The Bitcoin Backbone Protocol: Analysis and Applications

Bitcoin is the first and most popular decentralized cryptocurrency to date. In this work, we extract and analyze the core of the Bitcoin protocol, which we term the Bitcoin backbone, and prove two of its fundamental properties which we call common prefix and chain quality in the static setting where the number of players remains fixed. Our proofs hinge on appropriate and novel assumptions on the “hashing power” of the adversary relative to network synchronicity; we show our results to be tight under high synchronization.

[1]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[2]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (extended abstract) , 1982, FOCS 1982.

[3]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, ACM Trans. Program. Lang. Syst..

[4]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[5]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[6]  Michael Ben-Or,et al.  Another Advantage of Free Choice: Completely Asynchronous Agreement Protocols (Extended Abstract). , 1983, PODC 1983.

[7]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[8]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1985, JACM.

[9]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[10]  Danny Dolev,et al.  Early stopping in Byzantine agreement , 1990, JACM.

[11]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[12]  Piotr Berman,et al.  Randomized distributed agreement revisited , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.

[13]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[14]  Gil Neiger,et al.  Distributed Consensus Revisited , 1994, Inf. Process. Lett..

[15]  Malte Borcherding Levels of authentication in distributed agreement , 1996 .

[16]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[17]  Sebastiano Vigna,et al.  Symmetry Breaking in Anonymous Networks: Characterizations , 1996, ISTCS.

[18]  Silvio Micali,et al.  An Optimal Probabilistic Protocol for Synchronous Byzantine Agreement , 1997, SIAM J. Comput..

[19]  Client Puzzles: A Cryptographic Countermeasure Against Connection Depletion Attacks , 1999, NDSS.

[20]  C. Moler,et al.  Advances in Cryptology , 2000, Lecture Notes in Computer Science.

[21]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[22]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[23]  John R. Douceur The Sybil Attack , 2002, IPTPS.

[24]  Matthias Fitzi,et al.  Efficient player-optimal protocols for strong and differential consensus , 2003, PODC '03.

[25]  Michael Okun Agreement Among Unacquainted Byzantine Generals , 2005, DISC.

[26]  Exposing Computationally-Challenged Byzantine Impostors , 2005 .

[27]  Jonathan Katz,et al.  On Expected Constant-Round Protocols for Byzantine Agreement , 2006, CRYPTO.

[28]  Amnon Barak,et al.  Efficient Algorithms for Anonymous Byzantine Agreement , 2008, Theory of Computing Systems.

[29]  S. Nakamoto Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[30]  Alessandro Panconesi,et al.  Concentration of Measure for the Analysis of Randomized Algorithms , 2009 .

[31]  Martin Hirt,et al.  Adaptively Secure Broadcast , 2010, EUROCRYPT.

[32]  Peter Druschel,et al.  Peer-to-peer systems , 2010, Commun. ACM.

[33]  Yehuda Lindell,et al.  Secure Computation Without Authentication , 2011, Journal of Cryptology.

[34]  Moshe Babaioff,et al.  On Bitcoin and red balloons , 2011, SECO.

[35]  Jonathan Katz,et al.  Adaptively secure broadcast, revisited , 2011, PODC '11.

[36]  Ueli Maurer,et al.  Universally Composable Synchronous Computation , 2013, TCC.

[37]  Aviv Zohar,et al.  Accelerating Bitcoin's Transaction Processing. Fast Money Grows on Trees, Not Chains , 2013, IACR Cryptol. ePrint Arch..

[38]  Christian Decker,et al.  Information propagation in the Bitcoin network , 2013, IEEE P2P 2013 Proceedings.

[39]  Iddo Bentov,et al.  How to Use Bitcoin to Incentivize Correct Computations , 2014, CCS.

[40]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[41]  Zerocash: Decentralized Anonymous Payments from Bitcoin (extended version) , 2014 .

[42]  Joseph J. LaViola,et al.  Byzantine Consensus from Moderately-Hard Puzzles : A Model for Bitcoin , 2014 .

[43]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2016, 2014 IEEE Symposium on Security and Privacy.

[44]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2014, Financial Cryptography.

[45]  Iddo Bentov,et al.  How to Use Bitcoin to Design Fair Protocols , 2014, CRYPTO.

[46]  Aggelos Kiayias,et al.  Speed-Security Tradeoffs in Blockchain Protocols , 2015, IACR Cryptol. ePrint Arch..

[47]  Marcin Andrychowicz,et al.  PoW-Based Distributed Cryptography with No Trusted Setup , 2015, CRYPTO.

[48]  Peter Kulchyski and , 2015 .

[49]  Iddo Bentov,et al.  Amortizing Secure Computation with Penalties , 2016, CCS.

[50]  Abhi Shelat,et al.  Analysis of the Blockchain Protocol in Asynchronous Networks , 2017, EUROCRYPT.

[51]  Elaine Shi,et al.  FruitChains: A Fair Blockchain , 2016, IACR Cryptol. ePrint Arch..

[52]  Stefan Katzenbeisser,et al.  Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security , 2016, CCS.

[53]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[54]  Aggelos Kiayias,et al.  Fair and Robust Multi-party Computation Using a Global Transaction Ledger , 2016, EUROCRYPT.

[55]  Vinod Vaikuntanathan,et al.  Improvements to Secure Computation with Penalties , 2016, CCS.

[56]  Aggelos Kiayias,et al.  On Trees, Chains and Fast Transactions in the Blockchain , 2017, IACR Cryptol. ePrint Arch..

[57]  Elaine Shi,et al.  On Scaling Decentralized Blockchains - (A Position Paper) , 2016, Financial Cryptography Workshops.

[58]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol with Chains of Variable Difficulty , 2017, CRYPTO.

[59]  Ueli Maurer,et al.  Bitcoin as a Transaction Ledger: A Composable Treatment , 2017, CRYPTO.