CoBRA: A Universal Strategyproof Confirmation Protocol for Quorum-based Proof-of-Stake Blockchains

The security of many Proof-of-Stake (PoS) payment systems relies on quorum-based State Machine Replication (SMR) protocols. While classical analyses assume purely Byzantine faults, real-world systems must tolerate both arbitrary failures and strategic, profit-driven validators. We therefore study quorum-based SMR under a hybrid model with honest, Byzantine, and rational participants. We first establish the fundamental limitations of traditional consensus mechanisms, proving two impossibility results: (1) in partially synchronous networks, no quorum-based protocol can achieve SMR when rational and Byzantine validators collectively exceed $1/3$ of the participants; and (2) even under synchronous network assumptions, SMR remains unattainable if this coalition comprises more than $2/3$ of the validator set. Assuming a synchrony bound $Δ$, we show how to extend any quorum-based SMR protocol to tolerate up to $1/3$ Byzantine and $1/3$ rational validators by modifying only its finalization rule. Our approach enforces a necessary bound on the total transaction volume finalized within any time window $Δ$ and introduces the \emph{strongest chain rule}, which enables efficient finalization of transactions when a supermajority of honest participants provably supports execution. Empirical analysis of Ethereum and Cosmos demonstrates validator participation exceeding the required $5/6$ threshold in over $99%$ of blocks, supporting the practicality of our design. Finally, we present a recovery mechanism that restores safety and liveness after consistency violations, even with up to $5/9$ Byzantine stake and $1/9$ rational stake, guaranteeing full reimbursement of provable client losses.

翻译：许多权益证明（PoS）支付系统的安全性依赖于基于仲裁的状态机复制（SMR）协议。经典分析假设纯拜占庭故障，而现实系统必须同时容忍任意错误和策略性、逐利的验证者。因此，我们在包含诚实、拜占庭和理性参与者的混合模型下研究基于仲裁的SMR。首先，我们确定了传统共识机制的基本局限性，证明了两个不可能性结果：（1）在部分同步网络中，当理性和拜占庭验证者合计超过参与者$1/3$时，任何基于仲裁的协议都无法实现SMR；（2）即使在同步网络假设下，若这一合谋群体占验证者集合比例超过$2/3$，SMR仍然无法实现。在同步边界$Δ$的假设下，我们展示了如何通过仅修改最终确定规则，将任意基于仲裁的SMR协议扩展为可容忍高达$1/3$拜占庭和$1/3$理性验证者。我们的方法对任意时间窗口$Δ$内最终确定的交易总量施加必要界限，并引入\textit{最强链规则}，从而在可证明的诚实参与者超多数支持执行时实现交易的高效最终确定。对以太坊和Cosmos的实证分析表明，超过$99\%$的区块中验证者参与度超过所需的$5/6$阈值，支持了我们设计的实用性。最后，我们提出了一种恢复机制，即使在拜占庭质押占比高达$5/9$且理性质押占比$1/9$的情况下，也能在一致性违规后恢复安全性和活性，并保证客户可证明损失的全额补偿。