To address the lack of robustness against Byzantine and backdoor attacks in federated learning (FL), this paper proposes Krum Federated Chain (KFC)—the first decentralized, secure FL training framework integrating blockchain with robust aggregation. The method introduces a novel Proof of Federated Learning (PoFL) consensus mechanism, rigorously proven to block all malicious model updates even when only a single honest node remains. Crucially, the Krum robust aggregation algorithm is deeply embedded into the blockchain’s consensus layer, enabling unconditional coupling between Krum selection and block validation—ensuring model convergence and security even under total miner compromise. Evaluated on image classification tasks, KFC achieves >92% accuracy, significantly outperforming existing baselines. By eliminating reliance on trusted third parties, KFC establishes a verifiable, tamper-resistant, and robust collaborative training paradigm for FL.

Federated Learning presents a nascent approach to machine learning, enabling collaborative model training across decentralized devices while safeguarding data privacy. However, its distributed nature renders it susceptible to adversarial attacks. Integrating blockchain technology with Federated Learning offers a promising avenue to enhance security and integrity. In this paper, we tackle the potential of blockchain in defending Federated Learning against adversarial attacks. First, we test Proof of Federated Learning, a well known consensus mechanism designed ad-hoc to federated contexts, as a defense mechanism demonstrating its efficacy against Byzantine and backdoor attacks when at least one miner remains uncompromised. Second, we propose Krum Federated Chain, a novel defense strategy combining Krum and Proof of Federated Learning, valid to defend against any configuration of Byzantine or backdoor attacks, even when all miners are compromised. Our experiments conducted on image classification datasets validate the effectiveness of our proposed approaches.