Verifiable ledger databases protect data history against malicious tampering. Existing systems, such as blockchains and certificate transparency, are based on transparency logs -- a simple abstraction allowing users to verify that a log maintained by an untrusted server is append-only. They expose a simple key-value interface. Building a practical database from transparency logs, on the other hand, remains a challenge. In this paper, we explore the design space of verifiable ledger databases along three dimensions: abstraction, threat model, and performance. We survey existing systems and identify their two limitations, namely, the lack of transaction support and the inferior efficiency. We then present GlassDB, a distributed database that addresses these limitations under a practical threat model. GlassDB inherits the verifiability of transparency logs, but supports transactions and offers high performance. It extends a ledger-like key-value store with a data structure for efficient proofs, and adds a concurrency control mechanism for transactions. GlassDB batches independent operations from concurrent transactions when updating the core data structures. In addition, we design a new benchmark for evaluating verifiable ledger databases, by extending YCSB and TPC-C benchmarks. Using this benchmark, we compare GlassDB against three baselines: reimplemented versions of two verifiable databases, and a verifiable map backed by a transparency log. Experimental results demonstrate that GlassDB is an efficient, transactional, and verifiable ledger database.
翻译:可核实的分类账数据库可以保护数据历史不受恶意篡改。现有系统,如块链和证书透明性,以透明日志为基础 -- -- 简单的抽象化,用户可以核实未经信任的服务器维护的日志是只附加的。它们暴露了一个简单的关键价值界面。另一方面,从透明日志建立一个实用的数据库仍然是一个挑战。在本文件中,我们探索可核实的分类账数据库的设计空间,分三个方面:抽象、威胁模型和性能。我们调查现有系统并确定其两个限制,即缺乏交易支持和低效率。我们然后提出GlassDB,这是一个在实际威胁模式下解决这些限制的分布式数据库。GlasDB继承了透明度日志的可核查性,但支持交易并提供高性能。它扩展了一个类似分类账式的关键价值存储库,并有一个数据结构来有效证明证据,并增加了交易的货币控制机制。GlasdB在更新核心数据结构时,从同时进行交易。此外,我们设计了一个新的基准,即缺乏交易支持可核实的分类账簿数据库,通过两个基准来评估可核实的可核实性数据库。我们用一个可核实性数据库来比较一个可核实性数据库。