Sharding distributed ledgers is a promising on-chain solution for scaling blockchains but lacks formal grounds, nurturing skepticism on whether such complex systems can scale blockchains securely. We fill this gap by introducing the first formal framework as well as a roadmap to robust sharding. In particular, we first define the properties sharded distributed ledgers should fulfill. We build upon and extend the Bitcoin backbone protocol by defining consistency and scalability. Consistency encompasses the need for atomic execution of cross-shard transactions to preserve safety, whereas scalability encapsulates the speedup a sharded system can gain in comparison to a non-sharded system. Using our model, we explore the limitations of sharding. We show that a sharded ledger with $n$ participants cannot scale under a fully adaptive adversary, but it can scale up to $m$ shards where $n=c'm\log m$, under an epoch-adaptive adversary; the constant $c'$ encompasses the trade-off between security and scalability. This is possible only if the sharded ledgers create succinct proofs of the valid state updates at every epoch. We leverage our results to identify the sufficient components for robust sharding, which we incorporate in a protocol abstraction termed Divide & Scale. To demonstrate the power of our framework, we analyze the most prominent sharded blockchains (Elastico, Monoxide, OmniLedger, RapidChain) and pinpoint where they fail to meet the desired properties.

翻译：分片分布式账本是一种有前景的区块链扩展链上解决方案，但缺乏正式的理论基础，因此引发了人们对这种复杂系统能否安全扩展区块链的质疑。我们通过引入首个正式框架以及鲁棒分片的路线图来填补这一空白。具体而言，我们首先定义了分片分布式账本应满足的属性。我们基于并扩展了比特币骨干协议，定义了一致性和可扩展性。一致性包含跨分片事务原子执行以保障安全性的需求，而可扩展性则概括了分片系统相比非分片系统所能获得的加速比。利用我们的模型，我们探索了分片的局限性。我们证明，在完全自适应 adversary 下，包含 $n$ 个参与者的分片账本无法实现扩展，但在 epoch-自适应 adversary 下，可以扩展到 $m$ 个分片，其中 $n=c'm\log m$；常数 $c'$ 体现了安全性与可扩展性之间的权衡。这只有在分片账本在每个 epoch 创建有效状态更新的简洁证明时才有可能实现。我们利用这些结果识别出鲁棒分片的充分组件，并将其整合进一个名为 Divide & Scale 的协议抽象中。为展示我们框架的能力，我们分析了最著名的分片区块链（Elastico、Monoxide、OmniLedger、RapidChain），并指出了它们未能满足所需属性的具体方面。