• PDF / 232,225 Bytes
• 9 Pages / 439.37 x 666.142 pts Page_size
• 14 Downloads / 232 Views

DOWNLOAD

REPORT

ntroduction

Bitcoin [15] has achieved significant popularity since its 2009 launch, with a monetary base nominally worth over US$100 billion at the time of this writing. Perhaps Bitcoin’s most important innovation is its decentralised consensus protocol. Bitcoin-style consensus (or “Nakamoto consensus”) uses computational (proofof-work) puzzles to maintain consensus on the blockchain, a public append-only ledger storing all transactions to prevent double-spending. The computational puzzles are intended to make disrupting the consensus protocol expensive, as an attacker must obtain a large fraction of all computational power in the system to deviate from the default protocol. This basic design has been adapted in dozens of follow-up cryptocurrencies with similar consensus protocols, notably Ethereum [21] which is itself worth close to US$30 billion. It was known from the start that an attacker with a majority of computational power can easily cause arbitrarily deep forks in the blockchain [15]. It has subsequently been shown that an attacker with substantially less power can, at the very least, undermine the fair distribution of rewards in the system [4,16,18]. These attack strategies are profitable in a fixed exchange-rate model (in which an attacker’s utility is solely measured in currency units within the system itself). A similar modelling approach has been used in many papers [6–8,10,11,17] analyzing Bitcoin-style protocols with the goal of proving positive results about incentive-compatibility; that is, that given a specific utility model for miners intended properties of the system will emerge such as an ever-growing longest chain (stability) and proportional distribution of mining rewards (fairness). An inherent limitation to this approach is that real-world attacks may negatively affect systems’ value (and exchange rate with external currencies), making some mining strategies which deviate from the standard protocol to increase c International Financial Cryptography Association 2019  A. Zohar et al. (Eds.): FC 2018 Workshops, LNCS 10958, pp. 92–100, 2019. https://doi.org/10.1007/978-3-662-58820-8_7

Hostile Blockchain Takeovers

93

nominal miner revenue actually yield less utility. A more realistic utility function is revenue denominated in a stable external currency (such as US dollars). Because accurately modeling the impact of miner behavior on exchange rates is difficult, analysis along these lines is usually qualitative. Thus, our ability to compare the stability of competing protocol flavours like proof-of-work and proof-of-stake remains limited. In this work, we analyse the stability of consensus protocols from a different viewpoint. Rather than considering the risk of an attacker undermining desired properties to maximise utility, we consider an attacker whose explicit goal is to undermine and destabilise the consensus protocol. Kroll et al. [11] first considered such an attacker, which they called a Goldfinger attacker after the James Bond villain who attempted to irradiate US Treasury reserves. This attack

Recommend Documents

Hostile Affect

154 29 35MB

Auctions and Takeovers

172 89 147MB

Hostile Encounters

205 48 2MB

Exercise in Hostile Environment

166 5 15MB

Blockchain technology for electoral process in Africa: a short review

166 98 685KB

Government Takeovers of U.S. Foreign Affiliates

155 109 5MB

Can Hostile Attitudes and Hostile Affections Lead to Depressive Symptoms Under Stress? A Study Based on Racial/Ethnic an

149 96 553KB

COOB: Hybrid Secure Device Pairing Scheme in a Hostile Environment

173 4 32MB

Blockchain

165 101 49MB

Blockchain

167 113 5MB

Blockchain

166 115 54MB

Paper Wasps

172 11 126KB