TrustBoost Boosting Trust among Interoperable Blockchains

2025-05-06 0 0 1.18MB 14 页 10玖币

侵权投诉

TrustBoost: Boosting Trust among Interoperable Blockchains

Peiyao Sheng∗

psheng2@illinois.edu

University of Illinois

Urbana-Champaign

USA

Xuechao Wang∗

xuechaowang@hkust-gz.edu.cn

The Hong Kong University of Science

and Technology (Guangzhou)

China

Sreeram Kannan

ksreeram@ece.uw.edu

University of Washington

USA

Kartik Nayak

kartik@cs.duke.edu

Duke University

USA

Pramod Viswanath

pramodv@princeton.edu

Princeton University

USA

ABSTRACT

Currently there exist many blockchains with weak trust guarantees,

limiting applications and participation. Existing solutions to boost

the trust using a stronger blockchain, e.g., via checkpointing, re-

quires the weaker blockchain to give up sovereignty. In this paper,

we propose a family of protocols in which multiple blockchains

interact to create a combined ledger with boosted trust. We show

that even if several of the interacting blockchains cease to provide

security guarantees, the combined ledger continues to be secure –

our TrustBoost protocols achieve the optimal threshold of tolerating

the insecure blockchains. This optimality, along with the necessity

of blockchain interactions, is formally shown within the classic

shared memory model, tackling the long standing open challenge

of solving consensus in the presence of both Byzantine objects and

processes. Furthermore, our proposed construction of TrustBoost

simply operates via smart contracts and require no change to the

underlying consensus protocols of the participating blockchains, a

form of “consensus on top of consensus”. The protocols are light-

weight and can be used on specic (e.g., high value) transactions;

we demonstrate the practicality by implementing and deploying

TrustBoost as cross-chain smart contracts in the Cosmos ecosys-

tem using approximately 3,000 lines of Rust code, made available

as open source [

]. Our evaluation shows that using 10 Cosmos

chains in a local testnet, TrustBoost has a gas cost of roughly $2

with a latency of 2 minutes per request, which is in line with the

cost on a high security chain such as Bitcoin or Ethereum.

CCS CONCEPTS

•Security and privacy →Distributed systems security.

∗

The rst two authors contributed equally to this work. For correspondence on the

paper, please contact Xuechao Wang at xuechaowang@hkust-gz.edu.cn.

Permission to make digital or hard copies of all or part of this work for personal or

classroom use is granted without fee provided that copies are not made or distributed

for prot or commercial advantage and that copies bear this notice and the full citation

on the rst page. Copyrights for components of this work owned by others than the

author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or

republish, to post on servers or to redistribute to lists, requires prior specic permission

and/or a fee. Request permissions from permissions@acm.org.

CCS ’23, November 26–30, 2023, Copenhagen, Denmark

ACM ISBN 979-8-4007-0050-7/23/11. . . $15.00

https://doi.org/10.1145/3576915.3623080

KEYWORDS

cross-chain interoperability, smart contracts, consensus

ACM Reference Format:

Peiyao Sheng, Xuechao Wang, Sreeram Kannan, Kartik Nayak, and Pramod

Viswanath. 2023. TrustBoost: Boosting Trust among Interoperable Blockchains.

In Proceedings of the 2023 ACM SIGSAC Conference on Computer and Commu-

nications Security (CCS ’23), November 26–30, 2023, Copenhagen, Denmark.

ACM, New York, NY, USA, 14 pages. https://doi.org/10.1145/3576915.3623080

1 INTRODUCTION

Motivation. Currently there exist more than a thousand (layer 1)

blockchains, each with its own trust/security level. Blockchains

with weak trust guarantees tend to support limited applications. A

common solution for new/weak blockchains is to “borrow” trust

from a secure chain. A standard way of lending such trust is via

checkpointing [

] – here checkpoints attest to the hash

of well-embedded blocks every so often and newly mined blocks

follow the checkpoints. For instance, Bitcoin itself was secured by

checkpointing by Nakamoto themselves until as late as 2014. A

critical point to note is that this form of trust lending involves the

very consensus layer of the weak blockchain – the fork choice rule

of the weak chains needs to obey the checkpoints. The asymmetrical

nature of this approach constrains its applicability, leading to a

one-way transfer of trust from stronger to weaker blockchains.

Consequently, participants in the weaker chains are often sidelined,

losing their ability to inuence consensus decisions entirely. In

practice, in the Cosmos ecosystem newer and application-specic

chains (called “Cosmos Zones”) can use the same validator set as

the original Cosmos chain (called “Cosmos Hub”) via a governance

proposal [

] – in return for the trust of the Hub, the Zones give

up their individual sovereignty.

Our goal. This state of aairs begets the following question: how

should multiple blockchains interact to create a combined ledger

whose trust is “boosted”? Ideally, the “trust boost” operations (i.e.,

deciding which specic transactions or applications need to be in

the combined ledger and thus enjoy boosted trust-levels) should be

simply oered via smart contract operations without altering the

consensus layer (i.e., constituent blockchains do not give up their

individual sovereignty while collaboratively contributing to the en-

hanced consensus). Technically speaking, this means answering the

following open question: given

𝑚

multiple blockchain ledgers,

𝑓

which are faulty, i.e., without security guarantees, can we combine

them in such a way that there is consensus on the combined ledger?

arXiv:2210.11571v2 [cs.CR] 21 Sep 2023

CCS ’23, November 26–30, 2023, Copenhagen, Denmark Peiyao Sheng, Xuechao Wang, Sreeram Kannan, Kartik Nayak, and Pramod Viswanath

Note that the adversary can collude across the

𝑓

faulty blockchains.

For simplicity’s sake, we initially assume all ledgers share the same

security level and will discuss the protocol’s generality later on.

Answering this question comprehensively, from impossibility re-

sults on trust boosting to a concrete protocol with optimal trust

boosting properties to a full-stack implementation in the Cosmos

ecosystem are the goals of this paper.

Blockchain bridges. There are two distinct approaches to boosting

trust depending on whether the interaction between the blockchain

ledgers is passive or active. In the passive mode, there is no commu-

nication between the ledgers and a single combiner has read-access

to the ledgers and works to form a combined ledger. In the ac-

tive mode, cross-chain communication (CCC) is allowed across the

ledgers via bridges. This approach has only been made possible

recently as blockchains have become more interoperable – recent

CCC projects include IBC by Cosmos [

], XCM by Polkadot [

and CCIP by Chainlink [

]. These bridges allow information to

be imported across smart contracts residing on the dierent pro-

grammable blockchains – the trust combiner we are envisioning is

a smart contract too, residing on each of the blockchains.

Main contributions. We examine the multi-chain framework

within the classic shared memory model in distributed comput-

ing [

], where blockchain clients act as processes and blockchain

ledgers serve as shared objects. Moreover, in the active mode, we

extend the model to enable communication between objects, cap-

turing the functionality of CCC. This extension aligns seamlessly

with today’s multi-chain frameworks, as programmable and inter-

operable blockchains currently form a network of interconnected

global computers. Our study of blockchain interactions brings to

sharp focus the nuanced models in terms of the interactions needed

to achieve combined trust. As the primary theoretical result, we

present a formal proof establishing the necessity of CCC for achiev-

ing consensus on top of blockchains. To the best of our knowledge,

our work is the rst to tackle the long standing open problem of

solving consensus in the presence of both Byzantine objects and

an innite number of Byzantine processes in the shared memory

model. Our key insight involves utilizing “powerful" shared objects

(i.e., programmable and interoperable blockchains), to address this

complex problem.

Specically, in the passive mode, we show that consensus on

combined ledgers, for any possible combination, is impossible if

𝑓>

0. Indeed, one of the earlier eorts in the literature [

], tried to

create a combined ledger passively without success. Focusing on a

weaker form of consensus that gives up the total ordering property

(while still being able to implement the functionality of a cryptocur-

rency), referred to as Asynchronous Blockchain without Consensus

(ABC) [

], we show the following in the passive mode. First, even

ABC is impossible, if

𝑚≤

𝑓

. Second, we propose a protocol called

TrustBoost-Lite that combines dierent ledgers to achieve ABC

whenever

𝑚>

𝑓

. In the active mode, we show that consensus

is impossible in a partial synchronous network if

𝑚≤

𝑓

. When

𝑚>

𝑓

, we propose a protocol called TrustBoost that securely com-

bines the

𝑚

ledgers together. Both TrustBoost and TrustBoost-Lite

protocols can be viewed as BFT consensus protocols: consensus is

now amongst the programmable blockchains (whose actions are

...

OsmoAtom

TrustBoost

contract

...

TrustBoost

contract

TrustBoost

contract

AtomX OsmoX

(a)

(b)

Figure 1: (a) Token exchange across chains are vulnerable to

single-chain attacks. Suppose attackers lock 100 Osmos on

the Osmosis chain in exchange for 10 Atoms on the Cosmos

chain. Once Atoms are received, a double-spend attack on

the transaction which locks 100 Osmos on the Osmosis chain

leads to 10 “free” Atoms, creating a security attack on the

Cosmos chain. (b) TrustBoost secures contract states. Any ap-

plication contract (e.g., Atom token contract) can be upgraded

to a TrustBoost cross-chain contract (e.g., AtomX) by creating

secure global states. The exchange of TrustBoost cross-chain

tokens are now secured by the interacting blockchains.

executed by smart contracts) communicating over pairwise authen-

ticated channels provided via the CCC infrastructure – a form of

“consensus on top of consensus”.

TrustBoost is a lightweight consensus protocol, executable en-

tirely as a smart contract on each of the blockchains. Further, any

specic transactions of any application contract can be upgraded

using TrustBoost to avoid single-chain security attacks (an example

is depicted in Fig. 1). We demonstrate the practicality by imple-

menting and deploying TrustBoost as cross-chain smart contracts

in Cosmos ecosystem using approximately 3,000 lines of Rust code,

made available as open source [52].

Several limitations of smart contract programming impose chal-

lenges to implementing BFT consensus protocols using them: (a)

contracts only behave passively and we need to ensure that every

operation in TrustBoost is properly triggered by some IBC mes-

sage; (b) contracts work only with single-threading, preventing

parallelism in operations; (c) Cosmos-SDK allows a smart contract

to send IBC messages only when a function returns – a major im-

plementation hurdle, which we deal with by queuing all the IBC

messages for each function that need to be sent and send them

all when the function returns; (d) nally, special attention should

be paid to self-delivered messages. The design principles of our

successful implementation of BFT consensus protocols via smart

contracts might be of independent and broader interest.

The performance of TrustBoost, particularly latency and gas us-

age, depends on both the implemented BFT consensus protocols and

IBC eciency. We implement Information Theoretic HotStu [

] to

avoid expensive operations on signature verication, which how-

ever leads to an

𝑂(𝑚2)

boost in gas usage and a linear increase in

latency. Meanwhile, in Cosmos a single IBC message (e.g., for cross

TrustBoost: Boosting Trust among Interoperable Blockchains CCS ’23, November 26–30, 2023, Copenhagen, Denmark

chain token transfer) would take 2 seconds and cost 350K gas. Con-

cretely, with 10 Cosmos chains in a local testnet, the total gas cost

is roughly $2 with a latency of 2 minutes when using TrustBoost to

boost the security of a standard contract NameService[

] – here

gas fees in at are extracted from the exchange rate and the gas

price of Osmosis, a popular Cosmos Zone at the time of writing

(April 2023) and are in line with the gas fees of a high security

chain such as Bitcoin or Ethereum. Improving the eciency of the

implemented BFT protocols and IBC would make TrustBoost more

performant.

2 RELATED WORKS

In this section, we survey related works encompassing blockchain

protocols that borrow or boost trust, hierarchical consensus frame-

works, distributed computing models, and blockchain interoper-

ability.

Borrowing trust. Checkpointing is a method that allows the trust

of a highly secure blockchain to be extended to weaker or newer

blockchains [

]. Validators of a weaker chain periodically

submit block hashes and signatures as checkpoints to a more se-

cure chain, and the nality rule of the weaker chain is modied

to respect the checkpoints. Consequently, the weaker chain has a

slightly slower nality rule - conrming the chain up to the latest

checkpoint, which has the same latency and security level as the

secure chain. A concrete and practical instantiation of this idea in

the context of bringing Bitcoin trust to Cosmos Zones is [

]. A

very recent work [

] generalizes checkpointing approaches and

oers new insights that align with the design principles underlying

our work. The proposed protocol lets a consumer chain draw addi-

tional security from a series of provider chains through sequential

checkpointing operations. However, this approach necessitates that

all chains remain live to guarantee eventual liveness. In contrast,

our setting enhances not only the security but also the liveness of

all participating chains.

Boosting trust. An early work on robust ledger combining is [

];

parallel ledgers process a common set of transactions independently,

and conrmation in the combined ledger is carried out by observers

who can read from all ledgers. Similar to TrustBoost, the combine

ledger functions even if a certain fraction of underlying ledgers no

longer provide any security guarantees. However, the combined

ledger only ensures a notion of relative persistence, which is not

sucient even for a payment system, so its practical use is limited.

A detailed exploration of this limitation is discussed in Appendix

Hierarchical consensus. To the best of our knowledge, Stew-

ard [

] was the pioneering work that proposed a concept of “con-

sensus on top of consensus”. Steward employs a BFT protocol within

each local site and a benign fault-tolerant protocol among wide

area sites. Each local site, consisting of several potentially mali-

cious replicas, is converted into a single logical trusted participant

in the global protocol. GeoBFT [

] further improves scalability by

introducing parallelization of consensus at the local level, and by

minimizing communication between sites. However, in comparison

to TrustBoost, both Steward and GeoBFT assume a honest superma-

jority in each local site, which signicantly simplied the problem.

Furthermore, alterations in the local consensus are needed, whereas

in TrustBoost, the global consensus is lightweight and implemented

solely through smart contracts.

The idea most closely related to ours is the “recursive Tender-

mint” [

] proposed by the Cosmos team, in which Tendermint is

run on multiple Cosmos chains using the IBC protocol instead of

TCP/IP in a peer-to-peer network. However, this concept was only

presented as a preliminary idea, without delving into the scientic

and engineering challenges that we addressed in TrustBoost.

Shared memory vs. message passing. The shared memory model

and message passing model are two fundamental approaches in

distributed computing [

]. In the shared memory model, processes

communicate by reading and writing to shared objects, whereas in

the message passing model, processes exchange messages with one

another to coordinate their actions. Consensus, a critical problem

in distributed systems, has also been extensively investigated in

both the shared memory model [

] and message passing

model [

–

], yielding a variety of positive and nega-

tive results. In this work, we expand the shared memory model to

enable communication between objects, an adaptation that aligns

seamlessly with today’s multi-chain framework. Furthermore, we

establish theoretical bounds in this rened model and present a

clear delineation of the interactions required to achieve combined

trust among blockchains.

Blockchain interoperability. [

] presents a general framework

to design and evaluate CCC protocols that facilitate blockchain

interoperability. The most signicant application of blockchain in-

teroperability is atomic cross-chain swaps [

], which enable

the exchange of assets across multiple distinct blockchains. How-

ever, these protocols necessitate intricate and time-consuming user

interactions with the blockchains and their peer-to-peer transac-

tion nature often results in lower liquidity compared to centralized

exchanges.

In order to facilitate general cross-chain applications, cross-

chain bridges have emerged as a signicant building block in to-

day’s multi-chain world. There are three primary categories: 1)

committee-based bridges; 2) optimistic bridges; 3) light client bridges.

Committee-based bridges (PolyNetwork [

], Wormhole [

], Lay-

erZero [

], CCIP [

], etc.) employ a trusted committee of validators

to sign o on state transfers, with security relying on the hon-

est majority assumption. Optimistic bridges (like Nomad [

] and

Near’s Rainbow Bridge [

]) require participants to deposit collat-

eral, and depend on a watchdog service to continuously monitor

the blockchain and conscate oenders’ collateral upon detect-

ing invalid updates. However, optimistic protocols fundamentally

demand long conrmation latency to ensure high probability of de-

tecting invalid updates. Light client bridges (e.g., Cosmos IBC [

])

are trustless, using on-chain light clients to verify state transitions

on the other blockchain. Zk-SNARKs are further leveraged to en-

hance the eciency of state verication [

]. While TrustBoost

can utilize all these bridge types, light-client bridges are preferred

due to their trustlessness and eciency. Further improvements in

the security and performance of bridges represent an interesting

and active research area, but it falls outside the scope of this paper.

A very recent work [

] proposes a cross-chain state machine

replication protocol in the passive mode, which maintains a consis-

tent state across multiple chains; indeed the security guarantees in

文档加载中……请稍候！
如果长时间未打开，您也可以点击刷新试试。

下载文档到电脑，查找使用更方便

10 玖币 0人已下载

立即下载

摘要：

TrustBoost:BoostingTrustamongInteroperableBlockchainsPeiyaoSheng∗psheng2@illinois.eduUniversityofIllinoisUrbana-ChampaignUSAXuechaoWang∗xuechaowang@hkust-gz.edu.cnTheHongKongUniversityofScienceandTechnology(Guangzhou)ChinaSreeramKannanksreeram@ece.uw.eduUniversityofWashingtonUSAKartikNayakkartik@cs....

展开>> 收起<<

TrustBoost Boosting Trust among Interoperable Blockchains.pdf

共14页,预览3页

还剩页未读，继续阅读

声明：本站为文档C2C交易模式，即用户上传的文档直接被用户下载，本站只是中间服务平台，本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间，仅对用户上传内容的表现方式做保护处理，对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私，请立即通知玖贝云文库，我们立即给予删除！

TrustBoost Boosting Trust among Interoperable Blockchains

相关推荐

开通VIP享超值会员特权

作者详情

相关内容

热门标签

举报选择: