Proof of Authority consensus
In blockchain platforms, consensus mechanisms can be divided into permissionless (eg., Ethereum, Bitcoin) and permissioned (eg Hyperledger, Ethereum Private). Unlike permissionless blockchain where anyone can become node, in permissioned blockchain all nodes are pre-selected. This allows to use consensus types with high scalability and bandwidth. One of these consensus types is Proof-of-Authority (PoA) consensus which provides high performance and fault tolerance. Term was proposed in 2017 by co-founder of Ethereum and Parity Technologies Gavin Wood.
Working of PoA :
- In PoA, rights to generate new blocks are awarded to nodes that have proven their authority to do so. These nodes are referred to as “Validators” and they run software allowing them to put transactions in blocks. Process is automated and does not require validators to be constantly monitoring their computers but does require maintaining the computer uncompromised. PoA is suited for both private networks and public networks, like POA Network, where trust is distributed.
- PoA consensus algorithm leverages value of identities, which means that block validators are not staking coins but their own reputation instead. PoA is secured by trust on the identities selected.
PoA consensus and common attacks :
- Distributed Denial-of-service attacks(DDos) :
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. An attacker sends large number of transactions and blocks to targeted network node in an attempt to disrupt its operation and make it unavailable.
PoA mechanism makes it possible to defend against this attack because network nodes are pre-authenticated, block generation rights can be granted only to nodes that can withstand DoS attacks.
- 51% attack :
In PoA consensus, 51% attack requires an attacker to obtain control over 51% of network nodes. This is different from 51% attack for the Proof-of-Work consensus types where an attacker needs to obtain 51% of network computational power. Obtaining control of the nodes in permissioned blockchain network is much harder than obtaining computational power.
With PoA, individuals earn right to become validators, so there is an incentive to retain position that they have gained. Validators are incentivized with reputation which lets them retain their authority as a node. PoA only allows non-consecutive block approval from any one validator, meaning that the risk of serious damage is centralized to the authority node.
Conditions for PoA consensus :
- PoA consensus may vary according to different implementation but generally they are applied through the following conditions :
- Validators need to confirm their real identities.
- A candidate must be willing to invest money and put his reputation at stake. A tough process reduces risks of selecting questionable validators and incentivize long-term commitment to the blockchain.
- Method for selecting validators must be equal to all candidates.
- Identity of validators must be verified to maintain integrity of blockchain. Some sort of process should be their to select honest validators.
Advantages of PoA consensus :
- High risk tolerance as long as 51% of the nodes are not acting maliciously.
- Interval of time at which new blocks are generated is predictable. For PoW and PoS consensuses, this time varies.
- High transaction rate.
- Far more sustainable than algorithms like Proof of Work which require computational power.
- PoA is not decentralized but is just an effort to make centralized systems more efficient.
- PoA validators are visible to anyone. Knowing validators identities could potentially lead to third-party manipulation.
Application of PoA consensus :
- PoA consensus algorithm may be applied in variety of scenarios and is deemed great option for logistical applications such as supply chains.
- Proof of Authority model enables companies to maintain their privacy while availing benefits of blockchain technology. Microsoft Azure is another example where PoA is being implemented. Azure platform provides solutions for private networks, with system that does not require native currency like ether ‘gas’ on Ethereum, since there is no need for mining. Azure nodes are pre-selected.