The Tragedy of Chain Commons

Abstract

Byzantine Fault Tolerant (BFT) consensus forms the foundation of many modern blockchains striving for both high throughput and low latency. A growing bottleneck is transaction execution and validation on the critical path of consensus, which has led to modular decoupled designs that separate ordering from execution: Consensus orders only metadata, while transactions are executed and validated concurrently. While this approach improves performance, it can leave invalid transactions in the ledger, increasing storage costs and enabling new forms of strategic behavior. We present the first systematic study of this setting, providing a formal framework to reason about the interaction between consensus and execution. Using this framework, we show that the decoupled design enables a previously unidentified attack, which we term gaslighting. We prove a fundamental trade-off between resilience to this attack and resource capacity utilization, where both are impossible to achieve deterministically in the decoupled model. To address this trade-off, we discuss an intermediate model for leader-based protocols that is robust to gaslighting attacks while achieving high throughput and low latency.