How to Trust Strangers
Trust is the basis of any distributed, fault-tolerant, or secure system. A trust assumption specifies the failures that a system, such as a blockchain network, can tolerate and determines the conditions under which it operates correctly. In systems subject to Byzantine faults, the trust assumption is usually specified through sets of processes that may fail together. Trust has traditionally been symmetric, such that all processes in the system adhere to the same, global assumption about potential faults. Recently, asymmetric trust models have also been considered, especially in the context of blockchains, where every participant is free to choose who to trust.
Now consider two or more systems, run by different and possibly disjoint sets of participants, with different assumptions about faults: how can they work together?
In recent work, co-authored by Orestis Alpos and Luca Zanolini, we show how to compose such trust assumptions in a generic way. This paper will be published at SRDS 2021 and answers this question for the first time.
We offer composition rules for symmetric and for asymmetric quorum systems, which are static and do not require interaction or agreement on the new trust assumption among the participants. Moreover, they ensure that if the original systems allow for running a particular protocol (guaranteeing consistency and availability), then so will the joint system. At the same time, the composed system tolerates as many faults as possible, subject to the underlying consistency and availability properties.
Read more about composing trust assumptions.