Prefix Consensus For Censorship Resistant BFT

Published 2 Feb 2026 in cs.DC | (2602.02892v1)

Abstract: Despite broad use of BFT consensus in blockchains, censorship resistance is weak: leaders can exclude transactions, a growing concern for trading and DeFi. We address this by introducing a new abstraction and protocol stack. First, we introduce \emph{Prefix Consensus}, where parties input vectors and output $(v^{\sf low},v^{\sf high})$ that (i) extend the maximum common prefix of honest inputs and (ii) satisfy $v_i^{\sf low}\preceq v_j^{\sf high}$ for all honest $i,j$. Unlike classical consensus, no single output is required. We show Prefix Consensus is solvable asynchronously and give tight round-complexity bounds. We then define \emph{Strong Prefix Consensus}, requiring agreement on the \emph{high} output. Our protocol is leaderless and partially synchronous: one Prefix Consensus instance decides (possibly different) lows, and additional instances yield a unique safe-to-extend high, even if an adversary can suspend one party per round. We lift this to a leaderless, multi-proposer, censorship-resistant BFT SMR protocol: per slot, all parties broadcast proposals, deterministically rank them, and run one Strong Prefix Consensus on proposal hashes, committing honest proposals in \emph{four rounds}. A deterministic demotion rule updates the ranking when a party's proposal is excluded, implying that after GST at most $f$ slots can miss an honest proposal while progress remains leaderless under suspension and up to $f{-}1$ Byzantine faults. Finally, we connect Prefix Consensus to graded and binary/validated consensus: we obtain an optimal-latency graded consensus (3 message delays) and leaderless Binary/Validated Consensus with worst-case message complexity $O(n^3)$ and communication $O(n^4)$.

Abstract PDF Upgrade to Chat

Summary

The paper introduces Prefix Consensus to ensure censorship resistance by enabling all honest parties to agree on mutually consistent output vectors.
It presents deterministic asynchronous solutions with a proven lower bound of three rounds at optimal resilience (n = 3f + 1), and an optimistic variant that reduces rounds under benign conditions.
The work extends to multi-slot, leaderless BFT SMR, achieving f-censorship resistance through dynamic ranking and robust progress even in the presence of targeted adversaries.

Prefix Consensus for Censorship Resistant BFT

Introduction and Motivation

Byzantine Fault Tolerant (BFT) consensus protocols underpin nearly all blockchain infrastructures, providing safety and liveness under adversarial conditions. However, these protocols leave a significant gap in the dimension of censorship resistance: existing blockchains offer only weak inclusion guarantees, often permitting a leader or a subset of nodes to selectively exclude transactions from the canonical history. This creates profound risks for trading, DeFi, and other decentralized applications where the ability to prevent transaction censorship is paramount.

The paper "Prefix Consensus For Censorship Resistant BFT" (2602.02892) introduces Prefix Consensus, a novel primitive addressing inclusion guarantees and leaderless, censorship-resistant BFT consensus. The work presents new protocol designs and complexity bounds, and formalizes inclusion/censorship resistance in both single-shot and multi-slot (state machine replication) settings.

Prefix Consensus: Abstraction and Protocol

Prefix Consensus abstracts the idea that all honest parties can agree on mutually consistent vectors $(v^{\sf low}, v^{\sf high})$ rather than a single output value. Specifically, for $n$ participating parties (at most $f$ Byzantine), each proposes an input vector. The protocol ensures that:

For any honest parties $i, j$ , $v_i^{\sf low} \preceq v_j^{\sf high}$ , i.e., outputs are safely extendable;
$\{v_h^{\sf in}\}_{h \in H} \preceq v_i^{\sf low}$ for all honest $i$ (validity);
Termination is guaranteed for all honest parties.

This abstraction, strictly weaker than standard consensus, enables deterministic asynchronous solutions unattainable for Byzantine Agreement (cf. FLP impossibility). Notably, the protocol establishes tight bounds: three communication rounds are necessary and sufficient for Prefix Consensus in asynchronous settings at optimal resilience ( $n = 3f + 1$ ). An optimistic variant achieves two rounds in benign executions and four rounds in the worst case.

The construction utilizes certified voting rounds, where parties aggregate input signatures, derive maximal common prefixes, and progressively converge on mutually consistent commit/extend vectors.

Strong Prefix Consensus: Leaderless Agreement

To build a consensus-like primitive for broader applications, Strong Prefix Consensus strengthens Prefix Consensus by requiring agreement on the high output across all honest parties. The provided protocol for Strong Prefix Consensus is:

Leaderless and partially synchronous: Progress does not depend on any single process, leader, or proposer.
Employs a multi-view protocol, where later views commit parent pointers into earlier views, deterministically chaining high outputs back to view 1.
Handles adversaries able to suspend one party per round while up to $f{-}1$ others are Byzantine.

Underlying this is the concept of verifiable Prefix Consensus, where output pairs are certified with publicly verifiable proofs, allowing safe committing and extending even from potentially Byzantine sources.

Multi-slot Consensus and Censorship Resistance

The work extends the single-shot notion of censorship resistance to long-lived slots, defining $c$ -censorship resistance, where at most $c$ slots can be censored (miss honest proposals) after GST. In their construction:

Multi-proposer, leaderless BFT SMR protocol: Every slot is handled by broadcasting proposals, ordering via deterministic ranking, and running Strong Prefix Consensus.
The ranking is dynamically updated: whenever a Byzantine party is detected censoring a slot, it is moved to the end, reducing its ability to repeatedly censor.
Achieves $f$ -censorship resistance: after GST, at most $f$ slots are censored. As $f$ is fixed and small compared to execution duration, this represents negligible censorship in practice.

Strong numerical results include:

Four rounds per slot: Commit latency matches practical requirements in blockchains where the time between blocks is small.
Message complexity $O(n^2)$ per slot (good case), $O(n^3)$ worst case, improving over prior leaderless constructions.

Connections to Other Consensus Primitives

The lower bound derived for Prefix Consensus implies a matching lower bound for Graded Consensus, yielding a protocol with 3-round latency—halving previous best known round complexity. The Prefix/Strong Prefix abstractions also enable simple, leaderless binary and validated consensus protocols with improved message/communication complexity ( $O(n^3)$ and $O(n^4)$ , respectively).

Contradictory and Bold Claims

A bold finding is that although classical consensus is impossible deterministically in fully asynchronous settings, Prefix Consensus is always solvable asynchronously under optimal resilience ( $n = 3f + 1$ ), and three rounds are both necessary and sufficient. This strictly separates inclusion-consistent primitives from consensus in terms of asynchronous solvability and complexity.

Furthermore, the protocol achieves leaderless censorship resistance with bounded adversarial impact (at most $f$ censored slots) and robust progress despite adversaries able to suspend one party per round.

Practical and Theoretical Implications

Practically, the work provides a censorship-resistant backbone for future high-throughput blockchains and DeFi platforms. It directly informs the design of systems that must guarantee liveness and provable transaction inclusion despite arbitrary, targeted DoS or censoring adversaries. The demotion mechanism and deterministic order update prevents permanent exclusion of honest proposers, which is critical for inclusivity and liveness in decentralized systems.

Theoretically, the abstraction and bounds for Prefix Consensus delineate the landscape between transaction inclusion and full consensus. The separation in round complexity and solvability models provides new directions for both consensus theory and protocol engineering.

Future Directions

Several open problems and further avenues are identified:

Tightening the bounds for 2-round Prefix Consensus (gap between lower/upper bounds under $n \leq 4f$ vs $n \geq 5f+1$ );
Communication reduction via succinct proof systems;
Extensions to set consensus, crash fault tolerance, and asynchronous multi-slot consensus;
Incorporation of encrypted mempool or data hiding techniques for further censorship resistance and privacy.

Conclusion

This work advances the state of the art in BFT consensus by introducing and tightly characterizing Prefix Consensus, a minimal primitive for inclusion and censorship resistance. The protocol stack—including Prefix Consensus, Strong Prefix Consensus, and multi-slot SMR—enables efficient leaderless, censorship-resistant blockchains, robust to adversaries and optimized for both latency and communication cost. The theoretical insights underpin improved consensus primitives and open new directions for future protocols with advanced inclusion, fairness, and resistance guarantees in distributed systems.