Transaction Fee Mining and Mechanism Design

Transaction fees represent a major incentive in many blockchain systems as a way to incentivize processing transactions. Unfortunately, they also introduce an enormous amount of incentive asymmetry compared to alternatives like fixed block rewards. We analyze some of the incentive compatibility issues that arise from transaction fees, which relate to the bids that users submit, the allocation rules that miners use to choose which transactions to include, and where they choose to mine in the context of longest-chain consensus. We start by surveying a variety of mining attacks including undercutting, fee sniping, and fee-optimized selfish mining. Then, we move to analyzing mechanistic notions of user incentive compatibility, myopic miner incentive compatibility, and off-chain-agreement-proofness, as well as why they are provably incompatible in their full form. Then, we discuss weaker notions of nearly and $\gamma$-weak incentive compatibility, and how all of these forms of incentive compatibility hold or fail in the trustless auctioneer setup of blockchains, examining classical mechanisms as well as more recent ones such as Ethereum's EIP-1559 mechanism and \cite{chung}'s burning second-price auction. Throughout, we generalize and interrelate existing notions, provide new unifying perspectives and intuitions on analysis, and discuss both specific and overarching open problems for future work

A general framework for blockchain analytics

Modern cryptocurrencies exploit decentralised blockchains to record a public and unalterable history of transactions. Besides transactions, further information is stored for different, and often undisclosed, purposes, making the blockchains a rich and increasingly growing source of valuable information, in part of difficult interpretation. Many data analytics have been developed, mostly based on specifically designed and ad-hoc engineered approaches.We propose a general-purpose framework, seamlessly supporting data analytics on both Bitcoin and Ethereum — currently the two most prominent cryptocurrencies. Such a framework allows us to integrate relevant blockchain data with data from other sources, and to organise them in a database, either SQL or NoSQL. Our framework is released as an open-source Scala library. We illustrate the distinguishing features of our approach on a set of significant use cases, which allow us to empirically compare ours to other competing proposals, and evaluate the impact of the database choice on scalability

CP-consensus: a Blockchain Protocol Based on Synchronous Timestamps of Compass Satellite

Bitcoin, the first decentralized cryptocurrency, achieves great success but also encounters many challenges. In this paper, we mainly focus on Bitcoin\u27s five challenges: low network synchronization; poor throughput; high information propagation delay; vulnerabilities to fork-based attacks and consumption of a large amount of computational power to maintain the blockchain. To address these challenges, we present the CP-consensus, a blockchain protocol based on synchronous timestamps of the Compass satellite. Firstly, CP-consensus provides a quasi-synchronous network for nodes. Specifically, nodes synchronously begin or end in each phase. Secondly, the block propagation delay is significantly reduced by adopting cache-nodes. Moreover, the block verification delay is significantly reduced since it is limited only by the size of block-header. Thirdly, CP-consensus has a high throughput with a larger block size since that the block size does not influence the consistency of CP-consensus. Fourthly, CP-consensus resists fork-based attacks and consumes a small amount of computational power. Finally, parameters setting and the security of CP-consensus are discussed

Timelocked Bribing

A Hashed Time Lock Contract (HTLC) is a central concept in cryptocurrencies where some value can be spent either with the preimage of a public hash by one party (Bob) or after a timelock expires by another party (Alice). We present a bribery attack on HTLC\u27s where Bob\u27s hash-protected transaction is censored by Alice\u27s timelocked transaction. Alice incentivizes miners to censor Bob\u27s transaction by leaving almost all her value to miners in general. Miners follow (or refuse) this bribe if their expected payoff is better (or worse). We explore conditions under which this attack is possible, and how HTLC participants can protect themselves against the attack. Applications like Lightning Network payment channels and Cross-Chain Atomic Swaps use HTLC\u27s as building blocks and are vulnerable to this attack. Our proposed solution uses the hashpower share of the weakest known miner to derive parameters that make these applications robust against this bribing attack

Smart contracts for bribing miners

We present three smart contracts that allow a briber to fairly exchange bribes to miners who pursue a mining strategy benefiting the briber. The first contract, CensorshipCon, highlights that Ethereum’s uncle block reward policy can directly subsidise the cost of bribing miners. The second contract, HistoryRevisionCon, rewards miners via an in-band payment for reversing transactions or enforcing a new state of another contract. The third contract, GoldfingerCon, rewards miners in one cryptocurrency for reducing the utility of another cryptocurrency. This work is motivated by the need to understand the extent to which smart contracts can impact the incentive mechanisms involved in Nakamoto-style consensus protocols

Threshold Encrypted Mempools: Limitations and Considerations

Encrypted mempools are a class of solutions aimed at preventing or reducing negative externalities of MEV extraction using cryptographic privacy. Mempool encryption aims to hide information related to pending transactions until a block including the transactions is committed, targeting the prevention of frontrunning and similar behaviour. Among the various methods of encryption, threshold schemes are particularly interesting for the design of MEV mitigation mechanisms, as their distributed nature and minimal hardware requirements harmonize with a broader goal of decentralization. This work looks beyond the formal and technical cryptographic aspects of threshold encryption schemes to focus on the market and incentive implications of implementing encrypted mempools as MEV mitigation techniques. In particular, this paper argues that the deployment of such protocols without proper consideration and understanding of market impact invites several undesired outcomes, with the ultimate goal of stimulating further analysis of this class of solutions outside of pure cryptograhic considerations. Included in the paper is an overview of a series of problems, various candidate solutions in the form of mempool encryption techniques with a focus on threshold encryption, potential drawbacks to these solutions, and Osmosis as a case study. The paper targets a broad audience and remains agnostic to blockchain design where possible while drawing from mostly financial examples