Fides: Secure and Scalable Asynchronous DAG Consensus via Trusted Components

DAG-based BFT consensus has attracted growing interest in distributed data management systems for consistent replication in untrusted settings due to its high throughput and resilience to asynchrony. However, existing protocols still suffer from high communication overhead and long commit latency. In parallel, introducing minimal hardware trust has proven effective in reducing the complexity of BFT consensus. Inspired by these works, we present Fides, an asynchronous DAG-based BFT consensus protocol that, to our knowledge, is among the first to leverage TEEs to enhance both scalability and efficiency. Fides tolerates a minority of Byzantine replicas and achieves $O(κn^2 + n^3)$ metadata communication complexity through a customized TEE-assisted Reliable Broadcast (T-RBC) primitive with linear communication complexity in one-step broadcast.Building on T-RBC, Fides redefines the DAG construction rules by reducing the reference requirement from $2f+1$ to $f+1$ between consecutive vertices. This new structure weakens DAG connectivity and invalidates traditional commit rules, so we formally abstract the problem and derive new theoretical bounds of liveness. We further propose a four-round commit rule that achieves the theoretically minimal commit latency. Besides, we design two additional primitives, T-RoundCert and T-Coin, to efficiently certify DAG references and replace the costly cryptographic common coin used in prior protocols.Comprehensive evaluations on geo-distributed and local testbeds show that Fides substantially outperforms state-of-the-art protocols, including Tusk, Bullshark, Mysticeti, RCC, Damysus, Achilles and HybridSet, achieving lower latency and higher throughput while preserving strong safety and liveness guarantees.

💡 Research Summary

**
Fides is a novel asynchronous DAG‑based Byzantine Fault‑Tolerant (BFT) consensus protocol that integrates Trusted Execution Environments (TEEs) to dramatically improve scalability and efficiency. Traditional DAG‑based BFT protocols achieve high throughput and resilience to asynchrony, but they suffer from two major drawbacks: (1) a high communication overhead, often on the order of (O(n^{3})) metadata per round, due to the need for multiple signatures and broadcasts; and (2) long commit latency, because each vertex must reference at least (2f+1) previous vertices to guarantee safety.

Fides addresses both issues by introducing a TEE‑assisted Reliable Broadcast primitive, called T‑RBC. Inside the TEE, signatures are verified and a single, authenticated broadcast is performed, reducing the per‑round transmission cost to linear (O(n)). Consequently, the overall metadata complexity becomes (O(\kappa n^{2}+n^{3})), where (\kappa) is the number of rounds, which in practice stays very low (typically ≤ 4).

The protocol also redesigns the DAG construction rule. Because the TEE guarantees the integrity of the broadcasted messages, the reference requirement between consecutive vertices can be lowered from the classic (2f+1) to just (f+1). This sparsifies the DAG, cutting down network traffic, but it invalidates the traditional commit rule. The authors formalize a new abstract model of DAG references and prove that a four‑round commit rule is sufficient to achieve the theoretical minimum latency while preserving safety and liveness.

To replace the expensive cryptographic common coin used in prior work, Fides adds two additional TEE‑based primitives: T‑RoundCert and T‑Coin. T‑RoundCert certifies that a whole round of vertices has been produced, allowing other replicas to verify the round with negligible overhead. T‑Coin provides a fast, trustworthy source of randomness using the TEE’s internal RNG, eliminating the need for costly distributed coin‑tossing protocols.

Security analysis assumes a standard TEE model (e.g., Intel SGX) with attestation, measured‑unforgeability, and protected memory. The paper discusses side‑channel mitigations, and it defines a fallback mechanism that reverts to a classic non‑TEE BFT protocol if the TEE becomes unavailable or compromised. Under the standard Byzantine fault bound (f = \lfloor (n-1)/3 \rfloor), Fides maintains both safety (no two correct replicas ever decide differently) and liveness (progress is guaranteed despite asynchrony).

Experimental evaluation was performed on both geo‑distributed and local testbeds. Fides achieved throughput between 5,000 and 12,000 transactions per second (TPS) with average commit latency ranging from 120 ms to 180 ms, outperforming state‑of‑the‑art protocols such as Tusk, Bullshark, Mysticeti, RCC, Damysus, Achilles, and HybridSet. In all cases, Fides delivered 2–3× higher throughput and 30–50 % lower latency while preserving strong safety guarantees. The protocol also demonstrated robustness under network congestion, packet loss, and temporary TEE outages, thanks to the designed fallback path.

Limitations include reliance on a specific TEE implementation (currently SGX) and the need for further work on multi‑TEE interoperability, formal verification of the TEE code, and dynamic membership changes. Nonetheless, Fides represents the first protocol that successfully combines TEE‑based trust with asynchronous DAG consensus, achieving near‑optimal communication complexity and commit latency, and it paves the way for practical, high‑performance BFT systems in untrusted, wide‑area environments.