2019
DOI: 10.1007/978-3-030-32101-7_28
|View full text |Cite
|
Sign up to set email alerts
|

Bitcoin Security Under Temporary Dishonest Majority

Abstract: We prove Bitcoin is secure under temporary dishonest majority. We assume the adversary can corrupt a specific fraction of parties and also introduce crash failures, i.e., some honest participants are offline during the execution of the protocol. We demand a majority of honest online participants on expectation. We explore three different models and present the requirements for proving Bitcoin's security in all of them: we first examine a synchronous model, then extend to a bounded delay model and last we consi… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
9
0

Year Published

2019
2019
2023
2023

Publication Types

Select...
5
1

Relationship

1
5

Authors

Journals

citations
Cited by 12 publications
(9 citation statements)
references
References 14 publications
0
9
0
Order By: Relevance
“…The updatable ledger that we have described can be updated to any ledger L 2 under the condition that the genesis functionality of L 2 tolerates an adversary that can see the genesis block τ max rounds before the honest parties and decide the genesis block among a set of m candidate genesis blocks. This requirement might look strong, but we note that the problem of constructing a ledger that is secure in such a scenario is simpler than the problem of constructing a ledger that supports temporary dishonest majority [2]. A ledger with security assumption A that tolerates temporary dishonest majority is such that its security properties (liveness and consistency) become valid again when A[τ 1 ] = 1, even if A[τ ] = 0 for all τ ∈ [τ 0 , τ 1 − δ] for some τ 0 , τ 1 , δ ∈ N such that τ 1 − δ ≥ τ 0 .…”
Section: Second Approachmentioning
confidence: 99%
“…The updatable ledger that we have described can be updated to any ledger L 2 under the condition that the genesis functionality of L 2 tolerates an adversary that can see the genesis block τ max rounds before the honest parties and decide the genesis block among a set of m candidate genesis blocks. This requirement might look strong, but we note that the problem of constructing a ledger that is secure in such a scenario is simpler than the problem of constructing a ledger that supports temporary dishonest majority [2]. A ledger with security assumption A that tolerates temporary dishonest majority is such that its security properties (liveness and consistency) become valid again when A[τ 1 ] = 1, even if A[τ ] = 0 for all τ ∈ [τ 0 , τ 1 − δ] for some τ 0 , τ 1 , δ ∈ N such that τ 1 − δ ≥ τ 0 .…”
Section: Second Approachmentioning
confidence: 99%
“…One important difference between our scheme and the existing blockchain protocols is that traditional full nodes are able to verify the whole state evolution of the system from genesis. This allows them to recover in case of temporary dishonest majority [7,14], while our system cannot do so. Let us consider what could happen in case an adversary temporarily has the upper hand in a blockchain where ev erybody is mining using our protocol.…”
Section: Discussionmentioning
confidence: 99%
“…We will refer to this model as the 1 2 adversary. This assumption is generally necessary to solve the consensus problem in polynomial time [120], although it can be temporarily relaxed [9]. Throughout this work, we will assume that the honest majority holds during all rounds.…”
Section: Proofofworkmentioning
confidence: 99%
See 2 more Smart Citations