### Ponyta: Foundations of Side-Contract-Resilient Fair Exchange

##### Abstract

Fair exchange is a fundamental primitive for blockchains, and is widely adopted in applications such as atomic swaps, payment channels, and DeFi. Most existing designs of blockchain-based fair exchange protocols consider only the users as strategic players, and assume honest miners. However, recent works revealed that the fairness of commonly deployed fair exchange protocols can be completely broken in the presence of user-miner collusion. In particular, a user can bribe the miners to help it cheat — a phenomenon also referred to as Miner Extractable Value (MEV). We provide the first formal treatment of side-contract-resilient fair exchange. We propose a new fair exchange protocol called Ponyta, and we prove that the protocol is incentive compatible in the presence of user-miner collusion. In particular, we show that Ponyta satisfies a coalition-resistant Nash equilibrium. Further, we show how to use Ponyta to realize a cross-chain coin swap application, and prove that our coin swap protocol also satisfies coalition-resistant Nash equilibrium. Our work helps to lay the theoretical groundwork for studying side-contract-resilient fair exchange. Finally, we present practical instantiations of Ponyta in Bitcoin and Ethereum with minimal overhead in terms of costs for the users involved in the fair exchange, thus showcasing instantiability of Ponyta with a wide range of cryptocurrencies.

Available format(s)
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
blockchain fair exchange side-contract-resilient
Contact author(s)
haochung @ andrew cmu edu
elisawem @ andrew cmu edu
runting @ gmail com
t srikrishnan @ gmail com
History
2022-06-07: last of 2 revisions
See all versions
Short URL
https://ia.cr/2022/582

CC BY

BibTeX

@misc{cryptoeprint:2022/582,
author = {Hao Chung and Elisaweta Masserova and Elaine Shi and Sri AravindaKrishnan Thyagarajan},
title = {Ponyta: Foundations of Side-Contract-Resilient Fair Exchange},
howpublished = {Cryptology ePrint Archive, Paper 2022/582},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/582}},
url = {https://eprint.iacr.org/2022/582}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.