Abstract
As the fundamental component of blockchains, proof-of-work (PoW) scheme has been widely leveraged to provide consensus for maintaining a distributed public ledger. However, the long confirmation time, and hence the slow finality rate, is far from satisfactory. Alternative paradigms with performance improvement emerge. Nevertheless, there are fewer attempts in modifying the PoW mechanism itself.
We find that the slow finality rate in PoW is caused by using only one bit to measure the computational power, namely, whether the attained hash value is smaller than a given target. In this paper, we first propose Demo-of-Work (DoW), a generalized PoW which assigns the computational work with a score depending on the hash value. We also treat the bitcoin blockchain as a global “clock” to attain synchronization for ensuring that each participant takes part in DoW for roughly the same time interval for ensuring fairness. With these two tools, we construct an alternative blockchain called AB-chain which provides a significantly faster finality rate when compared with the existing PoW-based blockchains, without sacrificing communication complexity or fairness.
Part of the work was done while the first author was a research intern in CUHK. The second author is supported by General Research Funds (CUHK 14210217) of the Research Grants Council, Hong Kong. The third author is supported by the National Natural Science Foundation of China (Grant No. 61672347). A preliminary version appeared as “Fast-to-Converge PoW-like Consensus Protocol” in China Blockchain Conference 2018.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
For improving throughput, many sharding protocols are also proposed (e.g., see [9]).
- 2.
Potential function is a term borrowed from the Physics literature. The existing PoW is a special case of DoW, whose potential function assigns one to all hashes smaller than a predetermined parameter, and zero to others.
- 3.
The cost is hard to be measured by any specific quantity, so we measure it with complexity.
- 4.
There are other works which analyze or evaluate blockchain or blockchain-based cryptocurrencies. For example, Bitcoin backbone [13] has shown common prefix and chain quality, two basic properties of the bitcoin protocol. There is also model for formally analyzing the security and performance of various cryptocurrencies [14].
- 5.
\(|\varphi _{\mathcal {L}}((\alpha +\beta )T) - (\varphi _{\mathcal {L}}(\alpha T)+\varphi _{\mathcal {L}}(\beta T))|\) is non-negligible for certain \(0<\alpha ,\beta <1\).
- 6.
It is not exactly the mathematical expectation, but it simplifies descriptions.
- 7.
A coherence on experimental results even with “noise” from such a difference further justifies the reliability of our finality model and the experiment.
- 8.
We are showing that the Nakamoto chain can be regarded as one instantiation of our model. We are not competing with Nakamoto blockchain in this part.
References
Abraham, I., Malkhi, D., Nayak, K., Ren, L., Spiegelman, A.: Solidus: an incentive-compatible cryptocurrency based on permissionless byzantine consensus. arXiv CoRR abs/1612.02916 (2016)
Andrychowicz, M., Dziembowski, S.: PoW-based distributed cryptography with no trusted setup. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 379–399. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_19
Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, L.: Secure multiparty computations on bitcoin. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, 18–21 May 2014, pp. 443–458 (2014)
Bentov, I., Gabizon, A., Zuckerman, D.: Bitcoin beacon. arXiv CoRR abs/1605.04559 (2016)
Bentov, I., Kumaresan, R.: How to use bitcoin to design fair protocols. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 421–439. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44381-1_24
Bissias, G., Levine, B.N.: Bobtail: a proof-of-work target that minimizes blockchain mining variance (draft). arXiv CoRR abs/1709.08750 (2017)
Boyen, X., Carr, C., Haines, T.: Blockchain-free cryptocurrencies: a framework for truly decentralised fast transactions. Cryptology ePrint Archive, Report 2016/871 (2016)
Bünz, B., Goldfeder, S., Bonneau, J.: Proofs-of-delay and randomness beacons in ethereum. In: IEEE Security & Privacy on the Blockchain (IEEE S&B) (2017)
Chow, S.S.M., Lai, Z., Liu, C., Lo, E., Zhao, Y.: Sharding blockchain (invited paper). In: The First IEEE International Workshop on Blockchain for the Internet of Things (BIoT) (2018, To appear)
David, B., Gaži, P., Kiayias, A., Russell, A.: Ouroboros praos: an adaptively-secure, semi-synchronous proof-of-stake blockchain. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 66–98. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_3
Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_10
Eyal, I., Gencer, A.E., Sirer, E.G., van Renesse, R.: Bitcoin-NG: a scalable blockchain protocol. In: 13th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2016, Santa Clara, CA, USA, 16–18 March 2016, pp. 45–59 (2016)
Garay, J., Kiayias, A., Leonardos, N.: The bitcoin backbone protocol: analysis and applications. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 281–310. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_10
Gervais, A., Karame, G.O., Wüst, K., Glykantzis, V., Ritzdorf, H., Capkun, S.: On the security and performance of proof of work blockchains. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016, pp. 3–16 (2016)
Gilad, Y., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: scaling byzantine agreements for cryptocurrencies. In: Proceedings of the 26th Symposium on Operating Systems Principles, Shanghai, China, 28–31 October 2017, pp. 51–68 (2017)
Jakobsson, M., Juels, A.: Proofs of work and bread pudding protocols. In: Secure Information Networks: Communications and Multimedia Security, IFIP TC6/TC11 Joint Working Conference on Communications and Multimedia Security (CMS 1999), 20–21 September 1999, Leuven, Belgium, pp. 258–272 (1999)
Kumaresan, R., Bentov, I.: Amortizing secure computation with penalties. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016, pp. 418–429 (2016)
Liu, Z., Tang, S., Chow, S.S.M., Liu, Z., Long, Y.: Fork-free hybrid consensus with flexible proof-of-activity. Future Gener. Comp. Syst. 96, 515–524 (2019)
Meng, W., et al.: Position paper on blockchain technology: smart contract and applications. In: Au, M.H., et al. (eds.) NSS 2018. LNCS, vol. 11058, pp. 474–483. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-02744-5_35
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). www.bitcoin.org
Pass, R., Shi, E.: Fruitchains: a fair blockchain. In: Proceedings of the ACM Symposium on Principles of Distributed Computing, PODC 2017, Washington, DC, USA, 25–27 July 2017, pp. 315–324 (2017)
Pass, R., Shi, E.: Hybrid consensus: efficient consensus in the permissionless model. In: 31st International Symposium on Distributed Computing, DISC 2017, Vienna, Austria, 16–20 October 2017, pp. 39:1–39:16 (2017)
Pass, R., Shi, E.: Rethinking large-scale consensus. In: 30th IEEE Computer Security Foundations Symposium, CSF 2017, Santa Barbara, CA, USA, 21–25 August 2017, pp. 115–129 (2017)
Poon, J., Dryja, T.: The bitcoin lightning network: scalable off-chain instant payments (2016). https://lightning.network/lightning-network-paper.pdf
Sompolinsky, Y., Lewenberg, Y., Zohar, A.: Spectre: a fast and scalable cryptocurrency protocol. Cryptology ePrint Archive, Report 2016/1159 (2016)
Vukolic, M.: The quest for scalable blockchain fabric: Proof-of-work vs. BFT replication. In: Open Problems in Network Security - IFIP WG 11.4 International Workshop, iNetSec 2015, Zurich, Switzerland, 29 October 2015, pp. 112–125 (2015). Revised Selected Papers
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
A Detailed Protocols of The Simulation Experiment
A Detailed Protocols of The Simulation Experiment
For each instantiation of the generalized model with a potential function \(\mathcal {L}(\cdot )\), an experiment is performed to reveal its finality rate with a Monte Carlo method. In our experiment, \(M=2^{20}\), \(T=D=2^{10}\) and \(q=10^{-3}\) are chosen, the algorithms listed below are executed (starting from the main function, Algorithm 7). After the execution, the main function returns the expected number of rounds required to form the safety gap.
-
1.
Preparation(\(\alpha , T\)) prepares two arrays to provide outcomes of two discrete cumulative distribution functions. Specifically, \(\textsf {aCDF}[i]\) is the probability of having a hash value no greater than i found by the adversary. \(\textsf {hCDF}[i]\) is similarly the probability of having a hash value no greater than i found by honest nodes.
-
2.
GetH(CDF) returns a random number according to a distribution of a cumulative distribution function recorded in the array CDF.
-
3.
SimAttack(\(\varDelta , {\mathbf {\mathsf{{aCDF}}}}, {\mathbf {\mathsf{{hCDF}}}}\)) models the behaviour of the adversary attempt of forming a new chain of blocks with the total weight greater than the honest one by a certain gap \(\varDelta \).
-
4.
Test(\(\varDelta , q, {\mathbf {\mathsf{{aCDF}}}}, {\mathbf {\mathsf{{hCDF}}}}\)) performs “SimAttack” for sufficiently enough times, to show (via Monte Carlo method) whether the probability of adversary in successfully performing an attack (and overrunning the honest one by a total weight of \(\varDelta \)) is smaller than q.
-
5.
FindMinGap(\(q, {\mathbf {\mathsf{{aCDF}}}},{\mathbf {\mathsf{{hCDF}}}}\)) utilizes a binary search to find the minimal gap \(\delta \) such that the adversary can catch up with the honest chain by a total weight of \(\delta \) only with a negligible probability q.
-
6.
Expc(CDF) returns the expected block weight attained by either honest parties or the adversary by another Monte Carlo experiment.
-
7.
Main(\(\alpha , T, q\)) is the main function that returns (the inverse of) the finality rate \(\varLambda _{\alpha }\) of the blockchain with potential function \(\mathcal {L}(\cdot )\), i.e., the expected number of rounds required to form the safety gap.
In our final experiment, we execute the algorithms with \(\texttt {NUM\_TEST\_SAMPLE}=100000\), \(\texttt {NUM\_TEST\_BLOCK}=200\), and \(\epsilon =10^{-4}\).
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Tang, S., Chow, S.S.M., Liu, Z., Liu, J.K. (2019). Fast-to-Finalize Nakamoto-Like Consensus. In: Jang-Jaccard, J., Guo, F. (eds) Information Security and Privacy. ACISP 2019. Lecture Notes in Computer Science(), vol 11547. Springer, Cham. https://doi.org/10.1007/978-3-030-21548-4_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-21548-4_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-21547-7
Online ISBN: 978-3-030-21548-4
eBook Packages: Computer ScienceComputer Science (R0)