Reputation-Based Sharding Consensus Model in Information-Centric Networking

: The various integration systems of blockchain and information-centric network (ICN) have been applied to provide a trusted and neutral approach to cope with large-scale content distribution in IoT, AR/VR, or 5G/6G scenarios. As a result, the scalability problem of blockchain has been an increasing concern for researchers. The sharding mechanism is recognized as a promising approach to address this challenge. However, there are still many problems in the existing schemes. Firstly, real-time processing speed trades off security of validation. Secondly, simply randomly assigning nodes to the shards may make nodes located very far from each other, which increases the block propagation time and reduces the efﬁciency advantage brought by the sharding mechanism. Therefore, we optimize a reputation-based sharding consensus model by multi-dimension trust and leverage the afﬁnity propagation (AP) algorithm for gathering consensus nodes into shards. Given the minimal possibility to be at fault in the security of validation, clients can achieve real-time processing speed with assurance. The evaluation results show that the normalized mean square error (NMSE) between the estimated reputation value and the real reputation value of our reputation scheme is less than 0.02. Meanwhile, compared with the classical sharding scheme Omniledger, TPS performance can achieve 1.4 times promotion in the case of a large-scale blockchain network of 1000 nodes.


Introduction
Blockchain technology, characterized by its decentralized tamper resistance, shows great potential in dealing with security and trust challenges in various application scenarios, such as medical systems, internet of things and edge computing [1][2][3]. Various integrated systems of blockchain and information-centric network (ICN) [4] have also been a concern of researchers in order to provide a credible and neutral method to deal with the trust problem of large-scale content distribution [5][6][7][8][9]. However, due to the low throughput and weak scalability of traditional blockchain technology, the wider application of blockchain technology is seriously restricted. For example, Bitcoin can only process about 10 transactions per second, with a maximum block size of 1 MB and an average block cycle of 10 min [10], which are incapable of providing support for higher throughput scenarios.
In order to handle a large number of verification transactions, side chain technology and off-chain technology are proposed, which are called vertical scaling [11]. Transaction verification is processed outside the main chain. For example, Plasma builds various applications on Ethereum [12] through side chain technology. From the perspective of users, they can minimize interaction with the blockchain to reduce latency, but this scheme cannot improve the throughput of the blockchain [13].
To address this problem, researchers began to propose solutions from the perspective of horizontal scaling, aiming to improve scalability while maintaining the decentralization users, they can minimize interaction with the blockchain to reduce latency, but this scheme cannot improve the throughput of the blockchain [13].
To address this problem, researchers began to propose solutions from the perspective of horizontal scaling, aiming to improve scalability while maintaining the decentralization and security of blockchain. Sharding is considered to be the most promising method to solve this challenge [14]. The sharding mechanism divides the whole blockchain into multiple consensus groups and allows participating nodes to process and store a few shards (i.e., only parts of the blockchain). The transactions in these pre-selected shards are processed and validated in parallel, which significantly enhances the network scalability and transaction throughput [15,16]. Various sharding protocols have been introduced such as Elastico [17], OmniLedger [18], RapidChain [19] and Zilliga [20] in existing blockchain cryptocurrencies. Researchers employed a random algorithm to maintain the fairness of the shard distribution [21][22][23][24][25]. However, those schemes assign shards based on simple randomness without any consideration for the reliability and efficiency in consensus procedures. Determined by a well-known blockchain trilemma [26] shown as Figure 1, when the number of nodes decreases in the consensus process, the malicious nodes can easily launch attacks. Meanwhile, simply randomly assigning nodes to the shards without considering the network distance between consensus nodes may make nodes located very far from each other, which increases the block propagation time and, hence, reduces blockchain throughput. Therefore, the motivation of our paper is to improve security issues by combining the reputation of blockchain nodes. We provide a multi-dimension reputation model in which the reputation value is computed by the trust parameters including quality of service (QoS), quality of security performance (QoSP), evaluation reputation, past reputation and recommendation reputation. A topology-based sharding scheme is also proposed to optimize the transmission of the blockchain network to reduce latency. The validator distribution among shards is achieved by the aggregated trustworthiness scores calculated by the reputation value and the network distance. Meanwhile, we introduce the name resolution system in the ICN prototype to provide advantages for the registration and query of shards and help the rapid and effective distribution of transactions.
The main contributions of this paper are as following: 1. We propose a novel multi-factor trust model for the reputation evaluation of consensus nodes. These evaluation factors measure reputation value from the perspective of objective trust, subjective trust and historical trust, so as to minimize the probability of malicious nodes controlling shards and improving the reputation by collusion and deception. 2. The shard distribution scheme is optimized by the affinity propagation algorithm (AP), which is used to find the optimal sharding group by combining security and timeliness. We introduce the calculation method of algorithm input by cosine similarity. The clustering results well consider the reduction in distance within intrashards. All the shard clusters are evenly distributed in the network instead of gathering in a domain. Therefore, the motivation of our paper is to improve security issues by combining the reputation of blockchain nodes. We provide a multi-dimension reputation model in which the reputation value is computed by the trust parameters including quality of service (QoS), quality of security performance (QoSP), evaluation reputation, past reputation and recommendation reputation. A topology-based sharding scheme is also proposed to optimize the transmission of the blockchain network to reduce latency. The validator distribution among shards is achieved by the aggregated trustworthiness scores calculated by the reputation value and the network distance. Meanwhile, we introduce the name resolution system in the ICN prototype to provide advantages for the registration and query of shards and help the rapid and effective distribution of transactions.
The main contributions of this paper are as following: 1.
We propose a novel multi-factor trust model for the reputation evaluation of consensus nodes. These evaluation factors measure reputation value from the perspective of objective trust, subjective trust and historical trust, so as to minimize the probability of malicious nodes controlling shards and improving the reputation by collusion and deception.

2.
The shard distribution scheme is optimized by the affinity propagation algorithm (AP), which is used to find the optimal sharding group by combining security and timeliness. We introduce the calculation method of algorithm input by cosine similarity. The clustering results well consider the reduction in distance within intra-shards. All the shard clusters are evenly distributed in the network instead of gathering in a domain.

3.
We introduce the definition of unequal consensus verification group and give the security rules in each epoch. It is proved that the epoch time can be extended to a few days without security problems, which greatly reduces the overhead of the sharding scheme.

4.
The experimental analysis is given by OMNET++. Simulation results show that the normalized mean square error (NMSE) between the estimated reputation value and the real reputation value of our reputation scheme is less than 0.02, which proves the reliability of our reputation evaluation mechanism. Meanwhile, compared with the classical sharding scheme Omniledger, the TPS performance can achieve 1.4 times promotion in the case of a large-scale blockchain network of 1000 nodes.
The structure of this paper is organized as follows. In Section 2, we analyze the limitations and shortcomings of the existing work. Section 3 briefly introduce the preliminaries and system model of our scheme. Section 4 presents the muti-factor model of reputation algorithm and the design procedure of our sharding protocol, including its working rules and the related parameters. Section 5 gives the security analysis of the whole scheme. The simulation results are presented and analyzed in Section 6 to characterize our sharding protocol. Finally, Section 7 offers our conclusion.

Related Literature
For the several famous and typical sharding mechanisms in the blockchain such as Monoxide [27], Elastico [17], Omniledger [18], Rapidchain [19], Chainspace [28] and Ethereum 2.0 [29], most of them are based on randomness, that is, shuffling the consensus nodes regularly and grouping randomly to ensure the security of the system. Moreover, in order to build good randomness, the random scheme needs to meet several important attributes: unbiased, unpredictable and public verifiability. However, these are not easy to achieve. Generating public randomness is difficult because active opponents may dishonestly bias public random choices to their advantage. Existing solutions cannot extend the blockchain to hundreds or thousands of participants as needed. Without good randomness, the security of the blockchain system is destroyed. For example, through a complex attack, such as a bribery attack [30] or 1% attack [31], an opponent may have the ability to control a temporary majority of the overall computing power (e.g., more than 50%), which in turn may damage the entire system.
To address the challenge, trust-based sharding distribution algorithms were introduced to enable the distribution of nodes among the shards based on the trust score of a node. The trust score used in sharding and leader election processes can minimize the adversary influence of malicious attacks. Ref. [32] proposed a trust model that evaluates the quality of shards by the average difference of the aggregated trust results in each shards. The trust value is obtained by peer review of each node in the process of consensus. Ref. [33] introduced a novel reputation scheme with two factors: the accuracy of valid information and aggregated contributions a consensus node has made. To ensure the security of the local shards' sub-chains, refs. [34,35] increased the reputation evaluation dimension based on its trustworthiness by the peer's customers, i.e., the customers associated with the peer in the same shard, not only the evaluation of the consensus process. The new sharding clustering method is also concerned by researchers. Ref. [36] used the adaptive hedge algorithm [37] for committee selection. It is a decision-theoretic online learning method to minimize cumulative loss of the consensus node according to the best strategy. Ref. [38] designed the trust-based shard distribution (TBSD) model based on genetic algorithm (GA) to provide a sufficiently good solution in optimization problems of sharding distribution. The optimal shards are computed based on a modified GA to quickly find a solution by genetic variation. Ref. [39] proposed a Geographical Proximity Sensing Clustering (GPSC) method based on the K-Means algorithm to reduce the network latency on consensus and ensure parallel broadcast between clusters. The method distributes the consensus nodes into several shards based on the famous K-Means algorithm. These sharding distribution schemes optimize the security and efficiency of simple randomly assigning methods to a certain extent, but they still ignore heterogeneity among the nodes. The evaluation reputation of peers is aggregated without considering the quality of service among the nodes. Those less-competent consensus nodes may become a bottleneck and hamper the system throughput. The limitations of the existing literature are briefly summarized in Table 1. In conclusion, the existing schemes leave the problems of security and efficiency unsolved. Even if the sharding scheme based on trust model is proposed, the trust scheme itself has security problems. Meanwhile, most of the clustering schemes need to determine the central nodes and the parameters are single, which is not conducive to finding the optimal sharding results. In addition, the optimization scheme proposed in the paper [32][33][34][35][36][37][38][39] does not give the selection of epoch, which is closely related to the overhead and security of the system. Based on those analyses, our scheme analyzes these directions in the next section.

Preliminaries and System Model
In order to better illustrate our scheme, we briefly introduce the system model of our proposal and related preliminaries in this section. The system model is shown in the Figure 2. The key components include three parts: reputation statistics, deriving and sharing the shard sets to consensus nodes and finding available shards for parallelizing transaction commitments. As shown in Figure 2, the reputation data can be gathered, processed and validated by in-network edge computing, which monitors the behavior of consensus nodes to manage and calculate the reputation value. The aggregation of edge data can be realized by SDN technology, so as to derive the optimal shard sets that meet fair and secure shard distribution rules. The sharding registration, resolution and transaction commitments are shown as steps 1-3. Shard primary nodes in consensus stages register with their ID-NA in local SNR. When transaction commitments are submitted to client nodes, they request the network access (NA) of the primary node from the SNR to find the nearest serviceable shard sets. In the subsequent section, we discuss the reputation aggregation algorithm and sharding algorithm in detail. In order to better illustrate the security and rationality our scheme, some related technologies and definitions are introduced as follow.
 Certificate: our model defaults that there is a complete identity authentication scheme in the ICN system. That is, users can obtain identity certificates from public key infrastructure. Every consensus node obtains a legal identity certificate, which cannot be forged.  Data security: Considering the security of data transmission and storage, cryptography (e.g., RSA and ECC) is utilized to encrypt and sign the security of the important information and messages. The security scheme data is not discussed in this paper. The transmission and storage of data cannot be tampered with by default.  Consensus Protocols: consensus protocol used in intra-shard is PBFT (Practical Byzantine Fault Tolerance). Meanwhile, we reference the Believable-First approach proposed in paper [53]. The protocol divides all validators in an intra-shard into two groups, a believable league and a normal league. Believable validators complete the consensus process of transactions quickly in the first phase. Afterwards, normal validators sample and verify the results in the second phase to provide supervision. The rules of a node being elected into the believable league are determined by the believability score, which is the reputation score value in our model.  Cross-shard transactions: our research in this paper does not focus on the cross-shard transactions. The proposed sharding scheme can be applied to multiple cross-shard transactions approach in paper [54][55][56][57]. Furthermore, with the gradual maturity of architecture design, ICN is envisioned as a promising candidate to support complex interoperability scenarios such as IoT, 5G, or MEC. Considering the practicability and scalability of the ICN scenarios, we implement system management by support with in-network edge computing and a Software Defined Network (SDN), which have been proposed to optimize resource allocation in ICN [42][43][44][45][46][47][48]. Meanwhile, the Standalone Name Resolution (SNR) [49][50][51][52] can be responsible for finding available shards in parallelizing transaction commitments by its registration and resolution functions.
As shown in Figure 2, the reputation data can be gathered, processed and validated by in-network edge computing, which monitors the behavior of consensus nodes to manage and calculate the reputation value. The aggregation of edge data can be realized by SDN technology, so as to derive the optimal shard sets that meet fair and secure shard distribution rules. The sharding registration, resolution and transaction commitments are shown as steps 1-3. Shard primary nodes in consensus stages register with their ID-NA in local SNR. When transaction commitments are submitted to client nodes, they request the network access (NA) of the primary node from the SNR to find the nearest serviceable shard sets. In the subsequent section, we discuss the reputation aggregation algorithm and sharding algorithm in detail. In order to better illustrate the security and rationality our scheme, some related technologies and definitions are introduced as follow.
• Certificate: our model defaults that there is a complete identity authentication scheme in the ICN system. That is, users can obtain identity certificates from public key infrastructure. Every consensus node obtains a legal identity certificate, which cannot be forged. • Data security: Considering the security of data transmission and storage, cryptography (e.g., RSA and ECC) is utilized to encrypt and sign the security of the important information and messages. The security scheme data is not discussed in this paper. The transmission and storage of data cannot be tampered with by default. • Consensus Protocols: consensus protocol used in intra-shard is PBFT (Practical Byzantine Fault Tolerance). Meanwhile, we reference the Believable-First approach proposed in paper [53]. The protocol divides all validators in an intra-shard into two groups, a believable league and a normal league. Believable validators complete the consen-sus process of transactions quickly in the first phase. Afterwards, normal validators sample and verify the results in the second phase to provide supervision. The rules of a node being elected into the believable league are determined by the believability score, which is the reputation score value in our model.

•
Cross-shard transactions: our research in this paper does not focus on the cross-shard transactions. The proposed sharding scheme can be applied to multiple cross-shard transactions approach in paper [54][55][56][57].

Reputation Model
The sharding mechanism enhances the scalability of blockchain networks but also increases the influence of malicious attacks. In order to address this problem, researchers introduce the trust model of consensus nodes to improve the election process security. However, existing researches calculate the reputation value based on the node's behavior in the block transaction, contributions to the community, reviews, etc. These dimensions are based on the subjective evaluation of other nodes in the blockchain without considering the network features of consensus nodes in the network layer. The existence of security risks such as collusion or monopoly makes these schemes unable to provide sufficient trust.
Therefore, we derive a multi-factor trust model for the believable validators selection process which extends trust parameters to quality of service (QoS), quality of performance (QoSP), evaluation reputation, past reputation and recommendation reputation. These evaluation factors measure reputation value from the perspective of objective trust, subjective trust and historical trust, which is shown in Figure 3. Our model ensures two important problems, that is, the accumulation of reputation value requires a certain period, and the high reputation value cannot be obtained by cheating. Any new node cannot significantly improve reputation value by performing well in a short time. Meanwhile, if a believable validator is detected as misbehaving, it loses all reputation value in the system and its identity is included in the blacklist. The cost of malicious behavior is to be powerfully expensive so that the validators have no incentive to misbehave under any circumstances.

Reputation Model
The sharding mechanism enhances the scalability of blockchain networks but also increases the influence of malicious attacks. In order to address this problem, researchers introduce the trust model of consensus nodes to improve the election process security. However, existing researches calculate the reputation value based on the node's behavior in the block transaction, contributions to the community, reviews, etc. These dimensions are based on the subjective evaluation of other nodes in the blockchain without considering the network features of consensus nodes in the network layer. The existence of security risks such as collusion or monopoly makes these schemes unable to provide sufficient trust.
Therefore, we derive a multi-factor trust model for the believable validators selection process which extends trust parameters to quality of service (QoS), quality of performance (QoSP), evaluation reputation, past reputation and recommendation reputation. These evaluation factors measure reputation value from the perspective of objective trust, subjective trust and historical trust, which is shown in Figure 3. Our model ensures two important problems, that is, the accumulation of reputation value requires a certain period, and the high reputation value cannot be obtained by cheating. Any new node cannot significantly improve reputation value by performing well in a short time. Meanwhile, if a believable validator is detected as misbehaving, it loses all reputation value in the system and its identity is included in the blacklist. The cost of malicious behavior is to be powerfully expensive so that the validators have no incentive to misbehave under any circumstances. We describe the trust parameters of our multi-factor trust model as initial reputation and accumulated reputation. The initial reputation of a newly added node is determined by QoSP reputation and recommendation reputation. The accumulated reputation is the aggregation of QoS reputation, evaluation reputation and past reputation. The quantitative scheme of reputation value is defined as follows. In order to calculate the aggregate value of multi-factors, we set the reputation value range of all factors to a dimensionless score from 1 to 10.
• QoSP (Quality of security performance): this parameter is a measure of the efficiency of consensus nodes in cryptographic calculations [58][59][60], such as signature, hash, or random operation. A node with strong computing power can provide better services for privacy and secure consensus process. An evaluation methodology for computing a quantitative QoSP metric is described as follows. Firstly, define the security We describe the trust parameters of our multi-factor trust model as initial reputation and accumulated reputation. The initial reputation of a newly added node is determined by QoSP reputation and recommendation reputation. The accumulated reputation is the aggregation of QoS reputation, evaluation reputation and past reputation. The quantitative scheme of reputation value is defined as follows. In order to calculate the aggregate value of multi-factors, we set the reputation value range of all factors to a dimensionless score from 1 to 10.

•
QoSP (Quality of security performance): this parameter is a measure of the efficiency of consensus nodes in cryptographic calculations [58][59][60], such as signature, hash, or random operation. A node with strong computing power can provide better services for privacy and secure consensus process. An evaluation methodology for computing a quantitative QoSP metric is described as follows. Firstly, define the security parameters vector E i {e i1 , e i2 , e i3, . . . , e in } which can be expressed as security level. For instance, in our research, we are concerned about the asymmetric algorithm, encryption algorithm and hash algorithm. The vector E i {e i1 , e i2 , e i3 } represents the basic efficiency of security policy. e i1 , e i2 , e i3 can be described as the executions of algorithms per second. When new nodes access the network, they provide a set of performance parameters E x {e x1 , e x2 , e x3 } as vector E i . The score S xQoSP of new nodes in our example is defined as the Equation (1) We convert this result into a score of 1 (low score) to 10 (high score) for the calculation of overall reputation value. The score S iQoSP of basic vector is 6. If the final calculated score exceeds the highest score 10 or is lower than the lowest score 1, the score is the highest score or the lowest score. The security policy's audit process is proved by providing reports of some certified authority, such as Commercial Cryptography Testing Center of State Cryptography Administration (SCCTC). Nodes that do not provide this partial proof are assigned a lower initial value 1.

•
Recommendation reputation: nodes can also seek recommendation from other peers with high reputation value, and the effectiveness of recommendation is directly proportional to the recommender reputation value. Similarly, the range of recommended reputation score value is set to 1-10. The recommended reputation can be either a good reputation recommendation or a report of a malicious node. If the system records that the node has found malicious behavior in the past, the node may be disqualified from joining the consensus group or get a very low initial score. The system can also provide high reputation recommendation value for nodes with good historical performance to enter the consensus group. The scheme to detect malicious nodes can refer to the papers [61][62][63].
Therefore, when nodes access the blockchain for the first time, the trust management system of access domain calculates an initial reputation value given in Equation (2).
where R 0 is the initial reputation and S QoSP is the QoSP score. S recom is the recommend reputation score value of the new node, S recomer is the recommender reputation score value and α is a tuning parameter of the weight. w j is the weighting factors of the recommender. When the recommender gives a recommendation score higher than S recomer , its credibility is the ratio of S recomer to S recom . When the recommender gives a recommendation score lower than S recomer , its reliability is 1. The recommended reliability of system records is 1. The Equation (3) ensures the fairness of recommendation reputation. Besides, the accumulated reputation parameters are defined as follow: • Evaluation reputation: tt refers to the aggregation of reputation value obtained by nodes after participating in the consensus contribution and getting the evaluation of other peers. Our evaluation reputation does not only come from the consensus process of nodes. We also collect the evaluation information of non-consensus interaction between nodes in the network. For the consensus reputation score, it can only be obtained and updated directly from the consensus process. The calculation information of the score gathers from the node validation logs on the prepare and commit. The total number of valid and invalid records in the consensus process can be obtained by gathering the log information of these nodes. Assuming there are n consensus nodes, each node saves the other n validation results into a 1 × n vector. Based on the node validation result obtained from the peer-to-peer nodes, the n × n matrix can form an evaluation table quantitatively, which is shown in Figure 4. Based on the node validation result obtained from the peer-to-peer nodes, the n × n matrix can form an evaluation table quantitatively, which is shown in Figure 4. SCi,j is the jth node consensus reputation score defined by Equation (4), Vi,j and NVi,j are the total number of valid and invalid responses of the jth node (sending) with respect to the ith node (receiving) in the prepare and commit phase extracted from the log information. Then the consensus reputation score SCicon is given by Equation (5), Stotal is the upper limit of the node reputation value, Stotal = 10, SCi,i = 0. For the non-consensus evaluation reputation, the score value is obtained by the evaluation information of non-consensus interaction between nodes in the network. For instance, nodes can be publishers to participate in the resource contribution and get the evaluation of other subscribers. The minimum and maximum values of the SNC reputation value are between 1 and 10, respectively. The non-consensus score value is described as follow: where SNCincon is the latest non-consensus evaluation reputation value. SNCinconh is the historical non-consensus reputation value. n is the total number of historical interactions. SNCinew is the latest non-consensus evaluation reputation score from peers. T(i) is a time factor defined to measure the freshness of the reputation value. It is calculated according to Equation (7).
where δ is a parameter to adjust the influence of time attenuation factor T(i). The formation time of the previous reputation value SNCinconh is th and the current time slot is ti. The delay between them is used to measure the effectiveness of historical reputation, which gradually weakens with the passage of time. The closer it is to the current time slot, the SC i,j is the jth node consensus reputation score defined by Equation (4), V i,j and NV i,j are the total number of valid and invalid responses of the jth node (sending) with respect to the ith node (receiving) in the prepare and commit phase extracted from the log information. Then the consensus reputation score SC icon is given by Equation (5), S total is the upper limit of the node reputation value, S total = 10, SC i,i = 0.
where w i = S i S total . For the non-consensus evaluation reputation, the score value is obtained by the evaluation information of non-consensus interaction between nodes in the network. For instance, nodes can be publishers to participate in the resource contribution and get the evaluation of other subscribers. The minimum and maximum values of the SNC reputation value are between 1 and 10, respectively. The non-consensus score value is described as follow: where SNC incon is the latest non-consensus evaluation reputation value. SNC inconh is the historical non-consensus reputation value. n is the total number of historical interactions. SNC inew is the latest non-consensus evaluation reputation score from peers. T(i) is a time factor defined to measure the freshness of the reputation value. It is calculated according to Equation (7).
where δ is a parameter to adjust the influence of time attenuation factor T(i). The formation time of the previous reputation value SNC inconh is t h and the current time slot is t i . The delay between them is used to measure the effectiveness of historical reputation, which gradually weakens with the passage of time. The closer it is to the current time slot, the higher the weight of reputation value. Therefore, evaluation reputation value is given by Equation (8); β is the weight coefficient: • Past reputation: this parameter measures the accumulated value of rewards or penalties received by nodes due to their contributions or malicious behaviors to the blockchain network in the past time, which is marked as S pr .
For the contribution accumulation of a new node, several factors need to be considered. First, at the beginning of network access, the acquisition of positive reputation value contributes slowly to the growth of reputation value. This is to prevent some malicious nodes from improving reputation value through a small number of successful interactions. After a certain period, the change speed is accelerated. In the stable stage, the change speed tends to be steady. The design principle of the correction parameter f (x) is given by Equation (9): where K is the max value of past reputation score. µ and η measure the speed of curve change. Then, the S pr is given by Equation (10): where b is the reward value obtained each time, S prt is the upper limit value of reputation rewards obtained in the past and n is the number of rewards obtained.
• QoS: it is a parameter used to measure the service level of a consensus node based on the network features of nodes in the network layer. Researchers in paper [64][65][66] have laid a foundation for the QoS measuring methods in ICN. The performance characteristics are represented by a set of general parameters which can be latency, jitter, packet loss rate, effective caching, bandwidth, etc. QoS parameters are quantified by the aggregate value of each specific metric. Considering the compatibility of our model with multiple measuring methods, we uniformly convert the evaluation results of different methods into a "QoS score" ranging from 1 (Low Priority) to 10 (High Priority). It should be noted that we do not discuss the specific aggregation methods of QoS value in this paper. In the subsequent analysis, we use the score value S QoS as a parameter to measure the QoS reputation of all nodes. S QoS is set by Equation (11) as follow: where t k is the time interval of QoS measurement, QoS is the measured value at time slot is t k and n is the total number of QoS measurement. QoS ul is the upper limit of the QoS value. We normalized the value of QoS into the S QoS of our scoring criteria. The Qos reputation can also be applied to the node inactivation detection as the basic failure detection strategy.
The node trust S i is computed by multiplying the multi-factor trust parameters and the trust weight, which is represented as follow: where ρ = T(j) = e −τ(t j −t 0 ) . w rep , w pr , and w Qos is the weight coefficient of Rup eval , S pr and S QoS . T(j) is a time factor, defined to measure the access duration of consensus nodes. τ is a time attenuation factor T(j). The access time of the consensus node is t 0 and the current time slot is t j . The delay between them is used to measure the effectiveness of initial reputation, which gradually weakens with the passage of time. In addition, due to the high reliability of our reputation evaluation mechanism, in the view change in the consensus stage, we can directly select the node with high reputation value in the intra-shards to replace the primary node, so as to avoid the broadcast overhead caused by the view change in primary node inactivation. In the next section, we describe the sharding scheme of our model.

Sharding Scheme
The proposed reputation-based sharding scheme's objective in assigning nodes to shards is to find an optimal shard distribution set according to the reputation value of nodes and network distance. Let N be the total number of consensus nodes satisfying N = ∑ K i=1 N k , where N k represents the number of nodes in the kth shard. S ki is the reputation score of the node i in the kth shard. AT k represents the aggregated trust of the kth shard set, AT k = ∑ N k i=1 S ki . r k is the total number of believable validators in the kth shard whose reputation score exceeds threshold S th . D i,j is the network distance of node i and node j. The problem statement of our model is described as follow: (1) The aggregate trust difference for each shard should be less than threshold θ: (2) The aggregated reputation value of believable validators and normal validators for each shard should be more than threshold Φ 1 and Φ 2 : (3) All the shard clusters are evenly distributed in the network instead of gathering in a domain; (4) Nodes with the same consensus process in each shard should be separated into different shards in the next epoch, which is to ensure the randomness of shards and avoid collusion attack. (5) To optimize a shard algorithm, aim to minimize network diameter within the shard.
The smaller the network diameter, the shorter the average broadcast time between any two nodes, thus effectively reducing the broadcast latency.
These properties are applied to the proposed sharding modified scheme. We implement the sharding method to organize the nodes across the network into several clusters based on the well-known AP (Affinity Propagation) algorithm [67]. For most existing algorithms for data clustering, the number of clusters must be predetermined before running the clustering procedure. However, predetermining shard groups limits the acquisition of the optimal solution in sharding detection. Therefore, the AP algorithm realizes a method to determine the optimal number of intra-shards based on reputation value and network distance. Meanwhile, researchers have shown that the square-error of the clustering result and efficiency of algorithm are superior to the traditional K-Means algorithm, C-means algorithm, etc.
Affinity propagation takes as input a collection of similarities between data points, where the similarity s(i, k) indicates how well the data point with index k is suited to be the exemplar for data point i [67]. We optimize the calculation method of similarity by cosine similarity. The cosine similarity Sim i,k of two data vectors of node i and k is expressed as Equation (15): where → x i = (S i , D i,k ), → x k = (S k , D k,i ), and D i,k the network distance from node i to node k, which is equal to the network latency. It should be noted that the two network latencies D i,k and D k,i are not necessarily equal. The description of the algorithm is exhibited as follows (Algorithm 1):
[Cluster(x 1 ), ···, Cluster(x n )]: Cluster(x i ) represents which cluster(group) x i belongs to. 1: Calculate the similarity s (i, k) between data point x i and x k (i, k = 1, 2, ···, n). All the similarities form the similarity matrix S = [s (i, k)] n×n 2: p ← preference according to a priori convention. 3: Initial the availability matrix A = [a (i, k)] n×n as a zero matrix: a (i, k) = 0. 4: repeat 5,6,7,8,9 until R and A converge and Update the matrix R = [r (i, k)] n×n using the rule follow: 6: Update the matrix A = [a (i, k)] n×n using the rule follow: : Calculate the aggregate trust using rule: AT k = ∑ N k i=1 S ki 10: Calculate the exemplar labels C = [C 1 , C 2 , ···, C n ] using rule: 11: Calculate the cluster labels using rule: Cluster(x i ) = Cluster(C i ) After the affinity propagation, the exemplar labels C i represent the sharding labels of consensus nodes. The believable league is selected by v 1 validators whose reputation value is over tr th and the aggregate trust of each believable league meets the Equation (14). The normal league consists of v 2 nodes which are randomly selected from the remaining validators in the shard. Meanwhile, the aggregate trust of each normal league should be more than threshold Φ 2 shown as Equation (14). Then, the possible combinations of leagues are shown as Equations (16) and (17): where l 1 and l 2 are the total numbers of believable league and normal league. L is the total number of combinations which can complete transaction verification. We select an alternative randomly within an election period, and the alternative can be replaced in the next election period of one epoch. At the same time, in order to increase randomness and fairness, the nodes that complete the consensus in each round reduce a random number from the existing reputation value. This does not mean that the reputation value of the node is really reduced, but rather the transformation in the calculation of clustering parameters, which is similar to the Servi mechanism of PoB [53]. Compared with a fixed number of validators, our approach is more flexible and random in the selection of validation groups. It provides a possible solution that the epoch of shards can be prolonged without increasing the security risk, even in days. In the next section, we prove the randomness of the scheme is bias resistant and give the security analysis of the whole scheme.

Security Analysis
In this section, we first give the most concerned bias-resistant proof in the sharding scheme, and then give a security analysis of the reputation evaluation algorithm on which the sharding algorithm depends.

Bias-Resistant Proof
For proving the bias resistance of our model, we introduce the proof that the corresponding shard distribution problem is NP-hard. Therefore, there is no exact algorithm that is guaranteed to find the optimal solution within polynomial time. The proof process is as follows: Proof. The shard distribution problem (denoted as D) is to find k disjoint and non-empty shard set G i , which satisfys the condition as Equations (13) and (14). G = G 1 ∪G 2 ∪· · ·∪G k . The value of θ is infinitely close to zero. In this case, the core problem of D is reduced to a partition problem finding, that is, a group of numerical values are divided into k mutually disjoint groups according to the constraint Equations (13) and (14), so as to minimize the difference between subsets. The result of grouping ensures that the aggregate reputation trust difference of each partition is as small as possible. According to the definition of the K-partition problem, it can be seen that this is a NP complete problem [68]. On the other hand, the D problem is an optimization problem to find the optimal set G. For a given arbitrary solution set G*, there is no polynomial time algorithm to verify that the given G* can obtain the best set G satisfying Equations (13) and (14). Therefore, the D problem is not the NP problem. Since the problem D/ ∈NP, it is NP-hard not in NP-complete (NPC).

Security Analysis of the Reputation Algorithm
The multi-factor reputation model extends the evaluation dimension of reputation value. The QoS and QoSP parameters are the reputation obtained by the network measurement information and trusted third party certification. Any consensus node cannot cheat on these two parts of reputation by hiring larger ghostwriters. Meanwhile, we design the time attenuation factor T(i) and correction function f (x) to prevent some malicious nodes from improving reputation value through a small number of successful interactions. The accumulation of high reputation value requires a certain period and cannot be obtained by cheating. Any new node cannot significantly improve reputation value by performing well in a short time. We also prove this in the experiment in the next section. Meanwhile, the cost of malicious behavior is powerfully expensive so that the validator has no incentive to misbehave under any circumstances. Therefore, when the reputation value of a consensus node reaches the trust threshold Sth, it is almost impossible to conduct malicious behavior.

Performance Evaluation
We built our experiments based on the OMNET++ simulation platform for evaluating the performance of our model. The experimental environment of simulation is configured as following: Intel i7-4790 CPU @ 3.60ghz (8 CPU cores), memory 4096 MB, system model Dell OptiPlex 9020. In this paper, the simulation of network topology is built by importing different scenarios and topology types from INET supported by OMNET. Communication link delay is set as 100 ms and network bandwidth is 20 Mbps, which is consistent with the measurement values of bitcoin and Ethereum [69]. The total number N of nodes in the blockchain network is 1000. The experiment result is tested 5 times and each test included 100 rounds of consensus.
The minimum and maximum values of the node's real reputation value is set to 1 and 10, respectively. The variation range of initial reputation value is set between 3 and 5. It is measured by whether a node provides recommendation reputation. The initial reputation of a node that does not provide recommendation reputation is 3. Qos reputation is counted by the the packet loss rate, latency and jitter, which is recorded in the log information of the consensus node. The simulation parameters used in the proposed scheme are presented in Table 2. In the consensus commitment and preparation stage of PBFT, the packet loss rate is set to a random value from 0.05 to 0.1. We set the false response probability (FRP) as an indicator to simulate the robustness of response message. The parameter represents the probability that the commitment or preparation message of a consensus node is corrupted. The FRP is set by Equation (19), which includes two conditions: 1.
An error message from consensus nodes should be rejected by the model.

2.
A false positive message indicates that normal feedback is incorrectly detected as malicious feedback by the model The non-consensus evaluation reputation value is obtained by adding the real reputation value and a Gaussian noise with zero mean value. The variance of the noise is a dynamic variable kσ in the experiment, where k is the scale factor of the noise variance and σ is the variance unit of noise. In the experiment, the value of K is 1, 2 or 3, which can test the influence of different feedback noise on the reputation model. Since reputation score feedback is a subjective uncertainty value, unit noise variance σ is set to 1, which indicates a relatively large noise [70].
The correction parameter of past reputation is set as fitting curves f 1 (x), which is shown as Equation (9). The fitting curve is calculated by the following conditions and the image of the curve is shown in Figure 5 1.
The curve tends to be stable at the 10 times interaction; 2.
The coefficient of initial accumulation value is 0.1; 3.
The coefficient of the fifth interaction is 0.5.
The correction parameter of past reputation is set as fitting curves f1(x), which is shown as Equation (9). The fitting curve is calculated by the following conditions and the image of the curve is shown in Figure 5 1. The curve tends to be stable at the 10 times interaction; 2. The coefficient of initial accumulation value is 0.1; 3. The coefficient of the fifth interaction is 0.5. At the beginning of the experiment, we regard all nodes as new nodes and set the reputation value of nodes to 4 for clustering. In total, 1000 nodes are randomly generated in the range of 10 4 × 10 4 (m 2 ). In order to facilitate the visualization of clustering results, in our simulation settings, the network coordinate distance is directly proportional to the network latency. However, in real-world scenarios, the network latency of nodes close to each other is not necessarily lower. Therefore, in the similarity calculation, we measure the network latency as a distance parameter rather than the real geographical distance. The damping factor λ is 0.5. The clustering results in Figure 6 show that the number of clustering groups is 28, and the number of nodes in each group is between 30-40. Then, we build a PBFT consensus simulation through the OMNeT++ platform to simulate the consensus process in each shard and analyze the evaluation reputation through additional packets between nodes. The change in reputation value is recorded every two rounds.  x axis/10km y axis/10km The intial sharding result At the beginning of the experiment, we regard all nodes as new nodes and set the reputation value of nodes to 4 for clustering. In total, 1000 nodes are randomly generated in the range of 10 4 × 10 4 (m 2 ). In order to facilitate the visualization of clustering results, in our simulation settings, the network coordinate distance is directly proportional to the network latency. However, in real-world scenarios, the network latency of nodes close to each other is not necessarily lower. Therefore, in the similarity calculation, we measure the network latency as a distance parameter rather than the real geographical distance. The damping factor λ is 0.5. The clustering results in Figure 6 show that the number of clustering groups is 28, and the number of nodes in each group is between 30-40. Then, we build a PBFT consensus simulation through the OMNeT++ platform to simulate the consensus process in each shard and analyze the evaluation reputation through additional packets between nodes. The change in reputation value is recorded every two rounds.
image of the curve is shown in Figure 5 1. The curve tends to be stable at the 10 times interaction; 2. The coefficient of initial accumulation value is 0.1; 3. The coefficient of the fifth interaction is 0.5. At the beginning of the experiment, we regard all nodes as new nodes and set the reputation value of nodes to 4 for clustering. In total, 1000 nodes are randomly generated in the range of 10 4 × 10 4 (m 2 ). In order to facilitate the visualization of clustering results, in our simulation settings, the network coordinate distance is directly proportional to the network latency. However, in real-world scenarios, the network latency of nodes close to each other is not necessarily lower. Therefore, in the similarity calculation, we measure the network latency as a distance parameter rather than the real geographical distance. The damping factor λ is 0.5. The clustering results in Figure 6 show that the number of clustering groups is 28, and the number of nodes in each group is between 30-40. Then, we build a PBFT consensus simulation through the OMNeT++ platform to simulate the consensus process in each shard and analyze the evaluation reputation through additional packets between nodes. The change in reputation value is recorded every two rounds.  x axis/10km y axis/10km The intial sharding result  Figure 7 validates the average convergence time of our reputation evaluation mechanism. We select three groups of nodes with real reputation values of 5, 7 and 9 as representatives for comparison. As shown in Figure 7, the higher reputation value requires longer convergence time, which also proves our view in Section 3 that high reputation value can not be obtained by cheating in a short time. Figure 8 shows the comparison of the convergence time of reputation value from 1 to 10. We can see that for malicious nodes with reputation value less than 4, the reputation algorithm can be found within 6 rounds, while for trusted nodes with reputation value greater than 6, at least 15 rounds of reputation accumulation are required. Meanwhile, we also compared the reputation value statistical algorithm proposed in [32,38]. The comparison parameter is through the normalized mean square error (NMSE), which is defined by Equation (21). Figure 9 shows the evaluation results of the three trust algorithms. It can be seen that our reputation algorithm is obviously closer to the actual reputation value and the evaluation effect is better than [32,38].
requires longer convergence time, which also proves our view in Section 3 that high reputation value can not be obtained by cheating in a short time. Figure 8 shows the comparison of the convergence time of reputation value from 1 to 10. We can see that for malicious nodes with reputation value less than 4, the reputation algorithm can be found within 6 rounds, while for trusted nodes with reputation value greater than 6, at least 15 rounds of reputation accumulation are required. Meanwhile, we also compared the reputation value statistical algorithm proposed in [32] and [38]. The comparison parameter is through the normalized mean square error (NMSE), which is defined by Equation (21). Figure 9 shows the evaluation results of the three trust algorithms. It can be seen that our reputation algorithm is obviously closer to the actual reputation value and the evaluation effect is better than [32,38].  requires longer convergence time, which also proves our view in Section 3 that high reputation value can not be obtained by cheating in a short time. Figure 8 shows the comparison of the convergence time of reputation value from 1 to 10. We can see that for malicious nodes with reputation value less than 4, the reputation algorithm can be found within 6 rounds, while for trusted nodes with reputation value greater than 6, at least 15 rounds of reputation accumulation are required. Meanwhile, we also compared the reputation value statistical algorithm proposed in [32] and [38]. The comparison parameter is through the normalized mean square error (NMSE), which is defined by Equation (21). Figure 9 shows the evaluation results of the three trust algorithms. It can be seen that our reputation algorithm is obviously closer to the actual reputation value and the evaluation effect is better than [32,38].  The real reputation value The convergence rate/round The number of transactions packaged in a block is set as 2000 [69]. Ts indicates the time point of the block arriving at the intra-shard, and Te represents the time point at which the PBFT consensus completion. Then, the TPS may be measured as the transaction throughput as Equation (22) 2000 1    s e T T TPS (22) We compare the proposed model with a classical sharding scheme Omniledger [18]. The experimental results are shown in Figure 10. It can be seen from the experimental results that due to the addition of network latency parameters, the broadcast latency in intra-shard is significantly reduced, which significantly improves the transaction throughput and proves the advantages of our model. The clustering results after 100 rounds of consensus are shown in Figure 11.  The number of transactions packaged in a block is set as 2000 [69]. T s indicates the time point of the block arriving at the intra-shard, and T e represents the time point at which the PBFT consensus completion. Then, the TPS may be measured as the transaction throughput as Equation (22) We compare the proposed model with a classical sharding scheme Omniledger [18]. The experimental results are shown in Figure 10. It can be seen from the experimental results that due to the addition of network latency parameters, the broadcast latency in intrashard is significantly reduced, which significantly improves the transaction throughput and proves the advantages of our model. The clustering results after 100 rounds of consensus are shown in Figure 11. The number of transactions packaged in a block is set as 2000 [69]. Ts indicates the time point of the block arriving at the intra-shard, and Te represents the time point at which the PBFT consensus completion. Then, the TPS may be measured as the transaction throughput as Equation (22) 2000 1    s e T T TPS (22) We compare the proposed model with a classical sharding scheme Omniledger [18]. The experimental results are shown in Figure 10. It can be seen from the experimental results that due to the addition of network latency parameters, the broadcast latency in intra-shard is significantly reduced, which significantly improves the transaction throughput and proves the advantages of our model. The clustering results after 100 rounds of consensus are shown in Figure 11.

Conclusions
In this paper, we proposed a reputation-based sharding blockchain consensus model in ICN. Our model focused on the key challenges in the existing sharding mechanism, which are reliability and efficiency. Most the researchers devote their attention to the optimization of cross-shard transactions or fairness shard, while lacking consideration of the potential sharp increases of malicious attacks in intra-shards and the influence of underlying network parameters on consensus efficiency. To address these challenges, we optimized a multi-dimension reputation model and leveraged the AP algorithm for gathering consensus nodes into shards. We prove the robustness of the multi-dimension reputation model since the high reputation value cannot be obtained by cheating or bribery attack. Given the minimal possibility to be at fault in the security of validation, the model achieves real-time processing speed with assurance. The experimental results demonstrate that in comparison with existing classical sharding schemes, our model exhibits better security and efficiency.
As future work, we intend to more deeply research the integration of ICN and blockchain. Using the characteristics of the ICN, the blockchain can sink various technologies into the network. The performance of the blockchain in communication and storage can be optimized by the ICN approach. Therefore, the efficiency and availability of the sharding blockchain will be further improved to better serve the IoT, AR/VR, or 5G/6G scenarios. x axis/10km y axis/10km The sharding result after 100 rounds of consensus Figure 11. The clustering results after 100 rounds of consensus.

Conclusions
In this paper, we proposed a reputation-based sharding blockchain consensus model in ICN. Our model focused on the key challenges in the existing sharding mechanism, which are reliability and efficiency. Most the researchers devote their attention to the optimization of cross-shard transactions or fairness shard, while lacking consideration of the potential sharp increases of malicious attacks in intra-shards and the influence of underlying network parameters on consensus efficiency. To address these challenges, we optimized a multi-dimension reputation model and leveraged the AP algorithm for gathering consensus nodes into shards. We prove the robustness of the multi-dimension reputation model since the high reputation value cannot be obtained by cheating or bribery attack. Given the minimal possibility to be at fault in the security of validation, the model achieves real-time processing speed with assurance. The experimental results demonstrate that in comparison with existing classical sharding schemes, our model exhibits better security and efficiency.
As future work, we intend to more deeply research the integration of ICN and blockchain. Using the characteristics of the ICN, the blockchain can sink various technologies into the network. The performance of the blockchain in communication and storage can be optimized by the ICN approach. Therefore, the efficiency and availability of the sharding blockchain will be further improved to better serve the IoT, AR/VR, or 5G/6G scenarios.