Blockchain has recently attracted the attention of the industry due, in part, to its ability to automate asset transfers. It requires distributed participants to reach a consensus on a block despite the presence of malicious (a.k.a. Byzantine) participants. Malicious participants exploit regularly weaknesses of these blockchain consensus algorithms, with sometimes devastating consequences. In fact, these weaknesses are quite common and are well illustrated by the flaws in the hand-written proofs of existing blockchain consensus protocols [63]. Paradoxically, until now, no blockchain consensus has been holistically verified using model checking. In this paper, we remedy this paradox by model checking for the first time a blockchain consensus used in industry. We propose a holistic approach to verify the consensus algorithm of the Red Belly Blockchain [20], for any number $n$ of processes and any number $f<n/3$ of Byzantine processes. We decompose directly the algorithm pseudocode in two parts -- an inner broadcast algorithm and an outer decision algorithm -- each modelled as a threshold automaton [36], and we formalize their expected properties in linear-time temporal logic. We then automatically check the inner broadcasting algorithm, under a carefully identified fairness assumption. For the verification of the outer algorithm, we simplify the model of the inner algorithm by relying on its checked properties. Doing so, we formally verify not only the safety properties of the Red Belly Blockchain consensus but also its liveness in about 70 seconds.
翻译:最近,由于某些原因,这引起了产业界的注意,部分是由于其能够实现资产转让的自动化。它要求分布式参与者在一个街区上达成共识,尽管存在恶意(a.k.a.a.a.byzantine)参与者。恶意参与者经常利用这些链式共识算法的弱点,有时造成破坏性后果。事实上,这些弱点相当常见,并且从现有链式共识协议手写证据的缺陷中可以很好地说明这些弱点。自相矛盾的是,到目前为止,还没有使用模型检查来全面核实任何障碍式共识。在本文中,我们通过模型来纠正这一矛盾现象,首次检查行业中使用的链式共识。我们提出了一种全面的方法来核查红贝利链(2020)的协商一致算法,任何数量的流程和拜占庭式进程进程的任何数额。我们直接将算法伪代码分为两个部分 -- -- 内部广播算法和外部决定算法 -- -- 每一个模式都模拟为离线式自动自动算法[36],并且我们用线性时间逻辑来正式确定其预期的属性。我们随后通过正式核查其内部广播算法的公平性,然后通过正式核查其内部演算。我们又根据内部广播算法的内演算。我们自动地核查其内部演算。我们通过正式核查其内部演算。