Cryptology ePrint Archive: Report 2019/891

Shielded Computations in Smart Contracts Overcoming Forks

Vincenzo Botta and Daniele Friolo and Daniele Venturi and Ivan Visconti

Abstract: In this work, we consider executions of smart contracts for implementing secure multi-party computation (MPC) protocols on forking blockchains (e.g., Ethereum), and we study security and delay issues due to forks. In this setting, the classical double-spending problem tells us that messages of the MPC protocol should be confirmed on-chain before playing the next ones, thus slowing down the entire execution.

Our contributions are twofold: - For the concrete case of fairly tossing multiple coins with penalties, we notice that the lottery protocol of Andrychowicz et al. (S&P '14) becomes insecure if players do not wait for the confirmations of several transactions. In addition, we present a smart contract that instead retains security even when all honest players immediately answer to transactions appearing on-chain. We analyze the performance using Ethereum as testbed. - We design a compiler that takes any ``digital and universally composable'' MPC protocol (with or without honest majority), and transforms it into another one (for the same task and same setup) which maintains security even if all messages are played on-chain without delays. The special requirements on the starting protocol mean that messages consist only of bits (e.g., no hardware token is sent) and security holds also in the presence of other protocols. We further show that our compiler satisfies fairness with penalties as long as honest players only wait for confirmations once.

By reducing the number of confirmations, our protocols can be significantly faster than natural constructions.

Category / Keywords: cryptographic protocols / MPC, blockchains, finality, forks, smart contracts

Original Publication (with major differences): Financial Cryptography and Data Security 2021

Date: received 2 Aug 2019, last revised 10 May 2021

Contact author: botta vin at gmail com, friolo at di uniroma1 it, venturi at di uniroma1 it, ivan visconti at gmail com

Available format(s): PDF | BibTeX Citation

Note: This paper has been accepted to Financial Cryptography and Data Security '21

Version: 20210510:131639 (All versions of this report)

Short URL: ia.cr/2019/891


[ Cryptology ePrint archive ]