Securing Proof-of-Work Ledgers via Checkpointing

Our work explores mechanisms that secure a distributed ledger in the presence of adversarial mining majorities. Distributed ledgers based on the Proof-of-Work (PoW) paradigm are typically most vulnerable when mining participation is low. During these periods an attacker can mount devastating attacks, such as double spending or censorship of transactions. We put forth the first rigorous study of checkpointing as a mechanism to protect distributed ledgers from such 51% attacks. The core idea is to employ an external set of parties that assist the ledger by finalizing blocks shortly after their creation. This service takes the form of checkpointing and timestamping; checkpointing ensures low latency in a federated setting, while timestamping is fully decentralized. Contrary to existing checkpointing designs, ours is the first to ensure both consistency and liveness. We identify a previously undocumented attack against liveness, “block lead”, which enables Denial-of-Service and censorship to take place in existing checkpointed settings. We showcase our results on a checkpointed version of Ethereum Classic, a system which recently suffered a 51% attack, and build a federated distributed checkpointing service, which provides high assurance with low performance requirements. Finally, we fully decentralize our scheme, in the form of timestamping on a secure distributed ledger, and evaluate its performance using Bitcoin and Ethereum

Filling the Tax Gap via Programmable Money

We discuss the problem of facilitating tax auditing assuming "programmable money", i.e., digital monetary instruments that are managed by an underlying distributed ledger. We explore how a taxation authority can verify the declared returns of its citizens and create a counter-incentive to tax evasion by two distinct mechanisms. First, we describe a design which enables auditing it as a built-in feature with minimal changes on the underlying ledger's consensus protocol. Second, we offer an application-layer extension, which requires no modification in the underlying ledger's design. Both solutions provide a high level of privacy, ensuring that, apart from specific limited data given to the taxation authority, no additional information - beyond the information already published on the underlying ledger - is leaked

A Puff of Steem: Security Analysis of Decentralized Content Curation

Decentralized content curation is the process through which uploaded posts are ranked and filtered based exclusively on users\u27 feedback. Platforms such as the blockchain-based Steemit employ this type of curation while providing monetary incentives to promote the visibility of high quality posts according to the perception of the participants. Despite the wide adoption of the platform very little is known regarding its performance and resilience characteristics. In this work, we provide a formal model for decentralized content curation that identifies salient complexity and game-theoretic measures of performance and resilience to selfish participants. Armed with our model, we provide a first analysis of Steemit identifying the conditions under which the system can be expected to correctly converge to curation while we demonstrate its susceptibility to selfish participant behaviour. We validate our theoretical results with system simulations in various scenarios