In planetary-scale replication systems, the overall response delay is greatly influenced by the geographical distances between client and server nodes. Current systems define the replica locations statically during startup time. However, the selected locations might be suboptimal for the clients, and the client request origin distribution may change over time, so a different replica placement may provide lower overall request latencies. In this work, we propose a locationaware replicated state machine that is able to adapt the geographic location of its replicas dynamically during runtime to locations geographically closer to client request origins. Our prototype is able to observe emerging optimization potentials and to reduce the overall request latency for the majority of clients by adapting its replica locations to the time-dependent optimum placement during real-world use case evaluations, whereby the absolute performance gain is dependent on the respective usage scenario.

State-machine replication (SMR) is a well-known technique to achieve fault tolerance for services that require high availability and fast recovery times. While the concept of SMR has been extensively investigated, there are still missing building blocks to provide a generic offer, which automatically serves applications with SMR technology in the cloud. In this work, we introduce a cloud service architecture that enables automatic deployment of service applications based on customer-friendly service parameters, which are mapped onto an internal configuration that comprises the number of replicas, tolerable failures, and the consensus algorithm, amongst other aspects. The deployed service configuration is masked to large extent with the use of threshold signatures. As a consequence, a reconfiguration in the cloud deployment does not affect the client-side code. We conclude the paper by discussing open engineering questions that need to be addressed in order to provide a productive cloud offer.

Byzantine fault tolerance (BFT) can preserve the availability and integrity of IoT systems where single components may suffer from random data corruption or attacks that can expose them to malicious behavior. While state-of-the-art BFT state-machine replication (SMR) libraries are often tailored to fit a standard request-response interaction model with dedicated client-server roles, in our design, we employ an IoT-fit interaction model that assumes a loosly-coupled, event-driven interaction between arbitrarily wired IoT components.In this paper, we explore the possibility of automating and streamlining the complete process of integrating BFT SMR into a component-based IoT execution environment. Our main goal is providing simplicity for the developer: We strive to decouple the specification of a logical application architecture from the difficulty of incorporating BFT replication mechanisms into it. Thus, our contributions address the automated configuration, rewiring and deployment of IoT components, and their replicas, within a component-based, event-driven IoT platform.

Byzantine fault tolerance (BFT) can preserve the availability and integrity of IoT systems where single components may suffer from random data corruption or attacks that can expose them to malicious behavior. While state-of-the-art BFT state-machine replication (SMR) libraries are often tailored to fit a standard request-response interaction model with dedicated client-server roles, in our design, we employ an IoT-fit interaction model that assumes a loosly-coupled, event-driven interaction between arbitrarily wired IoT components. In this paper, we explore the possibility of automating and streamlining the complete process of integrating BFT SMR into a component-based IoT execution environment. Our main goal is providing simplicity for the developer: We strive to decouple the specification of a logical application architecture from the difficulty of incorporating BFT replication mechanisms into it. Thus, our contributions address the automated configuration, re-wiring and deployment of IoT components, and their replicas, within a component-based, event-driven IoT platform.

Internet-of-Things (IoT) ecosystems tend to grow both in scale and complexity, as they consist of a variety of heterogeneous devices that span over multiple architectural IoT layers (e.g., cloud, edge, sensors). Further, IoT systems increasingly demand the resilient operability of services, as they become part of critical infrastructures. This leads to a broad variety of research works that aim to increase the resilience of these systems. In this article, we create a systematization of knowledge about existing scientific efforts of making IoT systems resilient. In particular, we first discuss the taxonomy and classification of resilience and resilience mechanisms and subsequently survey state-of-the-art resilience mechanisms that have been proposed by research work and are applicable to IoT. As part of the survey, we also discuss questions that focus on the practical aspects of resilience, e.g., which constraints resilience mechanisms impose on developers when designing resilient systems by incorporating a specific mechanism into IoT systems.

To our knowledge, there is no published study investigating the characteristics of people experiencing tinnitus in Albania. Such a study would be important, providing the basis for further research in this region and contributing to a wider understanding of tinnitus heterogeneity across different geographic locations. The main objective of this study was to develop an Albanian translation of a standardised questionnaire for tinnitus research, namely the European School for Interdisciplinary Tinnitus Research-Screening Questionnaire (ESIT-SQ). A secondary objective was to assess its applicability and usefulness by conducting an exploratory survey on a small sample of the Albanian tinnitus population.Design and study sample Three translators were recruited to create the Albanian ESIT-SQ translation following good practice guidelines. Using this questionnaire, data from 107 patients attending otolaryngology clinics in Albania were collected.Results Participants reporting various degrees of tinnitus symptom severity had distinct phenotypic characteristics. Application of a random forest approach on this preliminary dataset showed that self-reported hearing difficulty, and tinnitus duration, pitch and temporal manifestation were important variables for predicting tinnitus symptom severity.Conclusions Our study provided an Albanian translation of the ESIT-SQ and demonstrated that it is a useful tool for tinnitus profiling and subgrouping.

Privacy concerns are widely discussed in research and society in general. For the public infrastructure of financial blockchains, this discussion encompasses the privacy of the originator of a transaction broadcasted on the underlying peer-to-peer network. Adaptive diffusion is an approach to expose an alternative source of a message to attackers. However, this approach assumes an unsuitable attacker model and a non-realistic network model for current peer-to-peer networks on the Internet. We transform adaptive diffusion into a new statistical privacy-preserving broadcast protocol for realistic current networks. We model a class of unstructured peer-to-peer networks as organically growing graphs and provide models for other classes of such networks. We show that the distribution of shortest paths can be modelled using a normal distribution N ( μ , σ 2 ). We determine statistical estimators for μ, σ via multivariate models. The model behaves logarithmic over the number of nodes n and proportional to an inverse exponential over the number of added edges per node k. These results facilitate the computation of optimal forwarding probabilities during the dissemination phase for maximum privacy, with participants having only limited information about network topology.

Data streaming platforms connect heterogeneous services through the publish-subscribe paradigm. Currently available platforms provide protection against crash faults, but are not resistant against Byzantine faults like arbitrary hardware faults and intrusions. State machine replication can provide this protection, but the higher resource requirements and the more elaborated communication primitives usually result in a higher overall complexity and a non-negligible performance degradation. This is especially true for data streaming if the default textbook approach of integrating the service into a replicated state machine is followed without further adaptions. The standard state management with state logs and snapshots and without any partitioning scheme limits both performance and scalability in a way those systems become unusable in practice. That is why we propose SmartStream, a topic-based Byzantine fault-tolerant data streaming platform that harmonizes the competing concepts of both systems and leverages the specific characteristics of data streaming, namely the append-only semantics of the application state and its partitionable structure. We show its effectiveness in a prototype implementation and evaluate its performance. The evaluation results show a moderate drop in system throughput when compared to state-of-the-art data streaming platforms like Apache Kafka, but reasonable overall performance considering the stronger resilience guarantees.

Dining-cryptographers networks (DCN) can achieve information-theoretical privacy. Unfortunately, they are not well suited for peer-to-peer networks as they are used in blockchain applications to disseminate transactions and blocks among par- ticipants. In previous but preliminary work, we proposed a three- phase approach with an initial phase based on a DCN with a group size of k while later phases take care of the actual broadcast within a peer-to-peer network. This paper describes our DCN protocol in detail and adds a performance evaluation powered by our proof-of-concept implementation. Our contributions are (i) an extension of the DCN protocol by von Ahn for fair delivery of arbitrarily long messages sent by potentially multiple senders, (ii) a privacy and security analysis of this extension, (iii) various performance optimisation especially for best-case operation, and (iv) a performance evaluation. The latter uses a latency of 100 ms and a bandwidth limit of 50 Mbit s−1 between participants. The interquartile range of the largest test of the highly secured version took 35s ± 1.25s for a full run. All tests of the optimized common-case mode show the dissemination of a message within 0.5s ± 0.1s. These results compare favourably to previously established protocols for k-anonymous transmission of fixed size messages, outperforming the original protocol for messages as small as 2 KiB.

Concerns for the privacy of communication is widely discussed in research and overall society. For the public financial infrastructure of blockchains, this discussion encompasses the privacy of transaction data and its broadcasting throughout the network. To tackle this problem, we transform a discrete-time protocol for contact networks over infinite trees into a computer network protocol for peer-to-peer networks. Peer-to-peer networks are modeled as organically growing graphs. We show that the distribution of shortest paths in such a network can be modeled using a normal distribution (μ,σ2). We determine statistical estimators for μ,σ via multivariate models. The model behaves logarithmic over the number of nodes n and proportional to an inverse exponential over the number of added edges k. These results facilitate the computation of optimal forwarding probabilities during the dissemination phase for optimal privacy in a limited information environment.

We introduce a combination of Shamir's secret sharing and dining-cryptographers networks, which provides (n-|attackers|))-anonymity for up to k-1 attackers and has manageable performance impact on dissemination. A k-anonymous broadcast can be implemented using a small group of dining cryptographers to first share the message, followed by a flooding phase started by group members. Members have little incentive to forward the message in a timely manner, as forwarding incurs costs, or they may even profit from keeping the message. In worst case, this leaves the true originator as the only sender, rendering the dining-cryptographers phase useless and compromising their privacy. We present a novel approach using a modified dining-cryptographers protocol to distributed shares of an (n, k)-Shamir's secret sharing scheme. All group members broadcast their received share through the network, allowing any recipient of k shares to reconstruct the message, enforcing anonymity. If less than k group members broadcast their shares, the message cannot be decoded thus preventing privacy breaches for the originator. We demonstrate the privacy and performance results in a security analysis and performance evaluation based on a proof-of-concept prototype. Throughput rates between 10 and 100 kB/s are enough for many real applications with high privacy requirements, e.g., financial blockchain system.

A k-anonymous broadcast can be implemented using a small group of dining cryptographers to first share the message, followed by a flooding phase started by group members. Members have little incentive to forward the message in a timely manner, as forwarding incurs costs, or they may even profit from keeping the message. In worst case, this leaves the true originator as the only sender, rendering the dining-cryptographers phase useless and compromising their privacy. We present a novel approach using a modified dining-cryptographers protocol to distributed shares of an (n,k)-Shamir's secret sharing scheme. Finally, all group members broadcast their received share through the network, allowing any recipient of k shares to reconstruct the message, enforcing anonymity. If less than k group members broadcast their shares, the message cannot be decoded thus preventing privacy breaches for the originator. Our system provides (n-|attackers|)-anonymity for up to k-1 attackers and has little performance impact on dissemination. We show these results in a security analysis and performance evaluation based on a proof-of-concept prototype. Throughput rates between 10 and 100 kB/s are enough for many real applications with high privacy requirements, e.g., financial blockchain system.

Graceful degradation is an established concept to improve the resilience of systems, especially when other resilience mechanisms have failed. Its implementation is often heavily tied to the application code and, thus, cumbersome and error prone. As IoT systems get not only ubiquitous but also critical, reliable graceful degradation would be ideal. In this paper, we present the Morpheus framework that provides a TypeScript-internal DSL to enable a systematic development of degradable IoT systems. The design of the framework is based on the concept of separation of concerns by providing distinct yet linked languages to specify hierarchical components and their connections; the components’ operating modes and transfer functions between them; as well as state machines for the specification of the components’ behaviour in each operating mode. The operating modes for each component serve as degradation levels. Automatic degradation of a component is triggered in case of failures of connected components. With recovery from underlying failures, the component is automatically upgraded back to a higher level. We illustrate our framework using a simplified prototype of an entrance barrier of a parking garage

Over the last years, demand for file hosting has sky-rocketed due to cost reductions and availability of services. However, centralized providers have a negative impact on the privacy of their users, since they are able to read and collect various data about their users and even link it to their identity via their payments. On the other hand, decentralized storage solutions like GNUnet suffer from a lack of participation by providers, since there is no feasible business model. We propose PriCloud, a decentralized storage system which allows users to pay their storage providers without sacrificing their privacy by employing anonymous storage smart contracts and private payments on a blockchain. We are able to provide privacy to the users and storage providers, and unlinkability between users and files. Our system offers decentralized file storage including strong privacy guarantees and built-in remuneration for storage providers.

ntroduction: Tinnitus, a perception of ringing and buzzing sound in the ear, has not been completely understood yet. It is well known that tinnitus-related distress and loudness can change over time. However, proper comparability for the data collection approaches requires further focused studies. In this context, technology such as the use of mobile devices may be a promising approach. Repeated assessments of tinnitus-related distress and loudness in Ecological Momentary Assessment (EMA) studies require a short assessment, and a Visual Analogic Scale (VAS) is often used in this context. Yet, their comparability with psychometric questionnaires remains unclear and thus was the focus of this study. Research goals: The evaluation of the appropriateness of VAS in measuring tinnitus-related distress and loudness is pursued in this paper. Methods: The Mini Tinnitus Questionnaire (Mini-TQ) measured tinnitus-related distress once. Tinnitus-related distress and tinnitus loudness were measured repeatedly using VAS on a daily basis during 7 days in the TrackYourTinnitus (TYT) smartphone app and were summarized per day using mean and median results. Then, correlations between summarized VAS tinnitus-related distress and summarized VAS tinnitus loudness, on the one side, and Mini-TQ, on the other side, were calculated. Results: Correlations between Mini-TQ and VAS tinnitus-related distress ranged between r = 0.36 and r = 0.52, while correlations between Mini-TQ and VAS tinnitus loudness ranged between r = 0.25 and r = 0.36. The more time difference between the Mini-TQ and the VAS assessments is, the lower the correlations between them. Mean and median VAS values per day resulted in similar correlations. Conclusions: Mobile-based VAS seems to be an appropriate approach to utilize daily measurements of tinnitus-related distress.

Internet-of-Things (IoT) ecosystems tend to grow both in scale and complexity as they consist of a variety of heterogeneous devices, which span over multiple architectural IoT layers (e.g., cloud, edge, sensors). Further, IoT systems increasingly demand the resilient operability of services as they become part of critical infrastructures. This leads to a broad variety of research works that aim to increase the resilience of these systems. In this paper, we create a systematization of knowledge about existing scientific efforts of making IoT systems resilient. In particular, we first discuss the taxonomy and classification of resilience and resilience mechanisms and subsequently survey state-of-the-art resilience mechanisms that have been proposed by research work and are applicable to IoT. As part of the survey, we also discuss questions that focus on the practical aspects of resilience, e.g., which constraints resilience mechanisms impose on developers when designing resilient systems by incorporating a specific mechanism into IoT systems.

The cryptocurrency system Bitcoin uses a peer-to-peer network to distribute new transactions to all participants. For risk estimation and usability aspects of Bitcoin applications, it is necessary to know the time required to disseminate a transaction within the network. Unfortunately, this time is not immediately obvious and hard to acquire. Measuring the dissemination latency requires many connections into the Bitcoin network, wasting network resources. Some third parties operate that way and publish large scale measurements. Relying on these measurements introduces a dependency and requires additional trust. This work describes how to unobtrusively acquire reliable estimates of the dissemination latencies for transactions without involving a third party. The dissemination latency is modelled with a lognormal distribution, and we estimate their parameters using a Bayesian model that can be updated dynamically. Our approach provides reliable estimates even when using only eight connections, the minimum connection number used by the default Bitcoin client. We provide an implementation of our approach as well as datasets for modelling and evaluation. Our approach, while slightly underestimating the latency distribution, is largely congruent with observed dissemination latencies.

Background: Modern smartphones contain sophisticated high-end hardware features, offering high computational capabilities at extremely manageable costs and have undoubtedly become an integral part in users' daily life. Additionally, smartphones offer a well-established ecosystem that is easily discoverable and accessible via the marketplaces of differing mobile platforms, thus encouraging the development of many smartphone apps. Such apps are not exclusively used for entertainment purposes but are also commonplace in health care and medical use. A variety of those health and medical apps exist within the context of tinnitus, a phantom sound perception in the absence of any physical external source. Objective: In this paper, we shed light on existing smartphone apps addressing tinnitus by providing an up-to-date overview. Methods: Based on PRISMA guidelines, we systematically searched and identified existing smartphone apps on the most prominent app markets, namely Google Play Store and Apple App Store. In addition, we applied the Mobile App Rating Scale (MARS) to evaluate and assess the apps in terms of their general quality and in-depth user experience. Results: Our systematic search and screening of smartphone apps yielded a total of 34 apps (34 Android apps, 26 iOS apps). The mean MARS scores (out of 5) ranged between 2.65-4.60. The Tinnitus Peace smartphone app had the lowest score (mean 2.65, SD 0.20), and Sanvello—Stress and Anxiety Help had the highest MARS score (mean 4.60, SD 0.10). The interrater agreement was substantial (Fleiss κ=0.74), the internal consistency was excellent (Cronbach α=.95), and the interrater reliability was found to be both high and excellent—Guttman λ6=0.94 and intraclass correlation, ICC(2,k) 0.94 (95% CI 0.91-0.97), respectively. Conclusions: This work demonstrated that there exists a plethora of smartphone apps for tinnitus. All of the apps received MARS scores higher than 2, suggesting that they all have some technical functional value. However, nearly all identified apps were lacking in terms of scientific evidence, suggesting the need for stringent clinical validation of smartphone apps in future. To the best of our knowledge, this work is the first to systematically identify and evaluate smartphone apps within the context of tinnitus.

Recent developments in Brain-Computer Interfaces (BCI)—technologies to collect brain imaging data—allow recording of Electroencephalography (EEG) data outside of a laboratory setting by means of mobile EEG systems. Brain imaging has been pivotal in understanding the neurobiological correlates of human behavior in many complex disorders. This is also the case for tinnitus, a disorder that causes phantom noise sensations in the ears in absence of any sound source. As studies have shown that tinnitus is also influenced by complexities in non-auditory brain areas, mobile EEG can be a viable solution in better understanding the influencing factors causing tinnitus. Mobile EEG will become even more useful, if real-time EEG analysis in mobile experimental environments is enabled, e.g., as an immediate feedback to physicians and patients or in undeveloped areas where a laboratory setup is unfeasible. The volume and complexity of brain imaging data have made preprocessing a pertinent step in the process of analysis, e.g., for data cleaning and artifact removal. We introduce the first smartphone-based preprocessing pipeline for real-time EEG analysis. More specifically, we present a mobile app with a rudimentary EEG preprocessing pipeline and evaluate the app and its resource consumption underpinning the feasibility of smartphones for EEG preprocessing. Our proposed approach will allow researchers to collect brain imaging data of tinnitus and other patients in real-world environments and everyday situations, thereby collecting evidence for previously unknown facts about tinnitus and other conditions.

Tinnitus is a disorder or symptom that causes phantom noise sensation in the ears without presence of any external sound source. Tinnitus is understood as a problem caused by underlying damage in the inner-ear. However, recent studies have shown that tinnitus is also influenced by complexities in non-auditory brain areas. Among different brain-imaging techniques, mobile Electroencephalography (EEG) can be a viable solution in better understanding the influencing factors in the brain causing tinnitus, but real-time analysis of EEG in real-world environments is faced by unique challenges and limitations. We present the first pure smartphone-based solution to acquire and analyze EEG data in real time and in everyday settings, as well as in any other scenario which does not allow large setups. More specifically, we propose TinnituSense a smartphone app for EEG recordings and visualization, and evaluate this app to claim the feasibility of our approach. On one hand, the proposed approach will open the opportunities to perform brain-imaging in real-world environment. On the other hand, the developed app will allow tinnitus researchers to collect evidence for new facts regarding tinnitus with the help of ambulatory brain-imaging data.

martphones containing sophisticated high-end hardware and offering high computational capabilities at extremely manageable costs have become mainstream and an integral part of users’ lives. Widespread adoption of smartphone devices has encouraged the development of many smartphone applications, resulting in a well-established ecosystem, which is easily discoverable and accessible via respective marketplaces of differing mobile platforms. These smartphone applications are no longer exclusively limited to entertainment purposes but are increasingly established in the scientific and medical field. In the context of tinnitus, the ringing in the ear, these smartphone apps range from relief, management, self-help, all the way to interfacing external sensors to better understand the phenomenon. In this paper, we aim to bring forth the smartphone applications in and around tinnitus. Based on the PRISMA guidelines, we systematically analyze and investigate the current state of smartphone apps, that are directly applied in the context of tinnitus. In particular, we explore Google Scholar, CiteSeerX, Microsoft Academics, Semantic Scholar for the identification of scientific contributions. Additionally, we search and explore Google’s Play and Apple’s App Stores to identify relevant smartphone apps and their respective properties. This review work gives (1) an up-to-date overview of existing apps, and (2) lists and discusses scientific literature pertaining to the smartphone apps used within the context of tinnitus.

State-machine replication (SMR) is a well-known approach for fault-tolerant services demanding fast recovery. It is not easy, however, to parallelise SMR in order to exploit modern multicore architectures. Two main approaches have been extensively studied; one focusing on request-level concurrency using prior knowledge, the other utilising application-agnostic and lock-level deterministic scheduling. We show that significant performance improvements for the latter approach require deterministic scheduler configurations to be dynamically adapted to the current application load during runtime. First, we summarise current research on parallel SMR execution. Second, an analysis of obstacles in lock-level deterministic multithreading approaches shows how static scheduler configurations can lead to poor performance when load on the system varies over time. Third, we present a simple yet effective automatic adaptation solution, which provides significantly better overall system behaviour compared to static configurations. This is demonstrated by evaluations using a full system setup.

Modern peer-to-peer networks provide a lot of value. However, as the networks handle more and more sensitive data, e.g. in cryptocurrencies, privacy becomes an issue. Several approaches to provide efficient privacy to network participants rely on group formation with little or no regard to the privacy impact of how groups are created. Group creation is often based on random selection, which can easily be highjacked by attackers. We propose Pixy, an extensible, component-based scheme to increase privacy during group formation stages beyond current approaches. Our scheme provides a two-stage setup for group formation. First, a selection based on personal and network-wide collaboration lists reduces the attack surface for group initiators. Second, a testing phase based on cryptographic puzzles and, for suitable contexts, CAPTCHAs sort out Sybil attackers. We show that this scheme improves the current state of privacy in group-creation processes.

Modeling the architecture and behavior of embedded systems has long been a success story in the engineering of embedded systems due to the positive effects on quality and productivity, e.g., by declara- tive specifications, by enabling formal analyses, and by the generation of optimized code. These benefits, however, can only be reaped with extensive investments in specialized languages and tools which typically come with a closed and highly restrictive ecosystem. In this paper, we report our experiences while building an internal domain-specific language for IoT systems. We present our modeling language realized in Type- Script and integrated into the TypeScript/JavaScript ecosystem. The modeling language supports the declarative specification and execution of components, connectors, and state machines. We also provide a simple state space exploration to enable quality assurance techniques like test case generation and model checking. The language is illustrated by a running example with IoT devices. We believe that our solution lies at a sweet spot of providing a declarative modeling experience while reaping benefits from modern programming languages and their ecosystem to boost productivity

Tinnitus is a complex and heterogeneous psycho-physiological disorder responsible for causing a phantom ringing or buzzing sound albeit the absence of an external sound source. It has a direct influence on affecting the quality of life of its sufferers. Despite being around for a while, there has not been a cure for tinnitus, and the usual course of action for its treatment involves use of tinnitus retaining and sound therapy, or Cognitive Behavioral Therapy (CBT). One positive aspect about these therapies is that they can be administered face-to-face as well as delivered via internet or smartphone. Smartphones are especially helpful as they are highly personalized devices, and offer a well-established ecosystem of apps, accessible via respective marketplaces of differing mobile platforms. Note that current therapeutic treatments such as CBT have shown to be effective in suppressing the tinnitus symptoms when administered face-to-face, their effectiveness when being delivered using smartphones is not known so far. A quick search on the prominent market places of popular mobile platforms (Android and iOS) yielded roughly 250 smartphone apps offering tinnitus-related therapies and tinnitus management. As this number is expected to steadily increase due to high interest in smartphone app development, a contemporary review of such apps is crucial. In this paper, we aim to review scientific studies validating the smartphone apps, particularly to test their effectiveness in tinnitus management and treatment. We use the PRISMA guidelines for identification of studies on major scientific literature sources and delineate the outcomes of identified studies.

Privacy concerns have reached the mainstream discourse in society and already had a significant impact on research and technology. Cryptocurrencies have adopted many transaction-level privacy mechanisms to provide privacy in the persisted blockchain. Unfortunately, these are insufficient as network-level attacks can also provide privacy-breaking insights into transactions and their origins. We proposed k-Dining Cryptographers and topological methods as a basis for a privacy-preserving broadcast protocol. In this work, we present 3P3, a three-phase privacy-preserving broadcast protocol. We transformed our approach to a stronger attacker model so that it provides strong base privacy against global attackers and malicious nodes and additional privacy against common attackers, e.g., botnets. Further, we provide mechanisms to transmit almost arbitrarily long messages, reduce overhead for zero-message rounds, a more extensive analysis, and simulation results of our enhanced protocol. Our simulations show the dissemination of a message to all nodes within 1000ms in 99.9% of instances. These results hold for all network sizes, including networks of up to 10,000 participants. Bandwidth estimates also show practical applicability with usual group sizes of 10 to 30 participants.

The actor model is an established programming model for distributed applications. Combining event sourcing with the actor model allows the reconstruction of previous states of an actor. When this event sourcing approach for actors is enhanced with additional causality information, novel types of actor-based, retroactive computations are possible. A globally consistent state of all actors can be reconstructed retrospectively. Even retroactive changes of actor behavior, state, or messaging are possible, with partial recomputations and projections of changes in the past. We believe that this approach may provide beneficial features to actor-based systems, including retroactive bugfixing of applications, decoupled asynchronous global state reconstruction for recovery, simulations, and exploration of distributed applications and algorithms.