BYZANTINE CONSENSUS THROUGH BITCOIN S PROOF- OF-WORK
|
|
- Shona Reynolds
- 5 years ago
- Views:
Transcription
1 Informatiemanagement: BYZANTINE CONSENSUS THROUGH BITCOIN S PROOF- OF-WORK The aim of this paper is to elucidate how Byzantine consensus is achieved through Bitcoin s novel proof-of-work system without the need for a central authority. The classic version of the Byzantine generals problem is described and restated into a more suitable computer networks system setting. A general introduction into Bitcoin s proof-of-work system is given, followed by a description of how proof-of-work provides a solution to the restated computer networks version of the Byzantine generals problem. 40 MCA: februari 2017, nummer 1
2 Jeroen Rijnbout: The Byzantine generals problem is an example of a thought experiment in which communication and common knowledge play an important role. The main concern in this problem is whether unanimity can be achieved in an unreliable distributed system. It was first introduced and solved by Lamport, Shostak and Pease (1982). This paper explores Bitcoin s novel proof-of-work system as another solution to this problem. Bitcoin is based on a novel Byzantine consensus protocol. It solves the Byzantine generals problem by utilizing a public decentralized proof-of-work chain in order to reach a consensus on ownership of units of the currency (Miller & LaViola, 2014). Bitcoin is a peer-to-peer electronic cash system that, although there is relatively little written about, is increasingly used in a number of fast payment scenarios (Karame, Androulaki & Capkun, 2012). Therefore, it is relevant to understand its workings and shortcomings. This paper will focus on explaining how the proof-of-work concept provides a solution to a modern day version of the Byzantine generals problem in order to provide the reader with some basic insights into these topics. To this end, a general introduction into the Byzantine generals problem and Bitcoin are given. It is then shown how proof-of-work presents a solution to the Byzantine generals problem. The Byzantine Generals Problem The Classic Problem As stated by Lamport et al. (1982), computer networks must handle conflicting information in order to make the right decisions. Different requests to a server might cause conflicts in the processes. This problem of receiving different, conflicting, requests from computers or agents is comparable with a group of Byzantine generals who aim to operate together (Lamport et al., 1982). The classic version of the thought experiment of the Byzantine generals problem is applicable in different systems. According to Lamport et al. (1982), the classic Byzantine generals problem is as follows. Imagine that different divisions of the Byzantine army are camped in separate valleys outside an enemy city. Every division is commanded by its own general. The generals have the order to attack the city simultaneously with multiple divisions, as the chance for non-concurrent attacks to succeed is too small to justify the risk. The generals must come up with a date and time to attack, and they can solely communicate with each other by sending messengers through the hostile city. These conditions cause several issues to arise (Lamport et al., 1982). For instance, some of the generals may be traitors trying to prevent the loyal generals from coming up with an agreement. The proposed solution algorithm therefore has to meet two requirements: 1. All loyal generals decide upon the same plan of action. Besides reaching agreement, the generals should also come up with a reasonable plan. It is therefore also required that: 2. A small number of traitors cannot cause the loyal generals to adopt a bad plan. These requirements can be satisfied if all generals observe the enemy and communicate their observations to the other generals. Based on the information gathered by all generals, each general can make a decision about what the best plan of action is in a situation and vote for that plan. Consider the situation where there are only two options: attack or retreat. Based on the voting for attack or retreat, the most popular choice will be the official plan. A small number of traitors can only affect the decision when all generals are equally divided in their choice. Therefore both plans are not bad plans and voting satisfies both requirements (Lamport et al., 1982). Restating the problem The Byzantine generals problem can be generalized as a decision making problem with multiple agents. Multiple agents are uncertain about information received from others and therefore have to be able to verify the information to be certain the information is true. One example of this generalized problem is the Byzantine generals problem in a peer-to-peer network, like the Bitcoin peer-to-peer network that allows digital money transmission and transaction verification (Miller & LaViola, 2014). Satoshi Nakamoto (The Cryptography Mailing List, 2008) rephrased the classic Byzantine generals problem to be appropriate for a computer networks setting as follows. Consider another version of the By- MCA: februari 2017, nummer 1 41
3 zantine generals problem in which the generals are able to communicate through a network. Multiple generals decide they want to attack the kings Wi-Fi by brute forcing the password. The generals must crack the password and erase any logs to hide the attack before the attack is detected. Each individual general does not control enough CPU power to brute-force the passwords alone in a short enough amount of time to avoid detection. Therefore, multiple generals need to attack at the same time in order to have enough CPU power to brute-force the king s Wi-Fi before the attack is detected. The generals do not necessarily care about the time of the acttack, just that they attack at the same time. The generals agree that the first proposed time of attack that is sent will be the official time of the attack. It does not matter if the proposed time of attack comes from a traitor inten tionally trying to sabotage the plan, as there are no bad plans in this problem outline. The problem is that the network is not instantaneous. Therefore, when multiple generals send out a time of attack at the same time, the other generals might receive the messages in a different order. We can now adjust the two requirements given in the previous section to be applicable to this computer networks version of the problem. Recall that the majority of the generals have to attack the king s Wi-Fi at the same time in order for the attack to succeed. The requirement for this problem can now be described as: 1. All processes in the network must come to unanimous agreement about some value, in spite of a minority of faulty processes that deviate arbitrarily from the protocol (Miller & LaViola, 2014). Not necessarily all generals have to find the same date and time, since it is not specified how many generals are needed to attack at the same time to have enough CPU power. However, the threshold is unknown. Therefore, in the algorithm it must be covered that: 2. The generals are able to check whether they have enough combined CPU power to execute a successful attack at the proposed time of attack. These two requirements can be satisfied using a more complex voting system similar to that used in the classic version of the problem. Such a voting system is introduced in the next section. Bitcoin In 2008, Satoshi Nakamoto, presumably a pseudonym, introduced Bitcoin as a Peer-to-Peer Electronic Cash System. According to Miller et al. (2014), the fundamentals of Bitcoin are based on a novel Byzantine consensus protocol. How Bitcoin achieves Byzantine consensus will be shown in the next section, but first a general introduction into Bitcoin as a digital cash protocol is given. Transactions The Bitcoin protocol provides a means to transact in digital currency, in such a way that everyone can agree on ownership of units of the currency and the order of transactions. Ownership is determined using public key cryptography; that is, the network needs to unanimously agree on association between units of the currency and public keys. Ownership can be transferred by digitally signing a transaction from one public key to another (Miller & LaViola, 2014). The problem arises from the fact that the network needs to be able to confirm that the previous owner in a transaction did not sign any earlier transactions for the same units of the currency (Nakamoto, 2008). As is the case in the Byzantine generals problem, there is no central authority that can verify transactions (or messages, in the case of the generals problem). Therefore, this needs to be solved without the use of a single trusted party. That is to say, it needs to be solved in a decentralized manner. The solution to this is to publicly announce every transaction to the network and agree that whichever transaction arrived first is valid. Each node checks if the output of a transaction has been previously spent (Nakamoto, 2008). A problem in finding consensus about which transaction was received first is that the network might not be instantaneous and therefore the set of new transactions will not be consistent at all nodes (Cap, 2012). In order to achieve consensus on the order of transactions, transactions are timestamped by inclusion in a proof-of-work block. This provides a solution for agreeing on the order of transactions: the hash of a block that includes the hash of the previous block, new transactions, and a time stamp proves the data existed at the given time or it could not have been in the hash (Nakamoto, 2008). 42 MCA: februari 2017, nummer 1
4 Proof-of-Work To implement the process of time-stamping and hashing transaction data, Bitcoin uses a proof-ofwork system similar to that found in Hashcash (Back, 2002). Each node (i.e. each miner) in the network works on solving a moderately hard cryptographic puzzle in order to satisfy the proof-of-work condition. The solution to each puzzle is a SHA-256 hash of all data included in a block, below a given target value, that begins with a number of leading zeros. The block also includes a nonce value, which can be incremented to find the correct hash. The puzzles are designed so that, on average, a solution is found every ten minutes. Once the solution is found, the hash is published to the network. The hash includes all new transactions, the previous block hash and the time stamp (Karame et al., 2012). The solution can then easily be verified by the network by performing a single hash of the block data. The amount of CPU power expended acts as a proof-of-work: a block cannot be altered without redoing the work. Moreover, as blocks are chained in sequence (creating a blockchain), redoing one block would mean redoing all blocks after it (Nakamoto, 2008). This ensures the Bitcoin network will favour the honest chain as long as the majority of peers in the network are honest (Karame et al., 2012). Figure 1. Chain of blocks that include a hash of all transactions (Nakamoto, 2008) Alternatively, this process can be seen as a voting process. Where each added block counts towards a specific history of transactions and all honest nodes work on producing votes for the chain that already has the most votes (i.e. they work on extending the longest chain). This proof-of-work process prevents a computationally bounded adversary from gaining too much influence in the network (Miller & LaViola, 2014). Attack on the Network Now consider the possibility of an attack on the network where a bad actor attempts to double-spend (i.e. sending the same units of currency twice) previously spent coins. The attacker will need to redo the work on the block that included this transaction and every subsequent block in order to produce a chain longer than the current honest chain. After all, the attack will only be successful if the majority of the network switches to the competing chain. Consider a transaction t which is included in a block b 1. Each subsequent block b 2, b 3, b 4,, b n that is added to the honest chain will decrease the probability of the transaction t being falsified, as each added block will require more and more work to be redone. Nakamoto (2008) uses probability theory to show that after six blocks the probability of an attacker catching up is reduced to %, after four more blocks this probability drops to %. The probability drops off exponentially with each added block b n and soon becomes negligible. In practice, Bitcoin transactions are generally accepted after six blocks because at this point, the probability of an attacker catching up is low enough to consider the transaction as valid. In the next section this validation technique will be applied in the Byzantine generals problem. Byzantine Consensus through Proof-of- Work We can now look at Bitcoin s proof-of-work system in terms of a solution to the computer networks system version of the Byzantine generals problem. As the Bitcoin network achieves consensus regarding the order of transactions without the use of a central authority, the generals should be able to do the same. Consider the version of the Byzantine generals problem where the aim is to brute-force the king s Wi-Fi and all generals have agreed that any general may propose a time of attack. The first plan that is received by all generals will be the official plan. The problem here, as stated in a previous section, is that two or more generals may send out a different message to the network at close to the same time. This version of the problem is solved by a simplified version of proof-of-work. Consider a version of Bitcoin s proof-of-work system that does not keep track of the order of transactions, but instead serves MCA: februari 2017, nummer 1 43
5 solely to reach consensus among the generals. Each general goes to work solving a moderately hard hashbased proof-of-work. Each problem is difficult enough that, on average, a solution will be found every ten minutes if (and only if) all the generals are working at once. Once a solution is found by one of the generals, the solution and the included plan of attack (whichever that general received first) are broadcast to the network. Upon receiving this solution, each general adjusts their version of the problem to include the plan, i.e. the time of attack, that was included in the broadcast of this first solution. The generals then continue to work on solving the next proof-of-work problem. This way, each subsequent solution will chain after the first one. If any of the generals are still working on a different plan, they will now switch to this chain as it is the longest available chain; the longest chain is where the majority of the CPU power is. After one hour of work the chain will, on average, consist of six proof-of-work solutions. Now, each general can verify the amount of CPU power that was expended in order to build a chain this long in one hour. From this, each general can conclude whether enough of the generals are working on the same chain with the same version of the plan included to be able to initiate a successful attack on the king s Wi-Fi. For the chain to reach a length of six solutions (blocks) in one hour, the majority of the generals must have been working on the same plan of attack. Therefore, the generals can safely attack on the time included in this chain. Conclusion The Bitcoin consensus protocol can function as a replacement of single trusted parties by creating a peer-to-peer network in which no central authority is present. This consensus protocol solves the absence of a central authority as the main problem in the Byzantine generals problem. Besides helping the generals come to a consensus on when to attack, it also enables the generals to estimate the chance of a successful attack given the amount of CPU power expended. Furthermore, it mitigates multiple plans being sent at approximately the same time and diminishes the risks of any sabotage attempts. Therefore, the Bitcoin consensus protocol satisfies the requirements necessary for solving the modern version of the Byzantine generals problem. Discussion In practice, Bitcoin transactions are considered safe (meaning that they cannot be changed in the blockchain) after six confirmations, i.e. the amount of subsequent blocks after the block that includes the initial transaction. As a result, although Bitcoin transactions are instant, they are not necessarily considered safe and reliable until after multiple confirmations. Furthermore, Karame et al. (2012) showed that double-spend attacks can succeed and further state that the Bitcoin protocol is therefore unsuited for fast transactions. However, as the generals are not concerned with false plans, this is irrelevant to our version of the Byzantine generals problem. In the Byzantine generals problem, it is sufficient for the generals to agree on a false plan as long as the majority agrees. The proof-of-work solution ensures majority agreement among the generals despite a minority of defaulting agents. This is in contrast to the consensus that needs to be achieved in Bitcoin transactions. Each Bitcoin transaction that the network agrees upon has to be a valid, honest transaction in order for the network to operate as a secure and legitimate means of wealth transfer. Further research on how to make Bitcoin suitable for fast and small transactions is ongoing and necessary. References ~ Back, A. (2002). Hashcash a denial of service counter-measure. hashcash.org/hashcash.pdf ~ Cap, C. H. (2012). A Structural Analysis of Bitcoin. In: GI-Jahrestagung, ~ Karame, G. O., Androulaki, E., & Capkun, S. (2012). Double-spending fast payments in bitcoin. In: Proceedings of the 2012 ACM conference on computer and communications security, Vol. CCS 12, ). ~ Lamport, L., Shostak, R., & Pease, M. (1982). The Byzantine generals problem. ACM Transactions on Programming Languages and Systems, July, 4 (3), ~ Miller, A., & LaViola Jr, J. J. (2014). Anonymous Byzantine consensus from moderately-hard puzzles: A model for bitcoin. static/docs/anonymous-byzantine-consensus.pdf ~ Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. bitcoin.org/bitcoin.pdf ~ Nakamoto, S. (2008). The Cryptography Mailing List. Jeroen Rijnbout Bitonic 44 MCA: februari 2017, nummer 1
Introduction to Bitcoin I
Introduction to Bitcoin I P Peterlongo 1 A Tomasi 1 1 University of Trento Department of Mathematics June 10, 2013 Outline 1 Fiat and online payments Functions of Online payments and cost of clearing 2
More informationBiomedical Security. Cipher Block Chaining and Applications
1 Biomedical Security Erwin M. Bakker 2 Cipher Block Chaining and Applications Slides and figures are adapted from: W. Stallings, Cryptography and Network Security 4 th Edition and 7 th Edition 1 3 Block
More informationBiomedical Security. Some Security News 10/5/2018. Erwin M. Bakker
Biomedical Security Erwin M. Bakker Some Security News October 03, 2018 - Hackers attacking healthcare through remote access systems and disrupting operations is the number one patient safety risk, according
More informationHow Bitcoin achieves Decentralization. How Bitcoin achieves Decentralization
Centralization vs. Decentralization Distributed Consensus Consensus without Identity, using a Block Chain Incentives and Proof of Work Putting it all together Centralization vs. Decentralization Distributed
More informationComputer Security. 14. Blockchain & Bitcoin. Paul Krzyzanowski. Rutgers University. Spring 2019
Computer Security 14. Blockchain & Bitcoin Paul Krzyzanowski Rutgers University Spring 2019 April 15, 2019 CS 419 2019 Paul Krzyzanowski 1 Bitcoin & Blockchain Bitcoin cryptocurrency system Introduced
More informationEnsimag - 4MMSR Network Security Student Seminar. Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto
Ensimag - 4MMSR Network Security Student Seminar Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto wafa.mbarek@ensimag.fr halima.myesser@ensimag.fr 1 Table of contents: I- Introduction: Classic
More informationChapter 13. Digital Cash. Information Security/System Security p. 570/626
Chapter 13 Digital Cash Information Security/System Security p. 570/626 Introduction While cash is used in illegal activities such as bribing money laundering tax evasion it also protects privacy: not
More informationConsensus & Blockchain
Consensus & Blockchain S P Suresh Chennai Mathematical Institute Formal Methods Update Meeting IIT Mandi July 17, 2017 The Bitcoin revolution is upon us What is Bitcoin? Bitcoin: an exciting new currency
More informationWhat is Proof of Work?
What is Proof of Work? Educational Series September 18, 2018 Overview There are many protocols that regulate how nodes on a blockchain achieve consensus, and currently the most popular is proof-of-work.
More informationBitcoin: A Peer-to-Peer Electronic Cash System
Bitcoin: A Peer-to-Peer Electronic Cash System Satoshi Nakamoto satoshin@gmx.com www.bitcoin.org Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly
More informationBitcoin: A Peer-to-Peer Electronic Cash System
Bitcoin: A Peer-to-Peer Electronic Cash System Satoshi Nakamoto satoshi@vistomail.com www.bitcoin.org Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly
More informationENEE 457: E-Cash and Bitcoin
ENEE 457: E-Cash and Bitcoin Charalampos (Babis) Papamanthou cpap@umd.edu Money today Any problems? Cash is cumbersome and can be forged Credit card transactions require centralized online bank are not
More informationSecurity Analysis of Bitcoin. Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula
Security Analysis of Bitcoin Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula Security Analysis of Bitcoin Introduction How Bitcoin works? Similar peer-to-peer systems Vulnerabilities and solutions
More informationSmalltalk 3/30/15. The Mathematics of Bitcoin Brian Heinold
Smalltalk 3/30/15 The Mathematics of Bitcoin Brian Heinold What is Bitcoin? Created by Satoshi Nakamoto in 2008 What is Bitcoin? Created by Satoshi Nakamoto in 2008 Digital currency (though not the first)
More informationCoinbit: A Peer-to-Peer Electronic Cash System
Coinbit: A Peer-to-Peer Electronic Cash System Abstract. A solely peer-to-peer version of electronic cash would grant a direct transaction without any third party involved. Digital signatures are part
More informationROUND COMPLEXITY LOWER BOUND OF ISC PROTOCOL IN THE PARALLELIZABLE MODEL. Huijing Gong CMSC 858F
ROUND COMPLEXITY LOWER BOUND OF ISC PROTOCOL IN THE PARALLELIZABLE MODEL Huijing Gong CMSC 858F Overview Background Byzantine Generals Problem Network Model w/o Pre-existing Setup ISC Protocol in Parallelizable
More informationProximity Awareness Approach to Enhance Propagation Delay on the Bitcoin Peer-to-Peer Network
Proximity Awareness Approach to Enhance Propagation Delay on the Bitcoin Peer-to-Peer Network Muntadher Fadhil; Gareth Owen; Mo Adda University of Portsmouth, Buckingham Building, Portsmouth, United Kingdom
More informationCCP: Conflicts Check Protocol for Bitcoin Block Security 1
CCP: Conflicts Check Protocol for Bitcoin Block Security Chen Yang Peking University, China yc900@pku.edu.cn Abstract In this work, we present our early stage results on a Conflicts Check Protocol (CCP)
More informationBitcoin, a decentralized and trustless protocol
Bitcoin, a decentralized and trustless protocol Thomas Sibut-Pinote Inria Saclay February 12, 2015 Thomas Sibut-Pinote Bitcoin, a decentralized and trustless protocol 1 / 42 Introduction Questions 1 Introduction
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationBlockchain. CS 240: Computing Systems and Concurrency Lecture 20. Marco Canini
Blockchain CS 240: Computing Systems and Concurrency Lecture 20 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material. Bitcoin: 10,000 foot view New bitcoins
More informationNeel Gupte. Index Terms Bitcoin, Cryptocurreny, Block Chain, Hashing, Proof-of-Work, Double-spending, Momentum Method, Proof of Stake.
International Journal of Scientific & Engineering Research, Volume 6, Issue 9, September-2015 259 An Analysis of the Hash-Based Proof-of-Work Chain in the Bitcoin Network Neel Gupte Abstract A Bitcoin
More informationILCOIN White Paper. In ILCOIN We Trust ILCOIN
ILCOIN White Paper In ILCOIN We Trust ILCOIN ILCOIN Development Team September 2017 TABLE OF CONTENTS WHAT IS ILCOIN WE NEED THINGS THAT DRAW ON THE REVOLUTION OF BITCOIN, BUT BITCOIN ALONE IS NOT GOOD
More informationAnalyzing Bitcoin Security. Philippe Camacho
Analyzing Bitcoin Security Philippe Camacho philippe.camacho@dreamlab.net Universidad Católica, Santiago de Chile 15 of June 2016 Bitcoin matters Map Blockchain Design Known Attacks Security Models Double
More informationLet's build a blockchain!
I'm Haseeb. That's me. Let's build a blockchain! A mini-cryptocurrency in Ruby I'm Haseeb Qureshi. I'm a software engineer. I'm working at a blockchain company called 21.co. Unless something terrible has
More informationBitBill: Scalable, Robust, Verifiable Peer-to-Peer Billing for Cloud Computing
BitBill: Scalable, Robust, Verifiable Peer-to-Peer Billing for Cloud Computing Li Chen, Kai Chen SING Lab Computer Science and Engineering Hong Kong University of Science and Technology Trust in the Cloud
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University March 30 2017 Outline Digital currencies Advantages over paper cash
More informationECC: Peer-to-Peer Electronic Cash with Trustless Network Services
ECC: Peer-to-Peer Electronic Cash with Trustless Network Services Greg Griffith October 2017 (griffith@cryptounited.io) https://www.ecc.network ECC: Peer-to-Peer Electronic Cash with Trustless Network
More informationCMSC 858F: Algorithmic Game Theory Fall 2010 Achieving Byzantine Agreement and Broadcast against Rational Adversaries
CMSC 858F: Algorithmic Game Theory Fall 2010 Achieving Byzantine Agreement and Broadcast against Rational Adversaries Instructor: Mohammad T. Hajiaghayi Scribe: Adam Groce, Aishwarya Thiruvengadam, Ateeq
More informationEVALUATION OF PROOF OF WORK (POW) BLOCKCHAINS SECURITY NETWORK ON SELFISH MINING
EVALUATION OF PROOF OF WORK (POW) BLOCKCHAINS SECURITY NETWORK ON SELFISH MINING I Gusti Ayu Kusdiah Gemeliarana Department of Electrical Engineering University of Indonesia Depok, Indonesia i.gusti79@ui.ac.id
More informationProblem: Equivocation!
Bitcoin: 10,000 foot view Bitcoin and the Blockchain New bitcoins are created every ~10 min, owned by miner (more on this later) Thereafter, just keep record of transfers e.g., Alice pays Bob 1 BTC COS
More informationBitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January Keeping Current 1
Bitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January 2014 2014.01.22 Keeping Current 1 Questions What problem is Bitcoin solving? Where did it come from? How does the system work? What makes
More informationOn the impact of propogation delay on mining rewards in Bitcoin. Xuan Wen 1. Abstract
On the impact of propogation delay on mining rewards in Bitcoin Xuan Wen 1 Abstract Bitcoin 2 is a decentralized digital currency that is rapidly gaining in popularity. The Bitcoin system relies on miners
More informationWhitepaper Rcoin Global
Whitepaper Rcoin Global SUMMARY 1. Introduction 2. What is Rcoin Global? 3. Transactions 4. Hybrid Network Concept 5. Keepers 6. Incentive 7. Smart Contract Token 8. Token Distribution 9. Rcoin Global
More informationCRUDE COINS. https://crudecoins.net
CRUDE COINS https://crudecoins.net In this whitepaper we have presented Crude Coins is a brand new technology for securely transferring money between anonymous peers. Introduction: Launch story: CrudeCoins
More informationAlternative Consensus
1 Alternative Consensus DEEP DIVE Alexandra Tran, Dev Ojha, Jeremiah Andrews, Steven Elleman, Ashvin Nihalani 2 TODAY S AGENDA GETTING STARTED 1 INTRO TO CONSENSUS AND BFT 2 NAKAMOTO CONSENSUS 3 BFT ALGORITHMS
More informationBitcoin. Arni Par ov. December 17, 2013
Bitcoin Arni Par ov December 17, 2013 Abstract Bitcoin is a distributed, peer-to-peer cryptocurrency that functions without any central authority and in recent years has gained large popularity. This paper
More informationBitcoin. CS6450: Distributed Systems Lecture 20 Ryan Stutsman
Bitcoin CS6450: Distributed Systems Lecture 20 Ryan Stutsman Material taken/derived from Princeton COS-418 materials created by Michael Freedman and Kyle Jamieson at Princeton University. Licensed for
More informationBITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW
BITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW Rustie Lin Wang Move the area1 over the image a little inside and then right click, replace image to change the background. (and delete this box while
More informationBlockchain Certification Protocol (BCP)
Blockchain Certification Protocol (BCP) Fu Yong Quah fuyong@fyquah.me www.fyquah.me Abstract. A semi-decentralized certification system built above the existing 1 Bitcoin network, an innovative peer-to-peer
More informationI. Introduction. II. Security, Coinage and Attacks
Abstract Proof of Stake's security has proven itself over years of testing. Advances in this technology in Blackcoin's Proof-of-Stake 3.0 have solved the issues faced with Coin-Age, Block Reward and Blockchain
More informationGlobal atomicity. Such distributed atomicity is called global atomicity A protocol designed to enforce global atomicity is called commit protocol
Global atomicity In distributed systems a set of processes may be taking part in executing a task Their actions may have to be atomic with respect to processes outside of the set example: in a distributed
More informationMegacoin: A Peer-to-Peer Electronic Cash System. https://megacoin.eu/ https://github.com/limxtec/megacoin https://github.com/limxtec/megacoin/releases
4 8 S Megacoin: A Peer-to-Peer Electronic Cash System https://megacoin.eu/ https://github.com/limxtec/megacoin https://github.com/limxtec/megacoin/releases o, i f t THE MEGACOIN BLOCKCHAIN First Block:
More informationSCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains
SCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains Loi Luu, Viswesh Narayanan, Kunal Baweja, Chaodong Zheng, Seth Gilbert, Prateek Saxena National University of Singapore Bitcoin
More informationA Gentle Introduction To Bitcoin Mining
A Gentle Introduction To Bitcoin Mining Table of Contents Title...3 How Do Bitcoin Transactions Work?...4 Why Is Mining Needed In Bitcoin?...5 Why Do Miners Mine?...6 What Is This Computationally Expensive
More informationResearch Statement. Yehuda Lindell. Dept. of Computer Science Bar-Ilan University, Israel.
Research Statement Yehuda Lindell Dept. of Computer Science Bar-Ilan University, Israel. lindell@cs.biu.ac.il www.cs.biu.ac.il/ lindell July 11, 2005 The main focus of my research is the theoretical foundations
More informationBYZANTINE AGREEMENT CH / $ IEEE. by H. R. Strong and D. Dolev. IBM Research Laboratory, K55/281 San Jose, CA 95193
BYZANTINE AGREEMENT by H. R. Strong and D. Dolev IBM Research Laboratory, K55/281 San Jose, CA 95193 ABSTRACT Byzantine Agreement is a paradigm for problems of reliable consistency and synchronization
More informationprimechain building blockchains for a better world
primechain building blockchains for a better world The nuts and bolts of blockchain technology Rohas Nagpal, Primechain Technologies Pvt. Ltd. The nuts and bolts of blockchain technology Depending upon
More informationCSE 5306 Distributed Systems. Fault Tolerance
CSE 5306 Distributed Systems Fault Tolerance 1 Failure in Distributed Systems Partial failure happens when one component of a distributed system fails often leaves other components unaffected A failure
More informationBitcoin a Peer-to-Peer payment solution
Bitcoin a Peer-to-Peer payment solution [Security Considerations] Jean-Guillaume Dumas University Joseph Fourier Grenoble Jean-Guillaume.Dumas@imag.fr Pascal Sygnet Grenoble INP Ensimag Pascal.Sygnet @Phelma.Grenoble-inp.fr
More informationBYZANTINE GENERALS BYZANTINE GENERALS (1) A fable: Michał Szychowiak, 2002 Dependability of Distributed Systems (Byzantine agreement)
BYZANTINE GENERALS (1) BYZANTINE GENERALS A fable: BYZANTINE GENERALS (2) Byzantine Generals Problem: Condition 1: All loyal generals decide upon the same plan of action. Condition 2: A small number of
More informationBLOCKCHAIN The foundation behind Bitcoin
BLOCKCHAIN The foundation behind Bitcoin Sourav Sen Gupta Indian Statistical Institute, Kolkata CRYPTOGRAPHY Backbone of Blockchain Technology Component 1 : Cryptographic Hash Functions HASH FUNCTIONS
More informationBitcoin and Blockchain
Bitcoin and Blockchain COS 418: Distributed Systems Lecture 18 Zhenyu Song [Credit: Selected content adapted from Michael Freedman. Slides refined by Chris Hodsdon and Theano Stavrinos] Why Bitcoin? All
More informationBiomedical and Healthcare Applications for Blockchain. Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs
Biomedical and Healthcare Applications for Blockchain Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs Network Analysis Working Group 01.25.2018 Outline Introduction to bitcoin + blockchain
More informationA Review on Blockchain Application for Decentralized Decision of Ownership of IoT Devices
Advances in Computational Sciences and Technology ISSN 0973-6107 Volume 10, Number 8 (2017) pp. 2449-2456 Research India Publications http://www.ripublication.com A Review on Blockchain Application for
More informationProof-of-Stake Protocol v3.0
Proof-of-Stake Protocol v3.0 Abstract Proof of Stake's security has proven itself reliable & effective over years of testing while at the same time solving Bitcoin s issues caused by the Proof of Work
More informationInternational Journal of Computer Engineering and Applications, Volume XIII, Issue II, Feb. 19, ISSN
BLOCK-CHAIN: SURVEY ON PRIVACY, SECURITY AND CHALLENGES Monalisha Sinha ABSTRACT: Department of computer science & engineering Birla institute of technology Ranchi, India Blockchain has gained wide attention
More informationBlockchain (de)constructed
Blockchain (de)constructed Fritz Henglein Department of Computer Science, University of Copenhagen (DIKU) DIKU Business Club meeting on blockchain January 11th, 2016 Fritz Henglein Professor of programming
More informationTOPPERCASH TOPPERCASH WHITEPAPER REFORM THE BEST OF BLOCKCHAIN
TOPPERCASH TOPPERCASH WHITEPAPER REFORM THE BEST OF BLOCKCHAIN ABSTRACT A PEER-TO-PEER CRYPTO-CURRENCY DESIGN DERIVED FROM SATOSHI NAKAMOTO S BITCOIN. PROOF- OF-STAKE REPLACES PROOF-OF- WORK TO PROVIDE
More informationSecurity (and finale) Dan Ports, CSEP 552
Security (and finale) Dan Ports, CSEP 552 Today Security: what if parts of your distributed system are malicious? BFT: state machine replication Bitcoin: peer-to-peer currency Course wrap-up Security Too
More informationDarkcoin: Peer to Peer Crypto Currency with Anonymous Blockchain Transactions and an Improved Proof of Work System
Darkcoin: Peer to Peer Crypto Currency with Anonymous Blockchain Transactions and an Improved Proof of Work System Introduction Evan Duffield, Kyle Hagan (evan@darkcoin.io, kyle@darkcoin.io) 18 March 2014
More informationCS 261 Notes: Algorand
CS 261 Notes: Algorand Scribe: Rachel Lawrence September 17, 2018 1 Introduction: Why Algorand? Algorand [6] is a cryptocurrency that works to reach consensus on transactions with a system based on Proof
More informationBlockchains & Cryptocurrencies
1 Blockchains & Cryptocurrencies A Technical Introduction Lorenz Breidenbach ETH Zürich Cornell Tech The Initiative for CryptoCurrencies & Contracts (IC3) 2 Cryptocurrency Mania Market cap as of yesterday:
More informationBitcoin Candy A Peer-to-Peer Electronic Cash System
Bitcoin Candy A Peer-to-Peer Electronic Cash System Elon M elon.m@bitcoincandy.global www.bitcoincandy.global Table of Contents 1. Legal disclaimer 2 2. Introduction 3 3. Technical Specification 3 4. Transactions
More informationPractical Byzantine Fault Tolerance. Miguel Castro and Barbara Liskov
Practical Byzantine Fault Tolerance Miguel Castro and Barbara Liskov Outline 1. Introduction to Byzantine Fault Tolerance Problem 2. PBFT Algorithm a. Models and overview b. Three-phase protocol c. View-change
More informationMarker addresses: Adding identification information to Bitcoin transactions to leverage existing trust relationships
Marker addresses: Adding identification information to Bitcoin transactions to leverage existing trust relationships Jan Vornberger jan@uos.de Abstract: This paper proposes a technique for creating Bitcoin
More informationApplied cryptography
Applied cryptography Electronic Cash Andreas Hülsing 29 November 2016 1 / 61 Classical Cash - Life Cycle Mint produces money (coins / bank notes) Sent to bank User withdraws money (reduces account balance)
More informationUniversity of Duisburg-Essen Bismarckstr Duisburg Germany HOW BITCOIN WORKS. Matthäus Wander. June 29, 2011
University of Duisburg-Essen Bismarckstr. 90 47057 Duisburg Germany HOW BITCOIN WORKS June 29, 2011 Overview Electronic currency system Decentralized No trusted third party involved Unstructured peer-to-peer
More informationBBc-1 : Beyond Blockchain One - An Architecture for Promise-Fixation Device in the Air -
BBc-1 : Beyond Blockchain One - An Architecture for Promise-Fixation Device in the Air - Kenji Saito and Takeshi Kubo {ks91 t-kubo}@beyond-blockchain.org Revision 0.1 October 31, 2017 1 Introduction Blockchain
More informationThe Ripple Protocol Consensus Algorithm
Ripple Labs Inc, 2014 The Ripple Protocol Consensus Algorithm David Schwartz david@ripple.com Noah Youngs nyoungs@nyu.edu Arthur Britto arthur@ripple.com Abstract While several consensus algorithms exist
More informationDAVID ANDREWS, FOUNDER RYATTA BLOCKCHAIN FOUNDATIONS
DAVID ANDREWS, FOUNDER RYATTA GROUP, CRYPTOGRAPHY IS THE STUDY OF TECHNIQUES FOR SECURE COMMUNICATION cryptography is defined as the practice and study of techniques for secure communication in the early
More informationLecture 3. Introduction to Cryptocurrencies
Lecture 3 Introduction to Cryptocurrencies Public Keys as Identities public key := an identity if you see sig such that verify(pk, msg, sig)=true, think of it as: pk says, [msg] to speak for pk, you must
More informationCSE 5306 Distributed Systems
CSE 5306 Distributed Systems Fault Tolerance Jia Rao http://ranger.uta.edu/~jrao/ 1 Failure in Distributed Systems Partial failure Happens when one component of a distributed system fails Often leaves
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University April 9 2018 Schedule HW 4 Due on Thu 04/12 Programming project 3 Due
More informationCSE 5852, Modern Cryptography: Foundations Fall Lecture 26. pk = (p,g,g x ) y. (p,g,g x ) xr + y Check g xr +y =(g x ) r.
CSE 5852, Modern Cryptography: Foundations Fall 2016 Lecture 26 Prof. enjamin Fuller Scribe: Tham Hoang 1 Last Class Last class we introduce the Schnorr identification scheme [Sch91]. The scheme is to
More informationCONSENSUS PROTOCOLS & BLOCKCHAINS. Techruption Lecture March 16 th, 2017 Maarten Everts (TNO & University of Twente)
CONSENSUS PROTOCOLS & BLOCKCHAINS Techruption Lecture March 16 th, 2017 Maarten Everts (TNO & University of Twente) 2 Consensus protocols & blockchain 3 Consensus protocols & blockchain 4 Consensus protocols
More informationICS 421 & ICS 690. Bitcoin & Blockchain. Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa
ICS 421 & ICS 690 Bitcoin & Blockchain Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa Accepted by: Overstock.com Expedia.com Newegg.com Tigerdirect.com
More informationHawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts. Yashar Dehkan Asl
Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts Yashar Dehkan Asl Chapter I Introduction Decentralized Cryptocurrencies: Such as Bitcoin and altcoins are getting more
More informationP2P BitCoin: Technical details
ELT-53206 Peer-to-Peer Networks P2P BitCoin: Technical details Mathieu Devos Tampere University of Technology Department of Electronics & Communications Engineering mathieu.devos@tut.fi TG406 2 Outline
More informationSpaceMint Overcoming Bitcoin s waste of energy
Bitcoin Overcoming Bitcoin s waste of energy Georg Fuchsbauer joint work with S Park, A Kwon, K Pietrzak, J Alwen and P Gaži Digital currency Decentralized (no bank issuing coins) Pseudonymous Controled
More informationAlternative Consensus Algorithms. Murat Osmanoglu
Alternative Consensus Algorithms Murat Osmanoglu Bitcoin Block i-1 Block i Block i+1 Hash i-2 Nonce i-1 Hash i-1 Nonce i Hash i Nonce i+1 tx tx tx tx tx tx tx tx tx tx tx tx Do you really need a Blockchain?
More informationIntroduc)on to Bitcoin
Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin work? The characteris5cs of Bitcoin WHAT IS BITCOIN Bitcoin is a form of digital currency, created and held
More informationData Consistency and Blockchain. Bei Chun Zhou (BlockChainZ)
Data Consistency and Blockchain Bei Chun Zhou (BlockChainZ) beichunz@cn.ibm.com 1 Data Consistency Point-in-time consistency Transaction consistency Application consistency 2 Strong Consistency ACID Atomicity.
More informationBitcoin, Security for Cloud & Big Data
Bitcoin, Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 18, 2013 Bitcoin Public, distributed, peer-to-peer, hash-chained audit log of all transactions ( block chain ).
More informationProof of Stake Made Simple with Casper
Proof of Stake Made Simple with Casper Olivier Moindrot ICME, Stanford University olivierm@stanford.edu Charles Bournhonesque ICME, Stanford University cbournho@stanford.edu Abstract We study the recent
More informationABOUT SOME OF THE BLOCKCHAIN PROBLEMS
ABOUT SOME OF THE BLOCKCHAIN PROBLEMS A.V. Bogdanov 1, A.B. Degtyarev 1, V.V. Korkhov 1, M. Kamande 1, O.O. Iakushkin 1, V. Khvatov 2 1 Saint Petersburg State University, 7/9 Universitetskaya nab., St.
More informationDistributed Consensus Protocols
Distributed Consensus Protocols ABSTRACT In this paper, I compare Paxos, the most popular and influential of distributed consensus protocols, and Raft, a fairly new protocol that is considered to be a
More informationCISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security. A Brief Overview of Security & Privacy Issues
CISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security A Brief Overview of Security & Privacy Issues 1 Topics to Be Covered Cloud computing RFID systems Bitcoin
More informationIntroduction to Cryptoeconomics
Introduction to Cryptoeconomics What is cryptoeconomics? Cryptoeconomics is about... Building systems that have certain desired properties Use cryptography to prove properties about messages that happened
More informationJan Møller Co-founder, CTO Chainalysis
Jan Møller Co-founder, CTO Chainalysis How Does Bitcoin Actually Work? This talk is not about the poli:cal or economical impact of Bitcoin. This talk is not about how to buy, sell, spend, or secure your
More informationOUROBOROS PRAOS: AN ADAPTIVELY-SECURE, SEMI-SYNCHRONOUS
OUROBOROS PRAOS: AN ADAPTIVELY-SECURE, SEMI-SYNCHRONOUS PROOF-OF-STAKE BLOCKCHAIN Bernardo David Tokyo Tech & IOHK Peter Gaži IOHK Aggelos Kiayias U. Edinburgh & IOHK Eurocrypt 2018 Alexander Russell U.
More informationAnupam Datta CMU. Fall 2015
Anupam Datta CMU Fall 2015 A rational reconstruction of Bitcoin 1. Start with straw man design 2. Identify weaknesses 3. Augment design and iterate Alice: I, Alice, am giving Bob one coin Alice digitally
More informationAs a 3rd generation currency, not only are transactions secured, private and fast, you actually get paid for holding DigitalPrice coins.
Introduction With the circulation of cryptocurrency becoming common, there is a need for additional information. The scope of this white paper is to provide that information. If you are under the impression
More informationThe security and insecurity of blockchains and smart contracts
The security and insecurity of blockchains and smart contracts Jean-Pierre Flori, expert in cryptography, Agence Nationale de la Sécurité des Systèmes d Information (ANSSI) In J.P. Dardayrol, editor of
More informationHyperledger fabric: towards scalable blockchain for business
Marko Vukolić, IBM Research - Zurich Hyperledger fabric: towards scalable blockchain for business Trust in Digital Life The Hague, Netherlands, June 17 2016 Blockchain shared, replicated, ledger Consensus
More informationDOUBLE SPENDING PREVENTION IN BITCOINS NETWORK
International Journal of Computer Engineering and Applications, Volume IX, Issue VIII, August 2015 www.ijcea.com ISSN 2321-3469 DOUBLE SPENDING PREVENTION IN BITCOINS NETWORK Mandar Kadam, Praharsh Jha,
More informationIntroduction to Cryptocurrency Ecosystem. By Raj Thimmiah
Introduction to Cryptocurrency Ecosystem By Raj Thimmiah How does a normal payment system work? Normal payment systems (generally) use ledgers Easy for servers to then check if someone is committing double
More informationKey concepts of blockchain
Advisory A brief history of blockchains 2008 The mysterious Satoshi Nakamoto publishes his Bitcoin white paper 2014 2017 Nov. 23 rd Ethereum crowd sale Number of crypto tokens: 1.172 BTC $8.216 The first
More informationAdapting Blockchain Technology for Scientific Computing. Wei Li
Adapting Blockchain Technology for Scientific Computing Wei Li weili@weililab.org Abstract Blockchain stores information into a chain of s, whose integrity is usually guaranteed by Proof of Work (PoW).
More informationProof-of-Work & Bitcoin
CS 220: Introduction to Parallel Computing Proof-of-Work & Bitcoin Lecture 19 Bitcoin: Mining for Heat https://qz.com/1117836/bitcoin-mining-heatshomes-for-free-in-siberia/ 4/25/18 CS 220: Parallel Computing
More information