Paper 2023/1386

Improving Privacy of Anonymous Proof-of-Stake Protocols

Shichen Wu, Shandong University
Zhiying Song, Shandong University
Puwen Wei, Shandong University
Peng Tang, Shandong University
Quan Yuan, University of Tokyo

The proof of stake (PoS) mechanism, which allows stakeholders to issue a block with a probability proportional to their wealth instead of computational power, is believed to be an energy-efficient alternative to the proof of work (PoW). The privacy concern of PoS, however, is more subtle than that of PoW. Recent research has shown that current anonymous PoS (APoS) protocols do not suffice to protect the stakeholder's identity and stake, and the loss of privacy is theoretically inherent for any (deterministic) PoS protocol that provides liveness guarantees. In this paper, we consider the concrete stake privacy of PoS when considering the limitations of attacks in practice. To quantify the concrete stake privacy of PoS, we introduce the notion of $(T, \delta, \epsilon)$-privacy. Our analysis of $(T, \delta, \epsilon)$-privacy on Cardano shows to what extent the stake privacy can be broken in practice, which also implies possible parameters setting of rational $(T, \delta, \epsilon)$-privacy for PoS in the real world. The data analysis of Cardano demonstrates that the $(T, \delta, \epsilon)$-privacy of current APoS is not satisfactory, mainly due to the deterministic leader election predicate in current PoS constructions. Inspired by the differential privacy technique, we propose an efficient non-deterministic leader election predicate, which can be used as a plugin to APoS protocols to protect stakes against frequency analysis. Based on our leader election predicate, we construct anonymous PoS with noise (APoS-N), which can offer better $(T, \delta, \epsilon)$-privacy than state-of-the-art works. Furthermore, we propose a method of proving the basic security properties of PoS in the noise setting, which can minimize the impact of the noise on the security threshold. This method can also be applied to the setting of PoS with variable stakes, which is of independent interest.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. CANS 2023
BlockchainProof of stakePrivacyVerifiable random function
Contact author(s)
shichenw @ mail sdu edu cn
szyyz @ mail sdu edu cn
pwei @ sdu edu cn
tangpeng @ sdu edu cn
yuanquan @ g ecc u-tokyo ac jp
2023-09-18: approved
2023-09-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Shichen Wu and Zhiying Song and Puwen Wei and Peng Tang and Quan Yuan},
      title = {Improving Privacy of Anonymous Proof-of-Stake Protocols},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1386},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.