Paper 2020/277
How Does Nakamoto Set His Clock? Full Analysis of Nakamoto Consensus in Bounded-Delay Networks
Abstract
Nakamoto consensus, arguably the most exciting development in distributed computing in the last few years, is in a sense a recasting of the traditional state-machine-replication problem in an unauthenticated setting, where furthermore parties come and go without warning. The protocol relies on a cryptographic primitive known as proof of work (PoW) which is used to throttle message passing. Importantly, the PoW difficulty level is appropriately adjusted throughout the course of the protocol execution relying on the blockchain’s timekeeping ability. While the original formulation was only accompanied by rudimentary analysis, significant and steady progress has been made in abstracting the protocol’s properties and providing a formal analysis under various restrictions and protocol simplifications. Still, a full analysis of the protocol that includes its target recalculation and, notably, the timestamp adjustment mechanism—specifically, the protocol allows incoming block timestamps in the near future, as determined by a protocol parameter, and rejects blocks that have a timestamp in the past of the median time of a specific number of blocks on-chain (namely, 11)— which equip it to operate in its intended setting of bounded communication delays, imperfect clocks and dynamic participation, has remained open. The gap is that Nakamoto’s protocol fundamentally depends on the blockchain itself to be a consistent timekeeper that should advance roughly on par with real time. In order to tackle this question we introduce a new analytical tool that we call "hot-hand executions," which capture the regular occurrence of high concentration of honestly generated blocks, and correspondingly put forth and prove a new blockchain property called "concentrated chain quality," which may be of independent interest. Utilizing these tools and techniques we demonstrate that Nakamoto’s protocol achieves, under suitable conditions, safety, liveness as well as (consistent) timekeeping.
Note: This version significantly extends the analysis to include clock adjustment and blockchain timestamp validation mechanisms consistent with Nakamoto's implementation. This is reflected in the title change.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- Blockchain protocolsNakamoto consensusBitcoinclock synchronization
- Contact author(s)
-
juan a garay @ gmail com
akiayias @ inf ed ac uk
nikos leonardos @ gmail com - History
- 2023-07-04: last of 7 revisions
- 2020-03-04: received
- See all versions
- Short URL
- https://ia.cr/2020/277
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/277, author = {Juan A. Garay and Aggelos Kiayias and Nikos Leonardos}, title = {How Does Nakamoto Set His Clock? Full Analysis of Nakamoto Consensus in Bounded-Delay Networks}, howpublished = {Cryptology {ePrint} Archive, Paper 2020/277}, year = {2020}, url = {https://eprint.iacr.org/2020/277} }