Proof of Authority

General
,
1

cover_forum_blockchains-study
cover_forum_blockchains-study2400×1350 170 KB

This post is part of our Blockchains Study Group and the Cryptography series . Take a look there to learn more about related topics.

Prerequisite knowledge: Proof of Stake

The Proof of Authority (PoA) consensus algorithm is turning into one of the most mature versions of blockchain technology. In the last post, we read about how Proof of Stake was designed to solve the problems of Proof of work. However, Proof of stake has it's own drawbacks. While Proof of Work-based blockchain has performance limitations in terms of transactions per second, Proof of Stake continues to struggle with scalability. To overcome the scalability issues, Proof of Authority was designed to be faster and more scalable than other algorithms. Proof of Authority is an improvement of Proof of Stake, wherein, the validators of the network stake their identity instead of staking their coins. This makes the PoA systems more secure because if there is a malicious activity by a validating node, it can be traced down to the person who owns the node.

This makes PoA based blockchains very popular amongst the market leaders, such as DNVGL, Walmart, GE Aviation for supply chain use-cases. However, this innovative mechanism that contradicts the basic principles of cryptocurrencies — decentralization and anonymity.

What is Proof of Authority?

Proof of Authority (PoA) is a reputation-based consensus algorithm that introduces a practical and efficient solution for blockchain networks (especially the private ones). It was proposed in 2017 as part of the Ethereum ecosystem for private network and can be implemented using the OpenEthereum and Geth clients.

The PoA consensus algorithm leverages the value of identities. PoA is often considered to be a modified PoS because in PoA block validators are staking their reputations instead of staking their coins.
Identity refers to the correspondence between a validator’s personal identification with officially issued documentation for the same person, i.e. certainty that a validator is exactly who that person represents to be. Therefore, staking of identity means voluntarily disclosing who you are in exchange for the right to validate the blocks.

PoA algorithms rely on a set of trusted nodes called the authorities. Each authority is
identified by a unique id and a majority of them is assumed honest. The authorities run a consensus to order the transactions issued by clients. The consensus in PoA relies on a mining rotation schema to fairly distribute the responsibility of block creation among the authorities. Time is divided into steps, each
of which has an authority elected as validating leader.

Since the PoA model relies on a limited number of block validators, this is what makes it a highly scalable system.

PoA implemented by Ethereum clients

Aura

Aura (Authority Round) is the PoA algorithm implemented in OpenEthereum (formerly Parity), the Rust-based
Ethereum client. The network assumes that all authorities are synchronised within the same. Authorities maintain two queues locally, one for transactions and one for pending
blocks. Each issued transaction is collected by authorities in the transaction queue. For each time step, the leader includes the transactions in the transaction queue in a block and broadcasts it to the other authorities. Then each authority sends the received block to the others (round block acceptance). If it turns out that all the authorities received the same block, they accept the block by adding it in the block queue. Any received block sent by an authority not expected to be the current leader is rejected. The leader is always expected to send a block; if no transaction is available then an empty block has to be sent.

If authorities do not agree on the proposed block during the block acceptance, a voting is
triggered to determine whether the current leader is malicious and if so the malicious leader is kicked out of the network. The voting mechanism is realised through a smart contract, and a majority of votes is required to actually remove the current leader from the set of legitimate authorities. If a leader is voted as being malicious, all the blocks in the queue block proposed by it are discarded.

Clique

Clique is the PoA algorithm implemented in Geth, the GoLang-based Ethereum client.
The algorithm proceeds in epochs which are identified by a prefixed sequence of committed
blocks. When a new epoch starts, a special transition block is broadcasted. It specifies the set
of authorities (i.e., their ids) and can be used as snapshot of the current blockchain by new
authorities needing to synchronise.

Clique computes the current step and leader using a formula that combines the block number and the number of authorities. At each step, the leader broadcasts a block and all the authorities directly commit it to the chain. In addition to the current leader, other authorities are allowed to propose blocks in each step. As more authorities can propose a block during each step, forks can occur. However, a fork likelihood is limited by the fact that each non-leader authority proposing a block delays its block
by a random time, hence the leader block is likely to be the first received by all the authorities.

Examples of PoA network

Kovan

Kovan is a public Proof-of-Authority (PoA) Ethereum testnet which built on OpenEthereum client (Aura). This testnet was made to overcome the instability issues of the Ropsten Testnet. In Feb 2017, Ropsten was under a denial-of-service attack (“spam attack”), where spam blocks were inserted into the network. These blocks were very slow to process and required a lot of CPU time and memory. This resulted in developers no longer having a stable public testing environment to deploy and test their smart contract code prior to deploying on the mainnet chain. There is no mining involved to secure the network with PoA, and relies on trusted ‘Validators’, malicious actors are prevented from acquiring testnet Ether, solving the spam attack on Ropsten.

VeChainThor

VeChain is a blockchain platform designed to enhance supply chain management and business processes by using distributed ledger technology. The VeChainThor blockchain platform is a public blockchain that uses PoA consensus mechanism. In order to be an Authority Masternode (AM) in the VeChainThor network, the individual or entities needs to voluntarily disclose their identity to the VeChain Foundation and go through a Know Your Customer (KYC) procedure.

In the VeChainThor blockchain, a block is produced after a small duration of time. In the initial release of the protocol, this time duration was set to 10 seconds. Each AM gets equal opportunity to produce a block, however, selection of the AM at each cycle is not deterministic. A deterministic pseudo-random process (DPRP) and the concept of “active/inactive” status for AMs is used to decide if an AM is a legitimate option to produce a block. The active and inactive status is defined not defined by the activity of the AM in the network but by the AMs ability to generate a block at the time they were selected. If an AM fails to generate a block when they are elected as a leader, the AM is marked as inactive. This reflects in their chances of being selected again. This means that AM does not have to be physically active in the network at all times.

VeChainThor ensures that there is no requirement of communications between AMs to reach consensus and system continuity is independent of the number of available AMs.

Conclusion

“Neither a total centralization nor a total decentralization would be the correct answer, but a comprise and balance of both would.”

While PoA-based systems have a high throughput, the design of this algorithm disputes with the blockchain principles of decentralization and anonymity. Only a few trusted participants of the network can take part in the validation of the block, which can result in centralisation of the network. Moreover, the identities of PoA validators can be visible publicly or to a group of people. This could potentially lead to third-party manipulation. For instance, if a competitor wants to disrupt a PoA-based network, he may try to influence public known validators to act dishonestly in order to compromise the system from within.

The inherent features of PoA systems are a stark contrast from how blockchains have been functioning until now. Still, PoA presents an interesting approach and cannot be disregarded as an emerging blockchain solution.

References and further reading:

3 Likes
2

Hi @SmritiVerma,

I have been a fan of Proof of Authority networks as a way to scale for a couple of years now (whilst waiting for Layer 2 solutions - coming soon ™).

Security of the network depends on the authorities having significant reputation, where the reputation of a single authority is greater than the total value stored in the network. This works well for lower value networks, (gaming, social, collectibles) but users of the network have to trust the authorities.

My favourite example of a PoA network is xDAI.

1 Like
3

Hasn't xDAI transitioned to PoS? I'd love to know about how the chain properties (eg throughput) and usage changed with the new consensus mechanism.

1 Like
4

Hi @spalladino,

Good point. I hadn't realized that the transition had started:

The xDai chain is currently functioning in a permissioned POSDAO-based consensus, where selected validators use xDai-based STAKE tokens to secure the chain. xDai will transition to public POSDAO in the coming months, where community members can become validator candidates as well as delegate STAKE to candidates and validators.

I assume that the scaling properties are similar to Proof of Authority (unless there is extra overhead for POSDAO).