Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

Analysis of bitcoin backbone protocol in the non-flat model


Owing to the novel proof-of-work based consensus algorithm, bitcoin has been the most successful decentralized cryptocurrency so far. In bitcoin system, parties (miners) compete to create blocks by doing publicly verifiable proofs of sequential work (proof-of-work) and the probability that a party wins the competition is proportional to the amount of computational power that he has invested. Note that its security holds under honest majority assumption in terms of the amount of computational power. In this paper, we provide the formal analysis of bitcoin backbone protocol in the non-flat model. Precisely, we rethink and redefine the model of computing puzzles to capture the real-world protocol execution, where each party owns different amount of computational power and does sequential computations towards a puzzle independently. Fortunately, our work obtains the better results in analyzing the security of bitcoin backbone protocol, which can reflect the real-world protocol execution better, without any additional assumptions but the honest majority assumption. Finally, we show that a robust public transaction ledger can be built on top of bitcoin backbone protocol in our model securely.

This is a preview of subscription content, log in to check access.


  1. 1

    Nakamoto S. Bitcoin: a peer-to-peer electronic cash system. 2008.

  2. 2

    Dwork C, Naor M. Pricing via processing or combatting junk mail. In: Advances in Cryptology—CRYPTO’92. Berlin: Springer, 1993. 139–147

  3. 3

    Rivest R L, Shamir A, Wagner D A. Time-Lock Puzzles and Timed-Release Crypto. Technical Report, Cambridge, 1996

  4. 4

    Garay J, Kiayias A, Leonardos N. The bitcoin backbone protocol: analysis and applications. In: Advances in Cryptology—EUROCRYPT 2015. Berlin: Springer, 2015. 281–310

  5. 5

    Pass R, Seeman L, Shelat A. Analysis of the blockchain protocol in asynchronous networks. In: Advances in Cryptology—EUROCRYPT. Berlin: Springer, 2017. 643–673

  6. 6

    Garay J, Kiayias A, Leonardos N. The bitcoin backbone protocol with chains of variable difficulty. In: Advances in Cryptology—CRYPTO 2017. Berlin: Springer, 2017. 291–323

  7. 7

    Ratnasamy S, Francis P, Handley M, et al. A scalable content-addressable network. SIGCOMM Comput Commun Rev, 2001, 31: 161–172

  8. 8

    Druschel P, Rowstron A. Past: persistent and anonymous storage in a peer-to-peer networking environment. In: Proceedings of IEEE Workshop on Hot Topics in Operating Systems, 2001. 65–70

  9. 9

    Castro M, Liskov B. Practical byzantine fault tolerance and proactive recovery. ACM Trans Comput Syst, 2002, 20: 398–461

  10. 10

    Abd-El-Malek M, Ganger G R, Goodson G R, et al. Fault-scalable byzantine fault-tolerant services. SIGOPS Oper Syst Rev, 2005, 39: 59–74

  11. 11

    Clement A, Wong E L, Alvisi L, et al. Making byzantine fault tolerant systems tolerate byzantine faults. In: Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation, Boston, 2009. 153–168

  12. 12

    Decker C, Wattenhofer R. Information propagation in the bitcoin network. In: Proceedings of International Conference on Peer-To-Peer Computing, 2013. 1–10

  13. 13

    Sompolinsky Y, Zohar A. Secure high-rate transaction processing in bitcoin. In: Financial Cryptography and Data Security. Berlin: Springer, 2015. 507–527

  14. 14

    Wei P, Yuan Q, Zheng Y, et al. Security of the blockchain against long delay attack. In: Advances in Cryptology— ASIACRYPT 2018. Berlin: Springer, 2018. 250–275

  15. 15

    Tsabary I, Eyal I. The gap game. In: Proceedings of ACM International Conference on Systems and Storage, 2018.

  16. 16

    Eyal I, Sirer E G. Majority is not enough: bitcoin mining is vulnerable. Commun ACM, 2018, 61: 95–102

  17. 17

    Sarkar P. Multi-stage proof-of-work blockchain. IACR Cryptology ePrint Archive, 2019, 2019: 162

  18. 18

    Szalachowski P, Reijsbergen D, Homoliak I, et al. StrongChain: transparent and collaborative proof-of-work consensus. 2019. ArXiv: 1905.09655

  19. 19

    David B, Gaži P, Kiayias A, et al. Ouroboros praos: an adaptively-secure, semi-synchronous proof-of-stake blockchain. In: Proceedings of International Conference on the Theory & Applications of Cryptographic Techniques. Berlin: Springer, 2018. 66–98

  20. 20

    Badertscher C, Gazi P, Kiayias A, et al. Ouroboros genesis: composable proof-of-stake blockchains with dynamic availability. In: Proceedings of Computer and Communications Security, 2018. 913–930

  21. 21

    Chaum D, Rivest R L, Sherman A T. Blind signatures for untraceable payments. In: Advances in Cryptology. Berlin: Springer, 1983. 199–203

  22. 22

    Baldimtsi F, Chase M, Fuchsbauer G, et al. Anonymous transferable e-cash. In: Public-Key Cryptography—PKC 2015. Berlin: Springer, 2015. 101–124

  23. 23

    Tewari H, Hughes A. Fully anonymous transferable ecash. IACR Cryptol ePrint Archive, 2016, 2016: 107

  24. 24

    Canard S, Pointcheval D, Sanders O, et al. Divisible e-cash made practical. IET Inf Secur, 2015, 10: 332–347

  25. 25

    Miers I, Garman C, Green M, et al. Zerocoin: anonymous distributed e-cash from bitcoin. In: Proceedings of 2013 IEEE Symposium on Security and Privacy, 2013. 397–411

  26. 26

    Sasson E B, Chiesa A, Garman C, et al. Zerocash: decentralized anonymous payments from bitcoin. In: Proceedings of 2014 IEEE Symposium on Security and Privacy (SP), 2014. 459–474

  27. 27

    Canetti R. Security and composition of multiparty cryptographic protocols. J Cryptol, 2000, 13: 143–202

  28. 28

    Canetti R. Universal composable security: a new paradigm for cryptographic protocols. In: Proceedings of IEEE Symposium on Foundations of Computer Science, 2001

  29. 29

    Kiayias A, Panagiotakos G. Speed-security tradeoffs in blockchain protocols. IACR Cryptol ePrint Archive, 2015, 2015: 1019

Download references


This work was supported by National Key R&D Program of China (Grant No. 2017YFB0802500) and Beijing Municipal Science and Technology Project (Grant No. Z191100007119007).

Author information

Correspondence to Hongda Li.

Electronic supplementary material

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Ni, P., Li, H. & Pan, D. Analysis of bitcoin backbone protocol in the non-flat model. Sci. China Inf. Sci. 63, 130105 (2020).

Download citation


  • bitcoin system
  • proof-of-work
  • computational power
  • non-flat model
  • transaction ledger