SwiftCloud
  • Introduction
  • Design Goals and Principles
  • Architecture
    • Architecture Overview
    • Consensus Layer
    • Consensus-ParaTime nterface
    • ParaTime Layer
    • Key Manager
  • Discrepancy Detection
  • Parallel Runtimes
    • Private Computation Runtime
    • Non-confdential Computation Runtime
    • Smart Contract APIs
  • Key Managers
    • ParaTime Key Manager
    • Potential Future Key Manager Features
  • Conclusion
Powered by GitBook
On this page

Discrepancy Detection

Discrepancy detection is the verifiable computing technique that the SwiftCloud Blockchain Platform uses to verify ParaTime execution currently. It permits the useof smaller ParaTime committees than other schememaking the system more efficient, especially when theapplication is compute heavy compared to consensusThe key idens in discrepancy detection are (1) random selection of compute nodes from a populationto form a compute committee and (2) accepting theresults only if all committee members agree.A separate protocol, wbich we call “discrepancy resolution" isuscd when a discropanicy is detected.One can think ofdiscrepancy resolution as another security parameterto diacrepancy detection, and that the resolution protocol is the expensive.“slow path” mechanism used tocorrect faults,and the detection protocol is the cheap“fast path" mechanism used to detect faults

Here is what discrepancy detection does:

  • Resiilts of copute node execution is signed bythe node and sent to the discrepancy detectorsvia a gossip network. The detectors are implemented within yerification code colocated withinthe validator nodes.

  • The verification code checks the results.Fachcompute node should have signed only one resultdouble signing results in slashing.Absent doublesigning, the results should be identical, i.e. discrepancy free.

-If the rosults are discrepancy free, they arcsubmitted to the validators for consensugprotocol processing and block creation.

-If there is a discrepncy. the resuilta arcmarked as disputed and the resolution phaseis started to use the slow-path protocol todetermine the correct results to use. The nodes with disputed results that differ are penalized an amount that pays for the slowpath re-execution costs.

An important observation is that except for un-usual events like hardware failures,ParaTime errorsthat result in non-deterministic execution, or an non-adaptive adversary (see Appendix B), the resolutjonmechanism should never be invoked.The analysis showing that the security propert.iesis based on calculating the probability of selecting anall-Byzantine committee, so that discrepancy detection would fail to detect any errors.

The discrepancydetection security parameters are chosen to drive thisprobability as low as nceded in order to drive the ad-versary cost to a level that should be unacceptable tothe attacker. The key result of this analysis is that the com-mittee size neced is significantly smaller than thatneeded-for the same level of securityas would befor a conventional BFT scheme.

This means that byusing discrepancy detection, the cost in system resources needed to deliver the same level of security isfar smaller.and that our system will be able to scalebetter.

PreviousKey ManagerNextParallel Runtimes

Last updated 1 year ago