Practical Settlement Bounds for Proof-of-Work Blockchains

Nakamoto proof-of-work ledger consensus currently underlies the majority of deployed cryptocurrencies and smartcontract blockchains, especially when measured in carried value. While a long and fruitful line of work studying the provable security guarantees of this mechanism has succeeded to identify its exact security region—that is, the set of parametrizations under which it possesses asymptotic security—the existing theory does not provide concrete settlement time guarantees that are tight enough to inform practice. In this work we provide a new approach for obtaining such settlement-time guarantees that provides strong, concrete bounds suitable for reasoning about deployed systems. This rigorous framework furthermore yields an efficient computational method for computing explicit bounds on settlement time as a function of honest and adversarial computational power and a bound on network delays. Our framework simultaneously provides upper and lower bounds, which permits an immediate means for evaluating the strength of the results. We implement this computational method and provide a comprehensive sample of concrete bounds for several settings of interest. For Bitcoin, for example, our explicit upper and lower bounds are within 70 seconds of each other after 1 hour of settlement delay with 10 second networking delays and a 10% adversary. In comparison, the best prior result has a gap of 2 hours in the upper and lower bounds with the same parameters.

[1]  Aggelos Kiayias,et al.  Consensus Redux: Distributed Ledgers in the Face of Adversarial Supremacy , 2020, IACR Cryptol. ePrint Arch..

[2]  Hubert Ritzdorf,et al.  On the Security and Performance of Proof of Work Blockchains , 2016, IACR Cryptol. ePrint Arch..

[3]  Dongning Guo,et al.  Close latency-security trade-off for the Nakamoto consensus , 2020, AFT.

[4]  Sreeram Kannan,et al.  Prism: Deconstructing the Blockchain to Approach Physical Limits , 2019, CCS.

[5]  Aggelos Kiayias,et al.  Tight Consistency Bounds for Bitcoin , 2020, IACR Cryptol. ePrint Arch..

[6]  Jun Zhao An Analysis of Blockchain Consistency in Asynchronous Networks: Deriving a Neat Bound , 2019, ArXiv.

[7]  Aggelos Kiayias,et al.  Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability , 2018, IACR Cryptol. ePrint Arch..

[8]  Ling Ren,et al.  Analysis of Nakamoto Consensus , 2019, IACR Cryptol. ePrint Arch..

[9]  Abhi Shelat,et al.  Analysis of the Blockchain Protocol in Asynchronous Networks , 2017, EUROCRYPT.

[10]  Aviv Zohar,et al.  Bitcoin's Security Model Revisited , 2016, ArXiv.

[11]  Sreeram Kannan,et al.  Everything is a Race and Nakamoto Always Wins , 2020, IACR Cryptol. ePrint Arch..

[12]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[13]  Jing Li,et al.  On Analysis of the Bitcoin and Prism Backbone Protocols in Synchronous Networks , 2019, 2019 57th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[14]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[15]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[16]  Abhi Shelat,et al.  A Better Method to Analyze Blockchain Consistency , 2018, CCS.

[17]  Aggelos Kiayias,et al.  Ouroboros Praos: An Adaptively-Secure, Semi-synchronous Proof-of-Stake Blockchain , 2018, EUROCRYPT.

[18]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[19]  Leslie Lamport,et al.  The part-time parliament , 1998, TOCS.