
nodes.
Lemma 9: There are UNLs with just one Byzantine
node leading to liveness violation in spite of 80% quo-
rum.
Proof: The authors of (Amores-Sesar et al., 2021) il-
lustrate through an example shown in Figure 9 that
depicts a system with 2n correct nodes and one single
Byzantine node. All nodes are assumed to trust each
other, i.e., there is one common UNL containing all
2n + 1 nodes. Based on Figure, the byzantine node
suggests Tx to 1-n and TX’ to n+2 to 2n+1. This ob-
viously leads to situation where neither nodes from
{1,...,n} nor {n+1, ... 2n+1} switch from Tx to Tx’
or Tx’ to Tx respectively as per the preferred ledger
rule.
Figure 9: Single Node Byzantine Creating Liveness Viola-
tion (Amores-Sesar et al., 2021).
Lemma 10: The UNL shown in Figure 9 has RI = 0
with respect to the XRP peer-to-peer network, assum-
ing the arrows shown are the only possible communi-
cations.
Proof: The UNL shown in can be represented as {
{(1,n+1), ... , (n,n+1)},{(n+1)}, {(n+1, n+2), ...,
(n+1,2n+1)}. It easily follows from the definition of
RI, that RI of the network is 0.
Lemma 11: Let α be the similarity greater than 50%
across UNLs. If α satisfies 80% overlap then there
cannot be any liveness violation with at most 20%
failures (or byzantine).
Proof: Let the UNL be represented by {C1, C2,
...cm}. A similarity of 50% implies more than
⌈71.41%⌉ overlap pairwise. Hence, even if 20% fail-
ures occur there will be other nodes that will vote on
seeing the other value (cf. Figure 8). As the algo-
rithm is deterministic, one of the Tx will go through
and there will be no liveness violation.
5 CONCLUSIONS
In this paper, we have described a similarity measure
based on rand-index for UNLs, and shown that XRPL
maintains consensus correctness with 80% consensus
and a similarity that is more than 50% that implies
at least 80% overlap. The similarity measure binds
the UNLs tightly that enables it to maintain consen-
sus correctness. We have also related the similarity
measure with the overlap of UNLS and shown that
the XRPL preserves safety and maintains transaction
liveness under 20% Byzantine failures if the similar-
ity of UNLs is more than 50% and implies an overlap
at least 80%. If the system must be further failure tol-
erant of say up to the limit of 1/3 failure of the total
number of nodes (as per the original byzantine tol-
erant algorithm) in the XRP network, the similarity
must be enhanced. While several authors had anal-
ysed the XRPL protocol for security and correctness
and provided counter examples for various overlap
condistions, this is the first time, a characterization
of consensus correctness has been established using a
easy-to-understand metric rand-index. The notion of
similarity and correctness established here, in a sense
indicates as to how the XRP network has been work-
ing robustly in practice.
Whenever, one looks at UNL based consensus,
one wonders as to how the UNLs can be formed to
enhance performance keeping the correctness invari-
ant. While in section 4, we discussed informal hints,
we opine that the notion of similarity shall provide a
basis on which UNLs can be effectively designed. So
far, even with overlap notions, there has been no clear
indication of how much performance gain is obtained
either in theory or practice through the use of UNL
based consensus. It would be interesting to evaluate
how much performance can be gained through a rigor-
ous design of UNLs both theoretically and practically.
REFERENCES
Amores-Sesar, I., Cachin, C., and Mi
´
ci
´
c, J. (2021). Se-
curity Analysis of Ripple Consensus. In 24th Inter-
national Conference on Principles of Distributed Sys-
tems (OPODIS 2020), volume 184, pages 10:1–10:16.
Armknecht, F., Karame, G. O., Mandal, A., Youssef, F.,
and Zenner, E. (2015). Ripple: Overview and out-
look. In Conti, M., Schunter, M., and Askoxylakis,
I., editors, Trust and Trustworthy Computing, pages
163–180, Cham. Springer International Publishing.
Buterin, V. and Griffith, V. Casper the friendly finality gad-
get. https://arxiv.org/abs/1710.09437,October2017.
Chac
´
on, J. and Rastrojo, A. (2023). Minimum adjusted rand
index for two clusterings of a given size. Advances in
Data Analysis and Classification, 17:125–133.
Chase, B. and MacBrough, E. (2018). Analysis of the
xrp ledger consensus protocol. CoRR, http://arxiv.org/
abs/1802.07242, Mon, 13 Aug 2018 16:47:54 +0200.
Christodoulou, K., Iosif, E., Inglezakis, A., and Themisto-
cleous, M. (2020). Consensus crash testing: Exploring
SECRYPT 2024 - 21st International Conference on Security and Cryptography
112