AMP: Arc Multi-Proposer Protocol with Bounded Inclusion Guarantees

Adi Seredinschi; Alessandro Sforzin; Daniel Cason; Gordon Liao; Jo\~ao Sousa; Nenad Milo\v{s}evi\'c; Preston Vander Vos; Sergio Mena

arxiv: 2605.23677 · v1 · pith:HRBECPBRnew · submitted 2026-05-22 · 💻 cs.DC

AMP: Arc Multi-Proposer Protocol with Bounded Inclusion Guarantees

Daniel Cason , Gordon Liao , Sergio Mena , Nenad Milo\v{s}evi\'c , Adi Seredinschi , Alessandro Sforzin , Jo\~ao Sousa , Preston Vander Vos This is my paper

Pith reviewed 2026-05-25 02:54 UTC · model grok-4.3

classification 💻 cs.DC

keywords multi-proposerblockchainTendermintpayload inclusionattestationdeterministic orderingvalidator power

0 comments

The pith

AMP guarantees that payloads attested by all correct validators are included in the next block.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces AMP as a multi-proposer protocol layered on Tendermint to limit the control any single validator exerts over transaction inclusion and ordering in blocks. Dedicated proposer nodes gather user transactions into payloads and send them to validators, who then attest to receipt and run consensus only on the set of payloads to include. The core mechanism ensures that a payload attested by every correct validator must appear in the following block, so each block aggregates payloads from several proposers. A deterministic ordering step is then applied to the contents of those payloads. This design separates transaction dissemination from agreement and removes unilateral validator power over what enters a block or how it is sequenced.

Core claim

When all correct validators attest to a given payload, AMP guarantees that payload will be included in the next block; a block thus contains payloads from multiple proposers, allowing for bulk finalization. This bounded inclusion guarantee along with a deterministic ordering algorithm which is run over all payloads included in a block, curbs the power of any single validator.

What carries the argument

The bounded inclusion guarantee that forces any payload attested by all correct validators into the next block, paired with a deterministic ordering algorithm applied to the selected payloads.

Load-bearing premise

Dedicated proposer nodes can be introduced and operated without creating new centralization, denial-of-service, or collusion vectors while the attestation-plus-consensus layer actually delivers the claimed inclusion guarantee under the base protocol's fault model.

What would settle it

Observe a payload that receives attestations from all correct validators yet is omitted from the next block produced by the protocol.

Figures

Figures reproduced from arXiv: 2605.23677 by Adi Seredinschi, Alessandro Sforzin, Daniel Cason, Gordon Liao, Jo\~ao Sousa, Nenad Milo\v{s}evi\'c, Preston Vander Vos, Sergio Mena.

**Figure 1.** Figure 1: Architecture of a validator node. The AMP logic sits between the application and the underlying dissemination and agreement layers. Each pi represents a payload broadcast by a proposer and received by the validator. GetValue(h) returns a commit certificate to propose in the agreement layer; validators extract the decided set of payload ids from it. The Decided primitive also returns a commit certificate, r… view at source ↗

read the original abstract

Blockchain systems that settle financial transactions face a structural tension: the single validator that assembles each block holds unilateral power over transaction inclusion and ordering. Traditional markets curb this very power through front-running and market-manipulation laws. Regulators have flagged the absence of such rules as a first-order concern for blockchain-based financial infrastructure. In response, we introduce AMP, a multi-proposer protocol, on top of the Tendermint consensus algorithm, where no validator can control the flow of transactions into blocks. Instead, dedicated nodes called proposers sit between users and validators. They collect user transactions, group them into payloads, and broadcast the payloads to all validators. Consequently, there is no mempool, and AMP applies the design principle of separating dissemination from agreement, which can lead to higher throughput. Validators publicly attest to receiving payloads and run consensus to decide the set of payloads to include in the next block. When all correct validators attest to a given payload, AMP guarantees that payload will be included in the next block; a block thus contains payloads from multiple proposers, allowing for bulk finalization. This bounded inclusion guarantee along with a deterministic ordering algorithm which is run over all payloads included in a block, curbs the power of any single validator. Validators no longer control what is included in a block, nor can they arbitrarily order the contents of blocks.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

AMP layers attestations and multiple dedicated proposers on Tendermint to guarantee inclusion of fully-attested payloads and remove single-validator ordering power, but the enforcement rule inside consensus is not described.

read the letter

AMP adds dedicated proposers that bundle transactions into payloads, have validators attest receipt, and then run Tendermint consensus over the attested payloads. The central claim is that any payload attested by all correct validators is forced into the next block, with a deterministic ordering step applied afterward. This removes the mempool and aims to limit any one validator's control over what gets included or how it is ordered, directly targeting regulatory worries about front-running in blockchain settlement systems. The separation of dissemination from agreement is presented as a route to higher throughput and bulk finalization across multiple proposers. The deterministic ordering over the chosen payloads is a simple way to strip out arbitrary leader ordering. The framing of the problem in terms of market fairness is clear and the construction stays close to an existing Tendermint base, which makes the idea easier to compare with deployed systems. The main soft spot is the inclusion guarantee itself. The abstract states that validators run consensus to decide the set of payloads and that fully attested ones are included, yet supplies no modified proposal rule, voting rule, or proof showing how this is enforced under Tendermint's partial-synchrony and f < n/3 model. Standard Tendermint lets the proposer select content, so some additional mechanism is required to make inclusion automatic once attestations are complete; without seeing that mechanism or a formal argument, the property cannot be checked. The paper also gives little attention to whether the new proposer nodes introduce fresh centralization or denial-of-service risks. This is for people working on Tendermint extensions or on making blockchain protocols more regulator-friendly. It has a concrete enough idea to merit referee time even though the soundness of the main claim will need close scrutiny in review.

Referee Report

2 major / 1 minor

Summary. The paper introduces AMP, a multi-proposer protocol layered atop Tendermint consensus. Dedicated proposer nodes collect user transactions into payloads and broadcast them to validators; validators attest to received payloads and run consensus to select the set of payloads for the next block. The central claims are a bounded inclusion guarantee (any payload attested by all correct validators is included in the next block) and a deterministic ordering algorithm over included payloads that together eliminate single-validator control over transaction inclusion and ordering, while separating dissemination from agreement to improve throughput.

Significance. If the inclusion guarantee and ordering properties can be shown to hold under Tendermint's standard partial-synchrony and f < n/3 model, the work would directly address a recognized regulatory and market concern about validator power in financial blockchains. The separation of dissemination from agreement is a known design principle that can raise throughput; the multi-proposer structure with explicit inclusion bounds would be a concrete instantiation worth documenting.

major comments (2)

[Abstract] Abstract: the bounded inclusion guarantee is asserted ('When all correct validators attest to a given payload, AMP guarantees that payload will be included in the next block') yet the manuscript supplies no description of the modified proposal or voting rules inside Tendermint that would enforce inclusion of every fully-attested payload rather than a proposer- or size-selected subset.
[Abstract] Abstract: no pseudocode, protocol specification, proof sketch, or experimental evaluation is provided for either the inclusion guarantee or the deterministic ordering algorithm, so the central claims cannot be evaluated from the supplied text.

minor comments (1)

The title contains 'Arc' but the abstract does not define or expand the acronym.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the detailed review and constructive comments. The points raised correctly identify gaps in the current presentation of the protocol mechanisms and supporting material. We will prepare a major revision that supplies the missing descriptions, specifications, and analysis while preserving the core claims.

read point-by-point responses

Referee: [Abstract] Abstract: the bounded inclusion guarantee is asserted ('When all correct validators attest to a given payload, AMP guarantees that payload will be included in the next block') yet the manuscript supplies no description of the modified proposal or voting rules inside Tendermint that would enforce inclusion of every fully-attested payload rather than a proposer- or size-selected subset.

Authors: We agree that the abstract states the guarantee without explaining the concrete changes to Tendermint's proposal and voting phases that enforce it. The full manuscript contains a high-level description of attestation and payload selection, but does not yet spell out the precise modifications to the proposal message format or the voting rule that prioritizes fully-attested payloads. In the revision we will add an explicit subsection (and corresponding abstract sentence) that defines the modified proposal rule (payloads are proposed only if attested by a quorum) and the voting rule (validators vote for the maximal set of attested payloads that fit the block size, with a deterministic tie-breaker). This will show why a fully-attested payload cannot be omitted in favor of a proposer- or size-selected subset. revision: yes
Referee: [Abstract] Abstract: no pseudocode, protocol specification, proof sketch, or experimental evaluation is provided for either the inclusion guarantee or the deterministic ordering algorithm, so the central claims cannot be evaluated from the supplied text.

Authors: The observation is accurate for the current version: the abstract and main text assert the two properties but supply neither pseudocode nor a proof sketch. The full manuscript does contain an informal argument for the inclusion guarantee under the standard partial-synchrony and f < n/3 model, yet it lacks formal pseudocode, a compact proof outline, and any experimental data. In the revision we will insert (i) Algorithm boxes for payload dissemination, attestation, and the deterministic ordering procedure, (ii) a short proof sketch showing that any payload attested by all correct validators is selected in the next consensus round, and (iii) a preliminary performance section with throughput and inclusion-latency measurements on a small testbed. These additions will make the claims directly evaluable. revision: yes

Circularity Check

0 steps flagged

No circularity; protocol claims are definitional but not self-referential

full rationale

The manuscript presents a protocol description and states an inclusion guarantee as a direct property of the AMP design layered on Tendermint. No equations, fitted parameters, predictions derived from subsets of data, or load-bearing self-citations appear. The guarantee is asserted from the protocol rules rather than reduced to a quantity defined in terms of itself. The derivation chain is therefore self-contained against the listed circularity patterns.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 2 invented entities

The central claim rests on the introduction of new node roles (proposers) and an attestation mechanism whose correctness is asserted without independent verification in the abstract; the only explicit background assumption is that Tendermint's safety and liveness properties continue to hold.

axioms (1)

domain assumption Tendermint consensus provides safety and liveness under its standard partial-synchrony and fault assumptions
The protocol is explicitly built on top of Tendermint as stated in the abstract.

invented entities (2)

Proposers no independent evidence
purpose: Dedicated nodes that collect user transactions, form payloads, and broadcast them to validators
New architectural role introduced to separate dissemination from agreement.
Payloads no independent evidence
purpose: Bundled transaction sets that are attested and selected for inclusion
Core data unit of the new dissemination layer.

pith-pipeline@v0.9.0 · 5801 in / 1438 out tokens · 32899 ms · 2026-05-25T02:54:58.676789+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

51 extracted references · 51 canonical work pages

[1]

The latency cost of censorship resistance

Ittai Abraham, Yuval Efron, and Ling Ren. The latency cost of censorship resistance. Cryptology ePrint Archive, Paper 2025/2136, 2025

work page 2025
[2]

Efficiently-thresholdizable batched iden- tity based encryption, with applications

Amit Agarwal, Rex Fernando, and Benny Pinkas. Efficiently-thresholdizable batched iden- tity based encryption, with applications. InAdvances in Cryptology – CRYPTO 2025, volume 16002 ofLecture Notes in Computer Science, pages 69–100. Springer, 2025

work page 2025
[3]

Correctness of Tendermint-Core Blockchains

Yackolley Amoussou-Guenou, Antonella Del Pozzo, Maria Potop-Butucaru, and Sara Tucci- Piergiovanni. Correctness of Tendermint-Core Blockchains. In22nd International Confer- ence on Principles of Distributed Systems (OPODIS 2018), volume 125, pages 16:1–16:16, 2019

work page 2018
[4]

Dissecting Tendermint

Yackolley Amoussou-Guenou, Antonella Del Pozzo, Maria Potop-Butucaru, and Sara Tucci- Piergiovanni. Dissecting Tendermint. InNetworked Systems (NETYS 2019), volume 11704 ofLecture Notes in Computer Science, pages 166–182, Cham, Switzerland, 2019. Springer

work page 2019
[5]

Leaderlessconsensus

Karolos Antoniadis, Antoine Desjardins, Vincent Gramoli, Rachid Guerraoui, and Igor Zablotchi. Leaderlessconsensus. In2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS), pages 392–402. IEEE Computer Society, 2021

work page 2021
[6]

Shoal++: High throughput DAG BFT can be fast!arXiv preprint arXiv:2405.20488, 2024

Balaji Arun, Zekun Li, Florian Suri-Payer, Sourav Das, and Alexander Spiegelman. Shoal++: High throughput DAG BFT can be fast!arXiv preprint arXiv:2405.20488, 2024

work page arXiv 2024
[7]

Miners as Intermediaries: Ex- tractable Value and Market Manipulation in Crypto and DeFi

Raphael Auer, Jon Frost, and Jose Maria Vidal Pastor. Miners as Intermediaries: Ex- tractable Value and Market Manipulation in Crypto and DeFi. BIS Bulletin 58, Bank for International Settlements, June 2022

work page 2022
[8]

Mysticeti: Reaching the limits of latency with uncertified DAGs.arXiv preprint arXiv:2310.14821, 2023

Kushal Babel, Andrey Chursin, George Danezis, Anastasios Kichidis, Lefteris Kokoris- Kogias, Arun Koshy, Alberto Sonnino, and Mingwei Tian. Mysticeti: Reaching the limits of latency with uncertified DAGs.arXiv preprint arXiv:2310.14821, 2023

work page arXiv 2023
[9]

Ferveo: Threshold decryption for mempool privacy in BFT networks

Joseph Bebel and Dev Ojha. Ferveo: Threshold decryption for mempool privacy in BFT networks. Cryptology ePrint Archive, Paper 2022/898, 2022

work page 2022
[10]

Context- dependent threshold decryption and its applications

Dan Boneh, Benedikt Bünz, Kartik Nayak, Lior Rotem, and Victor Shoup. Context- dependent threshold decryption and its applications. Cryptology ePrint Archive, Paper 2025/279, 2025

work page 2025
[11]

Batch decryption without epochs and its application to encrypted mempools

Dan Boneh, Evan Laufer, and Ertem Nusret Tas. Batch decryption without epochs and its application to encrypted mempools. Cryptology ePrint Archive, Paper 2025/1254, 2025

work page 2025
[12]

BEAST-MEV: Batched threshold encryption with silent setup for MEV prevention

Jan Bormet, Arka Rai Choudhuri, Sebastian Faust, Sanjam Garg, Hussien Othman, Gu- ruVamsi Policharla, Ziyan Qu, and Mingyuan Wang. BEAST-MEV: Batched threshold encryption with silent setup for MEV prevention. Cryptology ePrint Archive, Paper 2025/1419, 2025

work page 2025
[13]

BEAT-MEV: Epochless approach to batched threshold encryption for MEV prevention

Jan Bormet, Sebastian Faust, Hussien Othman, and Ziyan Qu. BEAT-MEV: Epochless approach to batched threshold encryption for MEV prevention. Cryptology ePrint Archive, Paper 2024/1533, 2024

work page 2024
[14]

Cosmos Whitepaper: A Network of Distributed Ledgers

Ethan Buchman and Jae Kwon. Cosmos Whitepaper: A Network of Distributed Ledgers. Whitepaper, Tendermint, Inc., 2016. Accessed: 2026-03-13, Availableon:https://cosmos. network/resources/whitepaper. 15

work page 2016
[15]

The latest gossip on BFT consensus

Ethan Buchman, Jae Kwon, and Zarko Milosevic. The latest gossip on BFT consensus. arXiv preprint arXiv:1807.04938, 2018

work page arXiv 2018
[16]

Proposer/builder separation (PBS)

Vitalik Buterin. Proposer/builder separation (PBS). Ethereum Research,https:// ethresear.ch/t/proposer-block-builder-separation-friendly-fee-market-designs/ 9725, 2021. Accessed: 2026-03-13

work page 2021
[17]

State of research: increasing censorship resistance of transactions under proposer/builder separation (PBS)

Vitalik Buterin. State of research: increasing censorship resistance of transactions under proposer/builder separation (PBS). Ethereum Notes, January 2022. Accessed: 2026-03-13

work page 2022
[18]

Springer, 2011

Christian Cachin, Rachid Guerraoui, and Luis Rodrigues.Introduction to Reliable and Secure Distributed Programming. Springer, 2011

work page 2011
[19]

On the (limited) power of non-equivocation

Christian Cachin, Klaus Kursawe, Frank Petzold, and Victor Shoup. On the (limited) power of non-equivocation. InProceedings of the 18th ACM Symposium on Principles of Distributed Computing (PODC), pages 53–62, 2001

work page 2001
[20]

Secure and efficient asynchronous broadcast protocols

Christian Cachin, Klaus Kursawe, Frank Petzold, and Victor Shoup. Secure and efficient asynchronous broadcast protocols. InAdvances in Cryptology – CRYPTO 2001, pages 524–541. Springer Berlin Heidelberg, August 2001

work page 2001
[21]

The design, architecture and performance of the Tendermint Blockchain Network

Daniel Cason, Enrique Fynn, Nenad Milosevic, Zarko Milosevic, Ethan Buchman, and Fernando Pedone. The design, architecture and performance of the Tendermint Blockchain Network. In40th IEEE International Symposium on Reliable Distributed Systems (SRDS 2021), pages 23–33. IEEE, 2021

work page 2021
[22]

Practical Byzantine fault tolerance

Miguel Castro and Barbara Liskov. Practical Byzantine fault tolerance. InProceedings of the 3rd USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 173–186, 1999

work page 1999
[23]

Mempool privacy via batched threshold encryption: Attacks and defenses

Arka Rai Choudhuri, Sanjam Garg, Julien Piet, and Guru-Vamsi Policharla. Mempool privacy via batched threshold encryption: Attacks and defenses. InProceedings of the 33rd USENIX Security Symposium. USENIX Association, 2024

work page 2024
[24]

CometBFT: A distributed, Byzantine fault-tolerant state ma- chine replication engine.https://github.com/cometbft/cometbft

CometBFT Contributors. CometBFT: A distributed, Byzantine fault-tolerant state ma- chine replication engine.https://github.com/cometbft/cometbft. Accessed: 2026-03- 13

work page 2026
[25]

Application of the Principles for Financial Market Infrastructures to Sta- blecoin Arrangements

CPMI-IOSCO. Application of the Principles for Financial Market Infrastructures to Sta- blecoin Arrangements. CPMI Papers 206, Bank for International Settlements, July 2022

work page 2022
[26]

Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability

Philip Daian, Steven Goldfeder, Tyler Kell, Yunqi Li, Xueyuan Zhao, Iddo Bentov, Lorenz Breidenbach, and Ari Juels. Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability. InProceedings of the 2020 IEEE Symposium on Security and Privacy (SP), pages 910–927. IEEE, 2020

work page 2020
[27]

Nar- whal and Tusk: A DAG-based mempool and efficient BFT consensus

George Danezis, Lefteris Kokoris-Kogias, Alberto Sonnino, and Alexander Spiegelman. Nar- whal and Tusk: A DAG-based mempool and efficient BFT consensus. InProceedings of the 17th European Conference on Computer Systems (EuroSys), pages 34–50, 2022

work page 2022
[28]

Consensus in the presence of partial synchrony.Journal of the ACM, 35(2):288–323, April 1988

Cynthia Dwork, Nancy Lynch, and Larry Stockmeyer. Consensus in the presence of partial synchrony.Journal of the ACM, 35(2):288–323, April 1988

work page 1988
[29]

High-level Recommendations for the Regulation, Supervision and Oversight of Crypto-Asset Activities and Markets

Financial Stability Board. High-level Recommendations for the Regulation, Supervision and Oversight of Crypto-Asset Activities and Markets. Technical report, Financial Stability Board, July 2023. Accessed: 2026-03-13. 16

work page 2023
[30]

mev-boost: MEV-boost relay for ethereum.https://boost.flashbots.net/,

Flashbots. mev-boost: MEV-boost relay for ethereum.https://boost.flashbots.net/,

work page
[32]

Illuminating Ethereum’s order flow landscape.https://writings.flashbots

Flashbots. Illuminating Ethereum’s order flow landscape.https://writings.flashbots. net/illuminate-the-order-flow, November 2023. Accessed: 2026-03-13

work page 2023
[33]

Censorship resistance in on-chain auctions

Elijah Fox, Mallesh Pai, and Max Resnick. Censorship resistance in on-chain auctions. arXiv preprint arXiv:2301.13321, 2023

work page arXiv 2023
[34]

Multiple concurrent proposers: Why and how.arXiv preprint arXiv:2509.23984, 2025

Pranav Garimidi, Joachim Neu, and Max Resnick. Multiple concurrent proposers: Why and how.arXiv preprint arXiv:2509.23984, 2025

work page arXiv 2025
[35]

David K. Gifford. Weighted voting for replicated data. InProceedings of the 7th ACM Symposium on Operating Systems Principles (SOSP ’79), pages 150–162, New York, NY, USA, December 1979. Association for Computing Machinery

work page 1979
[36]

Autobahn: Seamless high speed BFT.arXiv preprint arXiv:2401.10369, 2024

Neil Giridharan, Florian Suri-Payer, Ittai Abraham, Lorenzo Alvisi, and Natacha Crooks. Autobahn: Seamless high speed BFT.arXiv preprint arXiv:2401.10369, 2024

work page arXiv 2024
[37]

Malachite: Flexible BFT consensus engine in Rust.https:// github.com/circlefin/malachite, 2026

Circle Internet Group. Malachite: Flexible BFT consensus engine in Rust.https:// github.com/circlefin/malachite, 2026. Accessed: 2026-03-13

work page 2026
[38]

MEV in multiple concurrent proposer blockchains

Steven Landers and Benjamin Marsh. MEV in multiple concurrent proposer blockchains. arXiv preprint arXiv:2511.13080, 2025

work page arXiv 2025
[39]

Liao, Rachel Mayer, Adrian Soghoian, Sanket Jain, and Erik Tierney

Gordon Y. Liao, Rachel Mayer, Adrian Soghoian, Sanket Jain, and Erik Tierney. Arc: An Open Layer-1 Blockchain Purpose-Built for Stablecoin Finance. Litepaper, Circle Internet Group, 2025. Accessed: 2026-03-13, Avaliable on:https://www.arc.network/litepaper

work page 2025
[40]

Enshrined proposer-builder sep- aration (ePBS)

Mike Neuder and Justin Drake. Enshrined proposer-builder sep- aration (ePBS). Ethereum Research,https://ethresear.ch/t/ why-enshrine-proposer-builder-separation-a-viable-path-to-epbs/15710, 2023. Accessed: 2026-03-13

work page 2023
[41]

Priority is all you need

Dan Robinson, Dave White, and Georgios FKonstantopoulos. Priority is all you need. Paradigm Research,https://www.paradigm.xyz/2024/06/priority-is-all-you-need, June 2024. Accessed: 2026-03-13

work page 2024
[42]

Solana fee statistics.https://solanacompass.com/statistics/fees,

SolanaCompass. Solana fee statistics.https://solanacompass.com/statistics/fees,

work page
[43]

Accessed: 2026-03-13

work page 2026
[44]

Shoal: Improving DAG-BFT latency and robustness.arXiv preprint arXiv:2306.03058, 2023

Alexander Spiegelman, Balaji Arun, Rati Gelashvili, and Zekun Li. Shoal: Improving DAG-BFT latency and robustness.arXiv preprint arXiv:2306.03058, 2023

work page arXiv 2023
[45]

Bull- shark: DAG BFT protocols made practical

AlexanderSpiegelman, NivGiridharan, AlbertoSonnino, andLefterisKokoris-Kogias. Bull- shark: DAG BFT protocols made practical. InProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 2705–2718, 2022

work page 2022
[46]

Mir-BFT: High-throughput robust BFT for decentralized networks.arXiv preprint arXiv:1906.05552, 2019

Chrysoula Stathakopoulou, Tudor David, Matej Pavlovic, and Marko Vukolić. Mir-BFT: High-throughput robust BFT for decentralized networks.arXiv preprint arXiv:1906.05552, 2019

work page arXiv 1906
[47]

State machine replication scalability made simple

Chrysoula Stathakopoulou, Matej Pavlovic, and Marko Vukolić. State machine replication scalability made simple. InProceedings of the 17th European Conference on Computer Systems (EuroSys), pages 17–33, 2022. 17

work page 2022
[48]

Multipleproposertransaction fee mechanism design: Robust incentives against censorship and bribery.arXiv preprint arXiv:2505.13751, 2025

Aikaterini-PanagiotaStouka, JulianMa, andThomasThiery. Multipleproposertransaction fee mechanism design: Robust incentives against censorship and bribery.arXiv preprint arXiv:2505.13751, 2025

work page arXiv 2025
[49]

EIP-7805: Fork-choice enforced inclusion lists (FOCIL)

Thomas Thiery, Francesco D’Amato, et al. EIP-7805: Fork-choice enforced inclusion lists (FOCIL). Ethereum Improvement Proposal,https://eips.ethereum.org/EIPS/ eip-7805, November 2024. Accessed: 2026-03-13

work page 2024
[50]

Prefixconsensusforcensorship resistant BFT.arXiv preprint arXiv:2602.02892, 2026

ZhuolunXiang, AndreiTonkikh, andAlexanderSpiegelman. Prefixconsensusforcensorship resistant BFT.arXiv preprint arXiv:2602.02892, 2026

work page arXiv 2026
[51]

Reiter, Guy Golan-Gueta, and Ittai Abraham

Maofan Yin, Dahlia Malkhi, Michael K. Reiter, Guy Golan-Gueta, and Ittai Abraham. Hotstuff: Bft consensus with linearity and responsiveness. InProceedings of the 2019 ACM Symposium on Principles of Distributed Computing (PODC), pages 347–356. ACM, 2019

work page 2019
[52]

CommitCertificates

Haoqian Zhang, Louis-Henri Merino, Ziyan Qu, Mahsa Bastankhah, Vero Estrada- Galiñanes, and Bryan Ford. F3B: A low-overhead blockchain architecture with per- transaction front-running protection. InProceedings of the 5th Conference on Advances in Financial Technologies (AFT 2023), volume 282 ofLIPIcs, pages 3:1–3:23, 2023. A Correctness This section argue...

work page 2023

[1] [1]

The latency cost of censorship resistance

Ittai Abraham, Yuval Efron, and Ling Ren. The latency cost of censorship resistance. Cryptology ePrint Archive, Paper 2025/2136, 2025

work page 2025

[2] [2]

Efficiently-thresholdizable batched iden- tity based encryption, with applications

Amit Agarwal, Rex Fernando, and Benny Pinkas. Efficiently-thresholdizable batched iden- tity based encryption, with applications. InAdvances in Cryptology – CRYPTO 2025, volume 16002 ofLecture Notes in Computer Science, pages 69–100. Springer, 2025

work page 2025

[3] [3]

Correctness of Tendermint-Core Blockchains

Yackolley Amoussou-Guenou, Antonella Del Pozzo, Maria Potop-Butucaru, and Sara Tucci- Piergiovanni. Correctness of Tendermint-Core Blockchains. In22nd International Confer- ence on Principles of Distributed Systems (OPODIS 2018), volume 125, pages 16:1–16:16, 2019

work page 2018

[4] [4]

Dissecting Tendermint

Yackolley Amoussou-Guenou, Antonella Del Pozzo, Maria Potop-Butucaru, and Sara Tucci- Piergiovanni. Dissecting Tendermint. InNetworked Systems (NETYS 2019), volume 11704 ofLecture Notes in Computer Science, pages 166–182, Cham, Switzerland, 2019. Springer

work page 2019

[5] [5]

Leaderlessconsensus

Karolos Antoniadis, Antoine Desjardins, Vincent Gramoli, Rachid Guerraoui, and Igor Zablotchi. Leaderlessconsensus. In2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS), pages 392–402. IEEE Computer Society, 2021

work page 2021

[6] [6]

Shoal++: High throughput DAG BFT can be fast!arXiv preprint arXiv:2405.20488, 2024

Balaji Arun, Zekun Li, Florian Suri-Payer, Sourav Das, and Alexander Spiegelman. Shoal++: High throughput DAG BFT can be fast!arXiv preprint arXiv:2405.20488, 2024

work page arXiv 2024

[7] [7]

Miners as Intermediaries: Ex- tractable Value and Market Manipulation in Crypto and DeFi

Raphael Auer, Jon Frost, and Jose Maria Vidal Pastor. Miners as Intermediaries: Ex- tractable Value and Market Manipulation in Crypto and DeFi. BIS Bulletin 58, Bank for International Settlements, June 2022

work page 2022

[8] [8]

Mysticeti: Reaching the limits of latency with uncertified DAGs.arXiv preprint arXiv:2310.14821, 2023

Kushal Babel, Andrey Chursin, George Danezis, Anastasios Kichidis, Lefteris Kokoris- Kogias, Arun Koshy, Alberto Sonnino, and Mingwei Tian. Mysticeti: Reaching the limits of latency with uncertified DAGs.arXiv preprint arXiv:2310.14821, 2023

work page arXiv 2023

[9] [9]

Ferveo: Threshold decryption for mempool privacy in BFT networks

Joseph Bebel and Dev Ojha. Ferveo: Threshold decryption for mempool privacy in BFT networks. Cryptology ePrint Archive, Paper 2022/898, 2022

work page 2022

[10] [10]

Context- dependent threshold decryption and its applications

Dan Boneh, Benedikt Bünz, Kartik Nayak, Lior Rotem, and Victor Shoup. Context- dependent threshold decryption and its applications. Cryptology ePrint Archive, Paper 2025/279, 2025

work page 2025

[11] [11]

Batch decryption without epochs and its application to encrypted mempools

Dan Boneh, Evan Laufer, and Ertem Nusret Tas. Batch decryption without epochs and its application to encrypted mempools. Cryptology ePrint Archive, Paper 2025/1254, 2025

work page 2025

[12] [12]

BEAST-MEV: Batched threshold encryption with silent setup for MEV prevention

Jan Bormet, Arka Rai Choudhuri, Sebastian Faust, Sanjam Garg, Hussien Othman, Gu- ruVamsi Policharla, Ziyan Qu, and Mingyuan Wang. BEAST-MEV: Batched threshold encryption with silent setup for MEV prevention. Cryptology ePrint Archive, Paper 2025/1419, 2025

work page 2025

[13] [13]

BEAT-MEV: Epochless approach to batched threshold encryption for MEV prevention

Jan Bormet, Sebastian Faust, Hussien Othman, and Ziyan Qu. BEAT-MEV: Epochless approach to batched threshold encryption for MEV prevention. Cryptology ePrint Archive, Paper 2024/1533, 2024

work page 2024

[14] [14]

Cosmos Whitepaper: A Network of Distributed Ledgers

Ethan Buchman and Jae Kwon. Cosmos Whitepaper: A Network of Distributed Ledgers. Whitepaper, Tendermint, Inc., 2016. Accessed: 2026-03-13, Availableon:https://cosmos. network/resources/whitepaper. 15

work page 2016

[15] [15]

The latest gossip on BFT consensus

Ethan Buchman, Jae Kwon, and Zarko Milosevic. The latest gossip on BFT consensus. arXiv preprint arXiv:1807.04938, 2018

work page arXiv 2018

[16] [16]

Proposer/builder separation (PBS)

Vitalik Buterin. Proposer/builder separation (PBS). Ethereum Research,https:// ethresear.ch/t/proposer-block-builder-separation-friendly-fee-market-designs/ 9725, 2021. Accessed: 2026-03-13

work page 2021

[17] [17]

State of research: increasing censorship resistance of transactions under proposer/builder separation (PBS)

Vitalik Buterin. State of research: increasing censorship resistance of transactions under proposer/builder separation (PBS). Ethereum Notes, January 2022. Accessed: 2026-03-13

work page 2022

[18] [18]

Springer, 2011

Christian Cachin, Rachid Guerraoui, and Luis Rodrigues.Introduction to Reliable and Secure Distributed Programming. Springer, 2011

work page 2011

[19] [19]

On the (limited) power of non-equivocation

Christian Cachin, Klaus Kursawe, Frank Petzold, and Victor Shoup. On the (limited) power of non-equivocation. InProceedings of the 18th ACM Symposium on Principles of Distributed Computing (PODC), pages 53–62, 2001

work page 2001

[20] [20]

Secure and efficient asynchronous broadcast protocols

Christian Cachin, Klaus Kursawe, Frank Petzold, and Victor Shoup. Secure and efficient asynchronous broadcast protocols. InAdvances in Cryptology – CRYPTO 2001, pages 524–541. Springer Berlin Heidelberg, August 2001

work page 2001

[21] [21]

The design, architecture and performance of the Tendermint Blockchain Network

Daniel Cason, Enrique Fynn, Nenad Milosevic, Zarko Milosevic, Ethan Buchman, and Fernando Pedone. The design, architecture and performance of the Tendermint Blockchain Network. In40th IEEE International Symposium on Reliable Distributed Systems (SRDS 2021), pages 23–33. IEEE, 2021

work page 2021

[22] [22]

Practical Byzantine fault tolerance

Miguel Castro and Barbara Liskov. Practical Byzantine fault tolerance. InProceedings of the 3rd USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 173–186, 1999

work page 1999

[23] [23]

Mempool privacy via batched threshold encryption: Attacks and defenses

Arka Rai Choudhuri, Sanjam Garg, Julien Piet, and Guru-Vamsi Policharla. Mempool privacy via batched threshold encryption: Attacks and defenses. InProceedings of the 33rd USENIX Security Symposium. USENIX Association, 2024

work page 2024

[24] [24]

CometBFT: A distributed, Byzantine fault-tolerant state ma- chine replication engine.https://github.com/cometbft/cometbft

CometBFT Contributors. CometBFT: A distributed, Byzantine fault-tolerant state ma- chine replication engine.https://github.com/cometbft/cometbft. Accessed: 2026-03- 13

work page 2026

[25] [25]

Application of the Principles for Financial Market Infrastructures to Sta- blecoin Arrangements

CPMI-IOSCO. Application of the Principles for Financial Market Infrastructures to Sta- blecoin Arrangements. CPMI Papers 206, Bank for International Settlements, July 2022

work page 2022

[26] [26]

Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability

Philip Daian, Steven Goldfeder, Tyler Kell, Yunqi Li, Xueyuan Zhao, Iddo Bentov, Lorenz Breidenbach, and Ari Juels. Flash boys 2.0: Frontrunning in decentralized exchanges, miner extractable value, and consensus instability. InProceedings of the 2020 IEEE Symposium on Security and Privacy (SP), pages 910–927. IEEE, 2020

work page 2020

[27] [27]

Nar- whal and Tusk: A DAG-based mempool and efficient BFT consensus

George Danezis, Lefteris Kokoris-Kogias, Alberto Sonnino, and Alexander Spiegelman. Nar- whal and Tusk: A DAG-based mempool and efficient BFT consensus. InProceedings of the 17th European Conference on Computer Systems (EuroSys), pages 34–50, 2022

work page 2022

[28] [28]

Consensus in the presence of partial synchrony.Journal of the ACM, 35(2):288–323, April 1988

Cynthia Dwork, Nancy Lynch, and Larry Stockmeyer. Consensus in the presence of partial synchrony.Journal of the ACM, 35(2):288–323, April 1988

work page 1988

[29] [29]

High-level Recommendations for the Regulation, Supervision and Oversight of Crypto-Asset Activities and Markets

Financial Stability Board. High-level Recommendations for the Regulation, Supervision and Oversight of Crypto-Asset Activities and Markets. Technical report, Financial Stability Board, July 2023. Accessed: 2026-03-13. 16

work page 2023

[30] [30]

mev-boost: MEV-boost relay for ethereum.https://boost.flashbots.net/,

Flashbots. mev-boost: MEV-boost relay for ethereum.https://boost.flashbots.net/,

work page

[31] [32]

Illuminating Ethereum’s order flow landscape.https://writings.flashbots

Flashbots. Illuminating Ethereum’s order flow landscape.https://writings.flashbots. net/illuminate-the-order-flow, November 2023. Accessed: 2026-03-13

work page 2023

[32] [33]

Censorship resistance in on-chain auctions

Elijah Fox, Mallesh Pai, and Max Resnick. Censorship resistance in on-chain auctions. arXiv preprint arXiv:2301.13321, 2023

work page arXiv 2023

[33] [34]

Multiple concurrent proposers: Why and how.arXiv preprint arXiv:2509.23984, 2025

Pranav Garimidi, Joachim Neu, and Max Resnick. Multiple concurrent proposers: Why and how.arXiv preprint arXiv:2509.23984, 2025

work page arXiv 2025

[34] [35]

David K. Gifford. Weighted voting for replicated data. InProceedings of the 7th ACM Symposium on Operating Systems Principles (SOSP ’79), pages 150–162, New York, NY, USA, December 1979. Association for Computing Machinery

work page 1979

[35] [36]

Autobahn: Seamless high speed BFT.arXiv preprint arXiv:2401.10369, 2024

Neil Giridharan, Florian Suri-Payer, Ittai Abraham, Lorenzo Alvisi, and Natacha Crooks. Autobahn: Seamless high speed BFT.arXiv preprint arXiv:2401.10369, 2024

work page arXiv 2024

[36] [37]

Malachite: Flexible BFT consensus engine in Rust.https:// github.com/circlefin/malachite, 2026

Circle Internet Group. Malachite: Flexible BFT consensus engine in Rust.https:// github.com/circlefin/malachite, 2026. Accessed: 2026-03-13

work page 2026

[37] [38]

MEV in multiple concurrent proposer blockchains

Steven Landers and Benjamin Marsh. MEV in multiple concurrent proposer blockchains. arXiv preprint arXiv:2511.13080, 2025

work page arXiv 2025

[38] [39]

Liao, Rachel Mayer, Adrian Soghoian, Sanket Jain, and Erik Tierney

Gordon Y. Liao, Rachel Mayer, Adrian Soghoian, Sanket Jain, and Erik Tierney. Arc: An Open Layer-1 Blockchain Purpose-Built for Stablecoin Finance. Litepaper, Circle Internet Group, 2025. Accessed: 2026-03-13, Avaliable on:https://www.arc.network/litepaper

work page 2025

[39] [40]

Enshrined proposer-builder sep- aration (ePBS)

Mike Neuder and Justin Drake. Enshrined proposer-builder sep- aration (ePBS). Ethereum Research,https://ethresear.ch/t/ why-enshrine-proposer-builder-separation-a-viable-path-to-epbs/15710, 2023. Accessed: 2026-03-13

work page 2023

[40] [41]

Priority is all you need

Dan Robinson, Dave White, and Georgios FKonstantopoulos. Priority is all you need. Paradigm Research,https://www.paradigm.xyz/2024/06/priority-is-all-you-need, June 2024. Accessed: 2026-03-13

work page 2024

[41] [42]

Solana fee statistics.https://solanacompass.com/statistics/fees,

SolanaCompass. Solana fee statistics.https://solanacompass.com/statistics/fees,

work page

[42] [43]

Accessed: 2026-03-13

work page 2026

[43] [44]

Shoal: Improving DAG-BFT latency and robustness.arXiv preprint arXiv:2306.03058, 2023

Alexander Spiegelman, Balaji Arun, Rati Gelashvili, and Zekun Li. Shoal: Improving DAG-BFT latency and robustness.arXiv preprint arXiv:2306.03058, 2023

work page arXiv 2023

[44] [45]

Bull- shark: DAG BFT protocols made practical

AlexanderSpiegelman, NivGiridharan, AlbertoSonnino, andLefterisKokoris-Kogias. Bull- shark: DAG BFT protocols made practical. InProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS), pages 2705–2718, 2022

work page 2022

[45] [46]

Mir-BFT: High-throughput robust BFT for decentralized networks.arXiv preprint arXiv:1906.05552, 2019

Chrysoula Stathakopoulou, Tudor David, Matej Pavlovic, and Marko Vukolić. Mir-BFT: High-throughput robust BFT for decentralized networks.arXiv preprint arXiv:1906.05552, 2019

work page arXiv 1906

[46] [47]

State machine replication scalability made simple

Chrysoula Stathakopoulou, Matej Pavlovic, and Marko Vukolić. State machine replication scalability made simple. InProceedings of the 17th European Conference on Computer Systems (EuroSys), pages 17–33, 2022. 17

work page 2022

[47] [48]

Multipleproposertransaction fee mechanism design: Robust incentives against censorship and bribery.arXiv preprint arXiv:2505.13751, 2025

Aikaterini-PanagiotaStouka, JulianMa, andThomasThiery. Multipleproposertransaction fee mechanism design: Robust incentives against censorship and bribery.arXiv preprint arXiv:2505.13751, 2025

work page arXiv 2025

[48] [49]

EIP-7805: Fork-choice enforced inclusion lists (FOCIL)

Thomas Thiery, Francesco D’Amato, et al. EIP-7805: Fork-choice enforced inclusion lists (FOCIL). Ethereum Improvement Proposal,https://eips.ethereum.org/EIPS/ eip-7805, November 2024. Accessed: 2026-03-13

work page 2024

[49] [50]

Prefixconsensusforcensorship resistant BFT.arXiv preprint arXiv:2602.02892, 2026

ZhuolunXiang, AndreiTonkikh, andAlexanderSpiegelman. Prefixconsensusforcensorship resistant BFT.arXiv preprint arXiv:2602.02892, 2026

work page arXiv 2026

[50] [51]

Reiter, Guy Golan-Gueta, and Ittai Abraham

Maofan Yin, Dahlia Malkhi, Michael K. Reiter, Guy Golan-Gueta, and Ittai Abraham. Hotstuff: Bft consensus with linearity and responsiveness. InProceedings of the 2019 ACM Symposium on Principles of Distributed Computing (PODC), pages 347–356. ACM, 2019

work page 2019

[51] [52]

CommitCertificates

Haoqian Zhang, Louis-Henri Merino, Ziyan Qu, Mahsa Bastankhah, Vero Estrada- Galiñanes, and Bryan Ford. F3B: A low-overhead blockchain architecture with per- transaction front-running protection. InProceedings of the 5th Conference on Advances in Financial Technologies (AFT 2023), volume 282 ofLIPIcs, pages 3:1–3:23, 2023. A Correctness This section argue...

work page 2023