Efficient Proof-Of-Space Approaches for Permissionless Blockchains

Efficient Proof-Of-Space Approaches for Permissionless Blockchains

Efficient Proof-of-Space approaches for permissionless blockchains Jo~aoVasco Estrela Martinho [email protected] Instituto Superior T´ecnico Advisors: Prof. Miguel Matos Prof. Jo~aoBarreto Abstract. Bicoin, one of the most famous blockchains in the world, relies on Proof- of-Work to solve the distributed ledger problem. Proof-of-Work however is not ideal for its high energy consumption and overall high confirmation times. Alternatives such as Proof-of-Stake and Proof-of-Space promise better sustainability and scalabil- ity but introduce problems such as the nothing-at-stake issue. Therefore, they need to be combined with other mechanisms that counter these problems. Existing ap- proaches rely on ad-hoc mechanisms, such as Proof-of-Work itself, and thus have several theoretical and practical shortcomings. In this thesis, we propose AstroChain, a permissionless Proof-of-Space blockchain that uses a reconfigurable random generator protocol to ensure liveness and safety of the system. By simply relying on message passing to ensure security, AstroChain has lower energetic costs than Proof-of-Work blockchains and has the potential to offer high throughput and low confirmation times for transactions, which makes the blockchain more useful and sustainable. Table of Contents 1 Introduction . .3 2 Related Work . .5 2.1 Distributed Ledgers and Blockchains . .5 2.2 Bitcoin . .7 2.3 Alternatives to Bitcoin . .9 2.4 Random Beacons in Blockchains. 15 2.5 Discussion . 15 3 AstroChain . 17 3.1 Proof chain . 18 3.2 Random chain . 18 3.3 Transaction chain . 20 3.4 Vulnerabilities and solutions . 21 3.5 Discussion . 21 4 Evaluation . 22 5 Schedule of Future Work . 22 6 Conclusion . 23 1 Introduction Blockchains have become increasingly more popular in the last years, especially since the appearance of Bitcoin [1] in 2009. A blockchain is a distributed system that implements a ledger. A ledger is a record of transactions from one entity to another. A ledger has the property of only allowing for transactions to be appended sequentially and, once in the ledger, may not be changed. This way, order is secured and any change to previously stored transactions makes the ledger invalid. A ledger is then a "full picture" of the assets held by each entity. The importance of blockchains comes from the fact that, using them, we can build a decentralized application where there are few trust assumptions and possibly a large number of processes are allowed to participate. In a lot of distributed systems nowadays, such as banking systems, for example, there exists a central third party on which the system relies, and thus, we must trust this entity for the system to work. This may be undesirable, since, should this central entity fail, the whole system breaks down. As such, permissionless blockchains were proposed to build a fully decentralized distributed system, where no single central entity exists, but multiple entities work together in a protocol that allows participants to not trust each other, but still trust the protocol itself. In doing this, if a single entity fails, the system still works as expected. Most blockchains nowadays (such as Bitcoin) are used to implement cryptocurrencies. By using blockchains to implement this virtual currency, a user can transfer to others without needing to trust a centralized third-party (in contrast to traditional banking systems). An- other useful application of blockchains is smart contracts, first deployed in the Ethereum [2] blockchain. In this approach, transactions are not currency transfers, but executable pieces of code (contracts) that are executed by users. The validation of these executions is done and agreed upon by blockchain users, thus allowing for the construction of fully decentralized applications. The most prevalent way of implementing blockchains follows a variant of what is called the Nakamoto Consensus, first introduced in Bitcoin [1]. The three main components of Nakamoto consensus are incentives, a chain selection rule, and Proof-of-Work. Proof-of-Work is a cryptographic puzzle that a participant must solve to add a block to the blockchain. To solve the puzzle, the participants must use a non-counterfeitable resource, in this case, computational power. This mechanism is used to prevent what is called Sybil attacks, which can be described as a single user voting as if they are multiple participants. This is not enough to ensure the validity of the chain, as two different participants may be able to solve the puzzle at similar times. At this point, what is called a fork may occur, where two valid views of the blockchain coexist. To prevent this, the chain selection rule tells us which chain to select based on the blocks we see. Finally, incentives are rewards given to participants that follow the protocol. This way, new participants are attracted to join the system, which will increase the security of the blockchain. Incentives also work to discourage malicious participants from breaking protocol. When a participant breaks protocol, it might not receive incentives, but still wasted the non-counterfeitable resource, which is wasteful for the malicious participant. However, Proof-of-Work has some important problems. Firstly, it uses up a lot of energy and thus is very wasteful. Currently, the energetic footprint of adding a transaction to Bitcoin and Ethereum, the two most famous blockchains that use Proof-of-Work, is equivalent to respectively 24 and 1 days worth of energy consumption of the average US household [3,4]. Another known issue of Proof-of-Work is its efficiency. For a blockchain to be fully useful, 3 it is required for there to be a low processing time for transactions. However, Proof-of- Work usually introduces low throughput and long confirmation times for transactions. This is because the puzzles in Proof-of-Work need to take some amount of time to be solved and each block cannot contain a high number of transactions, otherwise, the security of the system is not guaranteed. On top of that, the transactions need to be some blocks deep to be probabilistically trusted, due to forks. Only after being a few blocks deep, can transactions be trusted to be stable with high probability. Because of this, several proposals have appeared to build upon Proof-of-Work to solve these known issues [5,6,7]. A general idea to reduce the energy costs per transaction of Proof-of-Work is to parallelize the transaction handling and puzzle solving, which allows for higher transaction throughput and confirmation times, as well as reducing the difficulty of the puzzles, which decreases the energetic costs, as well as allowing for faster progress of the system. Proof-of-Work approaches in general still have large energetic costs and impractical trans- action handling, which becomes unsustainable and undesirable for the future of blockchains. As such, it is important to come up with blockchain approaches that replace Proof-of-Work as the central security enforcing mechanism. One interesting approach to blockchains that appeared was Algorand [8]. It used the well- known notion of Byzantine Agreement to solve the distributed ledger problem. Usually, this would be complicated, as Byzantine Agreement protocols have a scalability issue. Algorand however randomly selects from all participants a small set of processes, which acts as a committee that decides blocks to be added. In doing so, transaction handling is much faster and security is still preserved. Other systems to prevent Sybil attacks have also been appearing, to replace Proof-of- Work and its limitations in Nakamoto consensus. One example is Proof-of-Stake, which uses the amount of currency a participant holds in the system (stake) as the non-counterfeitable resource. For a user to add a block, they must stake their money and, the higher their stake is, the higher their chance of successfully adding a block to the chain. Another example is Proof-of-Elapsed-Time, where participants make use of a Trusted Execution Environment, a safe space in memory that no malicious process can tamper with, to run a lottery that will choose who adds the next block to the chain. Another approach to prevent Sybil attacks is Proof-of-Space. In this approach, the non- counterfeitable resource is memory or disk space. Usually, before being able to mine, a participant reserves some (non-trivial) amount of memory and dedicates it to the system, filling it with data. When trying to add a block to the chain, the participant resorts to this reserved space to generate the solution to the puzzle. This approach has the potential of making Nakamoto Consensus more energy and time-efficient, as the solution to the puzzle can be approximated to some memory accesses. Proof-of-Space has a known issue though: the proof generation is very fast. This creates the nothing-at-stake problem, that is, a participant can generate a lot of alternative blocks with a residual cost. It matters to note that this problem is not present in Proof-of-Work, since generating a block is expensive and therefore not worth it to mine multiple different blocks unless there is a relatively high degree of certainty in the success of the attack. Spacemint [9] was a Proof-of-Space proposal that tried to prevent nothing-at-stake by penalizing the participants that were found to try to mine multiple blocks for the same height. This however does not fully prevent the problem, because a miner may easily generate a sequence of blocks in private, with close to no cost, and thus, when they propose this new chain, no illegal behavior is detected. Another Proof-of-Space approach is Chia [10], where 4 they use Verifiable Delay Functions to prevent miners from creating long sequences of blocks without sacrificing any resource.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    24 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us