The Power of Random Symmetry-Breaking in Nakamoto Consensus

Nakamoto consensus underlies the security of many of the world’s largest cryptocurrencies, such as Bitcoin and Ethereum. Common lore is that Nakamoto consensus only achieves consistency and liveness under a regime where the difficulty of its underlying mining puzzle is very high, negatively impacting overall throughput and latency. In this work, we study Nakamoto consensus under a wide range of puzzle difficulties, including very easy puzzles. We first analyze an adversary-free setting and show that, surprisingly, the common prefix of the blockchain grows quickly even with easy puzzles. In a setting with adversaries, we provide a small backwards-compatible change to Nakamoto consensus to achieve consistency and liveness with easy puzzles. Our insight relies on a careful choice of symmetry-breaking strategy, which was significantly underestimated in prior work. We introduce a new method – coalescing random walks – to analyzing the correctness of Nakamoto consensus under the uniformly-at-random symmetry-breaking strategy. This method is more powerful than existing analysis methods that focus on bounding the number of convergence opportunities. 2012 ACM Subject Classification Theory of computation → Distributed computing models

[1]  B. Wesolowski Efficient Verifiable Delay Functions (extended version) , 2021 .

[2]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[3]  Dan Boneh,et al.  Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[4]  Sreeram Kannan,et al.  Prism: Deconstructing the Blockchain to Approach Physical Limits , 2019, CCS.

[5]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[6]  Bart Preneel,et al.  Lay Down the Common Metrics: Evaluating Proof-of-Work Consensus Protocols' Security , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[7]  Jun Zhao An Analysis of Blockchain Consistency in Asynchronous Networks: Deriving a Neat Bound , 2019, ArXiv.

[8]  Abhi Shelat,et al.  Analysis of the Blockchain Protocol in Asynchronous Networks , 2017, EUROCRYPT.

[9]  Aggelos Kiayias,et al.  Speed-Security Tradeoffs in Blockchain Protocols , 2015, IACR Cryptol. ePrint Arch..

[10]  Krzysztof Pietrzak,et al.  Simple Verifiable Delay Functions , 2018, IACR Cryptol. ePrint Arch..

[11]  Alan M. Frieze,et al.  Multiple Random Walks in Random Regular Graphs , 2009, SIAM J. Discret. Math..

[12]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[13]  Bruce Hajek,et al.  Random Processes for Engineers , 2015 .

[14]  Aviv Zohar,et al.  Optimal Selfish Mining Strategies in Bitcoin , 2015, Financial Cryptography.

[15]  Elaine Shi,et al.  FruitChains: A Fair Blockchain , 2017, IACR Cryptol. ePrint Arch..

[16]  Ling Ren,et al.  Analysis of Nakamoto Consensus , 2019, IACR Cryptol. ePrint Arch..

[17]  Abhi Shelat,et al.  A Better Method to Analyze Blockchain Consistency , 2018, CCS.

[18]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol with Chains of Variable Difficulty , 2017, CRYPTO.

[19]  Aggelos Kiayias,et al.  Full Analysis of Nakamoto Consensus in Bounded-Delay Networks , 2020, IACR Cryptol. ePrint Arch..

[20]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[21]  Aggelos Kiayias,et al.  The Combinatorics of the Longest-Chain Rule: Linear Consistency for Proof-of-Stake Blockchains , 2020, SODA.

[22]  Colin Cooper,et al.  Coalescing Random Walks and Voting on Connected Graphs , 2012, SIAM J. Discret. Math..