Tight Consistency Bounds for Bitcoin

We establish the optimal security threshold for the Bitcoin protocol in terms of adversarial hashing power, honest hashing power, and network delays. Specifically, we prove that the protocol is secure if [ra < 1/Δ0 + 1/rh,,] where rh is the expected number of honest proof-of-work successes in unit time, ra is the expected number of adversarial successes, and no message is delayed by more than Δ0 time units. In this regime, the protocol guarantees consistency and liveness with exponentially decaying failure probabilities. Outside this region, the simple private chain attack prevents consensus. Our analysis immediately applies to any Nakamoto-style proof-of-work protocol; in the full version of this paper we also present the adaptations needed to apply it in the proof-of-stake setting, establishing a similar threshold there.

[1]  L. Lecam,et al.  On the Distribution of Sums of Independent Random Variables , 1965 .

[2]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[3]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[4]  Abhi Shelat,et al.  A Better Method to Analyze Blockchain Consistency , 2018, CCS.

[5]  David Tse,et al.  Everything is a Race and Nakamoto Always Wins , 2020, IACR Cryptol. ePrint Arch..

[6]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[7]  Elaine Shi,et al.  Snow White: Robustly Reconfigurable Consensus and Applications to Provably Secure Proof of Stake , 2019, Financial Cryptography.

[8]  Abhi Shelat,et al.  Analysis of the Blockchain Protocol in Asynchronous Networks , 2017, EUROCRYPT.

[9]  Aggelos Kiayias,et al.  The Combinatorics of the Longest-Chain Rule: Linear Consistency for Proof-of-Stake Blockchains , 2020, SODA.

[10]  Aggelos Kiayias,et al.  Ouroboros Praos: An adaptively-secure, semi-synchronous proof-of-stake protocol , 2017, IACR Cryptol. ePrint Arch..

[11]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[12]  Aggelos Kiayias,et al.  Ouroboros Praos: An Adaptively-Secure, Semi-synchronous Proof-of-Stake Blockchain , 2018, EUROCRYPT.

[13]  Yaonan Jin,et al.  On Asymptotically Tight Tail Bounds for Sums of Geometric and Exponential Random Variables , 2019 .

[14]  Aggelos Kiayias,et al.  Consistency of Proof-of-Stake Blockchains with Concurrent Honest Slot Leaders , 2020, 2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS).

[15]  Ling Ren,et al.  Analysis of Nakamoto Consensus , 2019, IACR Cryptol. ePrint Arch..

[16]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.