StakeCube: Combining Sharding and Proof-of-Stake to build Fork-free Secure Permissionless Distributed Ledgers

Antoine Durand; Emmanuelle Anceaume; Romaric Ludinard

arxiv: 1907.05314 · v1 · pith:2ETDS4WWnew · submitted 2019-07-11 · 💻 cs.DC · cs.CR

StakeCube: Combining Sharding and Proof-of-Stake to build Fork-free Secure Permissionless Distributed Ledgers

Antoine Durand , Emmanuelle Anceaume , Romaric Ludinard This is my paper

Pith reviewed 2026-05-24 22:48 UTC · model grok-4.3

classification 💻 cs.DC cs.CR

keywords shardingproof-of-stakeblockchainbyzantine agreementdistributed ledgerpermissionlessfork preventioneclipse resistance

0 comments

The pith

Sharded proof-of-stake with verifiable agreements produces fork-free permissionless ledgers.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper presents a protocol that uses a distributed hash table to form randomized shards of stakeholders and runs verifiable Byzantine agreements within those shards to validate blocks. This combination, paired with a separate block validation protocol, is intended to ensure that forks arise only with negligible probability even under an adaptive adversary. The design relies on induced churn to protect shards from eclipse attacks and on the UTXO model so that any stakeholder action remains publicly verifiable. If the protocol works as described, permissionless ledgers could scale to higher throughput while preserving the security properties of proof-of-stake without requiring strong synchrony assumptions beyond those needed for the underlying agreement.

Core claim

We combine verifiable Byzantine agreements run by shards of stakeholders and a block validation protocol to guarantee that forks occur with negligible probability. We impose induced churn to make shards robust to eclipse attacks, and we rely on the UTXO coin model to guarantee that any stakeholder action is securely verifiable by anyone. Our protocol works against adaptive adversary, and makes no synchrony assumption beyond what is required for the byzantine agreement.

What carries the argument

Randomized shards formed via distributed hash table that execute verifiable Byzantine agreements, together with an explicit block validation protocol and induced churn.

If this is right

Forks remain negligible even when the adversary can adaptively corrupt stakeholders.
Block validation scales with the number of shards rather than the full set of participants.
No extra synchrony assumptions are needed beyond those already required by the Byzantine agreement primitive.
Any stakeholder action stays publicly checkable because of the UTXO representation.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

The approach could be tested by measuring fork rate under controlled churn rates in a permissionless test network.
Similar sharding might be layered on other proof-of-stake variants if the verifiable agreement primitive can be swapped.
The design leaves open whether the same negligible-fork guarantee holds if the underlying Byzantine agreement is replaced by a weaker primitive.

Load-bearing premise

Induced churn keeps shards safe from eclipse attacks while the UTXO model lets any observer verify stakeholder actions.

What would settle it

A simulation or deployment in which an adaptive adversary produces forks with probability noticeably above the claimed negligible bound.

read the original abstract

Our work focuses on the design of a scalable permissionless blockchain in the proof-of-stake setting. In particular, we use a distributed hash table as a building block to set up randomized shards, and then leverage the sharded architecture to validate blocks in an efficient manner. We combine verifiable Byzantine agreements run by shards of stakeholders and a block validation protocol to guarantee that forks occur with negligible probability. We impose induced churn to make shards robust to eclipse attacks, and we rely on the UTXO coin model to guarantee that any stakeholder action is securely verifiable by anyone. Our protocol works against adaptive adversary, and makes no synchrony assumption beyond what is required for the byzantine agreement.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

StakeCube sketches a DHT-sharded PoS protocol with induced churn and intra-shard BA to drive fork probability near zero, but the abstract supplies no proof or analysis to back the security claims.

read the letter

The paper's main contribution is a concrete architecture that assigns stakeholders to shards via DHT, runs verifiable Byzantine agreement inside each shard for block decisions, and adds controlled churn to limit eclipse attacks. It targets a permissionless PoS ledger that stays fork-free under adaptive adversaries while assuming only the synchrony needed for the BA primitive. The UTXO model is used so any stakeholder action can be checked by anyone without extra machinery. That combination is the new piece: most prior sharded PoS work either accepts forks or leans on stronger timing assumptions. The design is laid out clearly enough at the component level that a reader can see how the pieces are meant to fit. The churn mechanism and the claim of negligible forks are the parts that stand out as potentially useful if they hold. The soft spot is the complete absence of any security argument, probability bound, or even informal reasoning showing why forks stay negligible once an adaptive adversary can target shards. The abstract simply states that the combination guarantees the outcome; it does not walk through why the randomization plus churn actually keeps shards from being taken over or why the BA verification prevents inconsistent blocks from propagating. Without that step, the central guarantee is an assertion rather than a demonstrated result. The weakest link is the assumption that induced churn suffices to make shards robust; no rate, no analysis of join/leave dynamics, and no discussion of how an adversary with stake can still bias membership appear in the provided text. This is the kind of paper that would interest people already working on sharded ledgers or PoS scalability. A reader who wants to see one more attempt to close the fork gap in permissionless settings could pull ideas from the high-level structure. It is worth sending to referees because the problem is live and the proposed integration is specific, even though the current version is too thin on evidence to stand on its own. A serious review would need the full security section and any simulation or formal argument before it could be assessed properly.

Referee Report

3 major / 0 minor

Summary. The paper proposes StakeCube, a scalable permissionless PoS blockchain that uses a DHT to form randomized shards of stakeholders. Shards execute verifiable Byzantine agreements combined with a block validation protocol to ensure forks occur with negligible probability. Induced churn is imposed to resist eclipse attacks, the UTXO model ensures verifiable stakeholder actions, and the protocol is claimed to be secure against adaptive adversaries with no synchrony assumptions beyond those needed for BA.

Significance. If the security reduction and negligible fork probability can be established, the construction would offer a concrete way to achieve fork-free sharded PoS ledgers while retaining permissionless participation. The reliance on standard BA properties and the UTXO model for public verifiability are positive design choices that could be reusable; however, the absence of any proof sketch, game-based argument, or empirical evaluation in the manuscript prevents assessment of whether these properties actually hold.

major comments (3)

[Abstract] Abstract: the central claim that 'forks occur with negligible probability' is asserted without any supporting derivation, probability bound, or reduction to the underlying BA primitive; this is load-bearing for the entire contribution yet no analysis is supplied.
[Abstract] Abstract: the statement that 'induced churn renders shards robust to eclipse attacks' is presented as an axiom with no justification, churn-rate calculation, or argument against an adaptive adversary that can target the DHT; this assumption underpins the claimed security.
[Abstract] Abstract: security 'against adaptive adversary' is claimed, yet no threat model, corruption threshold, or proof strategy (e.g., simulation or game hopping) is outlined anywhere in the manuscript.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for the careful review and for highlighting the need for explicit security analysis. We agree that the current manuscript lacks formal derivations, threat models, and justifications for the key claims, and we will revise the paper to address these points.

read point-by-point responses

Referee: [Abstract] Abstract: the central claim that 'forks occur with negligible probability' is asserted without any supporting derivation, probability bound, or reduction to the underlying BA primitive; this is load-bearing for the entire contribution yet no analysis is supplied.

Authors: We acknowledge that the manuscript asserts negligible fork probability based on the verifiable BA and sharding construction but supplies no derivation, bound, or reduction. This is a valid observation. In the revision we will add a dedicated security analysis section that reduces the fork probability to the properties of the underlying BA primitive and provides a high-level argument for negligibility under the stated assumptions. revision: yes
Referee: [Abstract] Abstract: the statement that 'induced churn renders shards robust to eclipse attacks' is presented as an axiom with no justification, churn-rate calculation, or argument against an adaptive adversary that can target the DHT; this assumption underpins the claimed security.

Authors: The manuscript introduces induced churn to mitigate eclipse attacks on the DHT but does not supply a churn-rate calculation or a concrete argument against an adaptive adversary. We agree this requires elaboration. The revised version will include a justification section that specifies the churn mechanism, derives a suitable rate, and argues robustness under the adaptive adversary model. revision: yes
Referee: [Abstract] Abstract: security 'against adaptive adversary' is claimed, yet no threat model, corruption threshold, or proof strategy (e.g., simulation or game hopping) is outlined anywhere in the manuscript.

Authors: The paper states security against an adaptive adversary without defining the threat model, corruption threshold, or proof strategy. This omission is correctly identified. We will add an explicit threat-model subsection together with an outline of the intended proof approach (reduction to BA security) in the revised manuscript. revision: yes

Circularity Check

0 steps flagged

No significant circularity; protocol construction is self-contained

full rationale

The abstract and protocol description present a new construction that combines standard components (verifiable Byzantine agreement, DHT-based sharding, UTXO model, induced churn) to achieve fork-free ledgers. No equations, fitted parameters, self-citations, or derivations are shown that reduce the central claim to its own inputs by construction. The claim relies on properties of Byzantine agreement and UTXO verifiability, which are external to the paper and not redefined circularly within it. This is the expected honest non-finding for a design paper without load-bearing self-referential steps.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 1 invented entities

Review limited to abstract; ledger entries are inferred from stated mechanisms. No explicit free parameters listed. Axioms include standard properties of Byzantine agreement and the security of induced churn. The protocol itself is the main invented entity with no independent evidence provided.

axioms (2)

domain assumption Verifiable Byzantine agreement properties hold when run by shards of stakeholders
Invoked to validate blocks and guarantee negligible fork probability.
ad hoc to paper Induced churn renders shards robust to eclipse attacks
Stated as a mechanism to maintain shard security.

invented entities (1)

StakeCube protocol with DHT-randomized shards and induced churn no independent evidence
purpose: To achieve fork-free secure permissionless PoS ledgers
The central contribution is this new protocol construction.

pith-pipeline@v0.9.0 · 5651 in / 1306 out tokens · 45061 ms · 2026-05-24T22:48:43.369344+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

25 extracted references · 25 canonical work pages

[1]

Bulletin of the European Association for Theoretical Computer Science (123) (2017)

Abraham, I., Malkhi, D.: The blockchain consensus layer and bft. Bulletin of the European Association for Theoretical Computer Science (123) (2017)

work page 2017
[2]

In: International Conference on Dependable Systems and Networks (DSN) (2011)

Anceaume, E., Sericola, B., Ludinard, R., Tronel, F.: Modeling and Evaluating Targeted At- tacks in Large Scale Dynamic Systems. In: International Conference on Dependable Systems and Networks (DSN) (2011)

work page 2011
[3]

In: IEEE International Conference on Self- Adaptive and Self-Organizing Systems (SASO) (2008) 15

Anceaume, E., Ludinard, R., Ravoaja, A., Brasileiro, F.: PeerCube: A Hypercube-Based P2P Overlay Robust against Collusion and Churn. In: IEEE International Conference on Self- Adaptive and Self-Organizing Systems (SASO) (2008) 15

work page 2008
[4]

ACM SIGMETRICS Performance Evaluation Review 39(4) (2012)

Anceaume, E., Ludinard, R., Sericola, B.: Performance evaluation of large-scale dynamic systems. ACM SIGMETRICS Performance Evaluation Review 39(4) (2012)

work page 2012
[5]

In: International Conference on Security and Cryptography for Networks (SCN) (2014)

Ateniese, G., Bonacina, I., Faonio, A., Galesi, N.: Proofs of Space: When Space Is of the Essence. In: International Conference on Security and Cryptography for Networks (SCN) (2014)

work page 2014
[6]

In: International Workshop on Peer-to-Peer Systems (IPTPS) (2007)

Awerbuch, B., Scheideler, C.: Towards scalable and robust overay networks. In: International Workshop on Peer-to-Peer Systems (IPTPS) (2007)

work page 2007
[7]

In: ACM SIGSAC Conference on Computer and Communications Security (CCS) (2018)

Badertscher, C., Ga ˇzi, P., Kiayias, A., Russell, A., Zikas, V .: Ouroboros genesis: Compos- able proof-of-stake blockchains with dynamic availability. In: ACM SIGSAC Conference on Computer and Communications Security (CCS) (2018)

work page 2018
[8]

In: International Conference on the Theory and Applications of Cryptographic (EUROCRYPT) (2018)

Bernardo, D., Ga ˇzi, P., Kiayias, A., Russell, A.: Ouroboros praos: An adaptively-secure, semi-synchronous proof-of-stake blockchain. In: International Conference on the Theory and Applications of Cryptographic (EUROCRYPT) (2018)

work page 2018
[9]

In: Inter- national Conference on Applied Cryptography and Network Security (ACNS) (2017)

Cascudo, I., David, B.: SCRAPE: Scalable randomness attested by public entities. In: Inter- national Conference on Applied Cryptography and Network Security (ACNS) (2017)

work page 2017
[10]

Commu- nications of the ACM 24(2), 84–90 (1988)

Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commu- nications of the ACM 24(2), 84–90 (1988)

work page 1988
[11]

Chen, J., Gorbunov, S., Micali, S., Vlachos, G.: Algorand agreement: Super Fast and Partition Resilient Byzantine Agreement. Tech. rep. (2018), https://eprint.iacr.org/2018/377

work page 2018
[12]

The Computer Journal 49(1) (2006)

Correia, M., Neves, N.F., Ver ´ıssimo, P.: From consensus to atomic broadcast: Time-free Byzantine-resistant protocols without signatures. The Computer Journal 49(1) (2006)

work page 2006
[13]

Cryptology ePrint Archive, Report 2016/919 (2016), https://eprint.iacr.org/2016/919

Daian, P., Pass, R., Shi, E.: Snow White: Provably Secure Proofs of Stake. Cryptology ePrint Archive, Report 2016/919 (2016), https://eprint.iacr.org/2016/919

work page 2016
[14]

EOS.IO: Technical white paper v2 (2019), https://github.com/EOSIO/Documentation/blob/ master/TechnicalWhitePaper.md, accessed: 2019-03-10

work page 2019
[15]

In: Annual European Symposium on Algorithms (AESA) (2005)

Fiat, A., Saia, J., Young, M.: Making chord robust to byzantine attacks. In: Annual European Symposium on Algorithms (AESA) (2005)

work page 2005
[16]

In: Symposium on Operating Systems Principles (SOSP) (2017)

Gilad, Y ., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: Scaling Byzantine Agreements for Cryptocurrencies. In: Symposium on Operating Systems Principles (SOSP) (2017)

work page 2017
[17]

In: The Col- lected Works of Wassily Hoeffding (1994)

Hoeffding, W.: Probability inequalities for sums of bounded random variables. In: The Col- lected Works of Wassily Hoeffding (1994)

work page 1994
[18]

Intel: Hyperledger Sawtooth description (2019), https://sawtooth.hyperledger.org/docs/core/ releases/latest/architecture/poet.html, accessed: 2019-03-10

work page 2019
[19]

Cryptology ePrint Archive, Report 2016/889 (2016), https: //eprint.iacr.org/2016/889

Kiayias, A., Russell, A., David, B., Oliynykov, R.: Ouroboros: A Provably Secure Proof- of-Stake Blockchain Protocol. Cryptology ePrint Archive, Report 2016/889 (2016), https: //eprint.iacr.org/2016/889

work page 2016
[20]

In: IEEE Symposium on Security and Privacy (SSP) (2018)

Kokoris-Kogias, E., Jovanovic, P., Gasser, L., Gailly, N., Syta, E., Ford, B.: Omniledger: A secure, scale-out, decentralized ledger via sharding. In: IEEE Symposium on Security and Privacy (SSP) (2018)

work page 2018
[21]

In: IEEE Symposium on Foundations of Computer Science (1999)

Micali, S., Rabin, M.O., Vadhan, S.P.: Veriﬁable random functions. In: IEEE Symposium on Foundations of Computer Science (1999)

work page 1999
[22]

In: Cryptology ePrint Archive, Report 2016/035 (2016)

Moran, T., Orlov, I.: Proofs of space-time and rational proofs of storage. In: Cryptology ePrint Archive, Report 2016/035 (2016)

work page 2016
[23]

https://bitcoin.org/bitcoin.pdf (2008)

Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system. https://bitcoin.org/bitcoin.pdf (2008)

work page 2008
[24]

Journal of Computer and System Sciences 27(2), 256–267 (1983)

Rabin, M.O.: Transaction protection by beacons. Journal of Computer and System Sciences 27(2), 256–267 (1983)

work page 1983
[25]

In: IEEE Symposium on Security and Privacy (SSP) (2017) 16

Syta, E., Jovanovic, P., Kogias, E.K., Gailly, N., Gasser, L., Khofﬁ, I., Fischer, M.J., Ford, B.: Scalable bias-resistant distributed randomness. In: IEEE Symposium on Security and Privacy (SSP) (2017) 16

work page 2017

[1] [1]

Bulletin of the European Association for Theoretical Computer Science (123) (2017)

Abraham, I., Malkhi, D.: The blockchain consensus layer and bft. Bulletin of the European Association for Theoretical Computer Science (123) (2017)

work page 2017

[2] [2]

In: International Conference on Dependable Systems and Networks (DSN) (2011)

Anceaume, E., Sericola, B., Ludinard, R., Tronel, F.: Modeling and Evaluating Targeted At- tacks in Large Scale Dynamic Systems. In: International Conference on Dependable Systems and Networks (DSN) (2011)

work page 2011

[3] [3]

In: IEEE International Conference on Self- Adaptive and Self-Organizing Systems (SASO) (2008) 15

Anceaume, E., Ludinard, R., Ravoaja, A., Brasileiro, F.: PeerCube: A Hypercube-Based P2P Overlay Robust against Collusion and Churn. In: IEEE International Conference on Self- Adaptive and Self-Organizing Systems (SASO) (2008) 15

work page 2008

[4] [4]

ACM SIGMETRICS Performance Evaluation Review 39(4) (2012)

Anceaume, E., Ludinard, R., Sericola, B.: Performance evaluation of large-scale dynamic systems. ACM SIGMETRICS Performance Evaluation Review 39(4) (2012)

work page 2012

[5] [5]

In: International Conference on Security and Cryptography for Networks (SCN) (2014)

Ateniese, G., Bonacina, I., Faonio, A., Galesi, N.: Proofs of Space: When Space Is of the Essence. In: International Conference on Security and Cryptography for Networks (SCN) (2014)

work page 2014

[6] [6]

In: International Workshop on Peer-to-Peer Systems (IPTPS) (2007)

Awerbuch, B., Scheideler, C.: Towards scalable and robust overay networks. In: International Workshop on Peer-to-Peer Systems (IPTPS) (2007)

work page 2007

[7] [7]

In: ACM SIGSAC Conference on Computer and Communications Security (CCS) (2018)

Badertscher, C., Ga ˇzi, P., Kiayias, A., Russell, A., Zikas, V .: Ouroboros genesis: Compos- able proof-of-stake blockchains with dynamic availability. In: ACM SIGSAC Conference on Computer and Communications Security (CCS) (2018)

work page 2018

[8] [8]

In: International Conference on the Theory and Applications of Cryptographic (EUROCRYPT) (2018)

Bernardo, D., Ga ˇzi, P., Kiayias, A., Russell, A.: Ouroboros praos: An adaptively-secure, semi-synchronous proof-of-stake blockchain. In: International Conference on the Theory and Applications of Cryptographic (EUROCRYPT) (2018)

work page 2018

[9] [9]

In: Inter- national Conference on Applied Cryptography and Network Security (ACNS) (2017)

Cascudo, I., David, B.: SCRAPE: Scalable randomness attested by public entities. In: Inter- national Conference on Applied Cryptography and Network Security (ACNS) (2017)

work page 2017

[10] [10]

Commu- nications of the ACM 24(2), 84–90 (1988)

Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commu- nications of the ACM 24(2), 84–90 (1988)

work page 1988

[11] [11]

Chen, J., Gorbunov, S., Micali, S., Vlachos, G.: Algorand agreement: Super Fast and Partition Resilient Byzantine Agreement. Tech. rep. (2018), https://eprint.iacr.org/2018/377

work page 2018

[12] [12]

The Computer Journal 49(1) (2006)

Correia, M., Neves, N.F., Ver ´ıssimo, P.: From consensus to atomic broadcast: Time-free Byzantine-resistant protocols without signatures. The Computer Journal 49(1) (2006)

work page 2006

[13] [13]

Cryptology ePrint Archive, Report 2016/919 (2016), https://eprint.iacr.org/2016/919

Daian, P., Pass, R., Shi, E.: Snow White: Provably Secure Proofs of Stake. Cryptology ePrint Archive, Report 2016/919 (2016), https://eprint.iacr.org/2016/919

work page 2016

[14] [14]

EOS.IO: Technical white paper v2 (2019), https://github.com/EOSIO/Documentation/blob/ master/TechnicalWhitePaper.md, accessed: 2019-03-10

work page 2019

[15] [15]

In: Annual European Symposium on Algorithms (AESA) (2005)

Fiat, A., Saia, J., Young, M.: Making chord robust to byzantine attacks. In: Annual European Symposium on Algorithms (AESA) (2005)

work page 2005

[16] [16]

In: Symposium on Operating Systems Principles (SOSP) (2017)

Gilad, Y ., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: Scaling Byzantine Agreements for Cryptocurrencies. In: Symposium on Operating Systems Principles (SOSP) (2017)

work page 2017

[17] [17]

In: The Col- lected Works of Wassily Hoeffding (1994)

Hoeffding, W.: Probability inequalities for sums of bounded random variables. In: The Col- lected Works of Wassily Hoeffding (1994)

work page 1994

[18] [18]

Intel: Hyperledger Sawtooth description (2019), https://sawtooth.hyperledger.org/docs/core/ releases/latest/architecture/poet.html, accessed: 2019-03-10

work page 2019

[19] [19]

Cryptology ePrint Archive, Report 2016/889 (2016), https: //eprint.iacr.org/2016/889

Kiayias, A., Russell, A., David, B., Oliynykov, R.: Ouroboros: A Provably Secure Proof- of-Stake Blockchain Protocol. Cryptology ePrint Archive, Report 2016/889 (2016), https: //eprint.iacr.org/2016/889

work page 2016

[20] [20]

In: IEEE Symposium on Security and Privacy (SSP) (2018)

Kokoris-Kogias, E., Jovanovic, P., Gasser, L., Gailly, N., Syta, E., Ford, B.: Omniledger: A secure, scale-out, decentralized ledger via sharding. In: IEEE Symposium on Security and Privacy (SSP) (2018)

work page 2018

[21] [21]

In: IEEE Symposium on Foundations of Computer Science (1999)

Micali, S., Rabin, M.O., Vadhan, S.P.: Veriﬁable random functions. In: IEEE Symposium on Foundations of Computer Science (1999)

work page 1999

[22] [22]

In: Cryptology ePrint Archive, Report 2016/035 (2016)

Moran, T., Orlov, I.: Proofs of space-time and rational proofs of storage. In: Cryptology ePrint Archive, Report 2016/035 (2016)

work page 2016

[23] [23]

https://bitcoin.org/bitcoin.pdf (2008)

Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system. https://bitcoin.org/bitcoin.pdf (2008)

work page 2008

[24] [24]

Journal of Computer and System Sciences 27(2), 256–267 (1983)

Rabin, M.O.: Transaction protection by beacons. Journal of Computer and System Sciences 27(2), 256–267 (1983)

work page 1983

[25] [25]

In: IEEE Symposium on Security and Privacy (SSP) (2017) 16

Syta, E., Jovanovic, P., Kogias, E.K., Gailly, N., Gasser, L., Khofﬁ, I., Fischer, M.J., Ford, B.: Scalable bias-resistant distributed randomness. In: IEEE Symposium on Security and Privacy (SSP) (2017) 16

work page 2017