Share this article
How Cornell Researchers Are Quietly Reinventing Private Blockchains
Why some researchers from Cornell's Institute for CryptoCurrencies & Contracts (IC3) are working to improve permissioned blockchain implementations.
Updated Sep 11, 2021, 1:12 p.m. Published Apr 2, 2017, 1:52 p.m.
Researchers might seem like an unlikely group to probe the private blockchain sphere, where the major players are a mix of banks and tech behemoths. But at least a few Cornell University researchers from the Institute for CryptoCurrencies & Contracts have turned some of their attention toward permissioned implementations in an effort to improve them.
Rather than an open system like bitcoin that anyone can join, private blockchains rely on a set number of known participants to verify transactions and bundle them into so-called 'blocks'.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Current implementations, though, leave something to be desired, the researchers argue.
Simplicity is an important, if dull sounding, piece that Cornell University principal research scientist Robbert van Renesse stressed many private blockchain implementations are missing.
He told CoinDesk:
"Being able to scrutinize technology is the cornerstone of scientific discovery, I think. That peers can understand what’s going on is important. It doesn’t have to be everybody, but if it’s just a handful of people there might be some reason for concern."
That may well be the case for current private blockchain implementations, according to Renesse, as the distributed algorithms that private blockchains rely on are rather complex.
At least, that's the claim.
Scrutable blockchains
Private blockchains generally depend on technologies that predate bitcoin, such as practical byzantine fault tolerance (PBFT), to come to agreement about the history of transactions. There are many different ways for private blockchains to reach agreement and, if research from Cornell is of any indication, certain ways of doing so have been under-explored.
Renesse argued that the Linux Foundation-backed Hyperledger's flagship implementation, Fabric, one of the best-known permissioned blockchain protocols, is an example of one that's too complex.
"The code for the protocol consists of tens of thousands of lines of code. Analysis of the correctness properties is 40 or 60 pages," Renesse said.
The result? Only a few people understand how it works.
Renesse has been researching so-called Byzantine Fault Tolerance (BFT) for decades. Although it sounds befuddling to those not immersed in the science, nodes in a network are notoriously bad at working together. They're clumsy; some fail, while others stop spontaneously.
Put simply, there are a range of problems, and the study of BFT, in particular, deals with some of the more irregular ones.
Now, Renesse is building on a protocol, Bosco, that he developed in 2008.
Originally, he said, he didn't think of it as anything more than a "toy protocol", but, now that private blockchains are gaining ground – and the entire field of distributed systems is taking off as a result – Renesse is researching how it could be used in a permissioned setting.
"I had a look at Bosco and asked, 'How impractical is this exactly?'," he said.
In contrast to something like Fabric, he argued, the algorithm is much simpler – it takes two pages to outline its security guarantees and it can be implemented in 1,000 lines of code.
"This is a protocol that I can explain to high schoolers," he said. "I'm pretty confident that after staring at it for a few days they can understand it inside and out."
Seeking simplicity
IC3 co-director Elaine Shi is working on a similar project.
"I’m a big believer in simplicity," she said, making the same point as Renesse, unprompted and during a separate conversation. She's working on another project, dubbed 'Sleepy', which, like other permissioned implementations, ditches bitcoin's proof-of-work system, which is used to establish the validity of transaction blocks.
It is "extremely simple," she said, adding that it has "strong robustness properties," meaning that the nodes don't fail so easily. Further, it doesn't require global coordination, where every node needs to agree on an action.
"For a consortium, you want to use something that is more manageable," she said, pointing out that other private blockchains, such as Chain Core, don't have this property.
It's a process that they're rolling out step by step. Shi mentioned that she and PhD student Phil Daian have been working with Parity, an ethereum client written in Rust. Parity can support a variety of modes of consensus (including their own private protocol as proof of authority (PoA)). So, the Cornell team is testing how Sleepy works in this setting.
Shi used PoA as a guinea pig for comparisons to Sleepy, arguing that Sleepy has better security guarantees, which were spelled out in a white paper released last fall.
"Proof of authority doesn’t make sense when there’s something clearly better," she said.
Step by step
However, where might these tools might be rolled out? It's a question that's been long asked of enterprise blockchains in general.
For Sleepy, Shi and the Cornell team are starting with collaboration with Parity, but the aim is to eventually incorporate it into other frameworks as well.
Renesse's implementation might not be far enough along for that yet.
"I implemented [Bosco] on a plane ride from Beijing to Newark," he said, adding that the next step is to do a more "proper" evaluation.
There could be a couple drawbacks to the system, however.
Bosco perhaps could run into more node crashes, where nodes stop responding to requests and fail to participate. PBFT guarantees data consistency as long as less than one third of nodes are faulty, while Bosco has a lower threshold of one fifth of the nodes.
Renesse cited another problem that affects all private blockchain systems: that a "malicious bank" could bring the entire system to a halt by flooding it with spam.
He doesn't consider this a potentially major a problem, though, because participants can simply agree to throw out the bad actor. Despite the drawbacks, Renesse thinks Bosco could give banks and institutions another option.
He concluded:
"Banks are most likely to run a protocol and accept the occasional mistake or occasional disgruntled employee that tries to do something bad."
Tech workers image via Shutterstock
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Bitcoin Treads Water Near $90K as Bitfinex Warns of 'Fragile Setup' to Shocks
BTC's relative weakness compared to stocks points to tepid spot demand, making the largest crypto vulnerable to macro volatility, Bitfinex analysts said.
What to know:
- Bitcoin erased very modest overnight gains early Monday and spent the rest of the U.S. session in a tight range around the $90,000 level.
- Rising long bond yields and a small U.S. equities pulling back weighed on risk appetite as traders eye this week's Federal Reserve meeting.
- Bitfinex analysts pointed out bitcoin's relative weakness against U.S. stocks amid modest spot demand and structural softness.
Top Stories
