Byzantine Fault Tolerant consensus with confidential quorum certificate for a Central Bank DLT

Some essential characteristics of Distributed Ledger Technologies (DLTs), such as programmability and the use of advanced cryptographic techniques, can also be effectively utilized in controlled environments, overseen by a central authority or a group of delegated entities. This is especially relevant in the formal financial sector, and in other settings where compliance with regulation is of the essence. Technically, this requires DLTs to be deployed in permissioned or private versions, where only a set of authorized participants, called validators, are allowed to approve or reject transactions on the shared ledger. This is in contrast to permissionless or public versions, where no authorization is required. All DLTs, whether permissionless or permissioned, function based on a cooperative decision process designed to reach an agreement among validators about the next state of the ledger. This process, known as a consensus protocol, is a critical component of DLTs because it enables validators to maintain uninterrupted operation of the system without human intervention, even if some validators are compromised or become disconnected from the network. In permissionless environments, achieving consensus is resource intensive: Since validators’ identities are not known, they must prove their honesty by either committing significant computational power (Proof-of-Work, PoW) or substantial financial capital (Proof-of-Stake, PoS). In permissioned contexts, consensus can be achieved without the need for extensive resource commitments. In particular, Proof-of-Authority (PoA) consensus protocols rely on a predetermined group of validators, who are entrusted with the power to accept or reject transactions proposed by participants. Typically, these validators achieve consensus through qualified majority voting. In this paper, we present the FBFT (FROSTed Byzantine Fault Tolerance) protocol, a novel approach to PoA meant to strengthen the security of the ledger, its tolerance to faults or attacks, and the confidentiality of validators. It combines the Practical Byzantine Fault Tolerance (PBFT) algorithm, a well-known contribution from distributed systems literature, with the Flexible Round-Optimized Schnorr Threshold (FROST) signature scheme, a recent finding in cryptographic research. Leveraging state-of-the-art privacy-enhancing techniques, FBFT builds a collective agreement certificate (or “joint cryptographic signature†), which represents the endorsement of a given set of transactions by a quorum of validators. In addition, it provides strong guarantees of tolerance to Byzantine faults – situations where some validators may stop functioning or behave dishonestly, possibly due to software bugs or cyber-attacks. Finally, it preserves the confidentiality of validators: Their number and identities is only known to the central authority and its delegates, and not leaked to DLT participants. The advantage is a reduction in the risk of attacks targeted at specific validators. We integrate our FBFT protocol into the code of a Bitcoin-like blockchain, effectively adapting its consensus component to a permissioned context, and we evaluate its performance across a variety of geographically distributed, realistic scenarios. To demonstrate its practicality and encourage further research, we provide an open-source implementation of our DLT. To the best of our knowledge, this is the first time that a Central Bank releases in open source a distributed consensus algorithm developed entirely in-house. The resulting system, although experimental and lacking features expected of production- ready solutions, can be seen as an alternative platform for a distributed, resilient transactional system: Operated by a set of trusted actors, distributed at geographic scale, it holds potential for mission-critical applications, such as wholesale and retail Central Bank Digital Currencies, and – in perspective – asset tokenization schemes.