Paper 2022/932

Bitcoin-Enhanced Proof-of-Stake Security: Possibilities and Impossibilities

Ertem Nusret Tas, Stanford University
David Tse, Stanford University
Fisher Yu, BabylonChain
Sreeram Kannan, University of Washington
Mohammad Ali Maddah-Ali, Stanford University
Abstract

Bitcoin is the most secure blockchain in the world, supported by the immense hash power of its Proof-of-Work miners. Proof-of-Stake chains are energy-efficient, have fast finality and some accountability, but face several security issues: susceptibility to non-slashable long-range safety attacks, non-accountable transaction censorship and stalling attacks and difficulty to bootstrap PoS chains from low token valuation. We show these security issues are inherent in any PoS chain without an external trusted source, and propose a new protocol Babylon, where an off-the-shelf PoS protocol uses Bitcoin as an external source of trust to resolve these issues. An impossibility result justifies the optimality of Babylon. Our results shed light on the general question of how much security a PoS chain can derive from an external trusted chain by only making succinct commitments to the trusted chain.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Arxiv
Keywords
blockchain consensus
Contact author(s)
nusret @ stanford edu
dntse @ stanford edu
fishermanymc @ babylonchain io
ksreeram @ uw edu
maddah ali ee @ gmail com
History
2022-07-18: approved
2022-07-18: received
See all versions
Short URL
https://ia.cr/2022/932
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/932,
      author = {Ertem Nusret Tas and David Tse and Fisher Yu and Sreeram Kannan and Mohammad Ali Maddah-Ali},
      title = {Bitcoin-Enhanced Proof-of-Stake Security: Possibilities and Impossibilities},
      howpublished = {Cryptology ePrint Archive, Paper 2022/932},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/932}},
      url = {https://eprint.iacr.org/2022/932}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.