B LOCKCHAIN - EMPOWERED F EDERATED L EARNING : B ENEFITS ,

C HALLENGES , AND S OLUTIONS

Zeju Cai, Jianguo Chen, Yuting Fan, Zibin Zheng Keqin Li

School of Software Engineering Department of Computer Science
arXiv:2403.00873v2 [cs.CR] 5 Jul 2024

Sun Yat-sen University State University of New York

Zhuhai, Guangdong, P.R China New Paltz, NY, USA

A BSTRACT
Federated learning (FL) is a distributed machine learning approach that protects user data privacy
by training models locally on clients and aggregating them on a parameter server. While effective at
preserving privacy, FL systems face limitations such as single points of failure, lack of incentives,
and inadequate security. To address these challenges, blockchain technology is integrated into FL
systems to provide stronger security, fairness, and scalability. However, blockchain-empowered FL
(BC-FL) systems introduce additional demands on network, computing, and storage resources. This
survey provides a comprehensive review of recent research on BC-FL systems, analyzing the benefits
and challenges associated with blockchain integration. We explore why blockchain is applicable
to FL, how it can be implemented, and the challenges and existing solutions for its integration.
Additionally, we offer insights on future research directions for the BC-FL system.

Keywords Blockchain-empowered federated learning · distributed artificial intelligence · security and privacy

1 Introduction

Artificial Intelligence (AI) technologies drive the Fourth Industrial Revolution, with user data being essential for
training diverse Machine Learning (ML) models [1]. Training high-quality ML models often involves a centralized
approach, necessitating internal storage of user data. This raises privacy concerns [2, 3, 4] and highlights the need for
stringent privacy protections [5]. In recent years, regions such as the European Union [6, 7], the United States [8],
and Singapore [5] have enacted relevant laws and regulations to govern the use of personal data, enhancing privacy
protection but potentially hindering the utilization of high-quality data.
Federated Learning (FL) is a privacy-preserving distributed machine learning paradigm that balances user data protec-
tion and effective utilization [9, 10, 11]. FL involves training local models on user devices and aggregating these local
models into a global model on a server without requiring users to upload their data, addressing the aforementioned
privacy concerns. Initially applied to training Gboard [12], FL has proven successful. Its potential extends beyond this,
as it can also address the issue of data silos. Data silos refer to the isolated or dispersed nature of data, making access
to this data extremely challenging [13]. One cause of data silos is the reluctance of organizations to share data due to
privacy or competitive concerns. For instance, due to privacy protection, hospitals may be unwilling to share patient
data [14]. In summary, the judicious use of FL can break down data barriers, leading to its widespread application in
healthcare [15, 16], finance [17, 18], industry [19, 20] and so on.
While privacy protection and data utilization benefits have popularized FL across industry and academia, they also
introduce specific challenges. First, there is a lack of trust among nodes within the FL system [21, 22]. Nodes may
worry that their training contributions will be intentionally tampered with or miscalculated, damaging their reputation
and deserved rewards. Second, FL systems are vulnerable to attacks from malicious nodes [23, 24]. Malicious
users may intentionally provide incorrect information to prevent model convergence and disrupt model training, while
malicious servers can recover users’ training data from the uploaded models. Third, FL is prone to single point of
failure issues [25]. In traditional FL architectures, the central server is responsible for aggregating and updating global
Cai et al.

Worker Worker
Blockchain

Integrate Server
Security Distributed
attributes architecture

Smart contract Trusted entity

Worker Worker
Key advantages Federated learning system
Enhance performance Pose challenges
Enhance performance of BC-FL system New challenges of BC-FL system
Single point of failure
Decentralized Extra communication
resistance
architecture overhead
Anti-malicious nodes Extra computational
Incentive Efficiency
challenge overhead
mechanism
Anti-attack
Consensus process
Reputation
Nodes attraction mechanism
Secure Blockchain attacked
challenge
Nodes trusty System security Privacy disclosure

Enhance performance Storage Huge model

challenge
Reinforcement Distributed Topology
Storage redundancy
learning storage optimization
Consensus Provide
Chunking Pose challenges
optimization
solutions

Future Multiple combination

Lightweight blockchain Smart contract Research
Directions methods

Figure 1: Main scope of this survey. We begin by exploring the characteristics of blockchain and investigate its en-
hancement of Federated Learning systems. Next, we discuss the additional challenges introduced by using blockchain
in FL systems and review existing solutions. Finally, we outline future research directions for Blockchain-empowered
Federated Learning systems.

model parameters. If the central server is attacked or fails, the entire system’s operation is severely affected, leading
to interruptions in the training process, data loss, and irrecoverable model states.
Blockchain is essentially a distributed ledger, and its successful application in cryptocurrencies demonstrates its poten-
tial to build trust, security, and transparency [26, 27, 28]. Consequently, numerous studies have integrated blockchain
with FL systems to enhance functionality, creating blockchain-empowered FL (BC-FL) systems. Analyzing existing
BC-FL literature, we find that blockchain’s enhancement of different aspects of FL originates from its distinct prop-
erties. First, blockchain’s transparency and immutability can alleviate the lack of trust among nodes within the FL
system. By recording data requiring consensus in the FL system on the blockchain, these data cannot be tampered
with by malicious nodes, enhancing trust relationships. Second, through cross-validation of blockchain nodes and
Ś
other mechanisms, the resistance of the FL system to malicious nodes is improved. Finally, blockchain can replace
ś
the centralized server to avoid single
ŝ point of failure issues. By
Ŝ
designing a reasonable consensus mechanism, suit-
able clients can be selected to undertake model aggregation tasks ŝ in each communication round. With the advent of
blockchain 2.0, users can develop smart contractsŞrunning ş onŚ the
Şblockchain, endowing BC-FL with greater scalability
for automatically running various algorithms [29].
Ŝ ş
ŝ Ş
The introduction of blockchain has further driven the Ş
Ŝ ś development of FL, but blockchain is not a panacea for FL.
Our research indicates that blockchain integration poses challenges related to runtime efficiency and storage capacity.
First, the consensus mechanism of blockchain Ş adds communication and computation overhead to the BC-FL system.
Second, due to the distributed storage nature of Ş
Ŝ blockchain, full nodes need to back up the entire blockchain data.
Additionally, the introduction of blockchain can also bring additional security issues, such as Sybil attacks [30].
ŝ
Currently, several surveys on BC-FL systems have been published. Some focus on the integration of BC-FL with
other fields, such as the Internet of Things, drones, and healthcare. These studies emphasize the specific applications
of BC-FL systems rather than their commonalities. Other surveys investigate BC-FL systems in general. Qu et al.
conducted a detailed study on the performance of decentralization, attack resistance, and incentive mechanisms in

2
 Ŝ Ş

Cai et al.

Data ID
Horizontal
federated Federated learning Worker
learning classification Cross-device
federated
Feature Label
Server learning
Data ID
Vertical
federated
learning By data By device
Feature Label

Data ID Cross-silo
Federated Worker Server federated
transfer learning
learning

Feature Label

Figure 2: Categories of FL systems.

BC-FL systems, and surveyed the system architecture forms of BC-FL. However, they did not investigate transparent
reputation mechanisms in BC-FL and thoroughly analyze why blockchain can enhance FL systems, merely classifying
the functions of BC-FL. Zhu et al. divided BC-FL system models into three categories and surveyed real-world
applications of BC-FL. However, they lacked a comprehensive investigation of single point of failure, reputation
mechanisms, security, and privacy issues. Additionally, the aforementioned surveys neglected to conduct a detailed
investigation into the negative effects blockchain can bring to BC-FL systems. Sameera et al. summarized the general
architecture of BC-FL and detailed how BC-FL addresses security and privacy threats. However, they lacked in-depth
research on BC-FL’s reputation mechanisms, incentive mechanisms, and system efficiency and storage issues. We
believe that the various enhancements and potential challenges blockchain brings to FL systems stem from certain
properties or functionalities of blockchain. Meanwhile, some properties of blockchain can play different roles in FL
systems depending on their application. The contributions of this work are as follows:
• Starting from the characteristics and functionalities of blockchain, we introduce how blockchain enhances
FL systems in terms of decentralization, reputation mechanisms, incentive mechanisms, and security.
• We comprehensively investigate the additional challenges that arise from using blockchain in FL systems, the
reasons behind these challenges, and existing solutions.
• We summarize future research directions for blockchain-based FL systems based on existing research.
Investigating how blockchain enhances FL systems from the perspective of blockchain’s characteristics is an unad-
dressed area in existing surveys. This survey can complement similar recent surveys, filling a gap in the research
on BC-FL. This survey.’s main scope is illustrated in Fig. 1. Section 2 provides relevant background knowledge on
FL, blockchain. Section 3 details general BC-FL architecture and how blockchain enhances FL systems. Section 4
elaborates on the challenges of using blockchain in FL systems and existing solutions. Section 5 we point out future
research directions for BC-FL systems. Section 6 concludes the paper.

2 Background
2.1 Federated Learning
FL is a privacy-preserving distributed machine learning paradigm proposed by Google [9]. This paradigm involves
a network of multiple participants (clients) alongside a central server. The clients are tasked with developing local
models, which are then consolidated by the server into a unified, global model [31, 32, 33]. This structure allows
participants considerable autonomy, enabling them to contribute to the FL framework without disclosing their data to
any FL node. Participation in FL training remains at the discretion of the users. Fig. 3 visually represents the standard
FL training methodology. The task initiator selects an FL server to publish the training task. Subsequently, clients
related to the training task join the FL training, and the server initializes the global model. In each communication
round, the server selects clients to participate in that round of training and distributes the global model to these clients.
The clients then use their local datasets to train the global model, resulting in local models, which they send back to the
server. The server aggregates these local models into a new global model according to certain rules. The FL process
stops when the training termination condition is met; otherwise, training continues.
FL generally has two classification methods, as depicted in Fig. 2. Based on the sample ID and feature distribution
of local datasets, FL systems can be divided into Horizontal FL (HFL), Vertical FL (VFL), and Federated Transfer

3
Cai et al.

Ś:Initialization
Task publisher ś:Worker selection
ŝ Ŝ:Model distribution
ŝ:Local training
Worker1 Ş ş Ś Ş:Global model aggregation
Ŝ ş:Termination condition evaluation
ŝ Ş
Ş
Ŝ ś
Worker2
Global
Ş Server gradient
Ŝ Ş

WorkerN Local Local Local

gradient1 gradient2 gradientk

Figure 3: Standard federated learning (FL) training methodology.

Learning (FTL). In HFL, users have different sample IDs but identical data features. In VFL, users have identical
sample IDs but different data features. In FTL, both the sample IDs and data features differ. Generally, current
research on BC-FL is predominantly based on HFL, with only a few studies on VFL [34, 35] and FTL [36]. Despite
the datasets’ different characteristics, blockchain’s role does not fundamentally differ.
Moreover, based on the different types of user devices involved in training, FL can be divided into cross-device FL
and cross-silo FL. Cross-device FL involves an extensive array of mobile and IoT devices, potentially numbering up to
1010 , often with poor device performance and network conditions [37, 38]. In cross-silo FL systems, the participating
clients are typically professional computing nodes maintained by specialized institutions, and the number of clients is
generally fewer than 100 [39, 40].

2.2 Blockchain

Blockchain is a distributed ledger system designed to securely, transparently, and immutably record data in a decen-
tralized manner [41, 42]. It is resilient to the presence of some malicious nodes and is resistant to control by any single
entity [43, 44]. A blockchain is essentially composed of interconnected blocks arranged sequentially in a chronological
chain. This structure is illustrated in the Fig. 4. Each block includes a header and a body. The block header typically
contains metadata such as the block number, timestamp, and the hash of the previous blocks. The specific parameters
stored in the header can vary depending on the blockchain system. The block body stores specific information, like
transactions.
Blockchain can be classified into two main types based on node participation restrictions: permissionless blockchain
and permissioned blockchain. The permissionless blockchain allows unrestricted node participation in the system’s
operations, exemplified by Bitcoin and Ethereum. These blockchains operate without the need for approvals or autho-
rizations from central authorities. In contrast, the permissioned blockchain is managed by a specific organization, and
only authorized nodes can access the system. It is suitable for data privacy and security applications, such as financial
and government information management.
The autonomous operation of blockchains in the absence of central oversight relies on consensus mechanisms. These
algorithms define the state of the blockchain and are vital for its functionality. Broadly, consensus mechanisms are
categorized into proof-based and committee-based systems [26]. Proof-based systems prioritize nodes based on spe-
cific resource possession; for instance, Proof of Work (PoW) and Proof of Stake (PoS) are notable examples [45]. In
PoW, nodes compete to solve complex puzzles, with computational prowess conferring a higher accounting priority.
PoS, on the other hand, employs an encrypted random selection algorithm to appoint a leader for block creation, with
a node’s selection likelihood tied to its token holdings. Proof-based consensus mechanisms are predominantly uti-
lized in permissionless blockchains due to their robust defence against malicious nodes. Conversely, committee-based
mechanisms utilize a voting process where consensus on a new block’s addition is reached through a predetermined
number of affirmative votes. Protocols such as Raft [46] and PBFT [47] exemplify committee-based mechanisms.
Committee-based mechanisms generally offer higher throughput than proof-based mechanisms and are often used in
permissioned blockchains. However, they can be communication-intensive, posing challenges in large-scale networks.

4
Cai et al.

ůŽĐŬ,ĞĂĚĞƌ ůŽĐŬ,ĞĂĚĞƌ ůŽĐŬ,ĞĂĚĞƌ

/ŶĚĞdž /ŶĚĞdž /ŶĚĞdž
dŝŵĞƐƚĂŵƉ dŝŵĞƐƚĂŵƉ dŝŵĞƐƚĂŵƉ
WƌĞǀŝŽƵƐ,ĂƐŚ WƌĞǀŝŽƵƐ,ĂƐŚ WƌĞǀŝŽƵƐ,ĂƐŚ
͘͘͘ ͘͘͘ ͘͘͘
ŝĨĨŝĐƵůƚLJ ŝĨĨŝĐƵůƚLJ ŝĨĨŝĐƵůƚLJ

ĚĂƚĂ ĚĂƚĂ ĚĂƚĂ ĚĂƚĂ ĚĂƚĂ ĚĂƚĂ ĚĂƚĂ ĚĂƚĂ ĚĂƚĂ

ůŽĐŬϭ ůŽĐŬϮ ůŽĐŬE

Figure 4: The structure of a blockchain.

3 Blockchain-empowered Federated Learning
This section introduces how blockchain technology enhances the FL system. These enhancements can be categorized
into four aspects: decentralization, reputation evaluation mechanism, incentive evaluation mechanism, and security.
Each of these four aspects will be discussed separately.

3.1 Decentralization

FL traditionally relies on a central parameter server, where clients must continuously communicate with a single FL
server. This centralized structure poses significant risks, such as single points of failure and potential malicious server
behaviour. Furthermore, node reputation information is solely managed by the server, which is not ideal for developing
an open FL ecosystem. Blockchain’s decentralization is a core feature that fundamentally addresses these issues and
provides a new architectural approach to FL systems. Decentralization can enhance the security, transparency, and
reliability of FL systems, with these benefits manifesting in various facets of blockchain’s advantages for FL.
Our review of existing literature identifies several factors influencing the decentralization of BC-FL, including system
architecture, consensus mechanisms, and smart contracts. The system architecture determines which nodes maintain
the blockchain, while the consensus mechanism dictates which nodes have the right to manage the system. Smart
contracts can automate various algorithms within the BC-FL system, offering greater scalability. Table 1 compiles
representative BC-FL systems, detailing their use of smart contracts, architecture, consensus mechanisms, and exper-
imental platforms.
Architecture. BC-FL systems can be categorized by their degree of decentralization: complete and partial. In the
completely decentralized BC-FL, all nodes are eligible to participate in the consensus process of the blockchain. Fig.
5(a) shows its general system architecture. This approach demands high computational and storage capacities from
all nodes. Conversely, partially decentralized BC-FL involves only a subset of nodes running the blockchain, while
others focus solely on FL training. Fig. 5(b) shows its general system architecture. The selected nodes that operate the
blockchain system are known as super nodes and typically have stronger computing power and better communication
conditions. This approach sacrifices some transparency for increased efficiency.
Consensus Mechanism. A considerable portion of the work adopts common blockchain consensus mechanisms
such as PoW and PBFT. PoW involves blockchain nodes competing to solve a mathematical problem, with the first
solver aggregating models and training information into a new block. Other nodes then verify the block’s correctness,
and upon majority approval, it is added to the blockchain. In PBFT, a set of consensus nodes is chosen within the
BC-FL system, from which a leader node aggregates the model and generates a new block. Other nodes in the set
verify the leader’s block. Some work has specifically developed consensus mechanisms for BC-FL, such as Proof of
Reputation [55]. These custom consensus mechanisms are usually designed to enhance FL functionality or mitigate
the disadvantages of blockchain, which will be elaborated on in the subsequent sections.
Smart Contracts. Smart contracts significantly enhance the scalability of BC-FL systems. For instance, model
aggregation can be executed via smart contracts, increasing transparency. Additionally, smart contracts can deploy
algorithms for detecting and handling malicious nodes, thereby improving system efficiency. They can also manage
node reputation evaluations and incentive algorithms, further enhancing system transparency.
Next, we will examine some representative architectures of completely decentralized BC-FL systems.
In [63], Xu et al. proposed a BC-FL framework named Blockchain Empowered Secure and Incentive Federated
Learning (BESIFL). BESIFL enables any node in the network to initiate FL training requirements. Upon receipt of
a requirement, BESIFL selects computing nodes with high computation reputation scores to form a computing pool
and assigns them the task of model training. Meanwhile, BESIFL chooses verification nodes with high verification

5
Cai et al.

Table 1: BC-FL Systems Based on Blockchain and Federated Learning.

Ref. Smart contract Architecture Consensus algorithm Platform

Abdel [48] X Complete Algorand Other

Fang [49] × Partial Algorand Other
Feng [50] X Partial PBFT/Raft Hyperledger Fabric
Guo [51] X Partial PBFT Hyperledger Fabric
Jiang [52] × Complete DPoS Other
Liu [53] × Partial PoW+PoA Other
Lu [54] × Complete DPoS Other
Nguyen [55] × Partial PoR Other
Nguyen [56] × Partial PoW Other
Qi [57] X Partial - Hyperledger Fabric
Qi [58] X Complete Modified PBFT Ethereum
Qu [59] × Complete PoW Other
Rehman [60] X Complete - Ethereum
Wu [61] × Complete PoW Other
Xu [62] × Complete - Other
Xu [63] X Complete - Other
Zhang [64] × Partial PoW Other
Zhao [65] × Partial PBFT Other
Wang [66] × Complete - Other
Huang [66] X Partial Raft, HotStuff FISCO
Ouyang [67] X Partial PoS Ethereum
Yuan [68] X Partial Raft, Modified DAG Hyperledger, DAG
aloqaily [69] × Partial - Other
Mu [70] × Complete - Other
Wahrstatter [71] × Complete PoS Ethereum

reputation scores to form a verification pool and assigns them the task of model aggregation and verification using pre-
defined procedures specified by the smart contract. Li et al. also proposed a completely decentralized BF-FL system,
where each client acts as both a FL trainer and a blockchain miner [72]. After training their local models, clients
initiate blockchain transaction requests and broadcast their models by attaching them to the transaction information.
Each client aggregates the global model locally after receiving local models from all other clients and starts mining.
The winning miner broadcasts a block containing global model information, which is verified by other clients and then
written into the blockchain. However, this system assumes that all clients possess equal computational power, which
may not be realistic in practice. In addition to the two aforementioned decentralized methods, Qu et al. designed a
novel approach that utilizes a rotation mechanism with randomness to select committee members for participating in
blockchain consensus [73]. This proposed blockchain consensus mechanism greatly reduces additional consumption
generated by the blockchain consensus process compared to the PoW mechanism. Committee members are only
responsible for aggregating and validating the global model and do not participate in training. The global model
is generated by committee members and stored in the blockchain after verification. While the rotation mechanism
ensures the mobility of committee members, it can ensure some level of system security. However, this consensus
mechanism is only applicable in situations where the number of malicious nodes is small.
The BC-FL systems described below follow the partial decentralization architecture. Feng et al. proposed a BC-FL
system for UAVs that maintains the blockchain system only in entities with high computing and storage capabilities,
such as base stations and roadside nodes [50]. This approach enables transparent and automated model aggregation
operations through the use of smart contracts, which replace the traditional parameter server. To address the challenge
of online and offline state changes among BC-FL participants, the authors set the maximum waiting time and the
required number of local models for each learning round. If any of these conditions are met, the model update contract
is triggered, ensuring timely updates while accommodating BC-FL participant availability. In [53], Liu et al. proposed

6
Cai et al.

Block Generation New block Global model Local gradient

New block

Miner

Blockchain

Model Client
Client Client Miner
Block

Client

Miner

Data Data Sample Local gradient

Client
Local Training

Local Data Sample

gradient

Blockchain Local Training Data

(a) Complete decentralization. (b) Partial decentralization.

Figure 5: Two decentralized architectures of the Blockchain-Empowered Federated Learning system.
ŚInitialization ŞBlock Generation
śLocal Training şBlock Broadcast
ŜLocal Model Upload ŠGlobal Model Download
ŝTransaction Broadcast Ś

Miner Miner Ŝ Ŝ
Block Header
ŝ train ś
Index Š Š
Timestamp
Ş ŝ Ś
Previous Hash
ious H
ŝ Ŝ Ŝ
Difficulty train ś
ş
Block Body Š Š
Ś
ŝ Ŝ Ŝ
Block N train ś
Blockchain Š Š

ŝ
Block Header Block Header Block Header
Index Index Index
Timestamp Timestamp Timestamp
0 Previous Hash
ious H Previous
ious Hash

Difficulty Difficulty Difficulty

Block Body Block Body Block Body

Block 1 Block 2 Block N

Figure 6: Overall structure and workflow of the blockchain-empowered federated learning system.

a framework for training vehicle intrusion model. The blockchain is maintained by roadside units and stores and shares
the global models for the BC-FL system. After receiving the global model, the vehicle uses the data collected by itself
to train the model and upload it to the connected roadside unit nodes. The consensus mechanism in place combines
PoW and PoA, with the roadside node that has achieved the highest accuracy being written into the block to encourage
the training of high-precision models.
Workflow of BC-FL Systems. The overall workflow of the BC-FL system is illustrated in Fig. 6. Different BC-FL
systems may be adjusted according to specific circumstances. The steps are explained as follows:

7
Cai et al.

Step 1. Initialization: Each client initializes the environment based on prior negotiation, including model parameter,
and training parameter. The blockchain can assist clients in negotiation by storing initialization parameters on the
chain and using smart contracts.
Step 2: Local model training. Each client trains the global model using their local dataset.
Step 3: Local model upload. Clients upload training-related data and local models to the blockchain system. To
alleviate storage pressure on the blockchain, clients may upload only model-related information rather than the entire
model, as detailed in Section 4.3.
Step 4: Transaction broadcast. Upon receiving the transaction, blockchain nodes broadcast it within the system for
cross-validation. The nodes inspect the transaction content (e.g., model) based on pre-defined rules. If no issues are
found, the transaction is added to the local transaction pool.
Step 5: Block generation. Blockchain nodes select the node with the right to generate blocks for the current round
based on the consensus protocol. This node aggregates the local models to generate the global model, compiles
relevant model and training information, and creates a block.
Step 6: Block Broadcast. The blockchain system broadcasts the newly generated block. Upon receiving it, validation
nodes verify the block according to specific rules. If the majority of nodes validate the block, it is added to their locally
maintained blockchain, achieving consensus across the network.
Step 7: Global Model Download. Clients download the latest global model from the blockchain system.
Step 8: End condition judgment. Based on pre-negotiated rules, the FL process evaluates whether it has reached the
end condition. If not, the process returns to Step 2 to continue training.

3.2 Reputation Evalutation Mechanism

FL is a collaborative approach to training a shared model that requires the participation of multiple clients with local
data. However, clients may have varying motivations and behaviors, such as seeking rewards for their assistance,
hoping to obtain a trained model, or attempting to benefit from the global model without contributing to the training
process. In some cases, clients may even have malicious intentions, seeking to undermine the effectiveness of FL due
to conflicts of interest in reality or other factors. Compared to traditional distributed learning methods, FL prioritizes
user data privacy, which means that the parameter server has limited access to information about the local environment
of each client. Therefore, it is essential for the FL task publisher to implement a reputation management mechanism
that can assist in managing, rewarding, or punishing FL clients based on their contributions and behavior.
Several studies have proposed the use of some reputation management mechanisms in a centralized way on the pa-
rameter server [74, 51]. While this approach can serve as a foundation for client management, reward and punishment
schemes, its lack of transparency remains a concern. Data owners who contribute to the training process may worry
about potential inaccuracies in the parameter server’s reputation calculations, while those seeking to obtain a trained
model may be concerned that the parameter server could intentionally manipulate reputations to undermine FL models.
Given the importance of attracting high-quality data owners to ensure optimal FL model performance, the transparent
reputation management mechanism is particularly well-suited for FL systems. Additionally, a trustworthy parameter
server aims to calculate reputation in a transparent manner to discourage malicious nodes. To address these con-
cerns, the BC-FL system leverages blockchain technology to ensure the transparency and credibility of the reputation
management mechanism.
After conducting our analysis, we have identified two crucial functions that blockchain can perform within the reputa-
tion management mechanism.

1. The blockchain acts as a reliable third-party ledger in the BC-FL system to document crucial information
regarding each node’s reputation, including but not limited to its reputation value [51, 75, 76] and various
calculation bases [77, 53, 57].
2. In the BC-FL system, the reputation computation process can be deployed on the blockchain through a spe-
cialized reputation calculation smart contract [77, 78, 57]. This approach serves to ensure both transparency
and automation throughout the entire computation process, thereby guaranteeing dependable and consistent
outcomes.

The reputation management mechanism based on blockchain in BC-FL is illustrated in Fig. 7. Our study of recent
research papers on client reputation calculation methods has revealed that the multiweight subjective logic calculation
method is a popular choice for enhancing the trustworthiness and reliability of BC-FL systems. To elucidate the

8
Cai et al.

ůŽĐŬĐŚĂŝŶ
dƌƵƐƚĞĚĚŝƐƚƌŝďƵƚĞĚůĞĚŐĞƌ ^ŵĂƌƚĐŽŶƚƌĂĐƚ

ůŽĐŬĐŚĂŝŶͲĞŵƉŽǁĞƌĞĚƌĞƉƵƚĂƚŝŽŶĞǀĂůƵĂƚŝŽŶŵĞĐŚĂŶŝƐŵ

dƌƵƐƚĞĚƌĞƉƵƚĂƚŝŽŶƉƌĞƐĞƌǀĂƚŝŽŶ dƌƵƐƚĞĚƌĞƉƵƚĂƚŝŽŶĐĂůĐƵůĂƚŝŽŶ

hƐĂŐĞŽĨƌĞƉƵƚĂƚŝŽŶŵĞĐŚĂŶŝƐŵ

EŽĚĞƐĞůĞĐƚŝŽŶ ZĞǁĂƌĚͬWƵŶŝƐŚ DŽĚĞůĂŐŐƌĞŐĂƚŝŽŶ

Figure 7: Reputation management mechanisms based on blockchain. Blockchain is commonly utilized as a reliable
distributed ledger or transparent smart contract platform for reputation management mechanisms. This allows the
system to store clients’ reputation value and the reputation calculation basis on the blockchain, or use smart contracts
to compute the reputation in a transparent way. The primary function of reputation management mechanisms is to
facilitate node selection, model aggregation, and incentivization.

operation of the reputation management mechanism in BC-FL systems, we will present a concise overview of the
multi-weight subjective logic calculation method.
This method aims to assess the reputation value of a client by considering three crucial attributes: positive evaluation,
negative evaluation, and uncertain evaluation. For example, in [75, 79, 77], Kang et al. demonstrated how multi-
weight subjective logic can be used to accurately calculate reputation values. In their proposed BC-FL systems, the
task publisher, denoted as T Pi , calculates the reputation of each client through two main components. The first part
involves direct reputation calculation, where T Pi evaluates BC-FL clients based on three attributes: belief, disbelief,
and uncertainty, corresponding to positive evaluation, negative evaluation, and uncertain evaluation, respectively. To
facilitate comprehension, we simplify the formula as follows:

dir ai
bi→j = (1 − ui ) ai +bi

bi
ddir
i→j = (1 − ui ) ai +bi , (1)
udir = 1 − q

i→j i→j

where bdir dir dir

i→j , di→j , and ui→j need to satisfy the restrictions:

bdir dir dir

i→j + di→j + ui→j = 1,
(2)
0 ≤ bdir dir dir
i→j ≤ 1, 0 ≤ di→j ≤ 1, 0 ≤ ui→j ≤ 1.

The variables ai and bi represent the positive and negative evaluations of client Cj by T Pi respectively. Variables bdir
i→j ,
ddir
i→j , and u dir
i→j correspond to the previously mentioned belief, disbelief, and uncertainty. Variable qi→j denotes the
probability of successful delivery of data packets sent by Cj to T Pi . The direct reputation DIRi→j is then expressed
as:

DIRi→j = bdir dir

i→j + αui→j , (3)

where α is a variable factor between 0 and 1.

The second part involves the evaluation of the client’s reputations by other task publishers T Pk . First, T Pk sends
its reputation opinion vector to T Px , which then calculates the credibility of T Pk ’s reputation opinion through an
amendatory cosine function. Then, form the weight of publisher k by calculated credibility. All task publishers’
reputation opinions are combined in a weighted manner to form an indirect reputation.

9
Cai et al.

Table 2: Blockchain-based reputation mechanism in BC-FL Systems.

Reputation Source Blockchain Usage Reputation Usage
Ref.
Aggregration Other Blockchain Usage 1 Usage 2 Model Node Reward or
Workers Aggregation Selection Punishment

Chen [80] X X - - - - X -
Gao [81] X - - X X - X X
Guo [51] X - - - - - X -
Haddaji[76] X - X X - - X -
He [74] X - - - - - X -
Kang [77] X - - X - - X -
Liu [53] X - - X - - X X
Qi [57] X X - X X X - X
Qiu [78] X - X X X X - -
Rahman [82] X - - X - - X -
Xu [62] X - - X X X X X
Zhao [83] X - - X - - X X
Wang [66] X - X X - X - -
Lin [84] X - X X - - X -
Fu [85] X - - X - - - X
Wahrstatter [71] X - - X X - - X

Combining direct and indirect reputations results in the final value of belief bfi→j
inal
, disbelief dfi→j
inal
and uncertainty
f inal
ui→j of the Cj , as defined as:

bdir
i→j u
rec
+brec udir


 bfi→j
inal
= udir +u
i→j
rec −urec udir
 i→j i→j
ddir rec
+drec udir

i→j u
dfi→j
inal
= udir i→j
rec −urec udir , (4)
 i→j +u i→j
rec dir
u u

ufi→jinal
 i→j
 = udir +urec −u rec udir
i→j i→j

where brec , drec , and urec are the belief, disbelief and uncertainty of the indirect reputation mentioned above. Then,
we compute the final reputation REPi→j of Cj in:

REPi→j = bfi→j
inal
+ αufi→j
inal
. (5)

Various papers adopt distinct approaches in calculating the reputation of BC-FL clients. Some calculate reputation
values solely on the basis of local model test accuracy, while others take into account evaluations from other clients
or factor in the interaction effect between clients and the blockchain system. Moreover, researchers have leveraged
clients’ reputations in various ways. For instance, some deploy reputation as a criterion for selecting participating
clients, whereas others utilize it to ascertain the weight assigned to global model aggregation. Additionally, there are
those who offer incentives and penalties to clients based on their respective reputations.
We present a comprehensive analysis of BC-FL systems that utilize blockchain technology to establish transparent
reputation management mechanisms. Table 2 summarizes the key attributes of these systems.
The attributes “Aggregation”, “Other Workers”, and “Blockchain” represent the basis for evaluating the reputation of
clients. A checkmark in the corresponding box signifies that the BC-FL system takes the attribute into consideration
when calculating the client’s reputation. “aggregation” represents the contribution of a client’s local model towards
the global model during aggregation, including evaluating the accuracy of the local model. “other workers” relates
to the interaction between clients, specifically through peer evaluation among training clients. “Blockchain” encom-
passes the effect of a client’s participation in blockchain maintenance activities, such as successful block generation.
The attributes “Usage 1” and “Usage 2” illustrate two potential roles that blockchain may play in the node reputation
mechanism, as previously mentioned. “Usage 1” describes blockchain’s involvement in the BC-FL system’s repu-
tation management mechanism as a transparent and open ledger. “Usage 2” involves the use of smart contracts to
automatically and transparently calculate a client’s reputation. In addition, we examine how reputation is utilized in
BC-FL systems by exploring the attributes of “Model aggregation”, “Node Selection”, and “Reward or Punishment“.
“Model aggregation” involves weighting a local model based on the client’s reputation value when aggregating the
global model. “Node selection” indicates that the FL client selection process in each round will consider its reputation
value. “Reward or punishment” signifies the use of reputation value as the basis for rewarding or punishing the client.
In addition to the reputation calculation methods discussed earlier, several other approaches have been proposed in
the literature. In [57], Qi et al. proposed a novel reputation evaluation mechanism for multi-model aggregators in FL.
Each model aggregator has its test dataset, and the reputation of each participating client is calculated separately by

10
Cai et al.

each aggregator. The winning aggregator is selected based on a set of rules, and the winning aggregator updates the
client’s reputation value to the blockchain. The model aggregators calculate the client’s reputation in two steps. In the
first step, each model aggregator uses a fair-value game [86] to test the quality of the local model with its test dataset.
When the result of a formula containing model test accuracy reaches a certain threshold, the corresponding reputation
update is activated. In the second step, the model aggregator synthesizes the results given by other aggregators on the
network to obtain the indirect reputation value of the node. Finally, the reputation evaluation value of the modified
model aggregator for the node in this round is obtained from the results of the first and second steps. This approach
ensures fairness in reputation evaluation across different aggregators and improves the accuracy of the final reputation
value.
In [81], Gao et al. designed a time-decaying subjective logic model (SLM) algorithm to measure the client’s reputation
and a lightweight approach based on gradient similarity to measure client contribution. The final task publisher
determines the client’s reward share by multiplying the contribution and reputation metrics. They used reputation
metrics to measure client reliability and select clients with high reputations to ensure high system stability, which
enables their proposed system to work stably in unreliable environments.

3.3 Incentive Evaluation Mechanism

In FL systems, clients not only need to contribute local data but also consume significant amounts of computing re-
sources and network bandwidth [87, 88]. Without tangible incentives, it may be difficult to attract enough clients to
participate in the FL systems. Therefore, introducing an incentive mechanism in FL systems is critical. The intro-
duction of incentives can help incentivize clients to join the FL systems and contribute their valuable data. Adequate
participation is crucial for FL to train accurate models with good generalization. Additionally, incorporating incen-
tives can increase clients’ engagement and motivation, leading to contributing better data and participation in more
training epochs [89]. Furthermore, the incentive mechanism can help achieve fairness in FL systems by rewarding
clients based on their data quality and computing power.
A transparent and open incentive mechanism is crucial for attracting clients to participate in federated learning. As
it involves vital interests, each client hopes to supervise the calculation of rewards. The BC-FL system utilizes the
blockchain to provide a transparent and open incentive mechanism. The blockchain is a decentralized ledger that is
maintained on each participating node, requiring the joint efforts of blockchain nodes instead of a centralized organi-
zation. This architecture ensures transparency and openness and facilitates tracking and auditing of data necessary for
calculating incentives, thereby establishing clients’ trust in the incentive results. Furthermore, the incentive algorithm
can be written as a smart contract and deployed on the blockchain for automatic incentive calculation and distribution,
further strengthening clients’ trust in the incentive results. The transparent and open incentive mechanism provided
by the blockchain can help to attract more clients to participate in the FL process, contributing high-quality data and
computing resources. Consequently, it promotes the accuracy and generalization of the trained model and enhances
the efficiency of the BC-FL system.
We focus on BC-FL systems that provide transparent and open incentive mechanisms based on the blockchain. We
believe that understanding this incentive mechanism requires consideration of three aspects: incentive basis, incentives,
and incentive algorithms. The settings of these aspects should be tailored to the specific FL tasks. Table 3 outlines
several prominent BC-FL systems developed in recent years.
The incentive basis refers to the criteria that the system uses to reward clients, which may include factors such as
node reputation, data quality and quantity, and learning behavior. For instance, Qu et al. rewarded the clients based
on the amount of data they contributed [93], but this approach may not accurately reflect the overall contribution of a
client to the global model. Factors such as data quality and participation frequency can also significantly impact the
effectiveness of the training process. In contrast, Li et al. focused solely on model accuracy as the basis for awarding
nodes, as it is verifiable and reflects their contribution [91]. Meanwhile, Gao et al. argued that rewards should be
based on both model accuracy and node reputation, as this incentivizes continued contributions to the global model
[81]. In addition, to compensate the data owner, Zhang et al. considered the energy consumption of the data owner
during training and incorporated this factor into the calculation of rewards [98].
Incentives refer to the rewards that clients receive in a system, and they can take various forms such as economic
items, tokens, and reputation. Economic items provide monetary benefits to data owners, such as cryptocurrencies
like Bitcoin or Ethereum. Tokens, on the other hand, are generated by the BC-FL system and can be used to purchase
services within the system, including trained models or tasks for model training. The circulation of tokens promotes a
self-sustaining ecosystem within the system that encourages participants to contribute and collaborate. In [90, 81, 96],
researchers have utilized tokens within their proposed BC-FL systems as rewards Liu et al. used Ethereum as a
reward for training, providing real-world economic incentives [11]. In addition to cryptocurrency rewards, Abdel et

11
Cai et al.

Table 3: Statistics of Blockchain Based Incentive Mechanism in BC-FL Systems.

Ref. Incentives Incentive Basis Smart Contract

Abdel [48] Manufacturer’s discount Reputation X

Chen [90] Token Model accuracy X
Gao [81] Token Model accuracy, reputation X
Li [91] Token Model accuracy -
Liu [53] Reputation Model accuracy -
Liu [11] Ethereum Model accuracy X
Ma [92] Financial incentive Model accuracy X
Qu [93] Not mentioned Data size -
Qu [94] Not mentioned Computing power, local data -
Rehman [60] Token Reputation X
Wang [95] Reputation, revenue Reputation, shaply values, and model aggregration X
Weng [96] Token Model accuracy, block mining -
Xu [62] Token Model accuracy, training time X
Xu [97] Not mentioned Model accuracy, consensus Participation -
Zhang [98] Token Training speed, computing power, and feature extractors sharing X
Zhang [99] Ethereum Model accuracy, data size X
Wang [66] Token Model accuracy, block mining -
He [100] Token Model accuracy, node behavior X
Wahrstatter [71] Ethereum Model accuracy, reputation X

al. proposed a BC-FL system for the Industrial Internet of Things that offers clients maintenance services or discounts
on products from manufacturers as incentives [48].
The incentive algorithm determines the specific implementation method of the incentive mechanism. Generally, the
algorithm involves quantifying each incentive basis and inputting it as a variable into the reward function, which yields
the corresponding reward value. For instance, xu et al. devised a rewarding formula that takes model accuracy and
training time into account [62]. The reward csi of the i-th client in the proposed solution is calculated as:
Pn j
j=1 [α × (acci − aggAcc
j−1
) + timeE1−α
j j]
i −timeSi
csi = , (6)
n
where n denotes the number of training rounds in which the i-th client participated, accji denotes the model accuracy
of client i in round j, and aggAccj−1 represents the global model accuracy in round j − 1. Additionally, timeEij
and timesji indicate the end time and start time of the jth round for client i. Furthermore, the introduction of variable
α allows for adjustment according to different FL tasks. If the task is more sensitive to time, the value of α can be
reduced, while if the task is more sensitive to accuracy, the value of α can be increased.

3.4 Security Enhancement

The BC-FL system achieves the establishment of a trustworthy relationship in the system through blockchain tech-
nology. As a distributed database, blockchain aligns with the distributed nature of FL. With certain consensus mecha-
nisms, the blockchain can still maintain the consistency and correctness of the system even in the presence of malicious
clients. Therefore, the robustness of blockchain against malicious nodes makes it well-suited for an environment where
malicious nodes could exist in the FL system. Furthermore, due to the robustness of the blockchain, the BC-FL system
allows for the storage of vulnerable data in the blockchain, enhancing the security of the entire system. The security
issues in the BC-FL system is illustrated in Fig. 8.
To explicate the specific security properties of blockchain necessary for implementation in a BC-FL system, we con-
ducted an extensive study of representative BC-FL systems from recent years. The results of this research are presented
in Table 4.
Transparency: Transparency is one of the key features of the blockchain. All the information stored on the blockchain
is accessible to full nodes, while light nodes can query certain information by sending requests to the full nodes. In the
BC-FL system, transparency refers to the transparent operation of algorithms and the disclosure of data. This includes
but is not limited to, the parameter aggregation operation, the reputation of each node, and the reward operation of the
system. The transparent nature of blockchain is derived from the distributed maintenance of the blockchain across all
nodes in the network, with each node maintaining a local copy of the blockchain ledger.
Auditability: Auditability is a significant feature of blockchain systems, enabling the tracing and analysis of data using
specialized algorithms. In the BC-FL system, auditability becomes particularly valuable when specific circumstances

12
Cai et al.

ůŽĐŬĐŚĂŝŶͲďĂƐĞĚƐĞĐƵƌŝƚLJŵĞĐŚĂŶŝƐŵ
ŝƐƚƌŝďƵƚĞĚ EĞƚǁŽƌŬ ŽŶƐĞŶƐƵƐ
ƐƚŽƌĂŐĞ ƉƌŽƚŽĐŽů ĂůŐŽƌŝƚŚŵ
^ŵĂƌƚĐŽŶƚƌĂĐƚ
ŝƐƚƌŝďƵƚĞĚ ΀ϴϴ΁΀Ϯ΁΀ϳϮ΁
ƌLJƉƚŽŐƌĂƉŚLJ DĞƌŬůĞƚƌĞĞ
ĐŽŵƉƵƚŝŶŐ

ƵƚŽŵĂƚŝĐĂůůLJĂŶĚ
&ĞĂƚƵƌĞƐ dƌƵƐƚĞŶƚŝƚLJ ƚƌĂŶƐƉĂƌĞŶƚůLJ
ĞdžĞĐƵƚĞĂůŐŽƌŝƚŚŵƐ
/ŵŵƵƚĂďŝůŝƚLJ dƌĂŶƐƉĂƌĞŶĐLJ ΀ϲϭ΁΀ϭϰϴ΁΀ϴϴ΁΀ϰϵ΁
΀Ϯϳ΁΀ϵ΁ ΀ϭϭϵ΁΀ϭϯϵ΁
΀ϰϲ΁΀ϭϮϭ΁ ΀ϳϮ΁΀Ϯϴ΁ /ŶƚĞŐƌĂƚĞ /ŶĨŽƌŵĂƚŝŽŶ
ƵĚŝƚĂďŝůŝƚLJ dƌĂĐĞĂďŝůŝƚLJ ƐĞĐƵƌŝƚLJ
/ŶƚƌŽĚƵĐĞ
΀ϵ΁΀ϱϵ΁ ΀ϱϵ΁΀ϭϮϭ΁ ƚƌƵƐƚĞĚ
ƚĞĐŚŶŽůŽŐLJ
΀ϰϲ΁΀ϭϬϮ΁ ΀ϭϰϮ΁΀ϳϮ΁ ĞŶƚŝƚLJ

/ŶƚĞŐƌĂƚĞ
/ŶƚƌŽĚƵĐĞ
ĨĞĂƚƵƌĞƐ

ŶŚĂŶĐĞƚŚĞƌŽďƵƐƚŶĞƐƐ ƐƚĂďůŝƐŚƚƌƵƐƚďĞƚǁĞĞŶ ĂƵƚŽŵĂƚŝĐĞdžĞĐƵƚŝŽŶŽĨ

ĂŶĚƚƌĂŶƐƉĂƌĞŶĐLJ ŶŽĚĞƐ ƐĞĐƵƌŝƚLJĂůŐŽƌŝƚŚŵƐ
Ͳ&>ƐLJƐƚĞŵ

Figure 8: Security provided by blockchain for the BC-FL system. By employing appropriate techniques, blockchain
can impart its security features (e.g. immutability and traceability) to the FL system. Moreover, in a partially trusted
FL environment, blockchain can act as a reliable entity to foster trust relationships. Furthermore, deploying security-
enhancing algorithms on the blockchain via smart contracts can further enhance the security of the BC-FL system.

arise, such as ineffective model training or the need to review client operations. The recorded data on the blockchain
- including local gradients - can be extracted for detailed analysis. By analyzing previously recorded information on
the blockchain, such as local gradients, nodes can be penalized for producing undesirable outcomes.
Anti-malicious nodes: In blockchain systems, malicious nodes can take on various forms, including those that propa-
gate false blocks or launch attacks against the system. Byzantine robust consensus algorithms can be used to mitigate
these types of malicious behavior. In the BC-FL system, malicious nodes are those that can undermine the effective-
ness of the system, such as through poisoning attacks or privacy violations. To address these issues, specific consensus
algorithms can be designed to thwart malicious activity, or security techniques can be incorporated into the system via
smart contracts. Anti-malicious nodes and auditability both play a role in dealing with malicious nodes, but the former
aims to prevent the impact of malicious nodes in real time, while the latter focuses on identifying the source of the
attack after the fact.
Traceability: The blockchain system inherently preserves all state changes since its genesis block. When tracing back
to a previous state, the system can be readily restored to a specific point in history. In the BC-FL system, traceability
refers to the ability to restore a previously trained model or parameters saved by the current work in case of severe
damage or loss due to central server failure.
Immutability: The immutable nature of the blockchain can be attributed to the sound design that underlies its con-
sensus algorithm. Each full node in a blockchain network maintains a local copy of the ledger, which ensures that
malicious nodes are unable to dictate terms to other nodes unless they comply with the consensus algorithm. Any
attempts to tamper with the local copy by modifying incorrect blockchains will result in the creation of new blocks
that cannot be recognized by other honest nodes. Therefore, as long as the majority of computing power is held by
honest nodes, the blockchain remains immutable. In the BC-FL system, critical information such as client reputation
and model hash values can be securely stored on the blockchain to ensure the accuracy of this data.
Anti-single point of failure: The term "single point of failure" refers to a scenario where a sole parameter server
becomes the bottleneck for FL security, rendering the entire system inoperable if it fails due to an attack or power
outage, among other reasons. To tackle this problem, the BC-FL system replaces the role of the parameter server with
blockchain technology. As discussed in Section 3, the issue of single point of a failure is elaborated upon.
To provide a comprehensive understanding of the utilization of blockchain technology in enhancing the security of the
BC-FL system, we will discuss prominent literature in this field.

13
Cai et al.

Table 4: Statistics on the Security Purpose of Introducing Blockchain in BC-FL Systems.

Ref. Transparency Auditability Anti-malicious Traceability Immutability Anti-single point
nodes of failure

Awan [101] - X X - X -
Cheng [102] - - X - - -
Feng [103] - - X - X -
Jia [104] - X - - X -
Li [91] - X X X - X
Liu [105] - - X - - -
Lu [106] - - - - - X
Miao [107] X - X X - X
Mothukuri [108] - X - - X -
Sun [109] - X X - X -
Xu [62] X - - - X X
Zhang [98] X - - - X -
Zhang [64] - - - X X X
Huang [110] - - - - X -
Ouyang [67] - X X - X X
Lin [84] - - X - - X
Aloqaily [69] - - X - - -
Mu [70] - - X - - X
Fu [85] X - - - X X
He [100] - X X - X X
Xu [111] - - X X X -

In [101], Sana et al. regarded the blockchain as an immutable, decentralized, and reliable entity, which they incorpo-
rate into their proposed BC-FL framework called blockchain-based privacy-preserving federated learning (BC-based
PPFL). The utilization of blockchain provides auditability, thereby enhancing the resilience of BC-based PPFL against
malicious clients. Specifically, the assumption of semi-honest clients in the universal FL system is further elevated
to the assumption of malicious clients. To augment the credibility and dependability of the FL system, Qi et al. in-
troduced the adoption of smart contracts to handle FL tasks [57]. These smart contracts encompass various functions
such as task initiation, member selection, federated learning execution, reputation evaluation, reward distribution, and
query processing. In [83], Zhao et al. combined Multi-Krum with reputation mechanisms as well as aggregation
mechanisms to rule out malicious gradients and penalize malicious clients. In [48], Qi et al. proposed a smart contract
called Hunter Contract (HC) to prevent malicious clients. HC acts as a hunter by randomly selecting a client and
verifying whether the gradient uploaded by that client causes a decline in the global model accuracy. If the reduction
surpasses a predefined threshold, the client is classified as malicious.
In a blockchain system, individual nodes follow the consensus mechanism to ensure the consistency, validity, and
accuracy of the data. In a BC-FL system, the data or training results of the FL process are stored on the blockchain,
and the blockchain’s consensus mechanism can be used to verify the content of the FL. Consequently, some researchers
have improved the security of FL by adjusting the blockchain’s consensus mechanism.
In [91], Li et al. proposed a Byzantine-resistant consensus mechanism named Proof of Accuracy, which serves to
identify models of poor quality. This consensus algorithm takes into consideration not only the exclusion of local
models that are deemed too poor for aggregation into the global model but also the potential for a local model with
a high loss value to aid the global model in escaping local optimal solutions. To fulfil this requirement, the consen-
sus algorithm employs two critical thresholds: the accuracy oscillation threshold (AOT) and the accuracy deviation
threshold (ADT). The AOT determines the maximum acceptable accuracy reduction permitted by the accepted model,
while the ADT determines the maximum absolute difference in accuracy among different client models. These two
thresholds are subject to dynamic adjustments as the algorithm progresses. In [78], Qiu et al. increased the security of
the BC-FL system through the introduction of a novel consensus protocol called Proof of Learning (PoL). In contrast
to PoW, PoL requires nodes to compete for the privilege of accounting rights through calculation by training a FL
model, where the node with the smallest loss value adds a new block as the winner. Other clients aggregate the win-
ner’s local model based on the reputation value against the winning node after verifying the authenticity of the newly
added block. Ouyang et al. utilized smart contracts to authenticate participating nodes and prevent malicious nodes
from participating [67].
As mentioned earlier, certain security technologies from the field of information security have been considered for
use in the BC-FL system to enhance their security. While not directly related to the security of the BC-FL system,
smart contracts can serve as a platform for running certain algorithms. Hence, we will provide a brief overview of this
topic. To safeguard client privacy, the utilization of homomorphic encryption and differential privacy algorithms [5] is

14
Cai et al.

ůŽĐŬĐŚĂŝŶ Ͳ&>ĞĨĨŝĐŝĞŶĐLJ
džŝƐƚŝŶŐƐŽůƵƚŝŽŶƐ
ĞĨĨŝĐŝĞŶĐLJŝƐƐƵĞƐ ĐŚĂůůĞŶŐĞƐ
sĞƌŝĨŝĐĂƚŝŽŶ
ĐŽŶƐƵŵƉƚŝŽŶ ŽŶƐĞŶƐƵƐƉƌŽĐĞƐƐ ĨĨŝĐŝĞŶƚĐŽŶƐĞŶƐƵƐ
ďƵƌĚĞŶ ŵĞĐŚĂŶŝƐŵ
EĞƚǁŽƌŬ
ĐŽŶƐƵŵƉƚŝŽŶ &ĞĚĞƌĂƚĞĚ
ůĞĂƌŶŝŶŐ ZĞŝŶĨŽƌĐĞŵĞŶƚ
ŽŶƐĞŶƐƵƐ ƐLJƐƚĞŵ ŽŶƐĞŶƐƵƐ ůĞĂƌŶŝŶŐ
ĐŽŶƐƵŵƉƚŝŽŶ ĐŽŵƉƵƚŝŶŐďƵƌĚĞŶ

&ŽƌŬ ůŽĐŬĐŚĂŝŶ
EĞƚǁŽƌŬďƵƌĚĞŶ ƚŽƉŽůŽŐLJ
ŽŵƉƵƚŝŶŐ ŽƉƚŝŵŝnjĂƚŝŽŶ
ĐŽŶƐƵŵƉƚŝŽŶ

Figure 9: Efficiency challenges and related solutions in the BC-FL systems. The efficiency of blockchain is susceptible
to factors such as network and computing overhead. Consequently, BC-FL systems potentially lead to a decrease in
overall efficiency. In response to thus challenges, multiple strategies are contributed to mitigate the reduction in
system efficiency. These methods include but not limited to, efficient consensus mechanisms, reinforcement learning,
and optimized blockchain topologies.
common, and researchers have developed advanced algorithms building upon these fundamental techniques. We have
organized this material in Section 4.2.

4 Challenges and Solutions in BC-FL Systems

While blockchain can indeed enhance the capabilities of the FL systems and mitigate certain limitations, it is imper-
ative to duly recognize and confront the accompanying drawbacks. In this section, we will delve into the principal
challenges entailed in the integration of blockchain into FL and the corresponding solutions, which can be broadly
classified into three key aspects: efficiency, security, and storage.

4.1 Efficiency Challenges and Solutions

The processing capacity of blockchain systems is inherently limited. For instance, Bitcoin can only handle seven
transactions per second [112]. In contrast, modern centralized payment systems can process thousands of transactions
per second [113]. Fig. 9 illustrates the efficiency challenges faced by blockchain in BC-FL systems. Unlike central-
ized systems, blockchain systems necessitate additional steps such as verification, communication, and network-wide
consensus to maintain normal operations, which reduces the efficiency when integrating blockchain with FL systems.
Current BC-FL systems address these efficiency issues through various methods, including efficient consensus mech-
anisms, reinforcement learning (RL), and optimized blockchain topologies. A summary of the pertinent literature is
provided in Table 5.

4.1.1 Efficient Consensus Algorithms

The PoW consensus protocol provides robust resistance against Sybil attacks on the public chain, ensuring a strong
defense against malicious nodes. However, a primary drawback of the PoW mechanism lies in its requirement for a
block generation rate that is slower than the rate of block propagation across the network, aimed at minimizing the
risk of a blockchain fork. Current research reveals relatively modest transactions per second (TPS) for both PoW
and PoS consensus protocols [117]. Typically, the PoW protocol achieves TPS figures below 100, while the PoS
protocol reaches less than 1000 TPS. In actuality, the TPS tends to be even lower; for instance, Bitcoin operates at
a mere 7 TPS [118]. Additionally, the competitive nature among miners vying for block mining rewards escalates
energy consumption. Moreover, suboptimal network conditions of edge devices heighten the likelihood of forks.
In the BC-FL systems, underpinned by a partially decentralized architecture, the scenario improves to some extent.
Nonetheless, achieving consensus across the entire network still requires considerable time, impeding the speed of
model aggregation. Consequently, numerous researchers are dedicating their efforts to the development of efficient
consensus protocols that can enhance the overall operational velocity of the BC-FL system, all the while aligning with
the requirements of the federated learning process.
In [55, 119], Nguyen and Xu et al. contended that certain established consensus algorithms introduce substantial
communication overhead while striving for consensus. For example, DPoS necessitates that each blockchain node

15
Cai et al.

Table 5: Comparison between different solutions for each efficiency challenge.

Ref. Solutions Detailed methods Dataset Evaluation indicators

Cao [114] Blockchain topology DAG blockchain MNIST Accuracy, loss, iteration delay
Consensus algorithm, Two-layer blockchain, Raft,
Cheng [102] - Latency reduction
blockchain topology PBFT
Consensus algorithm,
Feng [103] Two-layer blockchain, sharding MNIST Accuracy, time cost
blockchain topology
Energy consumption, latency, total
Hieu [115] RL DRL -
payment
committee consensus
Li [116] Consensus algorithm FEMNIST accuracy, communication overhead
mechanism
Accuracy, time cost, agent reward,
Lu [54] RL, blockchain DAG blockchain, DRL -
cumulative cost
DarkCOVID, Running latency, block verification
Nguyen [55] Consensus algorithm Proof of reputation
ChestCOVID latency, Accuracy, Loss
Accuracy, agent reward, latency,
Nguyen [56] RL DRL, A2C SVHN, Fashion-MNIST
Loss
Qi [58] Consensus algorithm Modified PBFT Diabetes Breast Cancer Accuracy, time cost, gas cost
Qu [94] Consensus algorithm Proof of federalism CIFAR-10 Accuracy
Consensus algorithm, Two-layer blockchain, proof of Latency, communication overhead,
Xu [97] MNIST
blockchain topology credit, efficient BFT data throughput
Zhao [65] RL Federated DDQL - Agent reward, latency
Accuracy, energy consumption,
Wang [110] Blockchain topology Two-layer blockchain TSP, FMNIST
learning utility
Consensus algorithm, Blockchain sharding, Accuracy, training Latency, testing
Yuan [68] MNIST, Penn Treebank
blockchain topology DAG-based mainchain perplexity
Blockchain sharding, MNIST, KMNIST, Accuracy, agent reward, reputation
Lin [84] Blockchain topology, RL
DRL-based sharding FMNIST, CIFAR-10 of nodes

communicates with a minimum of half the nodes within the BC-FL system for confirmation, leading to redundant
validations among these nodes. To tackle this challenge, they designed a streamlined consensus mechanism known
as Proof of Reputation (PoR). Within the POR algorithm, every blockchain node is permitted to validate with just
a single other node during the consensus process, resulting in a significant reduction in validation delays. In [94],
Qu et al. introduces a Proof-of-Federalism (PoF) consensus algorithm, which builds upon the foundation of PoW.
PoF leverages the training of FL tasks as a viable alternative to the challenge of discovering a fitting nonce in PoW,
effectively sidestepping the computational resources typically expended during the consensus calculation process.
Before each training round commences, intelligent contracts sift through unfavorable local model parameters and
cherry-pick local models that lend themselves well to global aggregation. During cross validation, each node singles
out the most optimal set of global models. Upon reaching a predetermined time threshold, the participant who boasts
the highest number of selected global models emerges as the victorious contender.
In [97], Xu et al. proposed a lightweight blockchain network for FL systems called micro-chain to address the issues of
low transaction throughput and poor scalability. Participants in FL are divided into multiple small-scale micro chains,
each of which is unified through an advanced inter-chain network using Byzantine fault-tolerant consensus protocols.
Within each micro-chain, block consistency is achieved using the Proof of Credit (PoC) algorithm, where committee
members are responsible for generating new blocks. Then, a new committee is randomly selected at the end of each
dynasty round. Ledger consensus is achieved using the Vote-based Chain Finality (VCF) protocol, where committee
member nodes vote to select the preferred branch in case of network forks. In [116], Li et al. introduced an innovative
committee consensus mechanism aimed at significantly reducing the required consensus computation. The proposed
mechanism selects multiple clients as committee nodes in each training round, utilizing the data on these committee
nodes as the validation set. The final scores for each trained client are then determined by taking the median of the
scores of these clients. These scores are subsequently used to perform global model aggregation by selecting a specific
number of clients with the highest scores.

4.1.2 Reinforcement Learning

RL is a machine learning algorithm that enables an agent to interact with the environment, learn from its experiences,
and take action accordingly. The ultimate objective is to maximize the cumulative reward obtained by the agent over
time. The traditional optimization methods are ineffective in the BC-FL system because of the system’s complexity, a
large number of participants, and their limited computing and communication resources. To address these challenges
and achieve better results, RL can be utilized to optimize resource allocation and schedule the resources of each client
based on signals received from them. This can potentially reduce system delays and lead to improved performance.
To apply RL in the BC-FL system, there are several fundamental steps to follow. First, the system designer must
define the environment based on specific circumstances, such as the parameters of the client and network conditions.
This environment can be modelled as a Markov decision process. Second, the agent’s action space should be defined,
which includes factors such as the energy consumed by the device during training and the block generation difficulty.
Third, defining the reward is essential. In general, the reward in the system can be based on overall training delay

16
Cai et al.

that encourages the agent to find ways to reduce the system delay effectively. Finally, RL training is performed using
a specific algorithm. The agent learns how to optimize resource allocation within the BC-FL system under different
environmental scenarios through continuous interaction with the environment.
In [115], Hieu et al. used the deep reinforcement learning method [120] to control the data and energy used for training
and block generation in the device. By judiciously allocating resources, they were able to mitigate the system delay and
enhance overall system efficiency. In [54], Lu et al. used the Deep Q-learning (DQL) [120] method to facilitate client
selection for the FL process. They formulated a joint optimization plan by considering the client’s available wireless
transmission rate, client computing power (CPU frequency), and the current selection status of clients as the state of the
DQL method. The reward function is designed as a weighted sum of the loss function of each node, the computation
time, and the communication time. This approach leads to a high level of model accuracy while maintaining a low
global system cost. The proposed algorithm design shows promising results in performance evaluation, indicating its
potential in real-world applications.
In [65], Zhao et al. proposed a BC-FL system for vehicle networks. The proposed system allows autonomous vehicles
(AVs) to offload part of their computing tasks to edge servers (ESs), effectively reducing local computation latency,
communication latency, and blockchain consensus latency. To achieve this, the authors employed a federated duel
deep Q-learning (DDQL) algorithm [121] and deployed it to each AV to enable them to take action according to the
changing external environment. The state space of the proposed DDQL includes wireless channel conditions, data set
quality, and packet error rate, where AVs select offload strategy, wireless channel, and CPU-cycle frequency based on
the DDQL algorithm.
In [56], Nguyen et al. applied the DRL method based on a parameterized advantage actor-critic (A2C) algorithm
[122] to a multi-server edge computing scenario to reduce the overall system latency. Their proposed hybrid discrete-
continuous action DRL algorithm takes into account various factors such as data size, channel state, broadband state,
computation state, and hash power to determine whether an edge node should perform computation offloading. In
case of offloading, the agent needs to decide on the corresponding channel selection, power allocation and other trans-
mission necessary parameters. In case of non-offloading, the agent needs to decide on the necessary parameters for
training such as the hash power allocation for local computation. Unlike existing purely discrete or purely continu-
ous action DRL algorithms, the authors proposed a hybrid model where resource allocation is continuous, while the
offloading decision is discrete, leading to improved training performance.

4.1.3 Optimized Blockchain Topology

The topological structure of a blockchain system is a crucial factor that impacts information transmission and signif-
icantly influences the system’s efficiency and scalability. Modifying the topology of the blockchain can potentially
improve its efficiency, which has been demonstrated in some papers in the BC-FL systems [123, 124]. The topology
of a blockchain system includes the physical and logical topology, both of which can affect the system’s efficiency.
Improving the physical topology involves considering the node layout, physical location, and network topology. For
instance, positioning relevant nodes near the data source can reduce the network delay, altering node connections’
topology can enhance network transmission efficacy, and using edge computing can reduce the computing burden of
edge devices.
The logical topology of the blockchain refers to how transactions and blocks are verified and added, and it can impact
the processing speed and scalability of the system. Compared to traditional blockchains, the DAG blockchain [125]
is better suited for scenarios such as FL that require efficient processing of large amounts of data due to its faster
transaction processing speed and better scalability. The primary difference between the DAG blockchain and the
traditional blockchain is the way data is organized and stored. The latter uses chain storage, where a block can point
to at most one previous block and forks are not allowed. On the other hand, the DAG blockchain employs directed
acyclic graph organization, allowing multiple previous blocks to be pointed to as long as no cycle is formed. This
data organization form enables the block generation speed to exceed the block propagation speed, resulting in high
concurrency and weak synchronization.
In addition, there are some improvements that involve both the physical and logical topology of the blockchain. One
such improvement is the deployment of a two-layered blockchain architecture, which comprises two relatively au-
tonomous blockchains – the main-chain and the sub-chain. The sub-chain is responsible for interfacing with peripheral
devices and executing swift consensus algorithms. Meanwhile, a subset of nodes within the sub-chain are nominated
to constitute the main-chain. Typically, the main-chain utilizes Byzantine fault-tolerant consensus algorithms to ensure
the security of the system.
In [102], Cheng et al. proposed a BC-FL system based on a two-layer blockchain architecture. The lower-layer
blockchain is responsible for connecting devices to achieve strong consistency and a high consensus rate. Within a

17
Cai et al.

ůŽĐŬĐŚĂŝŶƐĞĐƵƌŝƚLJ ŝƐƐƵĞƐ
dƌĂŶƐƉĂƌĞŶƚ ^LJƐƚĞŵƐĞĐƵƌŝƚLJ
ƐƚŽƌĂŐĞ ǁĞĂŬŶĞƐƐ
ZĞĨ͘ džŝƐƚŝŶŐƐŽůƵƚŝŽŶƐ
džŝƐƚŝŶŐƐŽůƵƚŝŽŶƐ ZĞĨ͘
΀ϰϲ΁΀ϳϮ΁ ,ŽŵŽŵŽƌƉŚŝĐ &ĞĚĞƌĂƚĞĚůĞĂƌŶŝŶŐƐLJƐƚĞŵ
΀ϴϵ΁΀ϭϬϯ΁ ĞŶĐƌLJƉƚŝŽŶ
^ĞĐƵƌŝƚLJĐŽŶƐĞŶƐƵƐ
΀ϭϰϱ΁΀Ϯϱ΁
WƌŽƚŽĐŽů
΀ϯϴ΁΀ϲϳ΁ ůŽĐŬĐŚĂŝŶĂƚƚĂĐŬ
ŝĨĨĞƌĞŶƚŝĂůƉƌŝǀĂĐLJ WƌŝǀĂĐLJůĞĂŬĂŐĞ
΀ϭϰϴ΁΀ϴϬ΁ ;ƐLJďŝůĂƚƚĂĐŬͿ
΀ϭϰϬ΁΀ϭϯϯ΁ ΀ϲϴ΁΀Ϯϲ΁ ZĞƉƵƚĂƚŝŽŶ
΀ϵ΁΀ϴϲ΁ ^ĞĐƵƌĞŵƵůƚŝͲƉĂƌƚLJ ΀ϭϬϬ΁
ĐŽŵƉƵƚŝŶŐ ŵĞĐŚĂŶŝƐŵ
Ͳ&>ƐĞĐƵƌŝƚLJ ŝƐƐƵĞƐ

Figure 10: Security challenges and related solutions in the BC-FL systems. Malicious nodes pose a threat to the
blockchain within the BC-FL system through two distinct avenues: privacy leakage and consensus mechanisms.
The former capitalizes on the blockchain’s data transparency to breach access to model information stored within
it, whereas the latter employs attacks via the straightforward consensus mechanism inherent in the BC-FL system. In
response to these challenges, contemporary solutions are predominantly centered around the development of diverse
privacy protection algorithms and the implementation of exceptionally secure consensus mechanisms.
short period of time, the lower-layer blockchain needs to reach a consensus while only considering the problems of
equipment failure and omission. To this end, the Raft protocol is employed, which is more efficient despite lacking
Byzantine fault tolerance. The upper-layer blockchain connects various lower-layer blockchains and is designed to
prevent malicious nodes and resolve Byzantine faults. Thus, the PBFT algorithm is employed, which can effectively
resist Byzantine attacks but requires a longer time frame for consensus. The upper-layer blockchain’s nodes are super
nodes with robust computing power selected from the lower-layer blockchain. Hence, they are relatively small in
number but possess significant computing capabilities, enhancing the PBFT protocol’s consensus speed.

4.2 Secure Challenges and Solutions

Integrating blockchain into FL systems holds the potential to significantly bolster system security. However, the
successful execution of such integration in BC-FL systems hinges greatly upon the scrupulous deliberation of system
designers and the implementation of effective combination strategies. Inadequate integration of blockchain may give
rise to supplementary predicaments. The security challenges and related solutions in the BC-FL systems are evidenced
in Fig. 10.
As shown in Fig. 10, the transparent nature of blockchain data raises concerns about storing sensitive information,
potentially leading to violations of privacy. Additionally, extant attack methods targeting blockchain systems, such as
Sybil attacks [126], have the capability to compromise the security of the BC-FL system. An examination of recent
BC-FL systems has unveiled several instances wherein Sybil attacks and breaches of privacy remain plausible.

4.2.1 Privacy Leakage

The immutability and transparency inherent in blockchain play a pivotal role in safeguarding the integrity of a system.
Blockchain data can be validated by all clients, and it remains impervious to unauthorized tampering by malicious
entities. However, this approach also brings forth a potential vulnerability, as malevolent nodes can effortlessly access
sensitive data stored on the blockchain. In BC-FL systems, multiple research endeavors permit clients to store local
models or gradients on the blockchain, along with their retrieval methods [127, 128]. Regrettably, this allowance
opens the door for malicious clients to potentially deduce sensitive worker data. To tackle this issue, several scholars
suggested the implementation of diverse cryptographic techniques [50, 129]. These techniques serve to fortify the
system’s privacy protection capabilities while mitigating the potential privacy hazards.
Homomorphic Encryption (HE) represents an encryption technology that facilitates direct computations on encrypted
data, empowering aggregators to execute model aggregation operations without necessitating the decryption of local
models [58, 130, 104, 107]. In [130], Sun et al. designed a Bresson-Catalano-Pointcheval based homomorphic noise
mechanism to secure gradient values and pinpoint malevolent data owners. Meanwhile, in [104], Jia et al. seamlessly
incorporated the homomorphic encryption scheme Paillier [131] into K-means clustering, distributed random forest,
and distributed AdaBoost components in the BC-FL systems. The scheme offers a privacy-preserving solution for
client data when employing these machine learning algorithms. In another study [107], Miao et al. harnessed Fully
Homomorphic Encryption (FHE) to facilitate secure model aggregation. Concurrently, they leveraged blockchain to
ensure the transparency of the aggregation process. In [109], Sun et al. introduced a verification procedure in [104]
before local update aggregation to fend off poisoning attacks. They introduced differential privacy noise during the

18
Cai et al.

verification process to obfuscate local updates, thereby enhancing privacy. Additionally, in [49], Fang et al. outlined
a secure and verifiable local update aggregation scheme, replacing differential privacy technology with the Shamir
Secret Sharing technique[132] to ensure the correctness of confidential sharing.
Multiple studies also employed differential privacy to protect the privacy of FL clients [92, 55, 74]. In [92], Ma et al.
delved into a differential privacy solution for the BC-FL system, where noise is added to the local data features
to uphold local privacy and pseudo-noise sequences are adopted to identify inactive clients. Similarly, in [133],
Abadi et al. incorporated tailored noise into the data prior to sharing, effectively obscuring the actual data values
while maintaining usability even after noise integration. Within BC-FL systems integrating differential privacy, it is
customary for clients to introduce noise to the model prior to uploading the local model, thereby ensuring privacy
protection. In [83], Zhao et al. employed differential privacy to safeguard the privacy of individual clients by applying
it to the extracted data features of each client. Additionally, Qu’s work [94] presented an enhanced differential privacy
algorithm built upon generative adversarial networks, offering a means of preserving the privacy of local models.
Secure Multi-Party Computing (SMPC) stands out as another promising avenue for ensuring privacy of BC-FL sys-
tems [101, 134]. SMPC represents a versatile cryptographic tool that empowers distributed parties to collaboratively
compute diverse functions while withholding their confidential inputs and outputs [135]. Within the BC-FL system in-
corporating SMPC, every client employs the SMPC protocol to join forces and aggregate the global model. SMPC can
be instantiated as a smart contract on the blockchain, with these contracts delineating computation rules and guarantee-
ing proper protocol execution. In [101], Awan et al. designed a meticulously algorithm that leverages homomorphic
encryption and proxy re-encryption grounded in the Paillier encryption algorithm. This technique involves encrypting
each local model, thereby preventing the model aggregator from accessing individual models. Nevertheless, upon
aggregating the encrypted local models, the aggregator can obtain an unencrypted global model, thus preserving the
confidentiality of each client’s data.
Several studies explored alternative approaches to address the privacy concerns within the BC-FL system [49, 136,
137]. For instance, in [136], Wei et al. introduced a chameleon hash scheme with a modifiable trapdoor (CHCT)
as a countermeasure to potential privacy leaks on the blockchain, effectively creating an adaptable blockchain struc-
ture. The CHCT employs trapdoors to generate hash collisions, resulting in identical hash values. When sensitive or
erroneous data is identified on the blockchain, clients can utilize CHCT to amend the relevant data. However, strict
adherence to a well-defined set of procedures is imperative when modifying the blockchain to safeguard its reputation
as a trusted third-party entity. In [49], Fang et al. employed a privacy-preserving strategy to store the gradient’s com-
mitment on the blockchain and mapped it to an elliptic curve point. Simultaneously, the gradient is obscured using a
Pseudorandom generator-based mask, which can subsequently be removed to restore the accurate global gradient once
all local gradients are incorporated. Similarly, [137], Guo et al. presented a blockchain-based obfuscation transmis-
sion mechanism, shielding the local models of FL edge nodes from external scrutiny by potential attack devices. The
blockchain is initially divided into distinct branches starting from the genesis block, each corresponding to a training
device. A hash key block on each branch stores the hash key function published by the server.

4.2.2 Sybil Attacks

Sybil attacks have garnered extensive attention within the blockchain field, owing to their potential to compromise the
integrity and security of blockchains [126]. Thus attacks involve an assailant generating numerous false identities or
nodes within the network, affording them the means to manipulate the system’s dynamics [138]. Established methods
like Proof of Work (PoW) and Proof of Stake (PoS) have demonstrated some degree of resilience against Sybil attacks
[139, 140]. Within the context of the BC-FL system, certain endeavors have adopted lightweight consensus protocols
or rapid information transmission methods to bolster system speed, inadvertently rendering them susceptible to Sybil
attacks [54, 103, 141]. For instance, in [54], the Raft protocol is harnessed to expedite consensus within the underlying
blockchain. However, this approach exposes a vulnerability where an attacker could subvert the leader election process
through the creation of fabricated identities. This disruption might impede the proper selection of legitimate leaders
or lead the system astray from its intended behavior. In another instance, Feng et al. employed a localized model
update chain facilitated by inter-device communication for efficient blockchain information transfer [103]. While
inter-device communication offers improved network performance and reduced communication costs, it also presents
a vulnerability to Sybil attacks [141]. In the realm of inter-device communication, attackers exploit the creation
of multiple spurious identities or devices to gain a foothold in the network, inundating it with counterfeit traffic or
acquiring sensitive information.
Another group of research tried to employ various consensus mechanisms to counter Sybil attacks [99, 142, 49, 141].
For instance, in [99], Zhang et al. utilize a validator committee selection scheme akin to the Algorand consensus
algorithm [142], utilizing verifiable random numbers to thwart Sybil attacks. In [49], Fang et al. designed a secure
aggregation protocol that directly applies the Algorand consensus algorithm to fend off Sybil and tampering attacks.

19
Cai et al.

ůŽĐŬĐŚĂŝŶŝƐƐƵĞƐ
džŝƐƚŝŶŐ
ůŽĐŬƐŝnjĞůŝŵŝƚ
ƐŽůƵƚŝŽŶƐ
Ͳ&>ƐƚŽƌĂŐĞ ŝƐƚƌŝďƵƚĞĚ
^ƚŽƌĂŐĞƌĞĚƵŶĚĂŶĐLJ ĐŚĂůůĞŶŐĞ ƐƚŽƌĂŐĞ
ƚĞĐŚŶŽůŽŐLJ
ůŽĐŬĐŚĂŝŶĐĂŶŶŽƚ
΀Ϯϲ΁΀ϱϵ΁
ĚŝƌĞĐƚůLJƐƚŽƌĞŵŽĚĞůƐ
΀ϴϰ΁΀ϵϵ΁
&ĞĚĞƌĂƚĞĚůĞĂƌŶŝŶŐ >ĂƌŐĞďůŽĐŬĐŚĂŝŶ ŵŽĚĞů
ĨĞĂƚƵƌĞƐ ƐƚŽƌĂŐĞƐŝnjĞ ĐŚƵŶŬŝŶŐ
>ĂƌŐĞƉĂƌĂŵĞƚĞƌ ŶƵŵďĞƌ ΀ϵϲ΁

DƵůƚŝƉůĞůĞĂƌŶŝŶŐ ƌŽƵŶĚƐ

Figure 11: Storage challenges and related solutions in BC-FL systems.

The protocol uses pairwise random masks to impede Sybil attacks. Shayan et al. [141] introduced a fully decentral-
ized system to effectively mitigate Sybil attacks by judiciously defining reputation levels. They used blockchain and
cryptographic primitives to defends against known attacks.

4.3 Storage Challenges and Solutions

The storage requirements for blockchain systems are inherently cumbersome, as each full node is required to maintain
a complete backup of the entire system. This leads to a linear increase in the total storage size with the number of
full nodes. In FL, clients transmit their local models to a central server and download the global model. The server
is responsible for storing both the local and global models and various FL-related data and parameters, thereby be-
coming the node with the highest storage demand in the FL system. When enhancing the FL system with blockchain,
the BC-FL system must inevitably store diverse information on the blockchain, resulting in significant storage over-
head. Furthermore, most blockchain platforms currently impose limitations on transaction or block size. For instance,
Bitcoin has a block size limit of 1MB, and while Ethereum does not have a theoretical block size limit, its gas limit
effectively restricts the size of transactions [143]. If the BC-FL system requires direct storage of large volumes of data
within blocks, such as model parameters, this could surpass the blockchain system’s storage capabilities.
As illustrated in Fig. 11, the storage challenges of the BC-FL system are primarily twofold:
Constrained storage capacity: the limited block size makes storing some data that takes up storage space difficult.
Redundant storage demands: a large amount of training-related data is stored in the blockchain, which brings
unnecessary information redundancy and terrible storage challenges to the entire BC-FL system.
As depicted in Fig. 11, the current landscape presents two prevailing strategies to tackle the storage challenges in BC-
FL systems. The first approach entails chunking the FL models or data into distinct segments, which are then stored
on the blockchain with constrained block size [144]. This methodology necessitates prior negotiation of a serialization
plan among nodes. Subsequently, each split data’s size is logged as supplementary information within the transaction
block. Gradual storage of the data on the BC-FL system is accomplished through the initiation of transactions. How-
ever, we assert that such techniques possess restricted applicability and are suitable solely for systems characterized
by a few supernodes, each endowed with robust storage capabilities capable of managing storage redundancy.
The second solution involves utilizing distributed storage technology to house the model, while retaining only the
acquisition method on the blockchain [60, 83, 129, 145, 146]. For example, the InterPlanetary File System (IPFS)
employs content addressing for file storage and retrieval, allowing users to access files using the hash value associated
with the file [50]. In this methodology, solely the hash of the respective model finds its place on the blockchain.
Additionally, Xu et al. incorporated a model producer within the system to provide download links to other nodes
[91]. The blockchain then retains the model hashes and corresponding download links solely as part of this innovative
approach. These approaches address the intricate interplay between blockchain and FL requirements, paving the way
for more efficient and effective storage management within BC-FL systems.

5 Future Research Directions

In this section, we delve into prospective research avenues at the intersection of blockchain and FL systems. These en-
compass concepts like combination architecture, lightweight blockchain solutions, and personalized smart contracts.
The fusion of blockchain technology with FL presents an auspicious and pioneering strategy for tackling specific chal-

20
Cai et al.

lenges. Yet, despite its pragmatic significance, the current body of research in this field remains inadequate. Having
meticulously scrutinized the latest studies, we distill a collection of potential future research directions, presented
herein for consideration.

5.1 Combination Architecture

The majority of current research endeavors have centered around the integration of blockchain into HFL systems.
An imperative exists to delve into the synergies between blockchain and VFL, as well as federated transfer learning.
VFL presents distinct data processing and training methodologies in comparison to HFL [147]. Prior to commencing
training, VFL necessitates privacy-preserving set intersection, and the regular encryption and exchange of interim
training outcomes. This raises the inquiry of whether blockchain can effectively tackle the unique challenges posed
by VFL and federated transfer learning. Further exploration is warranted to ascertain the potential of blockchain in
addressing these specialized concerns within the realm of VFL and federated transfer learning.

5.2 Lightweight Blockchain Solutions

In FL systems, particularly in cross-device FL, clients typically exhibit constrained communication and computa-
tional capacities. Introducing blockchain on each client might further burden the communication and computational
resources of edge devices. The majority of blockchains in BC-FL systems maintain a rather general-purpose nature,
with only a handful being meticulously customized for these systems. The forthcoming challenge lies in the advance-
ment of consensus algorithms, topology structures, communication methodologies, and other enhancements aimed at
enhancing the compatibility of blockchain systems with the FL framework.

5.3 Personalized Smart Contracts

The integration of smart contracts has substantially elevated the adaptability and scalability of BC-FL systems. A
promising avenue for future exploration involves the formulation of supplementary algorithms tailored for deployment
on personalized smart contracts, aiming to enhance the efficiency, security, and flexibility of BC-FL systems [148].
It is important to highlight that a multitude of ongoing investigations are centered around attacks and defenses in the
realm of smart contract security [149, 150]. Thus, while the utilization of smart contracts within BC-FL systems holds
promise, a prudent approach necessitates meticulous scrutiny of potential vulnerabilities, mandating their mitigation
through rigorous and comprehensive research endeavors.

6 Conclusion
Blockchain-empowered Federated Learning (BC-FL) has emerged as a promising realm of distributed machine learn-
ing in recent years. This all-encompassing review delves into the potential advantages and challenges associated with
the integration of blockchain into FL. The survey highlighted numerous domains where blockchain can be harnessed
to enhance security, avert single points of failure, and establish reputation and incentive mechanisms. We elucidated
how blockchain can surmount the primary challenges encountered by FL. By considering that the amalgamation of
blockchain also presents several challenges that necessitate resolution, we succinctly outlined the efficiency, storage,
and security challenges that arise in BC-FL systems, and provided a comprehensive survey of prevailing solutions.
This survey furnishes a thorough and insightful analysis of the role of blockchain in the FL system. We hold the belief
that this work will expedite the exploration and advancement of related research endeavors, thus bestowing a valuable
resource upon scholars and practitioners in this field.

References
[1] Christian Meurisch and Max Mühlhäuser. Data protection in ai services: A survey. ACM Computing Surveys,
54(2):1–38, 2021.
[2] Masooda Bashir et al. Online privacy and informed consent: The dilemma of information asymmetry. vol-
ume 52, pages 1–10. Wiley Online Library, 2015.
[3] Ashok Kumar Reddy Nadikattu. Iot and the issue of data privacy. International Journal of Innovations in
Engineering Research and Technology, 5(10):23–26, 2018.
[4] Jim Isaak and Mina J Hanna. User data privacy: Facebook, cambridge analytica, and privacy protection.
Computer, 51(8):56–59, 2018.

21
Cai et al.

[5] Xuefei Yin et al. A comprehensive survey of privacy-preserving federated learning: A taxonomy, review, and
future directions. ACM Computing Surveys, 54(6):1–36, 2021.
[6] Christina Tikkinen-Piri et al. Eu general data protection regulation: Changes and implications for personal data
collecting companies. Computer Law & Security Review, 34(1):134–153, 2018.
[7] Christopher F Mondschein and Cosimo Monda. The eu’s general data protection regulation (gdpr) in a research
context. Fundamentals of clinical data science, pages 55–71, 2019.
[8] Shawn Marie Boyne. Data protection in the united states. The American Journal of Comparative Law,
66(suppl_1):299–343, 2018.
[9] Brendan McMahan, Eider Moore, et al. Communication-efficient learning of deep networks from decentralized
data. In Artificial intelligence and statistics, pages 1273–1282. PMLR, 2017.
[10] Xiaofei Wang et al. Federated deep reinforcement learning for internet of things with decentralized cooperative
edge caching. IEEE Internet of Things Journal, 7(10):9441–9455, 2020.
[11] Yi Liu, Jialiang Peng, et al. A secure federated learning framework for 5g networks. IEEE Wireless Communi-
cations, 27(4):24–31, 2020.
[12] Ningning Ding et al. Incentive mechanism design for federated learning with multi-dimensional private infor-
mation. In International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks,
pages 1–8. IEEE, 2020.
[13] Qinbin Li et al. Federated learning on non-iid data silos: An experimental study. In Proceeding of the Interna-
tional Conference on Data Engineering, pages 965–978. IEEE, 2022.
[14] Dinh C Nguyen, Quoc-Viet Pham, et al. Federated learning for smart healthcare: A survey. ACM Computing
Surveys, 55(3):1–37, 2022.
[15] Hao Li, Chengcheng Li, et al. Review on security of federated learning and its application in healthcare. Future
Generation Computer Systems, 144:271–290, 2023.
[16] Sita Rani et al. Federated learning for secure iomt-applications in smart healthcare systems: A comprehensive
review. Knowledge-Based Systems, 274:110658, 2023.
[17] Wenbo Zheng et al. Federated meta-learning for fraudulent credit card detection. In Proceedings of the Inter-
national Conference on International Joint Conferences on Artificial Intelligence, pages 4654–4660, 2021.
[18] Xunzheng Zhang, Alex Mavromatis, et al. Federated feature selection for horizontal federated learning in iot
networks. IEEE Internet of Things Journal, 10(11):10095–10112, 2023.
[19] Anushiya Arunan, Yan Qin, Xiaoli Li, and Chau Yuen. A federated learning-based industrial health prognostics
for heterogeneous edge devices using matched feature extraction. IEEE Transactions on Automation Science
and Engineering, pages 1–15, 2023.
[20] Shenglai Zeng et al. Hfedms: Heterogeneous federated learning with memorable data semantics in industrial
metaverse. IEEE Transactions on Cloud Computing, 11(3):3055–3069, 2023.
[21] Shan Ji and ohters. Lafed: A lightweight authentication mechanism for blockchain-enabled federated learning
system. Future Generation Computer Systems, 145:56–67, 2023.
[22] Fan Yang et al. An explainablefederated learning and blockchain-based secure credit modeling method. Euro-
pean Journal of Operational Research, 317(2):449–467, 2024.
[23] Zakaria Abou El Houda et al. Mitfed: A privacy preserving collaborative network attack mitigation framework
based on federated learning using sdn and blockchain. IEEE Transactions on Network Science and Engineering,
10(4):1985–2001, 2023.
[24] Aditya Pribadi Kalapaaking et al. Blockchain-based federated learning with smpc model verification against
poisoning attack for healthcare systems. IEEE Transactions on Emerging Topics in Computing, 12(1):269–280,
2024.
[25] Yunxiang Wang, Jianhong Zhou, Gang Feng, Xianhua Niu, and Shuang Qin. Blockchain assisted federated
learning for enabling network edge intelligence. IEEE Network, 37(1):96–102, 2022.
[26] Jie Xu, Cong Wang, and Xiaohua Jia. A survey of blockchain consensus protocols. ACM Computing Surveys,
55(13s), 2023.
[27] Ahmed Afif Monrat et al. A survey of blockchain from the perspectives of applications, challenges, and oppor-
tunities. IEEE Access, 7:117134–117151, 2019.

22
Cai et al.

[28] Hong-Ning Dai, Zibin Zheng, and Yan Zhang. Blockchain for internet of things: A survey. IEEE Internet of
Things Journal, 6(5):8076–8094, 2019.
[29] Shubhani Aggarwal and Neeraj Kumar. Blockchain 2.0: smart contracts. In Advances in Computers, volume
121, pages 301–322. Elsevier, 2021.
[30] Abdelatif Hafid et al. A tractable probabilistic approach to analyze sybil attacks in sharding-based blockchain
protocols. IEEE Transactions on Emerging Topics in Computing, 11(1):126–136, 2022.
[31] Shay Vargaftik et al. Eden: Communication-efficient and robust distributed mean estimation for federated
learning. In Proceeding of the International Conference on Machine Learning, pages 21984–22014. PMLR,
2022.
[32] Yujia Wang, Lu Lin, and Jinghui Chen. Communication-efficient adaptive federated learning. In International
Conference on Machine Learning, pages 22802–22838. PMLR, 2022.
[33] Chen Zhang, Yu Xie, Hang Bai, Bin Yu, Weihong Li, and Yuan Gao. A survey on federated learning.
Knowledge-Based Systems, 216:106775, 2021.
[34] Zeinab Teimoori et al. A secure cloudlet-based charging station recommendation for electric vehicles empow-
ered by federated learning. IEEE Transactions on Industrial Informatics, 18(9):6464–6473, 2022.
[35] Shicheng Xu et al. A method of federated learning based on blockchain. In Proceedings of the International
Conference on Computer Science and Application Engineering, pages 1–8, 2021.
[36] Peiying Zhang et al. Federated transfer learning for iiot devices with low computing power based on blockchain
and edge computing. IEEE Access, 9:98630–98638, 2021.
[37] Daoyuan Chen et al. Fs-real: Towards real-world cross-device federated learning. In Proceedings of the ACM
SIGKDD Conference on Knowledge Discovery and Data Mining, pages 3829–3841, 2023.
[38] Ron Dorfman et al. Docofl: downlink compression for cross-device federated learning. In Proceedings of the
International Conference on Machine Learning, pages 8356–8388. PMLR, 2023.
[39] Chao Huang, Ming Tang, et al. Promoting collaborations in cross-silo federated learning: Challenges and
opportunities. IEEE Communications Magazine, 62(4):82–88, 2023.
[40] Shijing Yuan, Beiyu Dong, et al. Adaptive incentivize for cross-silo federated learning in iiot: A multi-agent
reinforcement learning approach. IEEE Internet of Things Journal, 11(9):15048–15058, 2023.
[41] Zibin Zheng et al. Blockchain challenges and opportunities: A survey. International journal of web and grid
services, 14(4):352–375, 2018.
[42] Tao Ye, Min Luo, Yi Yang, Kim-Kwang Raymond Choo, and Debiao He. A survey on redactable blockchain:
challenges and opportunities. IEEE Transactions on Network Science and Engineering, 10(3):1669–1683, 2023.
[43] Yizhong Liu, Xinxin Xing, et al. A flexible sharding blockchain protocol based on cross-shard byzantine fault
tolerance. IEEE Transactions on Information Forensics and Security, 2023.
[44] Xiao Chen et al. A vehicular trust blockchain framework with scalable byzantine consensus. IEEE Transactions
on Mobile Computing, 23(5):4440–4452, 2023.
[45] Cristian Lepore, Michela Ceria, Andrea Visconti, Udai Pratap Rao, Kaushal Arvindbhai Shah, and Luca Zano-
lini. A survey on blockchain consensus with a performance comparison of pow, pos and pure pos. Mathematics,
8(10):1782, 2020.
[46] Dongyan Huang, Xiaoli Ma, and Shengli Zhang. Performance analysis of the raft consensus algorithm for
private blockchains. IEEE Transactions on Systems, Man, and Cybernetics: Systems, 50(1):172–181, 2019.
[47] Wenyu Li, Chenglin Feng, Lei Zhang, Hao Xu, Bin Cao, and Muhammad Ali Imran. A scalable multi-layer pbft
consensus for blockchain. IEEE Transactions on Parallel and Distributed Systems, 32(5):1146–1160, 2020.
[48] Mohamed Abdel-Basset et al. Privacy-preserved cyberattack detection in industrial edge of things (ieot):
a blockchain-orchestrated federated learning approach. IEEE Transactions on Industrial Informatics,
18(11):7920–7934, 2022.
[49] Chen Fang et al. A privacy-preserving and verifiable federated learning method based on blockchain. Computer
Communications, 186:1–11, 2022.
[50] Chaosheng Feng, Bin Liu, Keping Yu, et al. Blockchain-empowered decentralized horizontal federated learning
for 5g-enabled uavs. IEEE Transactions on Industrial Informatics, 18(5):3582–3592, 2021.
[51] Shaoyong Guo, Keqin Zhang, Bei Gong, and Xuesong Qiu. Sandbox computing: A data privacy trusted sharing
paradigm via blockchain and federated learning. IEEE Transactions on Computers, 72(3):800–810, 2022.

23
Cai et al.

[52] Li Jiang, Hao Zheng, et al. Cooperative federated learning and model update verification in blockchain-
empowered digital twin edge networks. IEEE Internet of Things Journal, 9(13):11154–11167, 2021.
[53] Hong Liu, Shuaipeng Zhang, et al. Blockchain and federated learning for collaborative intrusion detection in
vehicular edge computing. IEEE Transactions on Vehicular Technology, 70(6):6073–6084, 2021.
[54] Yunlong Lu et al. Blockchain empowered asynchronous federated learning for secure data sharing in internet
of vehicles. IEEE Transactions on Vehicular Technology, 69(4):4298–4311, 2020.
[55] Dinh C Nguyen, Ming Ding, and Albert Y Zomaya. Federated learning for covid-19 detection with generative
adversarial networks in edge cloud computing. IEEE Internet of Things Journal, 9(12):10257–10271, 2021.
[56] Dinh C Nguyen et al. Latency optimization for blockchain-empowered federated learning in multi-server edge
computing. IEEE Journal on Selected Areas in Communications, 40(12):3373–3390, 2022.
[57] Jiahao Qi et al. High-quality model aggregation for blockchain-based federated learning via reputation-
motivated task participation. IEEE Internet of Things Journal, 9(19):18378–18391, 2022.
[58] Minfeng Qi et al. A blockchain-enabled federated learning model for privacy preservation: System design.
In Proceeding of the Australasian Conference on Information Security and Privacy, pages 473–489. Springer,
2021.
[59] Youyang Qu et al. A blockchained federated learning framework for cognitive computing in industry 4.0
networks. IEEE Transactions on Industrial Informatics, 17(4):2964–2973, 2020.
[60] Muhammad Habib ur Rehman et al. Trustfed: A framework for fair and trustworthy cross-device federated
learning in iiot. IEEE Transactions on Industrial Informatics, 17(12):8485–8494, 2021.
[61] Di Wu et al. A blockchain-based multi-layer decentralized framework for robust federated learning. In Pro-
ceeding of the International Joint Conference on Neural Networks, pages 1–8, 2022.
[62] Chenhao Xu, Youyang Qu, et al. Bafl: an efficient blockchain-based asynchronous federated learning frame-
work. In IEEE Symposium on Computers and Communications, pages 1–6. IEEE, 2021.
[63] Yajing Xu, Zhihui Lu, et al. Besifl: Blockchain empowered secure and incentive federated learning paradigm
in iot. IEEE Internet of Things Journal, 10(8):6561–6573, 2021.
[64] Peiying Zhang et al. Bc-edgefl: A defensive transmission model based on blockchain-assisted reinforced fed-
erated learning in iiot environment. IEEE Transactions on Industrial Informatics, 18(5):3551–3561, 2021.
[65] Ning Zhao, Hao Wu, et al. Deep-reinforcement-learning-based latency minimization in edge intelligence over
vehicular networks. IEEE Internet of Things Journal, 9(2):1300–1312, 2021.
[66] Zhilin Wang et al. Incentive mechanism design for joint resource allocation in blockchain-based federated
learning. IEEE Transactions on Parallel and Distributed Systems, 34(5):1536–1547, 2023.
[67] Liwei Ouyang et al. Artificial identification: a novel privacy framework for federated learning based on
blockchain. IEEE Transactions on Computational Social Systems, 2023.
[68] Shuo Yuan et al. Secure and efficient federated learning through layering and sharding blockchain. IEEE
Transactions on Network Science and Engineering, 11(3):3120–3134, 2024.
[69] Moayad Aloqaily et al. Reinforcing industry 4.0 with digital twins and blockchain-assisted federated learning.
IEEE Journal on Selected Areas in Communications, 2023.
[70] Junsheng Mu, Wenjiang Ouyang, et al. Digital twin-enabled federated learning in mobile networks: From
the perspective of communication-assisted sensing. IEEE Journal on Selected Areas in Communications,
41(10):3230–3241, 2023.
[71] Anton Wahrstatter et al. Openfl: A scalable and secure decentralized federated learning system on the ethereum
blockchain. Internet of Things, 26:101174, 2024.
[72] Jun Li, Yumeng Shao, Kang Wei, Ming Ding, Chuan Ma, Long Shi, Zhu Han, and H Vincent Poor. Blockchain
assisted decentralized federated learning (blade-fl): Performance analysis and resource allocation. IEEE Trans-
actions on Parallel and Distributed Systems, 33(10):2401–2415, 2021.
[73] Youyang Qu et al. Fl-sec: Privacy-preserving decentralized federated learning using signsgd for the internet of
artificially intelligent things. IEEE Internet of Things Magazine, 5(1):85–90, 2022.
[74] Xiaoqiang He et al. Cgan-based collaborative intrusion detection for uav networks: A blockchain-empowered
distributed federated learning approach. IEEE Internet of Things Journal, 10(1):120–132, 2022.
[75] Jiawen Kang et al. Incentive mechanism for reliable federated learning: A joint optimization approach to
combining reputation and contract theory. IEEE Internet of Things Journal, 6(6):10700–10714, 2019.

24
Cai et al.

[76] Achref Haddaji et al. Federated learning with blockchain approach for trust management in iov. In Proceed-
ings of the International Conference on Advanced Information Networking and Applications, pages 411–423.
Springer, 2022.
[77] Jiawen Kang et al. Optimizing task assignment for reliable blockchain-empowered federated edge learning.
IEEE Transactions on Vehicular Technology, 70(2):1910–1923, 2021.
[78] Chao Qiu et al. Rendering secure and trustworthy edge intelligence in 5g-enabled iiot using proof of learning
consensus protocol. IEEE Transactions on Industrial Informatics, 19(1):900–909, 2022.
[79] Jiawen Kang, Zehui Xiong, Dusit Niyato, Yuze Zou, Yang Zhang, and Mohsen Guizani. Reliable federated
learning for mobile networks. IEEE Wireless Communications, 27(2):72–80, 2020.
[80] Haoyu Chen et al. Repbfl: Reputation based blockchain-enabled federated learning framework for data sharing
in internet of vehicles. In International Conference on Parallel and Distributed Computing: Applications and
Technologies, pages 536–547. Springer, 2022.
[81] Liang Gao et al. FGFL: A blockchain-based fair incentive governor for Federated Learning. Journal of Parallel
and Distributed Computing, 163:283–299, 2022.
[82] Mohamed Abdur Rahman et al. Secure and provenance enhanced internet of health things framework: A
blockchain managed federated learning approach. IEEE Access, 8:205071–205087, 2020.
[83] Yang Zhao et al. Privacy-preserving blockchain-based federated learning for iot devices. IEEE Internet of
Things Journal, 8(3):1817–1829, 2020.
[84] Yijing Lin, Zhipeng Gao, et al. Drl-based adaptive sharding for blockchain-based federated learning. IEEE
Transactions on Communications, 41(11):3504–3516, 2023.
[85] Yuchuan Fu et al. An incentive mechanism of incorporating supervision game for federated learning in au-
tonomous driving. IEEE Transactions on Intelligent Transportation Systems, 24(12):14800–14812, 2023.
[86] Sreenivas Gollapudi et al. Profit sharing and efficiency in utility games. In Annual European Symposium on
Algorithms. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik, 2017.
[87] Han Yu, Zelei Liu, et al. A fairness-aware incentive scheme for federated learning. In Proceedings of the
AAAI/ACM Conference on AI, Ethics, and Society, pages 393–399, 2020.
[88] Yufeng Zhan et al. A survey of incentive mechanism design for federated learning. IEEE Transactions on
Emerging Topics in Computing, 10(2):1035–1044, 2021.
[89] Yufeng Zhan, Peng Li, Zhihao Qu, Deze Zeng, and Song Guo. A learning-based incentive mechanism for
federated learning. IEEE Internet of Things Journal, 7(7):6360–6368, 2020.
[90] Yanru Chen, Yuanyuan Zhang, et al. Dim-ds: Dynamic incentive model for data sharing in federated learning
based on smart contracts and evolutionary game theory. IEEE Internet of Things Journal, 9(23):24572–24584,
2022.
[91] Zonghang Li et al. Byzantine resistant secure blockchained federated learning at the edge. IEEE Network,
35(4):295–301, 2021.
[92] Chuan Ma, Jun Li, et al. When federated learning meets blockchain: A new distributed learning paradigm.
IEEE Computational Intelligence Magazine, 17(3):26–33, 2022.
[93] Youyang Qu et al. Decentralized privacy using blockchain-enabled federated learning in fog computing. IEEE
Internet of Things Journal, 7(6):5171–5183, 2020.
[94] Youyang Qu et al. Fedtwin: Blockchain-enabled adaptive asynchronous federated learning for digital twin
networks. IEEE Network, 36(6):183–190, 2022.
[95] Zexin Wang, Biwei Yan, and Anming Dong. Blockchain empowered federated learning for data sharing incen-
tive mechanism. Procedia Computer Science, 202:348–353, 2022.
[96] Jiasi Weng, Jian Weng, et al. DeepChain: Auditable and Privacy-Preserving Deep Learning with Blockchain-
Based Incentive. IEEE Transactions on Dependable and Secure Computing, 18(5):2438–2455, 2021.
[97] Ronghua Xu and Yu Chen. µdfl: A secure microchained decentralized federated learning fabric atop iot net-
works. IEEE Transactions on Network and Service Management, 19(3):2677–2688, 2022.
[98] Cheng Zhang, Yang Xu, , and Yaoxue Zhang. A blockchain-based model migration approach for secure and
sustainable federated learning in iot systems. IEEE Internet of Things Journal, 10(8):6574–6585, 2022.
[99] Zhebin Zhang, Dajie Dong, et al. Refiner: A reliable incentive-driven federated learning system powered by
blockchain. Proceedings of the VLDB Endowment, 14(12):2659–2662, 2021.

25
Cai et al.

[100] Yunhua He et al. A game theory-based incentive mechanism for collaborative security of federated learning in
energy blockchain environment. IEEE Internet of Things Journal, 10(24):21294–21308, 2023.
[101] Sana Awan, Fengjun Li, and Mei Liu. Poster: A reliable and accountable privacy-preserving federated learning
framework using the blockchain. In Proceedings of the ACM Conference on Computer and Communications
Security, pages 2561–2563, 2019.
[102] Runze Cheng, Yao Sun, and Muhammad Ali Imran. Blockchain-empowered federated learning approach for an
intelligent and reliable d2d caching scheme. IEEE Internet of Things Journal, 9(11):7879–7890, 2021.
[103] Lei Feng et al. Two-layered blockchain architecture for federated learning over the mobile edge network. IEEE
Network, 36(1):45–51, 2021.
[104] Bin Jia et al. Blockchain-enabled federated learning data protection aggregation scheme with differential privacy
and homomorphic encryption in iiot. IEEE Transactions on Industrial Informatics, 18(6):4049–4058, 2021.
[105] Yang Liu, Yan Kang, et al. A secure federated transfer learning framework. IEEE Intelligent Systems, 35(4):70–
82, 2020.
[106] Yunlong Lu, Xiaohong Huang, Ke Zhang, Sabita Maharjan, and Yan Zhang. Blockchain and federated learning
for 5g beyond. IEEE Network, 35(1):219–225, 2020.
[107] Yinbin Miao et al. Privacy-preserving byzantine-robust federated learning via blockchain systems. IEEE Trans-
actions on Information Forensics and Security, 17:2848–2861, 2022.
[108] Viraaji Mothukuri, Reza M Parizi, et al. Fabricfl: Blockchain-in-the-loop federated learning for trusted decen-
tralized systems. IEEE Systems Journal, 16(3):3711–3722, 2021.
[109] Jin Sun, Ying Wu, Shangping Wang, Yixue Fu, and Xiao Chang. Permissioned blockchain frame for secure
federated learning. IEEE Communications Letters, 26(1):13–17, 2021.
[110] Xiaoge Huang et al. Distance-aware hierarchical federated learning in blockchain-enabled edge computing
network. IEEE Internet of Things Journal, 10(21):19163–19176, 2023.
[111] Guangxia Xu et al. A blockchain-based federated learning scheme for data sharing in industrial internet of
things. IEEE Internet of Things Journal, 10(24):21467–21478, 2023.
[112] Seyed Mojtaba Hosseini Bamakan et al. A survey of blockchain consensus algorithms performance evaluation
criteria. Expert Systems with Applications, 154:113385, 2020.
[113] Caixiang Fan, Sara Ghaemi, Hamzeh Khazaei, and Petr Musilek. Performance evaluation of blockchain sys-
tems: A systematic survey. IEEE Access, 8:126927–126950, 2020.
[114] Mingrui Cao, Long Zhang, et al. Toward on-device federated learning: A direct acyclic graph-based blockchain
approach. IEEE Transactions on Neural Networks and Learning Systems, 34(4):2028–2042, 2023.
[115] Nguyen Quang Hieu et al. Deep reinforcement learning for resource management in blockchain-enabled feder-
ated learning network. IEEE Networking Letters, 4(3):137–141, 2022.
[116] Yuzheng Li et al. A blockchain-based decentralized federated learning framework with committee consensus.
IEEE Network, 35(1):234–241, 2020.
[117] Du Mingxiao, Ma Xiaofeng, et al. A review on consensus algorithm of blockchain. In Proceeding of the IEEE
International Conference on Systems, Man, and Cybernetics, pages 2567–2572. IEEE, 2017.
[118] Johannes Göbel and Anthony E Krzesinski. Increased block size and bitcoin blockchain dynamics. In Proceed-
ing of the International Telecommunication Networks and Applications Conference, pages 1–6. IEEE, 2017.
[119] Guangxia Xu et al. Improvement of the dpos consensus mechanism in blockchain based on vague sets. IEEE
Transactions on Industrial Informatics, 16(6):4252–4259, 2019.
[120] Kai Arulkumaran, Marc Peter Deisenroth, Miles Brundage, and Anil Anthony Bharath. Deep reinforcement
learning: A brief survey. IEEE Signal Processing Magazine, 34(6):26–38, 2017.
[121] Ziyu Wang et al. Dueling network architectures for deep reinforcement learning. In Proceeding of the Interna-
tional Conference on Machine Learning, pages 1995–2003. PMLR, 2016.
[122] Tom Zahavy, Zhongwen Xu, and Satinder Singh. A self-tuning actor-critic algorithm. Proceeding of the
Advances in Neural Information Processing Systems, 33:20913–20924, 2020.
[123] Weifeng Hao et al. Towards a trust-enhanced blockchain p2p topology for enabling fast and reliable broadcast.
IEEE Transactions on Network and Service Management, 17(2):904–917, 2020.
[124] Junfeng Xie, F Richard Yu, et al. A survey on the scalability of blockchain systems. IEEE Network, 33(5):166–
173, 2019.

26
Cai et al.

[125] Laizhong Cui et al. An efficient and compacted dag-based blockchain protocol for industrial internet of things.
IEEE Transactions on Industrial Informatics, 16(6):4134–4145, 2019.
[126] Shijie Zhang and Jong-Hyouk Lee. Double-spending with a sybil attack in the bitcoin decentralized network.
IEEE transactions on Industrial Informatics, 15(10):5715–5722, 2019.
[127] Jingyang Zhang et al. Privacy leakage of adversarial training models in federated learning systems. In Proceed-
ings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, pages 108–114, 2022.
[128] Zhuowen Yuan, Fan Wu, et al. Secretgen: Privacy recovery on pre-trained models via distribution discrimina-
tion. In Proceeding of the European Conference on Computer Vision, pages 139–155. Springer, 2022.
[129] Umer Majeed, Latif U Khan, et al. St-bfl: A structured transparency empowered cross-silo federated learning
on the blockchain framework. IEEE Access, 9:155634–155650, 2021.
[130] Zhe Sun, Junping Wan, Lihua Yin, Zhiqiang Cao, Tianjie Luo, and Bin Wang. A blockchain-based audit
approach for encrypted data in federated learning. Digital Communications and Networks, 8(5):614–624, 2022.
[131] Abbas Acar et al. A survey on homomorphic encryption schemes: Theory and implementation. ACM Comput-
ing Surveys, 51(4):1–35, 2018.
[132] Qiongxiu Li et al. A privacy-preserving asynchronous averaging algorithm based on shamir’s secret sharing. In
Proceeding of the European Signal Processing Conference, pages 1–5. IEEE, 2019.
[133] Martin Abadi, Andy Chu, and Li Zhang. Deep learning with differential privacy. In Processing of the ACM
Conference on Computer and Communications Security, pages 308–318, 2016.
[134] Jonathan Passerat-Palmbach et al. Blockchain-orchestrated machine learning for privacy preserving federated
learning in electronic health data. In Proceeding of the IEEE International Conference on Blockchain, pages
550–555, 2020.
[135] Chuan Zhao et al. Secure multi-party computation: theory, practice and applications. Information Sciences,
476:357–372, 2019.
[136] Jiannan Wei et al. A redactable blockchain framework for secure federated learning in industrial internet of
things. IEEE Internet of Things Journal, 9(18):17901–17911, 2022.
[137] Jialin Guo et al. Lightfed: An efficient and secure federated edge learning system on model splitting. IEEE
Transactions on Parallel and Distributed Systems, 33(11):2701–2713, 2021.
[138] Pim Otte et al. Trustchain: A sybil-resistant scalable blockchain. Future Generation Computer Systems,
107:770–780, 2020.
[139] Mohamed Baza et al. Detecting sybil attacks using proofs of work and location in vanets. IEEE Transactions
on Dependable and Secure Computing, 19(1):39–53, 2020.
[140] Roman Matzutt and other. Utilizing public blockchains for the sybil-resistant bootstrapping of distributed
anonymity services. In Proceedings of the ACM Asia Conference on Computer and Communications Security,
pages 531–542, 2020.
[141] Muhammad Shayan, Clement Fung, Chris JM Yoon, and Ivan Beschastnikh. Biscotti: A blockchain system
for private and secure federated learning. IEEE Transactions on Parallel and Distributed Systems, 32(7):1513–
1525, 2020.
[142] Yossi Gilad et al. Algorand: Scaling byzantine agreements for cryptocurrencies. In Proceedings of the sympo-
sium on operating systems principles, pages 51–68, 2017.
[143] Ryunosuke Nagayama et al. Identifying impacts of protocol and internet development on the bitcoin network.
In IEEE Symposium on Computers and Communications, pages 1–6. IEEE, 2020.
[144] Paritosh Ramanan et al. Baffle: Blockchain based aggregator free federated learning. In Proceeding of the IEEE
International Conference on Blockchain, pages 72–81. IEEE, 2020.
[145] Mikail Mohammed Salim et al. Federated learning-based secure electronic health record sharing scheme in
medical informatics. IEEE Journal of Biomedical and Health Informatics, 27(2):617–624, 2022.
[146] Liwei Ouyang et al. Learning markets: An ai collaboration framework based on blockchain and smart contracts.
IEEE Internet of Things Journal, 9(16):14273–14286, 2020.
[147] Qiang Yang et al. Federated machine learning: Concept and applications. ACM Transactions on Intelligent
Systems and Technology, 10(2):1–19, 2019.
[148] Zhiyuan Wan et al. Smart contract security: a practitioners’ perspective. In Proceeding of the IEEE/ACM
International Conference on Software Engineering, pages 1410–1422. IEEE, 2021.

27
Cai et al.

[149] Sunbeom So, Myungho Lee, Jisu Park, Heejo Lee, and Hakjoo Oh. Verismart: A highly precise safety verifier
for ethereum smart contracts. In IEEE Symposium on Security and Privacy, pages 1678–1694, 2020.
[150] Anton Permenev et al. Verx: Safety verification of smart contracts. In IEEE symposium on security and privacy,
pages 1661–1677. IEEE, 2020.

28