BFTRAND: Low-latency Random Number Provider for BFT Smart Contracts

Jinghui Liao, Borui Gong, Wenhai Sun, Fengwei Zhang, Zhenyu Ning, Man Ho Au, Weisong Shi

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

Abstract

Random numbers play a crucial role in decentralized applications (dApps) like decentralized finance (DeFi) and non-fungible tokens (NFTs). However, their generation faces challenges due to blolckchain’s deterministic and decentralized nature, risking smart contract security and ecosystem stability. Prior solutions, including Oracles, employing commit-execute schemes, suffer from higher transaction fees, extended processing times, and increased on-chain storage, compromising efficiency. This paper proposes a novel random number provider (RNP) protocol for smart contracts, eliminating dependencies on traditional commit-execute approaches. Furthermore, we systematically identify potential random number-related attacks on smart contracts, particularly Post-reveal Undo Attacks (PUAs), where attackers may reverse contract operations when randomness is unfavorable, and discuss the security requirements. Our protocol addresses these attacks by (1) incorporating distributed random beacons (DRBs) with consensus processes, bridging the semantic gap between DRB and consensus, and (2) thoroughly analyzing and classifying four types of PUA and offering robust mitigations, alongside presenting a security proof. Our experiments show the protocol significantly enhances response times and security for random number queries in smart contracts, slashing request fees by at least 89% and reducing onchain data by 76.4% versus current methods. This work advances the integration of DRB protocols and consensus mechanisms, securing and optimizing random number applications in dApps, thus fostering the creation of more dependable, robust systems.
Original languageEnglish
Title of host publicationThe 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks
Publication statusPublished - 21 Mar 2024

Fingerprint

Dive into the research topics of 'BFTRAND: Low-latency Random Number Provider for BFT Smart Contracts'. Together they form a unique fingerprint.

Cite this