Smart Contract Execution - the (+-)-Biased Ballot Problem

Transaction system build on top of blockchain, especially smart contract, is becoming an important part of world economy. However, there is a lack of formal study on the behavior of users in these systems, which leaves the correctness and security of such system without a solid foundation. Unlike mining, in which the reward for mining a block is fixed, different execution results of a smart contract may lead to significantly different payoffs of users, which gives more incentives for some user to follow a branch that contains a wrong result, even if the branch is shorter. It is thus important to understand the exact probability that a branch is being selected by the system. We formulate this problem as the (+−)-Biased Ballot Problem as follows: there are n voters one by one voting for either of the two candidates A and B. The probability of a user voting for A or B depends on whether the difference between the current votes of A and B is positive or negative. Our model takes into account the behavior of three different kinds of users when a branch occurs in the system – users having preference over a certain branch based on the history of their transactions, and users being indifferent and simply follow the longest chain. We study two important probabilities that are closely related with a blockchain based system – the probability that A wins at last, and the probability that A receives d votes first. We show how to recursively calculate the two probabilities for any fixed n and d, and also discuss their asymptotic values when n and d are sufficiently large. 1998 ACM Subject Classification G.3 Statistical computing, C.2.1 Distributed networks, F.1.2 Probabilistic computation

[1]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[2]  Lin Chen,et al.  On Security Analysis of Proof-of-Elapsed-Time (PoET) , 2017, SSS.

[3]  Marko Vukolic,et al.  The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication , 2015, iNetSeC.

[4]  Elaine Shi,et al.  On Scaling Decentralized Blockchains - (A Position Paper) , 2016, Financial Cryptography Workshops.

[5]  Emin Gün Sirer,et al.  Bitcoin-NG: A Scalable Blockchain Protocol , 2015, NSDI.

[6]  Yoad Lewenberg,et al.  Inclusive Block Chain Protocols , 2015, Financial Cryptography.

[7]  Aviv Zohar,et al.  Optimal Selfish Mining Strategies in Bitcoin , 2015, Financial Cryptography.

[8]  D. F. Bailey,et al.  Counting Arrangements of 1's and -1's , 1996 .

[9]  Melanie Swan,et al.  Blockchain: Blueprint for a New Economy , 2015 .

[10]  L. Addario-Berry,et al.  Ballot Theorems, Old and New , 2008 .

[11]  Marc Renault,et al.  Lost (and Found) in Translation: André's Actual Method and Its Application to the Generalized Ballot Problem , 2008, Am. Math. Mon..

[12]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[13]  Lajos Takács,et al.  A Generalization of the Ballot Problem and its Application in the Theory of Queues , 1962 .

[14]  Lajos Takács FLUCTUATIONS IN THE RATIO OF SCORES IN COUNTING A BALLOT , 1964 .

[15]  L. Jean Camp,et al.  Proof of Work can Work , 2006, WEIS.

[16]  Lin Chen,et al.  Decentralized Execution of Smart Contracts: Agent Model Perspective and Its Implications , 2017, Financial Cryptography Workshops.

[17]  S. Vempala Geometric Random Walks: a Survey , 2007 .

[18]  Lajos Takács The distribution of majority times in a ballot , 1963 .