ARK Core relies on an implementation of the PBFT algorithm to achieve consensus. The way it works is that 2/3 of nodes on the network agree on the current state of the blockchain and then a random validator goes ahead and forges a new block. This block is then broadcasted to all nodes on the network and cryptographically verified before adding it to the blockchain.
There's a few issues with this approach is that make it easy to tamper with it. Lets quickly summarise some of the flaws that enable tampering with the consensus.
- Any validator can broadcast a block for the next expected height and if it somehow manages to get accepted the next block might end up getting rejected and the blockchain could be permanently corrupted.
- Double forging is a common issue that is caused by validators running multiple validator nodes for redundancy and forging the same block multiple times on different nodes. This block is then broadcasted with slightly different data from each of the validators nodes and the network doesn't know which block to accept which then results in a hiccup for the network.
- All nodes on the network participate in reaching the 2/3 consensus. This makes it extremely easy to tamper with the consensus because you can spin up hundreds of relays that disagree with the current state of the blockchain and thus cause the 2/3 to never be reached.
Now that we know what the biggest issues with the current consensus are we can think about how to resolve those issues to make it more secure and tamper proof.
Instead of relying solely on the state of the blockchain to allow a validator to forge a block there have to be additional guards or anyone can forge and broadcast any block. Odysseia addresses this by introducing block proposals and the requirement for consensus before a block is created, similar to how Tendermint does it.
When a validator starts their slot they'll propose a block. This proposal is broadcasted to all nodes on the network. After a validator receives the proposal they'll evaluate it and if they agree that it should be the next block they'll sign it and broadcast their signature to all nodes on the network.
As described in the previous section; Odysseia no longer lets anyone blindly forge and broadcast blocks. Because validators now agree to what the next block should be before it is forged we no longer run into an issue with double forging - enabling validators to run more redundancy servers without having to worry about them.
A validator could propose 5 blocks because they run 5 validator nodes for redundancy but validators only agreed on the block from 1 of those 5 nodes. This means that at the time of broadcast only 1 of those blocks will be accepted based on the consensus rules and every other block will be discarded.
We've established that validators can no longer just forge when they get the OK from all nodes, instead they need to propose a block that all validators agree to before it is created. Once all signatures have been collected and verified the validator will forge but there's a catch to this.
Consensus is only reached if 2/3 of validators agree to the block by cryptographically signing it. If consensus can't be reached for a block it'll be skipped and the next validator will propose a block for the same height that was skipped. Because only validators participate in this process it is more secure and 1/3 of validators would have to become malicious to cause consensus not to be reached.