In this paper we provide the first formal cryptographic analysis of Bitcoin Cash’s target recalculation functions against all possible adversaries. We follow the analytical approach developed in the Bitcoin backbone protocol [Eurocrypt 2015 and follow-ups], of first establishing basic properties of the blockchain data structure, from which the properties of a robust transaction ledger (namely, Consistency and Liveness) can be derived. However, the more active target recalculation mechanism as well as the more pronounced fluctuation of the mining population (due in part to miners’ behavior of switching chains towards achieving higher expected rewards) require new analytical tools.
We perform our analysis in the bounded-delay network model with dynamic participation of miners, of both ASERT and SMA (Bitcoin Cash’s current and former recalculation functions, respectively) and conclude that in order to satisfy security (namely, properties satisfied except with negligible probability in the security parameter) considerably larger parameter values should be used with respect to the ones used in practice.
Category / Keywords: cryptographic protocols / blockchain, proof of work, bitcoin Date: received 9 Feb 2021 Contact author: garay at tamu edu,shenyu tcv@tamu edu Available format(s): PDF | BibTeX Citation Version: 20210210:073743 (All versions of this report) Short URL: ia.cr/2021/143