Proof of Authority
Proof of Authority
One of the biggest decisions when designing a public blockchain system is about designing the consensus algorithm. The protocol not only dictates how blockchain participants agree on the blockchain grows but embodies the governance model imposed upon the system.
Recall that the underlying design philosophy of our governance model is that
neither a total centralization nor a total decentralization would be the correct answer, but a compromise from and balance of both would.
VeChainThor implements the Proof of Authority (PoA) consensus algorithm which suits our governance model which states that there would not be anonymous block producers, but a fixed number of known validators (Authority Masternodes) authorized by the steering committee of the VeChain Foundation.
“It takes twenty years to build a reputation and five minutes to ruin it. If you think about that, you’ll do things differently.” – Warren Buffet
To be an Authority Masternode (AM), the individual or entity voluntarily discloses who they are (identity and reputation by extension) to the VeChain Foundation in exchange for the right to validate and produce blocks. It is their identities and reputations placed at stake that give all the AMs additional incentives to behave and keep the network secure. In VeChainThor, each AM has to go through a strict know-your-customer (KYC) procedure and satisfy the minimum requirements set by the Foundation.
When discussing a consensus algorithm, we must answer the following questions:
- When is a new block produced?
- Who generates the block?
- How to choose the "trunk" from two legitimate blockchain branches?
VeChainThor schedules a new block to be generated once every seconds. We set =10, which is based on our estimation of the usage of VeChainThor. Let be the timestamp of the genesis block. The timestamp of the block with height , ,must satisfy where and .
PoA allows every available AM to have an equal opportunity to be selected to produce blocks. To do that, we introduce a deterministic pseudo-random process (DPRP) and the “active/inactive” AM status to decide whether a particular AM is legitimate for producing a block with height (
uint32) and timestamp (
uint64). Here must satisfy . We first define the DPRP to generate a pseudo-random number as:
where denotes the operation that concatenates two byte arrays.
Let denote the sorted set of AMs with the “active” status in the state associated with block . Note that in VeChainThor each AM is given a fixed index number and the numbers are used to sort elements in . To verify whether is the legitimate AM for producing , we first define
where returns the parent block. We then compute index as:
AM is the legitimate producer of if and only if . Note that we put double quotes around the word “active” to emphasize that the status does not directly reflect the physical condition of a certain AM, but merely a status derived from the incoming information from the network.
AM Status Updating
Given the latest block and its parent, for any and , the system computes AM such that
and mark as "inactive" in the state associated with . In addition, the system always sets the status of the AM that generates as "active". Note that we set all the AMs as "active" from the beginning.
The final question we need to answer is how to choose the “trunk” from two legitimate blockchain branches. Since there is no computational competition in PoA, the “longest chain” rule does not apply. Instead, we consider the better branch as the one witnessed by more AMs.
To do that, we compute the accumulated witness number (AWN), , for block as:
with . Since computes the number of AMs with “active” status associated with , it can be viewed as the number of AMs that witness the generation of . Therefore, we select the branch with the larger AWN as the trunk. If the AWNs are the same, we choose the branch with less length. Note that the AWN is stored in the block header as
Formally, given two branches and with their latest blocks and , respectively, we first calculate their AWNs and . The system then makes the following decision: choose as the trunk if , or if . In case , choose if or if . If , keep the current trunk.