Minting Mechanisms for Blockchain - or - Moving from Cryptoassets to Cryptocurrencies

Permissionless blockchain systems, such as Bitcoin, rely on users using their computational power to solve a puzzle in order to achieve a consensus. To incentivise users in maintaining the system, newly minted coins are assigned to the user who solves this puzzle. A hardware race that has hence ensued among the users, has had a detrimental impact on the environment, with enormous energy consumption and increased global carbon footprint. On the other hand, proof of stake systems incentivise coin hoarding as players maximise their utility by holding their stakes. As a result, existing cryptocurrencies do not mimic the day-to-day usability of a fiat currency, but are rather regarded as crypto-assets or investment vectors. In this work we initiate the study of minting mechanisms in cryptocurrencies as a primitive on its own right, and as a solution to prevent coin hoarding we propose a novel minting mechanism based on waiting-time first-price auctions. Our main technical tool is a protocol to run an auction over any blockchain. Moreover, our protocol is the first to securely implement an auction without requiring a semi-trusted party, i.e., where every miner in the network is a potential bidder. Our approach is generically applicable and we show that it is incentive-compatible with the underlying blockchain, i.e., the best strategy for a player is to behave honestly. Our proof-of-concept implementation shows that our system is efficient and scales to tens of thousands of bidders. ∗This paper is part of the work of the Nuremberg Campus of Technology, a research cooperation of FriedrichAlexander-Universität Erlangen-Nürnberg (FAU) and Technischen Hochschule Nürnberg Georg Simon Ohm, supported by the state of Bavaria.

[1]  D. Boneh,et al.  Bulletproofs : Efficient Range Proofs for Confidential Transactions , 2017 .

[2]  Giuseppe Ateniese,et al.  Proofs of Space: When Space Is of the Essence , 2014, SCN.

[3]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[4]  Elaine Shi,et al.  Permacoin: Repurposing Bitcoin Work for Data Preservation , 2014, 2014 IEEE Symposium on Security and Privacy.

[5]  Trond Hønsi SpaceMint - A Cryptocurrency Based on Proofs of Space , 2017 .

[6]  Aviv Zohar,et al.  Optimal Selfish Mining Strategies in Bitcoin , 2015, Financial Cryptography.

[7]  Moni Naor,et al.  Timed Commitments , 2000, CRYPTO.

[8]  Sunny King,et al.  PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake , 2012 .

[9]  Elaine Shi,et al.  FruitChains: A Fair Blockchain , 2017, IACR Cryptol. ePrint Arch..

[10]  Manuel Blum,et al.  Non-Interactive Zero-Knowledge and Its Applications (Extended Abstract) , 1988, STOC 1988.

[11]  Renato Paes Leme,et al.  Sequential auctions and externalities , 2011, SODA.

[12]  Kartik Nayak,et al.  Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[13]  Abhi Shelat,et al.  Analysis of the Blockchain Protocol in Asynchronous Networks , 2017, EUROCRYPT.

[14]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[15]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[16]  Silvio Micali,et al.  Computationally Sound Proofs , 2000, SIAM J. Comput..

[17]  Aggelos Kiayias,et al.  Ouroboros Praos: An Adaptively-Secure, Semi-synchronous Proof-of-Stake Blockchain , 2018, EUROCRYPT.

[18]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[19]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[20]  Jeremy Clark,et al.  Mixcoin: Anonymity for Bitcoin with Accountable Mixes , 2014, Financial Cryptography.

[21]  Matthew Green,et al.  Zerocoin: Anonymous Distributed E-Cash from Bitcoin , 2013, 2013 IEEE Symposium on Security and Privacy.

[22]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[23]  Aggelos Kiayias,et al.  Efficient Proofs of Secure Erasure , 2014, SCN.

[24]  Yuval Ishai,et al.  Ligero: Lightweight Sublinear Arguments Without a Trusted Setup , 2017, Designs, Codes and Cryptography.

[25]  Jean-Sébastien Coron,et al.  Advances in Cryptology – EUROCRYPT 2016 , 2016, Lecture Notes in Computer Science.

[26]  Eli Ben-Sasson,et al.  Scalable, transparent, and post-quantum secure computational integrity , 2018, IACR Cryptol. ePrint Arch..

[27]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[28]  Krzysztof Pietrzak,et al.  Simple Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[29]  Pedro Moreno-Sanchez,et al.  P2P Mixing and Unlinkable Bitcoin Transactions , 2017, NDSS.

[30]  S. Tsiang,et al.  A Critical Note on the Optimum Supply of Money , 1969 .

[31]  Karl J. O'Dwyer,et al.  Bitcoin mining and its energy footprint , 2014 .

[32]  S. Matthew Weinberg,et al.  On the Instability of Bitcoin Without the Block Reward , 2016, CCS.

[33]  Nir Bitansky,et al.  Time-Lock Puzzles from Randomized Encodings , 2016, IACR Cryptol. ePrint Arch..

[34]  Michael Bedford Taylor,et al.  Bitcoin and the age of Bespoke Silicon , 2013, 2013 International Conference on Compilers, Architecture and Synthesis for Embedded Systems (CASES).

[35]  Robert M. Solow,et al.  Money, inflation and growth , 1990 .

[36]  Joseph Y. Halpern,et al.  2 A Computational Game-Theoretic Framework 2 . 1 Bayesian Games , 2008 .

[37]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[38]  Morgen E. Peck The Bitcoin Arms Race is on , 2013 .

[39]  Amy Greenwald,et al.  Approximating Equilibria in Sequential Auctions with Incomplete Information and Multi-Unit Demand , 2012, NIPS.

[40]  Pedro Moreno-Sanchez,et al.  CoinShuffle: Practical Decentralized Coin Mixing for Bitcoin , 2014, ESORICS.

[41]  Stefan Dziembowski,et al.  Proofs of Space , 2015, CRYPTO.

[42]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol with Chains of Variable Difficulty , 2017, CRYPTO.

[43]  L. Ren Proof of Stake Velocity: Building the Social Currency of the Digital Age , 2014 .

[44]  M. Woodford,et al.  INTEREST AND PRICES: FOUNDATIONS OF A THEORY OF MONETARY POLICY , 2005, Macroeconomic Dynamics.

[45]  Jeffrey Rogers Hummel,et al.  Death and Taxes, Including Inflation: the Public versus Economists , 2007 .

[46]  Aggelos Kiayias,et al.  Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability , 2018, IACR Cryptol. ePrint Arch..