Zero-Collateral Lotteries in Bitcoin and Ethereum

We present cryptocurrency-based lottery protocols that do not require any collateral from the players. Previous protocols for this task required a security deposit that is O(N2) times larger than the bet amount, where N is the number of players. Our protocols are based on a tournament bracket construction, and require only O(logN) rounds. Our lottery protocols thus represent a significant improvement, both because they allow players with little money to participate, and because of the time value of money. The Ethereum-based implementation of our lottery is highly efficient. The Bitcoin implementation requires an O(2N) off-chain setup phase, which demonstrates that the expressive power of the scripting language can have important implications. We also describe a minimal modification to the Bitcoin protocol that would eliminate the exponential blowup.

[1]  Joshua A. Kroll,et al.  On Decentralizing Prediction Markets and Order Books , 2014 .

[2]  Emin Gün Sirer,et al.  Bitcoin Covenants , 2016, Financial Cryptography Workshops.

[3]  A. Narayanan,et al.  Securing Bitcoin wallets via a new DSA / ECDSA threshold signature scheme , 2015 .

[4]  Arjen K. Lenstra,et al.  A random zoo: sloth, unicorn, and trx , 2015, IACR Cryptol. ePrint Arch..

[5]  Jeremy Clark,et al.  Mixcoin: Anonymity for Bitcoin with Accountable Mixes , 2014, Financial Cryptography.

[6]  Arvind Narayanan,et al.  Threshold-Optimal DSA/ECDSA Signatures and an Application to Bitcoin Wallet Security , 2016, ACNS.

[7]  Marcin Andrychowicz,et al.  Distributed Cryptography Based on the Proofs of Work , 2014, IACR Cryptol. ePrint Arch..

[8]  Pedro Moreno-Sanchez,et al.  P2P Mixing and Unlinkable Bitcoin Transactions , 2017, NDSS.

[9]  Marcin Andrychowicz,et al.  On the Malleability of Bitcoin Transactions , 2015, Financial Cryptography Workshops.

[10]  Andrew Miller,et al.  Provable Security for Cryptocurrencies , 2016 .

[11]  Iddo Bentov,et al.  How to Use Bitcoin to Design Fair Protocols , 2014, CRYPTO.

[12]  Ethan Heilman,et al.  TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub , 2017, NDSS.

[13]  Iddo Bentov,et al.  Decentralized Prediction Market Without Arbiters , 2017, Financial Cryptography Workshops.

[14]  Iddo Bentov,et al.  How to Use Bitcoin to Incentivize Correct Computations , 2014, CCS.

[15]  Aviv Zohar,et al.  Secure High-Rate Transaction Processing in Bitcoin , 2015, Financial Cryptography.

[16]  Matthew Green,et al.  Zerocoin: Anonymous Distributed E-Cash from Bitcoin , 2013, 2013 IEEE Symposium on Security and Privacy.

[17]  Ethan Heilman,et al.  Blindly Signed Contracts: Anonymous On-Blockchain and Off-Blockchain Bitcoin Transactions , 2016, Financial Cryptography Workshops.

[18]  Elaine Shi,et al.  Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[19]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[20]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[21]  Marcin Andrychowicz,et al.  Fair Two-Party Computations via Bitcoin Deposits , 2014, Financial Cryptography Workshops.

[22]  Yehuda Afek,et al.  Wait-free Test-and-Set (Extended Abstract) , 1992, WDAG.

[23]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[24]  Aggelos Kiayias,et al.  Fair and Robust Multi-party Computation Using a Global Transaction Ledger , 2016, EUROCRYPT.

[25]  Abhi Shelat,et al.  Analysis of the Blockchain Protocol in Asynchronous Networks , 2017, EUROCRYPT.

[26]  Daniel J. Bernstein Multi-user Schnorr security, revisited , 2015, IACR Cryptol. ePrint Arch..

[27]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[28]  Aviv Zohar,et al.  Accelerating Bitcoin's Transaction Processing. Fast Money Grows on Trees, Not Chains , 2013, IACR Cryptol. ePrint Arch..

[29]  Jeremy Clark,et al.  On Bitcoin as a public randomness source , 2015, IACR Cryptol. ePrint Arch..

[30]  Christian Decker,et al.  Bitcoin Transaction Malleability and MtGox , 2014, ESORICS.

[31]  Pedro Moreno-Sanchez,et al.  CoinShuffle: Practical Decentralized Coin Mixing for Bitcoin , 2014, ESORICS.

[32]  Elaine Shi,et al.  Hybrid Consensus: Efficient Consensus in the Permissionless Model , 2016, DISC.

[33]  Elaine Shi,et al.  Step by Step Towards Creating a Safe Smart Contract: Lessons and Insights from a Cryptocurrency Lab , 2016, Financial Cryptography Workshops.

[34]  Massimo Bartoletti,et al.  Constant-Deposit Multiparty Lotteries on Bitcoin , 2017, Financial Cryptography Workshops.