SlideShare ist ein Scribd-Unternehmen logo

Algorand

•Als PPTX, PDF herunterladen•
•
A
Andrew Huang

Summary of Micali's Algorand

Technologie
1 von 28
Algorand: Scaling Byzantine Agreements for Cryptocurrencies Yossi Gilad, Rotem Hemo, Silvio Micali, Georgios Vlachos, Nickolai Zeldovich MIT CSAIL SOSP '17 Presented by Andrew Huang
The Dream • Shared Ledger: sequence of organized data • Readable by All • Writeable by All • Tamperproof for all
The Dream Infrastructure How can we implement it?
Bitcoin Communication: Gossip Main assumption: Honesty Majority of Compute Main idea: Consensus via proof of work (PoW) Problems: Computational waste Concentration of power Scalability Ambiguity
Communication: Gossip Main assumption: Honesty Majority of Money Main idea: Byzantine Agreement* (BA*) Goals: • Trivial Computation • True Decentralization • Finality of Payment • Scalability • Security
BA Overview • Handle malicious failures or Adversaries • Agreement: All participants agree on the same value • Validity: If proposer is correct, every correct participant agrees on the value general sends Challenges: • Slow • Players are fixed and known in advance Solution: BA*
Algorand Features (1/4) • Problem: BA* & Sybil Attack • Solution: Weighted users • Users are weighted by the money in their account • Algorand can avoid forks and double spending • Assumes honest majority of money P p_i p_j p_k $ $/3 $/3 $/3
Weighted Users vs Proof of Stake (PoS) • Both avoid computation of PoW • Main difference: Ambiguity • PoS flaw in a nutshell: • Malicious leader (who assembles new block) can create a fork in the network • Can be caught (e.g., since two versions of the new block are signed with his key) => the leader loses his money • in Algorand • Weights ensure that the attacker cannot amplify his power by using pseudonyms • as long as the attacker controls less than 1/3 of the monetary value of system • Guarantee that the probability for forks is negligible
Algorand Features (2/4) • Problem: BA is not scalable • Solution: BA* uses consensus by committee • Randomly select a small set of representatives from the total set of users • Committee members will publicly broadcast messages allowing others to learn agreed-upon block • Concerns • How to randomly choose committee members? • How to ensure adversary cannot fake being a committee member? • How to ensure committee members are not targeted?
Algorand Features (3/4) • Problem: • How to randomly choose committee members • Ensure adversary cannot fake being a committee member • Solution: Cryptographic sortition • Users can independently and privately determine if they are chosen • Sortition will choose users randomly based on their weight • Randomness comes from publicly known seed
Algorand Features (3/4) • Problem: • How to randomly choose committee members • Ensure adversary cannot fake being a committee member • Solution: Cryptographic sortition • Users have (pk, sk) Blockchain has a random Seed • Every user will execute 𝐹𝑠𝑘 • 𝐹𝑠𝑘 𝑆𝑒𝑒𝑑 ⇒ (ℎ𝑎𝑠ℎ 𝒉, 𝑝𝑟𝑜𝑜𝑓 𝝅) • Algorand will set criteria (based on weight) • ⇒ If User’s 𝒉 fulfills criteria ⇒ User in committee • Committee members attach ℎ, 𝜋, pk to messages • 𝑉𝑒𝑟𝑖𝑓𝑦 𝑆𝑒𝑒𝑑, ℎ, 𝜋, 𝑝𝑘
Algorand Features (4/4) • Problem: Adversary may target a committee member once that member sends a message • Solution: Participant replacement • Committee members only speak once • Immediately becomes irrelevant to BA* • BA* avoids any private state • New committee is elected every step of BA* • All users can become committee members
Overview • Communicate via gossip • Each user collects a block of transactions they hear about • Algorand will initiate a round starting w/ block proposal • Create committee using Sortition • All committee members will propose their block • Users will wait for a time period to receive blocks • only keep highest priority block • All users who received some block will initiate BA* to reach majority consensus and commit a block
BA* • Goals: • Safety: All users agree on the same value • Liveness: The system makes progress • Assumptions: • Strong synchrony assumption • Assumes most honest users can send messages to other users within a known time bound • This assumption allows the adversary to control the network of a few honest users • Achieve liveness • Weak synchrony assumption • The network can be asynchronous for a long but bounded period of time • After an asynchrony period (b), the network must be strongly synchronous (s) for a reasonably long period again for Algorand to ensure safety • s < b
BA* • Phase 1: Reduction() • Reach consensus on one of two values, a proposed block or an empty block • Phase 2: BinaryBA() • Reach consensus on either the block from reduction or an empty block • Relies on Reduction() to ensure that at most one-non empty block is passed to BinaryBA() by all honest users Reduction() B1 B2 B3 BinaryBA() Decide between received block and ∅ 𝐵𝑖 || ∅ Bn+1Bn
Brief Overview • Each phase runs in steps • Phase 1: 2 steps • Phase 2: 2 – 13 steps • All users should a block • Each step calls sortition to create a committee • Each committee member will broadcast their vote for their block • Users that receive more than t votes for a block will hold onto that block • All users can see messages
BA*- Reduction() • Context: Users have received a block from block proposal • Step 1: Each committee member votes for their block • All users will see these votes and tally them up and adopt the majority or the empty block • Step 2: Each committee member votes for their block Pass on B2 B1 B2 B1 B1 B2 Sees majority vote for B2 Sees majority for B2 Sees no majority Sees majority for B2 Sees no majority B2 ∅ B2 ∅ B2
BA* - BinaryBA() • Receive a single block from Reduction() • In examples, assume nonempty block • We will now choose either the empty block or the block from reduction • In synchronous system • Simple case: • Step 1: Most committee members send the same block • Nodes notice they are passing a large threshold, they will invoke a special final vote • Step FINAL: Large threshold of users vote for the same block and commit to block chain B2 B2 ∅ B2 B2 B2 B2
BA* - BinaryBA() Synchronous system • Adversary case: • Step 1: Adversary tells User_A its vote, and remaining Users nothing • Other Users timeout • If chosen for committee, does not adopt Empty Block, instead times out • User_A reaches consensus • Guaranteed to remain in next three steps • Step 2: Anyone who time’d out will adopt User_A’s block • Step N: Continue until special FINAL round B2 B2 E B2 E B2 TO TO TO B2 B2 B2 NODE A
BA* - BinaryBA() Asynchronous System Similar scenario: Step 1: Committee share their votes • User A hears all the votes and reaches consensus on Block B • All other users time out Step 2: User A votes for B, but everyone times out a 2nd time • Time’d out users will adopt empty block E and gossip to their network We’ve reached two consensus’s on B and E E EB2 B2 B2 TO TO TO NODE A B2TO E E E E
BinaryBA() - Getting unstuck Two Groups A, B vote for two different values B and E • Adversary could control network causing groups to remain split Solution: 3rd Step Binary Coin
BinaryBA() - Getting unstuck • Committee members will agree on binary value (coin) from their hash • Choose the least significant bit of the lowest hash amongst committee • Attach coin to messages, as means of reaching consensus • As long as enough users observe the same bit, BinaryBA () will reach consensus in the next iteration of the loop with Probability ½ • Adversary consistently having lowest hash is extremely unlikely
Evaluation setup • Deploy prototype on 1,000 EC2 instances • m4.2xlarge VM’s, 1 Gbps • Simulate 50 users running Algorand • 50,000 total users • 1 MB block • Cap bandwidth for each process to 20 Mbps • Each machine is assigned to one of 20 major cities around the world • Equal share of money for each user • Maximizes number of messages that a user needs to process
Evaluation: Latency What is the latency for txn? • Well under a minute • BTC: 30 min to 16 hr How does it scale as the number of users grows? • Near constant • Committee size is set to 10K
Evaluation: Latency & Throughput • What throughput can Algorand achieve in terms of transactions per second? • Block Proposal: linear increase • BA*: close to constant • Bitcoin • Commits 1 MByte block/10min • 6 MBytes of transactions per hour • Algorand • 2 MByte block / 22 seconds • 327 MBytes of transactions per hour
Future Work • Incentives • Bitcoin gives miners some BTC • Cost of joining • To join Alogrand, users must fetch blocks and their certificates • Other cryptocurrencies face this problem, but don’t have Algorand’s throughput • Forward security • Adversaries could corrupt users over time
Communication: Gossip Main idea: Byzantine Agreement* (BA*) Main assumption: Honesty Majority of Money Advantages: Trivial Computation True Decentralization Finality of Payment Scalability Security CONCLUSION:
Algorand

Empfohlen

Smart contracts
Smart contractsSmart contracts
Smart contractsPhilippe Camacho, Ph.D.
 
Algorand blockchain basics, decentralized and for developers
Algorand blockchain basics, decentralized and for developersAlgorand blockchain basics, decentralized and for developers
Algorand blockchain basics, decentralized and for developersRuss Fustino
 
The Algorand Blockchain Decentralized and for Developers
The Algorand Blockchain Decentralized and for DevelopersThe Algorand Blockchain Decentralized and for Developers
The Algorand Blockchain Decentralized and for DevelopersRuss Fustino
 
Cryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologyCryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologySabrina Kirrane
 
Basics of Bitcoin & Mining
Basics of Bitcoin & MiningBasics of Bitcoin & Mining
Basics of Bitcoin & MiningAkhilesh Arora
 
Blockchain ppt
Blockchain pptBlockchain ppt
Blockchain pptWajihawaseem
 
Blockchain technology
Blockchain technologyBlockchain technology
Blockchain technologyAayt Bahaa
 
Algorand
AlgorandAlgorand
Algorandatousa_ahsani
 

Empfohlen

Smart contracts
Smart contractsSmart contracts
Smart contractsPhilippe Camacho, Ph.D.
 
Algorand blockchain basics, decentralized and for developers
Algorand blockchain basics, decentralized and for developersAlgorand blockchain basics, decentralized and for developers
Algorand blockchain basics, decentralized and for developersRuss Fustino
 
The Algorand Blockchain Decentralized and for Developers
The Algorand Blockchain Decentralized and for DevelopersThe Algorand Blockchain Decentralized and for Developers
The Algorand Blockchain Decentralized and for DevelopersRuss Fustino
 
Cryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologyCryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologySabrina Kirrane
 
Basics of Bitcoin & Mining
Basics of Bitcoin & MiningBasics of Bitcoin & Mining
Basics of Bitcoin & MiningAkhilesh Arora
 
Blockchain ppt
Blockchain pptBlockchain ppt
Blockchain pptWajihawaseem
 
Blockchain technology
Blockchain technologyBlockchain technology
Blockchain technologyAayt Bahaa
 
Algorand
AlgorandAlgorand
Algorandatousa_ahsani
 
Types of blockchain
Types of blockchainTypes of blockchain
Types of blockchainDarwin Labs
 
What's cryptocurrency ?
What's cryptocurrency ?What's cryptocurrency ?
What's cryptocurrency ?Everythingcrypto
 
Introduction To CryptoCurrency
Introduction To CryptoCurrencyIntroduction To CryptoCurrency
Introduction To CryptoCurrencySanjay Kumar
 
Ethereum (Blockchain Network)
Ethereum (Blockchain Network)Ethereum (Blockchain Network)
Ethereum (Blockchain Network)Qais Ammari
 
Qu'est-ce que la blockchain ?
Qu'est-ce que la blockchain ?Qu'est-ce que la blockchain ?
Qu'est-ce que la blockchain ?Jedha Bootcamp
 
Blockchain ppt
Blockchain pptBlockchain ppt
Blockchain pptabhi sharma
 
Ethereum-Cryptocurrency (All about Ethereum)
Ethereum-Cryptocurrency (All about Ethereum) Ethereum-Cryptocurrency (All about Ethereum)
Ethereum-Cryptocurrency (All about Ethereum) عطاءالمنعم اثیل شیخ
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to BlockchainAIMDek Technologies
 
Biometric Authentication PPT
Biometric Authentication PPTBiometric Authentication PPT
Biometric Authentication PPTOECLIB Odisha Electronics Control Library
 
Blockchain, DLT, Tokens and ICO Introduction Course
Blockchain, DLT, Tokens and ICO Introduction CourseBlockchain, DLT, Tokens and ICO Introduction Course
Blockchain, DLT, Tokens and ICO Introduction CourseJean-Marc Seigneur
 
Blockchain
BlockchainBlockchain
BlockchainSoftware Infrastructure
 
Introduction to Ethereum
Introduction to EthereumIntroduction to Ethereum
Introduction to EthereumTerek Judi
 
Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain TechnologyMithileysh Sathiyanarayanan
 
The Algorand Blockchain
The Algorand BlockchainThe Algorand Blockchain
The Algorand BlockchainRuss Fustino
 
Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Amir Rafati
 
Bitcoin history
Bitcoin historyBitcoin history
Bitcoin historyBitcoinWiki
 
Blockchain
BlockchainBlockchain
BlockchainMohit Singh
 
BITCOIN- A Presentation.
BITCOIN- A Presentation.BITCOIN- A Presentation.
BITCOIN- A Presentation.Mimansha Bahadur
 
Blockchain technology
Blockchain technologyBlockchain technology
Blockchain technologyhellygeorge
 
Blockchain consensus algorithms
Blockchain consensus algorithmsBlockchain consensus algorithms
Blockchain consensus algorithmsAnurag Dashputre
 
Blockchain-Presentation.pptx
Blockchain-Presentation.pptxBlockchain-Presentation.pptx
Blockchain-Presentation.pptxMeganaaGodhala
 
Blockchain
BlockchainBlockchain
BlockchainGopal Goel
 

Weitere ähnliche Inhalte

Was ist angesagt?

Types of blockchain
Types of blockchainTypes of blockchain
Types of blockchainDarwin Labs
 
What's cryptocurrency ?
What's cryptocurrency ?What's cryptocurrency ?
What's cryptocurrency ?Everythingcrypto
 
Introduction To CryptoCurrency
Introduction To CryptoCurrencyIntroduction To CryptoCurrency
Introduction To CryptoCurrencySanjay Kumar
 
Ethereum (Blockchain Network)
Ethereum (Blockchain Network)Ethereum (Blockchain Network)
Ethereum (Blockchain Network)Qais Ammari
 
Qu'est-ce que la blockchain ?
Qu'est-ce que la blockchain ?Qu'est-ce que la blockchain ?
Qu'est-ce que la blockchain ?Jedha Bootcamp
 
Blockchain ppt
Blockchain pptBlockchain ppt
Blockchain pptabhi sharma
 
Blockchain, DLT, Tokens and ICO Introduction Course
Blockchain, DLT, Tokens and ICO Introduction CourseBlockchain, DLT, Tokens and ICO Introduction Course
Blockchain, DLT, Tokens and ICO Introduction CourseJean-Marc Seigneur
 
Introduction to Ethereum
Introduction to EthereumIntroduction to Ethereum
Introduction to EthereumTerek Judi
 
The Algorand Blockchain
The Algorand BlockchainThe Algorand Blockchain
The Algorand BlockchainRuss Fustino
 
Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Amir Rafati
 
Bitcoin history
Bitcoin historyBitcoin history
Bitcoin historyBitcoinWiki
 
Blockchain
BlockchainBlockchain
BlockchainMohit Singh
 
BITCOIN- A Presentation.
BITCOIN- A Presentation.BITCOIN- A Presentation.
BITCOIN- A Presentation.Mimansha Bahadur
 
Blockchain technology
Blockchain technologyBlockchain technology
Blockchain technologyhellygeorge
 
Blockchain consensus algorithms
Blockchain consensus algorithmsBlockchain consensus algorithms
Blockchain consensus algorithmsAnurag Dashputre
 

Was ist angesagt? (20)

Types of blockchain
Types of blockchainTypes of blockchain
Types of blockchain
 
What's cryptocurrency ?
What's cryptocurrency ?What's cryptocurrency ?
What's cryptocurrency ?
 
Introduction To CryptoCurrency
Introduction To CryptoCurrencyIntroduction To CryptoCurrency
Introduction To CryptoCurrency
 
Ethereum (Blockchain Network)
Ethereum (Blockchain Network)Ethereum (Blockchain Network)
Ethereum (Blockchain Network)
 
Qu'est-ce que la blockchain ?
Qu'est-ce que la blockchain ?Qu'est-ce que la blockchain ?
Qu'est-ce que la blockchain ?
 
Blockchain ppt
Blockchain pptBlockchain ppt
Blockchain ppt
 
Ethereum-Cryptocurrency (All about Ethereum)
Ethereum-Cryptocurrency (All about Ethereum) Ethereum-Cryptocurrency (All about Ethereum)
Ethereum-Cryptocurrency (All about Ethereum)
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to Blockchain
 
Biometric Authentication PPT
Biometric Authentication PPTBiometric Authentication PPT
Biometric Authentication PPT
 
Blockchain, DLT, Tokens and ICO Introduction Course
Blockchain, DLT, Tokens and ICO Introduction CourseBlockchain, DLT, Tokens and ICO Introduction Course
Blockchain, DLT, Tokens and ICO Introduction Course
 
Blockchain
BlockchainBlockchain
Blockchain
 
Introduction to Ethereum
Introduction to EthereumIntroduction to Ethereum
Introduction to Ethereum
 
Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain Technology
 
The Algorand Blockchain
The Algorand BlockchainThe Algorand Blockchain
The Algorand Blockchain
 
Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)
 
Bitcoin history
Bitcoin historyBitcoin history
Bitcoin history
 
Blockchain
BlockchainBlockchain
Blockchain
 
BITCOIN- A Presentation.
BITCOIN- A Presentation.BITCOIN- A Presentation.
BITCOIN- A Presentation.
 
Blockchain technology
Blockchain technologyBlockchain technology
Blockchain technology
 
Blockchain consensus algorithms
Blockchain consensus algorithmsBlockchain consensus algorithms
Blockchain consensus algorithms
 

Ähnlich wie Algorand

Blockchain-Presentation.pptx
Blockchain-Presentation.pptxBlockchain-Presentation.pptx
Blockchain-Presentation.pptxMeganaaGodhala
 
Blockchain
BlockchainBlockchain
BlockchainGopal Goel
 
Bitcoin Decision Point - April 2017
Bitcoin Decision Point - April 2017Bitcoin Decision Point - April 2017
Bitcoin Decision Point - April 2017Jeff Garzik
 
Bitcoin MOOC Lecture 2.pptx
Bitcoin MOOC Lecture 2.pptxBitcoin MOOC Lecture 2.pptx
Bitcoin MOOC Lecture 2.pptxOluseyi Akindeinde
 
Ppt eos
Ppt eosPpt eos
Ppt eosV C
 
DeCloud: Truthful Decentralized Double Auction for Edge Clouds
DeCloud: Truthful Decentralized Double Auction for Edge CloudsDeCloud: Truthful Decentralized Double Auction for Edge Clouds
DeCloud: Truthful Decentralized Double Auction for Edge CloudsNitinder Mohan
 
Overview of bitcoin
Overview of bitcoinOverview of bitcoin
Overview of bitcoinAbdul Nasir
 
Lets learn the_importance_of_trilemma_in_blockchain_by_algorand
Lets learn the_importance_of_trilemma_in_blockchain_by_algorandLets learn the_importance_of_trilemma_in_blockchain_by_algorand
Lets learn the_importance_of_trilemma_in_blockchain_by_algorandJitendraNaik16
 
Consensus Algorithms: An Introduction & Analysis
Consensus Algorithms: An Introduction & AnalysisConsensus Algorithms: An Introduction & Analysis
Consensus Algorithms: An Introduction & AnalysisZak Cole
 
Synchronization
SynchronizationSynchronization
SynchronizationSara shall
 
Introduction to Attacks on Bitcoin and Cryptos
Introduction to Attacks on Bitcoin and CryptosIntroduction to Attacks on Bitcoin and Cryptos
Introduction to Attacks on Bitcoin and Cryptosssuser18349f1
 
Blockchain (1).pptx
Blockchain (1).pptxBlockchain (1).pptx
Blockchain (1).pptxMeetPBarasara
 
Blockchain 101
Blockchain 101Blockchain 101
Blockchain 101Oded Noam
 
The Secret behind the Blockchain Technology
The Secret behind the Blockchain TechnologyThe Secret behind the Blockchain Technology
The Secret behind the Blockchain TechnologyPECB
 
Blockchain general presentation nov 2017 v eng
Blockchain general presentation nov 2017 v engBlockchain general presentation nov 2017 v eng
Blockchain general presentation nov 2017 v engDavid Vangulick
 
All about blockchain
All about blockchainAll about blockchain
All about blockchainV C
 
Dash
DashDash
DashJosh Chu
 
Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptxGopalSB
 
Stm
StmStm
StmV C
 

Ähnlich wie Algorand (20)

Blockchain-Presentation.pptx
Blockchain-Presentation.pptxBlockchain-Presentation.pptx
Blockchain-Presentation.pptx
 
Blockchain
BlockchainBlockchain
Blockchain
 
Bitcoin Decision Point - April 2017
Bitcoin Decision Point - April 2017Bitcoin Decision Point - April 2017
Bitcoin Decision Point - April 2017
 
Bitcoin MOOC Lecture 2.pptx
Bitcoin MOOC Lecture 2.pptxBitcoin MOOC Lecture 2.pptx
Bitcoin MOOC Lecture 2.pptx
 
Ppt eos
Ppt eosPpt eos
Ppt eos
 
DeCloud: Truthful Decentralized Double Auction for Edge Clouds
DeCloud: Truthful Decentralized Double Auction for Edge CloudsDeCloud: Truthful Decentralized Double Auction for Edge Clouds
DeCloud: Truthful Decentralized Double Auction for Edge Clouds
 
Overview of bitcoin
Overview of bitcoinOverview of bitcoin
Overview of bitcoin
 
Lets learn the_importance_of_trilemma_in_blockchain_by_algorand
Lets learn the_importance_of_trilemma_in_blockchain_by_algorandLets learn the_importance_of_trilemma_in_blockchain_by_algorand
Lets learn the_importance_of_trilemma_in_blockchain_by_algorand
 
Consensus Algorithms: An Introduction & Analysis
Consensus Algorithms: An Introduction & AnalysisConsensus Algorithms: An Introduction & Analysis
Consensus Algorithms: An Introduction & Analysis
 
Blockchain
BlockchainBlockchain
Blockchain
 
Synchronization
SynchronizationSynchronization
Synchronization
 
Introduction to Attacks on Bitcoin and Cryptos
Introduction to Attacks on Bitcoin and CryptosIntroduction to Attacks on Bitcoin and Cryptos
Introduction to Attacks on Bitcoin and Cryptos
 
Blockchain (1).pptx
Blockchain (1).pptxBlockchain (1).pptx
Blockchain (1).pptx
 
Blockchain 101
Blockchain 101Blockchain 101
Blockchain 101
 
The Secret behind the Blockchain Technology
The Secret behind the Blockchain TechnologyThe Secret behind the Blockchain Technology
The Secret behind the Blockchain Technology
 
Blockchain general presentation nov 2017 v eng
Blockchain general presentation nov 2017 v engBlockchain general presentation nov 2017 v eng
Blockchain general presentation nov 2017 v eng
 
All about blockchain
All about blockchainAll about blockchain
All about blockchain
 
Dash
DashDash
Dash
 
Unit 1.pptx
Unit 1.pptxUnit 1.pptx
Unit 1.pptx
 
Stm
StmStm
Stm
 

KĂźrzlich hochgeladen

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

KĂźrzlich hochgeladen (20)

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Algorand

  • 1. Algorand: Scaling Byzantine Agreements for Cryptocurrencies Yossi Gilad, Rotem Hemo, Silvio Micali, Georgios Vlachos, Nickolai Zeldovich MIT CSAIL SOSP '17 Presented by Andrew Huang
  • 2. The Dream • Shared Ledger: sequence of organized data • Readable by All • Writeable by All • Tamperproof for all
  • 3. The Dream Infrastructure How can we implement it?
  • 4. Bitcoin Communication: Gossip Main assumption: Honesty Majority of Compute Main idea: Consensus via proof of work (PoW) Problems: Computational waste Concentration of power Scalability Ambiguity
  • 5. Communication: Gossip Main assumption: Honesty Majority of Money Main idea: Byzantine Agreement* (BA*) Goals: • Trivial Computation • True Decentralization • Finality of Payment • Scalability • Security
  • 6. BA Overview • Handle malicious failures or Adversaries • Agreement: All participants agree on the same value • Validity: If proposer is correct, every correct participant agrees on the value general sends Challenges: • Slow • Players are fixed and known in advance Solution: BA*
  • 7. Algorand Features (1/4) • Problem: BA* & Sybil Attack • Solution: Weighted users • Users are weighted by the money in their account • Algorand can avoid forks and double spending • Assumes honest majority of money P p_i p_j p_k $ $/3 $/3 $/3
  • 8. Weighted Users vs Proof of Stake (PoS) • Both avoid computation of PoW • Main difference: Ambiguity • PoS flaw in a nutshell: • Malicious leader (who assembles new block) can create a fork in the network • Can be caught (e.g., since two versions of the new block are signed with his key) => the leader loses his money • in Algorand • Weights ensure that the attacker cannot amplify his power by using pseudonyms • as long as the attacker controls less than 1/3 of the monetary value of system • Guarantee that the probability for forks is negligible
  • 9. Algorand Features (2/4) • Problem: BA is not scalable • Solution: BA* uses consensus by committee • Randomly select a small set of representatives from the total set of users • Committee members will publicly broadcast messages allowing others to learn agreed-upon block • Concerns • How to randomly choose committee members? • How to ensure adversary cannot fake being a committee member? • How to ensure committee members are not targeted?
  • 10. Algorand Features (3/4) • Problem: • How to randomly choose committee members • Ensure adversary cannot fake being a committee member • Solution: Cryptographic sortition • Users can independently and privately determine if they are chosen • Sortition will choose users randomly based on their weight • Randomness comes from publicly known seed
  • 11. Algorand Features (3/4) • Problem: • How to randomly choose committee members • Ensure adversary cannot fake being a committee member • Solution: Cryptographic sortition • Users have (pk, sk) Blockchain has a random Seed • Every user will execute 𝐹𝑠𝑘 • 𝐹𝑠𝑘 𝑆𝑒𝑒𝑑 ⇒ (ℎ𝑎𝑠ℎ 𝒉, 𝑝𝑟𝑜𝑜𝑓 𝝅) • Algorand will set criteria (based on weight) • ⇒ If User’s 𝒉 fulfills criteria ⇒ User in committee • Committee members attach ℎ, 𝜋, pk to messages • 𝑉𝑒𝑟𝑖𝑓𝑦 𝑆𝑒𝑒𝑑, ℎ, 𝜋, 𝑝𝑘
  • 12. Algorand Features (4/4) • Problem: Adversary may target a committee member once that member sends a message • Solution: Participant replacement • Committee members only speak once • Immediately becomes irrelevant to BA* • BA* avoids any private state • New committee is elected every step of BA* • All users can become committee members
  • 13. Overview • Communicate via gossip • Each user collects a block of transactions they hear about • Algorand will initiate a round starting w/ block proposal • Create committee using Sortition • All committee members will propose their block • Users will wait for a time period to receive blocks • only keep highest priority block • All users who received some block will initiate BA* to reach majority consensus and commit a block
  • 14. BA* • Goals: • Safety: All users agree on the same value • Liveness: The system makes progress • Assumptions: • Strong synchrony assumption • Assumes most honest users can send messages to other users within a known time bound • This assumption allows the adversary to control the network of a few honest users • Achieve liveness • Weak synchrony assumption • The network can be asynchronous for a long but bounded period of time • After an asynchrony period (b), the network must be strongly synchronous (s) for a reasonably long period again for Algorand to ensure safety • s < b
  • 15. BA* • Phase 1: Reduction() • Reach consensus on one of two values, a proposed block or an empty block • Phase 2: BinaryBA() • Reach consensus on either the block from reduction or an empty block • Relies on Reduction() to ensure that at most one-non empty block is passed to BinaryBA() by all honest users Reduction() B1 B2 B3 BinaryBA() Decide between received block and ∅ 𝐵𝑖 || ∅ Bn+1Bn
  • 16. Brief Overview • Each phase runs in steps • Phase 1: 2 steps • Phase 2: 2 – 13 steps • All users should a block • Each step calls sortition to create a committee • Each committee member will broadcast their vote for their block • Users that receive more than t votes for a block will hold onto that block • All users can see messages
  • 17. BA*- Reduction() • Context: Users have received a block from block proposal • Step 1: Each committee member votes for their block • All users will see these votes and tally them up and adopt the majority or the empty block • Step 2: Each committee member votes for their block Pass on B2 B1 B2 B1 B1 B2 Sees majority vote for B2 Sees majority for B2 Sees no majority Sees majority for B2 Sees no majority B2 ∅ B2 ∅ B2
  • 18. BA* - BinaryBA() • Receive a single block from Reduction() • In examples, assume nonempty block • We will now choose either the empty block or the block from reduction • In synchronous system • Simple case: • Step 1: Most committee members send the same block • Nodes notice they are passing a large threshold, they will invoke a special final vote • Step FINAL: Large threshold of users vote for the same block and commit to block chain B2 B2 ∅ B2 B2 B2 B2
  • 19. BA* - BinaryBA() Synchronous system • Adversary case: • Step 1: Adversary tells User_A its vote, and remaining Users nothing • Other Users timeout • If chosen for committee, does not adopt Empty Block, instead times out • User_A reaches consensus • Guaranteed to remain in next three steps • Step 2: Anyone who time’d out will adopt User_A’s block • Step N: Continue until special FINAL round B2 B2 E B2 E B2 TO TO TO B2 B2 B2 NODE A
  • 20. BA* - BinaryBA() Asynchronous System Similar scenario: Step 1: Committee share their votes • User A hears all the votes and reaches consensus on Block B • All other users time out Step 2: User A votes for B, but everyone times out a 2nd time • Time’d out users will adopt empty block E and gossip to their network We’ve reached two consensus’s on B and E E EB2 B2 B2 TO TO TO NODE A B2TO E E E E
  • 21. BinaryBA() - Getting unstuck Two Groups A, B vote for two different values B and E • Adversary could control network causing groups to remain split Solution: 3rd Step Binary Coin
  • 22. BinaryBA() - Getting unstuck • Committee members will agree on binary value (coin) from their hash • Choose the least significant bit of the lowest hash amongst committee • Attach coin to messages, as means of reaching consensus • As long as enough users observe the same bit, BinaryBA () will reach consensus in the next iteration of the loop with Probability ½ • Adversary consistently having lowest hash is extremely unlikely
  • 23. Evaluation setup • Deploy prototype on 1,000 EC2 instances • m4.2xlarge VM’s, 1 Gbps • Simulate 50 users running Algorand • 50,000 total users • 1 MB block • Cap bandwidth for each process to 20 Mbps • Each machine is assigned to one of 20 major cities around the world • Equal share of money for each user • Maximizes number of messages that a user needs to process
  • 24. Evaluation: Latency What is the latency for txn? • Well under a minute • BTC: 30 min to 16 hr How does it scale as the number of users grows? • Near constant • Committee size is set to 10K
  • 25. Evaluation: Latency & Throughput • What throughput can Algorand achieve in terms of transactions per second? • Block Proposal: linear increase • BA*: close to constant • Bitcoin • Commits 1 MByte block/10min • 6 MBytes of transactions per hour • Algorand • 2 MByte block / 22 seconds • 327 MBytes of transactions per hour
  • 26. Future Work • Incentives • Bitcoin gives miners some BTC • Cost of joining • To join Alogrand, users must fetch blocks and their certificates • Other cryptocurrencies face this problem, but don’t have Algorand’s throughput • Forward security • Adversaries could corrupt users over time
  • 27. Communication: Gossip Main idea: Byzantine Agreement* (BA*) Main assumption: Honesty Majority of Money Advantages: Trivial Computation True Decentralization Finality of Payment Scalability Security CONCLUSION:

Hinweis der Redaktion

  1. The dream, shared ledger Notarization – contract signing Money transactions – bitcoin Common trusted parted – medical records
  2. Comp waste: Lots of people try, only one person wins => there is a significant amount of waste Concentration of power: mining pools => centralized, could be attacked, easier to be not honest Scalability: 7 transaction/sec vs visa’s 24k /sec Ambiguitiy: forks are all bad Overall it’s a good start
  3. Guarantees agreement and validity when majority of players are honest Majority 2/3 In synchronous system: No solution with fewer than 3f+1 processes can cope with f Malicious failures
  4. Sybil attack: adversary creates many pseudonyms to influence BA protocol
  5. Algorand will randomly select users based on weight -> assuming majority of the weight is honest, we will have an honesty majority
  6. Randomness will come from the seed
  7. Randomness will come from the seed
  8. async: entire network can be controller by adversary Bounded period of time (at most 1 day or one week) Need some synchrony for an hour or day
  9. Given BA is constant, and block proposal is lienar, could find the best block size to maximize throughput
  10. Honest majority of money people can’t just create fake identities/keys to get a majority of players Majority money in system is owned by honest people Trivial computation -> mostly sign, verify True decentralization -> single class of users, no miners or anything Finality of payments ->Pr[fork] < 10^-18 Scalability -> bottleneck is the network latency Security -> bad aversity Adversity: Can corrupt any player, but <= n/3 Totally controls and perfectly all bad players See all messages then choose all bad messages Cant forge signatures