Homomorphic Sortition – Secret Leader Election for Blockchain

by   Luciano Freitas, et al.

In a secret single leader election protocol (SSLE), one of the system members is chosen as a leader and no other member can know who the leader is, unless she decides to reveal herself. Leader-election oracles are known to be instrumental in designing efficient consensus protocols, and one can expect that secret leader election may help in developing long-lived blockchain systems that are secure with respect to the adaptive adversary. In this paper, we introduce secret leader sortition (SLS) that we believe to perfectly match progress and security expectations of proof-of-stake (PoS) blockchains. An SLS protocol produces an unpredictable permutation of system members that can be fed to an accompanying blockchain protocol in order to ensure deterministic finality. We describe Homomorphic Sortition, an SLS protocol based on Threshold Fully Homomorphic Encryption (ThFHE). An interesting novelty of our protocol is a cryptographic hash function evaluation under ThFHE and, somewhat surprisingly, we show that all ThFHE stimuli required for our protocol can be efficiently and proactively constructed in a parallelizable fashion. In contrast to existing secret leader election protocols, our SLS solution is purely asynchronous and it fairly leverages the stake distribution among the system members: the probability distribution for each position in the permutation is proportional to the stakes of remaining candidates. As we demonstrate, our SLS protocol seamlessly partners with a large family of PoS blockchain implementations.


page 7

page 12


Private Attacks in Longest Chain Proof-of-stake Protocols with Single Secret Leader Elections

Single Secret Leader Elections have recently been proposed as an improve...

Optimal Strategic Mining Against Cryptographic Self-Selection in Proof-of-Stake

Cryptographic Self-Selection is a subroutine used to select a leader for...

Winning the Caucus Race: Continuous Leader Election via Public Randomness

Consensus protocols inherently rely on the notion of leader election, in...

On the Feasibility of Sybil Attacks in Shard-Based Permissionless Blockchains

Bitcoin's single leader consensus protocol (Nakamoto consensus) suffers ...

ALDER: Unlocking blockchain performance by multiplexing consensus protocols

Most of today's online services (e.g., social networks, search engines, ...

DFINITY Technology Overview Series, Consensus System

The DFINITY blockchain computer provides a secure, performant and flexib...

Shared-Dining: Broadcasting Secret Shares using Dining-Cryptographers Groups

A k-anonymous broadcast can be implemented using a small group of dining...