A secure cross-domain federated learning scheme based on blockchain fair payment

Blockchain fair payment

In blockchain fair payment, all-or-nothing proof protocols and Bitcoin’s timed commitment schemes play crucial roles.

• 1.

  All-or-Nothing Proof Protocols: This is a protocol to ensure the integrity of transactions. Suppose there is a set of data $D=\{d_1,d_2,\dots ,d_n\}$, the all-or-nothing proof protocol can verify the integrity of the data through the following cryptographic operations: using encryption $E_k$ to encrypt each element of the data set; i.e., $E_k(d_i)=c_i$, $i=1,2,\dots ,n$. The completeness is verified by computing the hash value of the concatenated encrypted data and comparing it with the pre-stored hash value: (1) $$h(c_1,c_2,\dots ,c_n)=H.$$

• 2.

  Bitcoin Timed Commitment Schemes: This is a type of cryptographic protocol based on blockchain, where a proposer S locks certain information (such as a secret) until specific conditions (such as a specified time) are met. The scheme involves three main phases:

  • • Commit Phase $CS.\mathrm{C}\mathrm{o}\mathrm{m}\mathrm{m}\mathrm{i}\mathrm{t}(S,C,d,t_s)$: The proposer S makes a commitment and deposits a guarantee amount $d$, used to ensure S will reveal the commitment at a specified time $t_s$. Before $t_s$, S must keep the commitment secret. Here, CS refers to the “Commitment Scheme,” a cryptographic protocol used to lock the information until the specified condition is met.

  • • Open Phase $CS.\mathrm{O}\mathrm{p}\mathrm{e}\mathrm{n}(S,C,d,t_s)$: If S reveals the secret before $t_s$, S retrieves the guarantee amount $d$.

  • • Fine Phase $CS.\mathrm{F}\mathrm{i}\mathrm{n}\mathrm{e}(S,C,d,t_s)$: If S fails to reveal the secret before $t_s$, the guarantee amount $d$ is transferred to C. This phase ensures the penalty is executed only if the open phase is not completed on time.

An example structure: $\mathrm{T}\mathrm{x}\mathrm{C}\mathrm{o}\mathrm{m}\mathrm{m}\mathrm{i}\mathrm{t}$ is used for the commit phase, including input, output script, and the guarantee amount $d$. $\mathrm{T}\mathrm{x}\mathrm{O}\mathrm{p}\mathrm{e}\mathrm{n}$ is used for the open phase, including input, output script, and the returned guarantee amount $d$. $\mathrm{T}\mathrm{x}\mathrm{F}\mathrm{i}\mathrm{n}\mathrm{e}$ is used for the fine phase, and if S fails to reveal, $d$ is transferred, allowing C to execute the transaction.

Directed relationship vector (DR vector)

A directed relationship vector is a mathematical structure used to represent directed relationships between objects. In distributed learning and federated learning, the DR vector is used to represent the mutual relationships and weight distribution between clients. By adjusting the weights, the balance between global objectives and local objectives can be achieved. The directed relationship vector ${\alpha }_k$ is an N-dimensional vector, where N is the total number of clients. Each element ${\alpha }_{k,i}$ of the vector represents the weight of client $k$ towards client $i$. It can be represented as:

(2) $${\alpha }_k=[{\alpha }_{k,1},{\alpha }_{k,2},\dots ,{\alpha }_{k,N}{]}^T.$$

The weight ${\alpha }_{k,i}$ can be allocated in various ways, such as based on similarity, credibility, or other criteria. A common weight allocation formula is:

(3) $${\alpha }_{k,i}=\frac{\mathrm{s}\mathrm{i}\mathrm{m}(w_i,w_k)}{{\sum }_{j=1}^N\mathrm{s}\mathrm{i}\mathrm{m}(w_j,w_k)}.$$where $\mathrm{s}\mathrm{i}\mathrm{m}(a,b)$ is a similarity function, which can be cosine similarity or Euclidean distance.

Cryptographic knowledge

Model parameters

Model parameters are the foundation for constructing and understanding the entire system. In the secure cross-domain federated learning scheme based on blockchain fair payment, the choice of parameters directly affects the performance and security of the system. The primary parameters of the model are listed in Table 1.

These parameters collectively construct the mathematical and logical structure of the entire scheme, ensuring the security, fairness, and efficiency of the federated learning process.

Federated learning workflow

In the secure cross-domain federated learning scheme based on blockchain fair payment, the collaborative workflow between clients and central servers is a core organizational component. The detailed workflow is described below:

Payment processing

The payment processing phase is a key part of the federated learning process, ensuring the security and fairness of transactions through blockchain, all-or-nothing proof protocols, and Bitcoin’s timed commitment schemes. The detailed steps of this phase are as follows:

The first is the contribution and reward calculation: the central server retrieves the task completion proofs of all clients from the blockchain. The reward $\mathrm{P}\mathrm{a}{\mathrm{y}}_k$ for each client $k$ is calculated based on their contribution $\mathrm{C}\mathrm{o}\mathrm{n}\mathrm{t}\mathrm{r}\mathrm{i}{\mathrm{b}}_k$. Contributions can be determined by various factors such as data volume and computational power. In this model, assuming that each client’s contribution is proportional to their local data volume, the reward calculation formula is:

(23) $${\mathrm{P}\mathrm{a}\mathrm{y}}_k=f({\mathrm{C}\mathrm{o}\mathrm{n}\mathrm{t}\mathrm{r}\mathrm{i}\mathrm{b}}_k)={\mathrm{C}\mathrm{o}\mathrm{n}\mathrm{t}\mathrm{r}\mathrm{i}\mathrm{b}}_k\times \mathrm{R}\mathrm{a}\mathrm{t}\mathrm{e}$$where $\mathrm{R}\mathrm{a}\mathrm{t}\mathrm{e}$ is a constant representing the reward per data point.

Next is the payment request and commitment: The central server issues a payment request on the blockchain. To ensure the fairness of the transaction, all-or-nothing proof protocols and Bitcoin’s timed commitment schemes are used. The commitment scheme $\mathrm{K}\mathrm{S}.\mathrm{C}\mathrm{o}\mathrm{m}\mathrm{m}\mathrm{i}\mathrm{t}(S,K,d,t,s)$ represents a commitment between the central server S and the client set K in federated learning. Specifically, S commits a secret $s$ and must open the commitment before a specified time $t$ to retrieve the stored reward value $d$. Otherwise, the stored reward will be distributed to the client set K based on their contribution, ensuring that the client’s effort is fairly rewarded. Specifically, the central server first issues a commitment transaction TxCommit, committing the payment due to each client. The central server and clients then perform this step separately, represented as:

(24) $$\mathrm{T}\mathrm{x}\mathrm{C}\mathrm{o}\mathrm{m}\mathrm{m}\mathrm{i}\mathrm{t}=\mathrm{K}\mathrm{S}.\mathrm{C}\mathrm{o}\mathrm{m}\mathrm{m}\mathrm{i}\mathrm{t}(S,K,d,t,s).$$

Following the opening of the commitment and penalty operations: the central server opens the commitment and transfers the corresponding tokens from its account to each client’s account. If the central server has not opened the commitment before the specified time, each client can claim the penalty from the central server. This step can be represented as:

(25) $$\mathrm{T}\mathrm{x}\mathrm{O}\mathrm{p}\mathrm{e}\mathrm{n}=\mathrm{K}\mathrm{S}.\mathrm{O}\mathrm{p}\mathrm{e}\mathrm{n}(S,K,d,t,s).$$

If the central server fails to make the payment as per the commitment, each client can execute the penalty operation and claim the penalty from the central server. This step can be represented as:

(26) $$\mathrm{T}\mathrm{x}\mathrm{F}\mathrm{i}\mathrm{n}\mathrm{e}=\mathrm{K}\mathrm{S}.\mathrm{F}\mathrm{i}\mathrm{n}\mathrm{e}(S,K,d,t,s).$$

The payment processing phase involves complex calculations and multi-step interactions to ensure fair and secure reward distribution. In the commitment phase, opening phase, and penalty phase, three transactions $\mathrm{T}\mathrm{x}\mathrm{C}\mathrm{o}\mathrm{m}\mathrm{m}\mathrm{i}\mathrm{t}$, $\mathrm{T}\mathrm{x}\mathrm{O}\mathrm{p}\mathrm{e}\mathrm{n}$, and $\mathrm{T}\mathrm{x}\mathrm{F}\mathrm{i}\mathrm{n}\mathrm{e}$ are involved. These transactions ensure the traceability and security of the entire payment process. Figure 2 illustrates the federated learning payment processing based on Bitcoin’s timing commitments, where the script’s omitted parameters are represented by $\mathrm{\perp }$ and H is used to verify the hash function.

Cross-domain client node trustworthiness update process

Cross-domain federated learning not only requires highly efficient training and aggregation mechanisms but also the management of the trustworthiness of client nodes to ensure the normal operation of the entire system. This section mainly introduces how to update and protect the trustworthiness of each client node through secure sharing technology to avoid potential fraud or malicious behavior.

Security analysis

Due to the involvement of cross-domain trustworthiness calculation and sharing in this solution, attackers might manipulate the trustworthiness weight, resulting in unfair calculation distribution or rewards. Therefore, assuming attackers attempt to use linear combinations to recover the complete trustworthiness, the linear combination attack model is a common attack method. It exploits the characteristics of trustworthiness distribution, trying to recover the complete trustworthiness $R_{m,k}$ through linear combinations. Specifically, attackers might obtain some trustworthiness fragments $R_{m,k,i}$ and some weights $w_i$, and recover the complete trustworthiness through the following formula:

(34) $$R_{m,k}^{\mathrm{\prime }}=\sum _{i=1}^t{w}_i\cdot R_{m,k,i}$$where $R_{m,k}^{\mathrm{\prime }}$ is the trustworthiness that attackers attempt to recover, $w_i$ is the weight used by attackers, and $t<k_m$ is the number of fragments obtained by attackers. Trustworthiness distribution is a method of dividing user trustworthiness $R_{m,k}$ into $k_m$ fragments, ensuring each fragment contains part of the trustworthiness information but not enough to recover the complete trustworthiness. Trustworthiness distribution can be represented by the following formula:

(35) $$R_{m,k}=\sum _{i=1}^{k_m}{R}_{m,k,i}.$$

Therefore, the relationship between the real trustworthiness $R_{m,k}$ and the linear combination $R_{m,k}^{\mathrm{\prime }}$ attempted by attackers can be represented as a linear system of equations:

(36) $$\begin{array}{rl}{R}_{m,k}& =\sum _{i=1}^t{w}_i\cdot R_{m,k,i}\\ & =\sum _{i=1}^{k_m}{a}_i\cdot x_i=0\end{array}$$

(37) $$\begin{array}{c}{R}_{m,k}=\sum _{i=1}^t{w}_i\cdot R_{m,k,i}=\sum _{i=1}^{K_m}{R}_{m,k,i}\hfill \\ \Rightarrow \sum _{i=1}^t{w}_i\cdot R_{m,k,i}-\sum _{i=1}^{K_m}{R}_{m,k,i}=0\hfill \\ \Rightarrow \sum _{i=1}^n{a}_i\cdot x_i=0.\hfill \end{array}.$$

In the representation of the linear system of equations, $a_i$ and $x_i$ are the coefficients and unknowns of the system of equations, respectively. Therefore, the system of equations can be written in matrix form as:

(38) $$Ax=b\Rightarrow A=\left[\begin{array}{cccc}{a}_{11}& a_{12}& \cdots & a_{1n}\\ a_{21}& a_{22}& \cdots & a_{2n}\\ ⋮& ⋮& \ddots & ⋮\\ a_{m1}& a_{m2}& \cdots & a_{mn}\end{array}\right],x=\left[\begin{array}{c}{x}_1\\ x_2\\ ⋮\\ x_n\end{array}\right],b=\left[\begin{array}{c}0\\ 0\\ ⋮\\ 0\end{array}\right].$$

Since the system of equations has only one solution, the ranks of its coefficient matrix A and the augmented matrix $B=[Ab]$ are both 1, i.e., $R(A)=R(B)=1$. Furthermore, since $t<K_{m<n}$, it can be inferred that $n>1$, meaning the number of unknowns in the system of equations is greater than the rank of the system. According to the theorem on the number of solutions for a system of linear equations, when the number of unknowns in the system is greater than the rank of the system, the system has infinitely many solutions. This means that the attacker cannot uniquely determine the complete confidence value $R_{m,k}$ through the system of linear equations, but can only obtain infinitely many possible values.

Therefore, it can be proved that even if an attacker has access to some reputation fragments and weights, the complete reputation cannot be recovered, confirming the security and robustness of the scheme.

Convergence analysis

This scheme mainly focuses on the convergence of the objective function value, that is, whether the loss function of the global model can be minimized. We define an objective function $L(w)$, where $w$ is the parameter of the global model. In each iteration, we hope to optimize the local objectives of each client to continuously reduce the global objective function value $L(w)$.

Assuming the model in the scheme is a simple linear regression model, its objective function can be expressed as:

(39) $$L(w)=\frac{1}{2n}\sum _{i=1}^n{(y_i-w{x}_i)}^2$$where $n$ is the number of samples, $x_i,y_i$ are the feature value and target value of the $i$-th sample, respectively, and $w$ is the model parameter. This is a convex function because it is a quadratic function of $w$. We optimize this objective function using gradient descent. The update rule for gradient descent is:

(40) $$w^{(t+1)}=w^{(t)}-\eta \mathrm{\nabla }L(w^{(t)}).$$

Here, $\eta$ is the learning rate, $\mathrm{\nabla }L(w^{(t)})$ is the gradient of the objective function at $w^{(t)}$, and $t$ is the iteration number. For the linear regression model, its gradient can be calculated as:

(41) $$\mathrm{\nabla }L(w)=\frac{2}{n}\sum _{i=1}^n(y_i-w{x}_i)(-x_i)$$

Therefore, the update rule for gradient descent can be written as:

(42) $$w^{(t+1)}=w^{(t)}-\eta \frac{2}{n}\sum _{i=1}^n(y_i-w^{(t)}{x}_i)x_i.$$

According to this update rule, we know that if the learning rate $\eta$ is sufficiently small, $w$ will move in the direction that reduces the objective function $L(w)$ in each iteration. Therefore, as the number of iterations increases, the loss function value $L(w)$ of the global model will gradually decrease and eventually converge to a fixed value. This value is the minimum of the loss function, which is the optimal solution of the model. Hence, the federated learning scheme proposed in this article is convergent.

Experimental environment

The experimental environment is configured on a GPU server running the Ubuntu 20.04 operating system. The hardware includes 2 NVIDIA TITAN RTX GPUs (24GB RAM), to meet the high computational demands. The machine learning part uses Python 3.8 and the TensorFlow 2.x framework to achieve precise training of deep learning models. The blockchain component is supported by Ethereum 2.0, comprising six independent organizations, each with three peer nodes, distributed geographically to better simulate the real network environment. Smart contracts are written in Solidity and deployed at key points in each organization.

In the federated learning experiment, each GPU is responsible for training a local model, and synchronization across the entire federation is achieved through pre-designed smart contracts. Additionally, the experimental environment integrates advanced cryptographic techniques, such as zero-knowledge proofs, to ensure data privacy and security while allowing cross-organization collaborative training. Overall, this experimental environment is meticulously constructed to simulate the distributed system environment of the real world.

Experimental results

The first experiment in this research aims to evaluate the sensitivity of the proposed secure federated learning scheme across different domains. This scheme trains models on multiple distributed devices or servers and aggregates the locally computed updates into a global model, thus achieving federated model training. The experiment covers three extensively used datasets: MNIST handwritten digit recognition dataset (http://yann.lecun.com/exdb/mnist/), CIFAR-10 color image dataset (https://www.cs.toronto.edu/~kriz/cifar.html), and Fashion-MNIST clothing classification dataset (https://github.com/zalandoresearch/fashion-mnist). To understand the performance of federated learning under different client quantities, the experiments were conducted with 10, 20, 50, and 100 clients. Each dataset used a specific convolutional neural network (CNN) structure to handle image classification tasks and underwent 20 rounds of training. All experiments used stochastic gradient descent (SGD) as the optimizer, and the learning rate was set to 0.01.

The experimental results show the performance across three datasets. In the MNIST dataset (Fig. 3), the average test accuracy reaches 99%, but increasing the number of clients does not significantly improve accuracy. It is important to note that the 99% accuracy represents the average across all clients and does not indicate that all clients achieved the same accuracy. Some clients approach 99%, while others perform worse, indicating variability in client performance. The model does not show signs of overfitting, as the accuracy stabilizes after several rounds, but further analysis of individual clients may reveal additional insights.

For the CIFAR-10 dataset (Fig. 4), increasing the number of clients helps improve accuracy, with performance steadily increasing over training rounds, indicating better convergence and generalization with more clients. In contrast, for the Fashion-MNIST dataset (Fig. 5), although training rounds improve accuracy, the number of clients has little effect on the model’s performance, likely because the model reaches saturation after a few rounds. Additionally, regarding the 0-round training accuracy shown in Fig. 5, typically, this represents the model’s performance before any training has taken place. In this experiment, the 0-round accuracy might reflect the performance of a randomly initialized or pre-trained model. The experimental setup will be clarified to ensure transparency.

The second experiment explores the non-independent and identically distributed (non-IID) settings in federated learning and evaluates them on the MNIST dataset. This experiment investigates the impact of different client quantities and training rounds on model performance, with a particular focus on the effect of the number of parameters downloaded by each client from other clients per round. The experiment sets two non-IID scenarios: “pathological non-IID” and “realistic non-IID”, corresponding to extreme imbalance and slight imbalance in data distribution among clients. The model allows each client to download 1, 3, 5, or 10 other clients’ model parameters per round and averages them as the initial parameters of its local model. This is equivalent to randomly selecting some clients’ model updates in each training round, which can reduce communication overhead and synchronization delay while increasing model diversity and robustness. The experimental results are shown in Fig. 6.

The experimental results reflect the complex interaction effects of the number of clients, training rounds, and the number of model parameters exchanged on the performance of federated learning models under non-IID settings. With the increase in training rounds and the number of parameters exchanged, the model’s performance demonstrates gradual improvement. This could be attributed to the similarity between individual client’s local data distribution and the global data distribution, allowing the model to learn useful information from the parameters of other clients. This experiment demonstrates the importance of collaboration and communication between different clients in a model, emphasizing the core role of data diversity and model parameter exchange in improving the performance of federated learning systems.

The third experiment further explores the specific impact of the variation in the number of clients and potential attack behaviors on the overall model performance in federated learning scenarios. This experiment focuses on the differences in training results with different client quantities and simulates the scenario where a specific client is attacked. By selecting three different client quantities (10, 20, 50), the experiment reveals the complex impact mechanism of client quantity on training results. At the same time, the experiment also simulates the situation of an attack, where the target data of one client is maliciously tampered with, to observe the training performance under this specific condition.

As shown in Fig. 7, under the condition where an attacker exists and modifies data, the model shows some performance differences among different client quantities. However, these differences are not significant, indicating that the number of clients does not significantly impact the model’s robustness against attacks. The experiment demonstrates that although an attacker may attempt to disrupt the learning process by tampering with data, the model’s performance remains relatively stable.

The main objective of the fourth experiment is to study the role of reputation management in cross-domain federated learning, analyzing its impact on model performance by comparing the scenarios of enabling and disabling reputation management. This experiment involves 20 rounds of training, where each client creates and trains a local model, updating its parameters to the global model, and evaluates the accuracy on the test set after each round of training.

As shown in Fig. 8, the model’s accuracy is higher when users use reputation management compared to when they do not use reputation management. This indicates that reputation management can improve the accuracy and robustness of federated learning. This experiment highlights the importance of reputation management in federated learning, as giving greater weight to clients with higher reputation can enhance the model’s performance and resilience.

The last experiment delves into the impact of different reputation calculation and update methods in cross-domain federated learning environments, focusing on four main approaches based on data quality, computational ability, historical behavior, and optimization problems. By setting up three different domains, each containing 10 clients, and using the MNIST dataset and CNN models for training, the experiment comprehensively analyzes the performance and fairness of different methods in terms of test accuracy, convergence speed, trust difference, and reward difference, which are the four core indicators for evaluation.

From the experimental results in Fig. 9 and Table 2, it can be seen that the method based on optimization problems exhibits high performance and fairness. This method efficiently balances global and local objectives, not only improving the quality and efficiency of the model but also reasonably distributing reputation and rewards, indicating that reputation management is an important mechanism that can enhance the performance and fairness of cross-domain federated learning.

To validate the proposed secure cross-domain federated learning scheme, this study compares it with existing blockchain-based federated learning frameworks (Hyperledger and Ethereum). The experiments were conducted on the same MNIST dataset with client numbers of 10, 20, and 50, focusing on evaluating model accuracy, convergence speed, and robustness against attacks.

As shown in Fig. 10, under no-attack conditions, the proposed scheme consistently demonstrates higher accuracy across all client configurations, particularly achieving 99.5% accuracy in the 50-client configuration, which is significantly better than Hyperledger and Ethereum frameworks. The proposed scheme also shows faster convergence, reaching near-final accuracy within the first five rounds, while other frameworks require more rounds to achieve similar results.

As shown in Fig. 11, under attack conditions, the proposed scheme exhibits exceptional robustness. When faced with data poisoning and model poisoning attacks, the accuracy of Hyperledger and Ethereum frameworks drops significantly, with Ethereum being more severely affected. In contrast, the proposed scheme maintains relatively high accuracy, demonstrating its security and robustness against attacks.

In conclusion, the proposed scheme outperforms Hyperledger and Ethereum frameworks in terms of model accuracy, convergence speed, and robustness against attacks. Particularly in large-scale client scenarios and under attacks, the proposed scheme maintains high accuracy and stable convergence speed, showcasing its substantial potential in data privacy protection and cross-domain collaboration.

Cross-domain federated learning algorithm comparison

This section mainly compares different federated learning algorithms, such as Federated Averaging, FedProx, and Stochastic Controlled Averaging for Federated Learning (SCAFFOLD), in terms of their performance and stability on different datasets. The experiment is designed with two main datasets, MNIST and FEMNIST, evaluated based on four key indicators: test accuracy, convergence speed, variance, and bias. The specific experimental results are shown in Table 3.

From the data in Table 3, it can be seen that compared with the other three algorithms, the native algorithm has higher test accuracy and faster convergence speed, while also showing outstanding stability with low variance and bias. Additionally, the SCAFFOLD algorithm also demonstrates robustness in dealing with system and data heterogeneity. Overall, the experimental results reveal the potential suitability and relative advantages of the native algorithm in federated learning environments.

The follow experiment aims to evaluate the impact of key components—zero-knowledge proofs (ZKP), the reputation system, and blockchain-based payment—on the performance of the secure cross-domain federated learning scheme. We conducted an ablation study by removing one component at a time to understand how each affects the model’s validation accuracy across different training epochs using the MNIST dataset.

The results shown in Fig. 12 demonstrate that the full model (with all components) achieves the highest validation accuracy, highlighting the combined benefits of ZKP, the reputation system, and blockchain payment. Removing ZKP results in a slight drop in accuracy, indicating its role in maintaining secure model updates. Omitting the reputation system causes slower convergence, underscoring its importance in enhancing the reliability of client contributions. The most significant decline occurs when blockchain-based payment is removed, suggesting that the incentive mechanism is crucial for motivating consistent and honest participation. These findings emphasize the importance of all three components in ensuring optimal federated learning performance.

The purpose of this experiment is to compare the performance of our proposed federated learning scheme with two recent blockchain-based federated learning models, Hyperledger-based federated learning (HL-FL) and Ethereum-based federated learning (Eth-FL). The comparison is carried out using the MNIST dataset to evaluate the models in terms of their test accuracy, convergence speed, computational overhead, and robustness. This comparison will validate the novelty and effectiveness of our proposed scheme.

The results shown in Fig. 13 demonstrate that our proposed scheme outperforms both Hyperledger-based and Ethereum-based federated learning models in terms of validation accuracy. The proposed scheme consistently achieves higher accuracy and demonstrates faster convergence, particularly evident in the early epochs of training. Both Hyperledger and Ethereum-based models show slower improvements and slightly lower final accuracy. This indicates that the proposed scheme offers superior efficiency and robustness, making it a promising approach for blockchain-based federated learning.

Blockchain scalability analysis

The purpose of this experiment is to provide a quantitative analysis of the gas costs, transaction latency, and computational overhead introduced by blockchain smart contracts in federated learning. The experiment evaluates the scalability of the blockchain by measuring these metrics under varying client numbers (10, 20, 50, and 100 clients). The analysis helps to understand the impact of increasing client counts on blockchain operations and the associated costs, which is critical for assessing the practicality of using blockchain in federated learning systems.

Experiment Results Analysis: The results show that as the number of clients increases, both the gas costs and transaction latency grow significantly. As shown in Table 4, this increase reflects the added computational burden and the time required for executing blockchain transactions with more clients. The computational overhead also increases as more clients participate, which highlights the scalability challenges of blockchain-based federated learning systems. These findings suggest that while blockchain enhances privacy and security, it introduces significant overheads that need to be carefully managed, especially in large-scale deployments.

Sensitivity analysis of trustworthiness model and security validation

To evaluate the robustness of the trustworthiness model and the system’s resistance to adversarial attacks, we conducted a series of experiments. We varied the cross-domain trust weights and simulated multiple attack scenarios (including malicious clients, Sybil attacks, and delay attacks) to assess their impact on model performance. The results of these experiments are shown in Table 5.