Proof-of-Stake Sidechains

Sidechains have long been heralded as the key enabler of blockchain scalability and interoperability. However, no modeling of the concept or a provably secure construction has so far been attempted. We provide the first formal definition of what a sidechain system is and how assets can be moved between sidechains securely. We put forth a security definition that augments the known transaction ledger properties of liveness and safety to hold across multiple ledgers and enhance them with a new “firewall” security property which safeguards each blockchain from its sidechains, limiting the impact of an otherwise catastrophic sidechain failure. We then provide a sidechain construction that is suitable for proof-of-stake (PoS) sidechain systems. As an exemplary concrete instantiation we present our construction for an epoch- based PoS system consistent with Ouroboros (Crypto 2017), the PoS blockchain protocol used in Cardano which is one of the largest pure PoS systems by market capitalisation, and we also comment how the construction can be adapted for other protocols such as Ouroboros Praos (Eurocrypt 2018), Ouroboros Genesis (CCS 2018), Snow White and Algorand. An important feature of our construction is merged-staking that prevents “goldfinger” attacks against a sidechain that is only carrying a small amount of stake. An important technique for pegging chains that we use in our construction is cross-chain certification which is facilitated by a novel cryptographic primitive we introduce called ad-hoc threshold multisignatures (ATMS) which may be of independent interest. We show how ATMS can be securely instantiated by regular and aggregate digital signatures as well as succinct arguments of knowledge such as STARKs and bulletproofs with varying degrees of storage efficiency.

[1]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[2]  Dan Boneh,et al.  Bulletproofs: Short Proofs for Confidential Transactions and More , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[3]  Stefan Thomas,et al.  A Protocol for Interledger Payments , 2016 .

[4]  Yevgeniy Dodis,et al.  A Verifiable Random Function with Short Proofs and Keys , 2005, Public Key Cryptography.

[5]  DR. Gavin Wood POLKADOT: VISION FOR A HETEROGENEOUS MULTI-CHAIN FRAMEWORK , 2016 .

[6]  Drivechains, Sidechains and Hybrid 2­way Peg Designs , 2022 .

[7]  Pieter Wuille,et al.  Enabling Blockchain Innovations with Pegged Sidechains , 2014 .

[8]  Aggelos Kiayias,et al.  Ouroboros Praos: An Adaptively-Secure, Semi-synchronous Proof-of-Stake Blockchain , 2018, EUROCRYPT.

[9]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[10]  Aggelos Kiayias,et al.  Proofs of Proofs of Work with Sublinear Complexity , 2016, Financial Cryptography Workshops.

[11]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[12]  Thomas Ristenpart,et al.  The Power of Proofs-of-Possession: Securing Multiparty Signatures against Rogue-Key Attacks , 2007, EUROCRYPT.

[13]  Mariana Raykova,et al.  RapidChain: A Fast Blockchain Protocol via Full Sharding , 2018, IACR Cryptol. ePrint Arch..

[14]  Prateek Saxena,et al.  A Secure Sharding Protocol For Open Blockchains , 2016, CCS.

[15]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[16]  Aggelos Kiayias,et al.  Non-Interactive Proofs of Proof-of-Work , 2020, IACR Cryptol. ePrint Arch..

[17]  Eli Ben-Sasson,et al.  Scalable, transparent, and post-quantum secure computational integrity , 2018, IACR Cryptol. ePrint Arch..

[18]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[19]  Narn-Yih Lee,et al.  Threshold-Multisignature Schemes where Suspected Forgery Implies Traceability of Adversarial Shareholders , 1994, EUROCRYPT.

[20]  Alexandra Boldyreva,et al.  Threshold Signatures, Multisignatures and Blind Signatures Based on the Gap-Diffie-Hellman-Group Signature Scheme , 2003, Public Key Cryptography.

[21]  Nir Bitansky,et al.  From extractable collision resistance to succinct non-interactive arguments of knowledge, and back again , 2012, ITCS '12.

[22]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[23]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[24]  Ethan Buchman,et al.  Tendermint: Byzantine Fault Tolerance in the Age of Blockchains , 2016 .

[25]  Aggelos Kiayias,et al.  The Bitcoin Backbone Protocol: Analysis and Applications , 2015, EUROCRYPT.

[26]  Philipp Jovanovic,et al.  OmniLedger: A Secure, Scale-Out, Decentralized Ledger via Sharding , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[27]  Aggelos Kiayias,et al.  Ouroboros Genesis: Composable Proof-of-Stake Blockchains with Dynamic Availability , 2018, IACR Cryptol. ePrint Arch..

[28]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[29]  Edgar R. Weippl,et al.  (Short Paper) A Wild Velvet Fork Appears! Inclusive Blockchain Protocol Changes in Practice , 2018, IACR Cryptol. ePrint Arch..

[30]  Joshua A. Kroll,et al.  The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries , 2013 .

[31]  Marta Piekarska,et al.  Strong Federations: An Interoperable Blockchain Solution to Centralized Third Party Risks , 2016, ArXiv.

[32]  Elaine Shi,et al.  Snow White: Provably Secure Proofs of Stake , 2016, IACR Cryptol. ePrint Arch..

[33]  Silvio Micali,et al.  ALGORAND: The Efficient and Democratic Ledger , 2016, ArXiv.