5 research outputs found
Side Contract Commitment Attacks on Blockchains
We identify a subtle security issue that impacts the design of smart
contracts, because agents may themselves deploy smart contracts (side
contracts). Typically, equilibria of games are analyzed in vitro, under the
assumption that players cannot arbitrarily commit to strategies. However,
equilibria thus obtained do not hold in general in vivo, when games are
deployed on a blockchain. Being able to deploy side contracts changes
fundamental game-theoretic assumptions by inducing a meta-game wherein agents
strategize to deploy the best contracts. Not taking side contracts into account
thus fails to capture an important aspect of deploying smart contracts in
practice. A game that remains secure when the players can deploy side contracts
is said to be side contract resilient. We demonstrate the non-triviality of
side contract resilience by analyzing two smart contracts for decentralized
commerce. These contracts have the same intended functionality, but we show
that only one is side contract resilient. We then demonstrate a side contract
attack on first-price auctions, which are the transaction mechanisms used by
most major blockchains. We show that an agent may deploy a contract ensuring
their transaction is included in the next block at almost zero cost while
forcing most other agents to enter into a lottery for the remaining block
space. This benefits all the users, but is detrimental to the miners. This
might be cause for re-evaluation of the use of auctions in transaction fee
mechanisms. We show that the attack works under certain conditions that hold
with high probability from natural distributions. The attack also works against
the transaction mechanism EIP-1559. Our work highlights an issue that is
necessary to address to ensure the secure deployment of smart contracts and
suggests that other contracts already deployed on major blockchains may be
susceptible to these attacks
Outsourcing Adjudication to Strategic Jurors
We study a scenario where an adjudication task (e.g., the resolution of a
binary dispute) is outsourced to a set of agents who are appointed as jurors.
This scenario is particularly relevant in a Web3 environment, where no
verification of the adjudication outcome is possible, and the appointed agents
are, in principle, indifferent to the final verdict. We consider simple
adjudication mechanisms that use (1) majority voting to decide the final
verdict and (2) a payment function to reward the agents with the majority vote
and possibly punish the ones in the minority. Agents interact with such a
mechanism strategically: they exert some effort to understand how to properly
judge the dispute and cast a yes/no vote that depends on this understanding and
on information they have about the rest of the votes. Eventually, they vote so
that their utility (i.e., their payment from the mechanism minus the cost due
to their effort) is maximized. Under reasonable assumptions about how an
agent's effort is related to her understanding of the dispute, we show that
appropriate payment functions can be used to recover the correct adjudication
outcome with high probability. Our findings follow from a detailed analysis of
the induced strategic game and make use of both theoretical arguments and
simulation experiments
Game theory on the blockchain: a model for games with smart contracts
We propose a model for games in which the players have shared access to a
blockchain that allows them to deploy smart contracts to act on their behalf.
This changes fundamental game-theoretic assumptions about rationality since a
contract can commit a player to act irrationally in specific subgames, making
credible otherwise non-credible threats. This is further complicated by
considering the interaction between multiple contracts which can reason about
each other. This changes the nature of the game in a nontrivial way as choosing
which contract to play can itself be considered a move in the game. Our model
generalizes known notions of equilibria, with a single contract being
equivalent to a Stackelberg equilibrium, and two contracts being equivalent to
a reverse Stackelberg equilibrium. We prove a number of bounds on the
complexity of computing SPE in such games with smart contracts. We show that
computing an SPE is -hard in the general case. Specifically,
in games with contracts, we show that computing an SPE is
-hard for games of imperfect information. We show that
computing an SPE remains -hard in games of perfect information
if we allow for an unbounded number of contracts. We give an algorithm for
computing an SPE in two-contract games of perfect information that runs in time
where is the size of the game tree and is the number of
terminal nodes. Finally, we conjecture the problem to be -complete
for three contracts
Communication Lower Bounds for Perfect Maliciously Secure MPC
We prove a lower bound on the communication complexity of perfect maliciously secure multiparty computation, in the standard model with parties of which are corrupted.
We show that for any and all large enough there exists a Boolean circuit with gates, where any perfectly secure protocol implementing must communicate bits.
The results easily extends to constructing similar circuits over any fixed finite field.
Our results also extend to the case where the threshold is suboptimal. Namely if the bound is
, which corresponds to known optimizations via packed secret-sharing.
Using known techniques, we also show an upper bound that matches the lower bound up to a constant factor (existing upper bounds are a factor off for Boolean circuits)