63 research outputs found
Consistency of Proof-of-Stake Blockchains with Concurrent Honest Slot Leaders
We improve the fundamental security threshold of eventual consensus
Proof-of-Stake (PoS) blockchain protocols under the longest-chain rule by
showing, for the first time, the positive effect of rounds with concurrent
honest leaders.
Current security analyses reduce consistency to the dynamics of an abstract,
round-based block creation process that is determined by three events
associated with a round: (i) event : at least one adversarial leader, (ii)
event : a single honest leader, and (iii) event : multiple, but honest,
leaders. We present an asymptotically optimal consistency analysis assuming
that an honest round is more likely than an adversarial round (i.e., ); this threshold is optimal. This is a first in the literature
and can be applied to both the simple synchronous communication as well as
communication with bounded delays.
In all existing consistency analyses, event is either penalized or
treated neutrally. Specifically, the consistency analyses in Ouroboros Praos
(Eurocrypt 2018) and Genesis (CCS 2018) assume that ;
the analyses in Sleepy Consensus (Asiacrypt 2017) and Snow White (Fin. Crypto
2019) assume that . Moreover, all existing analyses completely
break down when . These thresholds determine the critical
trade-off between the honest majority, network delays, and consistency error.
Our new results can be directly applied to improve the security guarantees of
the existing protocols. We also provide an efficient algorithm to explicitly
calculate these error probabilities in the synchronous setting. Furthermore, we
complement these results by analyzing the setting where is rare, even
allowing , under the added assumption that honest players adopt a
consistent chain selection rule.Comment: Includes new sections describing (1) an adaptive online adversary and
(2) an efficient algorithm to compute consistency error probabilities. arXiv
admin note: text overlap with arXiv:1911.1018
Modeling Resources in Permissionless Longest-chain Total-order Broadcast
Blockchain protocols implement total-order broadcast in a permissionless
setting, where processes can freely join and leave. In such a setting, to
safeguard against Sybil attacks, correct processes rely on cryptographic proofs
tied to a particular type of resource to make them eligible to order
transactions. For example, in the case of Proof-of-Work (PoW), this resource is
computation, and the proof is a solution to a computationally hard puzzle.
Conversely, in Proof-of-Stake (PoS), the resource corresponds to the number of
coins that every process in the system owns, and a secure lottery selects a
process for participation proportionally to its coin holdings.
Although many resource-based blockchain protocols are formally proven secure
in the literature, the existing security proofs fail to demonstrate why
particular types of resources cause the blockchain protocols to be vulnerable
to distinct classes of attacks. For instance, PoS systems are more vulnerable
to long-range attacks, where an adversary corrupts past processes to re-write
the history, than Proof-of-Work and Proof-of-Storage systems.
Proof-of-Storage-based and Proof-of-Stake-based protocols are both more
susceptible to private double-spending attacks than Proof-of-Work-based
protocols; in this case, an adversary mines its chain in secret without sharing
its blocks with the rest of the processes until the end of the attack.
In this paper, we formally characterize the properties of resources through
an abstraction called resource allocator and give a framework for understanding
longest-chain consensus protocols based on different underlying resources. In
addition, we use this resource allocator to demonstrate security trade-offs
between various resources focusing on well-known attacks (e.g., the long-range
attack and nothing-at-stake attacks)
Modeling Resources in Permissionless Longest-Chain Total-Order Broadcast
Blockchain protocols implement total-order broadcast in a permissionless setting, where processes can freely join and leave. In such a setting, to safeguard against Sybil attacks, correct processes rely on cryptographic proofs tied to a particular type of resource to make them eligible to order transactions. For example, in the case of Proof-of-Work (PoW), this resource is computation, and the proof is a solution to a computationally hard puzzle. Conversely, in Proof-of-Stake (PoS), the resource corresponds to the number of coins that every process in the system owns, and a secure lottery selects a process for participation proportionally to its coin holdings.
Although many resource-based blockchain protocols are formally proven secure in the literature, the existing security proofs fail to demonstrate why particular types of resources cause the blockchain protocols to be vulnerable to distinct classes of attacks. For instance, PoS systems are more vulnerable to long-range attacks, where an adversary corrupts past processes to re-write the history, than PoW and Proof-of-Storage systems. Proof-of-Storage-based and PoS-based protocols are both more susceptible to private double-spending attacks than PoW-based protocols; in this case, an adversary mines its chain in secret without sharing its blocks with the rest of the processes until the end of the attack.
In this paper, we formally characterize the properties of resources through an abstraction called resource allocator and give a framework for understanding longest-chain consensus protocols based on different underlying resources. In addition, we use this resource allocator to demonstrate security trade-offs between various resources focusing on well-known attacks (e.g., the long-range attack and nothing-at-stake attacks)
SoK: Diving into DAG-based Blockchain Systems
Blockchain plays an important role in cryptocurrency markets and technology
services. However, limitations on high latency and low scalability retard their
adoptions and applications in classic designs. Reconstructed blockchain systems
have been proposed to avoid the consumption of competitive transactions caused
by linear sequenced blocks. These systems, instead, structure
transactions/blocks in the form of Directed Acyclic Graph (DAG) and
consequently re-build upper layer components including consensus, incentives,
\textit{etc.} The promise of DAG-based blockchain systems is to enable fast
confirmation (complete transactions within million seconds) and high
scalability (attach transactions in parallel) without significantly
compromising security. However, this field still lacks systematic work that
summarises the DAG technique. To bridge the gap, this Systematization of
Knowledge (SoK) provides a comprehensive analysis of DAG-based blockchain
systems. Through deconstructing open-sourced systems and reviewing academic
researches, we conclude the main components and featured properties of systems,
and provide the approach to establish a DAG. With this in hand, we analyze the
security and performance of several leading systems, followed by discussions
and comparisons with concurrent (scaling blockchain) techniques. We further
identify open challenges to highlight the potentiality of DAG-based solutions
and indicate their promising directions for future research.Comment: Full versio
Parallel Chains: Improving Throughput and Latency of Blockchain Protocols via Parallel Composition
Two of the most significant challenges in the design of blockchain
protocols is increasing their transaction processing throughput and
minimising latency in terms of transaction settlement. In this work
we put forth for the first time a formal execution model that
enables to express transaction throughput while supporting formal
security arguments regarding safety and liveness. We then introduce
parallel-chains, a simple yet powerful non-black-box
composition technique for blockchain protocols. We showcase our
technique by providing two parallel-chains protocol variants, one
for the PoS and one for PoW setting, that exhibit optimal throughput
under adaptive fail-stop corruptions while they retain
their resiliency in the face of Byzantine adversity assuming honest
majority of stake or computational power, respectively. We also apply
our parallel-chains composition method to improve settlement
latency; combining parallel composition with a novel transaction
weighing mechanism we show that it is possible to scale down
the time required for a transaction to settle by any given constant
while maintaining the same level of security
Proof-of-Stake Blockchain Protocols with Near-Optimal Throughput
One of the most significant challenges in the design of blockchain
protocols is increasing their transaction-processing throughput.
In this work we put forth for the first time a formal execution
model that enables to express transaction throughput while supporting
formal security arguments regarding persistence and liveness.
We then present a protocol in the proof-of-stake setting
achieving near-optimal throughput under adaptive active corruption of
any minority of the stake
- …