Constant-Deposit Multiparty Lotteries on Bitcoin

  • Massimo BartolettiEmail author
  • Roberto Zunino
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10323)


An active research trend is to exploit the consensus mechanism of cryptocurrencies to secure the execution of distributed applications. In particular, some recent works have proposed fair lotteries which work on Bitcoin. These protocols, however, require a deposit from each player which grows quadratically with the number of players. We propose a fair lottery on Bitcoin which only requires a constant deposit.



The authors thank Patrick McCorry, Andrew Miller, and Iddo Bentov for their comments on a preliminary version of this paper. This work is partially supported by Aut. Reg. of Sardinia P.I.A. 2013 “NOMAD”.


  1. 1.
    Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, Ł.: Fair two-party computations via Bitcoin deposits. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014. LNCS, vol. 8438, pp. 105–121. Springer, Heidelberg (2014). Google Scholar
  2. 2.
    Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, L.: Secure multiparty computations on Bitcoin. In: IEEE S&P, pp. 443–458 (2014)Google Scholar
  3. 3.
    Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, Ł.: On the malleability of Bitcoin transactions. In: Brenner, M., Christin, N., Johnson, B., Rohloff, K. (eds.) FC 2015. LNCS, vol. 8976, pp. 1–18. Springer, Heidelberg (2015). CrossRefGoogle Scholar
  4. 4.
    Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, L.: Secure multiparty computations on Bitcoin. Commun. ACM 59(4), 76–84 (2016)CrossRefGoogle Scholar
  5. 5.
    Back, A., Bentov, I.: Note on fair coin toss via Bitcoin. (2013)
  6. 6.
    Banasik, W., Dziembowski, S., Malinowski, D.: Efficient zero-knowledge contingent payments in cryptocurrencies without scripts. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 261–280. Springer, Cham (2016). CrossRefGoogle Scholar
  7. 7.
    Bartoletti, M., Zunino, R.: Constant-deposit multiparty lotteries on Bitcoin. IACR Cryptology ePrint Archive, 2016/955 (2016).
  8. 8.
    Bentov, I., Kumaresan, R.: How to use Bitcoin to design fair protocols. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 421–439. Springer, Heidelberg (2014). CrossRefGoogle Scholar
  9. 9.
    Buterin, V.: Ethereum: a next generation smart contract and decentralized application platform (2013).
  10. 10.
    Crary, K., Sullivan, M.J.: Peer-to-peer affine commitment using Bitcoin. In: ACM Conference on Programming Language Design and Implementation, pp. 479–488 (2015)Google Scholar
  11. 11.
    Eyal, I., Sirer, E.G.: Majority is not enough: Bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014). Google Scholar
  12. 12.
    Fouque, P.-A., Poupard, G., Stern, J.: Sharing decryption in the context of voting or lotteries. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 90–104. Springer, Heidelberg (2001). CrossRefGoogle Scholar
  13. 13.
    Garay, J., Kiayias, A., Leonardos, N.: The Bitcoin backbone protocol: analysis and applications. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 281–310. Springer, Heidelberg (2015). Google Scholar
  14. 14.
    Goldschlag, D.M., Stubblebine, S.G.: Publicly verifiable lotteries: applications of delaying functions. In: Hirchfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 214–226. Springer, Heidelberg (1998). CrossRefGoogle Scholar
  15. 15.
    Goldschlag, D.M., Stubblebine, S.G., Syverson, P.F.: Temporarily hidden bit commitment and lottery applications. Int. J. Inf. Secur. 9(1), 33–50 (2010)CrossRefGoogle Scholar
  16. 16.
    Kiayias, A., Zhou, H.-S., Zikas, V.: Fair and robust multi-party computation using a global transaction ledger. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 705–734. Springer, Heidelberg (2016). CrossRefGoogle Scholar
  17. 17.
    Kumaresan, R., Bentov, I.: How to use Bitcoin to incentivize correct computations. In: ACM CCS, pp. 30–41 (2014)Google Scholar
  18. 18.
    Kumaresan, R., Moran, T., Bentov, I.: How to use Bitcoin to play decentralized poker. In: ACM CCS, pp. 195–206 (2015)Google Scholar
  19. 19.
    Lombrozo, E., Lau, J., Wuille, P.: Segregated witness (consensus layer), BIP 141.
  20. 20.
    Miller, A., Bentov, I.: Zero-collateral lotteries in Bitcoin and Ethereum (2014).
  21. 21.
    Rivest, R.L.: Electronic lottery tickets as micropayments. In: Hirschfeld, R. (ed.) FC 1997. LNCS, vol. 1318, pp. 307–314. Springer, Heidelberg (1997). CrossRefGoogle Scholar
  22. 22.
    Ruffing, T., Kate, A., Schröder, D.: Liar, liar, coins on fire!: penalizing equivocation by loss of Bitcoins. In: ACM CCS, pp. 219–230 (2015)Google Scholar
  23. 23.
    Syverson, P.F.: Weakly secret bit commitment: applications to lotteries and fair exchange. In: IEEE CSFW, pp. 2–13 (1998)Google Scholar
  24. 24.
    Szabo, N.: Formalizing and securing relationships on public networks. First Monday 2(9) (1997)Google Scholar

Copyright information

© International Financial Cryptography Association 2017

Authors and Affiliations

  1. 1.Università degli Studi di CagliariCagliariItaly
  2. 2.Università degli Studi di TrentoTrentoItaly

Personalised recommendations