The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication

  • Marko VukolićEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9591)


Bitcoin cryptocurrency demonstrated the utility of global consensus across thousands of nodes, changing the world of digital transactions forever. In the early days of Bitcoin, the performance of its probabilistic proof-of-work (PoW) based consensus fabric, also known as blockchain, was not a major issue. Bitcoin became a success story, despite its consensus latencies on the order of an hour and the theoretical peak throughput of only up to 7 transactions per second.

The situation today is radically different and the poor performance scalability of early PoW blockchains no longer makes sense. Specifically, the trend of modern cryptocurrency platforms, such as Ethereum, is to support execution of arbitrary distributed applications on blockchain fabric, needing much better performance. This approach, however, makes cryptocurrency platforms step away from their original purpose and enter the domain of database-replication protocols, notably, the classical state-machine replication, and in particular its Byzantine fault-tolerant (BFT) variants.

In this paper, we contrast PoW-based blockchains to those based on BFT state machine replication, focusing on their scalability limits. We also discuss recent proposals to overcoming these scalability limits and outline key outstanding open problems in the quest for the “ultimate” blockchain fabric(s).


Bitcoin Blockchain Byzantine fault tolerance Consensus Proof-of-work Scalability State machine replication 


  1. 1.
  2. 2.
    Aguilera, M.K., Toueg, S.: Failure detection and randomization: a hybrid approach to solve consensus. SIAM J. Comput. 28(3), 890–903 (1998)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Aublin, P.-L., Guerraoui, R., Knežević, N., Quéma, V., Vukolić, M.: The next 700 BFT protocols. ACM Trans. Comput. Syst. 32(4), 12:1–12:45 (2015)CrossRefGoogle Scholar
  4. 4.
    Ben-Or, M.: Another advantage of free choice: completely asynchronous agreement protocols (extended abstract). In: Proceedings of the Second Annual ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing (PODC), pp. 27–30 (1983)Google Scholar
  5. 5.
    Bessani, A.N., Sousa, J., Alchieri, E.A.P.: State machine replication for the masses with BFT-SMART. In: 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014, pp. 355–362 (2014)Google Scholar
  6. 6.
    Bonneau, J., Miller, A., Clark, J., Narayanan, A., Kroll, J.A., Felten, E.W.: Sok: research perspectives and challenges for Bitcoin and cryptocurrencies. In: 2015 IEEE Symposium on Security and Privacy, SP 2015, pp. 104–121 (2015)Google Scholar
  7. 7.
    Bracha, G.: An asynchronou [(n-1)/3]-resilient consensus protocol. In: Proceedings of the Third Annual ACM Symposium on Principles of Distributed Computing (PODC), pp. 154–162 (1984)Google Scholar
  8. 8.
    Brewer, E.A.: Towards robust distributed systems (abstract). In: ACM Symposium on Principles of Distributed Computing (PODC), p. 7 (2000)Google Scholar
  9. 9.
    Cachin, C., Kursawe, K., Shoup, V.: Random oracles in constantipole: practical asynchronous byzantine agreement using cryptography (extended abstract). In: Proceedings of the Nineteenth Annual ACM Symposium on Principles of Distributed Computing (PODC), pp. 123–132 (2000)Google Scholar
  10. 10.
    Castro, M., Liskov, B.: Practical Byzantine fault tolerance and proactive recovery. ACM Trans. Comput. Syst. 20(4), 398–461 (2002)CrossRefGoogle Scholar
  11. 11.
    Chandra, T.D., Griesemer, R., Redstone, J.: Paxos made live: an engineering perspective. In: Proceedings of the ACM Symposium on Principles of Distributed Computing (PODC). ACM (2007)Google Scholar
  12. 12.
    Clement, A., Wong, E., Alvisi, L., Dahlin, M., Marchetti, M.: Making Byzantine fault tolerant systems tolerate Byzantine faults. In: Proceedings of the 6th USENIX symposium on Networked systems design and implementation, NSDI 2009, pp. 153–168. USENIX Association (2009)Google Scholar
  13. 13.
    Corbett, J.C., Dean, J., Epstein, M., et al.: Spanner: google’s globally distributed database. ACM Trans. Comput. Syst. (TOCS) 31(3), 8 (2013)CrossRefGoogle Scholar
  14. 14.
    de Prisco, R.: On Building Blocks for Distributed Systems. Ph.D. thesis, Massachussets Institute of Technology (1999)Google Scholar
  15. 15.
    Decker, C., Seidel, J., Wattenhofer, R.: Bitcoin meets strong consistency. In: 17th International Conference on Distributed Computing and Networking (ICDCN) (2016)Google Scholar
  16. 16.
    Decker, C., Wattenhofer, R.: Information propagation in the Bitcoin network. In: 13th IEEE International Conference on Peer-to-Peer Computing, IEEE P2P 2013, pp. 1–10 (2013)Google Scholar
  17. 17.
    Défago, X., Schiper, A., Urbán, P.: Total order broadcast and multicast algorithms: taxonomy and survey. ACM Comput. Surv. 36(4), 372–421 (2004)CrossRefGoogle Scholar
  18. 18.
    Douceur, J.R.: The sybil attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  19. 19.
    Jiaqing, D., Sciascia, D., Elnikety, S., Zwaenepoel, W., Pedone, F.: Clock-RSM: low-latency inter-datacenter state machine replication using loosely synchronized physical clocks. In: The 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (2014)Google Scholar
  20. 20.
    Dwork, C., Lynch, N., Stockmeyer, L.: Consensus in the presence of partial synchrony. J. ACM 35(2), 288–323 (1988)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993)Google Scholar
  22. 22.
    Eyal, I., Gencer, A.E., Sirer, E.G., van Renesse, R.: Bitcoin-NG: a scalable blockchain protocol. In: 13th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2016 (2016)Google Scholar
  23. 23.
    Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014)Google Scholar
  24. 24.
    Fischer, M.J., Lynch, N.A., Paterson, M.S.: Impossibility of distributed consensus with one faulty process. J. ACM 32(2), 374–382 (1985)MathSciNetCrossRefzbMATHGoogle Scholar
  25. 25.
    Garay, J., Kiayias, A., Leonardos, N.: The bitcoin backbone protocol: analysis and applications. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 281–310. Springer, Heidelberg (2015)Google Scholar
  26. 26.
    Gervais, A., Karame, G.O., Capkun, V., Capkun, S.: Is Bitcoin a decentralized currency? IEEE Secur. Priv. 12(3), 54–60 (2014)CrossRefGoogle Scholar
  27. 27.
    Gilbert, S., Lynch, N.A.: Brewer’s conjecture and the feasibility of consistent, available, partition-tolerant web services. SIGACT News 33(2), 51–59 (2002)CrossRefGoogle Scholar
  28. 28.
    Guerraoui, R., Vukolić, M.: Refined quorum systems. Distrib. Comput. 23(1), 1–42 (2010)CrossRefzbMATHGoogle Scholar
  29. 29.
    Istvan, Z., Sidler, D., Alonso, G., Vukolić, M.: Consensus in a box: inexpensive coordination in hardware. In: Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation, NSDI (2016)Google Scholar
  30. 30.
    Junqueira, F.P., Reed, B.C., Serafini, M.: Zab: high-performance broadcast for primary-backup systems. In: Proceedings of the Conference on Dependable Systems and Networks (DSN), pp. 245–256 (2011)Google Scholar
  31. 31.
    Kapitza, R., Behl, J., Cachin, C., Distler, T., Kuhnle, S., Mohammadi, S.V., Schröder-Preikschat, W., Stengel, K.: CheapBFT: resource-efficient Byzantine fault tolerance. In: European Conference on Computer Systems, Proceedings of the Seventh EuroSys Conference 2012, pp. 295–308 (2012)Google Scholar
  32. 32.
    Kapritsos, M., Wang, Y., Quema, V., Clement, A., Alvisi, L., Dahlin, M.: All about Eve: execute-verify replication for multi-core servers. In: Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation, OSDI 2012, pp. 237–250. USENIX Association (2012)Google Scholar
  33. 33.
    Karame, G.O., Androulaki, E., Roeschlin, M., Gervais, A., Capkun, S.: Misbehavior in bitcoin: a study of double-spending and accountability. ACM Trans. Inf. Syst. Secur. 18(1), 2 (2015)CrossRefGoogle Scholar
  34. 34.
    Kotla, R., Alvisi, L., Dahlin, M., Clement, A., Wong, E.: Zyzzyva: speculative byzantine fault tolerance. ACM Trans. Comput. Syst. 27, 7:1–7:39 (2010)Google Scholar
  35. 35.
    Kursawe, K., Shoup, V.: Optimistic asynchronous atomic broadcast. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 204–215. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  36. 36.
    Lamport, L.: The part-time parliament. ACM Trans. Comput. Syst. 16, 133–169 (1998)CrossRefGoogle Scholar
  37. 37.
    Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4, 382–401 (1982)CrossRefzbMATHGoogle Scholar
  38. 38.
    Lewenberg, Y., Sompolinsky, Y., Zohar, A.: Inclusive block chain protocols. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 528–547. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  39. 39.
    Liu, S., Cachin, C., Quéma, V., Vukolić, M.: XFT: practical fault tolerance beyond crashes. CoRR, abs/1502.05831 (2015)Google Scholar
  40. 40.
    Losa, G.: Modularity in the design of robust distributed algorithms. Ph.D. thesis, Ecole Polytechnique Federale de Lausanne (2014)Google Scholar
  41. 41.
    Luu, L., Narayanan, V., Baweja, K., Zheng, C., Gilbert, S., Saxena, P.: SCP: a computationally-scalable Byzantine consensus protocol for blockchains. Cryptology ePrint Archive, Report 2015/1168 (2015).
  42. 42.
    Marandi, P.J., Bezerra, C.E.B., Pedone, F.: Rethinking state-machine replication for parallelism. In: IEEE 34th International Conference on Distributed Computing Systems, ICDCS 2014, pp. 368–377 (2014)Google Scholar
  43. 43.
    Maziéres, D.: The Stellar consensus protocol: A federated model for internetlevelconsensus, November 2015.
  44. 44.
    Mickens, J., The saddest moment. Login Usenix Mag. 39(3) (2014)Google Scholar
  45. 45.
    Milkau, U., Bott, J.: Digitalisation in payments: From interoperability to centralised models? J. Payment Strategy Syst. 9(3), 321–340 (2015)Google Scholar
  46. 46.
    Miller, A., Xia, Y., Croman, K., Shi, E., Song, D.: The honeybadger of BFT protocols. In: Cryptology ePrint Archive 2016/199 (2016)Google Scholar
  47. 47.
    Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system, May 2009Google Scholar
  48. 48.
    O’Dwyer, K.J., Malone, D.: Bitcoin mining and its energy footprint. In: Proceedings of the 2014 IET Irish Signals & Systems Conference (2014)Google Scholar
  49. 49.
    Ongaro, D., Ousterhout, J.: In search of an understandable consensus algorithm. In: Proceedings of the 2014 USENIX Conference on USENIX Annual Technical Conference, USENIX ATC 2014, pp. 305–320. USENIX Association (2014)Google Scholar
  50. 50.
    Poke, M., Hoefler, T..: DARE: high-performance state machine replicationon RDMA networks. In: Proceedings of the 24th International Symposium on High-Performance Parallel and Distributed Computing, HPDC 2015, pp. 107–118 (2015)Google Scholar
  51. 51.
    Ramasamy, H.G.V., Cachin, C.: Parsimonious asynchronous byzantine-fault-tolerant atomic broadcast. In: Anderson, J.H., Prencipe, G., Wattenhofer, R. (eds.) OPODIS 2005. LNCS, vol. 3974, pp. 88–102. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  52. 52.
    Rodrigues, R., Liskov, B., Chen, K., Liskov, M., Schultz, D.A.: Automatic reconfiguration for large-scale reliable storage systems. IEEE Trans. Dependable Sec. Comput. 9(2), 145–158 (2012)CrossRefGoogle Scholar
  53. 53.
    Schneider, F.B.: Implementing fault-tolerant services using the state machine approach: a tutorial. ACM Comput. Surv. 22(4), 299–319 (1990)CrossRefGoogle Scholar
  54. 54.
    Sompolinsky, Y., Zohar, A.: Secure high-rate transaction processing in bitcoin. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 507–527. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  55. 55.
    Toueg, S.: Randomized byzantine agreements. In: Proceedings of the Third Annual ACM Symposium on Principles of Distributed Computing, Vancouver, B.C., Canada, 27–29 August 1984, pp. 163–178 (1984)Google Scholar
  56. 56.
    Vukolić, M.: Quorum Systems: With Applications to Storage and Consensus. Synthesis Lectures on Distributed Computing Theory. Morgan & Claypool Publishers, San Rafael (2012)Google Scholar
  57. 57.
    Wood, G.: Ethereum: A secure decentralised generalised transaction ledger (2015).
  58. 58.
    Zohar, A.: Bitcoin: under the hood. Commun. ACM 58(9), 104–113 (2015)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2016

Authors and Affiliations

  1. 1.IBM ResearchZurichSwitzerland

Personalised recommendations