ABSTRACT
The celebrated Nakamoto consensus protocol [16] ushered in several new consensus applications including cryptocurrencies. A few recent works [7, 17] have analyzed important properties of blockchains, including most significantly, consistency, which is a guarantee that all honest parties output the same sequence of blocks throughout the execution of the protocol. To establish consistency, the prior analysis of Pass, Seeman and Shelat [17] required a careful counting of certain combinatorial events that was difficult to apply to variations of Nakamoto. The work of Garay, Kiayas, and Leonardas [7] provides another method of analyzing the blockchain under the simplifying assumption that the network was synchronous. The contribution of this paper is the development of a simple Markov-chain based method for analyzing consistency properties of blockchain protocols. The method includes a formal way of stating strong concentration bounds as well as easy ways to concretely compute the bounds. We use our new method to answer a number of basic questions about consistency of blockchains: Our new analysis provides a tighter guarantee on the consistency property of Nakamoto's protocol, including for parameter regimes which [17] could not consider; We analyze a family of delaying attacks first presented in [17], and extend them to other protocols; We analyze how long a participant should wait before considering a high-value transaction "confirmed"; We analyze the consistency of CliqueChain, a variation of the Chainweb [14] system; We provide the first rigorous consistency analysis of GHOST [20] and also analyze a folklore "balancing"-attack. In each case, we use our framework to experimentally analyze the consensus bounds for various network delay parameters and adversarial computing percentages. We hope our techniques enable authors of future blockchain proposals to provide a more rigorous analysis of their schemes.
Supplemental Material
- Maria Apostolaki, Aviv Zohar, and Laurent Vanbever. 2016. Hijacking Bitcoin: Routing Attacks on Cryptocurrencies. arXiv preprint arXiv:1605.07524 (2016).Google Scholar
- Jing Chen and Silvio Micali. 2016. Algorand. https://arxiv.org/abs/1607.01341. (2016).Google Scholar
- H. Cherno. 1952. A Measure of the Asymptotic Efficiency for Tests of a Hypothesis Based on the Sum of Observations. Annals of Mathematical Statistics 23 (1952), 493--509.Google ScholarCross Ref
- Kai-Min Chung, Henry Lam, Zhenming Liu, and Michael Mitzenmacher. 2012. Chernoff-Hoeffding Bounds for Markov Chains: Generalized and Simplified. In 29th International Symposium on Theoretical Aspects of Computer Science (STACS 2012). 124--135.Google Scholar
- Christian Decker and Roger Wattenhofer. 2013. Information propagation in the bitcoin network. In Peer-to-Peer Computing (P2P), 2013 IEEE Thirteenth International Conference on. IEEE, 1--10.Google Scholar
- Ittay Eyal and Emin Gün Sirer. 2014. Majority is not enough: Bitcoin mining is vulnerable. In International conference on financial cryptography and data security. Springer, 436--454.Google ScholarCross Ref
- Juan A Garay, Aggelos Kiayias, and Nikos Leonardos. 2015. The Bitcoin Backbone Protocol: Analysis and Applications.. In EUROCRYPT (2). 281--310.Google Scholar
- Juan A. Garay, Aggelos Kiayias, and Nikos Leonardos. 2017. The Bitcoin Backbone Protocol with Chains of Variable Difficulty. In Advances in Cryptology - CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20--24, 2017, Proceedings, Part I. 291--323.Google Scholar
- Yossi Gilad, Rotem Hemo, Silvio Micali, Georgios Vlachos, and Nickolai Zeldovich. 2017. Algorand: Scaling Byzantine Agreements for Cryptocurrencies. In SOSP'17.Google ScholarDigital Library
- W. Hoe ding. 1956. On the Distribution of the Number of Successes in Independent Trials. Annals of Mathematical Statistics 27 (1956), 713--721.Google ScholarCross Ref
- Aggelos Kiayias and Giorgos Panagiotakos. 2015. Speed-Security Tradeoffs in Blockchain Protocols. IACR Cryptology ePrint Archive 2015 (2015), 1019.Google Scholar
- Aggelos Kiayias and Giorgos Panagiotakos. 2016. On Trees, Chains and Fast Transactions in the Blockchain. IACR Cryptology ePrint Archive 2016 (2016), 545.Google Scholar
- Yoad Lewenberg, Yonatan Sompolinsky, and Aviv Zohar. 2015. Inclusive block chain protocols. In International Conference on Financial Cryptography and Data Security. Springer, 528--547.Google ScholarCross Ref
- Quaintance Martino and Popejoy. 2018. Chainweb: A Proof-of-Work Parallel-Chain Architecture for Massive Throughput. (May 2018).Google Scholar
- Michael Mitzenmacher and Eli Upfal. 2005. Probability and Computing: Randomized Algorithms and Probabilistic Analysis. Cambridge University Press, New York, NY, USA. Google ScholarDigital Library
- Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. (2008).Google Scholar
- Rafael Pass, Lior Seeman, and Abhi Shelat. 2017. Analysis of the blockchain protocol in asynchronous networks. In Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 643--673.Google ScholarCross Ref
- Rafael Pass and Elaine Shi. 2017. The Sleepy Model of Consensus. In ASIACRYPT'2017.Google Scholar
- Yonatan Sompolinsky, Yoad Lewenberg, and Aviv Zohar. 2016. SPECTRE: A Fast and Scalable Cryptocurrency Protocol. IACR Cryptology ePrint Archive 2016 (2016), 1159.Google Scholar
- Yonatan Sompolinsky and Aviv Zohar. 2015. Secure high-rate transaction processing in bitcoin. In International Conference on Financial Cryptography and Data Security. Springer, 507--527.Google ScholarCross Ref
- Yonatan Sompolinsky and Aviv Zohar. 2018. PHANTOM: A Scalable BlockDAG Protocol. Cryptology ePrint Archive, Report 2018/104. (2018). https://eprint.iacr. org/2018/104.Google Scholar
Index Terms
- A Better Method to Analyze Blockchain Consistency
Recommendations
A Flexible Instant Payment System Based on Blockchain
Information Security and PrivacyAbstractImproving the throughput of blockchain systems such as Bitcoin and Ethereum has been an important research problem. Off-chain payments are one of the most promising technologies to tackle this challenge. Once a payment channel, however, is ...
Threat Analysis of Poisoning Attack Against Ethereum Blockchain
Information Security Theory and PracticeAbstractIn recent years, blockchain technology has witnessed remarkable developments in its application to crypto assets (cryptocurrency) considering not only function storing values but also extension of the smart contract and anonymity improvement. ...
On PeerCoin Proof of Stake for Blockchain Consensus
ICBCT '21: 2021 The 3rd International Conference on Blockchain TechnologyProof of Stake (PoS) has been talked about extensively as an alternative way of reaching consensus in blockchain systems. However, there are few publications on how PoS can be used to create new blocks in detail. The undisputed lead proponent for PoS is ...
Comments