Our approach generically leverages so-called chameleon hash functions (Krawczyk and Rabin, NDSS '00), which allow to efficiently determine hash collisions given a secret trapdoor information. We detail how to integrate a chameleon hash function in virtually any blockchain-based technology, for both cases where the power of redacting the blockchain content is in the hands of a single trusted entity and where such a capability is distributed among several distrustful parties (as is the case in Bitcoin).
We also report on a proof-of-concept implementation of a redactable blockchain, building on top of Nakamoto's Bitcoin core. The implementation only requires minimal changes to the way current client software interprets information stored in the blockchain and to the current blockchain, block, or transaction structures. Moreover, our experiments show that the overhead imposed by a redactable blockchain is small compared to the case of an immutable one.Category / Keywords: cryptographic protocols / Blockchain, Bitcoin, Chameleon hash functions Original Publication (with major differences): IEEE EuroS&P 2017 Date: received 5 Aug 2016, last revised 14 Feb 2017 Contact author: bernardomagri21 at gmail com Available format(s): PDF | BibTeX Citation Version: 20170214:204959 (All versions of this report) Short URL: ia.cr/2016/757 Discussion forum: Show discussion | Start new discussion