b with accepted prepared(b) and different x from prepared hcounter h.counter from highest h with confirmed prepared(h) and b.value == h.value (new), else 0 ccounter 0 if hcounter == 0 or internal commit ballot c == NULL. Else, c.counter. Note c ballot when confirmed prepared and NULL when accepted aborted. 14 / 18

SCP commit message struct SCPCommit { SCPBallot ballot; uint32 preparedcounter; uint32 hcounter; uint32 ccounter; }; {accept commit( n, ballot.value ) hcounter n ccounter} vote-or-accept prepare(, ballot.value ) accept prepare( preparedcounter, ballot.value ) confirm prepare( hcounter, ballot.value ) {vote commit( n, ballot.value ) n ccounter} 15 / 18

SCP externalize message struct SCPExternalize { SCPBallot commit; uint32 hcounter; }; {accept commit( n, commit.value ) commit.counter n} {confirm commit( n, commit.value ) commit.counter n hcounter} accept prepare(, commit.value ) confirm prepare( hcounter, commit.value ) By the time you send this, already externalized commit.value - Means you have confirmed committed a ballot with commit.value - Goal is definitive record to help other nodes prove value/catch up 16 / 18

Balloting flow PREPARE 1, x COMMIT 1, x PREPARE 1, x COMMIT 1, x PREPARE 1, x COMMIT 1, x v 1 v 2 v 3 In the common case, will prepare and commit nominated value Else, arm timer when ballot counter reaches quorum threshold Bump counter and restart with new ballot whenever - Timer fires - A blocking threshold is at a higher ballot counter Nomination may finish converging in background Or if any value confirmed prepared, all nodes will eventually see it confirmed prepared and start using that value 17 / 18

Balloting flow PREPARE 1, x COMMIT 1, x PREPARE 1, x COMMIT 1, x PREPARE 1, x COMMIT 1, x v 1 v 2 v 3 In the common case, will prepare and commit nominated value Else, arm timer when ballot counter reaches quorum threshold Bump counter and restart with new ballot whenever - Timer fires - A blocking threshold is at a higher ballot counter Nomination may finish converging in background Or if any value confirmed prepared, all nodes will eventually see it confirmed prepared and start using that value 17 / 18

Questions? 18 / 18

2024 © religiondocbox.com Privacy Policy | Terms of Service | Feedback