Cryptology ePrint Archive: Report 2013/837

Fair Two-Party Computations via Bitcoin Deposits

Marcin Andrychowicz and Stefan Dziembowski and Daniel Malinowski and Łukasz Mazurek

Abstract: We show how the Bitcoin currency system (with a small modification) can be used to obtain fairness in any two-party secure computation protocol in the following sense: if one party aborts the protocol after learning the output then the other party gets a financial compensation (in bitcoins). One possible application of such protocols is the fair contract signing: each party is forced to complete the protocol, or to pay to the other one a fine.

We also show how to link the output of this protocol to the Bitcoin currency. More precisely: we show a method to design secure two-party protocols for functionalities that result in a "forced" financial transfer from one party to the other.

Our protocols build upon the ideas of our recent paper "Secure Multiparty Computations on Bitcoin" (Cryptology ePrint Archive, Report 2013/784). Compared to that paper, our results are more general, since our protocols allow to compute any function, while in the previous paper we concentrated only on some specific tasks (commitment schemes and lotteries). On the other hand, as opposed to "Secure Multiparty Computations on Bitcoin", to obtain security we need to modify the Bitcoin specification so that the transactions are "non-malleable" (we discuss this concept in more detail in the paper).

Category / Keywords: Bitcoin, Multiparty Computation Protocols

Date: received 11 Dec 2013, last revised 5 Mar 2014

Contact author: l mazurek at mimuw edu pl

Available format(s): PDF | BibTeX Citation

Version: 20140305:181124 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]