Proof-of-Reputation Blockchain with Nakamoto Fallback

Reputation is a major component of trustworthy systems. However, the subjective nature of reputation, makes it tricky to base a system’s security on it. In this work, we describe how to leverage reputation to establish a highly scalable and efficient blockchain. Our treatment puts emphasis on reputation fairness as a key feature of reputation-based protocols. We devise a definition of reputation fairness that ensures fair participation while giving chances to newly joining parties to participate and potentially build reputation. We also describe a concrete lottery in the random oracle model which achieves this definition of fairness. Our treatment of reputation-fairness can be of independent interest. To avoid potential safety and/or liveness concerns stemming from the subjective and volatile nature of reputation, we propose a hybrid design that uses a Nakamoto-style ledger as a fallback. To our knowledge, our proposal is the first cryptographically secure design of a proof-of-reputation-based (in short PoR-based) blockchain that fortifies its PoR-based security by optimized Nakamoto-style consensus. This results in a ledger protocol which is provably secure if the reputation system is accurate, and preserves its basic safety properties even if it is not, as long as the fallback blockchain does not fail.

[1]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[2]  Danny Dolev,et al.  On the possibility and impossibility of achieving clock synchronization , 1984, STOC '84.

[3]  Danny Dolev,et al.  Authenticated Algorithms for Byzantine Agreement , 1983, SIAM J. Comput..

[4]  Daniel Tschudi,et al.  Afgjort - A Semi-Synchronous Finality Layer for Blockchains , 2019, IACR Cryptol. ePrint Arch..

[5]  Silvio Micali,et al.  Algorand: Scaling Byzantine Agreements for Cryptocurrencies , 2017, IACR Cryptol. ePrint Arch..

[6]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[7]  Gene Itkis,et al.  Forward-Secure Signatures with Optimal Signing and Verifying , 2001, CRYPTO.

[8]  Elaine Shi,et al.  The Honey Badger of BFT Protocols , 2016, CCS.

[9]  Rafail Ostrovsky,et al.  The Price of Low Communication in Secure Multi-party Computation , 2017, CRYPTO.

[10]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[11]  Christoph Lenzen,et al.  Clock Synchronization with Bounded Global and Local Skew , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[12]  Sherman S. M. Chow Running on Karma - P2P Reputation and Currency Systems , 2007, CANS.

[13]  Boaz Patt-Shamir,et al.  Optimal and efficient clock synchronization under drifting clocks , 1999, PODC '99.

[14]  Alex Biryukov,et al.  Guru: Universal Reputation Module for Distributed Consensus Protocols , 2017, IACR Cryptol. ePrint Arch..

[15]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[16]  Jennifer L. Welch,et al.  Self-Stabilizing Clock Synchronization in the Presence of ByzantineFaults ( Preliminary Version ) Shlomi Dolevy , 1995 .

[17]  Elaine Shi,et al.  Thunderella: Blockchains with Optimistic Instant Confirmation , 2018, IACR Cryptol. ePrint Arch..

[18]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[19]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.

[20]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[21]  Yehuda Lindell,et al.  Fair and Efficient Secure Multiparty Computation with Reputation Systems , 2013, IACR Cryptol. ePrint Arch..

[22]  Ueli Maurer,et al.  Bitcoin as a Transaction Ledger: A Composable Treatment , 2017, CRYPTO.

[23]  Sandro Coretti,et al.  Probabilistic Termination and Composability of Cryptographic Protocols , 2016, Journal of Cryptology.

[24]  Aggelos Kiayias,et al.  Ouroboros Praos: An Adaptively-Secure, Semi-synchronous Proof-of-Stake Blockchain , 2018, EUROCRYPT.

[25]  Jonathan Katz,et al.  On expected constant-round protocols for Byzantine agreement , 2006, J. Comput. Syst. Sci..

[26]  Abhi Shelat,et al.  Analysis of the Blockchain Protocol in Asynchronous Networks , 2017, EUROCRYPT.

[27]  Jennifer L. Welch,et al.  Wait-Free Clock Synchronization (Extended Abstract). , 1993, PODC 1993.

[28]  Wei Peng,et al.  Proof of Reputation: A Reputation-Based Consensus Protocol for Peer-to-Peer Network , 2018, DASFAA.

[29]  Danny Dolev,et al.  Fault-tolerant clock synchronization , 1984, PODC '84.

[30]  Iddo Bentov,et al.  Tortoise and Hares Consensus: the Meshcash Framework for Incentive-Compatible, Scalable Cryptocurrencies , 2017, IACR Cryptol. ePrint Arch..

[31]  Sam Toueg,et al.  Optimal clock synchronization , 1985, PODC '85.

[32]  Sandro Coretti,et al.  Round-Preserving Parallel Composition of Probabilistic-Termination Cryptographic Protocols , 2021, Journal of Cryptology.

[33]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[34]  Aggelos Kiayias,et al.  Fair and Robust Multi-party Computation Using a Global Transaction Ledger , 2016, EUROCRYPT.

[35]  Paulo Esteves-Verissimo,et al.  RepuCoin: Your Reputation Is Your Power , 2019, IEEE Transactions on Computers.

[36]  W. Hoeffding Probability Inequalities for sums of Bounded Random Variables , 1963 .

[37]  Aggelos Kiayias,et al.  Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability , 2018, IACR Cryptol. ePrint Arch..

[38]  Aggelos Kiayias,et al.  Consensus Redux: Distributed Ledgers in the Face of Adversarial Supremacy , 2020, IACR Cryptol. ePrint Arch..

[39]  Hagit Attiya,et al.  Optimal Clock Synchronization under Different Delay Assumptions (Preliminary Version). , 1993, PODC 1993.