A verifiable and privacy-preserving blockchain-based federated learning approach

Abstract

Federated Learning (FL) is a promising approach to enabling machine learning on decentralized data. It allows multiple clients to train a global model without transferring their data to a central server. However, traditional federated learning suffers from privacy and security problems due to the potential leakage of sensitive information. Existing consensus algorithms such as Proof of Work (PoW), Proof of Stake (PoS), Delegated Proof of Stake (DPoS) etc., are not scalable and efficient for permissioned blockchain networks. In this paper, we propose a blockchain-based federated learning approach using the Proof of Authority (PoA) consensus algorithm to address these issues. The proposed framework leverages the immutability and transparency of blockchain to ensure the integrity and privacy of the data during the federated learning process. We evaluate the proposed blockchain-based FL approach on a simulated dataset, and the results show that it achieves a higher level of accuracy, efficiency, privacy and security compared to existing approaches. We also compare the PoA consensus algorithm with other consensus algorithms. The proposed approach, Blockchain-based Federated Learning (BC-FL) is designed to be more communication efficient, scalable, and secure than existing approaches in blockchain-based FL systems.

1 Introduction

The current developments in information and communication technology have fundamentally altered every aspect of human life, but they have also brought up serious privacy and security concerns. Machine learning (ML) is considered a viable approach to identifying privacy and security issues in both the present and future of the digital framework [1]. The concept of Federated Learning (FL) has emerged in response to these concerns and new developments in personal gadgets. Federated learning distributes the implementation of machine learning, protects privacy by enabling model training on edge devices without requiring the transmission of data from the edge to a central server. Through cooperative local training and updating of a shared machine learning model, while protecting the user information, federated learning demonstrates its effectiveness and privacy preservation [2].

The conventional FL approach involves iterating through the following steps until the training process is stopped, as illustrated in Fig. 1. (a) Local model training: Each federated learning user trains its model using the local dataset. (b) Model uploading: Each federated learning user/client uploads its locally trained model to the main server. (c) Model aggregation: To update the global model, the server gathers and aggregates user models. (d) Model updating: The server updates the global model and distributes it to all federated learning users. The users or workers then train their new local models in a new federated learning round using this updated global model [3].

Fig. 1

Traditional federated learning framework

However, due to the avoidance of sending local data to a central server, the centralized FL model still faces several challenges. Firstly, the centralized design is a single point of failure and vulnerable to availability assaults like distributed denial of service. A single point failure can lead to potential issues, including unintentional network connection failure, unexpected external attacks, purposefully dishonest aggregation, etc. Second, this paradigm has a risk of privacy leaks because any nefarious central server might deduce sensitive user data from the delivered local model updates. The substantial exchange of model updates between the vast number of devices and the central server causes communication overhead, which is the third problem. Fourth, the central server cannot manage and aggregate the local model due to the growing number of end devices [4]. The lack of incentives is the fifth issue. With traditional federated learning, clients are seen as providing their processing power without being compensated, which makes it difficult to encourage clients to abide by the protocol’s requirements for honesty and the provision of accurate data.

Blockchain-enabled federated learning has been proposed and expanded to address numerous real-world demands and overcome limitations. Decentralization, incentives, traceability, trust, integrity, immutability, and reliability are key characteristics of blockchain. Decentralization ensures that model updates are kept in various places rather than just one place, and to support decentralization and secure model storage, the authors [5, 6] have proposed the Blockchain-based Federated Learning (Block-FL) architecture. Furthermore, blockchain-based federated learning provides immutability and traceability to track history or make model alterations unchangeable. The blockchain’s timestep feature is used to track model revisions and history. Model updates are saved using the timestep feature on a blockchain network [7]. In addition, blockchain provides incentives to motivate federated learning devices to participate in model training. Blockchain supports an incentive system based on participant participation to local model changes. As a result, those who do not have access to reimbursement devices are unwilling and less eager to take part in the traditional federated learning process training phase [8].

Based on the authorization criteria for participating nodes, there are two types of blockchains: permissionless/public blockchains and permissioned blockchains. Permissioned blockchains can be further classified into private and consortium/federated blockchains based on the level of control and participation by the entities in the consensus mechanism. In permissionless blockchain, there is no centralized entity to organize the identities of participating nodes. These blockchains are entirely open and decentralized and everyone can use and participate in the public or permissionless blockchain at any time. On the other hand, with a permissioned or private blockchain, only authorized nodes can read transactions from the blockchain and add new transactions to it in accordance with the permission policy/rule [9, 10].

There are several consensus algorithms used in blockchain-based federated learning systems, some of the most popular being Proof of Work (PoW), Proof of Authority (PoA), Proof of Stake (PoS), Delegated Proof of Stake (DPoS), and Practical Byzantine Fault Tolerance (PBFT). These algorithms guarantee that all participants agree on the legitimacy of transactions and the state of the network [11, 12]. However, there are several challenges and problems in existing consensus algorithms that can impact the efficiency and security of the system [13]. Some of the existing problems in consensus algorithms in blockchain based federated learning include scalability, security, centralization, energy consumption, incentivization, and privacy [6, 14]. The motivation for using Proof of Authority (PoA) as a consensus algorithm in permissioned blockchain-based federated learning systems, is its efficiency, security, scalability, decentralization, and privacy-preserving properties [11]. PoA is a consensus algorithm that offers an alternative to PoW, PoS, DPoS and PBFT for use in permissioned blockchain networks. PoA addresses some limitations of other consensus algorithms and suitable for use in all permissioned blockchain applications.

This paper presents a novel method for addressing the challenges of privacy, security, and scalability in blockchain-based federated learning systems, utilizing blockchain technology. The contribution of this work lies in its approach to these challenges, which can have significant implications for the field of FL. The proposed approach utilizes a permissioned blockchain network to store the model and aggregate model updates through the use of smart contracts. This framework has the potential to reduce resource costs, improve communication and computational efficiency, and enhance the security and privacy of federated learning. Moreover, it ensures scalability, which could have significant implications for various applications such as healthcare, finance, autonomous systems, and more.

The main contributions of the paper are as follow:

1. (i)

   This paper proposes a new federated learning (FL) approach based on blockchain technology, which utilizes its immutable and decentralized nature to enhance the security, scalability, and privacy of FL while minimizing the resource costs of the FL system.

2. (ii)

   The proposed framework employs the Proof of Authority (PoA) consensus algorithm to enhance consensus among network nodes. In addition, the paper provides a comparative analysis of PoA with other consensus algorithms, including PoW, PoS, DPoS, and PBFT.

3. (iii)

   The paper presents a comprehensive analysis of the proposed framework and showcases its feasibility through simulations. The proposed framework achieves superior performance and yields promising results compared to existing approaches.

The rest of this paper is structured as follows. Section 2 presents a review of relevant work. In Sect. 3 the proposed approach is explained. In Sect. 4, the experimental results and analysis are presented. Finally, Sect. 5 concludes the paper and presents future work.

2 Related work

The concept of Federated Learning (FL) was first put forth by researchers from Google [15]. The authors suggested a method that involved using the user’s local machine to train the data locally, sharing the local gradient with the central server, which then combined all of the received gradients to create the global model. The authors [16] presented the blockchain-based federated learning system, which operates on public blockchain networks. Without requesting permission, training nodes and miners can join the system and collaborate to train a global model. Proof of Work (PoW) is the verification consensus used by miners on those networks to create new blocks. The public blockchain is manipulated by the block federated learning model supported in [17] to confirm model updates; the miners are any devices that can supply sufficient processing power. Proof of Work (PoW) is carried out with the help of miners, and after that, the freshly created blocks are added to the distributed ledger. In order to close the resource gap between end users’ devices and base stations and enable effective edge computing, the authors suggest a digital twin network model [18] that incorporates digital twins into edge networks. Additionally, employ federated learning to carry out the edge intelligence training and learning process cooperatively. Digital twins are virtual representations of genuine items or persons that have their data, communications capabilities, and functionalities.

Based on the paillier Homomorphic Encryption (HE) and distributed selective Stochastic Gradient Descent (SGD) techniques, the authors of this paper [19] suggested a verified privacy-preserving Federated Learning (FL) method. Each participant’s gradient vector can be split up into separate shards and distributedly encrypted or encoded. Additionally, provide a thorough security analysis to show how to realize data authentication, confidentiality, and verifiability and present an online-offline signature system to realize lightweight integrity checking during the gradients transfer phase. In order to develop Intelligent Transportation Systems (ITS), authors in this paper [20] studied the use of Federated Learning (FL) as opposed to Machine Learning (ML) in vehicular network applications. Furthermore, detail the thorough analysis of federated learning’s viability for vehicle applications based on machine learning. List the main difficulties associated with data labeling and model training from a learning perspective. They specify the data rate, transmission delay, accuracy, privacy, and resource management from the perspective of communication. By combining the private blockchain and wireless federated learning system at the network edge, Zhanpeng et al. [21] proposed the Practical Byzantine Fault Tolerance (PBFT) based wireless blockchain Federated Learning (B-FL) architecture, which creates a reliable artificial intelligence model training environment to fend off failures and attacks from malicious edge servers and malicious edge devices. The wireless B-FL uses the blockchain’s PBFT consensus mechanism to verify the accuracy of the global model update, achieving high efficiency and low energy consumption.

Blockchain based privacy preserving FL schemes benefit from the integrity and immutability of the blockchain. For instance, [22] suggested a blockchain-based FL framework that protects privacy. The blockchain was utilized in this framework to connect various FL components. Information flows were tracked via a distributed ledger of transactions, and data provenance was made possible by the blockchain’s immutability. The contribution-based incentive mechanisms were also made possible by this work, which also allowed for the adaptation of a malevolent client assumption rather than a semi-honest client assumption. Attackers can still learn participants’ personal information by examining at the uploaded parameters, despite FL’s ability to prevent users from revealing their local data. Differential Privacy (DP) provided a way to prevent information leaks. A unique approach built on DP was proposed by Wei et al. [23], in which clients artificially saturate local model updates before the aggregation.

The well-known blockchain consensus algorithm was succinctly described by Qianwen WANG et al. [24]. By detailing their various conditions and requirements, the DPoS, PoW, PoS, and BPFT’s internal application, benefits, and drawbacks are discussed. PoW-PoS hybrid consensus mechanism research is currently cantered on this mechanism. Also, it is a novel approach to use smart contracts to increase the transparency of consensus rules. The application of the consensus algorithm in practice is a test of the algorithm. Consensus algorithms were examined by the authors of [25], including their categorization, application, and use in blockchain networks. According to a number of criteria, they have compared the various consensus algorithms that have been defined, and they have also looked at how each consensus algorithm has been implemented in relation to the others. They have talked about the benefits and the many research problems that are present in this blockchain-related subdomain.

The authors [26] highlights in this paper the importance of data privacy in machine learning (ML) models and the need to address privacy gaps in ML systems. The authors identify federated learning and blockchain networks as new paradigms that have emerged with the potential for privacy preservation in ML models. However, the paper notes that these paradigms have several fundamental privacy and security issues that need to be addressed. These issues include the vulnerability of trained ML models to adversarial attacks, the exploitation of shared gradients and global parameters by adversaries, and the potential for the parameter server to drop gradients that have been mistakenly or deliberately updated. Furthermore, the paper acknowledges that there may not be enough data available to train models in a privacy-preserving manner. In response to these challenges, the authors propose a research framework that aims to address privacy concerns in federated and distributed environments. The proposed framework seeks to provide a privacy-preserving solution that can address the fundamental privacy and security issues inherent in federated and blockchain-based networks.

3 Propose scheme

In this section, we propose our Blockchain-based Federated Learning (BC-FL) approach, which utilizes the Proof of Authority (PoA) consensus protocol. BC-FL offers advantages over traditional Federated Learning (FL) methods, including improved performance, enhanced security, and efficient communication. The BC-FL approach involves distributing the locally trained model to multiple clients or devices. These clients have their own local datasets and perform training on their data. After each training iteration, clients send the updated model parameters to a model aggregator, acting as a validator. The model aggregator plays a crucial role by collecting and aggregating the parameters from all participating clients. Various methods, such as averaging or weighted averaging, are used for aggregation. The goal is to obtain an updated global model that incorporates insights from diverse local datasets. Once the model aggregator has collected the parameters, it uses them to update the global model through a miner, which appends the updates to the blockchain. The blockchain ensures transparency, immutability, and security of the global model. Clients retrieve the latest version from the blockchain and initiate subsequent training cycles. The BC-FL approach facilitates efficient communication, as only model parameters are transmitted, reducing communication overhead compared to traditional FL methods. This leads to improved efficiency and lower bandwidth requirements. The training process continues until the BC-FL system converges, indicating that the global model reaches a stable and accurate state. Convergence is determined by predefined criteria, such as reaching a certain accuracy or stability level. Algorithm 1 and Fig. 2 depicts the proposed architecture of Blockchain-based Federated Learning (BC-FL) approach. Further details can be found in Sect. 3.1.

Fig. 2

Architecture of the proposed BC-FL approach

3.1 Blockchain-based Federated Learning (BC-FL)

Each edge device uses the local dataset to train the local model using Stochastic Gradient Descent (SGD) algorithm during local model training. Equation 1 can be used to express the local loss function on the batch of samples \(S_k\) drawn at random from a local dataset for each edge device \(D_K\in D\).

$$\begin{aligned} F_k (W;\, S_K)=\frac{1}{SD_K}\sum _{(x_i,y_i)\in S_K} f(w,x_i,y_i) \end{aligned}$$

(1)

where \(SD_K\) represents batch size of the edge device \(D_K\), \(x_i\) is representing feature, \(y_i\) is representing label and w represents the parameter of the learning model. Particularly, the sample wise loss function is \(f(w,x_i,y_i )\) based on the learning model. Equation 2 illustrates the SGD algorithm, which can be used to update the local model parameter.

$$\begin{aligned} w_k^t = w_k^{t-1} - \eta \nabla F_K (w_k^t ; \, S_K) \quad \end{aligned}$$

(2)

where \(w_k^t\) represents the edge device \(D_K\) trained model parameter in round t, \(\eta\) is the learning rate and \(F_k (w_k^t;S_K)\) is the gradient. The edge devices are uploading the local models to the distributed ledger as transactions \((w_K,D_K )\), \(\forall D_k \in D\), where \((w_K,D_K)\) represents a data packets comprising of local model parameters \(w_K\) and data packets is signed by edge devices \(D_K\).

After receiving the data packets containing the local model parameters \((w_K,D_K)\), \(\forall D_k \in D\), the validators evaluate the transactions to confirm the validity of the local model owner before performing a smart contract to combine the local model parameters into a global model. Equation 3 defines the global loss function via global aggregation.

$$\begin{aligned} F(w_t) = \frac{1}{|D|} \sum _{k=1}^N |D_K| F_K(w_k^t), \quad k\in \{1,2,3,\dots ,N\} \quad \end{aligned}$$

(3)

where \(|D_K |\) denotes the number of samples in dataset \(D_K\). The above processes are repeated until the required accuracy is achieved.

For the integrity and authenticity cryptography technique is used to validate of data packets and guarantee of data packet is not to tempered by any malicious users. To validate data packets using digital signature, the sender generates a messages digest using a cryptographic hash function, encrypts the message digest using their private key to create a digital signature, and send the original message and digital signature to the recipient. The recipient then decrypts the digital signature using the sender’s public key and recalculates the message digest of the original message. If the recalculated message digest matches the decrypted digital signature, then the recipient can be confident that the message has not been tempered with and that the sender is authentic. Equations 4 and 5 are used for signature and verification of data packets.

$$\begin{aligned} Signature = Encrypt(Hash(Msg) , Privkey) \end{aligned}$$

(4)

$$\begin{aligned} Verification = Decrypt(Signature, Pubkey) == Hash(Msg) \end{aligned}$$

(5)

where Msg is original message to be transmitted, Hash(Msg) is the message digest or hash of the message calculated using a cryptographic hash function, Privkey is the sender’s private key used to encrypt the message digest, Pubkey is the recipient’s public key used to decrypt the message digest, but Encrypt() and Decrypt() are cryptographic functions used to encrypt and decrypt the message digest respectively.

In Algorithm 1 t is the total number of rounds and the initial global model parameter is \(w_0, (B_i, t)\) is the random subset of the local dataset at node i in round t, the local loss function of node i is \(L(w,x_j,y_j )\), which measures the difference between the predicted output and the actual output, given the input \(x_j\) and the true output \(y_j\), N is the total number of data samples in all nodes and \(N_i\) is the number of samples of data at the node i.

As depicted in Algorithm 2, upon a client’s/user’s joining the network, their wallet generates a public key, private key, identity, and the corresponding blockchain address. The private key is utilized to authorize transactions, while the public key is used by other blockchain entities to validate the transactions. These keys and addresses are kept in the client’s/user’s wallet. Algorithm 3 will register clients/users of the blockchain-based FL network who meet the requirements for pre-selected participants. Each registered node will receive a blockchain address, a public and private key pair, and instructions for joining and confirming transactions.

The BC-FL approach combines blockchain technology with federated learning, offering enhanced performance, increased security, and improved communication efficiency. By utilizing the Proof of Authority (PoA) consensus algorithm, BC-FL ensures trusted validation and aggregation of model updates. Its efficient communication mechanism reduces overhead by transmitting only model parameters. BC-FL is applicable in diverse environments, providing privacy-preserving collaborative learning. It scales well, maintains transparency, and enables audibility.

The BC-FL framework utilizing the PoA consensus algorithm finds applicability in diverse sectors such as healthcare, finance, industrial IoT, smart cities, research collaboration, decentralized AI platforms, and government applications. Its security, efficiency, and privacy-preserving nature make it suitable for collaborative learning while maintaining data confidentiality. BC-FL with PoA ensures transparent and auditable processes, making it an ideal solution for organizations aiming to leverage federated learning within a blockchain framework.

3.2 POA-based consensus in BC-FL

The Blockchain-based Federated Learning (BC-FL) consensus mechanism employing Proof of Authority (PoA) aims to protect the lawfully acquired local model updates and confirm they are documented on the blockchain and used for the global model updating. The miners are accountable for combining the results of the voting and saving them in a block.

First of all, in the initial round, all nodes are waiting for voting process, After the current leader packs the all block. When the client nodes received the leader selection notice, it starts a new round of leader selection of node. The interval time for a new round is the current time. After the voting of the certificate of node clients, the new node starts the block proposal process. Figure 3 shows the consensus of the PoA algorithm process. PoA consensus algorithm process adheres to the following four main phases.

1. 1.

   Selection of leader node: It is determined by the key and input parameters, and cannot be forged by others. Node1 signs the current block and the Verifiable Random Functions (VRF) value in the previous block, and then calculates the hash value, independently evaluator whether he can become a potential leader of the current height block according to the hash value. After the new leader node is established, other nodes 2 and 3 will use the verification algorithm to verify the results. After agreeing that node 1 is the leader node, they will message back to node 1.

2. 2.

   Proposal of new block: As the new leader of the current block, Node1 will incorporate any new transection requests that haven’t been approved, build a new block, sign its data and hash, then broadcast the block and signature to all other nodes participating in the consensus process.

3. 3.

   Block acceptance: The current round’s validators are Node2 and Node3. The current leader node 1 receives the signature information after the verification node has confirmed the block header’s correctness and signed the block accordingly.

4. 4.

   Confirmation of block: After waiting for the validators’ signatures on the block, leader node 1 must broadcast the new block to the whole blockchain network.

Fig. 3

Proof of Authority (PoA) consensus algorithm process

In this algorithm, H is a cryptographic hash function, g is a group of prime order q with a generator g, x is the secret key, y is the public key, m is the message, k is the random value derived from the message and the secretary key, c is the challenge value derived from the public key, the message, and the random value, r is the output random value, and \(\pi\) is the proof. The verification algorithm checks that the challenge values are the same, the output value v is a member of the group g, and the proof \(\pi\) is valid.

The purpose of the VRF (Verifiable Random Function) verification algorithm used in this paper is to ensure that the VRF output is genuinely random and unpredictable, while also providing proof that the output was correctly generated. A VRF is a cryptographic primitive that generates a random value based on a secret key and some input data. The key is kept secret, while the input data can be publicly known. The output of the VRF is a random-looking value that is determined by the key and the input data. To verify the validity of the VRF output, the verification algorithm takes as input the public parameters of the VRF, along with the input data and output value. It then checks the output value’s validity by verifying a proof that is generated along with the output. The proof is generated by the VRF and can be publicly verified using the public parameters. VRFs are useful in various applications where randomness is needed, such as decentralized systems for selecting leaders or validators. The verification algorithm is a crucial part of ensuring the security and trustworthiness of the VRF output [27, 28].

Let N be the total number of validators in the blockchain network, and let m be the number of validators required to achieve a supermajority. Let \(V=\{v_1,v_2,v_3,\ldots ,v_N\}\) be the set of validators in the blockchain network, and let \(S=\{s_1,s_2,s_3,\ldots ,s_M\}\) be the set of transactions to be validated.

1. 1.

   Initialization:

   • Each validators \(v_i\) is assigned a unique identifier, i, where \(i \in {1,2,3,\dots ,N}\).

   • A genesis block is created and signed by all validators. Each validator creates and sign an initial state of network.

2. 2.

   Validation:

   • When a new transaction s is submitted to the network, it is first validated by the validator that received the transaction.

   • If the validator determines that the transaction is valid, it broadcasts the transaction to all other validators.

   • Each validator \(v_i\) receives the transaction and validates it independently.

   • If a supermajority of validators (i.e., at least m validators) agree that the transaction is valid, it is added to the blockchain and the network state is updated accordingly.

3. 3.

   Block creation:

   • Validators take turns to create new blocks, with the order of creation predetermined by the network.

   • When it is a validator’s turn to create a block, they include all valid transactions that they have received and validated since the last block was created.

   • The validator signs the block and broadcasts it to all other validators.

4. 4.

   Consensus:

   • Each validator independently verifies the validity of the block and the signatures of all other validators.

   • If a supermajority of validators agree that the block is valid, it is added to the blockchain and the network state is updated accordingly.

The Proof of Authority (PoA) consensus algorithm offers notable advantages in terms of scalability, energy efficiency, and security. PoA distinguishes itself by utilizing a group of trusted validators to validate transactions, resulting in faster block confirmations and increased transaction throughput. Its energy efficiency is achieved by eliminating resource-intensive mining processes. The authority-centric approach of PoA mitigates the risk of malicious attacks and prevents power concentration within the network. Validators, selected based on reputation and trustworthiness, ensure the integrity of the consensus process, thereby upholding the network’s security and governance. Ultimately, by integrating the concept of authority, PoA provides a robust and secure infrastructure for blockchain networks while expediting transaction processing and reducing the vulnerabilities associated with malicious activities.

4 Experimental results and anylisis

Proof of Authority (PoA), Proof of Stake (PoS), Proof of Work (PoW), Delegated Proof of Stake (DPoS), and Practical Byzantine Fault Tolerance (PBFT) are different types of consensus algorithms used in blockchain networks. In this section, we describe the key differences, advantages, and limitations of PoA compared PoS, PoW, DPoS, and PBFT [29,30,31,32,33,34,35].

4.1 PoA compared to PoS

Both PoA and PoS are consensus algorithms used in blockchain networks, but they differ in how validators are selected, how blocks are validated, their vulnerability to certain attacks, energy consumption, decentralization, and efficiency.

• Validator selection: In PoA, Validator are selected based on their reputation or identity, while in PoS, validators are selected based on the amount of cryptocurrency which they hold.

• Validation: In PoA, validators validate blocks by signing them with their private keys, while in PoS, validators validate blocks by staking their cryptocurrency as collateral.

• Energy consumption: PoA is more energy-efficient than PoS because block creation is not based on solving cryptographic puzzles, which require a lot of computational power.

• Decentralization: PoA is less decentralized than PoS because the validators are usually pre-selected by a central authority, while in PoS, anyone can become a validator by staking cryptocurrency.

• Speed: PoA can be faster than PoS because block creation time is fixed and not dependent on the amount of computational power available.

Table 1 provides a comparative analysis of the consensus algorithms: The table shows a number of characteristics, including Byzantine Fault Tolerance, Crash Fault Tolerance, verification speed, throughput (TPS), finality, transaction confirmation speed, resistance to a 51% attack, scalability, resource consumption, and training time. PoA has higher Byzantine Fault Tolerance and Crash Fault Tolerance, which means that it can handle a higher percentage of malicious actors and network failures. PoA also has a faster transaction verification speed and higher transaction confirmation speed compared to PoS. However, PoS has a higher throughput capacity, with the ability to process up to 1000 transactions per second, whereas PoA can handle between 10-60 TPS. PoA has higher finality and is more resistant to a 51% attack, making it more secure than PoS. On the other hand, PoS has stronger scalability potential, which is important for handling a growing number of transactions. PoA is more energy-efficient than PoS and has a shorter training time since it consumes fewer resources. Figures 4 and 5 illustrate the block validation time and training time of consensus algorithms.

Table 1 Comparison of the PoA, PoW, PoS, DPoS, and PBFT consensus algorithms

4.2 PoA compared to PoW

PoA and PoW are two consensus algorithms commonly used in blockchain networks, but they differ in how validators are selected, how blocks are validated, vulnerability to certain attacks, energy consumption, decentralization, and speed. PoW is more commonly used in public blockchains like Bitcoin, while PoA is typically used in private or consortium blockchain.

• Validator selection: In PoA, validators are selected based on their reputation or identity, while in PoW, anyone can become a validator by using computational power to solve cryptographic puzzles.

• Validation: In PoA, validators validate blocks by signing them with their private keys, while in PoW, validators validate blocks by solving cryptographic puzzles.

• Energy consumption: PoA is more energy-efficient than PoW because block creation is not based on solving cryptographic puzzles, which require a lot of computational power.

• Decentralization: PoW is more decentralized than PoA because anyone can become a validator by contributing computational power, while in PoA, validators are usually pre-selected by a central authority.

• Speed: PoA can be faster than PoW because block creation time is fixed and not dependent on the amount of computational power available.

PoA offers higher fault tolerance in terms of Byzantine and Crash, meaning it can handle up to 66-75% of malicious actors compared to 50% in PoW. It also has faster verification speed of less than 5 s, while PoW takes over 100 s. However, PoW offers higher throughput of transactions per second (TPS) with under 100 compared to 10-60 in PoA. PoA also has higher finality and transaction confirmation speed, as well as stronger resistance to 51% attacks. PoW has medium scalability, while PoA has a strong one. PoA requires lower resource consumption and training time compared to PoW.

Fig. 4

Consensus algorithms block validation time

Fig. 5

Training time of consensus algorithms

4.3 PoA compared to DPoS

Proof of Authority (PoA) and Delegated Proof of Stake (DPoS) are two consensus algorithms used in blockchain systems. Here is a comparison of PoA over DPoS in the context of validator selection, validation, energy consumption, decentralization, and speed:

• Validator Selection: In PoA, validators are selected based on their identity and reputation, whereas in DPoS, validators are selected based on the amount of stake they hold. In PoA, validators are usually known entities and are selected by the consensus participants. In DPoS, anyone who holds a certain amount of stake can become a validator, which could lead to centralization.

• Validation: In PoA, validators validate transactions using their reputation, and the consensus is achieved when a certain number of validators agree. In DPoS, validators validate transactions by producing blocks, and the consensus is achieved when a certain number of blocks are produced. PoA is considered more secure than DPoS since the reputation-based system reduces the possibility of a 51% attack.

• Energy Consumption: PoA is more energy-efficient than DPoS since it does not require complex computations to validate transactions or produce blocks. DPoS requires a lot of energy to validate transactions and produce blocks, which makes it less energy-efficient.

• Decentralization: In terms of decentralization, PoA is less decentralized than DPoS since validators are known entities and are usually selected by a group of consensus participants. DPoS, on the other hand, is more decentralized since anyone who holds a certain amount of stake can become a validator.

• Speed: DPoS is faster than PoA since it can validate transactions and produce blocks more quickly. This makes DPoS more suitable for applications that require high-speed transactions, such as gaming and real-time payments.

Table 1 presents a abreast comparison of commonly used consensus algorithms for blockchain: The table includes a range of characteristics such as Byzantine Fault Tolerance, Crash Fault Tolerance, verification speed, throughput, finality, transaction confirmation speed, resistance to 51% attacks, scalability, resource consumption, and training time. PoA performs better than DPoS in terms of Byzantine Fault Tolerance, Crash Fault Tolerance, and verification speed. However, DPoS offers higher throughput and comparable finality, transaction confirmation speed, resistance to 51% attacks, and scalability. Furthermore, it should be noted that PoA consumes fewer resources and requires less training time compared to DPoS.

4.4 PoA compared to PBFT

Proof of Authority (PoA) and Practical Byzantine Fault Tolerance (PBFT) are two consensus algorithms used in blockchain systems. Here is a comparison of PoA over PBFT in the context of validator selection, validation, energy consumption, decentralization, and speed:

• Validator Selection: In PoA, validators are selected based on their identity and reputation, whereas in PBFT, validators are selected based on a pre-defined list of nodes. PBFT requires a minimum number of validators to be present at all times to maintain consensus, whereas PoA has a more flexible approach to validator selection.

• Validation: In PoA, validators validate transactions using their reputation, while in PBFT, all validators participate in the consensus process by agreeing on a single transaction order. PBFT is considered more secure than PoA because it can tolerate up to a third of the validators being malicious.

• Energy Consumption: Both PoA and PBFT are energy-efficient consensus algorithms since they do not require mining or complex computations. However, PBFT requires more communication among validators, which can increase network traffic and resource usage.

• Decentralization: In terms of decentralization, PBFT is more decentralized than PoA since all validators are equally important and participate in the consensus process. PoA, on the other hand, can be less decentralized since validators are selected based on their reputation and can be influenced by a small group of participants.

• Speed: PBFT is faster than PoA since it can achieve consensus faster. PBFT can tolerate up to two-thirds of the validators being honest, whereas PoA requires a certain number of validators to agree on a transaction.

The compared characteristics include the level of Byzantine Fault Tolerance (BFT) and Crash Fault Tolerance (CFT), verification speed, throughput (TPS), finality, speed of transaction confirmation, resistance to 51% attack, scalability, resource consumption, and training time. PoA has a BFT and CFT of 66-75%, while PBFT has a BFT and CFT of 33%, indicating that PBFT is more fault-tolerant than PoA. Both algorithms demonstrate high finality and resistance to 51% attacks, as well as low resource consumption and training time. PoA boasts a higher verification speed than PBFT, taking less than 5 s, while PBFT takes less than 10 s. However, PBFT demonstrates a much higher throughput (TPS) than PoA, with a maximum of 2000 TPS compared to PoA’s 10-60 TPS. PBFT, however, exhibits weaker scalability than PoA. Both algorithms are well-suited for a range of blockchain applications due to their high finality and resistance to attacks.

4.5 Simulation results

We conducted our simulation using a comprehensive platform that incorporated the Blockchain-based Federated Learning (BC-FL) framework. The simulation environment was built using Python programming language along with PyTorch library. For the simulation, we utilized two widely-used datasets: MNIST and Fashion-MNIST. In our simulation setup, we considered 15 devices acting as clients, of which 13% were designated as malicious devices. Each client device employed the FedAvg algorithm, which is a common approach for federated learning.The Convolutional Neural Network (CNN) architecture was chosen as the model for image classification tasks. This architecture has proven to be effective in handling image data. To ensure consistent and reproducible results, we fixed the following parameter settings for the simulation:

Learning Rate: We set the learning rate to 0.01 per communication round. This value determines the step size during the gradient descent optimization process and affects the speed of model convergence.

Local Training Epochs: Each client device performed local training for 5 epochs. An epoch refers to a complete pass through the entire local dataset of a client. Multiple epochs allow the model to learn from the data in an iterative manner, improving its accuracy.

Batch Size: The batch size for each client’s local training was set to 10.

This parameter determines the number of training samples processed before updating the model’s weights and biases. A smaller batch size reduces memory requirements but may increase the training time due to more frequent parameter updates. The simulation was conducted for a total of 50 communication rounds, with each round consisting of model updates exchanged between the clients and the model aggregator. These parameter settings remained consistent throughout the simulation for both the MNIST and Fashion-MNIST datasets. By utilizing this well-defined simulation platform and setting appropriate parameter values, we ensured the reliability and reproducibility of our experimental results, allowing for a thorough evaluation of the BC-FL framework’s performance and effectiveness.

Our simulation demonstrated the effectiveness of the BC-FL approach using the Proof of Authority (PoA) consensus algorithm in classifying images on both datasets. The simulation achieved an accuracy of 93% on MNIST and 91% on Fashion-MNIST, which is higher than existing approaches such as VBFL and Vanilla FL frameworks, as shown in Fig. 6. In the scenario where no malicious devices were present, as depicted in Fig. 7, we conducted additional testing on our model using varying numbers of epochs, specifically 5, 8, and 10. Through careful analysis, we discovered that the model’s accuracy remained consistently high when employing 5 local training epochs, as illustrated in Fig. 8. These results highlight the efficacy of our model, indicating that a relatively low number of training epochs can suffice to maintain a satisfactory level of accuracy. We compared the performance of the PoA consensus algorithm with other consensus algorithms such as PoS, PoW, DPoS, and PBFT, in terms of consensus time, resource consumption, scalability, security metrics, and so on, as shown in Table 1.

The MNIST and Fashion-MNIST datasets are commonly used benchmarks for machine learning algorithms, including federated learning. The MNIST dataset comprises 60,000 training images and 10,000 test images of handwritten digits, while the Fashion-MNIST dataset comprises 60,000 training images and 10,000 test images of clothing items. Our BC-FL approach with PoA consensus algorithm showed promising results for distributed machine learning with privacy-preserving techniques on both datasets.

Fig. 6

No. of malicious devices: 3 out of 15

Fig. 7

No. of malicious devices: 0 out of 15

Fig. 8

Accuracy with different epochs

4.6 Performance analysis

Performance analysis of Proof of Authority (PoA) consensus algorithm can be based on several parameters, including transaction throughput, confirmation time, security and scalability. PoA is a suitable consensus algorithm for permissioned blockchain networks, where trust is established through the identity of the validators. It is quite effective and performs well in terms of transaction throughput and confirmation time, it is quite effective and performs well [36]. The time complexity of PoA consensus algorithm can be analyzed in terms of the following factors:

• Block Propagation Time (BPT): The time taken for a newly created block to propagate to all other nodes in the network.

• Block Validation Time (BVT): The time taken for an authority node to validate a newly received block. As illustrated in Fig. 4, the comparison of consensus algorithms of block validation time.

• Block Finalization Time (BFT): The time taken for a block to be finalized, i.e., included in the blockchain and considered confirmed.

The Eq. 6 can be used to calculate the BPT, where d is the size of the block and v is the average networks bandwidth. Equation 7 can be used to compute the BVT, as the block needs to be validated by at least t authorities before it can be considered for finalization.

$$\begin{aligned} BPT = d / v \end{aligned}$$

(6)

$$\begin{aligned} B VT = t(d / v) \end{aligned}$$

(7)

Because a block needs to be propagated to all nodes in the networks, validated by at least t authorities, and then propagated again to all nodes for finalization. Equation 8 can be used to calculate the BFT:

$$\begin{aligned} BFT = 2BPT + BVT \end{aligned}$$

(8)

To determine the total amount of time needed to confirm a block, including network latency, use Eq. 9:

$$\begin{aligned} Total Confirmation Time = BFT + Network latency \end{aligned}$$

(9)

4.7 Significance of the study

In today’s digital landscape, data privacy has become a critical concern, leading governments and organizations worldwide to prioritize the challenges and issues surrounding it. Implementation of data protection principles such as General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) ensures that personal data is lawfully, transparently, and fairly handled. However, the absence of audit mechanisms can lead to privacy abuse and facilitate illegal activities by malicious actors. Therefore, it is essential to explore privacy-preserving and auditable solutions. Recently, federated and distributed environments have emerged as key components for privacy preservation, particularly in AI and ML fields. This study aims to design and develop a framework that incorporates federated and distributed environments, with privacy preservation and auditability as its core features [37, 38].

The proposed framework can detect threats in federated and distributed environments while maintaining privacy and ensuring efficiency. As real-world applications depend on these features, the significance of this study cannot be overstated. The framework can help determine compliance with data protection regulations and identify areas requiring improvement, making it a valuable tool for organizations and researchers alike [39, 40]. Consensus algorithms are important for blockchain-based federated learning systems where multiple participants can contribute their data without compromising privacy. The consensus algorithm ensures that participants agree on the state of the distributed ledger, containing updates to the machine learning model and other relevant information. This maintains the integrity and security of the system, ensures all participants have access to the same version of the model, and establishes trust among participants. This encourages more widespread adoption of blockchain-based federated learning approaches by ensuring the accuracy, unbiasedness, and representativeness of the model.

5 Conclusion and future work

Based on the results of our evaluation, we conclude that our proposed permissioned or consortium blockchain-based federated learning approach using the Proof of Authority (PoA) consensus algorithm is a promising solution for addressing the privacy and security issues associated with traditional federated learning. By leveraging the immutability and transparency of blockchain technology, our proposed approach ensures the integrity and privacy of data during the federated learning process. Moreover, our approach achieves higher levels of accuracy, efficiency, privacy, and security compared to existing approaches. This is due to the communication efficiency, scalability, and security benefits provided by the PoA consensus algorithm in permissioned blockchain-based FL systems. Our proposed Blockchain-based Federated Learning (BC-FL) approach offers a viable solution for enabling machine learning on decentralized data while ensuring privacy and security.

However, future research in blockchain-based federated learning using consensus algorithms can focus on enhancing privacy-preserving techniques, improving verifiability, evaluating performance, incorporating smart contracts and analysing potential security risks and vulnerabilities. The goals of these directions are to increase the accuracy, security, and efficiency of the Federated Learning (FL) process. These directions may help this new field of study produce more robust and useful solutions.