• Corpus ID: 14522813

Byzantine Consensus from Moderately-Hard Puzzles : A Model for Bitcoin

  title={Byzantine Consensus from Moderately-Hard Puzzles : A Model for Bitcoin},
  author={Andrew K. Miller and Joseph J. LaViola},
We present a formal model of synchronous processes without distinct identifiers (i.e., anonymous processes) that communicate using one-way public broadcasts. Our main contribution is a proof that the Bitcoin protocol achieves consensus in this model, except for a negligible probability, when Byzantine faults make up less than half the network. The protocol is scalable, since the running time and message complexity are all independent of the size of the network, instead depending only on the… 

A Formal Analysis of the Bitcoin Protocol

The theoretical results agree with the simulations performed on a probabilistic model checker that was extended with dynamic datatypes in order to have a faithful description of miners' behaviour and compute the probability that ledgers turn into a state with more severe inconsistencies.

The Bitcoin Backbone Protocol: Analysis and Applications

This work extracts and analyzes the core of the Bitcoin protocol, which is term the Bitcoin backbone, and proves two of its fundamental properties which are called common prefix and chain quality in the static setting where the number of players remains fixed.

Solving Byzantine Problems in Synchronized Systems using Bitcoin

It is shown that bitcoin principles can be used to build a replicated state machine that toleratesBitcoin principles are applied to the Byzantine consensus problem and generalized to replicated state machines.

Permissionless Consensus in the Resource Model

  • Ben Terner
  • Computer Science, Mathematics
    IACR Cryptol. ePrint Arch.
  • 2020
This work proposes a new abstraction called resources and argues that in practice, several PoX variants appear to implement resources, and shows that for every graph consensus protocol that outputs a majority of honest vertices there exists a one-bit consensus protocol.

Pseudonymous Broadcast and Secure Computation from Cryptographic Puzzles

Taking inspiration from Bitcoin, it is shown that precise bounds on computational power can be used in place of pre-existing setup to achieve weaker (but nontrivial) notions of security.

Enhancing Bitcoin Security and Performance with Strong Consistency via Collective Signing

This paper introduces ByzCoin, a novel Byzantine consensus protocol that leverages scalable collective signing to commit Bitcoin transactions irreversibly within seconds, and achieves a throughput higher than PayPal currently handles, with a confirmation latency of 15-20 seconds.

Recent Results on Fault-Tolerant Consensus in Message-Passing Networks

This paper surveys important works on fault-tolerant consensus in message-passing networks, and the focus is on results from the past decade, and categorizes the results into new problem formulations and practical applications.

Catena: Efficient Non-equivocation via Bitcoin

Catena enables any number of thin clients, such as mobile phones, to efficiently agree on a log of application-specific statements managed by an adversarial server, and increases the bandwidth requirements of log auditors from 90GB to only tens of megabytes.

UTXOs as a Proof of Membership for Byzantine Agreement Based Cryptocurrencies

  • E. AnceaumeAntoine GuellierRomaric Ludinard
  • Computer Science, Mathematics
    2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
  • 2018
A solution that combines the best features of optimistic and pessimistic approaches is presented: the presence of Unspent Transaction Output (UTXO)owners and “the public-key as identities” principle to make UTXO owners self-organize in small Byzantine resilient committees “around” each new object (i.e., blocks and transactions) to decide on their validity.

Catena: Preventing Lies with Bitcoin

Catena implements a log as an OP_RETURN transaction chain and prevents forks in the log by leveraging Bitcoin’s security against double spends, and can be used to secure many systems today such as public-key directories, Tor directory servers or software transparency schemes.



Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography

A new protocol for Byzantine agreement in a completely asynchronous network is presented that makes use of new cryptographic protocols, specifically protocols for threshold signatures and coin-tossing based on the Diffie-Hellman problem.

Randomized protocols for asynchronous consensus

  • J. Aspnes
  • Computer Science, Mathematics
    Distributed Computing
  • 2003
This work illustrates the history and structure of randomized asynchronous consensus protocols by giving detailed descriptions of several such protocols.

A Simple and Efficient Randomized Byzantine Agreement Algorithm

  • B. ChorB. Coan
  • Computer Science
    IEEE Transactions on Software Engineering
  • 1985
It is argued that in many practical applications of Byzantine agreement, the randomized algorithm of this paper achieves superior performance.

Agreement Among Unacquainted Byzantine Generals

TheBA problem introduced by Pease, Shostak and Lamport in [1] is one of the central problems in distributed computing and was extensively studied under various timing, topology, authentication and failure assumptions.

Authenticated Algorithms for Byzantine Agreement

This paper presents algorithms for reaching agreement based on authentication that require a total number of messages sent by correctly operating processors that is polynomial in both t and the number of processors, n.

Exposing Computationally-Challenged Byzantine Impostors

Though the algorithms do not prevent Sybil attacks entirely, they suggest that Byzantine agreement and similar tools from the distributed computing literature are likely to help solve the problem of adversarial behavior by components of peer-to-peer systems.

Lower bounds for randomized consensus under a weak adversary

It is shown that for every integer k, the probability that an f-resilient randomized consensus algorithm of n processes does not terminate with agreement within k(n-f) steps is at least 1/ck, for some constant c.

Anonymous Agreement: The Janus Algorithm

Janus is presented, a new anonymous consensus algorithm that reaches decision after $O(\sqrt{n})$ writes in every solo execution and the set of values that can be proposed is unbounded and the algorithm tolerates an arbitrary number of crash failures.

Hashcash - A Denial of Service Counter-Measure

This paper captures in one place the various applications, improvements suggested and related subsequent publications, and describes initial experience from experiments using hashcash.

What Can Be Implemented Anonymously?

It is shown that a shared object has an obstruction-free implementation if and only if it satisfies a simple property called idempotence, and given a universal construction that implements any idempotsent object.