Modeling Bitcoin Contracts by Timed Automata

@article{Andrychowicz2014ModelingBC,
  title={Modeling Bitcoin Contracts by Timed Automata},
  author={Marcin Andrychowicz and Stefan Dziembowski and Daniel Malinowski and Lukasz Mazurek},
  journal={ArXiv},
  year={2014},
  volume={abs/1405.1861}
}
Bitcoin is a peer-to-peer cryptographic currency system. Since its introduction in 2008, Bitcoin has gained noticeable popularity, mostly due to its following properties: (1) the transaction fees are very low, and (2) it is not controlled by any central authority, which in particular means that nobody can “print” the money to generate inflation. Moreover, the transaction syntax allows to create the so-called contracts, where a number of mutually-distrusting parties engage in a protocol to… 
View PDF on arXiv
47 Citations
Highly Influential Citations
3
Background Citations
9
Methods Citations
10
Results Citations
2

47 Citations

Formal Models of Bitcoin Contracts: A Survey
TLDR
This paper surveys the formal models proposed in the scientific literature on how to exploit Bitcoin to execute smart contracts, comparing their expressiveness and applicability in the wild.
Modeling and Verification of the Bitcoin Protocol
TLDR
The Bitcoin protocol is examined and its formalization as an UPPAAL model is provided to show how double spending can be done if the parties in the Bitcoin protocol behave maliciously, and with what probability double spending occurs.
Verifying liquidity of recursive Bitcoin contracts
TLDR
This work addresses the problem of verifying liquidity on BitML, a DSL for smart contracts with a secure compiler to Bitcoin, featuring primitives for currency transfers, contract renegotiation and consensual recursion, and implements a toolchain that automatically verifies liquidity of BitML contracts and compiles them to Bitcoin.
Verifying liquidity of Bitcoin contracts
TLDR
This work addresses the problem of verifying liquidity of Bitcoin contracts by transforming the infinite-state semantics of BitML into a finite-state one, which focusses on the behaviour of any given set of contracts, abstracting the context moves.
SoK: unraveling Bitcoin smart contracts
TLDR
This paper presents a comprehensive survey of smart contracts on Bitcoin, in a uniform framework based on a new formal specification language for smart contracts, which also helps to highlight some subtleties in existing informal descriptions, making a step towards automatic verification.
Verification of recursive Bitcoin contracts
TLDR
This work addresses the problem of verifying liquidity on BitML, a DSL for smart contracts with a secure compiler to Bitcoin, featuring primitives for currency transfers, contract renegotiation and consensual recursion, and implements a toolchain that automatically verifies liquidity of BitML contracts and compiles them to Bitcoin.
Modelling Bitcoin in Agda
  • A. Setzer
  • Computer Science, Economics
    ArXiv
  • 2018
TLDR
Two models of the block chain of Bitcoin are presented in the interactive theorem prover Agda, one based on a simple model of bank accounts, while having transactions with multiple inputs and outputs, and the second based on transactions, which refer directly to unspent transaction outputs, rather than user accounts.
The Extended UTXO Model
TLDR
This research investigates whether it is possible to have expressive smart contracts, while keeping the semantic simplicity of the UTXO model, in a complex concurrent and distributed computing environment.
Preventing the 51%-Attack: a Stochastic Analysis of Two Phase Proof of Work in Bitcoin
TLDR
This document provides a stochastic analysis of the Bitcoin mining protocol extended with 2PPoW, modelled using CTMCs (continuous-time Markov chains).
Bitcoin: Bubble or Blockchain
TLDR
The main contribution of this paper is to progress the debate around Bitcoin beyond the technical and towards legal and ethical issues and the nature of money and memory itself.
...
...

References

SHOWING 1-10 OF 34 REFERENCES
How to deal with malleability of BitCoin transactions
TLDR
This short note shows a general technique for creating malleability-resilient "refund" transactions, which does not require any modification of the BitCoin protocol.
Secure Multiparty Computations on Bitcoin
TLDR
The Bit coin system can be used to go beyond the standard "emulation-based" definition of the MPCs, by constructing protocols that link their inputs and the outputs with the real Bit coin transactions.
Certified Bitcoins
TLDR
This paper proposes a certification system for Bitcoin that offers an opt-in guarantee to send and receive bitcoins only to/ from certified users and control of creation of bitcoins addresses (certified users) by trusted authorities.
Fair Two-Party Computations via Bitcoin Deposits
TLDR
The Bitcoin currency system can be used to obtain fairness in any two-party secure computation protocol in the following sense: if one party aborts the protocol after learning the output then the other party gets a financial compensation (in bitcoins).
Bitter to Better - How to Make Bitcoin a Better Currency
TLDR
An in-depth investigation is performed to understand what made Bitcoin so successful, while decades of research on cryptographic e-cash has not lead to a large-scale deployment.
A Timed Model for Communicating Sequential Processes
CCS + Time = An Interleaving Model for Real Time Systems
  • W. Yi
  • Computer Science, Mathematics
    ICALP
  • 1991
TLDR
This paper shows how to put time into Milner's CCS to model real time systems and develops an expansion theorem for real time concurrency, which is an extension of the expansion theorem of CCS.
Introduction to Cryptography: Principles and Applications
TLDR
The first part of this book covers the key concepts of cryptography on an undergraduate level, from encryption and digital signatures to cryptographic protocols, and more advanced topics are addressed, such as the bit security of one-way functions and computationally perfect pseudorandom bit generators.
A Theory of Timed Automata
The Algebra of Timed Processes, ATP: Theory and Application
TLDR
It is shown that several d-unit delay constructs such as timeouts and watchdogs can be expressed in terms of the unit-delay operator and standard process algebra operators.
...
...