共识算法怎么用区块链啊,共识算法怎么用区块链啊视频
请查看相关英文文档
A. Three common consensus mechanisms in blockchain
Blockchain is a distributed ledger system built on a P2P network and participated by nodes. Its biggest feature is " Decentralization”. That is to say, in the blockchain system, there is no need to establish trust between users, between users and institutions, and between institutions. Transactions can be realized by relying only on the blockchain protocol system.
But how to ensure the accuracy, authority, and reliability of the ledger? Why do nodes on the blockchain network participate in accounting? What should I do if the node is fake? How to prevent the ledger from being tampered with? How to ensure data consistency between nodes? …These are the problems that blockchain needs to solve when establishing “decentralized” transactions, resulting in the consensus mechanism.
The so-called "consensus mechanism" is to complete the verification and confirmation of transactions in a very short time through the voting of special nodes; when there is a disagreement, without central control, several Nodes participate in decision-making to reach consensus, that is, how to establish a trust relationship between individuals who have no basis for trust in each other.
Blockchain technology uses a set of consensus-based mathematical algorithms to establish a "trust" network between machines, thereby creating new credit through technical endorsement rather than centralized credit institutions.
Different blockchain types require different consensus algorithms to ensure that the last block on the blockchain can reflect the status of the entire network at any time.
So far, the blockchain consensus mechanisms mainly include the following: POW workload proof, POS equity proof, DPOS authorized equity proof, Paxos, PBFT (Practical Byzantine Fault Tolerance Algorithm), dBFT, DAG ( Directed acyclic graph)
Next, we will mainly talk about the principles and application scenarios of common POW, POS, and DPOS consensus mechanisms
Concept:
Proof of work was originally an economic term, referring to the measurement method set up by the system to achieve a certain goal. A simple understanding is a certificate to confirm that you have done a certain amount of work, and to prove that the corresponding amount of work has been completed by certifying the results of the work.
The proof-of-work mechanism has the advantage of complete decentralization. In a blockchain with a proof-of-work mechanism as the consensus, nodes can enter and exit freely and calculate the numerical solution of the random hash. The ability to compete for accounting rights and obtain correct numerical solutions to generate blocks is a concrete manifestation of node computing power.
Applications:
The most famous application of POW is Bitcoin. In the Bitcoin network, during the generation process of Block, miners need to solve complexThe cryptographic mathematical puzzle is to find a Block Hash that meets the requirements and consists of N leading zeros. The number of zeros depends on the difficulty value of the network. During this period, a lot of trial calculations (workload) are required, and the calculation time depends on the hashing speed of the machine.
Finding a reasonable hash is a probabilistic event. When a node has n% of the computing power of the entire network, the node has an n/100 probability of finding the Block Hash. After the node successfully finds a satisfactory Hash value, it will immediately broadcast the packaged block to the entire network. The nodes in the network will verify it immediately after receiving the broadcast packaged block.
If the verification passes, it means that a node has successfully solved the puzzle, and it will no longer compete for the current block, but choose to accept the block, record it in its own ledger, and then proceed to the next block. Competitive guessing game of blocks. Only the fastest puzzle-solving block in the network will be added to the ledger, and other nodes will copy it, thus ensuring the uniqueness of the entire ledger.
If a node engages in any cheating behavior, it will cause the network node verification to fail and directly discard its packaged block. This block will not be recorded in the general ledger, and the cost of the cheating node will be It is all in vain. Therefore, under the huge mining cost, miners voluntarily comply with the consensus protocol of the Bitcoin system, thus ensuring the security of the entire system.
Advantages and Disadvantages
Advantages: The results can be verified quickly, the system bears a large number of nodes, and the cost of evil is high to ensure the conscious compliance of miners.
Disadvantages: It requires a large amount of algorithm consumption, and it takes a long time to reach consensus
Concept:
Proof of Stake mechanism (Proof of Stake), requirements A certifier provides ownership of a certain amount of cryptocurrency.
The way the proof-of-stake mechanism works is that when a new block is created, the miner needs to create a "coin rights" transaction, which will send some coins to the miners themselves according to a preset ratio. The proof-of-stake mechanism reduces the mining difficulty of nodes in equal proportions based on the proportion and time of tokens owned by each node based on the algorithm, thus speeding up the search for random numbers.
Application:
In 2012, a netizen with the pseudonym Sunny King launched Peercoin, which was the first application of the proof-of-stake mechanism in encrypted electronic currency. The biggest innovation of PPC is that its mining method mixes POW and POS methods, uses a proof-of-work mechanism to issue new coins, and uses a proof-of-stake mechanism to maintain network security.
In order to realize POS, Sunny King learned from Satoshi Nakamoto’s Coinbase and specially designedA special type of transaction is designed, called Coinstake.
The picture above shows how Coinstake works. Coin age refers to the holding period of the currency. If you own 10 coins and hold them for 10 days, then you have collected 100 days of coins. age. If you use these 10 coins, the coin age is consumed (destroyed).
Advantages and Disadvantages:
Advantages: Shortens the time required to reach consensus and is more energy-saving than proof of work.
Disadvantages: Essentially, nodes in the network are still required to perform mining operations, and the authenticity of transfers is difficult to guarantee
Concept:
Authorized equity certificate Mechanism (Delegated Proof of Stake) is similar to board voting. This mechanism has a built-in real-time shareholder voting system, just like the system is convening a never-ending shareholders' meeting at any time, where all shareholders vote to decide company decisions.
While trying to solve the problems of traditional PoW and PoS mechanisms, authorized proof of equity can also offset the negative effects of centralization by implementing technological democracy. The decentralization of the blockchain established based on the DPoS mechanism relies on a certain number of representatives rather than all users. In such a blockchain, all nodes vote to elect a certain number of node representatives, who act on behalf of all nodes to confirm blocks and maintain the orderly operation of the system.
At the same time, all nodes in the blockchain have the power to remove and appoint representatives at any time. If necessary, all nodes can vote to disqualify the current node representatives and re-elect new representatives to achieve real-time democracy.
Application:
Bitshare is a type of cryptocurrency that uses the DPOS mechanism. By introducing the concept of witnesses, witnesses can generate blocks, and everyone who holds BitShares can vote for witnesses. Candidates who get the top N (N is usually defined as 101) candidates in the total number of consent votes can be elected as witnesses. The number of elected witnesses (N) must meet: at least half of the participating voters believe that N has been fully decentralized. .
The candidate list of witnesses is updated every maintenance cycle (1 day). The witnesses are then randomly arranged, and each witness has 2 seconds of permission time to generate a block in order. If the witness cannot generate a block in a given time slice, the block generation permission is given to the witness corresponding to the next time slice. . This design of DPoS makes the generation of blocks faster and more energy-saving.
DPOS makes full use of the votes of shareholders to reach consensus in a fair and democratic way. The N witnesses they voted for can be regarded as NMining pools, and the rights of these N mining pools are completely equal to each other. Shareholders can change these witnesses (mining pools) at any time by voting, as long as the computing power they provide is unstable, the computer is down, or they try to use their power to do evil.
Advantages and Disadvantages:
Advantages: Reduce the number of nodes participating in verification and accounting, thereby achieving second-level consensus verification
Disadvantages: Centrality Weaker, the security is weaker than POW, and the node agents are artificially selected, and the fairness is lower than POS. At the same time, the entire consensus mechanism still relies on the additional issuance of tokens to maintain the stability of the agent nodes.
B. How is the consensus algorithm of blockchain technology formed?
Chongqing Jinwowo analyzes the formation of the consensus algorithm as follows:
Consensus of blockchain The mechanism is how all distributed nodes reach a consensus, use algorithms to generate and update data, and determine the validity of a record. This is both a means of identification and a means of preventing tampering.
Blockchain mainly includes four different consensus mechanisms, which are suitable for different application scenarios and strike a balance between efficiency and security.
C. Blockchain consensus algorithm - (2) PoS consensus (Proof of Stake)
In July 2011, a digital currency enthusiast named Quantum Mechanic The Bitcoin forum first proposed the PoS consensus algorithm. Subsequently, Sunny King implemented it for the first time in Peercoin (PPC) released in August 2012. PoS is recorded by the node with the highest equity rather than the highest computing power in the system. Account rights, where equity is reflected in the node’s ownership of a specific amount of currency, is called coin age or coin days
PoS was proposed in consideration of the biggest flaw of PoW: a waste of resources. To put it simply, It means whoever has the greater rights has the final say.
The PoS consensus mechanism (Proof of Stake) solves problems such as low efficiency, waste of resources, and node consistency through equity accounting.
Each node needs to meet certain conditions (such as mortgaging certain tokens) to become a verification node (increased equity). The system selects some of them as block-producing nodes (miners) through an algorithm, and every so often Re-select, the algorithm will ensure complete randomness and cannot be manipulated. Only block-producing nodes can process data and compete for accounting rights.
Equity is mainly determined by the equity factor, which can be the number of coins held, the age of the currency, or a combination of the two.
Ethereum is likely to switch to PoS for consensus in the future, which is more in line with the high efficiency of Ethereum.
D. How does blockchain achieve distributed consensus?
The entire human society can only constantly find a balance between distribution and consensus. The two have shown an alternating situation in the past. The distribution is constantly iterating, and each new cycle will inherit the results left by the previous cycle. As a result, human beings can continue to reach a larger scope and higher level of civilization.
The distribution period is mainly characterized by the development of individual interests, but this does not mean that there is no centralized decision-making; the consensus period adopts centralized management that prioritizes efficiency, and distribution will also be appropriately considered for overall stability and other demands.
The emergence of distribution often occurs at the end of consensus. At this time, due to uneven distribution and lack of incentives, the public has been unable to obtain further benefits, and the development of the entire society has also slowed down significantly. At this time, we prefer to use distribution Overturn the original small-scale consensus.
Significance
The reason why the Internet can play a huge role in social development lies in the establishment of a decentralized and distributed network and the The use of the TCPIP protocol, which promotes equality and realizes resource sharing, eliminates the problem of over-concentration of information and decision-making caused by centralization in the industrial age.
The emergence of blockchain is based on the prosperity created by the Internet. Through the technological innovation brought by the new distributed ledger, there is an opportunity to further promote the transfer of value. This can solve the obstacles encountered by today's Internet in the process of interconnection and interoperability entering deeper areas, and once again enhance the level of human prosperity.
E. In-depth understanding of the consensus mechanism and algorithm principles of the blockchain
The so-called "consensus mechanism" is to complete transactions in a very short time through the voting of special nodes. Verification and confirmation; for a transaction, if several nodes with unrelated interests can reach a consensus, we can think that the entire network can also reach a consensus on it. To put it more simply, if a Chinese Weibo influencer, a virtual currency player in the United States, an African student and a European traveler do not know each other, but they all agree that you are a good person, then it can basically be concluded that You're not a bad person.
In order for the entire blockchain network node to maintain the same data and ensure the fairness of each participant, all participants in the entire system must have a unified agreement, which is what we have here The consensus algorithm to be used. All Bitcoin nodes follow unified protocol specifications. The protocol specification (consensus algorithm) consists of relevant consensus rules, which can be divided into two major cores: proof of work and the longest chain mechanism. The ultimate expression of all rules (consensus) is the longest chain of Bitcoin. The purpose of the consensus algorithm is to ensure that Bitcoin continues to operate on the longest chain, thereby ensuring the consistency and reliability of the entire accounting system.
Users in the blockchain conductThere is no need to consider the credit of the other party, trust the other party, or a trusted intermediary or central organization during the transaction. The transaction can only be realized based on the blockchain protocol. The premise for smooth transactions without the need for a trusted third-party intermediary is the consensus mechanism of the blockchain, that is, in a market environment of mutual understanding and trust, each node participating in the transaction considers its own interests and does not violate any regulations. Motives and behaviors of cheating, so each node will actively and consciously abide by the preset rules to judge the authenticity and reliability of each transaction, and write the record of passing inspection into the blockchain. The interests of each node are different, and logically there is no incentive for them to collude to deceive. This is especially obvious when some nodes in the network have public reputation. Blockchain technology uses a consensus algorithm based on mathematical principles to establish a "trust" network between nodes, and uses technical means to achieve an innovative credit network.
At present, the mainstream consensus algorithm mechanisms in the district industry include: workload proof mechanism, equity proof mechanism, share authorization proof mechanism and Pool verification pool.
The workload proof mechanism is the proof of workload, which is a requirement that must be met when generating a new transaction information (i.e. a new block) to be added to the blockchain. In a blockchain network built based on the proof-of-work mechanism, nodes compete for accounting rights by calculating the numerical solution of random hashing. The ability to obtain the correct numerical solution to generate blocks is a specific manifestation of the node's computing power. The proof-of-work mechanism has the advantage of being completely decentralized. In a blockchain with a proof-of-work mechanism as the consensus, nodes can enter and exit freely. The well-known Bitcoin network uses a proof-of-work mechanism to produce new currencies. However, since the application of the workload proof mechanism in the Bitcoin network has attracted most of the computing power of computers around the world, it is difficult for other blockchain applications that want to try to use this mechanism to obtain the same scale of computing power to maintain their own security. At the same time, mining based on the proof-of-work mechanism also causes a lot of waste of resources, and the period required to reach consensus is also long, so this mechanism is not suitable for commercial applications.
In 2012, a netizen with the pseudonym Sunny King launched Peercoin. This encrypted electronic currency uses a proof-of-work mechanism to issue new coins and a proof-of-stake mechanism to maintain network security. This is the role of the proof-of-stake mechanism in encrypted electronic currency. first application in . Rather than requiring the certifier to perform a certain amount of computational work, Proof of Stake simply requires the certifier to provide ownership of a certain amount of cryptocurrency. The way the proof-of-stake mechanism works is that when a new block is created, the miner needs to create a "coin rights" transaction, which sends a number of coins to the miners themselves according to a preset ratio. The proof-of-stake mechanism reduces the mining difficulty of nodes in equal proportions based on the proportion and time of tokens owned by each node based on the algorithm, thus speeding up the search for random numbers. This consensus mechanism can shorten the time required to reach consensustime, but essentially still requires nodes in the network to perform mining operations. Therefore, the PoS mechanism does not fundamentally solve the problem that the PoW mechanism is difficult to apply in the commercial field.
The share authorization certification mechanism is a new consensus mechanism to ensure network security. While trying to solve the problems of the traditional PoW mechanism and PoS mechanism, it can also offset the negative effects of centralization by implementing technological democracy.
The share authorization certification mechanism is similar to board voting. This mechanism has a built-in real-time shareholder voting system, just like the system is convening a never-ending shareholders' meeting at any time, where all shareholders vote. determine company decisions. The decentralization of the blockchain established based on the DPoS mechanism relies on a certain number of representatives rather than all users. In such a blockchain, all nodes vote to elect a certain number of node representatives, who act on behalf of all nodes to confirm blocks and maintain the orderly operation of the system. At the same time, all nodes in the blockchain have the power to remove and appoint representatives at any time. If necessary, all nodes can vote to disqualify the current node representatives and re-elect new representatives to achieve real-time democracy.
The share authorization certification mechanism can greatly reduce the number of nodes participating in verification and accounting, thereby achieving second-level consensus verification. However, this consensus mechanism still cannot perfectly solve the application problems of blockchain in business, because this consensus mechanism cannot get rid of its dependence on tokens, and the existence of tokens is not required in many commercial applications.
The Pool verification pool is established based on traditional distributed consistency technology and is supplemented by a data verification mechanism. It is a consensus mechanism widely used in current blockchains.
The Pool verification pool can work without relying on tokens. Based on mature distributed consensus algorithms (Pasox, Raft), it can achieve second-level consensus verification, which is more suitable for multi-party participation. Polycentric business model. However, the Pool verification pool also has some shortcomings. For example, the degree of distribution that the consensus mechanism can achieve is not as good as the PoW mechanism.
Here we mainly explain some algorithm principles of the blockchain workload proof mechanism and the Bitcoin network. How to prove your workload? I hope everyone can have a basic understanding of the consensus algorithm.
The main feature of the proof-of-work system is that the client has to do a certain amount of difficult work to get a result, and the verifier can easily use the results to check whether the client has done the corresponding work. A core feature of this scheme is asymmetry: the work is modest for the requester and easy to verify for the verifier. It differs from CAPTCHAs, which are easier to solve by humans rather than easier to solve by computers.
The figure below shows the workload proof process.
For example, give a basic character "hello, world!", the workload requirement we give is that you can add an integer value called nonce (random number) after this character creation, for The changed (nonce added) character creation is subjected to SHA-256 operation. If the result (expressed in hexadecimal form) starts with "0000", the verification is passed. In order to achieve this proof-of-work goal, it is necessary to continuously increment the nonce value and perform a SHA-256 hash operation on the resulting character creation. According to this rule, it takes 4251 operations to find the hash with leading 4 zeros.
Through this example, we have a preliminary understanding of the proof-of-work mechanism. Some people may think that if proof of work is just such a process, then it is enough to remember that the nonce is 4521 so that the calculation can pass verification. Of course not, this is just an example.
Next we simply change the input to "Hello, World! + integer value". The integer value ranges from 1 to 1000, which means that the input is turned into an array of 1 to 1000: Hello, World !1;Hello,World!2;...;Hello,World!1000. Then perform the above proof of work on each input in the array in turn - find the hash with leading 4 zeros.
Due to the pseudo-random nature of the hash value, it is easy to calculate based on the relevant knowledge of probability theory. It is expected that it will take 2 to the 16th power of attempts to obtain a hash hash with four leading zeros. List. If you count the actual results of the 1,000 calculations just performed, you will find that the average number of calculations is 66,958, which is very close to 2 to the 16th power (65,536). In this example, the number of calculations expected by mathematics is actually the required "workload". Repeating the workload proof multiple times will be a probability event that conforms to statistical laws.
The actual number of calculations used to count the input characters and obtain the corresponding target result is as follows:
For any node in the Bitcoin network, if you want to generate a new block To join the blockchain, you must solve this puzzle of the Bitcoin network. The key elements of this question are the proof-of-work function, block and difficulty value. The workload proof function is the calculation method of this question, the block is the input data of this question, and the difficulty value determines the amount of calculation required to understand this question.
The proof-of-work function used in the Bitcoin network is the SHA-256 mentioned above. Blocks are actually generated in the proof-of-work process. Kuangong continuously constructs block data and checks the calculated results each time.Whether the result meets the required workload will determine whether the block meets the network difficulty. The block header is the input data of the Bitcoin proof-of-work function.
The difficulty value is an important reference indicator for miners to mine. It determines how many hash operations it takes for miners to generate a legal block. The Bitcoin network generates a block approximately every 10 minutes. If the generation of new blocks basically maintains this speed under different network computing power conditions, the difficulty value must be adjusted according to changes in the computing power of the entire network. The general principle is to ensure that the network always generates a new block in 10 minutes, regardless of the mining power.
The adjustment of the difficulty value occurs independently and automatically in each complete node. Every 2016 blocks, all nodes will automatically adjust the difficulty value according to a unified format. This formula is based on the time spent in the latest 2016 blocks and the expected time (assuming a withdrawal is generated every 10 minutes, the expected time is 20160 minutes) and adjusted according to the ratio of actual duration to expected duration. That is, if blocks are generated faster than 10 minutes, increase the difficulty value; anyway, decrease the difficulty value. The formula is expressed as follows:
New difficulty value = old difficulty value * (20160 minutes/time spent in the past 2016 blocks).
Proof of work requires a target value. The calculation formula of the target value (Target) of Bitcoin's proof of work is as follows:
Target value = maximum target value/difficulty value, where the maximum target value is a constant value
The size of the target value is inversely proportional to the difficulty value. To achieve the Bitcoin workload proof, the block hash value calculated in the mine must be less than the target value.
We can also simply understand the process of Bitcoin workload as performing SHA-256 hash operation by constantly changing the block header (that is, trying different nonce values) and using it as input. Find a process that has a hash value in a specific format (that is, requires a certain number of leading 0s), and the more leading 0s required, the more difficult it becomes.
The steps of Bitcoin’s proof-of-work puzzle can be roughly summarized as follows:
The process can be represented by the following figure:
Bitcoin’s proof of work is the main work we commonly call “mining”. Understanding the workload proof mechanism will lay the foundation for us to further understand the consensus mechanism of the Bitcoin blockchain.
F. POA (Proof of Activity) blockchain consensus algorithm
POA (Proof of Activity)ty) algorithm is a blockchain consensus algorithm. The basic principle is to work by combining the characteristics of POW (Proof of work) and POS (Proof of stake) algorithms. For the specific content of POW algorithm and POS algorithm, please refer to:
POW algorithm: https://www.jianshu.com/p/b23cbafbbad2
POS algorithm: https://blog.csdn.net/wgwgnihao/article/details/80635162
Compared with other algorithms, the POA algorithm can improve the network topology, maintain the proportion of online nodes, require less transaction fees and reduce energy consumption in the consensus algorithm process.
The network required by the POA algorithm also contains two types of nodes, miners and ordinary participants, among which ordinary participants may not always stay online. The POA algorithm first constructs a block header by miners, and selects N coins from the block header. The owners of these N coins participate in the subsequent verification and block generation process.
From here we can see that the POA algorithm is not only related to computing power, but the subsequent election of N participants is completely determined by the total number of coins owned by the participants in the network. Participants with more coins have a greater chance of being selected as N subsequent participants. The necessary condition for the subsequent participation of N participants is that these N participants must be online, which is also the origin of the POA name. The maintenance of the POA algorithm depends on the active nodes (Active) in the network.
An ideal basic process of the POA algorithm is that, similar to the POW protocol, the miner constructs a block header that meets the difficulty requirements, and calculates the number of N coins from the block header obtained by the miner. Traceability in the chain can reveal the current participants of these coins. The miner sends the block header to the N participants, among which the first N-1 participants verify and sign the block, and the last N-th participant verifies and adds the transaction to the block, and the block is Publishing it out means completing the production of a block.
An ideal process is shown in the figure below:
In actual operation, there is no guarantee that all participants on the network are online, and participants who are not online cannot perform checksum signatures. This Block headers that cannot be verified and signed will be discarded.
That is, in actual operation, a miner should construct a block header and broadcast it to each participant for signature, while continuing to reconstruct a new block header to prevent any of the N participants derived from the previous block header from being online. As a result, the block header was abandoned.
Therefore, in this case, whether a block is confirmed is not only related to the miner’sComputing power is related to the proportion of online people on the network.
Compared with pure POW, when a block is produced in the same 10 minutes as Bitcoin (POW), POA will have losses caused by participants not being online. Therefore, the number of blocks that miners can construct within 10 minutes The number will be greater, that is, the difficulty limit of the block will be reduced, and the energy loss caused by miners during the mining process will also be reduced.
Compared with pure POS, it can be seen that the block generation process of POA does not upload the relevant information in the process of constructing the block, which can significantly reduce the redundant information generated by the maintenance protocol on the blockchain. quantity.
This section analyzes some parameter settings in the appeal protocol
After the miner constructs the block header, it verifies the block header and selects the number of N participants in the block construction. The determination is similar to the selection of the block time of each block in Bitcoin. Bitcoin has chosen 10 minutes as the expected block time for each block and adapted it by dynamically adjusting the difficulty.
The value of N here can also be selected or dynamically adjusted. Dynamic adjustment requires more complex protocol content, which may lead to data expansion in the blockchain, and complex protocols also increase the possibility of attackers attacking. In addition, there is currently no way to prove what benefits dynamic adjustment can bring. Static adjustment can obtain a value of N=3 in the subsequent analysis (4 Safety Analysis), which is more appropriate.
As can be seen from the above description, in addition to miners, there are also N currency owners derived from the block header who construct new blocks. After constructing a new block, these participants should also receive certain incentives to keep participants online.
The non-matching ratio between miners and participants is related to the online status of the participants. The incentives given to participants are closely related to their enthusiasm to stay online. The more participants stay online, the better the stability of the network can be maintained. Therefore, when there are not enough online participants on the network, the incentive share ratio that participants receive can be increased, thereby motivating more participants to come online.
How to determine the online status of the current participant? When the last Nth participant constructs a block, the constructed but discarded block headers can be added to the block. If the number of discarded block headers is too large, it means that the number of people online is too low, and the sharing ratio should be adjusted.
At the same time, the final N-th participant’s share with other participants also needs to be considered. The N-th participant needs to add the transaction to the block, that is, the UTXO pool needs to be maintained. At the same time, the N-th participant also needs to add the transaction to the block. The discarded block header is added to the newly constructed block.
In order to encourage them to add abandoned block headers to newly constructed blocks, a small amount of incentives can be appropriately added according to the added block headers. Although adding more block headers can increase the share in the next round, it should be enough to motivate participants to go to the block.Unused block headers are added to the block (it is impossible for participants to add more block headers in order to increase their share, each block header means the workload of a miner).
If a participant does not maintain the UTXO pool, he cannot construct the block, but he can participate in the first N-1 signatures. Therefore, in order to motivate participants to maintain the UTXO pool, as the last participant to construct the block, he must be given More incentives, like twice as much as other participants.
From the description in 3.2, we can know that a user must be online and maintain the UTXO pool to gain as much benefit as possible. This mechanism will inevitably lead some users to entrust their accounts to a centralized organization. This institution remains online at all times and maintains their accounts for users, participating in the construction of blocks and obtaining benefits when they are selected as participants in constructing blocks. Finally, the organization divides the proceeds in some form.
As mentioned above, participants must use their own keys to sign, and after being entrusted to an organization, the organization can use this key to sign and construct blocks, and it is also possible to use this key to consume users' property. A limited-spend key can be used here. This key has two functions. One is to consume part of the property in the account, and the other is to transfer all the property to a designated account. This key can be used during escrow. After being notified that part of the property has been spent, all properties can be immediately transferred to another account of one's own to ensure the security of the property.
From the above analysis, we can see that the security of POA is related to the computing power owned by the attacker and the equity owned by the attacker. Assuming that the proportion of online equity owned by the attacker is , the attacker's computing power needs to be times that of all other computing powers to achieve a fork. Assuming that the total proportion of the attacker's equity is , and the online proportion of honest users in the network is , then the attacker's computing power needs to be times that of all other computing powers to achieve the attack.
The analysis table of the attack is as follows:
As can be seen from the above analysis, the POA algorithm can improve the network topology, maintain the proportion of online nodes, and require less transaction fees than other algorithms. At the same time, the energy loss during the consensus algorithm process is reduced. At the same time, the attack cost of the PoA protocol is higher than that of Bitcoin's pure PoW protocol.
Reference: Proof of Activity: Extending Bitcoin's Proof of Work via Proof of Stake
G. Blockchain --- Consensus Algorithm
PoW Algorithm It is a mechanism to prevent the abuse of distributed service resources and denial of service attacks. It requires nodes to perform complex operations that consume a moderate amount of time and resources, and the operation results can be quickly verified by other nodes, using time and energy as a guarantee to ensureServices and resources are used by real needs.
The most basic technical principle in the PoW algorithm is the use of hashing algorithms. Assume that the hash value Hash(r) is found. If the original data is r (raw), the operation result is R (Result).
R = Hash(r)
The characteristic of the hash function Hash() is that for any input value r, the result R is obtained, and r cannot be deduced from R. When the input original data r changes by 1 bit, the resulting R value changes completely. In the Bitcoin PoW algorithm, the algorithm difficulty d and the random value n are introduced, and the following formula is obtained:
Rd = Hash(r+n)
This formula requires filling in the random In the case of value n, the first d bytes of the calculation result Rd must be 0. Due to the unknown nature of the hash function results, each miner has to do a lot of calculations to get the correct result. After the calculation result is broadcast to the entire network, other nodes only need to perform a hash operation to verify it. The PoW algorithm uses this method to make calculations consume resources, and verification only needs to be done once.
The PoS algorithm requires node verifiers to pledge a certain amount of funds to be eligible for mining and packaging, and the regional chain system uses a random method when selecting packaging nodes. When the node pledges The more funds there are, the greater the probability of being selected to package the block.
In POS mode, each coin generates 1 coin age every day. For example, if you hold 100 coins for a total of 30 days, then your coin age will be 3000 at this time. At this time, if you verify a POS block, your currency age will be cleared to 0, and the corresponding digital currency interest will be obtained from the block.
The process of a node producing blocks through the PoS algorithm is as follows: To become a block producing node, an ordinary node must first pledge its assets. When it is its turn to produce a block, it packages the block and then broadcasts it to the entire network. , other verification nodes will verify the legitimacy of the block.
The DPoS algorithm is similar to the PoS algorithm and also uses shares and equity pledges.
But the difference is that the DPoS algorithm uses a delegated pledge method, which is similar to the method of universal election of representatives to select N super nodes to record and produce blocks.
Voters cast their votes for a certain node. If a certain node is elected as an accounting node, then the accounting node can often use any method to reward its voters after obtaining the block reward..
These N accounting nodes will take turns to produce blocks, and the nodes will supervise each other. If they do evil, the pledge deposit will be deducted.
By trusting a small number of honest nodes, unnecessary steps in the block signing process can be removed, increasing the speed of transactions.
Byzantine problem:
Byzantium was the capital of the ancient Eastern Roman Empire. For defense, an army led by a single general was stationed in each fiefdom. Between the generals The message could only be delivered by messenger. In a war, all generals must reach a consensus and decide whether to go to war together.
However, there may be traitors within the army who will influence the generals to reach a consensus. The Byzantine Generals Problem refers to the problem of how the remaining generals can reach a unanimous decision when one of the generals is known to be a traitor.
BFT:
BFT is Byzantine fault tolerance. Byzantine fault tolerance technology is a type of fault tolerance technology in the field of distributed computing. The Byzantine hypothesis is a modeling of the real world, where computers and networks may behave unpredictably due to hardware errors, network congestion or outages, and malicious attacks. Byzantine fault tolerance techniques are designed to handle these abnormal behaviors and meet the specification requirements of the problem to be solved.
Byzantine fault-tolerant system:
The failed node is called a Byzantine node, and the normal node is a non-Byzantine node.
Assuming that the distributed system has n nodes, and assuming that the entire system has no more than m Byzantine nodes (n ≥ 3m + 1), the Byzantine fault-tolerant system needs to meet the following two conditions:
In addition, the Byzantine fault-tolerant system needs to achieve the following two indicators:
PBFT is the practical Byzantine fault-tolerant algorithm, which solves the problem of inefficiency of the original Byzantine fault-tolerant algorithm. The time complexity of the algorithm is O(n^2 ), so that Byzantine fault tolerance problems can be solved in actual system applications
PBFT is a state machine copy replication algorithm. All copies operate in the process of a view (view) rotation. The master The node is determined by the view number and the set of node numbers, that is: main node p = v mod |R|. v: view number, |R| number of nodes, p: primary node number.
The consensus process of the PBFT algorithm is as follows: the client (Client) initiates a message request (request) and broadcasts it to each replica node (Replica), and one of the master nodes (Leader) initiates a proposal message pre -prepare and broadcast. Other nodes obtain the original message and send prepare messages after the verification is completed. Each node receives 2f+1 prepare messages, that is, it is consideredIt is ready and the commit message is sent. When the node receives 2f+1 commit messages and the client receives f+1 identical reply messages, it means that the request initiated by the client has reached a network-wide consensus.
The specific process is as follows:
Client c sends a
When the master node receives the client's request, it needs to conduct the following verifications:
a. Whether the signature of the client's request message is correct.
Illegal requests are discarded. For a correct request, a number n is assigned. The number n is mainly used to sort the client's requests. Then broadcast a <
When replica node i receives the PRE-PREPARE message from the master node, the following verification is required:
a. Whether the signature of the master node's PRE-PREPARE message is correct.
b. Whether the current replica node has received a PRE-PREPARE message under the same v and also numbered n, but with different signatures.
c. Whether the abstracts of d and m are consistent.
d. Whether n is within the interval [h, H].
Illegal requests are discarded. Correct request, replica node i sends a
When the master node and replica node receive the PREPARE message, they need to conduct the following verifications:
a. Whether the signature of the replica node's PREPARE message is correct.
b. Whether the current replica node has received n under the same view v.
c. Is n in the area?Within [h, H].
d. Whether d is the same as d in the currently received PRE-PPREPARE
Illegal request is discarded. If replica node i receives 2f+1 verified PREPARE messages, it sends a
When the master node and replica node receive the COMMIT message, they need to conduct the following verifications:
a. Whether the signature of the COMMIT message of the replica node is correct.
b. Whether the current replica node has received n under the same view v.
c. Whether the abstracts of d and m are consistent.
d. Whether n is within the interval [h, H].
Illegal requests are discarded. If replica node i receives 2f+1 verified COMMIT messages, it means that most nodes in the current network have reached a consensus, run the client's request operation o, and return
If the master node does evil, it may assign the same sequence number to different requests, or not allocate sequence numbers, or make adjacent sequence numbers discontinuous. The backup node should have the responsibility to actively check the validity of these sequence numbers.
If the master node goes offline or does something evil and does not broadcast the client's request, the client sets a timeout mechanism. If the timeout occurs, the request message is broadcast to all replica nodes. The replica node detects that the master node has done something evil or is offline, and initiates the View Change protocol.
View Change protocol:
The replica node broadcasts
When the master node p = v + 1 mod |R| receives 2f valid VIEW-CHANGE messages, it broadcasts
The replica node receives the NEW-VIEW message from the master node, verifies the validity, and if valid, enters the v+1 state and starts the PRE-PREPARE message in O processing flow.
In the above algorithm process, in order to ensure that the previous request can be restored during the View Change process, each replica node records some messages to the local log. When the request is executed The replica node needs to clear the record messages of the previous request.
The simplest way is to execute the consensus synchronization of the current state again after the Reply message. This is relatively expensive, so it can be executed after executing multiple requests K (for example: 100). A status synchronization. This status synchronization message is the CheckPoint message.
Replica node i sends
This is an ideal situation. In fact, when the replica node i sends a CheckPoint message to other nodes, the other nodes have not completed K requests, so they will not respond to i's request immediately. It will also follow its own rhythm, moving forward, but the CheckPoint issued at this time does not form stable.
In order to prevent i from processing requests too quickly, set a high and low water level interval [h, H] mentioned above to solve this problem. The low water level h is equal to the number of the previous stable checkpoint, and the high water level H = h + L, where L is the value we specify, which is equal to an integer multiple of the number of requests processed in the checkpoint cycle K, and can be set to L = 2K. When the request processed by replica node i exceeds the high water mark H, it will stop and wait for the stable checkpoint to change before continuing.
In blockchain scenarios, it is generally suitable for private chain and alliance chain scenarios that require strong consistency. For example, in the IBM-led blockchain Hyperledger project, PBFT is an optional consensus protocol. In Hyperledger's Fabric project, the consensus module is designed as a pluggable module and supports consensus algorithms such as PBFT and Raft.
Raft is based on a leader-driven consensus model, in which an outstanding leader (Leader) will be elected, and the Leader will be fully responsible for managing the cluster. Responsible for managing replication logs between all nodes in the Raft cluster.
In the figure below, the Leader (S1) of the cluster will be selected during the startup process and serve all commands/requests from clients. All nodes in a Raft cluster maintain a distributed log (replicated log) to store and submit commands (log entries) issued by clients. The Leader accepts log entries from clients and replicates them among all followers (S2, S3, S4, S5) in the Raft cluster.
In a Raft cluster, a minimum number of nodes is required to provide the expected level of consensus guarantee, which is also called a quorum. The minimum number of votes required to perform an operation in a Raft cluster is (N / 2 +1), where N is the total number of members in the group, that is, at least more than half of the votes, which is why cluster nodes usually have an odd number of nodes. So, in the example above, we need at least 3 nodes to have consensus guarantees.
If the legal quorum node is unavailable for any reason, that is, the votes do not exceed half, the negotiation will not reach an agreement and new logs cannot be submitted.
Data storage: Tidb/TiKV
Log: Alibaba's DLedger
Service discovery: Consul& etcd
< p> Cluster scheduling: HashiCorp NomadCan only accommodate faulty nodes (CFT), not evil nodes
Sequential voting, only serial apply, so high concurrency Poor performance in scenarios
Raft solves the distributed consensus problem by solving the three main sub-problems surrounding Leader election and managing the security functions of distributed logs and algorithms.
When we start a new Raft cluster or a leader is unavailable, a new leader will be elected through negotiation among all member nodes in the cluster. Therefore, in a given instance, a node of a Raft cluster can be in any of the following states: Follower, Candidate, or Leader.
When the system first starts, all nodes are followers. If they do not receive the heartbeat signal from the leader within a period of time, the follower will be converted into a candidate;
If a node If a Candidate node receives votes from the majority of nodes, the Candidate can be converted into a Leader, and the remaining Candidate nodes will return to the Follower state;
Once a Leader discovers that there is a Leader node in the system that is older than itself. If the term is higher, it will be converted to Follower.
Raft uses a heartbeat-based RPC mechanism to detect when a new election starts. During normal times, the Leader will regularly send heartbeat messages to all available Followers (in practice, the log and heartbeat may be sent together). Therefore, the other node starts in the Follower state and remains in the Follower state as long as it receives periodic heartbeats from the current Leader.
When the Follower reaches its timeout, it will start the election process in the following way:
Based on the responses that the Candidate receives from other nodes in the cluster, the three steps for the election can be derived result.
The implementation of consensus algorithms is generally based on replicated state machines. What is a replicated state machine:
In simple terms: the same initial recognition state + the same input = Same end state. Different nodes should use the same and deterministic function to process input, rather than introducing uncertain values, such as local time, etc. It is a good idea to use replicated log. Log has the characteristics of persistence and order preservation, and is the cornerstone of most distributed systems.
With the Leader, all concurrent requests from the client can form an orderly log (status) sequence on the Leader's side to represent the order in which these requests are processed. The Leader then sends its log sequence to the Followers to maintain the global consistency of the entire system. Note that it is not superiorconsistency, but eventual consistency.
The log consists of log entries with a sequential number (log index). Each log entry consists of the term when it was created, and the data contained in the log, which can be of any type, from simple types to blocks of the blockchain. Each log entry can be represented by a [term, index, data] sequence pair, where term represents the term, index represents the index number, and data represents the log data.
The Leader attempts to execute replication commands on a majority of the nodes in the cluster. If the replication is successful, the command is submitted to the cluster and the response is sent back to the client. Similar to two-phase commit (2PC), but the difference from 2PC is that the leader only needs the consent of more than half of the nodes (in a working state).
Both leader and follower may crash, so the log maintained by the follower may have the following situations compared with the leader
When the leader and follower are inconsistent, the leader forces the follower to copy its own log, the Leader will try from back to front. Each time AppendEntries fails, it will try the previous log entry (decrementing the nextIndex value) until it successfully finds the consistent position point of each Follower's log (based on the two guarantees mentioned above), and then moves backward one by one. Overrides the Followers entry after this position. So missing or extra entries may persist for multiple terms.
Requires the candidate's log to be at least as up-to-date as other nodes. If not, the follower node will not vote for the candidate.
Means that each submitted entry must exist in at least one of these servers. If a candidate's log is at least as up-to-date as the other logs in the majority, it will save all committed entries, avoiding a log rollback event.
That is, at most one leader can be elected in any term. This is very important, there can only be one leader in a replica set at any time. There is more than one leader in the system at the same time, which is called brain split. This is a very serious problem and will cause data coverage loss. In raft, two points guarantee this property:
Therefore, there must be only one leader in a certain term.
When the status of the nodes in the cluster changes (the cluster configuration changes), the systemThe system is susceptible to system failures. So, to prevent this, Raft uses something called a two-phase approach to changing cluster membership. Therefore, in this approach, the cluster first changes to an intermediate state (called federated consensus) before implementing a new membership configuration. Federated consensus enables the system to be used to respond to client requests even when transitioning between configurations, and its main purpose is to improve the availability of distributed systems.
H. How the consensus algorithm executes smart contracts
1. First, the user must register as a user of the blockchain. The blockchain returns a pair of public key and private key to the user. key.
2. Secondly, two or more users jointly agree on a commitment, which contains the rights and obligations of both parties. These rights and obligations are programmed in machine language electronically, and the participants use Sign with each private key to ensure the validity of the contract.
3. The final signed smart contract will be transmitted to the blockchain network according to the commitment content.
I. What is the consensus mechanism in blockchain technology
1. What is the consensus mechanism
In a decentralized structural system, due to the various participants The status is equal. When disagreements arise, how to reach consensus becomes a problem.
Therefore, a consensus mechanism that is exquisitely designed and simple to operate is the key to the smooth operation of a distributed system.
In short, the consensus mechanism is an algorithm that reaches consensus on the order of things within a period of time. It is a mechanism for blockchain nodes to reach a consensus across the entire network on block information.
