Efficient Zero-Knowledge Contingent Payments in Cryptocurrencies Without Scripts

One of the most promising innovations offered by the cryptographic currencies (like Bitcoin) are the so-called smart contracts, which can be viewed as financial agreements between mutually distrusting participants. Their execution is enforced by the mechanics of the currency, and typically has monetary consequences for the parties. The rules of these contracts are written in the form of so-called “scripts”, which are pieces of code in some “scripting language”. Although smart contracts are believed to have a huge potential, for the moment they are not widely used in practice. In particular, most of Bitcoin miners allow only to post standard transactions (i.e.: those without the non-trivial scripts) on the blockchain. As a result, it is currently very hard to create non-trivial smart contracts in Bitcoin.

[1]  Marcin Andrychowicz,et al.  On the Malleability of Bitcoin Transactions , 2015, Financial Cryptography Workshops.

[2]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.

[3]  Michael K. Reiter,et al.  Two-party generation of DSA signatures , 2001, International Journal of Information Security.

[4]  Andreas M. Antonopoulos,et al.  Mastering Bitcoin: Unlocking Digital Crypto-Currencies , 2014 .

[5]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[6]  Michael Naehrig,et al.  Elliptic Curve Cryptography in Practice , 2014, Financial Cryptography.

[7]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[8]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[9]  L. Washington Elliptic Curves: Number Theory and Cryptography, Second Edition , 2008 .

[10]  Torben P. Pedersen A Threshold Cryptosystem without a Trusted Party (Extended Abstract) , 1991, EUROCRYPT.

[11]  Moni Naor,et al.  Timed Commitments , 2000, CRYPTO.

[12]  Brent Waters,et al.  Strongly Unforgeable Signatures Based on Computational Diffie-Hellman , 2006, Public Key Cryptography.

[13]  Matthias Schunter,et al.  Fair Exchange , 2011, Encyclopedia of Cryptography and Security.

[14]  A. Narayanan,et al.  Securing Bitcoin wallets via a new DSA / ECDSA threshold signature scheme , 2015 .

[15]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[16]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[17]  Jacques Stern,et al.  Flaws in Applying Proof Methodologies to Signature Schemes , 2002, CRYPTO.

[18]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[19]  Iddo Bentov,et al.  How to Use Bitcoin to Design Fair Protocols , 2014, CRYPTO.

[20]  Nick Szabo,et al.  Formalizing and Securing Relationships on Public Networks , 1997, First Monday.

[21]  Marcin Andrychowicz,et al.  Fair Two-Party Computations via Bitcoin Deposits , 2014, Financial Cryptography Workshops.

[22]  Henning Pagnia,et al.  On the Impossibility of Fair Exchange without a Trusted Third Party , 1999 .

[23]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[24]  Oded Goldreich Foundations of Cryptography: Volume 1 , 2006 .

[25]  Iddo Bentov,et al.  Note on fair coin toss via Bitcoin , 2014, ArXiv.

[26]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[27]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[28]  Jason Teutsch,et al.  Demystifying Incentives in the Consensus Computer , 2015, CCS.

[29]  Iddo Bentov,et al.  How to Use Bitcoin to Play Decentralized Poker , 2015, CCS.

[30]  Yehuda Lindell,et al.  Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer , 2010, IACR Cryptol. ePrint Arch..

[31]  Vitaly Shmatikov,et al.  2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18-21, 2014 , 2014, IEEE Symposium on Security and Privacy.

[32]  Yehuda Lindell,et al.  Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series) , 2007 .

[33]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.