The Combinatorics of the Longest-Chain Rule: Linear Consistency for Proof-of-Stake Blockchains

Blum, Erica; Kiayias, Aggelos; Moore, Cristopher; Quader, Saad; Russell, Alexander

doi:10.1137/1.9781611975994.69

Cited by 14 publications

(22 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The analysis of our main security theorem, Theorem 6.1, draws from [21]. A more careful and improved analysis appears in [5], from which we may obtain the refined bound 1 − 𝑅𝐿(𝑒 −Ω (𝛿 3 𝜅) + 𝑒 −𝜆 ) for the statement of Theorem 6.1. In this section we analyze a private chain attack and show a corresponding lower bound.…”

Section: E2 Differences In Classic and Genesismentioning

confidence: 99%

Minotaur: Multi-Resource Blockchain Consensus

Fitzi¹,

Wang²,

Kannan³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

Resource-based consensus is the backbone of permissionless distributed ledger systems. The security of such protocols relies fundamentally on the level of resources actively engaged in the system. The variety of different resources (and related proof protocols, some times referred to as PoX in the literature) raises the fundamental question whether it is possible to utilize many of them in tandem and build multi-resource consensus protocols. The challenge in combining different resources is to achieve fungibility between them, in the sense that security would hold as long as the cumulative adversarial power across all resources is bounded.In this work, we put forth Minotaur, a multi-resource blockchain consensus protocol that combines proof of work (PoW) and proofof-stake (PoS), and we prove it optimally fungible. At the core of our design, Minotaur operates in epochs while continuously sampling the active computational power to provide a fair exchange between the two resources, work and stake. Further, we demonstrate the ability of Minotaur to handle a higher degree of work fluctuation as compared to the Bitcoin blockchain; we also generalize Minotaur to any number of resources.We demonstrate the simplicity of Minotaur via implementing a full stack client in Rust (available open source [25]). We use the client to test the robustness of Minotaur to variable mining power and combined work/stake attacks and demonstrate concrete empirical evidence towards the suitability of Minotaur to serve as the consensus layer of a real-world blockchain.

show abstract

Section: E2 Differences In Classic and Genesismentioning

confidence: 99%

Minotaur: Multi-Resource Blockchain Consensus

Fitzi¹,

Wang²,

Kannan³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…Previous works have proposed formal analyses of PoS blockchains based on PLEs [3,7,13]. In most of them, the proof revolves around finding a special block that guarantees security of the protocol and bounding the probability that this type of block does not appear in a sequence of 𝑛 consecutive blocks.…”

Section: Related Workmentioning

confidence: 99%

“…While this limits the generality of our work, we believe that, due to the conjecture above, studying the private attack alone gives a good proxy for the security of PoS longest-chain protocols. Furthermore, this simplifying assumption allows us to get exact bounds, as opposed to the loose bounds obtained by other analyses [3,7,11,13], usually based on Chebyshev's inequality or similar inequalities. Loose bounds on the probability of successful attacks would not be sufficient to meaningfully quantify the difference between SSLE and PLE in longest-chain PoS blockchains as even if one bound is smaller than the other, this does not say anything about how the exact probabilities compare.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Private attacks in longest chain proof-of-stake protocols with single secret leader elections

Azouvi¹,

Cappelletti

2021

Proceedings of the 3rd ACM Conference on Advances in Financial Technologies

View full text Add to dashboard Cite

Single Secret Leader Elections have recently been proposed as an improved leader election mechanism for proof-of-stake (PoS) blockchains. However, the security gain they provide has not been quantified. In this work, we present a comparison of PoS longestchain protocols that are based on Single Secret Leader Elections (SSLE) -that elect exactly one leader per round -versus those based on Probabilistic Leader Elections (PLE) -where one leader is elected on expectation. Our analysis shows that when considering the private attack -the worst attack on longest-chain protocols [14] -the security gained from using SSLE is substantial: the settlement time is decreased by ∼ 25% for a 33% or 25% adversary. Furthermore, when considering grinding attacks, we find that the security threshold is increased by 10% (from 0.26 in the PLE case to 0.36 in the SSLE case) and the settlement time is decreased by roughly 70% for a 20% adversary in the SSLE case.

show abstract

“…Another line of work [11,27] considers how the uniformly-at-random symmetry breaking strategy affects incentive-compatible selfish mining attacks; our analysis applies to general attacks. Random walks have been used to analyze the probability of consistency violations in proofs-of-stake protocols [3]; ours is the first work that uses coalescing random walks to analyze the common-prefix and chain quality of Bitcoin and other proof-of-work protocols.…”

Section: Introductionmentioning

confidence: 99%

The Power of Random Symmetry-Breaking in Nakamoto Consensus

Su,

Liu,

Narula

2021

Preprint

View full text Add to dashboard Cite

Nakamoto consensus underlies the security of many of the world's largest cryptocurrencies, such as Bitcoin and Ethereum. Common lore is that Nakamoto consensus only achieves consistency and liveness under a regime where the difficulty of its underlying mining puzzle is very high, negatively impacting overall throughput and latency. In this work, we study Nakamoto consensus under a wide range of puzzle difficulties, including very easy puzzles. We first analyze an adversary-free setting and show that, surprisingly, the common prefix of the blockchain grows quickly even with easy puzzles. In a setting with adversaries, we provide a small backwards-compatible change to Nakamoto consensus to achieve consistency and liveness with easy puzzles. Our insight relies on a careful choice of symmetry-breaking strategy, which was significantly underestimated in prior work. We introduce a new method-coalescing random walks-to analyzing the correctness of Nakamoto consensus under the uniformly-at-random symmetry-breaking strategy. This method is more powerful than existing analysis methods that focus on bounding the number of convergence opportunities.

show abstract

The Combinatorics of the Longest-Chain Rule: Linear Consistency for Proof-of-Stake Blockchains

Cited by 14 publications

References 14 publications

Minotaur: Multi-Resource Blockchain Consensus

Minotaur: Multi-Resource Blockchain Consensus

Private attacks in longest chain proof-of-stake protocols with single secret leader elections

The Power of Random Symmetry-Breaking in Nakamoto Consensus

Contact Info

Product

Resources

About