Cryptology ePrint Archive: Report 2021/283

P2DEX: Privacy-Preserving Decentralized Cryptocurrency Exchange

Carsten Baum and Bernardo David and Tore Frederiksen

Abstract: Cryptocurrency exchange services are either trusted central entities that have been routinely hacked (losing over 8 billion USD), or decentralized services that make all orders public before they are settled. The latter allows market participants to ``front run'' each other, an illegal operation in most jurisdictions. We extend the ``Insured MPC'' approach of Baum et al. (FC 2020) to construct an efficient universally composable privacy preserving decentralized exchange where a set of servers run private cross-chain exchange order matching in an outsourced manner, while being financially incentivised to behave honestly. Our protocol allows for exchanging assets over multiple public ledgers, given that users have access to a ledger that supports standard public smart contracts. If parties behave honestly, the on-chain complexity of our construction is as low as that of performing the transactions necessary for a centralized exchange. In case malicious behavior is detected, users are automatically refunded by malicious servers at low cost. Thus, an actively corrupted majority can only mount a denial-of-service attack that makes exchanges fail, in which case the servers are publicly identified and punished, while honest clients do not to lose their funds. For the first time in this line of research, we report experimental results on the MPC building block, showing the approach is efficient enough to be used in practice.

Category / Keywords: cryptographic protocols / Multiparty Computation, Blockchain, Fairness, Front-Running, Asset Exchange

Original Publication (with major differences): ACNS 2021

Date: received 4 Mar 2021, last revised 9 Apr 2021

Contact author: cbaum at au dk,bernardo@bmdavid com,tore frederiksen@alexandra dk

Available format(s): PDF | BibTeX Citation

Note: Revision in relation to review comments.

Version: 20210409:093000 (All versions of this report)

Short URL: ia.cr/2021/283


[ Cryptology ePrint archive ]