Finality Mechanism
Finality Overview
Savitri Network achieves probabilistic finality through BFT consensus with cryptographic certificates. Finality is reached when a block receives sufficient validator signatures to make reversal computationally infeasible.
Finality Guarantees
Safety Properties
- No Forks: Once finalized, blocks cannot be reversed
- Consistency: All honest nodes agree on finalized chain
- Irreversibility: Economic penalties prevent finality violations
- Determinism: Finality is deterministic given validator set
Liveness Properties
- Progress: New blocks are continuously finalized
- Availability: Network can finalize blocks with >2/3 honest validators
- Recovery: System recovers from temporary network partitions
- Timeliness: Finality occurs within bounded time
Certificate Generation
Certificate Structure
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ConsensusCertificate {
pub block_hash: [u8; 64], // Finalized block hash
pub round: u64, // Consensus round
pub height: u64, // Block height
pub signatures: Vec<[u8; 64]>, // Validator signatures
pub timestamp: u64, // Certificate timestamp
pub validator_set_hash: [u8; 64], // Validator set commitment
pub threshold: u32, // Signature threshold (2f+1)
}
Certificate Generation Algorithm
impl CertificateGenerator {
pub fn generate_certificate(
&self,
block_hash: [u8; 64],
round: u64,
height: u64,
votes: &[ConsensusVote],
validator_set: &[Validator],
) -> Result<ConsensusCertificate, CertificateError> {
// 1. Validate vote consistency
self.validate_vote_consistency(votes, block_hash, round, height)?;
// 2. Filter valid votes
let valid_votes: Vec<_> = votes.iter()
.filter(|vote| self.is_valid_vote(vote, validator_set))
.collect();
// 3. Check threshold (2f+1)
let fault_tolerance = (validator_set.len() - 1) / 3;
let required_signatures = 2 * fault_tolerance + 1;
if valid_votes.len() < required_signatures {
return Err(CertificateError::InsufficientSignatures {
required: required_signatures,
received: valid_votes.len(),
});
}
// 4. Collect signatures
let signatures: Vec<[u8; 64]> = valid_votes
.iter()
.map(|vote| vote.signature)
.collect();
// 5. Create certificate
let certificate = ConsensusCertificate {
block_hash,
round,
height,
signatures,
timestamp: current_timestamp(),
validator_set_hash: self.compute_validator_set_hash(validator_set),
threshold: required_signatures as u32,
};
// 6. Verify certificate
self.verify_certificate(&certificate, validator_set)?;
Ok(certificate)
}
}
Vote Validation
impl CertificateGenerator {
pub fn validate_vote_consistency(
&self,
votes: &[ConsensusVote],
expected_block_hash: [u8; 64],
expected_round: u64,
expected_height: u64,
) -> Result<(), CertificateError> {
for vote in votes {
if vote.block_hash != expected_block_hash {
return Err(CertificateError::InconsistentBlockHash {
expected: expected_block_hash,
found: vote.block_hash,
});
}
if vote.round != expected_round {
return Err(CertificateError::InconsistentRound {
expected: expected_round,
found: vote.round,
});
}
if vote.height != expected_height {
return Err(CertificateError::InconsistentHeight {
expected: expected_height,
found: vote.height,
});
}
}
Ok(())
}
pub fn is_valid_vote(&self, vote: &ConsensusVote, validator_set: &[Validator]) -> bool {
// 1. Check if voter is in validator set
let validator = validator_set.iter()
.find(|v| v.address == vote.voter)?;
// 2. Verify vote signature
let vote_data = self.serialize_vote_data(vote);
let signature_valid = verify_signature(
&vote.signature,
&validator.public_key,
&vote_data,
);
// 3. Check timestamp freshness
let vote_age = current_timestamp() - vote.timestamp;
let timestamp_valid = vote_age <= MAX_VOTE_AGE;
// 4. Check for double voting
let no_double_vote = !self.has_voted_in_round(&vote.voter, vote.round, vote.height);
signature_valid && timestamp_valid && no_double_vote
}
}
Finality Detection
Finality Engine
pub struct FinalityEngine {
pub pending_certificates: LruCache<[u8; 64], PendingCertificate>,
pub finalized_blocks: LruCache<u64, FinalizedBlock>,
pub certificate_store: CertificateStore,
pub finality_threshold: Duration, // Time to wait for finality
}
pub struct PendingCertificate {
pub block_hash: [u8; 64], // Block hash
pub round: u64, // Consensus round
pub height: u64, // Block height
pub votes_received: Vec<ConsensusVote>, // Received votes
pub required_votes: u32, // Required votes
pub created_at: Instant, // Creation timestamp
}
impl FinalityEngine {
pub fn process_vote(&mut self, vote: ConsensusVote) -> Result<Option<ConsensusCertificate>, FinalityError> {
let block_key = vote.block_hash;
// 1. Get or create pending certificate
let pending = self.pending_certificates.get_mut(&block_key)
.or_insert_with(|| self.create_pending_certificate(&vote));
// 2. Add vote if valid
if self.is_valid_vote_for_pending(&vote, pending) {
pending.votes_received.push(vote);
}
// 3. Check if finality threshold reached
if pending.votes_received.len() >= pending.required_votes {
let certificate = self.generate_certificate_from_pending(pending)?;
// 4. Mark block as finalized
self.finalize_block(&certificate)?;
// 5. Remove from pending
self.pending_certificates.pop(&block_key);
return Ok(Some(certificate));
}
Ok(None)
}
pub fn finalize_block(&mut self, certificate: &ConsensusCertificate) -> Result<(), FinalityError> {
let finalized_block = FinalizedBlock {
block_hash: certificate.block_hash,
height: certificate.height,
certificate: certificate.clone(),
finalized_at: Instant::now(),
};
// Store finalized block
self.finalized_blocks.put(certificate.height, finalized_block);
// Store certificate
self.certificate_store.store_certificate(certificate)?;
// Update chain state
self.update_chain_state(certificate)?;
Ok(())
}
}
Finality Confirmation
impl FinalityEngine {
pub fn is_block_finalized(&self, block_hash: &[u8; 64]) -> bool {
// Check in finalized blocks
for (_, finalized) in self.finalized_blocks.iter() {
if finalized.block_hash == *block_hash {
return true;
}
}
false
}
pub fn get_finalized_height(&self) -> u64 {
self.finalized_blocks
.iter()
.map(|(height, _)| *height)
.max()
.unwrap_or(0)
}
pub fn get_finality_proof(&self, height: u64) -> Option<ConsensusCertificate> {
self.finalized_blocks.get(&height)
.map(|finalized| finalized.certificate.clone())
}
}
BFT Finality Properties
Fault Tolerance
pub struct BFTParameters {
pub total_validators: usize, // Total validators
pub fault_tolerance: usize, // Byzantine fault tolerance
pub required_signatures: usize, // Required for finality
pub honest_threshold: usize, // Honest validators needed
}
impl BFTParameters {
pub fn new(total_validators: usize) -> Self {
let fault_tolerance = (total_validators - 1) / 3;
let required_signatures = 2 * fault_tolerance + 1;
let honest_threshold = total_validators - fault_tolerance;
Self {
total_validators,
fault_tolerance,
required_signatures,
honest_threshold,
}
}
pub fn can_finalize(&self, honest_validators: usize) -> bool {
honest_validators >= self.required_signatures
}
pub fn is_safe(&self, byzantine_validators: usize) -> bool {
byzantine_validators <= self.fault_tolerance
}
}
Safety Proof
impl FinalityEngine {
pub fn prove_safety(&self, certificate: &ConsensusCertificate) -> SafetyProof {
let bft_params = BFTParameters::new(certificate.signatures.len());
SafetyProof {
block_hash: certificate.block_hash,
height: certificate.height,
signatures_count: certificate.signatures.len(),
fault_tolerance: bft_params.fault_tolerance,
honest_validators: bft_params.honest_threshold,
safety_guarantee: self.compute_safety_guarantee(&bft_params),
}
}
fn compute_safety_guarantee(&self, params: &BFTParameters) -> SafetyGuarantee {
// With 2f+1 signatures, at most f validators can be Byzantine
// Therefore at least f+1 validators are honest
// Honest validators cannot sign conflicting blocks
SafetyGuarantee {
cannot_revert: true,
honest_validators: params.honest_threshold,
byzantine_tolerance: params.fault_tolerance,
economic_security: self.compute_economic_security(params),
}
}
}
Finality Timing
Timing Model
pub struct FinalityTiming {
pub slot_duration: Duration, // Slot duration (500ms)
pub voting_window: Duration, // Voting window per slot
pub certificate_generation: Duration, // Certificate generation time
pub network_propagation: Duration, // Network propagation delay
pub finality_target: Duration, // Target finality time
}
impl Default for FinalityTiming {
fn default() -> Self {
Self {
slot_duration: Duration::from_millis(500),
voting_window: Duration::from_millis(300),
certificate_generation: Duration::from_millis(100),
network_propagation: Duration::from_millis(100),
finality_target: Duration::from_millis(1500), // 3 slots
}
}
}
Finality Latency Calculation
impl FinalityTiming {
pub fn calculate_expected_finality(&self, network_conditions: &NetworkConditions) -> Duration {
let base_latency = self.slot_duration + self.voting_window + self.certificate_generation;
let network_delay = self.network_propagation * network_conditions.latency_multiplier;
let congestion_delay = if network_conditions.congestion_level > 0.8 {
Duration::from_millis(500)
} else {
Duration::ZERO
};
base_latency + network_delay + congestion_delay
}
pub fn is_finality_within_target(&self, actual_finality: Duration) -> bool {
actual_finality <= self.finality_target * 2 // Allow 2x target
}
}
Finality Optimization
Fast Finality
pub struct FastFinalityEngine {
pub base_engine: FinalityEngine, // Base finality engine
pub optimistic_finality: OptimisticFinality, // Optimistic finality
pub fast_path_threshold: u32, // Fast path threshold
}
impl FastFinalityEngine {
pub fn process_vote_optimistic(&mut self, vote: ConsensusVote) -> Result<Option<ConsensusCertificate>, FinalityError> {
// Try optimistic finality first
if let Some(certificate) = self.optimistic_finality.try_optimistic_finality(&vote)? {
return Ok(Some(certificate));
}
// Fall back to standard finality
self.base_engine.process_vote(vote)
}
pub fn enable_optimistic_finality(&mut self, conditions: &OptimisticConditions) {
if conditions.network_stability > 0.95
&& conditions.validator_honesty > 0.9
&& conditions.low_latency {
self.optimistic_finality.enable();
} else {
self.optimistic_finality.disable();
}
}
}
Parallel Certificate Generation
pub struct ParallelCertificateGenerator {
pub worker_pool: ThreadPool, // Worker thread pool
pub batch_size: usize, // Batch size for parallel processing
}
impl ParallelCertificateGenerator {
pub fn generate_certificate_parallel(
&self,
votes: &[ConsensusVote],
validator_set: &[Validator],
) -> Result<ConsensusCertificate, CertificateError> {
// Split votes into batches for parallel processing
let batches: Vec<_> = votes.chunks(self.batch_size).collect();
// Process batches in parallel
let batch_results: Result<Vec<_>, _> = self.worker_pool.install(|| {
batches.into_par_iter()
.map(|batch| self.process_vote_batch(batch, validator_set))
.collect()
});
let valid_votes = batch_results?.into_iter().flatten().collect();
// Generate certificate from valid votes
self.generate_certificate_from_votes(valid_votes, validator_set)
}
}
Finality Monitoring
Finality Metrics
pub struct FinalityMetrics {
pub blocks_finalized: u64, // Total blocks finalized
pub avg_finality_time: Duration, // Average finality time
pub finality_rate: f64, // Blocks per second finalized
pub certificate_size: usize, // Average certificate size
pub validator_participation: f64, // Validator participation rate
pub missed_finality: u64, // Missed finality events
}
impl FinalityEngine {
pub fn get_metrics(&self) -> FinalityMetrics {
let finalized_blocks: Vec<_> = self.finalized_blocks.iter()
.map(|(_, block)| block)
.collect();
if finalized_blocks.is_empty() {
return FinalityMetrics::default();
}
let total_finality_time: Duration = finalized_blocks.iter()
.map(|block| block.finalized_at.elapsed())
.sum();
let avg_finality_time = total_finality_time / finalized_blocks.len() as u32;
let finality_rate = finalized_blocks.len() as f64 / total_finality_time.as_secs_f64();
FinalityMetrics {
blocks_finalized: finalized_blocks.len() as u64,
avg_finality_time,
finality_rate,
certificate_size: self.get_average_certificate_size(),
validator_participation: self.get_validator_participation(),
missed_finality: self.get_missed_finality_count(),
}
}
}
Finality Health Checks
pub struct FinalityHealthChecker {
pub max_finality_time: Duration, // Maximum acceptable finality time
pub min_participation_rate: f64, // Minimum participation rate
pub max_missed_finality: u64, // Maximum missed finality per hour
}
impl FinalityHealthChecker {
pub fn check_finality_health(&self, metrics: &FinalityMetrics) -> HealthStatus {
let mut issues = Vec::new();
if metrics.avg_finality_time > self.max_finality_time {
issues.push(HealthIssue::SlowFinality {
actual: metrics.avg_finality_time,
threshold: self.max_finality_time,
});
}
if metrics.validator_participation < self.min_participation_rate {
issues.push(HealthIssue::LowParticipation {
actual: metrics.validator_participation,
threshold: self.min_participation_rate,
});
}
if metrics.missed_finality > self.max_missed_finality {
issues.push(HealthIssue::MissedFinality {
actual: metrics.missed_finality,
threshold: self.max_missed_finality,
});
}
if issues.is_empty() {
HealthStatus::Healthy
} else {
HealthStatus::Unhealthy(issues)
}
}
}
Finality Security
Certificate Verification
pub struct CertificateVerifier {
pub signature_verifier: SignatureVerifier, // Signature verification
pub timestamp_validator: TimestampValidator, // Timestamp validation
pub integrity_checker: IntegrityChecker, // Certificate integrity
}
impl CertificateVerifier {
pub fn verify_certificate(&self, certificate: &ConsensusCertificate) -> Result<bool, VerificationError> {
// 1. Verify certificate structure
self.integrity_checker.check_structure(certificate)?;
// 2. Verify all signatures
for signature in &certificate.signatures {
if !self.signature_verifier.verify_signature(signature, certificate)? {
return Ok(false);
}
}
// 3. Verify timestamp freshness
if !self.timestamp_validator.is_timestamp_valid(certificate.timestamp)? {
return Ok(false);
}
// 4. Verify threshold
if certificate.signatures.len() < certificate.threshold as usize {
return Ok(false);
}
Ok(true)
}
}
Finality Attack Prevention
pub struct FinalityAttackPrevention {
pub double_signing_detector: DoubleSigningDetector,
pub certificate_replay_detector: CertificateReplayDetector,
pub timing_attack_detector: TimingAttackDetector,
}
impl FinalityAttackPrevention {
pub fn detect_finality_attack(&self, certificate: &ConsensusCertificate) -> Option<FinalityAttack> {
// Check for double signing
if let Some(attack) = self.double_signing_detector.check_certificate(certificate) {
return Some(attack);
}
// Check for certificate replay
if let Some(attack) = self.certificate_replay_detector.check_certificate(certificate) {
return Some(attack);
}
// Check for timing attacks
if let Some(attack) = self.timing_attack_detector.check_certificate(certificate) {
return Some(attack);
}
None
}
}
Configuration
Finality Configuration
pub struct FinalityConfig {
pub bft_parameters: BFTParameters, // BFT parameters
pub timing: FinalityTiming, // Timing configuration
pub optimization: FinalityOptimization, // Optimization settings
pub monitoring: FinalityMonitoring, // Monitoring configuration
pub security: FinalitySecurity, // Security settings
}
impl Default for FinalityConfig {
fn default() -> Self {
Self {
bft_parameters: BFTParameters::new(256), // 256 validators
timing: FinalityTiming::default(),
optimization: FinalityOptimization::default(),
monitoring: FinalityMonitoring::default(),
security: FinalitySecurity::default(),
}
}
}
This finality mechanism provides strong guarantees for blockchain state immutability while maintaining high performance and security standards required for enterprise-grade infrastructure.