Cryptology ePrint Archive: Report 2021/223

Redactable Blockchain Protocols with Instant Redaction

Jing Xu and Xinyu Li and Lingyuan Yin and Yuan Lu and Qiang Tang and Zhenfeng Zhang

Abstract: Blockchain technologies have received a great amount of attention, and its immutability is paramount to facilitate certain applications requiring persistent records. However, in many other use-cases, tremendous real-world incidents have exposed the harm of strict immutability. For example, illicit data stored in immutable blockchain poses numerous challenges for law enforcement agencies such as Interpol, and millions of dollars are lost due to the vulnerabilities of immutable smart contract. Moreover, ``Right to be Forgotten" (a.k.a. data erasure) has been imposed in new European Union's General Data Protection Regulation, thus causing immutable blockchains no longer compatible with personal data. Therefore, it is imperative (even legally required) to design efficient redactable blockchain protocols in a controlled way. In this paper, we present a generic approach of designing redactable blockchain protocol in the permissionless setting with instant redaction, applied to both proof-of-stake (PoS) blockchain and proof-of-work (PoW) blockchain with just different instantiations to randomly select ``committees'' according to stake or computational power. Our protocol can maintain the same adversary bound requirements and security assumption as the underlying blockchain (e.g., 1/2 adversary bound and asynchronous networks), which is compatible with most current blockchains requiring only minimal changes. It also offers public verifiability for redactable chains, where any edited block in the chain is publicly verifiable. Compared to previous solutions in permissionless setting, our redaction operation can be completed instantly, even only within one slot for the best-case scenario of PoS instantiation, which is desirable for redacting harmful or sensitive data. Correspondingly, our redaction verification in the blockchain is also instant. Furthermore, we define the first ideal functionality of redactable blockchain following the language of universal composition, and prove that our protocol can achieve the security property of redactable common prefix, chain quality, and chain growth. Finally, we develop a proof-of-concept implementation, and conduct extensive experiments to evaluate the overhead incurred by redactions. The experimental results show that the overhead remains minimal for both online nodes and re-spawning nodes, which demonstrates the high efficiency of our design.

Category / Keywords: applications / Blockchain; Proof-of-Stake; Proof-of-Work; Redactable Blockchain

Date: received 27 Feb 2021, last revised 17 May 2021

Contact author: xujing at iscas ac cn, xinyuli1920 at gmail com, lingyuan2018 at iscas ac cn, luyuan at iscas ac cn, qiang tang at sydney edu au, zhenfeng at iscas ac cn

Available format(s): PDF | BibTeX Citation

Version: 20210517:083030 (All versions of this report)

Short URL: ia.cr/2021/223