Paper 2019/857

Bitcontracts: Supporting Smart Contracts in Legacy Blockchains

Karl Wüst, Loris Diana, Kari Kostiainen, Ghassan Karame, Sinisa Matetic, and Srdjan Capkun


In this paper we propose Bitcontracts, a novel solution that enables secure and efficient execution of generic smart contracts on top of unmodified legacy cryptocurrencies like Bitcoin that do not support contracts natively. The starting point of our solution is an off-chain execution model, where the contract's issuers appoints a set of service providers to execute the contract's code. The contract's execution results are accepted if a quorum of service providers reports the same result and clients are free to choose which such contracts they trust and use. The main technical contribution of this paper is how to realize such a trust model securely and efficiently without modifying the underlying blockchain. We also identify a set of generic properties that a blockchain system must support so that expressive smart contracts can be added safely, and analyze popular existing blockchains based on these criteria.

Available format(s)
Publication info
Published elsewhere. Minor revision. Network and Distributed Systems Security (NDSS) Symposium 2021
BlockchainSmart ContractsCryptocurrency
Contact author(s)
karl wuest @ inf ethz ch
2021-01-25: last of 2 revisions
2019-07-23: received
See all versions
Short URL
Creative Commons Attribution


      author = {Karl Wüst and Loris Diana and Kari Kostiainen and Ghassan Karame and Sinisa Matetic and Srdjan Capkun},
      title = {Bitcontracts: Supporting Smart Contracts in Legacy Blockchains},
      howpublished = {Cryptology ePrint Archive, Paper 2019/857},
      year = {2019},
      doi = {10.14722/ndss.2021.24294},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.