1. Introduction
Thanks to the rapid advancements in artificial intelligence (AI) and Internet of Things (IoT) technologies, the concept of Smart Cites becomes realistic. The information fusion capability provided by these interconnected devices enables situational awareness (SAW), which is essential to ensure a safe and sustainable urban environment. With wide deployment of the exponentially increasing smart Internet of Video Things (IoVT) for safety surveillance purposes, intelligent online video stream processing is becoming one of the most actively researched topics in smart cites [
1].
In typical Internet of Video Things (IoVT) systems, a huge amount of raw video data collected by geographically scattered cameras is sent to a remote cloud for aggregation. It provides a broad spectrum of promising applications, including public space monitoring, human behavior recognition [
2], and suspicious event identification [
3]. However, centralized IoVT solutions suffer from the risk of single points of failure and are not scalable for accommodating the ever growing IoVT networks, which are pervasively deployed with heterogeneous and resource-limited smart devices at the edge of networks. Moreover, online video streams and other offline data, such as situation contextual features, are shared among participants using high-end cloud servers, which are under the control of third-party entities. Such a centralized architecture also raises severe privacy and security concerns that data in storage can be misused or tampered with by dishonest entities.
Evolving from the distributed ledger technology (DLT), blockchain has gained significant attention for its potential to revolutionize multiple areas of the economy and society. The inherent security guarantees of blockchain lay down the foundations of serverless record keeping, without the need for centralizing trusted third-party authorities [
4]. Blockchain runs on a decentralized peer-to-peer (P2P) network in order to securely store and verify data without relying on a centralized trust authority. The decentralization removes the risk of singular point of failures and mitigates bottleneck performances, which were inherent in centralized architectures. In addition, blockchain leverages distributed consensus protocols to enable a verifiable process for fault tolerance and tamper-proof storage on a public distributed ledger. Therefore, transparency, immutability, and auditability guaranteed by blockchain ensure resilience, correctness, and provenance for all data sharing among untrusted participants.
Internet of Video Things (IoVT) provides a broad spectrum of applications, particularly in the area of public safety [
5]. Migrating from centralized cloud-based paradigms to decentralized blockchain-based methods renders IoVT systems more efficient, scalable, and secure. However, directly integrating cryptocurrency-oriented blockchains into resource constrained IoVT systems is difficult in terms of handling the blockchain trilemma [
6], which points out that decentralization, scalability, and security cannot perfectly co-exist. Most IoVT devices are highly resource constrained. Therefore, computing and storage intensive consensus protocols are not affordable, such as Proof-of-Work (PoW) [
7], Proofs-of-Retrievability (PORs) [
8], or Practical Byzantine Fault Tolerant (PBFT) [
9], which come with high communication complexity and poor scalability. In addition, IoVT systems involve a large volume of real-time transactions. Higher throughput and lower latency become key metrics in blockchain-based systems for IoVT deployed on edge networks. Furthermore, DLTs are not general-purpose databases. The storage overhead is prohibitively high if raw data generated by IoVT transacting networks are stored in the blockchain.
The Electrical Network Frequency (ENF) is the power supply frequency which fluctuates around its nominal frequency (50/60 Hz). The frequency fluctuations vary based on geographical region. The ENF fluctuations estimated from simultaneously recorded audio/video recordings within a power grid have a high correlation similarity [
10].
Inspired by spatio-temporal sensitive ENF contained in multimedia signals, this paper proposes EconLedger, a novel Proof-of-ENF (PoENF) consensus algorithm based lightweight DLT for small scale IoVT networks. Compared to PoW or PoRs, which require high computation or storage resources in mining process, our novel PoENF consensus requires each validator to use extracted ENF variations from simultaneous multimedia recordings as proofs during current consensus round. The validator that presents a valid ENF proof with minimal squared-distance-based score is qualified to generate a new block. Thus, the PoENF consensus mechanism not only achieves efficiency without high demand of mining resource or hardware platform support but it also enhances security by mitigating mining centralization.
In contrast to existing solutions that directly collect ENF fluctuations from power grids and stores audio/video recordings in a centralized location-dependent ENF database [
10,
11], EconLedger uses
Swarm [
12], which is a decentralized database (DDB) technology, to archive raw ENF-containing multimedia proofs and transactions over IoVT networks. Only hashed references of data are recorded on an immutable and auditable distributed ledger. Thus, it reduces the ever-increasing data storage overhead on the public ledger. The EconLedger ensures correctness, availability, and provenance of data sharing among untrusted devices under a distributed network environment. Moreover, a network with permission ensures that only authorized nodes can access raw data on DDB such that privacy preservation is guaranteed.
In summary, this paper makes the following contributions:
- (1)
A secure-by-design EconLedger architecture is introduced along with detailed explanation of the key components and work flows;
- (2)
A novel PoENF consensus mechanism is proposed, which improves resource efficiency and achieves a higher throughput than PoW-based blockchains;
- (3)
A finalized on-chain ledger is coupled with a decentralized off-chain storage to resolve storage burden, and it guarantees security and robustness of data sharing and cooperation in IoVT networks;
- (4)
A proof-of-concept prototype is implemented and tested on a small scale IoVT network, and experimental results verified that the EconLedger is feasible and affordable with respect to the IoVT devices deployed at edge networks.
The remainder of this paper is organized as follows:
Section 2 briefly discusses background knowledge of ENF, then reviews existing consensus algorithms and state-of-the-art research on IoT Blockchains.
Section 3 introduces the rationale and architecture of EconLedger, as well as core features and security guarantees. A novel PoENF consensus mechanism is explained in
Section 4.
Section 5 presents prototype implementation and numerical results and discusses performance improvements and security insurances. Finally, a summary is presented in
Section 6.
3. EconLedger: Rationale and Architecture
This section provides a comprehensive overview of EconLedger system architecture consisting of the following: (1) upper-level IoVT application layer; and (2) Econledger fabric enabled security networking infrastructure. Following that, we explain the network model of EconLedger with basic security assumptions and describe an efficient hybrid on-chain and off-chain storage structure based on the DDB system.
3.1. System Design Overview
EconLedger aims at a secure-by-design, trust-free and partially decentralized infrastructure for cross-devices networking IoVT systems at the edge. We consider a small scale video surveillance network with 100 nodes, and all IoVT devices and edge/fog servers are connected to the same regional power grid. Here, a node refers to a device owned by a user.
Figure 1 is the system architecture of EconLedger.
3.1.1. IoVT Application
The upper-level IoVT application utilizes an EconLedger fabric to enable decentralized video analytic services and information visualization at the edge. All devices and users must be registered to join the IoVT system as required by the permissioned network, which can provide basic security primitives such as public key infrastructure (PKI), identity authentication [
30], and access control [
31], etc. Real-time video streams generated by cameras are transferred to on-site/near-site edge devices for lower level analytic tasks, such as object detection and situational contextual features extraction. Thus, cameras associated with edge devices act as IoVT service units at the network of edge. Then, IoVT service units send raw video data and extracted contextual information to the information visualization unit, which provides video recordings and smart applications for authorized users.
To prevent visual layer attacks, IoVT service extracts ENF signals from video streams as an environmental fingerprint, which is stored into DDB and secured by
EconLedger fabric. At any given time instant, variation trends of ENF-containing multimedia signals from all synchronous cameras on the same power grid are almost identical. Therefore, using ENF fluctuations recorded on EconLedger laid solid ground truth for video authenticity verification. By calculating correlation coefficients among ENF signals extracted from video recordings with an agreed ENF estimate recorded on distributed ledger, the information visualization unit verifies whether or not live/offline video streams are generated by cameras within the same power grid [
32,
33].
3.1.2. EconLedger Fabric
The EconLedger fabric provides fundamental networking and security infrastructure to support decentralized security features for the IoVT system. All authorized devices firstly store raw ENF fingerprints into the DDB, then the devices launch transactions that include hashed references of raw data along with valid signatures. As transactions store fixed-length hashed references rather than raw data with varying size, such an off-chain manner reduces storage overhead when IoVT devices verify transactions and synchronize the ever-increasing distributed ledger.
EconLedger uses a small PoENF committee to achieve high efficiency by reducing message propagation delay and communication overhead on the edge network. Given a random committee election mechanism, only a subset of nodes within the network are elected as PoENF committee members. The PoENF consensus protocol is only executed by validators of a PoENF committee instead of all nodes in the network. Therefore, scalability is improved at the cost of partial decentralization by a PoENF consensus committee.
Meanwhile, a random PoENF committee rotation strategy ensures that robustness is not sacrificed due to fewer validators. Combining the current status of the distributed ledger, a distributed randomness protocol acts as the oracle to periodically generate global randomness strings for PoENF committee selection. As randomness strings are bias-resistant and unpredictable, the probability of an adversary dominating a subsequent committee decreases exponentially even if the current PoENF committee is compromised.
3.2. Network Model
EconLedger relies on a permissioned network, and we assume that the system administrator is a trust oracle for maintaining global identity profiles for all valid nodes. We adopt a standard asymmetrical algorithm such as Rivest–Shamir–Adleman (RSA) for key generation () and digital signature scheme (, ). During the registration process, signing-verification key pair is generated by PKI and assigned to the authorized node . Additionally, a node’s public key is associated with its credit stake , where is the maximum value of credit stake defined by the system. Therefore, all registered nodes can be represented as , where n is the total number. As the above security assumptions depend on the system administrator’s behavior, our EconLedger is a partially decentralized blockchain model.
EconLedger assumes a synchronous network environment. Operations in consensus protocol are coordinated in rounds with upper bounded delay
. Thus, the time is divided into discrete
, which can be indexed by logical clocks
to synchronize the events in a distributed system [
34]. Given a certain tick
, slot
represents the length of time window to measure
. The time window of
should be sufficient to guarantee that the message transmitted by a sender is received by its intended recipients (accounting for local time discrepancies and network delays). Thus, we require
in order to ensure the liveness of consensus protocol.
3.3. Hybrid On-Chain and Off-Chain Storage
To address issues of high storage overhead incurred by directly saving raw data into DLTs, EconLedger utilizes a hybrid on-chain and off-chain storage solution.
Figure 2 illustrates the block and off-chain data structure used in EconLedger. The block is the basic unit of on-chain storage, which includes block header and the orderly transactions list. The
in the block header stores the hash root of a Merkle tree to maintain the integrity of all transactions. In each transaction, the
only stores references to the data rather than the data themselves. As references are hash values with fixed length such as 32 or 64 bytes, all transactions have almost the same size even if linked raw data have large sizes or require different formats, such as ENF signals or multimedia recordings.
Off-chain storage relies on a Swarm network in which all sites cooperatively construct a DDB system. In EconLedger, a site refers to a fog/edge server. The data uploaded to Swarm are cut into pieces called
chunks, which is the basic unit of storage and retrieval in the Swarm network. Each chunk can be accessed at a unique address, which is calculated by its hashed content. All data chunks use their chunk hash to construct a Merkel hash tree for which its root is the reference to retrieve raw data. Swarm implements a specific type of content addressed distributed hash tables (DHTs), called Distributed Pre-image Archive (DPA), to manage chunks across distributed sites. All Swarm sites have their own base addresses with the same size as the chunk hash, and the sites closest to the address of a chunk not only serve information about the content but actually host data [
35]. All sites in the Swarm network use the Kademlia DHT protocol [
36], which synchronizes chunks in a P2P manner, to ensure data persistence and redundancy.
4. PoENF: A Proof-of-ENF Consensus Protocol
In this section, basic notations used in protocol design are clearly defined and explained. Then, an overview of PoENF consensus protocol is illustrated so that the reader can understand key components and workflow. Following that, we offer details on Byzantine resistant PoENF algorithms in block generation along with a voting-based chain finality. Finally, we also describe incentive mechanisms including rewards and punishment strategies given by mathematical analysis.
4.1. Basic Notation
Table 1 describes relevant notation used in PoENF model. To model sequential events in synchronous consensus rounds, a set of subsequential slots are used to define
, which is represented as
, where
, and epoch size
R is a value of multiple unit slot
. A
(
) is a valid node that is qualified for being selected as a PoENF committee member. We define
to represent current PoENF committee, which is denoted as
, where
, and
K is the PoENF committee size. We use
to denote a predefined collision-resistant hash function that outputs hash string
.
Before introducing key features and components in the PoENF consensus protocol, several basic definitions are introduced as following.
Definition 1. Transaction is used to save data that are launched by a nodefor recording on the distributed ledger, and its structure is represented as, where the parameters are the following:
is a λ-bit-length hash string of transaction, which is calculated by;
is sender’s public key;
is time stamp of generating transaction;
is the informationenclosed by the transaction, such asor any byte strings;
is a signaturesigned by the sender’s private key.
Definition 2. Block is a basic data unit that encapsulates valid transactions and is always appended on the chain head. A block generated at slot () by validator is represented by , where the parameters are the following:
is a λ-bit-length hash string of previous Block, which is calculated by;
is the height of current block in blockchain (ledger);
is a root hash of a Merkle tree of;
is an orderly transactions list;
is a block created time stamp at the round;
is public key of validator;
is a signature, signed by validator.
We define a special block called Genesis Block that is represented as , where is the initial dynasty. Therefore, all on-chain data on the distributed ledger are organized as an ordered sequence of blocks starting from .
Definition 3. Blockchain (Distributed Ledger) is a partial order of blocks that is represented as indexed by strictly increasing slots . Each block uses its = to link with the previous block , and key parameters are the following:
: the length of the chain denoted to count the number of blocks between the genesis block and the confirmed block ;
: the head of the chain denoted , where is the last confirmed block that is extended on finalized main chain.
4.2. PoENF Committee Consensus Protocol: Overview
Figure 3 is an overview of the PoENF consensus protocol, which includes the distributed ledger structure and PoENF committee consensus workflows. The distributed ledger in EconLedger follows a tree structure originated from the genesis block. Each new block extends its chain path through
to point to a parent block. All nodes in such a ledger tree can be represented as confirmed blocks (blue) or finalized blocks (red), as the upper part of
Figure 3 shows. The chain height follows a strictly increasing sequence of finalized blocks; therefore, a valid path can only proceed through those red nodes. The head of a blockchain is anchored on a recently confirmed block that has linked to a finalized chain with the largest height value.
At the configuration stage, the system administrator specifies a group of validators as the initial PoENF committee to initialize an EconLedger network. The lower part of
Figure 3 demonstrates workflows of the PoENF committee consensus protocol, including the dynasty cycle and the epoch cycle. A dynasty cycle starts from committee selection and ends when the global randomness string of current dynasty has been updated by the randomness change process. At the beginning of a dynasty’s lifetime, the committee selection process uses the current global randomness string as a seed for committee election protocol, which exploits a Verifiable Random Function (VRF) based cryptographic sorting scheme [
37]. Given the credit weights of all nodes,
K validators are randomly chosen to construct a new PoENF committee
D, which will be added to the current block. Finally, validators of new
D establish a fully connected P2P consensus network and start a new dynasty cycle.
For each epoch cycle, PoENF block generation and chain finality are core functions that ensure liveness and termination in continuous consensus rounds. By calculating a squared distance of ENF proofs from validators, the PoENF mechanism determines that a validator with the minimal squared-distance-based score can generate a valid block in the current block proposal round. After n rounds of block proposal, chain finality relies on a voting-based chain finality mechanism to resolve fork issues caused by conflicting confirmed blocks and finalizes the history of ledger data by using a unique chain path.
At the end of current dynasty, PoENF committee members utilize the RandShare mechanism to cooperatively reach agreement on proposing a new global randomness string. As a distributed randomness protocol, RandShare adopts Publicly Verifiable Secret Sharing (PVSS) [
38] to ensure unbiasability, unpredictability, and availability in public randomness sharing. The proposed unbiasable and unpredictable global randomness string will be updated as the new seed for the committee selection process of the sub-sequential dynasty.
4.3. PoENF-Based Block Proposal Mechanism
The PoENF-based block proposal mechanism is mainly responsible for generating candidate blocks and extending them along a finalized chain path. Following the principles of chain-based Nakamoto protocols, the PoENF algorithm simulates a virtual mining method by pseudorandomly specifying a validator of committee as the slot leader to generate a block. To generate a block, a validator must present an ENF proof that has the minimum squared distance score in current round. All honest validators accept valid blocks and ensure that only one block is extended on the finalized main chain of local distributed ledger.
4.3.1. Transactions Pooling
Given a certain period of sliding window for ENF collection, each validator collects transactions from valid nodes. If a transaction stores reference that point to ENF proof, it is an ENF proof transaction. In the current block generation round, each node is required to send only one ENF proof transaction. After receiving the broadcasted transactions, each validator verifies buffered transactions according to predefined conditions:
- (i)
Transaction sender and by using the sender’s public key ;
- (ii)
ENF proof sent by should not exist in the transactions pool;
- (iii)
Time stamp must fall into current time slot.
The condition (i) prevents transactions from invalid nodes or any malicious modification, while conditions (ii) and (iii) are mainly for preventing duplicated ENF proof in current period time slot. After the verification process, only valid transactions are cached as local transaction pools denoted as , where N is the transactions pool size. The validator also uses condition (iii) to regularly check the local transaction pool and removes outdated transactions that have not been recorded in the latest confirmed block.
4.3.2. PoENF Consensus Algorithm
Given current transactions pool , the validator chooses all ENF-proof transactions generated by committee members to construct an ENF-proof transactions list , where K is the committee size. An ENF proof is a vector , where is the ENF sample value, and d is the samples’ size. By using that is stored in the parameter of , the sent by can be fetched from off-chain storage. Thus, each can locally maintain a set of collected ENF proof vectors , where .
In order to become a slot leader and propose a new block in the current block proposal round,
must show that its ENF proof
can solve a PoENF puzzle problem. Intuitively, the goal of PoENF puzzle problem is to choose the
that deviates the least from all ENF proofs in
based on their relative distances, which are computed with the Euclidean norm. However, a single Byzantine validator can force the PoENF algorithm to choose any arbitrary ENF proof by sending a poisoned
that is too far away from other ENF proofs. Therefore, our PoENF algorithm adopts the Krum aggregation rule to provide the
-Byzantine resilience property [
39].
For each
, let
include
collected ENF proofs from PoENF committee members, and at most only
f is sent by Byzantine nodes. For any
, let
denote the fact that
belongs to the
closest ENF proofs to
. Then, we define the ENF score for
.
Equation (
1) calculates ENF scores
associated with validators
to
, respectively, and applies the Krum rule to select the minimum ENF score as follows.
Finally, the PoENF puzzle problem is formally defined as the following.
Definition 4.
Proof-of-ENF: Given collected by validator , the process of PoENF verifies whether a valid ENF proof can meet the condition . If it does, wins the leader election and is qualified to propose a block; otherwise, the blocks generated by any are rejected.
Given the above definitions, the PoENF-enabled block generation procedures are presented in Algorithm 1. During the current block generation round slot
, each validator
executes the
function to propose a candidate block according to its collected ENF proofs in the transactions pool. If the ENF score
is not greater than the target value
, then
can create a new block and broadcast it to the network. Otherwise, they are only allowed to verify blocks from other validators until the current round finished. The closer
is to
, the higher probability that
can propose a new block.
Algorithm 1 The PoENF-based block generation procedures. |
- 1:
procedure: generate_block() - 2:
- 3:
- 4:
MTree - 5:
ENF_vect - 6:
- 7:
for in do - 8:
- 9:
.append() - 10:
end for - 11:
- 12:
if then - 13:
new_block ← - 14:
Sign( - 15:
return () - 16:
end if - 17:
procedure: verify_block(new_block, ) - 18:
if Verify_Sign( OR - 19:
Verify_TX( then - 20:
return - 21:
end if - 22:
hc - 23:
if OR - 24:
then - 25:
return - 26:
end if - 27:
ENF_vect - 28:
- 29:
for in do - 30:
- 31:
.append() - 32:
end for - 33:
- 34:
if then - 35:
return - 36:
end if - 37:
return
|
In block verification process, each validator calls the function to determine whether or not the received can be accepted and appended to chain. The checks if a sent by has a valid signature , while validates that all transactions recorded in are sent from valid nodes and have the same Merkle tree root as . After validating that is generated in the current round slot with the correct chain header, a PoENF algorithm verifies if has a valid ENF proof with minimum score. If all conditions are satisfied, the is accepted into confirmed status, and updates the head of local chain as accordingly. Otherwise, the is rejected and discarded.
4.3.3. Chain Extension Policies
In a PoENF block generation round, validators extend the local chain based on a “largest height of confirmed block” rule, which requires that new blocks are only appended to by letting . The PoENF process allows that the probability of a block generated by validator is related to the rank of its ENF proof among the global ENF proof vectors G. However, observed by validator may vary due to network latency or misbehavior of Byzantine nodes. Thus, it is hard to guarantee that only one block is proposed during each slot round, and the amount of candidate blocks could be between zero and the committee size K. Given the candidate blocks number , the chain extension rules are described as follows:
- (i)
: If there is only one proposed candidate block , then the block is accepted as confirmed status and updates the chain head as .
- (ii)
: If more than one candidate blocks are proposed, then all blocks are accepted as confirmed status. The update follows two sub-rules:
- (a)
Chain head points to a block that records most ENF proof transactions among other blocks;
- (b)
For the candidate blocks having ENF proof transactions of the same size, the block generated by validator that has the largest credit value becomes the chain head.
- (iii)
: If none of the validators proposes a block at the end of current slot round, block generation follows a spin manner. As validators of current committee can be sorted by account address, we can calculate (mod K). Thus, a validator at rank can also propose a candidate block in the current round. The chain head update process follows the rule i) .
Rule (i) covers a basic scenario to ensure that a new blocks is extended on the chain head. Rule (ii) handles the conflicting chain head update scenario when multiple validators propose valid blocks when they have different global ENF proof vectors G. It also discourages dishonest behaviors by using a smaller G to win the right to block proposal. Rule (iii) guarantees liveness in PoENF consensus process such that at least one uniform block is generated to ensure chain extension even if a leader cannot propose a new block due to crash failures or attacks.
4.4. Voting-Based Chain Finality Mechanism
Since fork issues are caused by network latency or deliberate attacks, the block proposal mechanism will inevitably produce multiple conflicting blocks, which are children blocks with the same parent block. Therefore, those proposed blocks are in fact form an ever-growing
block tree structure, as the upper part of
Figure 3 shows. At the end of an epoch, the
with epoch height becomes a checkpoint that is used to resolve forks and to finalize chain history. Inspired by Casper [
24] and Microchain [
40], our EconLedger finality process adopts a voting-based finality mechanism overlaying the PoENF block generation to commit checkpoint block and finalize the already committed blocks on the main chain.
The chain finality protocol is mainly for identifying a unique chain path on block tree by choosing a single child block from multiple children blocks with a common parent block. For efficiency purposes, the chain finality protocol is only executed on checkpoint blocks rather than the entire block tree, and committee members vote for hashes of blocks instead of entire block contents. The chain finality ensures that only one path, including finalized blocks, becomes the main chain. Therefore, blocks generated in the new epoch are only extended on such a unique main chain.
4.5. Incentives and Punishment Strategies
Although the contributions of this manuscript include performance improvement and security guarantees by EconLedger, this section briefly discusses incentive design while leaving detailed analysis for future investigation. EconLedger uses an incentive mechanism to reward validators who behave honestly and make contributions in the PoENF block generation and chain finality process. At the end of a block generation cycle, transactions fees included in the confirmed block construct a rewarding fees pool that can be distributed to all validators in the current round. The incentive mechanism uses ENF score to evaluate a validator’s contribution, and reward fees that are distributed to
are proportional to its ENF score
. Let
denote ENF scores, the reward rule is defined as follows:
where
is the reward fee that
obtains from the total reward fees
during current block generation round. The smaller the ENF score of a validator, the higher the reward fees it can gain. As the variations of ENF proofs from all honest nodes are trivial during ENF collection time, collected rewarding fees in
are almost evenly distributed to honest contributors. As ENF fluctuations are randomly generated from power grids and vary at different times, Byzantine nodes can only gain marginal benefits by using duplicated or arbitrary ENF proofs that have large ENF scores.
In addition to rewarding fees, the credit stake of a honest validator will also increase by one as a reputation reward. The higher the credit stake c, the higher the probability that a validator is selected as a PoENF committee member. Unlike PoS, credits in EconLedger are not directly associated with any type of currency, and they are not transferable in any format of transactions. Therefore, all users are encouraged to behave honestly to gain more benefits by increasing their reputation credits. Moreover, credit stake c of a node cannot excel an upper-bounded limitation , for instance, no more than 10. Therefore, an adversary cannot simply accumulate its credit stake to achieve mining centralization and then control the majority power of the network.
A punishment strategy is also designed to discourage dishonest behaviors, such as withholding its ENF proof, proposing multiple blocks in current round, or violating chain extension rules. After PoENF committee selection, each must deposit a fixed amount of fees to its security stake. If any misbehaving actions in consensus process are detected, the balance of will be slashed as punishment. In addition, its credit stake also decreases by one. Given the assumption that an adversary can only compromise no more than f nodes on the network, the slashing security deposit rule can increase financial cost if attackers use these compromised nodes to disturb consensus protocol, while reducing credit stake results in the lower probability that Byzantine nodes can be selected as committee members.
5. Experiment and Evaluation
In this section, a proof-of-concept prototype implementation and experimental configuration is described. Following that, we evaluate Econledger based on numerical results in terms of network latency, computation overhead, and communication throughput. Then, comparative experiments based on benchmark blockchain platforms are performed to show performance improvement. Finally, we analyze the performance and security properties provided by EconLedger.
5.1. Prototype Implementation and Experimental Setup
To verify the proposed EconLedger, a concept-proof prototype is implemented in Python, which consists of approximately 3100 lines of code. We adopted Flask [
41], which is a light micro-framework for Python application, in order to implement networking and web service APIs for EconLedger node. All cryptographic functions are developed on the foundation of standard python lib: cryptography [
42], such as using RSA for key generation and digital signature and using SHA-256 for all hash operations. As a lightweight and embedded SQL database engine, SQLite [
43] is adopted to manage on-chain storage, such as ledger data and peering nodes information.
Table 2 describes the devices used for the experimental study. The prototype is deployed on a small-scale local area network (LAN) that consists of multiple desktops and IoT devices. The prototype of EconLedger emulates an office building setting: a Dell Optiplex-7010 functions as a monitor server to collect data from scattered IoVT services deployed at different locations of the building, while all Raspberry Pi (RPi) boards play the role of edge devices that process raw video streams from separate cameras. All devices can work as validators and perform the PoENF consensus protocol. Dell Optiplex 760 desktop functions as edge server, and five desktops are configured as sites in our private Swarm network. To initiate comparative evaluation between EconLedger and existing blockchain benchmarks, test cases are also conducted on Ethereum [
44] and Tendermint [
45] networks. In our private Ethereum network setup, six miners are deployed on six separate desktops. Tendermint runs on a test network with 20 validators, and each validator is hosted on a RPi device.
5.2. Performance Evaluation
In order to evaluate the performance of the running EconLedger under an IoVT-based edge network environment, a set of experiments is conducted by executing multiple complete epoch cycles of PoENF consensus protocol within a dynasty. The computation costs by message encryption and decryption are not considered during the test. As Krum in PoENF requires and voting-based chain finality depends on a majority condition that requires , the minimum PoENF committee size is five members such that any can meet both security requirements. Given 60 s per sliding window used in ENF fluctuations extraction, we let the ENF proof vector size d = 60. We conducted 100 Monte Carlo test runs for each test scenario and used the average of results for evaluation.
5.2.1. Network Latency
Figure 4 presents the network latency for EconLedger with respect to completing an entire epoch round of PoENF consensus protocol given the number of validators varying from 5 to 20. For each test point, we let all validators perform tasks simultaneously and waited until the bundle of tasks is finished. The latency includes the round trip time (RTT) and service processing time on the remote host. Broadcasting an ENF
needs
communication complexity and
computation complexity for verification. Thus, the total complexity is
such that latency of ENF collection
is linearly scale to committee size
K. Chain finality requires all validators to broadcast their vote among committee members so that it has the same complexity as ENF collection. Thus, the delay of chain finality
is almost linear scale to
K.
The green line in
Figure 4 shows the latency of block proposal
, which indicates how long a proposed block could be accepted by all validators in the PoENF committee. The communication complexity of block proposal is
, which is similar to ENF collection and chain finality. However, during block generation and verification processes, PoENF algorithm requires a validator using Equation (
1) to compute ENF scores based on collected proofs from others, and it has computation complexity of
. As a result, the total complexity of block proposal is
. In general, ENF samples size
d is a small value such as 60, and it has less effect on computation cost than
K does. Thus,
is almost linearly scaled relative to
. The total latency shows that EconLedger takes about 2 s to finish an epoch cycle of PoENF committee consensus
given the committee size
.
5.2.2. Computation Overhead
Figure 5 shows service processing time of key procedures in PoENF consensus given different platform benchmarks. As verifying a tx or vote only involves
computation complexity, the service processing time is almost stable (about 2 ms for tx verification and 50 ms for vote verification) on all benchmarks. Compared to tx verification, which simply checks the validity of a tx then buffers it into system memory, vote verification involves more computation on resolving forks and database operations to store valid votes. Thus, vote verification incurs more latency than tx verification does. As the most computing intensive stages, both block mining and verifying rely on procedures in PoENF consensus algorithm with the computation complexity of
. Therefore, the computation cost on all devices dramatically increases as
K is scaled up. Given different computation capacity of benchmarks, RPi-4 needs
processing time than Desktop does.
5.2.3. Data Throughput
In order to evaluate overhead of running EconLedger on communication channel, we considered volumes of message propagation and data throughput during key steps of the PoENF consensus protocol.
Figure 6 demonstrates data transmission for different stages of PoENF consensus with varying committee size. In our EconLedger prototype, each ENF transaction has fixed size
= 430 Bytes, and a vote has fixed size
= 589 Bytes. Given the total communication complexity of
in both ENF collection and chain finality, data transmission of ENF collection is
=
, and the data transmission of chain finality is
=
. Thus, communication overheads incurred by ENF collection and chain finality are linearly scaled to
.
Each block has a fixed header = 613 Bytes along with a transactions list with size = , and we can obtain block size = . Therefore, the block size is linearly scaled to K. Assuming an ideal case that only one valid block is proposed during each epoch cycle, data transmission of block proposal is = = such that communication overhead is almost scaled to . On the other hand, for the worst case that every validator proposed a candidate block such that = , huge communication cost scaling up K can be introduced.
The data throughput could be specified as
(KB/s), where KB/s means KBytes per second. With variant committee sizes, the corresponding block size and data throughput are calculated as shown in
Table 3. Given a fixed ENF transaction size, increasing the committee size allows committing more ENF proofs and, therefore, reach a higher data throughput at the cost of latency. In the test case of
, EconLedger implies a theoretical maximum data rate of 283 KB/s, which can meet bandwidth conditions in a majority of LAN-based IoVT systems.
5.3. Comparative Evaluation
As a key parameter in blockchain network, transaction committed time indicates how long a can be finalized in a new block on distributed ledger, and it is closely related to block confirmation time in consensus protocol. Given different blockchain benchmarks, we evaluate the end-to-end time latency of committing transactions along with other key performance metrics. For Ethereum, we used smart contract to record transactions on blockchain. For the Tendermint network, we used the built-in kvstore as an ABCI (Application BlockChain Interface) app to save transactions.
We conducted 50 Monte Carlo test runs, where a node sends a 1KB
per second (TPS) to the blockchain network and waits until
has been confirmed on the distributed ledger.
Figure 7 shows the distributions of time delay for committing transactions given different blockchain networks. Each green bar indicates standard deviation with a mean represented by a red dot. The gray line shows the entire data range, and the black star is the median. Tendermint uses a BFT consensus protocol to achieve high efficiency; therefore, the mean of
committed time is about 3 s given one voting round per second. Unlike Tendermint, Ethereum relies on probabilistic PoW consensus, which has variable block confirmation times. Thus,
committed time in the Ethereum network varies with largest standard deviation. To guarantee synchronous epoch rounds for PoENF consensus, we set
conservatively to 2 s based on the maximum time to ensure txs and blocks propagation in a P2P consensus network, including 20 validators. Hence, the range of latency in EconLedger is smaller than Ethereum, and
committed time is almost stable (about 5.5 s).
Table 4 provides a comprehensive performance of committing transactions on different blockchain networks regarding several key performance matrices. Given the above
committed time, which uses the mean in
Figure 7, the tx rate
is evaluated by calculating how many tx can be processed per second in the blockchain network. The Ethereum block size is bounded by how many units of gas can be spent per block, which is known as the block gas limit [
46]. Currently, the maximum block size is around 12,000,000 gas (accessed at 20 July 2020), and the base cost of any transaction is about 21,000; thus, each block in Ethereum can include about 571 transactions. In our private Ethereum network, we can obtain the
rate as (571.4/4.6) ≈ 124 tx/s. Tendermint and EconLedger both use fixed 1MB block. Given 1 KB per transaction, a block in Tendermint can store a maximum of 1000 transactions; thus, the tx rate is about (1000/2.9) ≈ 344 tx/s. For EconLedger, each transaction is about 430 bytes such that a block can record the maximum of 2400 transactions, then it achieves higher tx rate at around (2400/5.5) ≈ 436 tx/s.
In order to evaluate resource consumption by running blockchain benchmarks, we used the “top” command to monitor system performance of machines. We considered CPU and memory usage on Desktop (Ethereum miner) and Rpi (Tendermint and EconLedger validator). Due to computation intensive PoW algorithm, the mining process of Ethereum almost occupies full CPU capacity and consumes about 1.2 GB memory. Therefore, such a huge computation cost prevents resource constrained edge devices mining in Ethereum network. Unlike Ethereum, Tendermint and EconLedger use lightweight consensus algorithms to achieve efficiency in CPU and memory usage such that they are both suitable for deploying validators on edge devices. EconLedger almost has the same amount of memory usage as Tendermint in terms of running time. However, EconLedger has the higher committed time than Tendermint does, and it only needs 40% of the computation resource that Tendermint does.
5.4. Performance and Security Analysis
This section analyzes performance improvements given by the above experimental results and highlights the advantages of EconLedger compared with existing consensus protocols. Then, we evaluate security guarantees regarding committee selection and consensus algorithm. Finally, we list possible attacks and explain how EconLedge can prevent or mitigate these potential risks.
5.4.1. Performance Improvements
Given the above numerical results in terms of processing time and running time resource usages, our PoENF consensus is more computationally efficient than the PoW-based methods. Such a lightweight property of PoENF is promising for reducing energy consumption in mining processes and can lower demands on system capability for participants. Thus, resource-limited IoVT devices can directly work as validators (miners) rather than depending on support from an intermediate consensus layer by outsourcing mining tasks on fog networks or cloud servers. Compared with these hardware dependent solutions, such as REM based on Intel SGX and PoR requiring large local storage, our PoENF consensus relies on a platform independent algorithm to extract ENF-containing multimedia signals from recordings as ENF proofs. Therefore, it is promising to address heterogeneity issues as we integrate blockchain technology with IoVT systems that include multiple non-standard platforms.
EconLedger achieves communication efficiency by executing consensus protocol within a random selected PoENF committee. Such a small scale consensus network imposes low levels of data transfer overhead on IoVT systems at the network of edge, which has limited bandwidth. In addition, communication complexity for each validator is linearly scaled to PoENF committee size, as shown in
Figure 6. Thus, limited data transmission also means lower energy consumption on devices during communication handling tasks. Unlike non-scalable BFT-based solutions that rely on a pre-fixed set of validators, EconLedger aims to improve scalability by requiring a randomly elected consensus committee to delegate other nodes of the network. As a tradeoff, EconLedger is actually a partially decentralized blockchain network.
In EconLedger, raw data are saved into off-chain storage deployed on a DDB network, while only references of data are encapsulated into transactions that are finalized on distributed ledger (on-chain storage). As a reference is a fixed length of hash value disregarding format or size of the source data, such light transactions can be used to verified complicated data in use over IoVT systems, such as multimedia recordings, contextual information, and trained models, etc. Moreover, each tx has fixed and small size such that a block can record more txs. As a result, the txs rate increased given that the block confirmation time is stable.
5.4.2. Committee Randomness Security
We assumed that an adversary has limited capacity such that he/she is subject to the usual cryptographic hardness assumptions and honest nodes never share their keys with each other or disclose the input string x of the VRF function before the end of randomness generation. Therefore, members of a new committee could be completely random owing to the unpredictability property of the VRF-based randomness string generation. In addition, given the assumption that an adversary can only control up to f byzantine validators, the chain finality achieves safety by making agreements on checkpoints if current PoENF committee has no less than honest members. Therefore, the adversary has at most chance per round to control the checkpoint voting process. As a result, the probability that an adversary controls n consecutive checkpoint is upper-bounded by . For , the adversary will control at most ten consecutive chain finality runs.
5.4.3. PoENF Consensus Security
Unlike PoW and PoS consensus protocols that are vulnerable to mining centralization, whether a validator can become winner in current PoENF block proposal round depends on its ENF score rather than its controlled computation power or cryptocurrency stakes. Thus, an adversary cannot control the mining process by increasing investments on computation resource or owned coins. Moreover, the Krum rule adopted in ENF score calculation chooses closet ENF proofs and precludes the Byzantine proofs that are far away. Thus, all honest validators can output the same minimum ENF score as long as , and our PoENF can prevent against ENF proof positioning attacks.
In PoENF consensus, all honest validators only accept valid blocks generated in the current epoch round; thus, correctness (validity) is ensured. In addition, PoENF achieves consistency (agreement) by requiring all honest validators to update their local chain head according to chain extension policies. At the end of a PoENF block proposal round, every honest validator should either accept valid transactions that are saved into a confirmed block as the local chain header or reject all transactions by extending an empty block on local chain header. Such a liveness (termination) property ensures that all valid ENF transactions are processed within the block generation round. Furthermore, voting-based chain finality can guarantee safety, which requires all honest validators to form a same total order of finalized blocks appended on the global unique main chain.
5.4.4. Analysis of Possible attacks
1. Double spending attacks: In a double spending scenario, an adversary attempts to revert a transaction that has been finalized on the distributed ledger. In Econledger, a voting-based chain finality mechanism ensures the total order and persistence of data recorded on the distributed ledger. Thus, once a transaction is finalized in the checkpoint block, all other honest validators will work on the finalized main chain and disregard any double spending transactions from attackers.
2. Free-riding attacks: There is a possibility of free-riding attacks that some lazy nodes only gain benefits by using the security service without fulfilling their responsibilities in the EconLedger network, such as forwarding messages or submitting ENF proofs. The punishment strategies can prevent against free-riding attacks by reducing credit stake of dishonest nodes or even isolating them from the entire network.
3. Selfish-mining attacks: In a selfish-mining attack, the adversary tries to withhold blocks and release them strategically to reduce chain growth and increase the relative ratio of his proposed blocks. In PoENF consensus, only valid blocks generated in the current round can be accepted by honest validators, while those outdated blocks are discarded. Moreover, withholding blocks is a type of misbehavior in PoENF, and it decreases both profits and credit of a dishonest node. Therefore, selfish-mining is unprofitable for rational validators according to reward and punishment strategies.
4. ENF-proof replay attacks: The adversary can launch replay attacks by sending duplicated ENF proofs. As ENF fluctuations of power grid vary as time changes, the duplicate ENF proofs generally output large ENF scores. As a result, these Byzantine validators have marginal chances to propose valid blocks. Furthermore, ENF-proof replay attacks can be detected by analyzing ENF proofs on EconLedger. Thus, identifying misbehavior and isolating suspicious nodes can improve system robustness, while we leave ENF-based detection topics to future work.
6. Conclusions
This paper presents EconLedger, a lightweight and secure-by-design distributed ledger to enhance trust and security properties for smart IoVT systems at the edge. The EconLedger combines an efficient PoENF consensus mechanism with a deterministic voting-based chain finality in order to achieve safety and liveness. By using on-chain ledger and DDB enabled off-chain storage, the EconLedger network reduces storage overheads on validators and guarantees security and resilience of data sharing in a distributed IoVT network. The experimental results based on a prototype demonstrate that it achieves higher computation efficiency and throughput than benchmarks.
The experimental results on the prototype are encouraging, but there still are open issues to solve before developing a practical solution in real-world video surveillance systems. Using ENF signals for proof of work in consensus process is creative, however, whether ENF variation extracted from multimedia is reliable given attacks on ENF recordings such as synchronizing ENF and injecting into raw video/audio data or colluding among adversaries by sharing ENF data, is still an open question. Thus, our ongoing efforts include validating the proposed architecture in a real-world video streamscontext, simulating attack scenarios such as using AI enabled methods to generate fake ENF recordings, and ensuring overall efficiency and security.
In addition, validators in EconLedger system cannot directly obtain cryptocurrency rewards though PoENF consensus, but they can gain benefits from transaction fees. As a punishment strategy, slashing security deposits can increase financial cost if the adversary uses sybil nodes to disturb consensus protocol. However, there are open questions on the incentive mechanism. Our future work will use game theory to evaluate how incentive mechanisms can enhance system robustness and security.
Moreover, our EconLedger solution aims to provide a lightweight and security distributed ledger under a small-scale IoVT network, such as a campus. However, it still requires more investigation on how to apply EconLedger at a large-scale application scenario, such as smart cities or smart grids. Another future investigation for our team is designing scalable blockchain infrastructure that relies on a hierarchical framework in order to federate multiple privately distributed ledgers.