Paper 2017/149

Bitcoin as a Transaction Ledger: A Composable Treatment

Christian Badertscher, Input Output - Switzerland
Ueli Maurer, ETH Zurich
Daniel Tschudi, Concordium
Vassilis Zikas, Purdue University West Lafayette
Abstract

Bitcoin is one of the most prominent examples of a distributed cryptographic protocol that is extensively used in reality. Nonetheless, existing security proofs are property-based, and as such they do not support composition. In this work, we put forth a universally composable treatment of the Bitcoin protocol. We specify the goal that Bitcoin aims to achieve as an instance of a parameterizable ledger functionality and present a UC abstraction of the Bitcoin blockchain protocol. Our ideal functionality is weaker than the first proposed candidate by Kiayias, Zhou, and Zikas [EUROCRYPT’16], but unlike the latter suggestion, which is arguably not implementable by the UC Bitcoin protocol, we prove that the one proposed here is securely UC-realized by the protocol assuming access to a global clock, to model time-based executions, a random oracle, to model hash functions, and an idealized network, to model message dissemination. We further show how known property-based approaches can be cast as special instances of our treatment and how their underlying assumptions can be cast in UC as part of the setup functionalities and without restricting the environment or the adversary.

Note: This version marks a major revision compared to the initial version including a major simplification in the UC treatment (ledger protocol and functionality) thanks to adjusting the treatment to an improved version of global UC (see https://ia.cr/2020/1209).

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
A minor revision of an IACR publication in JOC 2024
DOI
10.1007/s00145-024-09493-7
Keywords
BlockchainBitcoinLedger FunctionalityProvable SecurityUniversal Composition
Contact author(s)
christian badertscher @ iohk io
maurer @ inf ethz ch
dt @ concordium com
vzikas @ cs purdue edu
History
2024-04-05: last of 10 revisions
2017-02-22: received
See all versions
Short URL
https://ia.cr/2017/149
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2017/149,
      author = {Christian Badertscher and Ueli Maurer and Daniel Tschudi and Vassilis Zikas},
      title = {Bitcoin as a Transaction Ledger: A Composable Treatment},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/149},
      year = {2017},
      doi = {10.1007/s00145-024-09493-7},
      url = {https://eprint.iacr.org/2017/149}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.