Manipulating leader selection in BFT protocols

Matt Weinberg

Cryptographic Self-Selection is a subroutine used to select a leader for modern proof-of-stake consensus protocols, such as Algorand. Such protocols leave open the possibility of a selfish-mining style attack: a user who owns multiple accounts that each produce low-scoring credentials in a round can selectively choose which ones to broadcast to influence the seed for the next round. The user can pre-compute their credentials for the next round for each potential seed, and broadcast only the credential that produces the most favorable seed. In this talk, Matt Weinberg (Princeton) considers an adversary who wishes to maximize the expected fraction of rounds in which an account they own is the leader. Matt overviews the model and several potential variants, and describes how to reason about optimal manipulations. Based on joint work with Matheus Ferreira, Sally Ye Lin Hahn, and Catherine Yu (, EC 2022).

About the presenter

Matt is an associate professor of computer science at Princeton University. His work primarily centers around algorithmic mechanism design: the study of algorithms in domains where participants have incentives. Within the web3 space, his research primarily considers incentives in consensus protocols, and other mechanism design aspects of protocol design.

About a16z crypto research

a16z crypto research is a multidisciplinary lab that works closely with our portfolio companies and others toward solving the important problems in the space, and toward advancing the science and technology of the next generation of the internet.