Tilikum: Transaction Fair Ordering on a DAG without Weak Edges
Pith reviewed 2026-06-26 03:19 UTC · model grok-4.3
The pith
Tilikum achieves fair transaction ordering on DAGs without weak edges using median-based timestamp aggregation.
A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.
Core claim
Tilikum is a DAG-based ledger protocol that ensures fair transaction ordering without relying on weak edges. It achieves ordering linearizability by leveraging median-based timestamp aggregation, or batch order fairness, while maintaining low data redundancy and robust garbage collection. Implementation in Rust shows up to 39 times higher throughput than baselines such as Narwhal/Tusk, Pompē, Themis and FairDAG, and it fully blocks state-of-the-art DAG-specific reordering attacks.
What carries the argument
Median-based timestamp aggregation (batch order fairness) on a DAG without weak edges
If this is right
- Achieves up to 39 times higher throughput than other fair-ordering baselines.
- Fully blocks state-of-the-art DAG-specific reordering attacks.
- Maintains low data redundancy.
- Enables robust garbage collection.
Where Pith is reading between the lines
- The median aggregation method could be integrated into other DAG protocols to provide similar fairness.
- This could allow DeFi to scale on DAGs without sacrificing security against BEV extraction.
- Testing under different network latencies could further validate the approach.
Load-bearing premise
That the median-based timestamp aggregation ensures fair ordering linearizability and blocks reordering attacks without introducing new vulnerabilities or relying on unstated assumptions about the network or timestamps.
What would settle it
A successful reordering attack on a Tilikum ledger or measured throughput not exceeding the baselines under attack scenarios.
Figures
read the original abstract
Decentralized Finance (DeFi) applications rely heavily on the order in which transactions are executed, making them susceptible to reordering attacks that enable adversaries to extract Blockchain Extractable Value (BEV). While linear blockchain systems such as Ethereum have inspired extensive research into fair ordering mechanisms, DAG-based consensus protocols have remained largely unprotected despite their growing adoption for scalability and performance. In this paper, we introduce Tilikum, a DAG-based ledger protocol that ensures fair transaction ordering without relying on weak edges. Tilikum achieves ordering linearizability by leveraging median-based timestamp aggregation, or batch order fairness, while maintaining low data redundancy and robust garbage collection. We implemented Tilikum in Rust and evaluated it against representative baselines, namely Narwhal/Tusk, Pomp\=e, Themis and FairDAG. Our results show that Tilikum achieves up to $39\times$ higher throughput than other fair-ordering baselines, while fully blocking state-of-the-art DAG-specific reordering attacks.
Editorial analysis
A structured set of objections, weighed in public.
Referee Report
Summary. The paper introduces Tilikum, a DAG-based ledger protocol that ensures fair transaction ordering without relying on weak edges. It achieves ordering linearizability via median-based timestamp aggregation (or batch order fairness), with low data redundancy and robust garbage collection. Implemented in Rust, Tilikum is evaluated against Narwhal/Tusk, Pompé, Themis, and FairDAG, claiming up to 39× higher throughput while fully blocking state-of-the-art DAG-specific reordering attacks.
Significance. If substantiated, the result would be significant for protecting DeFi on scalable DAG protocols from BEV via reordering attacks. The approach of median-based aggregation without weak edges could offer a new design point for fair ordering in high-throughput ledgers. No machine-checked proofs, reproducible code, or parameter-free derivations are mentioned.
major comments (2)
- [Abstract] Abstract: the central claims of 'up to 39× higher throughput' and 'fully blocking state-of-the-art DAG-specific reordering attacks' are stated with no description of experimental setup, attack model, timestamp assumptions, or how median aggregation ensures linearizability. These claims are load-bearing for the paper's contribution but cannot be assessed from the provided information.
- [Abstract] Abstract: the weakest assumption—that median-based timestamp aggregation blocks reordering attacks without new vulnerabilities or unstated network/timestamp assumptions—is presented without any supporting argument or counterexample analysis, making soundness unverifiable.
Simulated Author's Rebuttal
We thank the referee for their comments on the abstract. We address each point below, noting that the abstract is a concise summary while the full manuscript contains the requested details on setups, models, assumptions, and analyses.
read point-by-point responses
-
Referee: [Abstract] Abstract: the central claims of 'up to 39× higher throughput' and 'fully blocking state-of-the-art DAG-specific reordering attacks' are stated with no description of experimental setup, attack model, timestamp assumptions, or how median aggregation ensures linearizability. These claims are load-bearing for the paper's contribution but cannot be assessed from the provided information.
Authors: The abstract provides a high-level summary of results, as is conventional. The experimental setup and throughput comparisons (against Narwhal/Tusk, Pompé, Themis, and FairDAG) appear in Section 6. The attack model, timestamp assumptions, and reordering resistance are defined in Section 3. How median-based aggregation ensures linearizability (including batch order fairness) is formalized in Section 4. These sections allow full assessment of the claims from the complete manuscript. revision: no
-
Referee: [Abstract] Abstract: the weakest assumption—that median-based timestamp aggregation blocks reordering attacks without new vulnerabilities or unstated network/timestamp assumptions—is presented without any supporting argument or counterexample analysis, making soundness unverifiable.
Authors: The abstract states the approach at a summary level. The supporting arguments, including why median aggregation blocks reordering attacks, analysis of potential new vulnerabilities, explicit network/timestamp assumptions, and counterexample considerations, are provided in Sections 3 (assumptions and threat model), 4 (protocol and linearizability arguments), and 5 (security analysis and attack evaluations). Soundness is verifiable from the full manuscript. revision: no
Circularity Check
No significant circularity; derivation chain not present in visible text
full rationale
The abstract and available text present Tilikum as an implemented protocol whose fairness properties are demonstrated via Rust evaluation against baselines (Narwhal/Tusk, Pompē, Themis, FairDAG) and throughput numbers. No equations, timestamp aggregation definitions, linearizability proofs, or self-citations appear in the supplied material. The central claim (median-based aggregation yields ordering linearizability) is stated as a design outcome rather than derived from prior fitted parameters or author-only uniqueness theorems. Without load-bearing steps that reduce to inputs by construction, the circularity score is 0.
Axiom & Free-Parameter Ledger
Reference graph
Works this paper leans on
-
[1]
Bitcoin: A peer-to-peer electronic cash system
S. Nakamoto. “Bitcoin: A peer-to-peer electronic cash system”. In: (2008)
2008
-
[2]
Ethereum: A secure decentralised generalised transaction ledger
G. Wood et al. “Ethereum: A secure decentralised generalised transaction ledger”. In:Ethereum project yellow paper151.2014 (2014), pp. 1–32
2014
-
[3]
DeFi: Decentralized finance-an introduction and overview
P. Schueffel. “DeFi: Decentralized finance-an introduction and overview”. In:Journal of Innovation Management9.3 (2021), pp. I–XI. 13
2021
-
[4]
2024.URL: https://explore
Flashbot.Flashbot MEV Explore. 2024.URL: https://explore. flashbots.net/ (visited on 06/12/2024)
2024
-
[5]
P. Daian, S. Goldfeder, T. Kell, Y . Li, X. Zhao, I. Bentov, L. Breidenbach, and A. Juels. “Flash boys 2.0: Frontrunning, transaction reordering, and consensus instability in decentral- ized exchanges”. In:arXiv preprint arXiv:1904.05234(2019)
Pith/arXiv arXiv 1904
-
[6]
Order- fairness for byzantine consensus
M. Kelkar, F. Zhang, S. Goldfeder, and A. Juels. “Order- fairness for byzantine consensus”. In:Advances in Cryptology– CRYPTO 2020: 40th Annual International Cryptology Confer- ence, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III 40. Springer. 2020, pp. 451–480
2020
-
[7]
Byzantine ordered consensus without byzantine oligarchy
Y . Zhang, S. Setty, Q. Chen, L. Zhou, and L. Alvisi. “Byzantine ordered consensus without byzantine oligarchy”. In:14th USENIX Symposium on Operating Systems Design and Im- plementation (OSDI 20). 2020, pp. 633–649
2020
-
[8]
Practical Byzantine Fault Tolerance
M. Castro and B. Liskov. “Practical Byzantine Fault Tolerance”. In:OSDI. 1999
1999
-
[9]
HotStuff: BFT consensus with linearity and responsiveness
M. Yin, D. Malkhi, M. K. Reiter, G. G. Gueta, and I. Abraham. “HotStuff: BFT consensus with linearity and responsiveness”. In:Proceedings of the 2019 ACM Symposium on Principles of Distributed Computing. 2019, pp. 347–356
2019
-
[10]
All you need is DAG
I. Keidar, E. Kokoris-Kogias, O. Naor, and A. Spiegelman. “All you need is DAG”. In:Proceedings of the 2021 ACM Symposium on Principles of Distributed Computing. 2021, pp. 165–175
2021
-
[11]
Narwhal and tusk: a dag-based mempool and efficient bft consensus
G. Danezis, L. Kokoris-Kogias, A. Sonnino, and A. Spiegelman. “Narwhal and tusk: a dag-based mempool and efficient bft consensus”. In:Proceedings of the Seventeenth European Conference on Computer Systems. 2022, pp. 34–50
2022
-
[12]
Bullshark: Dag bft protocols made practical
A. Spiegelman, N. Giridharan, A. Sonnino, and L. Kokoris- Kogias. “Bullshark: Dag bft protocols made practical”. In:Pro- ceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security. 2022, pp. 2705–2718
2022
-
[13]
Mahi-mahi: Low-latency asyn- chronous bft dag-based consensus
P. Jovanovic, L. Kokoris-Kogias, B. Kumara, A. Sonnino, P. Tennage, and I. Zablotchi. “Mahi-mahi: Low-latency asyn- chronous bft dag-based consensus”. In:2025 IEEE 45th International Conference on Distributed Computing Systems (ICDCS). IEEE. 2025, pp. 549–559
2025
-
[14]
Starfish: A high throughput BFT protocol on uncertified DAG with linear amortized communication complexity
N. Polyanskii, S. Mueller, and I. V orobyev. “Starfish: A high throughput BFT protocol on uncertified DAG with linear amortized communication complexity”. In:Cryptology ePrint Archive(2025)
2025
-
[15]
No fish is too big for flash boys! frontrunning on DAG-based blockchains
J. Zhang and A. Kate. “No fish is too big for flash boys! frontrunning on DAG-based blockchains”. In:2025 IEEE Annual Computer Security Applications Conference (ACSAC). IEEE. 2025, pp. 1065–1080
2025
-
[16]
Order Fairness Evaluation of DAG-based ledgers
E. Mahe and S. Tucci-Piergiovanni. “Order Fairness Evaluation of DAG-based ledgers”. In:arXiv preprint arXiv:2502.17270 (2025)
arXiv 2025
-
[17]
FairDAG: Consensus Fairness over Multi-Proposer Causal Design
D. Kang, J. Chen, T. T. A. Dinh, and M. Sadoghi. “FairDAG: Consensus Fairness over Multi-Proposer Causal Design”. In: VLDB. 2026
2026
-
[18]
Themis: Fast, strong order-fairness in byzantine consensus
M. Kelkar, S. Deb, S. Long, A. Juels, and S. Kannan. “Themis: Fast, strong order-fairness in byzantine consensus”. In:Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. 2023, pp. 475–489
2023
-
[19]
Mysticeti: Reaching the Latency Limits with Uncertified DAGs
K. Babel, A. Chursin, G. Danezis, A. Kichidis, L. Kokoris- Kogias, A. Koshy, A. Sonnino, and M. Tian. “Mysticeti: Reaching the Latency Limits with Uncertified DAGs”. In:32nd Annual Network and Distributed System Security Symposium, NDSS 2025, San Diego, California, USA, February 24-28, 2025. The Internet Society, 2025
2025
-
[20]
Shoal: Improving dag-bft latency and robustness
A. Spiegelman, B. Arun, R. Gelashvili, and Z. Li. “Shoal: Improving dag-bft latency and robustness”. In:International Conference on Financial Cryptography and Data Security. Springer. 2024, pp. 92–109
2024
-
[21]
Shoal++: High Throughput {DAG}{BFT} Can Be Fast and Robust!
B. Arun, Z. Li, F. Suri-Payer, S. Das, and A. Spiegelman. “Shoal++: High Throughput {DAG}{BFT} Can Be Fast and Robust!” In:22nd USENIX Symposium on Networked Systems Design and Implementation (NSDI 25). 2025, pp. 813–826
2025
-
[22]
Byzantine Consensus in the Random Asynchronous Model
G. Danezis, J. Komatovic, L. Kokoris-Kogias, A. Sonnino, and I. Zablotchi. “Byzantine Consensus in the Random Asynchronous Model”. In:39th International Symposium on Distributed Computing (DISC 2025). V ol. 356. Leibniz International Pro- ceedings in Informatics (LIPIcs). Dagstuhl, Germany: Schloss Dagstuhl – Leibniz-Zentrum für Informatik, 2025, 28:1–28:22
2025
-
[23]
Lyra: Fast and scalable resilience to reordering attacks in blockchains
P. Zarbafian and V . Gramoli. “Lyra: Fast and scalable resilience to reordering attacks in blockchains”. In:2023 IEEE Interna- tional Parallel and Distributed Processing Symposium (IPDPS). IEEE. 2023, pp. 929–939
2023
-
[24]
Re- silientdb: Global scale resilient blockchain fabric
S. Gupta, S. Rahnama, J. Hellings, and M. Sadoghi. “Re- silientdb: Global scale resilient blockchain fabric”. In:arXiv preprint arXiv:2002.00160(2020)
arXiv 2002
-
[25]
A medium-scale distributed system for computer science research: Infrastructure for the long term
H. Bal, D. Epema, C. De Laat, R. Van Nieuwpoort, J. Romein, F. Seinstra, C. Snoek, and H. Wijshoff. “A medium-scale distributed system for computer science research: Infrastructure for the long term”. In:Computer49.5 (2016), pp. 54–63
2016
-
[26]
Wendy, the Good Little Fairness Widget: Achiev- ing Order Fairness for Blockchains
K. Kursawe. “Wendy, the Good Little Fairness Widget: Achiev- ing Order Fairness for Blockchains”. In:AFT ’20: 2nd ACM Conference on Advances in Financial Technologies, New York, NY, USA, October 21-23, 2020. ACM, 2020, pp. 25–36
2020
-
[27]
AOAB: optimal and fair ordering of financial transactions
V . Gramoli, Z. Lu, Q. Tang, and P. Zarbafian. “AOAB: optimal and fair ordering of financial transactions”. In:2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE. 2024, pp. 377–388
2024
-
[28]
Eating Sandwiches: Modular and Lightweight Elimination of Transac- tion Reordering Attacks
O. Alpos, I. Amores-Sesar, C. Cachin, and M. Yeo. “Eating Sandwiches: Modular and Lightweight Elimination of Transac- tion Reordering Attacks”. In:27th International Conference on Principles of Distributed Systems (OPODIS). 2024
2024
-
[29]
Separation is good: A faster order-fairness Byzantine consensus
K. Mu, B. Yin, A. Asheralieva, and X. Wei. “Separation is good: A faster order-fairness Byzantine consensus”. In: (2024)
2024
-
[30]
Rashnu: Data-Dependent Order-Fairness
H. Nagda, S. P. Singhal, M. J. Amiri, and B. T. Loo. “Rashnu: Data-Dependent Order-Fairness”. In:Proc. VLDB Endow. (2024)
2024
-
[31]
Auncel: Fair Byzantine Consensus Protocol with High Performance
W. Chen, Y . Feng, J. Zhang, Z. Cai, H. -N. Dai, and Z. Zheng. “Auncel: Fair Byzantine Consensus Protocol with High Performance”. In:IEEE INFOCOM 2024 - IEEE Conference on Computer Communications. 2024
2024
-
[32]
Dikaios: Position-anchored group ordering with reputation for fair and efficient Byzantine consensus
Y . Wang, X. Xing, G. Wang, Y . Zhang, and P. Li. “Dikaios: Position-anchored group ordering with reputation for fair and efficient Byzantine consensus”. In:Comput. Netw.(2025)
2025
-
[33]
P. Ren, H. Dong, N. Sohrabi, Z. Tari, and P. Zhang.Proof- Carrying Fair Ordering: Asymmetric Verification for BFT via Incremental Graphs. 2025. eprint: 2510.14186
arXiv 2025
-
[34]
Ordering Transac- tions with Bounded Unfairness: Definitions, Complexity and Constructions
A. Kiayias, N. Leonardos, and Y . Shen. “Ordering Transac- tions with Bounded Unfairness: Definitions, Complexity and Constructions”. In:Advances in Cryptology – EUROCRYPT 2024: 43rd Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2024
2024
-
[35]
G. Ramseyer and A. Goel.Fair Ordering in Replicated Systems via Streaming Social Choice. 2024. arXiv: 2304.02730 [cs.CR]
arXiv 2024
-
[36]
Universal composable transaction serialization with order fairness
M. Ciampi, A. Kiayias, and Y . Shen. “Universal composable transaction serialization with order fairness”. In:Annual Inter- national Cryptology Conference. Springer. 2024, pp. 147–180
2024
-
[37]
Quick order fairness
C. Cachin, J. Mi ´ci´c, N. Steinhauer, and L. Zanolini. “Quick order fairness”. In:International Conference on Financial Cryptography and Data Security. Springer. 2022, pp. 316–333
2022
-
[38]
Amores-Sesar and M
I. Amores-Sesar and M. Yeo.Rethinking Consensus with Time as a Primitive. Cryptology ePrint Archive, Paper 2025/1975. 2025
2025
-
[39]
On Frontrunning Risks in Batch-Order Fair Systems for 14 Blockchains (Extended Version)
E. Park, T. Yoon, H. Nam, D. Maram, and M. S. Kang. “On Frontrunning Risks in Batch-Order Fair Systems for 14 Blockchains (Extended Version)”. In:Cryptology ePrint Archive (2025)
2025
-
[40]
Maximal extractable value (mev) protection on a dag
D. Malkhi and P. Szalachowski. “Maximal extractable value (mev) protection on a dag”. In:arXiv preprint arXiv:2208.00940 (2022)
arXiv 2022
-
[41]
TrX: Encrypted Mempools in High Performance BFT Protocols
R. Fernando, G.-V . Policharla, A. Tonkikh, and Z. Xiang. “TrX: Encrypted Mempools in High Performance BFT Protocols”. In:Cryptology ePrint Archive(2025)
2025
-
[42]
Condorcet Attack Against Fair Transaction Ordering
M. A. Vafadar and M. Khabbazian. “Condorcet Attack Against Fair Transaction Ordering”. In:5th Conference on Advances in Financial Technologies. 2023. APPENDIXA DETAILEDCOMPARISON WITHFAIRDAG In this section we discuss limitations of FairDAG [17], whether they could be mitigated and explain why Tilikum does not share them. The first part discusses the disa...
2023
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.