Tools for Game Theoretic Models of Security for Cryptocurrencies - - PowerPoint PPT Presentation

Tools for Game Theoretic Models of Security for Cryptocurrencies

Sarah Azouvi Protocol Labs, University College London

March, 8th 2020

Alexander Hicks University College London

CES’20 MIT

Blockchains

=

Block1 Block2 Block3

• Defends against Sybil attacks
• Incentivizes consensus
• Decentralised
• More participation More secure

Blockchains’ Security

• Traditional Distributed Systems and Cryptography do not

consider incentives

• Game Theory does not consider security notions
• How to capture blockchains’ security?
• Mix Game Theory and Security?

• Has been studied a lot before Bitcoin
• We reviewed a lot of papers
• Non-exhaustive

Game Theory (GT) and Security?

Why mix GT and security?

• Security Economics tells us that security is about more

than technical constructions

• “Incentives in Security Protocols” (SPW 2018)
• GT/Mechanism Design (MD) serves to promote good
• utcomes

GT/MD primer

Nash Equilibrium (NE)

NE Limitations

Coalitions? Arbitrary Faults External Incentives Irrational Players Computing a NE is hard

Mechanism Design

Desired outcome Game Israeli Nursery Study

Security

Things “work” No Trusted third party

• Mixing different framework:
• Addition skills required
• Increased Complexity
• Different assumptions

Why is combining security and GT is hard?

Consensus

BAR Model

Rational Players Byzantine (Malicious) Players Altruistic Players

Coalitions Rational Players Byzantine (Malicious) Players Altruistic Players Coalitions

Robustness

Cryptography

Rational Cryptography

Rational protocol design Protocol can have vulnerabilities

𝛒 𝘉

Blockchains

• Consensus
• No model widely adapted
• Decentralisation
• Empirical work

Open problems

• Utilities hard to compute in practice
• Most of the research is theoretical
• Empirical data on behaviour of players and coalitions

(especially short term profit vs long term profit)

Questions?

sarah.azouvi@protocol.ai @SarahAzouvi