Cryptology ePrint Archive: Report 2021/143

The Bitcoin Cash Backbone Protocol

Juan Garay and Yu Shen

Abstract: Bitcoin Cash, created in 2017, is a “hard fork” from Bitcoin responding to the need for allowing a higher transaction volume. This is achieved by a larger block size, as well as a new difficulty adjustment (target recalculation) function(s) that acts more frequently (as opposed to Bitcoin’s difficulty adjustment happening about every two weeks), resulting in a potentially different target for each block. While seemingly achieving its goal in practice, to our knowledge there is no formal analysis to back this proposal up.

In this paper we provide the first formal cryptographic analysis of Bitcoin Cash’s target recalculation functions against all possible adversaries. We follow the analytical approach developed in the Bitcoin backbone protocol [Eurocrypt 2015 and follow-ups], of first establishing basic properties of the blockchain data structure, from which the properties of a robust transaction ledger (namely, Consistency and Liveness) can be derived. However, the more active target recalculation mechanism as well as the more pronounced fluctuation of the mining population (due in part to miners’ behavior of switching chains towards achieving higher expected rewards) require new analytical tools.

We perform our analysis in the bounded-delay network model with dynamic participation of miners, of both ASERT and SMA (Bitcoin Cash’s current and former recalculation functions, respectively) and conclude that in order to satisfy security (namely, properties satisfied except with negligible probability in the security parameter) considerably larger parameter values should be used with respect to the ones used in practice.

Category / Keywords: cryptographic protocols / blockchain, proof of work, bitcoin

Date: received 9 Feb 2021

Contact author: garay at tamu edu,shenyu tcv@tamu edu

Available format(s): PDF | BibTeX Citation

Version: 20210210:073743 (All versions of this report)

Short URL: ia.cr/2021/143


[ Cryptology ePrint archive ]