1. Introduction and possible solutions. In this review paper we wanted to emphasize the key characteristics and diferences regardEven though initially used in cryptocurrencies like Bit- ing the security aspects of consensus mechanism which coin and Ethereum, blockchain technologies (BCTs) have are used in all of the hyperledger Blockchains, with the long surpassed this use-case [1, 2]. Transactions that goal of answering the question of which consensus mechform blocks which in turn form the chain are the key anism is the most secure. aspect of all BCTs. However, we can diferentiate be- This paper is organized as follows. After the Introductween several methods of block formation, level of access tion, we examine the diferent variants of Hyperledger and, of course, consensus mechanism used. Hyperledger DLTs. Afterwards, we analyze the consensus mecharepresents an opensource code that is under the Linux nisms used in the DLTs. The results section focuses on foundation. This collaboration initiative began as an idea vulnerabilities of each mechanism and possible solutions to promote and improve BCTs and expand the possibility to overcome those vulnerabilities. Finally, we give some of its use in the business use-cases, for enterprise level concluding remarks. solutions. By using Hyperledger BCT, which encompasses multiple distributed ledger technologies (DLTs), libraries and tools in the business processes, we can im- 2. Hyperledger distributed ledgers prove transparency, enhance liability and trust between business partners. However, for diferent BCT-based applications, depending on the need, some of the DLTs are more suitable than others [3].

The aim of this paper is to examine the most popular Hyperledger projects: Fabric, Sawtooth, Iroha, Indy, Burrow and Besu, in terms of security properties of the consensus mechanisms used, and to make the comparative analysis of the consensus mechanism vulnerabilities Blockchain technologies represent a dramatic improvement to the landscape of information collection, distribution, and governance [4]. Blockchain technology was originally the name given to the design that underpins the operation of the digital currency Bitcoin. Bitcoin’s creator never used the term "blockchain" in his whitepaper, and reading it gives the distinct impression that the author was not introducing a new technology in the traditional sense, but rather a software design drawing on several BISEC’22: 13th International Conference on Business Information existing technologies to allow him to create a "purely Security, December 03, 2022, Belgrade, Serbia peer-to-peer version of electronic cash". The essence * Corresponding author. of Bitcoin’s blockchain operation is that whenever two n$emsaarnaj.an.izkdorlaivc@komviect@rompoeltirtoapno.alict.arsn.(aSc..rNsi(kNo.liZć)d;ravković); network members interact through a transaction, they anigor.franc@metropolitan.ac.rs (I. Franc); arivazhn@srmist.edu.in nounce their transaction to all network members (nodes), (N. Arivazhagan) who record the transaction into a block with a limited © 2023 Copyright for this paper by its authors. Use permitted under Creative Commons License capacity. Once the block is full, nodes perform the soCPWrEooUrckReshdoinpgs IhStpN:/c1e6u1r3-w-0s.o7r3g ACttEribUutRion W4.0oInrtekrnsahtioonpal (PCCroBYce4.0e).dings (CEUR-WS.org) called Proof-of-Work operations that are mathematically Gorli test networks. Hyperledger Besu includes several dificult to solve, although with predictable results, i.e. consensus algorithms such as Proof-of-Work (PoW) and the correct solution is simple to verify. These mathemat- Proof-of-Assignment (PoA). Its comprehensive permisical operations have nothing to do with bitcoin trans- sioning schemes are designed specifically for use in a actions, but they are critical to the system’s operation, consortium environment [8]. because they force verifying nodes to expend processing In terms of usage, potential, and eficiency, Hyperpower that would otherwise be wasted if they included ledger Fabric is one of Hyperledger’s leading projects. any fraudulent or invalid transactions. The first node Fabric’s architecture is highly modular and configurable, to correctly solve the Proof-of-Work problem broadcasts allowing for innovation, versatility, and optimization the solution to all other nodes, along with the block of across a wide range of use cases, including banking, fitransactions. Nodes can quickly and eficiently verify the nance, insurance, healthcare, human resources, supply accuracy of transactions and solutions, and when 51% chains, and even digital music distribution. Fabric is inof the network’s processing power votes to approve a tended to serve as a foundation for developing modular block, nodes start recording new transactions to a new, applications or solutions. It allows components, such as amended block [5]. consensus and membership services, to be plug and-play.

Blockchain imposes fundamental changes to the way It also provides a unique approach to consensus that enpersonal data are currently being processed, and can ables performance at scale while maintaining privacy improve current data security solutions. A Blockchain [8]. is therefore a shared, append-only distributed ledger, in Hyperledger Indy focuses on Decentralized Digital which all transactions, which can describe events (e.g. Identities (DIDs) and intends to help those application changes to bank accounts, updates to an electronic health domains where DIDs play an important and vital role. record, each step in a supply chain, etc.) are stored in As a result, it ofers tools, frameworks, and reusable comlinked blocks [6]. ponents to make digital identities based on blockchains

The Hyperledger Project is a collaborative efort to or other distributed ledgers compatible across admindevelop an open-source, enterprise-grade distributed istrative domains, apps, and any other silo. Indy is inledger framework and code base. It seeks to develop teroperable with various blockchains and may be used blockchain technology by finding and implementing a independently to power identity decentralization. With cross-industry open standard platform for distributed its unique consensus and ordering service algorithms, ledgers that has the potential to change the way com- comprehensive role-based permission model, and multimercial transactions are handled globally [7]. All Hyper- signature support, Hyperledger Iroha is an easy-to-use ledger projects are open source and free to use. Except modular distributed blockchain platform [8]. for Hyperledger Indy which focuses on decentralized With its unique consensus and ordering service algoidentity, all Hyperledger projects focus on general pur- rithms, comprehensive role-based permission model, and pose applications. However, the consensus mechanism is multi-signature support, Hyperledger Iroha is an easy-toone of the fundamental diferences between the projects. use modular distributed blockchain platform [8]. HyperDue to the wide range of blockchain usage needs, Hy- ledger Iroha concentrates on the evolution of applications perledger is developing a number of diferent consensus of mobile in combination with client libraries for both mechanisms [3]. Table 1 shows a summary of the key sim- iOS and Android. This is a well-organized set of libraries ilarities and diferences between Hyperledger projects and components. The synchronization and storage of [3]. The purpose of Hyperledger is to therefore provide data are performed of-device, and default network-wide eficient and robust blockchain systems and distributed repudiation system is done to verify validated nodes [9]. ledgers for the creation of distributed services, i.e., sys- Hyperledger Sawtooth provides a flexible and modutems in which all nodes in a network have the same lar architecture that separates the core system from the copy of a ledger that can be read and edited indepen- application domain, allowing smart contracts to express dently by individual nodes. Hyperledger presently hosts business rules for applications without needing to know sixteen projects, which are organized into four macro- the underlying core system design. It supports a varicategories: Distributed Ledgers, Libraries, Tools, and ety of consensus algorithms, such as Practical Byzantine Domain-Specific. The six frameworks described below Fault Tolerance (PBFT) and Proof of Elapsed Time (POT) are the main strengths of Hyperledger [8]. (PoET) [8]. Hyperledger Sawtooth is an open source distributed ledger designed for the modern enterprise. 2.1. Key Hyperledger Projects Unlike many popular blockchains, Sawtooth is not built for cryptocurrency, but instead for business supply chain Hyperledger Besu is an Ethereum client that is intended management. To enhance performance, Sawtooth exefor enterprise use in both public and private permissioned cutes transactions in parallel instead of serially over a networks. It can also be tested on Rinkeby, Ropsten, and REST API. Sawtooth currently supports four alternative consensus algorithms. There really are four of them: Dev the most important technological decisions behind the mode, PoET, PoET-Simulator, and RAFT [ 10 ]. architectural features of the Hyperledger frameworks

Developers and architects can use Hyperledger Bur- implementations that may be able to cope with user rerow to design an Ethereum virtual machine environment quirements, as showed in Fig. 1. The symbol [*] means within the context of their Fabric and Sawtooth networks. ”every ledger” considered in [8].

It is a solution for combining Ethereum functionality with Hyperledger functionality [8]. Monax created Hyperledger Burrow, which Intel guarantees [9]. Burrow is 3. Consensus mechanisms analysis a permissioned blockchain in which nodes, similar to the EVM, carry out smart contracts. Hyperledger Burrow is A consensus mechanism is a protocol in place to ensure designed for multichain environments with application that all participants in the blockchain network follow specifc contracts but coordinating a diferent domain. the agreed-upon rules [4, 11]. It assures that the trans

Palma et al. [8] presented a summary utility tree of actions come from a legitimate source by requiring that every participant agree to the status of the distributed rizations from network participants for the verification ledger. The public blockchain is a decentralized technol- and authentication of all blockchain network activity. ogy, and there is no centralized authority to control the The entire process is based on network participants conrequired act. As a result, the network requires autho- sensus, which makes blockchain a trustless, secure, and dependable platform for digital transactions [12]. There blockchain mining mechanism presented in the literare several well-established methods by which diferent ature used by the Bitcoin blockchain [1] and later it nodes in a blockchain network can reach consensus over was adopted by the other cryptocurrencies like Litea new block [ 13 ]. coin, Ethereum, Monerocoin, and Dogecoin. It involves

Proof of Elapsed Time (PoET) is an Intel-proposed con- high algorithm cost with an open quorum structure [17]. sensus mechanism that operates similarly to PoW but The computationally expensive problem is crucial to the consumes substantially less energy. Miners must solve PoW mechanism: it must be dificult enough to solve to a hash problem similar to PoWin this manner. Instead disincentivize attackers who want to contaminate the of a competition among miners to solve the next block, blockchain due to the high costs of obtaining a solution. the winning miner is chosen at random based on a ran- Similarly, validating the suggested solution must be easy dom wait time. The miner whose timer runs out first is so that it may be easily accepted by other nodes and the the winner [ 13 ]. Its core mechanism is based on Intel’s correctness of the solution is transparent to the network, Software Guard Extensions (SGX) technology [14] that regardless of the computational power of any network has the ability to digitally attest that some code has been node. Bitcoin’s dificulty is to determine a value known correctly set up in aso called “Trusted Execution Environ- as a "nonce." This nonce is generated by merging the ment” [15]. In PoET, this code is a function that generates proposed block’s content to generate a new hash output a random time period that must be waited out by each that falls within a target range, such as a target hash node [16]. PoET is a scalable and eficient mechanism, prefixed with a number of 0’s. The desirable output of particularly for permissioned networks. It generates a a nonce can only be determined by brute force due to randomized model for picking block producers that does the nature of hashing algorithms. As a result, it is highly not require resource-intensive processing as in PoW sys- unexpected which node will successfully mine the next tems or sophisticated calculations for deciding miners block, protecting validated transactions from tampering. as in PoS and PoI consensus processes. PoET, on the PoW has efectively sustained and protected the operother hand, is significantly reliant on Intel’s specialized, ations of two of the most popular public blockchains, third-party hardware to function, which increases en- Bitcoin and Ethereum, by requiring expensive computrance barriers for participants who do not have access tational power and information transparency [16]. By to the SGX technology. It is also feasible that nodes with establishing a large number of malicious nodes, the Sybil greater hardware available will have a better chance of attack can successfully exploit the PoW. The balancing being chosen, although such nodes will almost certainly attack can be used against the Ethereum protocol and be refused access to the permissioned network [16]. private blockchains. Furthermore, DDoS attacks and BGP

To solve the Byzantine generals problem, Practical hijacking can be used to interrupt the regular flow of this Byzantine Fault Tolerance (PBFT) is applied. To work consensus mechanism [12]. normally, PBFT can accept malicious behavior from up Proof of Authority (PoA) is designed to optimize the to one-third of all nodes. For example, in a system with PoS mechanism and be used in permissioned networks. one malicious node, at least four nodes are required to Instead of selecting block miners based on their stakes reach a proper consensus. Otherwise, consensus is not in cryptocurrency tokens, PoA selects a small group of reached. When compared to proof of work, this method authorities as transaction validators based on their netachieves consensus faster and more cheaply [ 13 ]. work identification or reputation [ 18]. A PoA-based sys

The Tendermint protocol is based on the PBFT con- tem also rewards authorities for certifying and ordering sensus method. To select validators as participants, the transactions to incentivize honest behavior in providprotocol uses a voting method. Validators verify that ing service and moderating the network [16]. PoA does adding blocks to the chain structure is done correctly. not necessitate intensive processing to execute dificult This ensures less number of nodes act as Validators and tasks and depends on a limited number of validators to solves the computational complexity of PoW in energy- obtain consensus. When compared to PoW and PoSconstrained environments [17]. A designated delegate based systems, these features help improve transaction will reach consensus in the RAFT protocol, and he will throughput and energy eficiency. PoA, on the other also be responsible for duplicating the logs whenever a hand, avoids decentralization by concentrating mining new user joins the network. The heartbeat message will power among a handful of trusted authorities. As a result, serve as an interrupt signal in this case, signalling the this paradigm has the potential to introduce censorship presence of the leader. If they do not receive the message into the public network, with one or more authorities before it expires, all nodes have a timeout mechanism in blacklisting or denying all transactions from a specific place. Then, unless the timer is reset, they will begin the user. On the other hand, a permissioned network built process of electing a new leader. This protocol is more between multiple businesses or major institutions might compatible with permissioned and private networks [17]. profit from PoA since it ofers a faster transaction pro

Proof of Work (PoW) was the first prominent cessing speed and the identity-at-stake model aligns well with business operations that value trustworthiness and The most common vulnerabilities and attacks on BCTs reputation [16]. and DLTs based on consensus are DDoS attacks, 51%

Apache Kafka is a distributed streaming platform, attacks, long range attacks, + attacks, and Sybil atbased on a commit log that started as an internal tacks. DDoS attacks on a blockchain focus on the protocol LinkedIn project designed to provide a low-latency, high- layer, with the biggest threat to blockchains being transthroughput platform for manipulating real-time data action flooding, when spam and false transactions flood feeds [19]. The typical Bitcoin system takes roughly the blockchain. The attacker can hence compromise the 10 minutes to build blocks. As a result, we simplified availability for original users and undesirable have other the standard blockchain’s consensus algorithm and used impacts on the network. The vulnerable mechanisms are Kafka distributed message processing instead of PoW, PoW, Delegated PoS, RAF and PoA. A possible solution PoS, and other consensus mechanisms to provide record for these attacks are transaction filtering. verification and backup on the block alone. Kafka consen- The next vulnerability is the 51% attack. The 51% atsus selects several fixed nodes to implement the Kafka tack is committed when a miner or group of miners gains cluster to maintain partition logs, and the remaining control of more than 50% of a network’s blockchain. This nodes are used as transaction production and consumers threat is targeted to cryptocurrencies, and in most sitto manage messages in the queue. The Kafka consensus uations, it cannot be detectable until it’s too late. The has the advantage of having high throughput and low vulnerable mechanisms are RAFT, PoW, PoS, and delelatency. The disadvantage is that it can only tolerate 1/2 gated PoS. Although a possible solution for this attack of the maximum node failure, and cannot tolerate the does not exist, the larger the network, this type of attack existence of malicious nodes [20]. is less likely to happen.

Sumeragi is the name of the Byzantine fault tolerant Similar to the 51% attack, long range attacks can occur distributed consensus algorithm used by Hyperledger when a false chain takes over the correct chain, rendering Iroha. Most of the algorithm is based on the B-Chain con- the previous chain invalid. The only mechanism that sensus algorithm. In Sumeragi, consensus is performed is vulnerable to this type of attack is PoS due to small on individual transactions and the global state resulting intervals of block generation. Possible solutions include from all transactions [21]. bootstrap nodes, checkpoint, or adding a range a blocks to always be considered true.

The next type of attack is the so-called + attack, 4. Security properties of consensus where a malicious node, i.e. the attacker, is influencing mechanisms other nodes that get incentives from the blockchain. The attacker promises to pay + to all voters who vote The well know cryptocurrency, Bitcoin, utilizes a permis- for attacker’s option, if the majority votes for attacker’s sionless public blockchain framework. Being permission- option. Distributed PoS and PoW mechanisms are vulless, it allows any node to participate in the consensus nerable to this attack; however, this type of attack is very protocol and mine blocks without any permission. It hard to implement. uses PoW as the method for consensus which has a high Finally, Sybil attacks occur when a single node makes latency about 10 minutes, making it inefective for IoT many fake identities (called Sybil identities) simultanenetworks. However, it is worth exploring if it can still be ously. All mechanisms are theoretically vulnerable to used with eased proof of work to reach a consensus in Sybil attacks. More efort on authentication, such as a short time [ 13 ]. Bitcoin’s PoW mechanism consumes Two-Factor Authentication (2FA) or node propagation massive power. It is estimated that power consumption modeling could be possible solutions to these attacks. of Bitcoin per transaction is around 545 KWh [22]. A summary of the vulnerabilities is given in Table 2.

Ethereum is a permissionless public blockchain framework developed using solidity which is a contractoriented, high-level language for implementing smart con- 5. Conclusion tracts . All the nodes are required to participate in the consensus process. This method is significantly less In this paper, we have analyzed the most common Hycomputational-intensive than the original PoW. This perledger project DLTs used, with emphasis on their blockchain can be customized and adopted for a vari- consensus mechanisms used and the security properties ety of applications because of its intrinsic characteristics of each. While some mechanisms are more resilient than that enable smart contracts. Its block generation process others, all consensus mechanisms is at least vulnerable takes between 10 to 20 seconds which is much less than to at least one kind of threat or attack. As far as attacks bitcoin’s latency [ 13 ]. It is estimated that power con- are concerned, the majority of them are focused on crypsumption of Ethereum per transaction is around 49 KWh tocurrency BCTs, while enterprise DLTs are less likely [22]. to be a target of an attack. [19] M. Petrescu, R. Petrescu, Log replication in raft vs kafka, Studia Universitatis Babes, -Bolyai Informatica 65 (2020) 10–24193. [20] G. Luo, M. Shi, C. Zhao, Z. Shi, Hash-chain-based cross-regional safety authentication for space-airground integrated vanets, Applied Sciences 10 (2020) 4206. [21] Z. Hintzman, Comparing blockchain implementa

tions, SCTE-ISBE Cable-Tec EXPO (2017). [22] N. Chaudhry, M. M. Yousaf, Consensus algorithms in blockchain: Comparative analysis, challenges and opportunities, in: 2018 12th International Conference on Open Source Systems and Technologies (ICOSST), IEEE, 2018, pp. 54–63.