Fact-checked by Grok 2 weeks ago

Proof of authority

Proof of Authority (PoA) is a blockchain consensus mechanism that authorizes a limited set of trusted validators, selected based on their identity, reputation, and pre-approval, to create new blocks and validate transactions, thereby achieving network agreement without relying on energy-intensive proof-of-work mining or probabilistic proof-of-stake staking. Introduced in 2017 by Gavin Wood, co-founder of Ethereum and Parity Technologies, PoA prioritizes efficiency and scalability over decentralization, making it particularly suitable for permissioned networks, private blockchains, and test environments where participants are known entities. In systems, validators operate in a fashion, taking turns to propose blocks within fixed time intervals, often called "steps" or "rounds," to ensure timely finality and minimize latency. This process typically involves a predefined list of authorities who sign blocks, with mechanisms to detect and penalize misbehavior such as issuing multiple blocks or proposing out-of-turn, thereby maintaining integrity through reputation stakes rather than economic penalties. Common implementations include (Authority Round), developed by for its client, which divides time into discrete steps where the primary validator for each step is determined modulo the number of authorities, allowing for block times as short as one second and finality once more than half the authorities have signed a chain. Another variant is , standardized in Ethereum Improvement Proposal 225 (EIP-225), which uses a similar signer-based approach but incorporates mechanisms among signers to dynamically adjust the validator set, enhancing flexibility for enterprise use. PoA networks offer significant advantages in performance, including high throughput, low resource requirements, and resistance to spam attacks common in public s, as demonstrated by its adoption in the now-deprecated Kovan Ethereum to replace vulnerable proof-of-work systems. However, its reliance on a small, trusted group of validators introduces centralization risks, such as potential or single points of failure, limiting its applicability to scenarios where participants can be vetted, such as consortium blockchains involving organizations like those in (e.g., the POA Network) or enterprise platforms. Despite these trade-offs, PoA remains a foundational mechanism for hybrid and permissioned deployments as of 2025, influencing subsequent developments in scalable technologies.

Overview

Definition

In blockchain networks, consensus mechanisms are protocols that allow a distributed set of nodes to agree on the validity of transactions and the state of the ledger without a central , ensuring and consistency in decentralized systems. (PoA) is a that relies on a small, pre-approved group of validators—identified by their verifiable or reputation—to validate transactions and produce new blocks, rather than through competitive resource expenditure. This approach is designed for efficiency in environments where trust can be established among participants, making it distinct from permissionless networks that permit open, anonymous involvement and instead aligning with permissioned networks where access is controlled and identities are known. At a high level, operates by having these authorized validators take turns signing blocks in a predetermined sequence, with the network accepting blocks that receive sufficient endorsements from the majority of validators to maintain integrity and resolve any discrepancies. This reputation-based validation prioritizes the validators' accountability over proof of computational effort or economic stake, enabling faster suitable for or blockchains.

Key Features

Proof of Authority (PoA) distinguishes itself through its emphasis on efficiency, achieving low energy consumption by eliminating the need for resource-intensive computational puzzles or staking requirements typical of other consensus mechanisms. Instead, block production is handled by a pre-selected group of validators, minimizing hardware demands and environmental impact compared to energy-heavy alternatives. This design enables high transaction throughput, with implementations capable of processing up to 10,000 transactions per second (TPS), far exceeding the limitations of many public blockchains. Additionally, PoA supports fast block finality, often confirming transactions in under one second, due to the streamlined process among a limited number of validators operating in a round-robin fashion. At its core, PoA's trust model centers on identity verification rather than economic penalties or proof of computational effort, where validators their reputation by linking public keys to verifiable real-world identities, such as through know-your-customer (KYC) processes or affiliations with established organizations. This approach fosters , as malicious behavior risks damaging a validator's professional standing, thereby incentivizing honest participation without relying on token burns or slashing. The mechanism's permissioned nature makes it particularly suited for private or blockchains, where all participants are pre-vetted and known entities, ensuring controlled and reduced risk of attacks. PoA enhances scalability by significantly reducing network overhead, as the absence of competitive mining or broad staking participation limits the number of nodes involved in to a small, efficient set. This results in lower usage and faster propagation of blocks across , allowing for seamless operation in environments with dozens rather than thousands of participants. Overall, these features position PoA as an optimal choice for enterprise-grade applications requiring reliability and performance without the decentralization trade-offs of permissionless systems.

History and Development

Origins

Proof of authority (PoA) emerged in the mid-2010s as a consensus mechanism designed to address the computational inefficiencies and high energy demands of (PoW) in permissioned environments, where participants are pre-identified and partially trusted. This approach was particularly suited for private or networks, offering faster finality without the need for resource-intensive . Influenced by established Byzantine fault tolerance (BFT) protocols from distributed systems research, PoA shifted the trust model from computational puzzles to verifiable identities, enabling among a limited set of authorized validators while tolerating a fraction of faulty or malicious nodes. The concept was first articulated in late 2015 by , co-founder of and Technologies, in a GitHub document outlining "PoA Private Chains." In this early proposal, Wood described PoA as a lightweight alternative for non-public networks, emphasizing identity-based validation to achieve high throughput in controlled settings, such as enterprise applications. This drew from broader ideas in distributed systems regarding and as stakes, adapting them to blockchain's decentralized ledger requirements. By 2016-2017, the Ethereum developer community formalized PoA through Ethereum Improvement Proposal (EIP) 225, titled "Clique: Proof-of-Authority Consensus Protocol." Authored by Péter Szilágyi and others, this proposal detailed a simple, embeddable protocol for private chains, building on Wood's ideas to shadow Ethereum's mainnet design while prioritizing ease of implementation for testing and enterprise use. Early discussions in Ethereum forums highlighted PoA's potential as a PoW alternative for scenarios requiring scalability and low latency, such as internal corporate blockchains.

Key Milestones

In 2017, the proof-of-authority () consensus protocol was formally introduced through Ethereum Improvement Proposal 225 (EIP-225), enabling efficient validation by pre-approved nodes for private and test networks. This mechanism was quickly adopted for Ethereum testnets, with the testnet launching in April 2017 as one of the first to utilize Clique for cross-client synchronization and development testing. The following year, the Goerli testnet was announced in May 2018 at the ETH Berlin conference and launched in January 2019, further establishing PoA as a standard for public test environments compatible with major Ethereum clients like Geth and Nethermind. From 2018 to 2020, saw increased adoption in platforms and real-world applications. VeChain launched its mainnet in July 2018, employing a consensus to facilitate traceability, with early pilots demonstrating enhanced in and product . In August 2019, Besu was announced as an open-source client under the Foundation, integrating alongside other protocols like IBFT 2.0 to support permissioned networks for use cases. These developments marked 's shift from testing to practical deployment, with pilots—such as those by VeChain with partners like —highlighting its efficiency in tracking goods without the energy demands of proof-of-work. Between 2021 and 2023, experienced growth through consensus models and applications in chains for (DeFi). Research advanced approaches combining with elements of proof-of-stake or proof-of-work to balance security and scalability, as detailed in comprehensive reviews of mechanisms. chains, often EVM-compatible, became popular for DeFi testing and controlled environments, enabling faster transactions while maintaining . Ethereum's transition to proof-of-stake via The Merge in September 2022 indirectly influenced sidechains, as networks like xDai (now Gnosis Chain) transitioned to proof-of-stake in December 2022 via its own "Merge," enhancing and with the PoS mainnet while aiming to maintain efficiency. In 2024 and 2025, integrated into emerging sectors like () blockchains and applications. Variants such as Proof of Random Leader (PoRL) emerged, using verifiable random functions for leader selection in permissioned networks to resist manipulation and improve fairness. For , trust-weighted PoA mechanisms were proposed to secure data transmission in resource-constrained devices, as seen in frameworks for scalable IoT networks. In , PoA-based systems advanced secure data sharing, with frameworks employing PoA and smart contracts for and monitoring in healthcare supply chains, ensuring ethical, transparent operations. In November 2025, VeChain announced a transition from PoA to Delegated Proof of Stake (DPoS), with mainnet activation scheduled for December 2, 2025. These innovations underscored PoA's adaptability for privacy-sensitive, high-stakes environments up to late 2025.

Technical Mechanism

How PoA Works

In Proof of Authority (), the consensus mechanism operates through a predefined set of trusted validators, known as signers or sealers, who are responsible for proposing and authenticating blocks in a permissioned network. The process is designed for efficiency in private or consortium environments, such as Ethereum testnets, where computational waste is minimized by relying on identity-based authorization rather than resource-intensive computations. The core algorithm begins with transaction collection by the currently designated validator. This node aggregates pending transactions from the network's mempool, constructs a block header—including the parent hash, state root, transactions root, and other metadata—and prepares the block for sealing within a configurable block period, such as 15 seconds in Clique implementations. Next, the validator signs the block header using its private key, based on the secp256k1 standard, to produce a 65-byte that serves as the block's . This is embedded in the block's extraData , confirming the validator's and preventing unauthorized alterations. The signed block is then broadcast to all other nodes in the network. Upon receipt, other nodes verify the block by checking the against the list of authorized validators, ensuring the signer's matches and the block complies with rules—such as the advancing by at least the block from the parent and the difficulty level (2 for in-turn proposals, 1 for out-of-turn). Valid blocks are accepted and added to the local chain; invalid ones, including those from unauthorized sources, are discarded. Validator rotation follows a deterministic , such as by block number the number of validators in or slot number in , ensuring equitable turns. In , a is restricted from signing more than \lfloor N/2 \rfloor + 1 consecutive , where N is the number of validators, after which the turn passes to the subsequent at the end of the seal interval. Block finality in PoA is generally achieved quickly through acceptance by a of validators, with short-lived forks resolved by prioritizing the chain with the most valid blocks, without the lengthy probabilistic confirmations required in mechanisms like . Any short-lived forks, which may arise from network delays or out-of-turn proposals, are resolved quickly by prioritizing the chain with the most in-turn blocks, leveraging the trusted validator set for rapid convergence.

Validator Selection and Roles

In Proof of Authority (PoA) networks, validators are typically pre-approved by network administrators or mechanisms based on established , identity verification processes such as know-your-customer (KYC) requirements, or affiliation with trusted organizations like corporations. This selection emphasizes , as validators stake their identity rather than computational resources or tokens, often requiring public key certificates or multi-signature approvals to join a limited set, commonly ranging from 5 to 25 participants to ensure manageability and . For instance, in implementations like 's , the initial list of authorities is defined in the configuration and maintained through on-chain . Validators fulfill distinct roles to maintain network integrity, with a primary selected in each round to propose and sign new blocks, ensuring timely block production within fixed intervals. Secondary validators, comprising the rest of the approved set, verify proposed blocks by checking signatures and validity, and they can or vote against misbehavior such as unauthorized signing or attempts. In protocols like Authority Round (Aura), the primary role rotates deterministically among the authority list based on the current number the number of validators, promoting equitable participation. Validator management involves periodic rotation among the approved set to distribute computational load and improve resilience against failures, often implemented via in or epoch-based updates in every 30,000 blocks. In implementations supporting dynamic sets like , misbehavior, including prolonged downtime or offline status, can lead to removal through majority voting by other validators, effectively revoking the offender's without traditional stake penalties; for example, in , votes use special values in block headers to add or evict signers once a is met. This democratic removal process enhances while keeping the validator pool dynamic yet controlled.

Comparisons with Other Mechanisms

Versus Proof of Work

Proof of Authority (PoA) and (PoW) represent contrasting approaches to achieving in networks, with PoA prioritizing efficiency through trusted validators and PoW emphasizing computational competition for security. In terms of resource efficiency, PoA avoids the energy-intensive mining puzzles central to PoW, requiring only negligible computational resources from a limited set of pre-approved validators, making it far more environmentally sustainable and cost-effective for operation. In contrast, PoW relies on miners solving complex hash-based cryptographic challenges with adjustable difficulty, which demands substantial electricity and hardware, as exemplified by Bitcoin's network consuming energy comparable to entire countries. Regarding decentralization, PoA inherently trades off broader participation for speed and reliability by restricting block production to a fixed group of authorized entities, such as reputable organizations, resulting in a more centralized structure that limits . PoW, however, enables greater through its permissionless model, where any participant with sufficient computing power can compete to validate blocks, fostering a wider of influence but at the cost of higher coordination overhead. This makes PoA particularly suitable for private or consortium blockchains, while PoW underpins public networks like . The security models of and PoW differ fundamentally in their trust assumptions. depends on the and identity of validators, who stake their credibility as against misbehavior, tolerating faults from fewer than half of the nodes (p < n/2) through mechanisms like to remove malicious actors. PoW, by comparison, enforces security via economic disincentives, where attacks like a 51% require controlling over half the network's rate, imposing high financial costs due to the wasteful involved. While PoW resists Sybil attacks through proof of computational effort, 's reliance on trusted identities heightens risks if validators are compromised or collude. Performance-wise, delivers superior throughput and latency by eliminating competitive , enabling block times as low as under 1 second and supporting higher (TPS), such as around 60 TPS in certain implementations, which scales well with fewer nodes. PoW networks, constrained by the time needed to solve puzzles and propagate solutions, achieve lower rates, with processing approximately 7 TPS and block confirmations averaging 10 minutes, leading to more frequent forks and reduced in public settings.

Versus Proof of Stake

Proof of Authority (PoA) and (PoS) are both designed to achieve in networks with lower energy consumption than Proof of Work, but they differ fundamentally in their validation models. PoA relies on a pre-selected group of trusted validators identified by their reputation and identity, whereas PoS selects validators based on the economic stake they lock into the network. This contrast leads to distinct approaches in incentives, participation requirements, fault handling, and performance under varying network conditions. In terms of incentive structures, motivates validators through reputational stakes rather than financial ones; validators risk removal from the authority set for misbehavior, preserving their standing in permissioned environments without direct economic penalties like token slashing. In contrast, employs an where participants lock up as collateral, earning rewards proportional to their stake while facing slashing—partial or full forfeiture of staked assets—for violations such as double-signing or , aligning incentives with through . This reputational focus in suits controlled settings, while 's token-based incentives promote broader participation in public networks. Entry barriers also diverge significantly. PoA operates in a permissioned , requiring rigorous identity verification and vetting by network administrators to join the validator set, which limits participation to approved entities and ensures accountability but centralizes control. PoS, often permissionless, lowers technical barriers by allowing anyone with sufficient to and participate, though this introduces a wealth-based threshold that can favor larger holders and lead to stake concentration. For instance, Ethereum's PoS requires a minimum of 32 to become a , creating an economic absent in PoA's identity-driven selection. Regarding , both mechanisms provide tolerance, but their implementations yield different thresholds and risks. PoA implementations like Ethereum's Clique can tolerate up to approximately 49% malicious (N/2 - , where N is the total validators) through mechanisms such as block minting limits and signer voting, allowing honest majorities to outpace faulty ones and evict misbehaving nodes. PoS systems, such as Ethereum's, typically tolerate less than one-third faulty validators under their BFT protocols, relying on slashing to penalize faults in larger, dynamic pools that reduce risks but increase vulnerability to stake centralization. PoA's fixed, smaller validator sets can mitigate in trusted environments, though they heighten dependence on initial selection integrity compared to PoS's distributed economic disincentives. For scalability, both PoA and PoS offer low computational overhead, enabling higher throughput than without intensive mining. PoA achieves this through efficient or voting-based block production among a limited set of authorities, making it particularly suitable for networks where volatility does not affect performance; for example, resolves forks quickly with minimal messaging. PoS enhances scalability via techniques like sharding and randomized selection, handling larger pools effectively, though it can suffer from price fluctuations impacting . In practice, PoA often excels in low-to-moderate transaction volumes, such as 17-30 in test environments, while PoS scales better for high loads, reaching up to 67 TPS in similar setups. Overall, PoA's stability in controlled settings contrasts with PoS's adaptability to public, variable-scale networks.

Applications and Implementations

In Ethereum and Testnets

Proof of Authority (PoA) has been integrated into the ecosystem primarily through the Clique algorithm, which serves as the standard implementation since its proposal in EIP-225 in 2017. Clique enables efficient consensus in permissioned environments by relying on a set of pre-approved validators, known as signers, to produce blocks in a deterministic manner. This mechanism was adopted for various testnets to facilitate rapid development and testing without the resource demands of (PoW) or the full staking requirements of (PoS). In testnets, powered networks such as Goerli, launched in 2019 as the first cross-client testnet supporting clients like Geth and Nethermind, and initially Sepolia upon its 2021 debut before its transition. Goerli, which operated until its deprecation in April 2024, provided a stable environment for deployment and protocol upgrades, with Sepolia evolving to become the primary lightweight post-deprecation. These testnets utilized to ensure low-latency block production, making them suitable for simulating mainnet conditions in controlled settings. Configuration of Clique PoA networks typically includes a fixed block period of 15 seconds, allowing signers to seal blocks sequentially, and a limited validator count—often around 10 to 20—to maintain while minimizing latency. These parameters are defined in the file and can be adjusted for specific use cases, such as development environments or private networks where trusted parties manage validation. For instance, in Goerli, the length was set to 30,000 blocks, with signers rotating to propose blocks every 15 seconds. During 's transition to via The Merge in September 2022, testnets like Goerli acted as bridges by providing hybrid testing grounds that combined execution layers with beacon chain simulations, enabling developers to validate the upgrade without full infrastructure. Post-Merge, 's role shifted away from public testnets toward enterprise applications and layer-2 sidechains within the Ethereum ecosystem, where its efficiency supports permissioned scalability solutions. As of 2025, continues to be employed in development tools like Hardhat for local testing networks, allowing developers to spin up private chains with custom signer sets for rapid iteration on smart contracts and dApps. This persists in enterprise contexts, such as consortium blockchains, ensuring compatibility with Ethereum's tooling while offering controlled performance.

Other Blockchains and Use Cases

VeChain employs (PoA) as its core consensus mechanism to ensure efficient governance and prevent anonymous block production in its , which is optimized for enterprise applications like . The platform's contract manages candidate proposers, enabling vetted nodes to validate transactions while maintaining accountability through known identities. Recent upgrades, such as PoA 3.0 in 2025, enhance inclusivity by reducing KYC requirements for validators, further supporting scalable operations; however, as of November 2025, VeChain has announced the Hayabusa upgrade for December 2, 2025, which will transition the network to Delegated Proof of Stake (DPoS). Hyperledger Besu supports multiple PoA protocols, including , IBFT 2.0, and QBFT, tailored for private enterprise networks where participants are pre-identified and trusted. These mechanisms facilitate high-throughput in permissioned environments, such as those requiring tolerance for business collaborations. Besu’s PoA implementations are particularly suited for sectors demanding low and without public exposure. Polygon Edge defaults to PoA consensus for bootstrapping EVM-compatible blockchains, allowing developers to create customizable networks with pre-approved validators for rapid block production. It supports seamless upgrades from PoA to , enabling hybrid setups for evolving private or consortium chains. This flexibility makes it ideal for building application-specific ledgers with minimal resource overhead. In (IoT) networks, hybrid PoA variants combine authority-based validation with lightweight elements to address resource constraints, such as in distributed systems where devices authenticate via reputation and honesty metrics. For instance, trust-weighted PoA integrates to secure data transmission in IoT ecosystems, reducing computational demands while preventing cloning attacks through randomized leader selection. These hybrids enhance scalability in constrained environments like sensor networks. PoA finds application in private financial consortia, where banks and institutions use permissioned blockchains to execute secure, auditable transactions among trusted parties, leveraging validator identities to ensure and reduce risks. In tracking, platforms like VeChain apply to verify data across multi-tier networks, enabling immutable records for products from manufacturers to consumers. This approach supports real-time without the energy costs of public models. For frameworks in , PoA-based blockchains facilitate data privacy by authorizing healthcare providers as validators to manage de-identified patient records, ensuring secure sharing while complying with regulations like HIPAA. Smart contracts on these networks automate access controls, minimizing breaches in collaborative ecosystems. Recent trends highlight PoA's adoption in the of Blockchained Things (IoBT), particularly for and applications, where lightweight PoA secures decentralized device interactions in high-stakes, resource-limited settings. Additionally, energy-efficient private networks increasingly rely on PoA to cluster validators and optimize consensus, achieving significantly lower power consumption compared to while maintaining . These developments underscore PoA's role in sustainable, specialized infrastructures.

Advantages and Disadvantages

Benefits

Proof of Authority (PoA) offers substantial energy and cost savings due to its minimal computational requirements, as validators are pre-selected based on identity rather than performing intensive calculations like those in (PoW) systems. This approach eliminates the need for energy-intensive , resulting in operational costs that are significantly lower—often by over 99% in compared to PoW networks—while requiring only basic hardware for node operation. PoA provides superior speed and reliability, making it well-suited for applications that demand low and consistent . With a fixed set of trusted validators, block production occurs rapidly, often achieving block times of around 3 seconds, which supports high-volume private transactions without the delays associated with probabilistic consensus in other mechanisms. This efficiency ensures stable network operation, as validators' accountability through verifiable identities minimizes downtime and enhances transaction throughput. The mechanism facilitates in permissioned environments by leveraging real-world identity verification for validators, which simplifies adherence to (KYC) and Anti-Money Laundering (AML) requirements. In such settings, the transparent selection process allows for easier auditing and oversight, aligning with standards in sectors like and where regulatory scrutiny is paramount. PoA's low energy footprint positions it favorably within 2025 sustainability trends in , where there is growing emphasis on models to support global decarbonization efforts and reduce the sector's carbon emissions. By avoiding the high demands of PoW, PoA contributes to greener operations, resonating with initiatives promoting energy-efficient technologies amid increasing regulatory pressures on environmental impact, as seen in applications like the Energy Web Chain for markets as of 2025.

Limitations

Proof of Authority (PoA) consensus mechanisms inherently introduce centralization risks due to their reliance on a limited number of pre-approved , who are selected based on identity and reputation rather than open participation. This structure can create single points of failure if a validator is compromised or goes offline, potentially disrupting network operations, and raises the possibility of among validators to manipulate transactions or block production. In or open network settings, faces challenges stemming from the overhead of vetting and maintaining a trusted set, which involves rigorous identity verification and ongoing . This process becomes impractical and resource-intensive as participant numbers grow into the thousands or millions, making more suitable for permissioned or environments rather than fully decentralized blockchains. Governance in PoA networks is constrained by the need for off-chain coordination to add, remove, or rotate validators, as these changes cannot be executed purely on-chain without compromising the system's efficiency. This reliance on external agreements among a small group of authorities limits adaptability and can lead to bottlenecks in decision-making, particularly when on validator updates is required. As of 2025, the centralized nature of validator models can amplify systemic risks and attract regulatory scrutiny due to concerns over operational concentration and potential facilitation in applications.

Security Aspects

Potential Vulnerabilities

() networks are susceptible to compromise, where an attacker's of a 's private key or execution of attacks can undermine the system's , given that authority is explicitly tied to pre-approved identities rather than computational or economic stakes. In such scenarios, a compromised can propose invalid blocks or facilitate unauthorized transactions, as the relies on the trustworthiness of these fixed identities without inherent cryptographic protections against key exposure. attacks exemplify this vulnerability, allowing a malicious to duplicate a 's across partitions, enabling control over multiple instances and disrupting without needing to breach additional nodes. A variant of the 51% attack in involves gaining control over a majority of the validators, which is more feasible than in Proof-of-Work systems due to the typically small and identifiable set of authorities, potentially enabling or chain reorganization. Unlike resource-intensive attacks in other mechanisms, this requires only or among a of the limited validators, as their identities are public and the network's security hinges on their collective honesty rather than distributed hashing power. Denial-of-service (DoS) attacks pose a significant threat by targeting specific validators to force them offline, thereby halting block production since PoA requires active participation from a quorum of authorities to maintain liveness. Attackers can exploit network delays or partitions to isolate validators, preventing message delivery and causing the system to stall, particularly in implementations like or where synchrony assumptions amplify the impact of targeted disruptions. Over the long term, PoA faces risks of reputation erosion if validators are not periodically rotated, as prolonged reliance on the same authorities can foster complacency, increased potential, or diminished in the network's . This decay in perceived reliability stems from the mechanism's dependence on sustained identity-based , where static validator sets may accumulate undisclosed conflicts of interest, weakening the overall without mechanisms to refresh .

Mitigation Strategies

To address the centralization risks inherent in Proof of Authority (PoA) networks, where a limited set of trusted validators can lead to single points of failure or coordinated attacks, several targeted strategies enhance by strengthening identity verification, introducing dynamic elements, and enforcing . These approaches focus on robust , proactive monitoring, hybrid consensus integrations, and foundational network parameters to bolster resilience without compromising PoA's efficiency. Identity management plays a critical role in PoA by ensuring validators' real-world identities are verifiable and protected against compromise. Validators are typically required to undergo rigorous vetting, such as linking addresses to legal identities through or licensed professions, like U.S. public notaries in the POA Network, to prevent anonymous or fraudulent participation. To secure private keys, modules (HSMs) are employed for cryptographic operations, enabling secure storage and in permissioned environments; for instance, in medical data systems using PoA with QBFT consensus, HSMs manage keys for verification, reducing time while maintaining tamper resistance. Complementing this, (MFA) integrates additional verification layers, such as or tokens, into validator access protocols; a -based MFA framework on a PoA-enabled network achieves 98.6% accuracy by hashing credentials on-chain and validating via smart contracts, effectively countering unauthorized access attempts. Validator rotation and mechanisms introduce variability and oversight to deter among the fixed set. Automated randomizes assignments at regular intervals, such as boundaries every 24 hours in Telcoin's , using algorithms like Fisher-Yates with verifiable from prior signatures to ensure fair representation and unpredictability, thereby minimizing opportunities for coordinated misbehavior. Off-chain complements this by tracking performance through logs and external audits, with tools allowing periodic reviews; in Network implementations, key rotation ceremonies replace compromised credentials, and continuous checks via decentralized applications maintain trust. Hybrid approaches combine with variants to inject randomness and , addressing predictability in leader selection. The 2025 Proof of Random Leader (PoRL) algorithm, for example, enhances by using a for , tolerating up to f < N/2 faulty nodes in a of N while achieving BFT-like (though not full f < N/3 ), resulting in faster and resistance to manipulation attacks compared to deterministic protocols like . This integration prevents targeted exploits by making collusion harder to coordinate, as randomness ensures no validator can predict their role. Network design incorporates minimum validator thresholds and penalties to enforce reliability and deter misbehavior. PoA protocols like QBFT in Besu require at least four validators to achieve basic tolerance, preventing network stalls from single failures and ensuring quorum-based decisions (e.g., 2f+1 approvals). For accountability, misbehaving s—such as those missing blocks or spreading invalid data—face removal through votes; in Aura-based , a ballot via dedicated applications can disable offenders after a 48-hour period, while voting protocols allow bypassing malicious leaders to sustain operations. These mechanisms, akin to slashing in stake-based systems but reputation-focused, maintain network integrity by linking validator privileges to ongoing compliance.

References

  1. [1]
    Kovan Testnet Proposal
    Mar 1, 2017 · The authors propose the formation of a public Proof-of-Authority (PoA) Ethereum testnet, named “Kovan”. This new testnet will be using Parity ( ...Missing: original | Show results with:original
  2. [2]
    OpenEthereum Documentation - Aura - Authority Round
    Aura (Authority Round) is one of the Blockchain consensus algorithms available in OpenEthereum. Parameters Description Time is divided into discrete steps.Missing: mechanism | Show results with:mechanism
  3. [3]
    EIP-225: Clique proof-of-authority consensus protocol
    Mar 6, 2017 · Clique is a proof-of-authority consensus protocol. It shadows the design of Ethereum mainnet, so it can be added to any client with minimal effort.
  4. [4]
    What Is Blockchain Security? | IBM
    All transactions within the blocks are validated and agreed upon by a consensus mechanism, ensuring that each transaction is true and correct. Blockchain ...
  5. [5]
    Proof-of-Authority Chains · OpenEthereum Documentation
    Aura and Clique are the two available consensus algorithms for PoA. More details on other chain parameters are available on the Chain specification page ...<|control11|><|separator|>
  6. [6]
    Proof-of-authority (PoA) - Ethereum.org
    Proof-of-authority (PoA) is a reputation-based consensus algorithm that is a modified version of proof-of-stake. It is mostly used by private chains, ...What Is Proof-Of-Authority... · How It Works · Attack VectorsMissing: original | Show results with:original
  7. [7]
    VeChain Technical AMA — Software Questions Part 1
    Feb 23, 2018 · The VeCain Thor blockchain can achieve 10,000 tps with no difficulty. The foundation can adjust its performance based on the current blockchain ...
  8. [8]
    [PDF] PBFT vs Proof-of-Authority: Applying the CAP Theorem to ...
    Proof-of-Authority (PoA) is a new family of Byzantine fault-tolerant (BFT) consensus algorithms largely used in practice to ensure better performance than ...
  9. [9]
    guide/poa.md at master · ethereum/guide
    **Extracted Content:**
  10. [10]
    EIP-225: Clique proof-of-authority consensus protocol
    Nov 9, 2018 · The main design goals of the PoA protocol described here is that it should be very simple to implement and embed into any existing Ethereum ...
  11. [11]
    Ethereum Goerli Testnet Just Replaced by Holesky - U.Today
    Sep 17, 2023 · In 2017, Ethereans launched Rinkeby, a testnet on the top of the Clique proof-of-authority (PoA) consensus mechanism, which is a modified ...
  12. [12]
    Goerli deploying last Ethereum upgrade on Jan 17th! - EtherWorld.co
    Jan 8, 2024 · At the ETH Berlin Conference in 2018, Ethereum (ETH) developers unveiled Goerli, a multiclient Ethereum (ETH) testnet. It provided a secure ...
  13. [13]
    VeChain Thor Blockchain Launches, Token Swap to Take Place Mid ...
    Mar 4, 2021 · VeChain utilizes a Proof-of-Authority consensus algorithm, in which approved validators mine blocks to produce faster transaction speeds ...
  14. [14]
    Announcing Hyperledger Besu - LF Decentralized Trust
    Aug 29, 2019 · Hyperledger Besu includes several consensus algorithms including PoW, PoA, and IBFT, and has comprehensive permissioning schemes designed ...Missing: date | Show results with:date
  15. [15]
    An Overview of VEN and Concerns about VeChain's Proof-of-Authority
    Jun 26, 2018 · When the network launches on June 30, VEN tokens will be exchanged for VET tokens at a rate of 1:100. VET tokens will be used as a medium of ...
  16. [16]
    (PDF) Hybrid Consensus Mechanisms in Blockchain - ResearchGate
    Blockchain technology enables decentralized, secure, and transparent transactions but faces criticism for the high energy consumption of traditional consensus ...
  17. [17]
    https://www.changelly.com/blog/what-is-proof-of-authority-poa/
  18. [18]
    Gnosis Executes Its Own Merge in Shift to PoS in Boost for Staking
    Dec 9, 2024 · The upgrade, which went live on Thursday, will unify Gnosis Chain's Proof of Stake Beacon Chain with its Proof of Authority (PoA) mainnet, ...
  19. [19]
    Proof of Random Leader: A Fast and Manipulation-Resistant Proof ...
    Utilization: This is defined as the ratio of transaction throughput to the transaction arrival rate over the network. It figures out how effectively the network ...
  20. [20]
    https://onlinelibrary.wiley.com/doi/10.1002/ett.70139
  21. [21]
    A blockchain framework using proof of authority and smart contracts ...
    Sep 23, 2025 · The proposed model in this paper focuses on asset tracking and monitoring in the healthcare industry and it uses blockchain technology.
  22. [22]
    Clique PoA protocol & Rinkeby PoA testnet · Issue #225 - GitHub
    Mar 6, 2017 · For those not aware of how PoA works, it's a very simplistic protocol, where instead of miners racing to find a solution to a difficult problem, ...
  23. [23]
    Hyperledger Besu: Understanding Proof of Authority via Clique and ...
    Jun 18, 2021 · In Part 1, we explore the two Proof of Authority (PoA) consensus mechanisms that you can use with Hyperledger Besu: Clique and IBFT 2.0.Missing: history Goerli<|separator|>
  24. [24]
    sc_consensus_aura - Rust - Docs.rs
    Aura (Authority-round) consensus in substrate. Aura works by having a list of authorities A who are expected to roughly agree on the current time.Missing: validator selection
  25. [25]
    Proof of authority consensus | Besu documentation
    Aug 4, 2025 · Proof of authority consensus. Besu implements the QBFT, IBFT 2.0, and Clique proof of authority (PoA) consensus protocols.Missing: adoption 2018-2020 supply pilots
  26. [26]
    [PDF] feasibility of proof of authority as a consensus protocol model - arXiv
    Aug 30, 2021 · ... comparison with current main- stream consensus algorithms. Keywords Consensus · Blockchain · Proof Of Authority · Proof of Work · Proof of stake.
  27. [27]
    Proof Of Authority - an overview | ScienceDirect Topics
    Proof of Authority (PoA) is a consensus mechanism used in permissioned networks, where a small group of trusted authorities are selected as transaction ...
  28. [28]
    https://www.sciencedirect.com/topics/computer-science/proof-of-authority
  29. [29]
    (PDF) Comparative analysis of PoS and PoA consensus in ...
    This study provides comparative analysis of PoS and PoA consensus in Ethereum environment specifically focusing on performance and scalability in the context of ...Missing: sidechains | Show results with:sidechains
  30. [30]
    eth-clients/goerli: the goerli/prater testnet configurations. - GitHub
    Jun 3, 2024 · Goerli Testnet was the first proof-of-authority cross-client testnet, synching Geth, Nethermind, Hyperledger Besu, and others.Missing: milestones | Show results with:milestones
  31. [31]
    Goerli Long Term Support Update - Ethereum Foundation Blog
    Nov 30, 2023 · As per the original wording of this announcement, this would imply an April 13, 2024 sunset date for the Goerli testnet.
  32. [32]
    What is the Sepolia testnet? - Alchemy
    Mar 3, 2023 · The Sepolia testnet is a Proof-of-Stake (PoS) testnet that developers can use to deploy and test their smart contracts for free.
  33. [33]
    Clique | Besu documentation
    Aug 4, 2025 · In Clique networks, approved accounts, known as signers, validate transactions and blocks. Signers take turns to create the next block.Missing: Ethereum count Goerli
  34. [34]
    https://besu.hyperledger.org/private-networks/how-to/configure/consensus/clique
  35. [35]
    Defining the VeChainThor Blockchain Consensus — Proof of Authority
    May 8, 2018 · The designed Proof of Authority (PoA) provides the governance needs of VeChainThors consensus protocol and enables the ability to prevent anonymous block ...Missing: TPS | Show results with:TPS
  36. [36]
    Built-in Contracts - VeChain Docs
    May 21, 2024 · authority.sol is related to the proof of authority (PoA) consensus mechanism. The Authority contract manages a list of candidate proposers ...
  37. [37]
    VeChain's POA 3.0 Is Here—Major Upgrades & No More KYC for All!
    Feb 22, 2025 · An analyst breaks down VeChain's Proof of Authority (POA 3.0) upgrade and highlights its potential to improve inclusivity and democratize ...<|separator|>
  38. [38]
    Consensus protocols | Besu documentation
    Aug 4, 2025 · Besu supports the following consensus protocols: QBFT (proof of authority) - The recommended enterprise-grade consensus protocol for private ...
  39. [39]
    How Polygon Edge SDK Improves Every Developer's Experience
    Apr 2, 2023 · Proof-of-Authority (PoA). PoA is the default consensus mechanism of Polygon Edge. Here the validators create and validate blocks in the ...
  40. [40]
    Polygon Supernets, Powered by Polygon Edge; $100M Ecosystem ...
    Apr 22, 2022 · Polygon Edge already offers easy upgradeability from Proof of Authority to Proof of Stake, and the same will be offered for Layer 2 solutions.
  41. [41]
    A beginner's guide to Polygon Edge - Zeeve
    Dec 30, 2022 · Proof-of-Authority (PoA) acts as the default consensus mechanism, where validators are responsible for creating and adding blocks to the ...
  42. [42]
    [PDF] Securing IoT-blockchain applications through honesty-based ...
    This is a repository copy of Securing IoT-blockchain applications through honesty-based distributed proof of authority consensus algorithm. White Rose ...
  43. [43]
    IoT Data Transmission Security Using Blockchain With a Trust ...
    May 1, 2025 · This paper proposes a blockchain-based solution with a trust-weighted proof of authority (PoA) consensus mechanism to overcome these limitations and ensure ...
  44. [44]
    A lightweight scalable hybrid authentication framework for Internet of ...
    Jun 5, 2025 · This study presents a scalable, lightweight hybrid authentication system that integrates blockchain and edge computing within a Hyperledger Consortium network.
  45. [45]
    Consensus Algorithms Compared: PoA vs IBFT vs Raft - Kaleido
    Sep 1, 2023 · Compare the 3 major types of consensus algorithms used by blockchain protocols: Proof-of-Authority (PoA), Istanbul Byzantine Fault Tolerant ...
  46. [46]
    What Is Proof-of-Authority: Blockchain for Supply Chains - Phemex
    Oct 17, 2022 · Proof-of-authority (POA) is a consensus mechanism that relies on pre-selected nodes acting as validators of a blockchain's transactions.
  47. [47]
    Building a Product Origins Tracking System Based on Blockchain ...
    The supply chain model is borrowed from Walmart's and it is implemented based on the Ethereum framework using the PoA (Proof of Authority) consensus algorithm.
  48. [48]
    Lightweight consensus mechanisms in the Internet of Blockchained ...
    Proof of Authority (PoA): PoA is another consensus mechanism that could be a strong candidate for the Internet of Blockchained Things [64]. This mechanism ...
  49. [49]
    Energy-aware proof-of-authority: Blockchain consensus for clustered ...
    This research focuses on developing a permissioned blockchain system that incorporates a consensus mechanism known as Proof-of-Authority (PoA) within clustered ...
  50. [50]
    What is Proof of Authority (PoA) in Blockchain?
    Sep 5, 2023 · Proof of Authority, or PoA, is a consensus algorithm that offers an energy-efficient solution for creating private blockchains.
  51. [51]
    What is Proof-of-Authority (POA) Consensus in Blockchain?
    May 9, 2025 · Proof-of-Authority (PoA) is a blockchain consensus mechanism that relies on identity and reputation rather than expensive computing or staking coins.What Is Proof-of-Authority (PoA)? · Key Benefits of PoA · Limitations and Criticisms
  52. [52]
    Proof of Authority (PoA): Arcual's Environmentally Friendly ...
    Sep 20, 2023 · PoA networks like Arcual drastically reduce energy consumption compared to PoW counterparts. The energy-efficient nature of PoA stems from not ...
  53. [53]
    Proof-of-Authority Explained - LCX Exchange
    Dec 22, 2023 · Proof of Authority (PoA) is a consensus algorithm that focuses on identity, reputation, and trust within a blockchain network.
  54. [54]
    Blockchain Permissioning | Avalanche Builder Hub
    Permissioned Public L1: Use Proof of Authority with controlled validator additions ... Regulatory Requirements: Do you need to comply with KYC/AML regulations?
  55. [55]
    Blockchain KYC: Key Benefits, Challenges, and Implementation
    Nov 6, 2024 · To ensure fast and secure KYC processes, you need to choose a consensus mechanism that balances security and speed, such as Proof of Authority ( ...
  56. [56]
    S&P Global's Top 10 Sustainability Trends to Watch in 2025
    Jan 15, 2025 · Sustainability is here to stay. Here's what you need to know about the trends that will shape strategy in a challenging year.Missing: authority | Show results with:authority
  57. [57]
    What is Proof of Authority? - OSL
    Jan 26, 2025 · Another advantage of PoA is its energy efficiency. Since there is no reliance on intensive computational tasks, the environmental impact is ...
  58. [58]
    Top 5 sustainability trends of 2025 you need to know about | Neste
    Jan 15, 2025 · The top 5 sustainability trends of 2025 · 1. The renewables challenge · 2. The rise of circular solutions · 3. Regulation keeps greenwashing in ...Missing: proof authority
  59. [59]
    Proof of Authority Explained - LimeChain
    Aug 3, 2021 · Proof of Authority is a variant of the Proof of Stake consensus mechanism where instead of tokens, network participants stake their identity and reputation.Missing: Aura Parity
  60. [60]
    What Is POA? Proof of Authority Explained in Blockchain Context
    Jul 1, 2025 · In 2025, more Layer-2 solutions and interoperability frameworks may incorporate POA for high-speed bridges and enterprise-friendly use cases.
  61. [61]
    What is Proof of Authority? PoA Explained for Web3 and DeFi
    Rating 5.0 (150) · Free · iOSProof of Authority (PoA) is a family of consensus mechanisms where a limited set of pre-approved validators produce blocks based on verified identity and ...
  62. [62]
    DeFi Security: Understanding And Addressing Risks In The Future ...
    Jun 30, 2025 · Most times, blockchains with Proof of Staked Authority or Proof of Authority consensus mechanisms tend to have relatively centralized outlooks.
  63. [63]
    [PDF] Centralization in Decentralized Finance: Systemic Risk in the Crypto ...
    Apr 8, 2025 · Thereafter, Part IV explores potential solutions to the emerging systemic risks and challenges by drawing inferences from existing regulatory ...
  64. [64]
    [1902.10244] The Attack of the Clones Against Proof-of-Authority
    Feb 26, 2019 · In this paper, we explore vulnerabilities and countermeasures of the recently proposed blockchain consensus based on proof-of-authority. The ...
  65. [65]
    An efficient Proof-of-Authority consensus scheme against cloning ...
    Dec 1, 2024 · This study proposes a novel randomized authenticator within the PoA framework to mitigate cloning attacks and solve the leader selection bottleneck.
  66. [66]
    Proof-of-Authority consensus - Apla Blockchain Platform Guide
    Proof-of-Authority (PoA) is a new consensus algorithms family that provides high performance and fault tolerance.<|control11|><|separator|>
  67. [67]
    [PDF] The Attack of the Clones Against Proof-of-Authority - Vincent Gramoli
    Various companies are now moving towards Proof-of-Authority (PoA) blockchains with more conventional Byzantine fault tolerance, where a known set of n ...
  68. [68]
    What Is Proof-of-Authority? - CoinDesk
    Jun 2, 2022 · Proof-of-authority is a consensus algorithm that delivers an efficient solution for blockchains, specifically private ones.
  69. [69]
    Scaling proof-of-authority protocol to improve performance and ...
    Aug 6, 2025 · We highlight the centralization tendency and the main vulnerabilities of Proof of Work (PoW), Proof of Stake (PoS), and their countermeasures.
  70. [70]
    POA Network Whitepaper
    ### Summary of Security Mitigations in POA Network
  71. [71]
    https://www.researchgate.net/publication/363208220_Scaling_proof-of-authority_protocol_to_improve_performance_and_security
  72. [72]
    [PDF] Blockchain-Based Multi-Factor Authentication for Securing IoT Devices
    We deployed the framework on a private Ethereum blockchain using the Proof-of-Authority protocol with 15 validator nodes. • Average block confirmation time: 3.4 ...
  73. [73]
    TNIP-2 - Telcoin Network Improvement Proposals
    Oct 29, 2024 · Randomly shuffling validators into consensus committees not only minimizes the risks of collusion, it ensures a fair representation of the ...
  74. [74]
    QBFT | Besu documentation
    Aug 4, 2025 · Besu QBFT proof of authority (PoA) consensus protocol implementation. ... Minimum number of validators​. QBFT requires four validators to be ...Missing: threshold | Show results with:threshold
  75. [75]
    Blockchain Fundamentals: Key Consensus Algorithms - CertiK
    Aug 15, 2023 · We can refer to this class of algorithms as Proof of Authority (PoA). ... PBFT has inspired many BFT consensus algorithms, such as IBFT, a ...