Conventional blockchains use consensus algorithms that totally order updates across all accounts, which is stronger than necessary to implement a replicated ledger. This makes updates slower and more expensive than necessary. More recent consensus-free replicated ledgers forego consensus algorithms, with significant increase in performance and decrease in infrastructure costs. However, current designs are based around reliable broadcast of update operations to all replicas which require reliable message delivery and reasoning over operation histories to establish convergence and safety. In this paper, we present a replicated ledger as a state-based conflict-free replicated data type (CRDT) based on grow-only counters. This design provides two major benefits: 1) it requires a weaker eventual transitive delivery of the latest state rather than reliable broadcast of all update operations to all replicas; 2) eventual convergence and safety properties can be proven easily without having to reason over operation histories: convergence comes from the composition of grow-only counters, themselves CRDTs, and safety properties can be expressed over the state of counters, locally and globally. In addition, applications that tolerate temporary negative balances require no additional mechanisms and applications that require strictly non-negative balances can be supported by enforcing sequential updates to the same account across replicas. Our design is sufficient when executing on replicas that might crash and recover, as common in deployments in which all replicas are managed by trusted entities. It may also provide a good foundation to explore new mechanisms for tolerating adversarial replicas.

翻译：传统区块链采用共识算法对所有账户的更新进行全排序，这比实现复制账本所需的严格条件更强，导致更新速度较慢且成本较高。较新的无共识复制账本摒弃了共识算法，显著提升了性能并降低了基础设施成本。然而，现有设计基于将更新操作可靠广播至所有副本，这要求可靠的消息传递以及对操作历史进行推理以确保收敛性和安全性。本文提出一种基于仅增长计数器的状态型无冲突复制数据类型（CRDT）的复制账本。该设计具有两大优势：1）仅需对最新状态进行较弱的最终传递性广播，而非将所有更新操作可靠广播至所有副本；2）最终收敛性和安全性可无需推理操作历史而轻松证明：收敛性源于仅增长计数器（其本身即为CRDT）的组合，安全性则可基于计数器状态的局部与全局性质进行表述。此外，容忍临时负余额的应用无需额外机制，而要求严格非负余额的应用可通过强制跨副本对同一账户进行顺序更新来支持。当副本可能崩溃并恢复（如所有副本由可信实体管理的典型部署场景）时，该设计仍可有效运行。同时，它也为探索抵御恶意副本的新机制提供了良好基础。