1

HybridChain: Fast, Accurate, and Secure

Transaction Processing with Distributed Learning
Amirhossein Taherpour , and Xiaodong Wang , Fellow, IEEE

In order to fully unlock the transformative power of dis- improvement in one aspect would come at the expense of one
tributed ledgers and blockchains, it is crucial to develop inno- or both of the others, and finding the right balance among the
vative consensus algorithms that can overcome the obstacles of three aspects is critical for the success of a blockchain system.
security, scalability, and interoperability, which currently hin-
arXiv:2310.08839v1 [cs.DC] 13 Oct 2023

der their widespread adoption. This paper introduces Hybrid- Solutions to addressing these issues can be broadly clas-
Chain that combines the advantages of sharded blockchain and sified as either off-chain or on-chain [5]. Off-chain solutions
DAG distributed ledger, and a consensus algorithm that lever- improve the scalability by reducing the computational burden
ages decentralized learning. Our approach involves validators on the main blockchain. They include state channels [6], pay-
exchanging perceptions as votes to assess potential conflicts ment channels [7], sidechains [8], and Plasma [9], all of which
between transactions and the witness set, representing input
transactions in the UTXO model. These perceptions collec- handle transactions off-chain to reduce congestion on the main
tively contribute to an intermediate belief regarding the validity chain and thus increase the scalability of the blockchain. On
of transactions. By integrating their beliefs with those of other the other hand, on-chain solutions involve changes to the
validators, localized decisions are made to determine validity. underlying blockchain protocol, such as changing the block
Ultimately, a final consensus is achieved through a majority data structure, and employing a new consensus mechanism.
vote, ensuring precise and efficient validation of transactions.
Our proposed approach is compared to the existing DAG- In particular, AdaptChain [14], Jidar [15], and CUB [16]
based scheme IOTA and the sharded blockchain Omniledger compress the size of transaction representation in each block,
through extensive simulations. The results show that IOTA has saving the bandwidth and reducing the propagation delay,
high throughput and low latency but sacrifices accuracy and is thereby increasing the throughput. On the other hand, Algo-
vulnerable to orphanage attacks especially with low transac- rand [17] and [18] each propose a new consensus algorithm
tion rates. Omniledger achieves stable accuracy by increasing
shards but has increased latency. In contrast, the proposed based on Pure Proof of Stake (PPoS) and Votes-as-a-Proof
HybridChain exhibits fast, accurate, and secure transaction (VaaP), respectively, to increase the throughput.
processing, and excellent scalability. Index Terms—Blockchains, Moreover, as an on-chain solution, sharding which is
sharding, directed acyclic graph (DAG), consensus algorithms, adopted in Meepo [11], Benzene [12], Omniledger [27],
decentralization, scalability, security, storage, throughput. and [13], is the most significant approach among all on-
chain and off-chain approaches. Firstly, sharding partitions the
I. I NTRODUCTION network into smaller shards, and each shard operates indepen-
Distributed ledgers, commonly known as blockchains, have dently, processing its own subset of transactions and smart
emerged as disruptive technologies capable of revolutionizing contracts. This division of labor reduces the computational
various industries. Such decentralized and transparent systems burden on individual nodes and increases the overall through-
enable secure and immutable recording of transactions without put of the network. Off-chain solutions like state channels and
the need for intermediaries such as government agencies. payment channels can help reduce congestion on the main
Built on a peer-to-peer network of computers that collectively chain but have limited scalability potential. The reason for this
validate and record transactions, the blockchains employ cryp- limitation is that these solutions depend on direct communica-
tographic techniques to ensure the integrity and authenticity of tion and coordination among the participants, which imposes
the data. Originally developed to create and exchange digital a cap on the number of nodes that can participate.
currencies such as Bitcoin [1], blockchains technology now Secondly, sharding maintains the security and decentral-
find applications in various domains, making transformative ization benefits inherent in blockchains. Each shard has its
impacts [2]. own set of validators, ensuring that consensus is reached on
However, the potential benefits of the blockchain technology the subset of transactions it processes. By distributing the
are accompanied by challenges, particularly in scalability [3]. network’s computational load across multiple shards, sharding
Blockchain systems have limited capacity and can process only enhances the overall network’s resilience against attacks and
a limited number of transactions per time unit. This issue is reduces the risk of a single point of failure. In comparison,
challenging to address due to the blockchain trilemma [4], off-chain solutions like sidechains and Plasma often introduce
which refers to the difficulty of achieving high levels of additional trust assumptions and require trust in a set of
scalability, security, and decentralization simultaneously. Any federated entities or a single trusted party, compromising the
decentralized nature of the blockchain.
Electrical Engineering Department, Columbia University Furthermore, sharding facilitates efficient data storage and
E-mails: [email protected], [email protected] retrieval. With the partitioning of the blockchain into smaller
shards, each shard only needs to store a fraction of the entire
 2

blockchain’s data, reducing storage requirements for individual Omniledger in terms of scalability of throughput and latency
nodes. Additionally, sharding enables parallel processing and through simulations. Finally, Section VI concludes the paper.
faster block propagation within shards, resulting in reduced
latency and faster transaction confirmation. On-chain solutions
II. BACKGROUNDS
like AdaptChain, Jidar, and CUB offer optimization techniques
to improve throughput, but they do not provide the same level This section first gives an overview of the conventional
of scalability as sharding. blockchain, sharded blockchain, and DAG distributed ledger.
On the other hand, a new avenue gaining significant at- Then, we discuss the drawbacks of these existing schemes.
tention is the Directed Acyclic Graph (DAG) approach. Un-
like existing off-chain and on-chain solutions designed for
A. Existing Approaches
blockchains, DAG is a unique data structure that enables non-
linear data recording in a distributed ledger. Transactions in a 1) Conventional Blockchain: Distributed ledger technolo-
DAG are interlinked based on their dependencies, forming a gies utilize blockchains to store ordered records called blocks,
directed graph with no cycles. The structure permits parallel facilitated by a network of untrusted entities known as valida-
processing of transactions, providing a higher throughput tors. These blocks are linked through references to previous
than conventional blockchain systems. DAG-based distributed block headers, creating an immutable chain. A typical block
ledgers could address scalability and transaction processing consists of two main sections: transactions and header. The
challenges for two reasons. Firstly, as the number of users header contains the hash of the previous block header and
increases in the network, the transaction processing capacity of the hash of the Merkle root, which represents the digest of all
a DAG can increase, whereas conventional blockchain systems transactions in the block. Validators propose new blocks using
become less efficient. Secondly, DAGs can offer quicker trans- a consensus algorithm, selecting transactions and forming the
action confirmation compared to blockchains. Transactions in block header. When creating the next block, validators verify
a DAG can be confirmed as soon as they are added to the the validity of the proposed block, ensuring it adheres to the
network without waiting to be processed in a block, as in a underlying protocols. Once confirmed, the validators accept
blockchain. DAG schemes include Nano [20], Avalanche [21], the proposed block as the next block, appending it to the
Graphchain [22], Phantom [23] and IOTA [28]. existing chain.
However, despite the advantages of the sharded blockchains The consensus mechanism used in a blockchain determines
and DAG distributed ledgers, they have a number of draw- how blocks are proposed. There are primarily two types of
backs [24], [25] that will be elaborated in Section II-B. consensus mechanisms: Nakamoto Consensus and Classical
Motivated by these drawbacks, in this paper, we propose a Consensus [26]. Nakamoto Consensus includes Proof of Work
novel consensus mechanism that provides quick transaction (PoW) and Proof of X (PoX), where miners solve mathemati-
processing like DAG but with improved accuracy and security, cal problems or utilize a scarce resource to propose blocks.
achieved by introducing validators as in blockchain. This Classical Consensus, on the other hand, relies on voting
results in a scalable, efficient system capable of processing and allows for faster confirmation of transactions; Practical
high volumes of transactions with high accuracy. Byzantine Fault Tolerance (PBFT) is an example where nodes
The main contributions of this paper are as follows: communicate in quorums to agree on the system’s state.
1) We propose a new transaction validation scheme that Note that Nakamoto Consensus can result in wasted efforts,
prioritizes the transactions more likely to be valid for while classical consensus may suffer from congestion and low
faster and more efficient processing, thus achieving higher throughput. To address these issues, solutions like sharded
throughput. blockchain and DAG distributed ledgers have been proposed.
2) We propose a lightweight consensus algorithm that uti- Next we provide an overview of Omniledger [27], which is
lizes decentralized learning. Validators exchange percep- a sharded blockchain, and IOTA [28], which is a distributed
tions to assess transaction conflicts with the witness ledger based on DAG.
set, representing input transactions in the UTXO model. 2) Sharded blockchain — Omniledger: In a conventional
These perceptions form an intermediate belief about blockchain, all validators validate and store every transaction.
validity. Validators combine beliefs with each others, On the other hand, sharding partitions the blockchain into
leading to local decisions on validity. Final consensus smaller subsets called shards, where each shard is respon-
emerges through a majority vote, ensuring accurate and sible for processing and storing a subset of transactions.
efficient transaction validation. By distributing the workload across validators, sharding en-
3) We discuss in-depth the notions of security, decentraliza- ables parallel processing and increases the throughput. Unlike
tion, and throughput and compare our proposed scheme non-sharded blockchains, where every validator processes all
with IOTA and Omniledger in terms of these metrics. transactions, sharding allows validators within a shard to
The remainder of the paper is organized as follows. Section focus solely on the transactions in their shard, resulting in
II provides a brief overview of the conventional blockchain, faster confirmation times. Additionally, sharding facilitates
sharded blockchain, and the DAG distributed ledger. Section scalability by adding more shards as the network expands.
III presents our proposed HybridChain scheme. Section IV However, sharding also introduces new challenges such as
compares our scheme with IOTA and Omniledger in terms shard coordination, secure cross-shard communication, and
of security. Section V, compares our scheme with IOTA and specialized consensus protocols.
 3

As a sharded blockchain, Omniledger operates in epochs B. Drawbacks of Existing Schemes and Motivation of Pro-
and each epoch consists of four main stages. Initially, val- posed Approach
idators are assigned to shards, and leaders are selected us-
While DAG schemes are capable of decreasing latency by
ing the RandHound distributed randomness beacon. In the
removing validators and processing transactions solely based
second stage, these leaders propose new blocks containing
on their positions in the submission order graph, this results
transactions limited to their respective shards. Validation of the
in reduced throughput, especially when there are dishonest
proposed block within each shard is conducted by validators,
nodes that behave strategically. On the other hand, a sharded
employing the ByzCoinX consensus algorithm, followed by
blockchain, in which validators process transactions in parallel,
voting on its validity. Once a two-thirds majority of validators
can improve throughput scalability while keeping latency low
agree, the block is added to the blockchain. The third stage
in such circumstances.
addresses cross-shard transactions through the utilization of
Atomix, ensuring atomicity across multiple shards. In this However, the processing of cross-shard transactions poses
stage, the initiating shard secures the relevant accounts, creates a significant challenge for sharded blockchains. Specifically,
an Atomix instance, and requests participation from other the shards must exchange information about the transaction’s
shards involved in the transaction. Execution of the transaction validity and the associated account balances to process cross-
occurs when all participating shards reach an agreement, and shard transactions. This necessitates a mechanism for cross-
upon success, the Atomix instance is committed. In the final shard communication and consensus, which can be intricate
stage, the epoch is concluded, resulting in the update of the and time-consuming. Moreover, a large volume of cross-shard
blockchain state and preparation for the next epoch. transactions can potentially create a bottleneck in the system,
3) DAG — IOTA: In IOTA, the constructed Directed as the shards must collaborate and communicate effectively
Acyclic Graph (DAG) is referred to as the Tangle, where to ensure that all transactions are processed accurately and
vertices represent transactions. In the Tangle, a directed edge promptly. Omniledger aims to address the challenges associ-
from vertex vi to vj signifies that transaction vi validates ated with cross-shard transactions by implementing Atomix
transaction vj [28]. processing. However, as we will demonstrate in Section V,
In IOTA, the notion of validators associated with traditional cross-shard transactions in Omniledger can still introduce
blockchains does not exist. Instead, the ledger relies on a significant network delays, particularly when the number of
network of nodes. i.e., devices or computers, to submit and shards increases and a larger volume of transactions are
process transactions. When nodes submit transactions, they are submitted as cross-shard.
verified by other nodes within the network. This self-validating Moreover, the notion of decentralization in a distributed
mechanism ensures the legitimacy and consistency of transac- ledger covers both storage and computation. Decentralizing
tions. IOTA consists of two types of nodes: light nodes and full storage involves distributing data across multiple nodes with
nodes. Light nodes are responsible for expanding the Tangle minimal redundancy so that each node stores only a fraction
by generating and attaching new transactions to it, while full of the ledger data. Decentralizating computation involves
nodes store all the data in the Tangle. Light nodes rely on full distributing the computing process for transactions among
nodes to retrieve the necessary information. validators in the network.
Similar to the concept of confirmed blocks that are irrevo- Omniledger exhibits good decentralization of both storage
cable in blockchains, nodes in IOTA must reach consensus on and computation since, as a sharded blockchain, validators
the set of confirmed transactions. To achieve this consensus, process transactions for their respective shards and store the
for each generated transaction in IOTA, light nodes fetch the associated data. On the other hand, for IOTA DAG where
required information from full nodes and solve a Proof of validators are not present to process transactions, edges of
Work (PoW) puzzle. They then select two older transactions, the DAG graph created by nodes in the network validate or
called parents, from the tip transaction pool [19]. Here, a tip reject vertices corresponding to transactions. Decentralization
transaction refers to a transaction that has been broadcast to of computations in IOTA can be achieved to some extent by
the network but has not yet been validated by being directly ensuring that the decision to accept or reject a vertex is not
or indirectly referenced by another transaction. This parent made by a single or small group of nodes.
selection in the Tangle allows for the existence of two sets of Furthermore, IOTA lacks adequate storage decentralization,
transactions associated with a given transaction: the past cone, since light nodes in IOTA heavily depend on full nodes to
which consists of transactions referenced directly or indirectly, send or receive required information for selecting transaction
and the future cone, which includes transactions that reference parents and updating their perception of the Tangle. Addition-
the given transaction either directly or indirectly. ally, as explained in Section II-A-2, the decentralization of
To finalize the consensus, IOTA employs a trusted node, computations within IOTA is governed by the Coordinator,
known as the Coordinator, that periodically issues special a centralized entity responsible for determining the set of
transactions called milestones, which act as checkpoints for confirmed transactions. Consequently, it becomes evident that
the Tangle. Transactions that are in the past cone of these IOTA lacks computational decentralization.
milestones are considered confirmed. Additionally, as explained in Section IV, Omniledger is
It is worth noting that since nodes must solve a PoW found to be vulnerable to replay attacks and message with-
puzzle to attach the transactions to the Tangle, the consensus holding attacks. On the other hand, IOTA faces its own set of
mechanism in IOTA is classified as a Nakamoto consensus. vulnerabilities, namely orphanage attacks and routing attacks.
 4

Our proposed HybridChain in this paper aims to tackle the {x(n−1)λ+1 , x(n−1)λ+2 , . . . , xnλ }. Then for this epoch, val-
aforementioned challenges by adopting a hybrid approach that idators are randomly grouped into λ communities of size M/λ
combines the benefits of both DAG and sharded blockchains. and validators in one community process a single transaction
Similar to DAG-based schemes, our scheme has the advantage in xℓ ∈ X(n). Denote the set of validators in the community
of low latency and quick transaction processing. Additionally, that is responsible for processing transaction xℓ ∈ X(n) by Vℓ .
our scheme features parallel transaction processing by valida- Then validators in Vℓ process xℓ in maximum |Wℓ | rounds,
tors, akin to sharded blockchains, resulting in decentralized and if xℓ is validated, then it is stored by all validators in
storage and computations. We also ensure sufficient redun- Vℓ . Since all λ transactions in X(n) are processed in parallel
dancy in the data storage and employ a consensus mechanism across communities, the maximum number of rounds in epoch
that enables our scheme to withstand attacks that both DAG n is Rn = max{|W(n−1)λ+1 |, |W(n−1)λ+2 |, . . . , |Wnλ |}.
and sharded blockchains are susceptible to. Table.I summarizes In each round r = 1, . . . , Rn , validator mk ∈ Vℓ computes
the level of scalability, decentralization, and secutiry of the a quantity pℓk (r) ∈ [0, 1] that represents the current actual
three schemes. belief of validator mk about the validity of transaction xℓ .
Trilemma Scalability Decentralization
(The calculation of pℓk (r) is given in Section III-C.) Then the
Security
Scheme Throughput Latency Storage Computation local decision by validator mk at round r about the validity
IOTA
Omniledger
Moderate

Moderate
Good

Poor
Poor

Good
Moderate

Good
Poor

Poor
of transaction xℓ , denoted by vkℓ (r), is given by:
HybridChain Good Good Good Good Good
σ(aT
ℓ yk )

ℓ
1, if pk (r) ≥ η1 (aℓ , yk ) = µ1 −
 2 ,
TABLE I: Comparison of IOTA, Omniledger, and the pro- ℓ T
vk (r) = 0, if pℓk (r) ≤ η2 (aℓ , yk ) = µ2 − σ(aℓ yk ) , (1)
posed HybridChain based on the trilemma of scalability, 
 2
decentralization, and security. ϕ, otherwise,
where ϕ denotes that a local decision cannot be made,
η1 (aℓ , yk ) and η2 (aℓ , yk ) are the acceptance and rejection
III. H YBRID C HAIN thresholds, respectively, with µ1 and µ2 being some fixed val-
This section describes our proposed HybridChain in detail. ues, σ(·) being a sigmoid function, aℓ being an attribute vector
We first provide a overview and then describe the transaction for transaction xℓ and yk being a weight vector associated with
attributes that are used by HybridChain. Next, we elaborate validator mk .
on the transaction processing procedure and how the system The final collective decision, i.e., the network consensus
parameters are updated. Finally, we describe how consensus about the validity of xℓ , can be reached at round r if either
is reached by validators. of the following two conditions is met:
(
1[vℓ (r)=1] > 21 |Vℓ |,
P
A. Overview 1, if
ℓ
V = Pmk ∈Vℓ k 1
(2)
Suppose that the network consists of N users U = 0, if mk ∈Vℓ 1[vk
ℓ (r)=0] >
2 |Vℓ |,
{u1 , . . . , uN } that submit transactions, and M validators where V ℓ = 1 means that transaction xℓ is confirmed by
M = {m1 , . . . , mM } that process transactions. Note that the network and V ℓ = 0 otherwise, and 1[·] is the indicator
these two sets can overlap. Corresponding to each validator function.
or user we define a reliability value ρm i ∈ [0, 1], i = 1, . . . , M
or ρuj ∈ [0, 1], j = 1, . . . , N . Each validator can exchange
information with all other validators in the network. Each B. Attribute Vector
validator is either honest or dishonest: honest validators strictly Here we discuss the idea behind using the attribute vector aℓ
adhere to all network rules and protocols, while Byzantine for transaction xℓ . Unlike existing distributed ledger schemes
dishonest validators act in a random and coordinated fashion. that spend the same effort to process all submitted transactions,
The Byzantine validators possess comprehensive knowledge of our scheme adjusts the time and computational resources. The
the network, including the network structure, the algorithms idea is that all submitted transactions do not need the same
employed, and the exchanged data. We assume that at most amount of processing, and some are more likely to be valid
f ≤ ⌊M/2⌋ − 1 validators are Byzantine dishonest. than others. Therefore, transactions that are more likely to
Validators use the UTXO model to store past transactions be valid can be treated less strictly to save time and other
in the ledger, where each transaction xi is created by some resources. In this regard, we use the attribute vector aℓ for
of the past transactions {x1 , x2 , . . . , xi−1 }. Denote Wi ⊂ transaction xℓ to find its threshold of acceptance or rejection.
{x1 , . . . , xi−1 } as the witness set of xi . That is, xi is valid if The elements of aℓ , along with their descriptions, are listed in
it is not in conflict with any of the transactions in Wi . Table II.
Similar to the sharded blockchain, we partition time into Notation Description
epochs, but with variable durations. Each epoch comprises aℓ [1] The inverse of the value of the asset that is transferred from sender(s) to receiver(s)
aℓ [2] The amount of the fee that a transaction submitter pays to validators for processing
several rounds, and the number of rounds within each epoch
aℓ [3] The elapsed time from the previous transaction submitted by the same user in number of rounds
can vary. In each epoch validators process λ = ⌊M/(2f + aℓ [4] The inverse of the witness set size
2)⌋ transactions (the choice of this value is explained in aℓ [5] The weighted average of reliability of the user(s) that initiate the transaction

Remark 5 in Section III-D). Denote the batch of trans-

actions that is processed during epoch n by X(n) = TABLE II: Elements of the attribute vector aℓ .
 5

Here we explain the intuition behind the relation between X1 (n) each validator mκ ∈ Vℓ checks if r ≤ |Wℓ′ | and
each element of aℓ and the validity of transaction xℓ . For each mκ ∈ VW κ′ (r) . If so it sends qk (xℓ′ , Wℓκ′ (r)) to all validators
ℓ
element of aℓ , a higher value indicates a higher likelihood in community Vℓ′ . Otherwise, mκ does not send any data
of xℓ being valid. Consequently, the acceptance and rejection regarding transaction xℓ′ .
thresholds for transaction xℓ in (1) will be lower. Step 2: Receiving perceptions from other validators: For
aℓ [1] is the inverse of the value of the transaction xℓ . A each transaction xℓ ∈ Xr (n), each validator mk ∈ Vℓ receives
transaction triggering a larger amount of asset transfer between qk (xℓ , Wℓκ (r)) that are sent in the Step 1 from all other
two users should be processed more carefully. However, while validators mκ . We denote the set of all such perceptions by
comparing two transactions, especially the ones that have Qℓk (r).
lesser values, the transaction with higher fees can decrease Stage 2: Update actual belief and making local decision
the likelihood of invalid transaction. Hence aℓ [2] is the fee by each validator:
that must be paid to the validators for processing transaction Step 1: Updating actual belief: For each transaction xℓ ∈
xℓ regardless whether xℓ will be confirmed or not. aℓ [3] is Xr (n), each validator mk ∈ Vℓ updates pℓk (r −1) using Qℓk (r)
the elapsed time from the previous transaction submitted by received at Stage 1 to obtain pℓk (r). The details can be found
the same user in number of rounds. This means if one user in Section III-C.
submits many transactions in a short time, it can be a sign Step 2: Making local decisions: Validator mk calculates
of abnormality. aℓ [4] is the inverse of the size of the witness vkℓ (r) in (1).
set Wℓ for transaction xℓ . Since a transaction with a bigger Stage 3: Reach collective decision within each commu-
witness size |Wℓ | is triggering a bigger number of unspent nity Vℓ :
transactions xj ∈ Wℓ , then such transaction should be handled Step 1: Sending local decision to other validators: Each
more prudently. In general, transaction xℓ can be initiated by validator mk ∈ Vℓ that has made a decision in Stage 2 sends
multiple users from the set U . This means that each transaction vkℓ (r) ∈ {0, 1} to all other validators in Vℓ .
in the witness set Wℓ can have a different owner, which Step 2: Receiving local decisions from other validators:
can be considered analogous to a multi-signature transaction Each validator mk ∈ Vℓ receives vkℓ ′ (r) from other validators
in the UTXO model. Specifically, for each aℓ [5], represents mk′ ∈ Vℓ .
the weighted average of the reliability of the sender(s) trans- Step 3 (a): Reaching collective decision: Each validator
action xj ∈ Wℓ . Let U(xj ) denote the index of the user mk ∈ Vℓ forms Mℓ (r) = {mk′ | mk′ ∈ Vℓ , vkℓ ′ (r′ ) ∈
who owns xj , and A(xj ) represent the value of xj . Then {0, 1} for 1 ≤ r′ ≤ r}, i.e., the set of validators in community
P A(xj ) u
aℓ [5] = P
A(xj ) ρU (xj ) .
Vℓ that have made local decisions about the validity of xℓ up to
xj ∈Wℓ xj ∈Wℓ round r. Then validator mk checks if there is at least ⌊ |V2ℓ | ⌋+1
identical local decisions in Mℓ (r). If so, the final decision V ℓ
C. Transaction Validation Procedure regarding the validity of transaction xℓ will be based on this
Recall that in each epoch n, each transaction xℓ ∈ X(n), agreement.
as well as information on its witness set Wℓ is available to all Step 3 (b): Forcing validators to make a decision: If there
validators. Therefore, for any xj ∈ Wℓ , if validator mk ∈ Vj , are less than ⌊ |V2ℓ | ⌋+1 identical decisions in Mℓ (r) and if r =
then it can determine whether or not xℓ and xj are in conflict, |Wℓ |, then each validator mk ∈ Vℓ \Mℓ (r) makes a decision
and we define the perception: based on the following rule:
(
0, if xℓ and xj are in conflict ℓ
vk =0
qk (xℓ , xj ) = (3) η1 (aℓ , yk ) − pℓk (r = |Wℓ |) ≷ pℓk (r = |Wℓ |) − η2 (aℓ , yk ).
1, if xℓ and xj are not in conflict; ℓ =1
vk
otherwise validator mk cannot discern. Moreover, denote by (4)
Wℓk a random permutation of the elements in Wℓ generated This forces all validators in community Vℓ to make local
by validator mk . That is, for two validators mk and mk′ , Wℓk decisions by round r = |Wℓ | and the final decision can be
′
and Wℓk have the same elements but with different orderings. obtained using (2).
We denote the transaction corresponding to the r-th element Stage 4: Broadcasting final decisions: For each commu-
in Wℓk by Wℓk (r). nity Vℓ , if a final decision V ℓ on transaction xℓ is reached in
1) Processing procedure in each round r: After each round the current round r, then V ℓ is broadcast to all validators in
r in epoch n, one or more transactions may be eliminated X(n). Each validator then obtains Xr+1 (n) by removing all
from the set of the transactions X(n) since their processing is transactions whose final decisions have been reached in round
finished by their corresponding validators, i.e., vkℓ (r) = 0 or 1 r.
in (1). We denote Xr (n) as the set of transactions still being Remark 1: Although the final collective decision for transac-
processed after round r of epoch n with X(n) = X1 (n). Then tion xℓ must be made by round |Wℓ |, it can be reached sooner
for each round r in epoch n, the processing of all transactions if sufficient number of validators in community Vℓ reach
in Xr (n) consists of the following four stages: local decisions before round |Wℓ |. Therefore, all processings
Stage 1: Validators in all communities exchange percep- in epoch n can be completed before round Rn if every
tions: community reaches a final decision earlier than round |Wℓ |.
Step 1: Sending perceptions to other validators: For each Remark 2: Note that if the final decision V ℓ for transaction
transaction xℓ ∈ Xr (n), and for all transactions xℓ′ ∈ xℓ is reached in round r, then in the remaining rounds r′ > r
 6

of the epoch validators in Vℓ participate only in Step 1 of that will be used for epochs tN + 1, . . . , (t + 1)N . The
Stage 1 and Stage 4. minimization problem in (7) involves the log loss function,
Remark 3: The HybridChain can be viewed as a hybrid which is commonly used for binary classification [46]. In
of the sharded blockchain and the DAG. In particular, it this context, aℓ represents the feature vector, and yk is the
is evident that validators process transactions concurrently classifier. The log loss function quantifies the discrepancy be-
in λ communities, resembling sharded blockchains. Further- tween the predicted probabilities and the true labels, effectively
more, akin to DAG distributed ledgers, HybridChain utilizes penalizing incorrect predictions and promoting well-calibrated
thresholds as defined in (1) to determine the acceptance or probability estimates. Once the classifier yk has been obtained,
rejection of transactions. Additionally, similar to DAG where it assigns higher scores to transaction xℓ (i.e., a larger value
the relationships among transactions dictate the set of valid of σ(aTℓ yk )) if it resembles valid transactions, and lower
transactions, HybridChain assesses the validity of a transaction scores if it resembles invalid transactions. Validator mk utilizes
based on its confliction to the transactions within its witness these scores to calibrate the thresholds in (1) for accepting or
set. rejecting transactions in subsequent epochs.
Remark 4: The decentralized nature of HybridChain is
apparent in its implementation. Specifically, each transaction D. Updating Rules
xℓ , is stored by 2f + 2 validators in the set Vℓ , which Recall that as shown in (1), the validator’s decision to accept
ensures a decentralized ledger. Furthermore, the final decision or reject xℓ is based on pℓk (r), which represents validator
V ℓ is not solely determined by local decisions of validators mk ’s actual belief at the end of round r about the validity
in Vℓ , but also influenced by perceptions received from all of transaction xℓ ∈ X(n). In addition, we introduce ψkℓ (r),
other validators in different communities Vℓ′ during Stage which represents the intermediate belief of validator mk at
1. This decentralized approach to processing xℓ ensures that the end of round r regarding the validity of xℓ , which is used
computations related to its validation are decentralized across to find the actual belief pℓk (r). The calculation pℓk (r) and ψkℓ (r)
the network. are explained next.
2) Updating reliability and weight in each epoch n: 1) Updating actual beliefs: In the literature on distributed
At the end of each epoch n, the reliability profiles consensus algorithms [40]–[42], the actual belief pℓk (r) at
{ρm m u u
1 , . . . , ρM , ρ1 , . . . , ρN } of validators and users are up- each round  r can be expressed using the general form
dated as follows. For each validator mk denote Qk (n) = pk (r) = g pℓk′ (r − 1) k′ ∈M∪{k} , ψkℓ (r) . Here, g is called
ℓ
{qk (xℓ , xj ) ∈ {0, 1} : xℓ ∈ X(n), xj ∈ Wℓ } as the set of
the
 ℓ opinion pooling function that is algorithm-specific, and
binary perceptions mk sent in epoch n. And for each pair
pk′ (r − 1) k′ ∈M∪{k} is the set of all actual beliefs that
(xℓ , xj ), denote q ∗ (xℓ , xj ) ∈ {0, 1} as the majority values
validator mk receives from other validators mk′ , in addition to
of all perceptions {qk (xℓ , xj )} sent by validators in epoch n.
its own actual belief. At each round r, each validator takes into
Then the reliability of validator mk is updated as:
account its intermediate belief and the actual beliefs of other
ρm m
k (n) = ζ1 ρk (n − 1) validators from the previous round to determine the actual
1 − ζ1 X belief for the current round.
+ q ∗ (xℓ , xj ) ⊕ qk (xℓ , xj ). Consensus algorithms, such as those in [43], [44], typically
|Qk (n)|
qk (xℓ ,xj )∈Qk (n)
use an opinion pooling function g that is a linear or log-
(5) linear averaging function. However, [45] shows that the min-
Moreover, let Xs (n) ⊂ X(n) be the set of transactions rule can be more effective in achieving faster convergence
submitted by user s. If Xs (n) ̸= ϕ, then the reliability of in learning the correct actual belief, and better Byzantine
user s is updated as: resilience. Therefore, in HybridChain, at each round r of epoch
n, each validator mk updates the actual belief pℓk (r − 1) for
1 − ζ2 X
ρus (n) = ζ2 ρus (n − 1) + V ℓ, (6) each transaction xℓ ∈ Xr (n) as follows.
|Xs (n)| First, validator mk sends its actual belief pℓk (r − 1) to all
xℓ ∈Xs (n)
other validators mk′ ∈ Vℓ and receives pℓk′ (r−1) from all other
Otherwise ρus (n) = ρus (n − 1). In (5)-(6), 0 < ζ1 , ζ2 < 1 are validators mk′ . Next, it sorts the received values pℓk′ (r − 1)
forgetting factors to count for time evolution. and removes the f -highest and f -lowest values. The set of
Furthermore, the weight vector yk for each validator mk is
Sn=tN remaining validators whose actual beliefs are not discarded
updated every N epochs. Denote X (t) = n=(t−1)N +1 X(n) by validator mk at round r is denoted by Dkℓ (r). The actual
as the set of all transactions that are submitted in epochs (t − belief pℓk (r) is then computed as
1)N + 1, . . . , tN . Denote further Xk (t) ⊂ X (t) such that for n o
each xℓ ∈ Xk (t), mk ∈ Vℓ . Then the weight vector yk (t) is pℓk (r) = min pℓk′ (r − 1) k′ ∈Dℓ (r)∪{k} , ψkℓ (r) . (8)
k
given by the following optimization problem:
Remark 5: Suppose Wℓk (r)= xj and that validator mk ∈ Vℓ
1 X
ℓ and mk ∈ Vj . Then in case qk (xℓ , xj ) = 0, instead of updating
yk (t) = arg max − V log(σ(aTℓ yk ))
yk N pℓk (r) in Stage 2, validator mk sets pℓk (r) = 0 and follows the
xℓ ∈Xk (t)
! (7) rest of the processing procedure as usual.
ℓ Remark 6: The rationale behind selecting λ = ⌊M/(2f +
+ (1 − V ) log(1 − σ(aTℓ yk ))
2)⌋ is to ensure that, in (8), after removing the f -highest and
 7

f -lowest values of pℓk′ (r − 1) by validator mk , at least one deceive the recipient into thinking that a new transaction is
validator’s opinion other than mk remains. This condition can taking place, when in fact it is just a repeat of a previous trans-
be satisfied by having a minimum of 2f + 2 validators store action. Replay attacks can be particularly problematic in multi-
each transaction, so that in the worst case even if both mk ∈ Vℓ party transactions, where all parties must agree to commit to
and mk ∈ Vj for some xj ∈ Wℓ , at least one other validator’s a certain action simultaneously, or else the entire transaction
opinion is incorporated. is rolled back. In this scenario, a replay attack could cause
2) Updating intermediate beliefs: To determine pℓk (r), as incorrect decisions to be made about the transaction, leading
shown in (8), validator mk ∈ Vℓ must first obtain its interme- to fraud, loss of funds, or other security breaches.
diate belief ψkℓ (r). As previously stated, ψkℓ (r) is computed IOTA Tangle is resilient against replay attacks. Transac-
based on the perceptions qk′ that other validators mk′ send to tions in IOTA Tangle are interlinked, forming a “tangle”
validator mk . To be more specific, let Qℓk (r) denote the set that undergoes validation by network nodes, which ensures
′
of all perceptions qk′ (xℓ , Wℓk (r)) received by validator mk the uniqueness of each transaction and prohibits replication.
during Step 2 of Stage 1. To determine ψkℓ (r) in round r, Furthermore, every transaction in Tangle requires a distinct
validator mk applies the Bayesian rule as in (9). identifier called a “branch” and a “trunk,” pointing to two
The conditional probabilities in (9) are computed using the previous transactions within the Tangle. When a transaction is
reliabilities ρm
k′ of the validators mk′ who contributed the
broadcast to the IOTA network, it undergoes validation by the
perceptions qmk′ in Qℓk (r) as follows: network nodes. If a node receives a transaction with a branch
and trunk that have already been utilized, the transaction is
P Qℓk (r) | xℓ is valid =


rejected, effectively thwarting any replay attempts.
Y  
The Omniledger is vulnerable to replay attacks [34], as
ρk′ 1[qk′ =1] + (1 − ρk′ )1[qk′ =0] , (10a)
m m
it utilizes Atomic commitment for transaction processing.
qk′ ∈Qℓ (r)
k
A potential attacker can easily execute a replay attack by
Qℓk (r) intercepting a cross-shard transaction, and then resending it


P | xℓ is invalid =
Y  to the involved shards. Nodes within the network are un-
((1 − β)ρm m
k′ + β(1 − ρk′ ))1[qk′ =1] able to differentiate between honest but delayed transactions
qk′ ∈Qℓ (r)
k
and maliciously replayed ones, resulting in conflicting views
 among different shards regarding the transactions in question.
+ (βρm
k′ + (1 − β)(1 − ρm
k′ ))1[qk′ =0] , This is particularly concerning for cross-shard transactions, as
(10b) validators in each shard lock the transactions until a decision is
made to either commit or abort the transaction. In the case of a
|Wℓ −1|
where β = 22|Wℓ | −1 is the probability of xℓ being in conflict replay attack, the transaction may become locked indefinitely,
with a given xj ∈ Wℓ given that xℓ is an invalid transaction. or even result in a double-spending scenario.
The denominator of β is the total number of possible percep- In contrast to Omniledger, HybridChain is resilient against
tions of the conflict of xℓ with respect to transactions in Wℓ , replay attacks due to its unique design. While similar to
excluding the case that it is not in conflict with any in Wℓ ; sharded blockchains in the sense that our scheme processes
the numerator of β is the total number of perceptions given transactions in parallel, it is not a sharded blockchain itself.
xℓ is in conflict with xj . In contrast to sharded systems where only a subset of nodes
Finally, it should be mentioned that validators use pℓk (0) = process transactions, non-sharded blockchains require consen-
ρs and ψkℓ (0) = ρus as initial values in (8) and (9), where ρus
u sus from all nodes for each transaction, ensuring that it is
is the reliability of user s that sends transaction xℓ . unique and cannot be replayed at a later time. Specifically,
for each transaction xℓ ∈ X(n), the set of validators in Vj
IV. SECURITY ANALYSIS AND COMPARISON for each transaction xj ∈ Wℓ are randomly assigned and can
be entirely different. This means that each validator mk ∈ Vℓ
In this and next sections, we will conduct a comparative receives a set of perceptions Qℓk (r) from all other validators
analysis between HybridChain and two other notable schemes in the network, making each validator a participant in the
in the field of distributed ledgers: IOTA, a benchmark DAG verification of transaction xℓ .
scheme, and Omniledger, a sharded blockchain. The primary
objective of this section is to evaluate security features of all
B. Message Withholding Attack
three schemes.
A message withholding attack [48] involves a malicious
actor deliberately withholding important messages or trans-
A. Replay Attack actions that are necessary for the system to function correctly.
A replay attack [47] occurs when an attacker intercepts a In particular, the attacker can concentrate on a particular
transaction and resends it at a later time, in an attempt to transaction or set of transactions, and prevent the circulation of

P Qℓk (r) | xℓ is valid ψkℓ (r − 1)
ψkℓ (r) =

. (9)
P Qℓk (r) | xℓ is valid ψkℓ (r − 1) + P Qℓk (r) | xℓ is invalid (1 − ψkℓ (r − 1))
 8

messages required to authenticate them. As a result, the trans- IOTA, to the extent that a sufficiently powerful attacker could
action may not be included in a block, or its confirmation could cause 96% of transactions in IOTA to be orphaned.
be postponed, causing disruptions in the normal functioning On the other hand, for schemes that do not employ
of the system. Message withholding attacks are particularly Nakamoto consensus, if a conflict arises between a new
potent in systems that employ a consensus mechanism based transaction or block and an existing one, the network keeps the
on a quorum to approve transactions. Through the suppression existing one and discards the new one. The Omniledger uses
of messages, the attacker can impede the system’s ability to Fast Byzantine Consensus (FBC) as the consensus algorithm,
reach consensus and even cause a fork in the blockchain or which is a classical consensus. FBC can resist orphanage
ledger. attacks by providing immediate finality for confirmed blocks,
In IOTA’s Tangle, the act of withholding a single message employing a synchronized confirmation process to prevent
does not necessarily hinder the confirmation of a transaction manipulation. These features ensure that once a block is
since the confirmation process does not depend solely on confirmed by the network, it cannot be discarded or orphaned.
a linear sequence of transactions. Rather, transactions are Similar to Omniledger, in HybridChain all submitted trans-
verified based on a consensus mechanism that considers the actions are placed in a queue and processed in batches in
entire network of interconnected transactions. This distinctive parallel during epochs, ensuring that none of the transactions
architecture and consensus mechanism of IOTA make it re- are orphaned due to acceptance of another transaction. Thus,
silient to message withholding attacks. HybridChain is immune to the orphanage attack.
On the other hand, Omniledger is susceptible to the message
withholding attack. Specifically, for intra-shard transactions,
D. Routing Attack
the shard leader, responsible for processing the transaction,
receives the transaction and dispatches it to the validators The Border Gateway Protocol (BGP) is a protocol used
within the shard. If the shard leader is malicious and launches a by Autonomous Systems (AS), which are groups of intercon-
message withholding attack, it can prevent the transaction from nected Internet Protocol (IP) routing prefixes controlled by
being processed. Also, in the case of cross-shard transactions, one or more network operators, to share information about
an adversary can create a cross-shard transaction and send the subnet reachability through advertisements. BGP does not
transaction to the source shard but withhold the transaction verify the accuracy of advertised routes, making it possible
from the destination shard causing the cross-shard transaction for a malicious AS to add and propagate advertisements for
to remain active and keeping the validators occupied with the routes that do not actually exist. BGP hijacking occurs when
transaction [34]. an AS advertises a route that it does not have in order to attract
HybridChain is resilient to message withholding attacks. To Internet traffic intended for that destination.
process a transaction xℓ , each of the witness transactions xj ∈ In IOTA, a full node must connect with random full nodes to
Wℓ is stored by 2f + 2 validators, assuming that the network maintain up-to-date information. This randomness is critical to
has no more than f dishonest validators. Validator mk ∈ Vℓ prevent adversaries from compelling specific nodes to become
receives perceptions qmk′ (xℓ , xj ) from validators mk′ ∈ Vj peers, and to prevent predictable network configurations that
for all transactions xj ∈ Wℓ . Hence, in the event of a message could result in eclipse attacks. In an eclipse attack, a group
withholding attack by dishonest validators, at least f + 2 other of colluding nodes surrounds a target node and intercepts
validators exist to inform validator mk of the transaction’s all communication with the rest of the network, potentially
validity with respect to each witness transaction. causing ledger consensus issues such as double spending or
forking. In [31] it is demonstrated that BGP hijacking may be
successful in the IOTA network unless two full nodes are in
C. Orphanage Attack the same AS and use intra-AS routes. However, forcing nodes
In a distributed ledger scheme, when a conflict occurs to be neighbors in the same AS would reduce the network’s
between a new block or transaction and an existing one, the overall connectivity, which is undesirable.
network must choose to orphan one of them. If the scheme On the other hand, in contrast to IOTA, Omniledger is im-
employs Nakamoto consensus, where the validity of blocks or mune to such routing attack. This is because in Omniledger, all
transactions is determined by the ledger structure, selecting the nodes hold a partial copy of the ledger, and the processing of
new block or transaction results in the old one being orphaned, transactions is distributed among all nodes. To prevent routing
wasting the efforts put into its creation. This problem becomes attacks, OmniLedger uses a hybrid routing approach that com-
more severe when a subsequent block or transaction conflicts bines both centralized and decentralized routing mechanisms.
with the chosen block or transaction. If the network selects the In this approach, the routing information is divided into two
subsequent block or transaction, it not only orphanes the old parts: a centralized directory that contains the IP addresses
block or transaction but also orphanes the one it was chosen and public keys of all the shards, and a decentralized routing
over. table that contains the routing information for each shard. The
The orphanage attack [30] involves taking advantage of centralized directory helps to prevent attacks on the routing
the orphanage problem and create transactions or blocks to information, while the decentralized routing table helps to
make the existing ones to be left behind. By conducting prevent attacks on the transaction history of each shard.
simulations and analyzing particular strategies, [30] revealed Moreover, HybridChain achieves a well-distributed com-
that the impact of the orphanage attack could be significant in putation of transaction processing. Similar to Omniledger,
 9

it avoids relying on centralized entities such as full nodes. Denote the rate of transaction issuance per minute by
Instead it allows all validators to access the necessary in- γ = γa + γh , where γa and γh are transaction issuance
formation by distributing the ledger data. Thus, the routing rates of adversary nodes and honest nodes, respectively. Define
attack cannot compromise the consistency or security of the S = γγa as the spamming rate of the adversary nodes. Each
ledger data. In particular, even if the attacker targets validator transaction must select P = 2 other transactions as parents
mk , the decision vkℓ and the final decision V ℓ regarding with an age restriction of δ = 1 minute. Also the confirmation
transaction xℓ are unlikely to be affected. This is because threshold θ = 0.66(1 − τ ) where τ is the percentage of
the calculation of pℓk (r), which determines vkℓ , depends on all adversary nodes. We set the number of nodes in IOTA as
perceptions in Qℓk (r) for each round r, where Qℓk (r) is a group M = 1000. In each simulation, we execute the software for
of perceptions obtained from various validators. Therefore, in a duration of 5 minutes, generating 5γ transactions at various
order to change vkℓ , the attacker must disrupt many connections transaction issuance rates denoted by γ. These transactions
between validator mk and other validators, making it difficult are then attached to the Tangle, forming an integral part of
to influence the decision-making process of any validator, and the simulation process.
consequently the final decision. 2) Omniledger: To simulate Omniledger, we utilized Over-
Finally, we summarize whether or not each distributed Sim [36], a modular framework, on OMNeT++ 6.0 [35],
ledger scheme is resistant to various attacks in Table III. a process-based discrete-event simulator. The simulation pa-
Attack Type IOTA Omniledger HybridChain rameters are set based on [27] as follows. The required
Replay Attack Yes No Yes percentage of votes for accepting a transaction, as well as
Message Withholding Attack Yes No Yes
Orphanage Attack No Yes Yes
other consensus-related activities like leader selection, is set
Routing Attack No Yes Yes to 67%. Additionally, the block size is fixed at 1 MB. The
task completion and voting timeout values are set to 500
TABLE III: Resistance to various attacks by different dis-
milliseconds, and an epoch transition occurres when all tasks
tributed ledger schemes.
are completed, and the network has processed the entire task
list. For all simulations, the bandwidth of communication links
V. S IMULATION R ESULTS and latency between validators are set to 20 Mbps, and 100
ms, respectively.
This section provides a thorough comparison of Hybrid-
Chain with IOTA and Omniledger, focusing on the system’s la- To generate transactions, we employed Bitcoin Core [37]
tency, throughput, and scalability, to showcase the advantages version 23.1, which was the latest release at the time of writing
of HybridChain. Additionally, we assess how our decentralized this paper. The rate of incoming transactions in Omniledger is
scheme compares with centralized classification algorithms, represented by γ, and the total number of generated transac-
that are commonly used for detecting fraudulent transactions. tions in all simulations matched that in IOTA, which is 5γ.
In Omniledger, it is important to note that intra-shard
A. Simulation Setups and cross-shard transactions are processed separately, with
cross-shard transactions generally taking longer to process
1) IOTA: To simulate IOTA, we utilized the simulator
than intra-shard ones. The number of shards in Omniledger,
TangleSim [49] along with certain software modifications and
denoted as Γ, varied across different simulations. We provide
measurement tools found in [50] and [51], which simulate an
the specific value of Γ for each simulation. Based on [38],
improved version of the IOTA [28], where the nodes in the
using the RandHound algorithm in Omniledger with Γ = 4,
network use the Approval Weight (AW) mechanism to reach
approximately 81% of transactions are categorized as cross-
consensus about the set of the valid transactions.
shard, while with Γ = 16, nearly 95% of transactions are
Specifically, when a light node intends to attach a trans-
classified as cross-shard. Thus, the performance of Omniledger
action to the Tangle it must select P ≥ 2 older transactions
is expected to be heavily influenced by the value of Γ.
using the Restricted Uniform Random Tip Selection (R-URTS)
protocol, which chooses parents uniformly at random from the In our simulations, we considered M = 1000 validators
pool of tip transactions whose age are less than a threshold in Omniledger. The percentage of Byzantine dishonest val-
δ. Then to reach consensus about the set of valid transac- idators, denoted as τ , was also specified for each simulation,
tions, nodes first calculate the Mana score for all participant similar to IOTA. A Byzantine dishonest validator adheres to
nodes based on their ownership of a scarce resource, which the network’s protocol but intentionally casts incorrect votes
represents their influence. Then using the Mana score, nodes for both intra-shard and cross-shard transactions, whereas an
determine the set of valid transaction in the Tangle by comput- honest validator always votes correctly.
ing the cumulative weight of all transactions and comparing it 3) HybridChain: To simulate HybridChain, which shares
with a predefined threshold θ. If the cumulative weight of a similarities with Omniledger, we employed OverSim as our
transaction exceeds θ, it is considered valid. simulation platform. However, to customize and implement
In the IOTA simulations, honest nodes select parents fol- our scheme, we made significant modifications to four key
lowing the R-URTS protocol and issue valid transactions. The modules of Omniledger.
adversary nodes always issue invalid transactions; and while Firstly, we modified the validator module, which represents
choosing a parent they select the one with the highest possible a validator in the blockchain network. Our modification ac-
age; and if possible they try to select their own transactions. counted for the random grouping of validators in each epoch
 10

and included operations at all of Stages described in Section 1.8

III-C, and managing validators’ interactions during each round. 1.6

Secondly, we made changes to the consensus module re- 1.4

sponsible for achieving consensus among validators regarding 1.2

Accuracy
the set of valid transactions. These modifications encompassed 1

adjusting the voting and decision-making logic to incorporate 0.8

HybridChain’s consensus mechanism detailed in Section III. 0.6

Thirdly, we modified the epoch module, which represents 0.4

the epochs in HybridChain comprising multiple rounds. We 0.2

redefined the structure and duration of each epoch, as well 0

51015202530354045

as the transitions between epochs. Similar to Omniledger, we Percentage of dishonest validators ( )

set the task completion and voting timeout values to 500
milliseconds, with a round transition occurring when all tasks Fig. 1: Accuracy of transaction validity classification under
are completed, and the network has processed the entire task different values of dishonest validators (τ ) and number of
list. We also set the bandwidth 20 Mbps and imposed a latency validators M for HybridChain compared to Random Forest.
of 100 ms on all communication links in all simulations.
Lastly, we adapted the transaction module to accommo-
date the specific transaction structure and validation rules perceptions to other validators and make incorrect local de-
of HybridChain. Specifically, in each simulation, similar to cisions.
the corresponding simulations for IOTA and Omniledger, we
generated the same number of 5γ transactions, consisting B. Results
of both valid and invalid transactions. Additionally, for all 1) Classification: In order to evaluate the performance of
simulations, we utilized the probability distributions listed in our decentralized consensus scheme in classifying the validity
Table IV to generate the attribute vector aℓ for valid or invalid of transactions, we compared it to a centralized classification
transactions xℓ . Here, it should be noted that the values of the algorithm, the Random Forest algorithm [33], known for its
elements in the attribute vector are truncated, to certain ranges high accuracy. To conduct the simulation, we generated a
as indicated in the last column. dataset of 10000 transactions, which were used to train a
Attribute Vector Element Valid Invalid Range Random Forest classifier consisting of 100 trees. Each tree
aℓ [1] Gamma(3, 1) Gamma(17.5, 0.5) (0, 10] utilized a random subset of two or three attributes from the
aℓ [2] Norm(0.5, 0.15) Norm(0.25, 0.075) (0, +∞)
aℓ [3] Exp(10) Exp(5) (0, 50]1 five features in the attribute vector. Then, we evaluated the
aℓ [4] Pois(1.5) Pois(2.5) [1, +∞) performance of the trained Random Forest model on a separate
aℓ [5] Norm(0.7, 0.1) Norm(0.4, 0.1) (0, 1]
set of 5000 transactions, comprising an equal number of valid
TABLE IV: Distribution of attribute vector elements for gen- and invalid transactions, yielding an accuracy of 98.2%.
erating valid and invalid transactions. We subjected the same set of 5000 transactions to Hy-
bridChain and a network with varying numbers of validators
To simulate an invalid transactions xℓ , after determining and different values of τ . The results are depicted in Fig.1,
the size Wℓ using the distribution of aℓ [4] from Table IV, we demonstrating that HybridChain consistently exhibits stable
randomly select transactions xj ∈ Wℓ to be in conflict with performance, under different number of dishonest validators or
xℓ . different network sizes. This remarkable performance can be
Also, in (1) we use the sigmoid function σ(aTℓ yk ) = attributed to the collaborative decision-making mechanism of
1
−aT yk
and set µ1 = 1 and µ2 = 0.5, which results in HybridChain, which aids validators in enhancing the accuracy
1+e ℓ
0.5 ≤ η1 (aℓ , yk ) ≤ 1 and 0 ≤ η2 (aℓ , yk ) ≤ 0.5. Moreover, of their decisions.
we set the number of users N = 100 and updating frequency 2) Latency: We define latency the amount of time it takes
N = 20 epochs. Futhermore, for the forgetting factors in (5)- for a transaction to be confirmed and added to the ledger. It
(6), we set ζ1 = 0.98, ζ2 = 0.9. Additionally, the reliability of is the delay between the moment a transaction is initiated and
validators and users are uniformly generated in range [0.3, 0.8]. the moment it is considered final and irrevocable.
To initially train the weight vector yk , we use 10000 Fig.2 presents the cumulative distributions of latencies of
transactions, with half labeled as valid and half as invalid. different systems with τ = 20% dishonest validators. For
We utilize the Scikit-learn [53] library in Python to solve the IOTA we set the spamming rates to S = 30% and S = 70%
minimization problem in (7). and set γ = 3 × 104 . For Omniledger we set Γ = 4 and
Similar to IOTA and Omniledger, the number of validators Γ = 16 shards. The results demonstrate that Omniledger has
is set as M = 1000, the percentage of dishonest validators the highest latency for both sharding sizes and IOTA with
is denoted by τ . In HybridChain, honest validators always a spamming rate of S = 30% has the lowest latency. The
send correct perceptions to other validators and make local latency of HybridChain is slightly lower than that of IOTA
decisions following the defined rules in Section III. On the with a spamming rate of S = 70%. However, as illustrated in
other hand, dishonest validators consistently send incorrect Fig.5 in Section V-B-4, the quick processing of IOTA with a
spamming rate of S = 30% comes at the expense of reduced
1 The generated number is rounded down to find a discrete number. verification accuracy.
 11

decreases as a result, allowing a larger number of transactions

Percentage of Processed Transactions
1

0.9 to be processed. However, the accuracy decreases since a larger

0.8 number of invalid transactions are validated. The objective of
0.7
setting the acceptance threshold θ as a function of τ is to
0.6
simulate the Mana score in IOTA. Unlike Omniledger and
0.5

0.4
HybridChain, where the number of adversary nodes affects
0.3
the consensus results, IOTA’s performance is unaffected by
0.2
the quantity of adversary nodes. Instead, it is the distribution
0.1 of the Mana scores of the nodes that influences the validity
0
-2
10
-1
10
0
10
1
10
2
10
3
10
of transactions. Therefore, to facilitate a comparison between
Latency (seconds) IOTA and the other two schemes for the same value of τ ,
we consider θ as a function of τ to simulate the power of
Fig. 2: Latency distribution with incoming transactions rate adversaries in the network.
γ = 3 × 104 , M = 1000 validators, and τ = 20%. For Omniledger, the results showed that for 5% ≤ τ ≤ 25%,
increasing Γ from 8 to 16 led to reduced throughput. This
reduction can be attributed to the increased number of cross-
3) Throughput: The throughput is the average number of shard transactions, which subsequently prolongs the process-
transactions processed by a scheme per unit of time. However, ing time. However, Omniledger demonstrated stable accuracy
when comparing two schemes with equal throughput, the one in its processed transactions. Moreover, with a fixed Γ, an
that achieves higher transaction validation accuracy outper- increase in τ slightly decreased the throughput due to the
forms the other. Therefore, when evaluating the throughput, additional communication rounds required to achieve consen-
it is essential to consider two factors: accuracy, which in- sus using the FBC protocol. The increase in the number of
dicates the correctness of decisions made during transaction adversary validators increases the time required for consensus
processing, and the time required for processing transactions. by the FBC protocol. However, the accuracy of the processed
To assess the throughputs of the three schemes, we conducted transactions remained stable, thanks to Omniledger’s design
two simulations. that involves validators in transaction processing. On the other
We set the incoming transaction rate γ = 6000. The three hand, for 25% ≤ τ ≤ 45%, the throughput dropped to almost
schemes were simulated for various values of τ , ranging from zero for all Γ values. This indicates Omniledger’s inability to
5% to 45%. IOTA was simulated with three spamming rates handle a network with more than 25% dishonest validators.
S ∈ {30%, 50%, 70%}. Omniledger was simulated with three As for HybridChain, its throughput is comparable to that of
values of Γ ∈ {4, 8, 16}, representing the number of shards in IOTA with S = 30% and τ = 45%. However, when S = 50%
the network. In IOTA, a transaction was considered processed and S = 70%, as well as in Omniledger for all values of Γ
when its cumulative weight exceeds θ. In Omniledger and and for all values of τ , HybridChain performs significantly
HybridChain, a transaction was considered processed when it better. The reason is that HybridChain, like DAG schemes,
was either accepted or rejected by the network consensus. A accelerates transaction processing through partial verification.
one-minute time window was used to process transactions for Moreover, as τ increases, the throughput of HybridChain
all three schemes, with the number of processed transactions slightly decreases since validators require more rounds in each
and accuracy recorded. epoch to reach consensus, thereby taking longer to process the
The results averaged over ten simulations runs, are shown in transactions. Nevertheless, similar to the findings in Section
Fig. 3. It is evident that the spamming rate of adversaries heav- V-B-1, an increase in τ does not impact the accuracy of
ily influences the throughput and accuracy of IOTA. Specifi- HybridChain, as it distributes the relevant witness transactions
cally, each adversary node impacts IOTA in two ways: first, by for each transaction xℓ ∈ X(n) in an epoch among the
increasing the number of orphaned transactions, and second, validators Vj for transactions xj ∈ Wℓ , in a manner that is
by confirming invalid transactions. Consequently, when the impervious to the rise in the number of dishonest validators.
spamming rate S increases while keeping τ fixed, both the In a DAG distributed ledger system, reducing the volume
throughput and accuracy decrease. This outcome is anticipated, of transactions can increase its susceptibility to attacks, as
as stated in [30], due to the existence of a critical spamming indicated by [52]. To further investigate this phenomenon, we
rate denoted as Scritical = P−1 P . When S exceeds Scritical , the conducted a second simulation, keeping all settings identical
inflation of the tip pool size accelerates, resulting in a higher to the first simulation but varying the rate of incoming trans-
number of orphaned transactions. Also, with an increase in actions by setting γ = 1200. This allowed us to observe the
the spamming rate S of adversaries, more cumulative weights effects of low transaction volumes on throughput and accuracy.
of invalid transactions surpass the threshold θ. This occurs The results, shown in Fig. 4, demonstrated that a decrease
because adversary nodes, deviating from the R-URTS protocol, in incoming transactions had a more pronounced impact
tend to select invalid transactions as parents for their submitted on IOTA, making it more vulnerable to adversary attacks.
transactions, resulting in a decline in the accuracy of processed This vulnerability stems from the nature of DAG distributed
transactions. ledgers, where transaction confirmation and validation rely on
Moreover, when S is fixed, an increase in τ leads to the structure of the DAG and other transactions. Insufficient
an increase in throughput. This is because the threshold θ transaction volume leads to system instability, resulting in
 12

11000 2200

10000 2000
Throughput (per minute)

Throughput (per minute)

9000 1800

8000 1600

7000 1400

6000 1200

5000 1000

4000 800

3000 600

2000 400

1000 200

0 0
51015202530354045 51015202530354045

Percentage of dishonest validators ( ) Percentage of dishonest validators ( )

(a) Throughput (a) Throughput

2 2

1.8 1.8
Throughput (per minute)

Throughput (per minute)

1.6 1.6

1.4 1.4

1.2 1.2

1 1

0.8 0.8

0.6 0.6

0.4 0.4

0.2 0.2

0 0
51015202530354045 51015202530354045

Percentage of dishonest validators ( ) Percentage of dishonest validators ( )

(b) Accuracy (b) Accuracy

Fig. 3: Throughput and accuracy based on percentage of Fig. 4: Throughput and accuracy based on percentage of
dishonest validators, with incoming transactions rate γ = 6000 dishonest validators, with incoming transactions rate γ = 1200
and M = 1000 validators. and M = 1000 validators.

incomplete transaction validation. Consequently, accuracy is nificant importance in the field of distributed ledger tech-
reduced, as a greater number of valid transactions remain nologies, particularly with the proliferation of applications
in the tip pool for longer periods, taking more time to be built on distributed platforms and the subsequent surge in
processed and becoming more susceptible to attacks. Ad- user numbers and incoming transactions. In the context of
versaries can exploit this situation to prioritize their own distributed ledgers, scalability pertains to the system’s capacity
transactions, hindering the processing of valid transactions and to efficiently manage an increasing volume of transactions,
further diminishing accuracy. Specifically, by comparing the while sustaining high throughput and low latency. Essentially,
throughput and accuracy values for γ = 6000 and γ = 1200, a distributed ledger system is deemed scalable when it can
it becomes evident that the trends observed for γ = 6000, such process a substantial number of transactions without compro-
as increased throughput and reduced accuracy for fixed S and mising transaction processing speed.
increased τ , persist for γ = 1200. However, the reduction of To evaluate the scalability of the three schemes, we used
accuracy is more severe when γ = 1200 is considered. the settings described in Section V-B-3 while varying the
On the other hand, in HybridChain and Omniledger one rate of incoming transactions γ, from 6000 to 3 × 104 with
transaction does not determine the validity of another transac- increments of 3000. For each γ value, we measured the
tion directly but , therefore changing the transaction volume throughput of the three schemes and the maximum latency of
does not have a significant effect on the throughput and the the processed transactions. In all three schemes, a dishonest
accuracy. fraction of τ = 20% was incorporated. In the case of IOTA,
Hence the above results demonstrate that DAG distributed the spamming rate S was set to 30%, while Omniledger
ledger systems, which do not rely on validators to process maintained a fixed value of Γ = 4 shards. These specific
transactions, can achieve high transaction speeds, allowing parameter values were chosen based on their demonstrated
network nodes to reach consensus quickly, even for large superior performance in the corresponding scheme simulations
transaction volumes. However, this speed may come at the cost conducted in Sections V-B-2 and V-B-3. The objective was to
of consensus accuracy, particularly when facing a powerful compare the scalability of the other two schemes, IOTA and
adversary who can strategically disrupt the network. Omniledger, with HybridChain unde their optimal settings.
4) Scalability: The primary objective of our last simulation Fig. 5 provides a visual representation of the throughput
is to evaluate the scalability of three schemes, a crucial of the three schemes, along with the maximum latency of
element within the trilemma triangle. Scalability holds sig- the processed transactions. Notably, the latency trends differ
 13

among the three schemes as the rate of incoming transactions 3

4
10

γ increases. In IOTA, the maximum latency decreases with 2.7

Throughput (per minute)

higher values of γ, while in the other two schemes, the 2.4

maximum latency increases. This observation highlights a 2.1

key characteristic of DAG schemes, where the validation of 1.8

1.5

transactions relies on their relationships within the system, 1.2

rather than on validators. Consequently, an increase in the 0.9

rate of incoming transactions facilitates faster processing and 0.6

improves throughput. However, this can potentially lead to 0.3

decreased accuracy. As depicted in Fig. 5, an increase in the 0.30.60.91.21.51.82.12.42.73

Rate of Incoming Transactions ( )

4
10

rate of incoming transactions γ is accompanied by a reduction

in accuracy. The absence of validators to validate transactions (a) Throughput
can indeed help reduce latency and increase throughput. How-
ever, it can also result in erroneous verifications, compromising 1.4

accuracy. 1.2

As expected, Omniledger and HybridChain exhibit the 1

typical behavior of non-DAG schemes, where an increase in

Accuracy
0.8

the rate of incoming transactions γ leads to higher maximum

latency and decreased throughput due to transaction processing 0.6

and communication among validators. However, the results 0.4

indicate that Omniledger is more susceptible to the impact 0.2

of increased γ compared to HybridChain, as evidenced by

0

a larger increase in maximum latency in Omniledger. Hy- 0.30.60.91.21.51.82.12.42.73

Rate of Incoming Transactions ( )

4
10

bridChain demonstrates excellent scalability, by maintaining

(b) Accuracy
nearly constant throughput and exhibiting only a marginal
increase in maximum latency, while achieving high accuracy. 3
10

VI. CONCLUSIONS
Maximum of Latency

2
10

The proposed consensus scheme of HybridChain combines

the strengths of blockchain and DAG, and by incorporating 101

a decentralized learning algorithm that exploits transaction

attributes, achieves fast, accurate, and secure transaction pro- 100

cessing. HybridChain can successfully mitigate various se-

curity attacks by decentralizing storage and computations, -1
10

whereas IOTA and Omniledger exhibit vulnerabilities to these 0.30.60.91.21.51.82.12.42.73

Rate of Incoming Transactions ( )

4
10

attacks. Our results demonstrate that while IOTA exhibits

(c) Maximum of Latency
high throughput and low latency in transaction processing,
it sacrifices accuracy and becomes susceptible to orphanage Fig. 5: Scalability based on the rate of incoming transactions
attacks, particularly when the rate of incoming transactions (γ), with τ = 20%, and M = 1000.
is low. For example, when the rate of incoming transactions
increases tenfold from 0.3 × 104 to 3 × 104 transactions per
minute, IOTA’s throughput increases by nearly tenfold, and the [2] H.-N. Dai, Z. Zheng, and Y. Zhang, “Blockchain for Internet of Things:A
maximum latency decreases by almost 100%, but the accuracy survey,” IEEE Internet Things J., vol. 6, no. 5, pp. 8076–8094, Oct. 2019.
declines by approximately 74%. In contrast, HybridChain [3] P. Tasatanattakool and C. Techapanupreeda, ”Blockchain: Challenges and
applications,” 2018 International Conference on Information Networking
maintains consistent accuracy, hovering around 99% for all (ICOIN), Chiang Mai, Thailand, 2018, pp. 473-475.
incoming transaction rates, while experiencing a maximum [4] F. Mogavero, I. Visconti, A. Vitaletti and M. Zecchini, ”The Blockchain
latency of 10.25 seconds for a rate of 3 × 104 transactions per Quadrilemma: When Also Computational Effectiveness Matters,” 2021
IEEE Symposium on Computers and Communications (ISCC), Athens,
minute. Additionally, Omniledger, as a sharded blockchain, Greece, 2021, pp. 1-6.
achieves stable and acceptable accuracy by increasing the [5] Q. Zhou, H. Huang, Z. Zheng and J. Bian, ”Solutions to Scalability of
throughput through parallel processing in different shards. Blockchain: A Survey,”IEEE Access, vol. 8, pp. 16440-16455, 2020, doi:
10.1109/ACCESS.2020.2967218.
However, when the number of shards increases from 4 to 16, [6] A. Miller, I. Bentov, S. Bakshi, R. Kumaresan, and P. McCorry, “Sprites
the maximum throughput decreases by 15% due to increased and state channels: Payment networks that go faster than lightning,” Proc.
latency caused by cross-shard transactions. Int. Conf. Financial Cryptogr. Data Secur. Frigate Bay, St. Kitts: Springer,
2019, pp. 508–526.
[7] C. Decker and R. Wattenhofer, “A fast and scalable payment network with
R EFERENCES bitcoin duplex micropayment channels,” Proc. Symp. Self-Stabilizing Syst.
Edmonton, AB, Canada: Springer, 2015, pp. 3–18.
[1] Nakamoto, S. (2008) Bitcoin: A Peer-to-Peer Electronic Cash System. [8] G. Wood, “Polkadot: Vision for a heterogeneous multi-chain frame-
https://bitcoin.org/bitcoin.pdf work,“Polkadot”, White Paper, 2016.
 14

[9] J. Poon and V. Buterin, “Plasma: Scalable autonomous smart [34] Runchao, Han., Jiangshan, Yu., Haoyu, Lin., Shiping, Chen., Paulo,
contracts,”White Paper, 2017, pp. 1–47. [Online]. Available: Verı́ssimo. On the Security and Performance of Blockchain Sharding..
https://www.plasma.io IACR Cryptology ePrint Archive, 2021.
[10] L. Luu, V. Narayanan, C. Zheng, K. Baweja, S. Gilbert, and P. Saxena, [35] A. Varga and R. Hornig, “An overview of the omnet++ simulation
“A secure sharding protocol for open blockchains,” Proc. ACM SIGSAC environment,” Proceedings of the 1st international conference on Simu-
Conf. Comput. Commun. Secur.-CCS, 2016, pp. 17–30. lation tools and techniques for communications, networks and systems
[11] P. Zheng, Q. Xu, Z. Zheng, Z. Zhou, Y. Yan and H. Zhang, ”Meepo: workshops. ICST (Institute for Computer Sciences, SocialInformatics
Multiple Execution Environments per Organization in Sharded Consor- 2008, p. 60.
tium Blockchain,” IEEE Journal on Selected Areas in Communications, [36] I. Baumgart, B. Heep, and S. Krause, “OverSim: A flexible overlay
vol. 40, no. 12, pp. 3562-3574, Dec. 2022. network simulation framework,” Proceedings of 10th IEEE Global In-
[12] Z. Cai et al., ”Benzene: Scaling Blockchain With Cooperation-Based ternet Symposium (GI ’07) in conjunction with IEEE INFOCOM 2007,
Sharding,” IEEE Transactions on Parallel and Distributed Systems, vol. Anchorage, AK, USA, May 2007, pp. 79–84.
34, no. 2, pp. 639-654, 1 Feb. 2023. [37] “Bitcoin core,” https://bitcoincore.org.
[13] H. Huang et al., ”Elastic Resource Allocation Against Imbalanced Trans- [38] L. N. Nguyen, T. D. T. Nguyen, T. N. Dinh and M. T. Thai, ”OptChain:
action Assignments in Sharding-Based Permissioned Blockchains,”IEEE Optimal Transactions Placement for Scalable Blockchain Sharding,” 2019
Transactions on Parallel and Distributed Systems, vol. 33, no. 10, pp. IEEE 39th International Conference on Distributed Computing Systems
2372-2385, 1 Oct. 2022. (ICDCS), Dallas, TX, USA, 2019, pp. 525-535.
[14] J. Xu, Q. Xie, S. Peng, C. Wang and X. Jia, ”AdaptChain: Adaptive [39] M. Zamani, M. Movahedi, and M. Raykova, “Rapidchain: A fast
Scaling Blockchain With Transaction Deduplication,” IEEE Transactions blockchain protocol via full sharding.”
on Parallel and Distributed Systems, vol. 34, no. 6, pp. 1909-1922, June [40] A. Jadbabaie, P. Molavi, A. Sandroni, and A. Tahbaz-Salehi, “Non-
2023. Bayesian social learning,” Games Econ. Behav., vol. 76, no. 1, pp.
[15] X. Dai, J. Xiao, W. Yang, C. Wang and H. Jin, ”Jidar: A Jigsaw- 210–225, 2012.
like Data Reduction Approach Without Trust Assumptions for Bitcoin [41] S. Shahrampour, A. Rakhlin, and A. Jadbabaie, “Distributed detection:
System,” 2019 IEEE 39th International Conference on Distributed Com- Finite-time analysis and impact of network topology,” IEEE Trans. Autom.
puting Systems (ICDCS), Dallas, TX, USA, 2019, pp. 1317-1326, doi: Control, vol. 61, no. 11, pp. 3256–3268, Nov. 2016.
10.1109/ICDCS.2019.00132. [42] A. Nedi´c, A. Olshevsky, and C. A. Uribe, “Fast convergence rates for
[16] Z. Xu, S. Han and L. Chen, ”CUB, a Consensus Unit-Based Storage distributed non-Bayesian learning,” IEEE Trans. Autom. Control, vol. 62,
Scheme for Blockchain System,” 2018 IEEE 34th International Confer- no. 11, pp. 5538–5553, Nov. 2017
ence on Data Engineering (ICDE), Paris, France, 2018, pp. 173-184. [43] Q. Liu, A. Fang, L.Wang, and X.Wang, “Social learning with time-
[17] Y. Gilad, R. Hemo, S. Micali, G. Vlachos, and N. Zeldovich, “Algorand: varying weights,” J. Syst. Sci. Complexity, vol. 27, no. 3, pp. 581–593,
Scaling byzantine agreements for cryptocurrencies,” Proc. 26th Symp. 2014.
Operating Syst. Princ.-SOSP, 2017, pp. 51–68. [44] L. Su and N. H. Vaidya, “Defending Non-Bayesian learning against
[18] X. Fu, H. Wang and P. Shi, ”Votes-as-a-Proof (VaaP): Permissioned adversarial attacks,” Distrib. Comput., vol. 32, pp. 277–289, 2019.
Blockchain Consensus Protocol Made Simple,”IEEE Transactions on [45] A. Mitra, J. A. Richards and S. Sundaram, ”A New Approach to
Parallel and Distributed Systems, vol. 33, no. 12, pp. 4964-4973, 1 Dec. Distributed Hypothesis Testing and Non-Bayesian Learning: Improved
2022. Learning Rate and Byzantine Resilience,” IEEE Transactions on Auto-
[19] Serguei Popov. The tangle. cit. on, page 131, 2016. matic Control, vol. 66, no. 9, pp. 4084-4100, Sept. 2021.
[20] Colin LeMahieu. Nano: A feeless distributed cryptocurrency network. [46] T. Sypherd, M. Diaz, L. Sankar and P. Kairouz, ”A Tunable Loss
https://nano.org/ en/whitepaper, 2018. Function for Binary Classification,” 2019 IEEE International Symposium
[21] Team Rocket, Maofan Yin, Kevin Sekniqi, Robbert van Renesse, and on Information Theory (ISIT), Paris, France, 2019, pp. 2479-2483.
Emin Gün Sirer. Scalable and probabilistic leaderless bft consensus [47] A. Hoehn and Ping Zhang, ”Detection of replay attacks in cyber-physical
through metastability. arXiv preprint arXiv:1906.08936, 2019. systems,” 2016 American Control Conference (ACC), Boston, MA, USA,
[22] Xavier Boyen, Christopher Carr, and Thomas Haines. Graphchain: A 2016, pp. 290-295.
blockchain free scalable decentralised ledger. Proceedings of the 2nd [48] S. Feng, J. He and M. X. Cheng, ”Security Analysis of Block Withhold-
ACM Workshop on Blockchains, Cryptocurrencies, and Contracts (BCC), ing Attacks in Blockchain,” ICC 2021 - IEEE International Conference
pages 21–33, 2018. on Communications, Montreal, QC, Canada, 2021, pp. 1-6.
[23] Yonatan Sompolinsky and Aviv Zohar. Phantom, ghostdag, 2020. [49] IOTA Foundation. (2021) Tangle 2.0 simulator. [Online]. Available:
[24] Wang, Q., Yu, J., Chen, S., Xiang, Y. (2022). SoK: Diving into DAG- https://github.com/iotaledger/multiverse-simulation
based Blockchain Systems. https://arxiv.org/abs/2012.06128. [50] https://github.com/iotaledger/goshimmer/tree/develop/tools/docker-
[25] H. Pervez, M. Muneeb, M. U. Irfan and I. U. Haq, ”A Comparative network
Analysis of DAG-Based Blockchain Architectures,” 2018 12th Interna- [51] https://github.com/daria305/goshimmer-orphanage
tional Conference on Open Source Systems and Technologies (ICOSST), [52] P. Ferraro, C. King and R. Shorten, ”On the Stability of Unverified
Lahore, Pakistan, 2018, pp. 27-34. Transactions in a DAG-Based Distributed Ledger,” IEEE Transactions on
[26] B. Lashkari and P. Musilek, ”A Comprehensive Review of Blockchain Automatic Control, vol. 65, no. 9, pp. 3772-3783, Sept. 2020.
Consensus Mechanisms,”IEEE Access, vol. 9, pp. 43620-43652, 2021. [53] https://scikit-learn.org/stable/
[27] E. Kokoris-Kogias, P. Jovanovic, L. Gasser, N. Gailly, E. Syta and
B. Ford, ”OmniLedger: A Secure, Scale-Out, Decentralized Ledger via
Sharding,” 2018 IEEE Symposium on Security and Privacy (SP), San
Francisco, CA, USA, 2018, pp. 583-598.
[28] S. Müller, A. Penzkofer, N. Polyanskii, J. Theis, W. Sanders and H.
Moog, ”Tangle 2.0 Leaderless Nakamoto Consensus on the Heaviest
DAG,”IEEE Access, vol. 10, pp. 105807-105842, 2022.
[29] Bing-Yang Lin, Daria Dziubałtowska, Piotr Macek, Andreas Penzkofer
and Sebastian Müller. Robustness of the Tangle 2.0 Consensus, 2022;
arXiv:2208.08254.
[30] Daria Dziubałtowska. The security of the Coordicide: the implementa-
tion and analysis of possible attack vectors, 2022; arXiv:2205.12568.
[31] P. Perazzo, A. Arena and G. Dini, ”An Analysis of Routing Attacks
Against IOTA Cryptocurrency,” 2020 IEEE International Conference
on Blockchain (Blockchain), Rhodes, Greece, 2020, pp. 517-524, doi:
10.1109/Blockchain50366.2020.00075.
[32] M. S. Kumar, V. Soundarya, S. Kavitha, E. S. Keerthika and E.
Aswini, ”Credit Card Fraud Detection Using Random Forest Algorithm,”
2019 3rd International Conference on Computing and Communications
Technologies (ICCCT), Chennai, India, 2019, pp. 149-153.
[33] Gilles Louppe. Understanding Random Forests: From Theory to Prac-
tice, 2014; arXiv:1407.7502.