Skip to main content
SpringerLink
Log in

Security Analysis on dBFT Protocol of NEO

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12059))

Included in the following conference series:

Abstract

NEO is ranked as one of the top blockchains by market capitalization. We provide a security analysis on its backbone consensus protocol, called delegated Byzantine Fault Tolerance (dBFT). The dBFT protocol has been employed by NEO and other blockchains like ONT. dBFT claims to guarantee safety when no more than nodes are Byzantine, where n is the total number of consensus participants. However, we identify attacks to break the safety with no more than f Byzantine nodes. This paper provides the following contributions. First, we evaluate NEO’s source code and present the procedures of dBFT. Then, we present two attacks to break the safety of dBFT protocol with no more than f nodes. Therefore, the system cannot guarantee the claimed safety. We also provide recommendations on how to fix the system against the identified attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://coinmarketcap.com/currencies/neo/. Data fetched on 21st Sept. 2019.

References

  1. Discussion and improvement on dBFT (2019). https://github.com/neo-project/neo/pull/320

  2. Discussion and improvement on dBFT (2019). https://github.com/neo-project/neo/pull/547

  3. Hyperledger fabric (2019). https://cn.hyperledger.org/projects/fabric

  4. Hyperledger sawtooth (2019). https://cn.hyperledger.org/projects/sawtooth

  5. Neo source code on GitHub (2019). https://github.com/neo-project/neo/tree/master/neo

  6. Akkoyunlu, E.A., Ekanadham, K., Huber, R.V.: Some constraints and tradeoffs in the design of network communications. SIGOPS Oper. Syst. Rev. 9(5), 67–74 (1975). https://doi.org/10.1145/1067629.806523

    Article  Google Scholar 

  7. Androulaki, E., et al.: Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the Thirteenth EuroSys Conference, p. 30. ACM (2018)

    Google Scholar 

  8. Cachin, C., Vukolić, M.: Blockchain consensus protocols in the wild. arXiv preprint arXiv:1707.01873 (2017)

  9. Castro, M., Liskov, B.: Practical Byzantine fault tolerance. In: Proceedings of the Third USENIX Symposium on Operating Systems Design and Implementation (OSDI), New Orleans, Louisiana, USA, 22–25 February 1999, pp. 173–186 (1999). https://doi.org/10.1145/296806.296824

  10. Decker, C., Seidel, J., Wattenhofer, R.: Bitcoin meets strong consistency. In: Proceedings of the 17th International Conference on Distributed Computing and Networking, p. 13. ACM (2016)

    Google Scholar 

  11. Dwork, C., Lynch, N., Stockmeyer, L.: Consensus in the presence of partial synchrony. J. ACM (JACM) 35(2), 288–323 (1988)

    Article  MathSciNet  Google Scholar 

  12. Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. Commun. ACM 61(7), 95–102 (2018)

    Article  Google Scholar 

  13. Fischer, M.J., Lynch, N.A., Paterson, M.: Impossibility of distributed consensus with one faulty process. J. ACM 32(2), 374–382 (1985). https://doi.org/10.1145/3149.214121

    Article  MathSciNet  MATH  Google Scholar 

  14. Gilbert, S., Lynch, N.A.: Brewer’s conjecture and the feasibility of consistent, available, partition-tolerant web services. SIGACT News 33(2), 51–59 (2002). https://doi.org/10.1145/564585.564601

    Article  Google Scholar 

  15. Abraham, I., Gueta, G., Malkhi, D., Martin, J.P.: Revisiting fast practical Byzantine fault tolerance: Thelma, Velma, and Zelma (2018). https://arxiv.org/abs/1801.10022

  16. Kotla, R., Alvisi, L., Dahlin, M., Clement, A., Wong, E.: Zyzzyva: speculative byzantine fault tolerance. In: ACM SIGOPS Operating Systems Review, vol. 41, pp. 45–58. ACM (2007)

    Google Scholar 

  17. Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). https://bitcoin.org/bitcoin

  18. Natoli, C., Yu, J., Gramoli, V., Esteves-Verissimo, P.: Deconstructing blockchains: a comprehensive survey on consensus, membership and structure (2019)

    Google Scholar 

  19. NEO: Neo GitHub (2018). https://github.com/neo-project

  20. NEO: Neo whiteopaper (2018). http://docs.neo.org/zh-cn/whitepaper.html

  21. Rahli, V., Vukotic, I., Völp, M., Esteves-Verissimo, P.: Velisarios: Byzantine fault-tolerant protocols powered by coq. In: Ahmed, A. (ed.) ESOP 2018. LNCS, vol. 10801, pp. 619–650. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89884-1_22

    Chapter  Google Scholar 

  22. Stathakopoulou, C., David, T., Vukolić, M.: Mir-BFT: high-throughput BFT for blockchains. arXiv preprint arXiv:1906.05552 (2019)

  23. Ontology Team: Ont consensus (2018). https://github.com/ontio/ontology/tree/master/consensus/dbft

  24. Veronese, G.S., Correia, M., Bessani, A.N., Lung, L.C., Verissimo, P.: Efficient Byzantine fault-tolerance. IEEE Trans. Comput. 62(1), 16–30 (2011)

    Article  MathSciNet  Google Scholar 

  25. Vukolić, M.: The quest for scalable blockchain fabric: proof-of-work vs. BFT replication. In: Camenisch, J., Kesdoğan, D. (eds.) iNetSec 2015. LNCS, vol. 9591, pp. 112–125. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39028-4_9

    Chapter  Google Scholar 

  26. Vukolić, M.: Rethinking permissioned blockchains. In: Proceedings of the ACM Workshop on Blockchain, Cryptocurrencies and Contracts, pp. 3–7. ACM (2017)

    Google Scholar 

  27. Yin, M., Malkhi, D., Reiter, M.K., Gueta, G.G., Abraham, I.: HotStuff: BFT consensus with linearity and responsiveness. In: Proceedings of the 2019 ACM Symposium on Principles of Distributed Computing, pp. 347–356. ACM (2019)

    Google Scholar 

  28. Yu, J., Kozhaya, D., Decouchant, J., Veríssimo, P.J.E.: Repucoin: your reputation is your power. IEEE Trans. Comput. 68(8), 1225–1237 (2019)

    Article  MathSciNet  Google Scholar 

  29. Zhang, E.: Neo consensus (2018). http://docs.neo.org/en-us/basic/consensus/consensus.html

  30. Zhang, R., Preneel, B.: Lay down the common metrics: evaluating proof-of-work consensus protocols’ security. In: 2019 IEEE Symposium on Security and Privacy (SP). IEEE (2019)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Swinburne University of Technology, Melbourne, Australia

    Qin Wang, Van Cuong Bui & Yang Xiang

  2. Monash University, Melbourne, Australia

    Jiangshan Yu

  3. Qihoo 360 Core Security, Beijing, China

    Zhiniang Peng

  4. Csiro, Data61, Sydney, Australia

    Shiping Chen

  5. Cyberspace Security Research Center, Shenzhen, China

    Yong Ding

Authors
  1. Qin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jiangshan Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhiniang Peng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Van Cuong Bui
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shiping Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Yong Ding
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Yang Xiang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jiangshan Yu .

Editor information

Editors and Affiliations

  1. New York University, New York City, NY, USA

    Joseph Bonneau

  2. University of California, La Jolla, CA, USA

    Nadia Heninger

A dBFT Flow Chart

A dBFT Flow Chart

figure l

Rights and permissions

Reprints and permissions

Copyright information

© 2020 International Financial Cryptography Association

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Wang, Q. et al. (2020). Security Analysis on dBFT Protocol of NEO. In: Bonneau, J., Heninger, N. (eds) Financial Cryptography and Data Security. FC 2020. Lecture Notes in Computer Science(), vol 12059. Springer, Cham. https://doi.org/10.1007/978-3-030-51280-4_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-51280-4_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-51279-8

  • Online ISBN: 978-3-030-51280-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation