Paper 2023/381

Security of Nakamoto Consensus under Congestion

Lucianna Kiffer, ETH Zurich
Joachim Neu, Stanford University
Srivatsan Sridhar, Stanford University
Aviv Zohar, Hebrew University of Jerusalem
David Tse, Stanford University

Nakamoto consensus (NC) powers major proof-of-work (PoW) and proof-of-stake (PoS) blockchains such as Bitcoin or Cardano. Given a network of nodes with certain communication and computation capacities, against what fraction of adversarial power (the resilience) is Nakamoto consensus secure for a given block production rate? Prior security analyses of NC used a bounded delay model which does not capture network congestion resulting from high block production rates, bursty release of adversarial blocks, and in PoS, spamming due to equivocations. For PoW, we find a new attack, called teasing attack, that exploits congestion to increase the time taken to download and verify blocks, thereby succeeding at lower adversarial power than the private attack which was deemed to be the worst-case attack in prior analysis. By adopting a bounded bandwidth model to capture congestion, and through an improved analysis method, we identify the resilience of PoW NC for a given block production rate. In PoS, we augment our attack with equivocations to further increase congestion, making the vanilla PoS NC protocol insecure against any adversarial power except at very low block production rates. To counter equivocation spamming in PoS, we present a new NC-style protocol Sanitizing PoS (SaPoS) which achieves the same resilience as PoW NC.

Available format(s)
Cryptographic protocols
Publication info
Contact author(s)
lkiffer @ ethz ch
jneu @ stanford edu
svatsan @ stanford edu
avivz @ cs huji ac il
dntse @ stanford edu
2023-05-19: revised
2023-03-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Lucianna Kiffer and Joachim Neu and Srivatsan Sridhar and Aviv Zohar and David Tse},
      title = {Security of Nakamoto Consensus under Congestion},
      howpublished = {Cryptology ePrint Archive, Paper 2023/381},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.