In this paper we provide the first formal cryptographic analysis of Bitcoin Cash’s target recalculation functions—both ASERT and SMA (current and former recalculation functions, respectively)—against all possible adversaries. The main distinction with respect to Bitcoin’s is that they are no longer epoch-based, and as such previous analyses fail to hold. We overcome this technical obstacle by introducing a new set of analytical tools focusing on the “calibration” of blocks’ timestamps in sliding windows, which yield a measure of closeness to the initial block generation rate. With that measure, we then follow the analytical approach developed in the Bitcoin backbone protocol [Eurocrypt 2015 and follow-ups] to first establish the basic properties of the blockchain data structure, from which the properties of a robust transaction ledger (namely, Consistency and Liveness) can be derived.
Finally, we compare our analytical results with data from the Bitcoin Cash network, and conclude that in order to satisfy security (namely, properties satisfied except with negligible probability in the security parameter) considerably larger parameter values should be used with respect to the ones used in practice.
Category / Keywords: cryptographic protocols / blockchain, proof of work, bitcoin Date: received 9 Feb 2021, last revised 2 Jun 2021 Contact author: garay at tamu edu, shenyu tcv at tamu edu Available format(s): PDF | BibTeX Citation Version: 20210603:024357 (All versions of this report) Short URL: ia.cr/2021/143