Security analysis on dBFT protocol of NEO

Qin Wang, Jiangshan Yu, Zhiniang Peng, Van Cuong Bui, Shiping Chen, Yong Ding, Yang Xiang

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

14 Citations (Scopus)


NEO is ranked as one of the top blockchains by market capitalization. We provide a security analysis on its backbone consensus protocol, called delegated Byzantine Fault Tolerance (dBFT). The dBFT protocol has been employed by NEO and other blockchains like ONT. dBFT claims to guarantee safety when no more than nodes are Byzantine, where n is the total number of consensus participants. However, we identify attacks to break the safety with no more than f Byzantine nodes. This paper provides the following contributions. First, we evaluate NEO’s source code and present the procedures of dBFT. Then, we present two attacks to break the safety of dBFT protocol with no more than f nodes. Therefore, the system cannot guarantee the claimed safety. We also provide recommendations on how to fix the system against the identified attacks.

Original languageEnglish
Title of host publicationFinancial Cryptography and Data Security
Subtitle of host publication24th International Conference, FC 2020 Kota Kinabalu, Malaysia, February 10–14, 2020 Revised Selected Papers
EditorsJoseph Bonneau, Nadia Heninger
Place of PublicationCham Switzerland
Number of pages12
ISBN (Electronic)9783030512804
ISBN (Print)9783030512798
Publication statusPublished - 2020
EventFinancial Cryptography and Data Security Conference 2020 - Kota Kinabalu, Malaysia
Duration: 10 Feb 202014 Feb 2020
Conference number: 24th (Proceedings) (Website)

Publication series

NameLecture Notes in Computer Science
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


ConferenceFinancial Cryptography and Data Security Conference 2020
Abbreviated titleFC 2020
CityKota Kinabalu
Internet address


  • Blockchain
  • dBFT
  • NEO
  • Safety

Cite this