analysis of the blockchain
play

Analysis of the Blockchain Protocol in Asynchronous Networks - PowerPoint PPT Presentation

Nov 20, 2023 •209 likes •636 views

Analysis of the Blockchain Protocol in Asynchronous Networks Rafael Pass Lior Seeman abhi shelat Cornell Tech Uber Northeastern Traditional distributed systems: The Permissioned Model Consistency Liveness Paxos/PBFT The

  1. Analysis of the Blockchain Protocol in Asynchronous Networks Rafael Pass Lior Seeman abhi shelat Cornell Tech Uber Northeastern

  2. Traditional distributed systems: The “ Permissioned ” Model ● Consistency ● Liveness Paxos/PBFT

  3. The “ Permissionless ” Model: Bitcoin/Blockchain The Times 03/Jan/2009 Chancellor on brink of second bailout for banks .

  4. The “ Permissionless ” Model ● Nodes do not know each other a-priori The Times 03/Jan/2009 Chancellor on brink of second bailout for banks . ● Nodes come and go ● ANYONE can join ● No network synchronization

  5. The “ Permissionless ” Model ● Strong impossibility results known in the “ permissionless ” (“unauthenticated”) model [BCLPR05] ○ Consistency is impossible ○ Sybil attacks unavoidable. ■ [BCLPR05] defined “weakened” security model (w/o consistency)

  6. Nakamoto’s Blockchain [Nak’08] Prevents Sybil attacks with Proofs-of- Work Puzzles [DN’92] Claims blockchain achieves “public ledger” assuming “honest majority of computing power ”: ● Consistency : everyone sees the same history ● Liveness : everyone can add new transactions

  7. Nakamoto’s Blockchain [Nak’08] Prevents Sybil attacks with Proofs-of- Work Puzzles [DN’92] Claims blockchain achieves “public ledger” assuming “honest majority” 2 amazing aspects: ● Overcomes permissionless barrier [BCLPR’05] ● Consistency : everyone sees the same history ● Liveness : everyone can add new transactions ● Overcomes ⅓ barrier even in permissioned setting [LSP’83] 2 amazing aspects: ● Overcomes permissionless barrier [BCLPR] ● Overcomes ⅓ barrier even in permissioned setting[

  8. ● WHAT IS a blockchain? ○ no definition of an “abstract blockchain ” ● Does Nakamoto’s protocol achieve CONSISTENCY ? ○ “Specific attacks” don’t work [N’08, GKL’15 , SZ’15] ○ 49.1% attack (with 10s network delays) claimed [DW’14 ]

  9. What is a blockchain?

  10. How to build a “blockchain”

  11. jesper ➔ abhi : Ƀ 50 How to build a “blockchain”

  12. “Hash function” D > H ( , , ) How to build a “blockchain”

  13. puzzle solution Difficulty D > ( , , ) H Search for a puzzle solution

  14. D > H ( , , ) We found a new block

  15. D > H ( , , ) Best way to find a solution is brute- force search: model H as RO

  16. Honest nodes only “believe” longest chain

  17. jesper → abhi Jesper wants to erase this transaction

  18. jesper → abhi For Jesper to erase his transaction, he has to find a longer chain

  19. jesper → abhi “If transaction is sufficiently deep, he cannot do this unless he has majority hashpower ” ● [Nak’08]: “simply trying to mine alternative chain fails” ● [GLK’15]: in synchronous network ● [SZ’15]: “non - withholding attacks” fail also with Delta -delay networks

  20. jesper → abhi “If transaction is sufficiently deep, he cannot do this unless he has majority hashpower ” ● [Nak’08]: “simply trying to mine alternative chain fails” ● [ GKL ’15 ]: in synchronous network ● [SZ’15]: “non - withholding attacks” fail also with Δ -delays

  21. Blockchain abstraction (a la GKL,KL) w/ prob exp(- k ) Consistency: Honest nodes agree on all but last k blocks ≤ k unstable ≤ k unstable

  22. Future-self Blockchain abstraction w/ prob exp(- k ) consistency Consistency: Honest nodes agree on all but last k blocks ≤ k unstable ≤ k unstable

  23. Blockchain abstraction w/ prob exp(- k ) Consistency: Honest nodes agree on all but last k blocks Chain quality: Any consecutive k blocks contain “sufficiently many” honest blocks k

  24. Blockchain abstraction w/ prob exp(- k ) Consistency: Honest nodes agree on all but last k blocks Chain quality: Any consecutive k blocks contain “sufficiently many” honest blocks Chain growth: Chain grows at a steady rate

  25. Blockchain implies “state machine replication” in the permissionless model Traditional Consistency “state machine replication” Chain quality Consistency Chain growth Liveness

  26. Theorem: For every ρ <1/2 , if “ mining difficulty ” is appropriately set (as a function of the network delay Δ , and total mining power), Nakamoto’s blockchain guarantees: ● Consistency ● Chain quality: 1 - ρ /(1- ρ) ● Chain growth: O(1/ Δ ) where ρ adv’s fraction of hashpower, and adv controls the network

  27. Theorem: For every ρ <1/3 , if “ mining difficulty ” is appropriately set (as a function of the network delay Δ , and total mining power), Nakamoto’s blockchain guarantees: ● Consistency ● Chain quality: 1 - (1/3)/(2/3) = 1/2 ● Chain growth: O(1/ Δ ) where ρ adv’s fraction of hashpower, and adv controls the network

  28. Theorem: For every ρ <1/2 , if “ mining difficulty ” is appropriately set (as a function of the network delay Δ , and total mining power), Nakamoto’s blockchain guarantees: ● Consistency ● Chain quality: 1 - ρ /(1- ρ) ● Chain growth: O(1/ Δ ) where ρ adv’s fraction of hashpower, and adv controls the network

  29. Theorem: For every ρ <1/2 , if “ mining difficulty ” is appropriately set (as a function of the network delay Δ , and total mining power), Nakamoto’s blockchain guarantees: ● Consistency ● Chain quality: 1 - ρ /(1- ρ) “Blocks are found SLOWER than Δ” ● Chain growth: O(1/ Δ ) where ρ adv’s fraction of hashpower, and adv controls the network

  30. Theorem: For every ρ <1/2 , if “ mining difficulty ” is appropriately set (as a function of the network delay Δ , and total mining power), Nakamoto’s blockchain guarantees: ● Consistency ● Chain quality: 1 - ρ /(1- ρ) ● Chain growth: O(1/ Δ ) “Blocktime” >> Δ where ρ adv’s fraction of hashpower, and adv controls the network

  31. “Appropriately set” When c = 60 (10 min blocktime, 10s network delays) Secure : ρ < 49.57 (contradicts [DW’14]’attack!) Attack : ρ > 49.79

  32. “Appropriately set” Mining rate of Network Delay Mining rate honest players of Adv

  33. Theorem [Security of Nakamoto] For every ρ<1/2 , if mining difficulty is appropriately set (as a function of the network delay, and total mining power ), Nakamoto’s blockchain guarantees a) consistency, b) chain quality 1 - ρ/(1 - ρ) , and c) Chain growth: O(1/Δ) Theorem [Blatant attack]: For every ρ>0 , for every mining difficulty, there exists a network delay such that Nakamoto’s blockchain is inconsistent and has 0 chain quality

  34. Nakamoto’s protocol achieves strong robustness properties : • assuming “ honest majority of computational power ” • assuming puzzle difficulty is appropriately set as a function of network delay Δ

  35. Nakamoto’s protocol achieves strong robustness properties : • assuming “ honest majority of computational power ” • assuming puzzle difficulty is appropriately set as a function of network delay Δ BUT 1: Blocktime need to be rougly 10 * Δ to handle ⍴ > 0.45 ; thus, slow confirmation times

  36. Nakamoto’s protocol achieves strong robustness properties : • assuming “ honest majority of computational power ” • assuming puzzle difficulty is appropriately set as a function of network delay Δ BUT 1: Blocktime need to be rougly 10 * Δ to handle ⍴ > 0.45 ; thus, slow confirmation times BUT 2 : not fair, not incentive compatible!

  37. Follow-up Works Incentive Compatibility : The Fruit Chain [PS’17] All use our abstraction of a blockchain, as well as our analysis of Naka

  38. Follow-up Works Incentive Compatibility : The Fruit Chain [PS’17] Fast confirmation: All use our abstraction of a blockchain, as well as our analysis of Naka

  39. Follow-up Works Incentive Compatibility : The Fruit Chain [PS’17] Fast confirmation: • Assuming 2/3 honesty: Hybrid Consensus [PS’16] All use our abstraction of a blockchain, as well as our analysis of Naka

  40. Follow-up Works Incentive Compatibility : The Fruit Chain [PS’17] Fast confirmation: • Assuming 2/3 honesty: Hybrid Consensus [PS’16] • Impossible if only 2/3-\eps honest All use our abstraction of a blockchain, as well as our analysis of Naka

  41. Follow-up Works Incentive Compatibility : The Fruit Chain [PS’17] Fast confirmation: • Assuming 2/3 honesty: Hybrid Consensus [PS’16] • Impossible if only 2/3-\eps honest • Optimistically Instant Confirmation: Thunderella [PS’17] All use our abstraction of a blockchain, as well as our analysis of Naka

  42. Follow-up Works Incentive Compatibility : The Fruit Chain [PS’17] Fast confirmation: • Assuming 2/3 honesty: Hybrid Consensus [PS’16] • Impossible if only 2/3-\eps honest • Optimistically Instant Confirmation: Thunderella [PS’17] All use our abstraction of a blockchain, as well as our analysis of Naka

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

An analysis of the applicability of blockchain to secure IP addresses allocation, delegation and

An analysis of the applicability of blockchain to secure IP addresses allocation, delegation and

An analysis of the applicability of blockchain to secure IP addresses allocation, delegation and bindings draft-paillisse-sidrops-blockchain-01 OPSEC - IETF 101 - London March 2018 Jordi Pailliss , Albert Cabellos, Vina Ermagan, Alberto

939 views • 44 slides
bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2

bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2

MAKE BLOCKCHAIN WORK FOR YOU bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2 Consensus 1 Encryption P2P Networks Time Stamp Challenges addressed by blockchain Regulatory and compliance pressures

669 views • 14 slides
Solidus Blockchain Ethan Cecchetti March 26, 2017 Blockchains Blockchain Blockchain

Solidus Blockchain Ethan Cecchetti March 26, 2017 Blockchains Blockchain Blockchain

Solidus Blockchain Ethan Cecchetti March 26, 2017 Blockchains Blockchain Blockchain blockchain blockchain blockchain Blockchain blockchain blockchain Blockchain Blockchain (blockchain) Blockchain blockchain, blockchain

470 views • 12 slides
Blockchain and Distributed Ledgers Blockchain allows mul/ple compe/ng par/es

Blockchain and Distributed Ledgers Blockchain allows mul/ple compe/ng par/es

State of Blockchain at LF Christopher Ferris, CTO Open Technology, IBM Blockchain and Distributed Ledgers Blockchain allows mul/ple compe/ng par/es to securely interact with the same universal

567 views • 31 slides
Blockchain &amp; Banking Ahmed A. Mansour MBA, PMP, ITIL, TOGAF, FL23, Blockchain Expert Who

Blockchain &amp; Banking Ahmed A. Mansour MBA, PMP, ITIL, TOGAF, FL23, Blockchain Expert Who

Blockchain &amp; Banking Ahmed A. Mansour MBA, PMP, ITIL, TOGAF, FL23, Blockchain Expert Who thinks blockchain is the future of banking? Who can explain what blockchain is? Blockchain in Banking 2 Blockchain Key Elements Smart Ledger

517 views • 20 slides
Bitcoin, Blockchain and the Internet of Value Veronika Ktt Frankfurt School Blockchain Center

Bitcoin, Blockchain and the Internet of Value Veronika Ktt Frankfurt School Blockchain Center

Bitcoin, Blockchain and the Internet of Value Veronika Ktt Frankfurt School Blockchain Center E-Mail: veronika.kuett@fs-blockchain.de Internet: www.fs-blockchain.de About FSBC Our Portfolio Research 1 Foster understanding of blockchain

688 views • 24 slides
Welcome to the Government Blockchain Association (GBA) Meet Up May 15 th , 2017 Blockchain

Welcome to the Government Blockchain Association (GBA) Meet Up May 15 th , 2017 Blockchain

Welcome to the Government Blockchain Association (GBA) Meet Up May 15 th , 2017 Blockchain for Homeland Security, Defense and Law Enforcement Agenda Brief Review What is blockchain and why is it important? What are the defining

795 views • 31 slides
Blockchain and Accounting By: Jamie Freiman Rutgers University Overview What is Blockchain?

Blockchain and Accounting By: Jamie Freiman Rutgers University Overview What is Blockchain?

Blockchain and Accounting By: Jamie Freiman Rutgers University Overview What is Blockchain? How does it work? Types of Blockchain systems. Impacts of the Blockchain on business and accounting. Integration with Smart

879 views • 22 slides
TECHNOLOGY (DLT) AND BLOCKCHAIN Blockchain and its applications INTRODUCTION Ishmeet Singh,

TECHNOLOGY (DLT) AND BLOCKCHAIN Blockchain and its applications INTRODUCTION Ishmeet Singh,

DISTRIBUTED LEDGER TECHNOLOGY (DLT) AND BLOCKCHAIN Blockchain and its applications INTRODUCTION Ishmeet Singh, Blockchain Consultant I have built technology products for Fortune 500 companies like MasterCard, MetLife and Adobe. I have also

925 views • 28 slides
The Blockchain #HypetoReality 23 rd May 2017 What is the beginning? Dubai Government Blockchain

The Blockchain #HypetoReality 23 rd May 2017 What is the beginning? Dubai Government Blockchain

The Blockchain #HypetoReality 23 rd May 2017 What is the beginning? Dubai Government Blockchain Strategy 100% of Government documents to be on the Blockchain by 2020 Emirates NBD Branch of the future Two use case were chosen for Pilot

484 views • 23 slides
K&amp;L Gates Blockchain Energizer Vol. 1 A bi-weekly update on applications of blockchain

K&amp;L Gates Blockchain Energizer Vol. 1 A bi-weekly update on applications of blockchain

K&amp;L Gates Blockchain Energizer Vol. 1 A bi-weekly update on applications of blockchain technology in the April 6, 2017 energy industry Molly Suda and Benjamin L. Tejblum In this issue: There is a lot of buzz around blockchain technology and

255 views • 4 slides
CHALLENGES 02/04/2020 OUTLINE : Introduction Blockchain in Cyber security Blockchain and CIA

CHALLENGES 02/04/2020 OUTLINE : Introduction Blockchain in Cyber security Blockchain and CIA

BLOCKCHAIN IN CYBERSECURITY: USAGE AND Abdullah Hamdan CHALLENGES 02/04/2020 OUTLINE : Introduction Blockchain in Cyber security Blockchain and CIA Blockchain Security applications Blockchain Security challenges Conclusion 2 INTRODUCTION

413 views • 12 slides
An Overview of Blockchain and Delawares Blockchain Initiative Matthew J. OToole September

An Overview of Blockchain and Delawares Blockchain Initiative Matthew J. OToole September

Sponsored By: An Overview of Blockchain and Delawares Blockchain Initiative Matthew J. OToole September 29, 2018 National Public Records Research Association Annual Conference Overview of Blockchain/DLT Broad/high-level overview

217 views • 9 slides
Blockchain At Your Fingertips INTRODUCTION WE ARE RAPIDS! BLOCKCHAIN AT YOUR FINGERTIPS We are a

Blockchain At Your Fingertips INTRODUCTION WE ARE RAPIDS! BLOCKCHAIN AT YOUR FINGERTIPS We are a

Blockchain At Your Fingertips INTRODUCTION WE ARE RAPIDS! BLOCKCHAIN AT YOUR FINGERTIPS We are a creative agency with a passion for innovation and the design of beautiful creations. We have all envisioned certain aspects of past cryptocurrency

441 views • 26 slides
Blockchain and Crypto By David and Lukas Blockchain and Crypto By David and Lukas Topics

Blockchain and Crypto By David and Lukas Blockchain and Crypto By David and Lukas Topics

Blockchain and Crypto By David and Lukas Blockchain and Crypto By David and Lukas Topics Overview What is Bitcoin? What is a Blockchain? Blockchain and Bitcoin In-Depth Transactions New Blocks Forks Nakamotos Forerunners Smart

708 views • 48 slides
The State of Blockchain and Its Impact on Finance Profession What do Blockchain and

The State of Blockchain and Its Impact on Finance Profession What do Blockchain and

The State of Blockchain and Its Impact on Finance Profession What do Blockchain and cryptocurrency really mean and what are the opportunities? What about the risks that come with such wholesale change to business processes. Learn this and more

1.22k views • 32 slides
Numerical diagonalization studies of quantum spin chains Introduction to computational studies of

Numerical diagonalization studies of quantum spin chains Introduction to computational studies of

PY 502, Computational Physics, Fall 2018 Anders W. Sandvik, Boston University Numerical diagonalization studies of quantum spin chains Introduction to computational studies of spin chains Using basis states incorporating conservation laws

302 views • 8 slides
Error-Controlled Lossy Compression Optimized for High Compression Ratios of Scientific Datasets

Error-Controlled Lossy Compression Optimized for High Compression Ratios of Scientific Datasets

Error-Controlled Lossy Compression Optimized for High Compression Ratios of Scientific Datasets Xin Liang(University of California, Riverside) Sheng Di (Argonne National Laboratory) Dingwen Tao (University of Alabama) Sihuan Li (University of

529 views • 30 slides
Deep Learning Accelerators Abhishek Srivastava (as29) Samarth Kulshreshtha (samarth5) University

Deep Learning Accelerators Abhishek Srivastava (as29) Samarth Kulshreshtha (samarth5) University

Deep Learning Accelerators Abhishek Srivastava (as29) Samarth Kulshreshtha (samarth5) University of Illinois, Urbana-Champaign Submitted as a requirement for CS 433 graduate student project Outline Introduction What is Deep Learning?

697 views • 56 slides
Using TPUs to Design TPUs Cliff Young, Google AI AIDArc Keynote 3 June 2018 Why Were at

Using TPUs to Design TPUs Cliff Young, Google AI AIDArc Keynote 3 June 2018 Why Were at

Using TPUs to Design TPUs Cliff Young, Google AI AIDArc Keynote 3 June 2018 Why Were at AIDArc: Can AI help Computer Architecture? Speech Vision Translation Ranking Go Robotics Self-Driving Cars Medical Diagnosis Astronomy ? 2

704 views • 25 slides
Vector and Free Store (Vectors and Arrays) Marco Chiarandini Department of Mathematics &amp;

Vector and Free Store (Vectors and Arrays) Marco Chiarandini Department of Mathematics &amp;

DM560 Introduction to Programming in C++ Vector and Free Store (Vectors and Arrays) Marco Chiarandini Department of Mathematics &amp; Computer Science University of Southern Denmark [ Based on slides by Bjarne Stroustrup ] Outline 1.

507 views • 40 slides
MASSACHUSETTS INSTITUTE OF TECHNOLOGY Physics Department 8.044 Statistical Physics I Spring Term

MASSACHUSETTS INSTITUTE OF TECHNOLOGY Physics Department 8.044 Statistical Physics I Spring Term

MASSACHUSETTS INSTITUTE OF TECHNOLOGY Physics Department 8.044 Statistical Physics I Spring Term 2013 Excited State Helium, He An Example of Quantum Statistics in a Two Particle System By definition He has one electron in the lowest

332 views • 5 slides
Completeness of Resolution 5ai We will show by construction: AUTOMATED REASONING If clauses S

Completeness of Resolution 5ai We will show by construction: AUTOMATED REASONING If clauses S

Completeness of Resolution 5ai We will show by construction: AUTOMATED REASONING If clauses S have no models then there is a resolution proof of [] from S . As shown in Slides 4 the construction has two parts : SLIDES 5: (i) find a ground

544 views • 5 slides
2.2 Transformations Hao Li http://cs420.hao-li.com 1 OpenGL Transformations Matrices

2.2 Transformations Hao Li http://cs420.hao-li.com 1 OpenGL Transformations Matrices

Fall 2017 CSCI 420: Computer Graphics 2.2 Transformations Hao Li http://cs420.hao-li.com 1 OpenGL Transformations Matrices Model-view matrix (4x4 matrix) Projection matrix (4x4 matrix) vertices in canonical 3D world coordinate

527 views • 41 slides

More recommend