Paper 2022/932

Bitcoin-Enhanced Proof-of-Stake Security: Possibilities and Impossibilities

Ertem Nusret Tas, Stanford University
David Tse, Stanford University
Fangyu Gai, BabylonChain
Sreeram Kannan, University of Washington
Mohammad Ali Maddah-Ali, Stanford University
Fisher Yu, BabylonChain
Abstract

Bitcoin is the most secure blockchain in the world, supported by the immense hash power of its Proof-of-Work miners. Proof-of-Stake chains are energy-efficient, have fast finality but face several security issues: susceptibility to non-slashable long-range safety attacks, low liveness resilience and difficulty to bootstrap from low token valuation. We show that these security issues are inherent in any PoS chain without an external trusted source, and propose a new protocol, Babylon, where an off-the-shelf PoS protocol checkpoints onto Bitcoin to resolve these issues. An impossibility result justifies the optimality of Babylon. A use case of Babylon is to reduce the stake withdrawal delay: our experimental results show that this delay can be reduced from weeks in existing PoS chains to less than 5 hours using Babylon, at a transaction cost of less than 10K USD per annum for posting the checkpoints onto Bitcoin.

Note: Experiment results and more details regarding related work were added to the new submission. Forthcoming in IEEE Symposium on Security and Privacy 2023.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Arxiv
Keywords
blockchainconsensus
Contact author(s)
nusret @ stanford edu
dntse @ stanford edu
greferry @ gmail com
ksreeram @ uw edu
maddah ali ee @ gmail com
fishermanymc @ babylonchain io
History
2023-05-13: last of 3 revisions
2022-07-18: received
See all versions
Short URL
https://ia.cr/2022/932
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/932,
      author = {Ertem Nusret Tas and David Tse and Fangyu Gai and Sreeram Kannan and Mohammad Ali Maddah-Ali and Fisher Yu},
      title = {Bitcoin-Enhanced Proof-of-Stake Security: Possibilities and Impossibilities},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/932},
      year = {2022},
      url = {https://eprint.iacr.org/2022/932}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.