Nakamoto’s famous blockchain protocol enables achieving consensus in a so-called permissionless setting—anyone can join (or leave) the protocol execution, and the protocol instructions do not depend…
The notion of universally composable (UC) security is extended in a way that re-establishes its original intuitive guarantee even for protocols that use globally available set-up, and guarantees deniability.
It is argued that any consensus protocol satisfying functionalities and robustness requirements can be used for proofs-of-stake, as long as money does not switch hands too quickly, and this work is the first to formally articulate a set of requirements for consensus candidates for proofs ofstake.
The FruitChain protocol is presented, which satisfies the same consistency and liveness properties as Nakamoto's protocol, and additionally is δ-approximately fair: with overwhelming probability, any honest set of players controlling a φ fraction of computational power is guaranteed to get at least a fraction of the blocks in any Ω(κ/δ) length segment of the chain.
Hybrid Consensus shows that responsiveness is nonetheless possible to achieve in permissionless consensus (assuming proof-of-work) when 1) the protocol knows an upper bound on the network delay; 2) the authors allow a non-responsive warmup period after which transaction confirmation can become responsive; and 3) honesty has some stickiness, i.e., it takes a short while for an adversary to corrupt a node or put it to sleep.
This work begins a study of distributed protocols in a “sleepy” model of computation where players can be either online (awake) or offline (asleep), and their online status may change at any point during the protocol.
This paper proposes a practical new paradigm called Thunderella for achieving state machine replication by combining a fast, asynchronous path with a (slow) synchronous “fall-back” path (which only gets executed if something goes wrong), and gets simple state machine replications that essentially are as robust as the best synchronous protocols.
It is shown that there exist a specific natural security property that is not captured by these definitions of zero-knowledge, and the notion of deniable zero- knowledge is formally defined in these models.
It is shown that any consensus protocol satisfying the desired robustness properties can be used to construct proofs-of-stake consensus, as long as money does not switch hands too quickly.
This protocol yields the first construction of constant-round phstand-alone secure multi-party computation with a dishonest majority, proven secure under standard (polynomial-time) hardness assumptions; previous solutions to this task either require logarithmic round-complexity, or subexponential hardness assumptions.