Blocks and Chains: Introduction to Bitcoin, Cryptocurrencies, and Their Consensus Mechanisms

Abstract The new field of cryptographic currencies and consensus ledgers, commonly referred to as blockchains, is receiving increasing interest from various different communities. These communities are very diverse and amongst others include: technical enthusiasts, activist groups, researchers from various disciplines, start ups, large enterprises, public authorities, banks, financial regulators, business men, investors, and also criminals. The scientific community adapted relatively slowly to this emerging and fast-moving field of cryptographic currencies and consensus ledgers. This was one reason that, for quite a while, the only resources available have been the Bitcoin source code, blog and forum posts, mailing lists, and other online publications. Also the original Bitcoin paper which initiated the hype was published online without any prior peer review. Following the original publication spirit of the Bitcoin paper, a lot of innovation in this field has repeatedly come from the community itself in t...

[1]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[2]  Luís E. T. Rodrigues,et al.  Appia, a flexible protocol kernel supporting multiple coordinated channels , 2001, Proceedings 21st International Conference on Distributed Computing Systems.

[3]  Aleta Marie Ricciardi,et al.  The Group Membership Problem in Asynchronous Systems , 1993 .

[4]  Paulo Veríssimo Uncertainty and predictability: can they be reconciled? , 2003 .

[5]  Matt Blaze,et al.  Protocol failure in the escrowed encryption standard , 1994, CCS '94.

[6]  Franck Petit,et al.  With Finite Memory Consensus Is Easier Than Reliable Broadcast , 2008, OPODIS.

[7]  Ran Canetti,et al.  Fast asynchronous Byzantine agreement with optimal resilience , 1993, STOC.

[8]  Michael K. Reiter A Secure Group Membership Protocol , 1996, IEEE Trans. Software Eng..

[9]  Leslie Lamport,et al.  Using Time Instead of Timeout for Fault-Tolerant Distributed Systems. , 1984, TOPL.

[10]  Hubert Ritzdorf,et al.  Tampering with the Delivery of Blocks and Transactions in Bitcoin , 2015, IACR Cryptol. ePrint Arch..

[11]  Rachele Fuzzati,et al.  A formal approach to fault tolerant distributed consensus , 2008 .

[12]  Felix C. Gärtner,et al.  Fundamentals of fault-tolerant distributed computing in asynchronous environments , 1999, CSUR.

[13]  Ittay Eyal,et al.  The Miner's Dilemma , 2014, 2015 IEEE Symposium on Security and Privacy.

[14]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[15]  Brian A. Coan,et al.  A Simple and Efficient Randomized Byzantine Agreement Algorithm , 1985, IEEE Transactions on Software Engineering.

[16]  Kasper Bonne Rasmussen,et al.  On Bitcoin Security in the Presence of Broken Cryptographic Primitives , 2016, ESORICS.

[17]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[18]  Jason Teutsch,et al.  Demystifying Incentives in the Consensus Computer , 2015, CCS.

[19]  Christian Decker,et al.  Have a snack, pay with Bitcoins , 2013, IEEE P2P 2013 Proceedings.

[20]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[21]  Leslie Lamport,et al.  Reaching Agreement in the Presence of Faults , 1980, JACM.

[22]  Maurice Herlihy,et al.  Wait-free synchronization , 1991, TOPL.

[23]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[24]  Marko Vukolic,et al.  The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication , 2015, iNetSeC.

[25]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[26]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[27]  Elaine Shi,et al.  On Scaling Decentralized Blockchains - (A Position Paper) , 2016, Financial Cryptography Workshops.

[28]  Danny Dolev,et al.  Unanimity in an unknown and unreliable environment , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[29]  Michael J. Fischer,et al.  The Consensus Problem in Unreliable Distributed Systems (A Brief Survey) , 1983, FCT.

[30]  Yair Amir,et al.  The Spread Wide Area Group Communication System , 2007 .

[31]  Christian Decker,et al.  Information propagation in the Bitcoin network , 2013, IEEE P2P 2013 Proceedings.

[32]  Bogdan Warinschi,et al.  Cryptographic puzzles and DoS resilience, revisited , 2014, Des. Codes Cryptogr..

[33]  Elaine Shi,et al.  Nonoutsourceable Scratch-Off Puzzles to Discourage Bitcoin Mining Coalitions , 2015, CCS.

[34]  Miguel Correia,et al.  Asynchronous Byzantine consensus with 2f+1 processes , 2010, SAC '10.

[35]  Miguel Correia,et al.  Experimental Comparison of Local and Shared Coin Randomized Consensus Protocols , 2006, 2006 25th IEEE Symposium on Reliable Distributed Systems (SRDS'06).

[36]  Jeremy Clark,et al.  A first look at the usability of bitcoin key management , 2018, ArXiv.

[37]  Sam Toueg,et al.  Asynchronous consensus and broadcast protocols , 1985, JACM.

[38]  André Schiper,et al.  Uniform consensus is harder than consensus , 2004, J. Algorithms.

[39]  Iddo Bentov,et al.  Proof of Activity: Extending Bitcoin's Proof of Work via Proof of Stake [Extended Abstract]y , 2014, PERV.

[40]  Martin Hirt,et al.  Efficient Byzantine Agreement with Faulty Minority , 2007, ASIACRYPT.

[41]  Michel Raynal,et al.  Looking for a Definition of Dynamic Distributed Systems , 2007, PaCT.

[42]  Michael Ben-Or,et al.  Another advantage of free choice (Extended Abstract): Completely asynchronous agreement protocols , 1983, PODC '83.

[43]  Alex Biryukov,et al.  Bitcoin over Tor isn't a Good Idea , 2014, 2015 IEEE Symposium on Security and Privacy.

[44]  Louise E. Moser,et al.  The SecureRing group communication system , 2001, TSEC.

[45]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[46]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[47]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1985, JACM.

[48]  Sam Toueg,et al.  Unreliable failure detectors for reliable distributed systems , 1996, JACM.

[49]  Sam Toueg,et al.  A Modular Approach to Fault-Tolerant Broadcasts and Related Problems , 1994 .

[50]  Michael Naehrig,et al.  Elliptic Curve Cryptography in Practice , 2014, Financial Cryptography.

[51]  Rachid Guerraoui,et al.  Encapsulating Failure Detection: From Crash to Byzantine Failures , 2002, Ada-Europe.

[52]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[53]  Michael O. Rabin,et al.  Randomized byzantine generals , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[54]  Victor Shoup,et al.  Secure and Efficient Asynchronous Broadcast Protocols , 2001, CRYPTO.

[55]  Leslie Lamport,et al.  The Weak Byzantine Generals Problem , 1983, JACM.

[56]  Marcos K. Aguilera,et al.  The correctness proof of Ben-Or’s randomized consensus algorithm , 2012, Distributed Computing.

[57]  Michael K. Reiter,et al.  Unreliable intrusion detection in distributed computations , 1997, Proceedings 10th Computer Security Foundations Workshop.

[58]  Nancy A. Lynch,et al.  A Lower Bound for the Time to Assure Interactive Consistency , 1982, Inf. Process. Lett..

[59]  Achour Mostéfaoui,et al.  Solving Consensus Using Chandra-Toueg's Unreliable Failure Detectors: A General Quorum-Based Approach , 1999, DISC.

[60]  Marko Vukolic,et al.  The next 700 BFT protocols , 2010, EuroSys '10.

[61]  Nancy A. Lynch,et al.  An Efficient Algorithm for Byzantine Agreement without Authentication , 1982, Inf. Control..

[62]  Achour Mostéfaoui,et al.  From Binary Consensus to Multivalued Consensus in asynchronous message-passing systems , 2000, Inf. Process. Lett..

[63]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[64]  Miguel Correia,et al.  Byzantine consensus in asynchronous message-passing systems: a survey , 2011, Int. J. Crit. Comput. Based Syst..

[65]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[66]  Moti Yung,et al.  Escrow Encryption Systems Visited: Attacks, Analysis and Designs , 1995, CRYPTO.

[67]  Alex Biryukov,et al.  Deanonymisation of Clients in Bitcoin P2P Network , 2014, CCS.

[68]  Peter G. Neumann,et al.  The risks of key recovery, key escrow, and trusted third-party encryption , 1997, World Wide Web J..

[69]  R. Tempo,et al.  Las Vegas randomized algorithms in distributed consensus problems , 2008, 2008 American Control Conference.

[70]  Sam Toueg,et al.  Randomized Byzantine Agreements , 1984, PODC '84.

[71]  Danny Dolev,et al.  On the minimal synchronism needed for distributed consensus , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[72]  Aviv Zohar,et al.  Secure High-Rate Transaction Processing in Bitcoin , 2015, Financial Cryptography.

[73]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[74]  Sam Toueg,et al.  Resilient consensus protocols , 1983, PODC '83.

[75]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[76]  Kartik Nayak,et al.  Stubborn Mining: Generalizing Selfish Mining and Combining with an Eclipse Attack , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[77]  Bogdan Warinschi,et al.  Security Notions and Generic Constructions for Client Puzzles , 2009, ASIACRYPT.

[78]  Colin Boyd,et al.  Stronger Difficulty Notions for Client Puzzles and Denial-of-Service-Resistant Protocols , 2011, CT-RSA.

[79]  Flaviu Cristian,et al.  Understanding fault-tolerant distributed systems , 1991, CACM.