research-article

Nonoutsourceable Scratch-Off Puzzles to Discourage Bitcoin Mining Coalitions

Authors:

Elaine ShiAuthors Info & Claims

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

Pages 680 - 691

https://doi.org/10.1145/2810103.2813621

Published: 12 October 2015 Publication History

Abstract

An implicit goal of Bitcoin's reward structure is to diffuse network influence over a diverse, decentralized population of individual participants. Indeed, Bitcoin's security claims rely on no single entity wielding a sufficiently large portion of the network's overall computational power. Unfortunately, rather than participating independently, most Bitcoin miners join coalitions called mining pools in which a central pool administrator largely directs the pool's activity, leading to a consolidation of power. Recently, the largest mining pool has accounted for more than half of network's total mining capacity. Relatedly, "hosted mining" service providers offer their clients the benefit of economies-of-scale, tempting them away from independent participation. We argue that the prevalence of mining coalitions is due to a limitation of the Bitcoin proof-of-work puzzle -- specifically, that it affords an effective mechanism for enforcing cooperation in a coalition. We present several definitions and constructions for "nonoutsourceable" puzzles that thwart such enforcement mechanisms, thereby deterring coalitions. We also provide an implementation and benchmark results for our schemes to show they are practical.

References

[1]

ziftrcoin : A cryptocurrency to enable commerce. Whitepaper.

[2]

James Aspnes, Collin Jackson, and Arvind Krishnamurthy. Exposing computationally-challenged byzantine impostors. Department of Computer Science, Yale University, New Haven, CT, Tech. Rep, 2005.

[3]

Simon Barber, Xavier Boyen, Elaine Shi, and Ersin Uzun. Bitter to better -- how to make bitcoin a better currency. In Financial Cryptography and Data Security, pages 399--414. Springer, 2012.

[4]

Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. Zerocash: Decentralized anonymous payments from bitcoin. In Security and Privacy (SP), 2014 IEEE Symposium on. IEEE. IEEE, 2014.

Digital Library

[5]

Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, and Madars Virza. Succinct non-interactive zero knowledge for a von neumann architecture. In 23rd USENIX Security Symposium (USENIX Security 14), pages 781--796, San Diego, CA, August 2014. USENIX Association.

Digital Library

[6]

Josh Benaloh and Dwight Tuinstra. Receipt-free secret-ballot elections. In Proceedings of the twenty-sixth annual ACM symposium on Theory of computing, pages 544--553. ACM, 1994.

Digital Library

[7]

Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua Kroll, and Edward W. Felten. Research perspectives on bitcoin and second-generation digital currencies. In 2015 IEEE Symposium on Security and Privacy. IEEE, 2015.

[8]

Joseph Bonneau, Arvind Narayanan, Andrew Miller, Jeremy Clark, Joshua A Kroll, and Edward W Felten. Mixcoin: Anonymity for bitcoin with accountable mixes. In Financial Cryptography and Data Security, pages 486--504. Springer, 2014.

[9]

Danny Bradbury. Alydian targets big ticket miners with terahash hosting. http://www.coindesk.com/alydian-targets-big-ticket-miners-with-terahash-hosting/, August 2013.

[10]

Vitalik Buterin. Bitcoin network shaken by blockchain fork. http://bitcoinmagazine.com/3668/bitcoin-network-shaken-by-blockchain-fork/, 2013.

[11]

David Chaum. Blind signatures for untraceable payments. In Crypto, volume 82, pages 199--203, 1982.

[12]

David Chaum, Amos Fiat, and Moni Naor. Untraceable electronic cash. In Advances in Cryptology--CRYPTO'88, pages 319--327. Springer, 1990.

Digital Library

[13]

Liqun Chen, Paul Morrissey, Nigel P Smart, and Bogdan Warinschi. Security notions and generic constructions for client puzzles. In Advances in Cryptology--ASIACRYPT 2009, pages 505--523. Springer, 2009.

Digital Library

[14]

Wei Dai. b-money. http://www.weidai.com/bmoney.txt, 1998.

[15]

George Danezis, Cedric Fournet, Markulf Kohlweiss, and Bryan Parno. Pinocchio coin: building zerocoin from a succinct pairing-based proof system. In Proceedings of the First ACM workshop on Language support for privacy-enhancing technologies, pages 27--30. ACM, 2013.

Digital Library

[16]

C. Dwork and M. Naor. Pricing via processing or combatting junk mail. In CRYPTO, 1993.

Digital Library

[17]

Ittay Eyal and Emin Gün Sirer. How to disincentivize large bitcoin mining pools. Blog post: http://hackingdistributed.com/2014/06/18/how-to-disincentivize-large-bitcoin-mining-pools/, June 2014.

[18]

Ittay Eyal and Emin Gün Sirer. Majority is not enough: Bitcoin mining is vulnerable. In Financial Cryptography and Data Security, pages 436--454. Springer, 2014.

[19]

Juan Garay, Aggelos Kiayias, and Nikos Leonardos. The bitcoin backbone protocol: Analysis and applications. In Advances in Cryptology-EUROCRYPT 2015, pages 281--310. Springer, 2015.

[20]

Rosario Gennaro, Craig Gentry, Bryan Parno, and Mariana Raykova. Quadratic span programs and succinct nizks without pcps. In Advances in Cryptology--EUROCRYPT 2013, pages 626--645. Springer, 2013.

[21]

Bogdan Groza and Bogdan Warinschi. Cryptographic puzzles and dos resilience, revisited. Designs, Codes and Cryptography, pages 1--31, 2013.

Digital Library

[22]

Richard L Hasen. Vote buying. California Law Review, pages 1323--1371, 2000.

[23]

Ari Juels and John G Brainard. Client puzzles: A cryptographic countermeasure against connection depletion attacks. In NDSS, volume 99, pages 151--165, 1999.

[24]

Joshua A Kroll, Ian C Davey, and Edward W Felten. The economics of bitcoin mining or, bitcoin in the presence of adversaries. WEIS, 2013.

[25]

Ben Laurie and Richard Clayton. Proof-of-work" proves not to work; version 0.2. In Workshop on Economics and Information, Security, 2004.

[26]

Yoad Lewenberg, Yonatan Sompolinsky, and Aviv Zohar. Inclusive block chain protocols. Financial Cryptography and Data Security. Springer, 2015.

[27]

Jon Matonis. The bitcoin mining arms race: Ghash.io and the 51% issue. http://www.coindesk.com/bitcoin-mining-detente-ghash-io-51-issue/, July 2014.

[28]

Ian Miers, Christina Garman, Matthew Green, and Aviel D Rubin. Zerocoin: Anonymous distributed e-cash from bitcoin. In Security and Privacy (SP), 2013 IEEE Symposium on, pages 397--411. IEEE, 2013.

Digital Library

[29]

Andrew Miller, Ari Juels, Elaine Shi, Bryan Parno, and Jonathan Katz. Permacoin: Repurposing bitcoin work for long-term data preservation. In IEEE Symposium on Security and Privacy, 2014.

Digital Library

[30]

Andrew Miller, Ahmed Kosba, Elaine Shi, and Jonathan Katz. Nonoutsourceable scratch-off puzzles to discourage bitcoin mining coalitions. (full version). http://cs.umd.edu/ amiller/nonoutsourceable_full.pdf, 2015.

[31]

Andrew Miller and Joseph J. LaViola, Jr. Anonymous byzantine consensus from moderately-hard puzzles: A model for bitcoin. UCF Tech Report. CS-TR-14-01.

[32]

Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. http://bitcon.org/bitcoin.pdf, 2008.

[33]

Valtteri Niemi and Ari Renvall. How to prevent buying of votes in computer elections. In Advances in Cryptology-ASIACRYPT'94, pages 164--170. Springer, 1995.

Digital Library

[34]

Emily Oster. Are all lotteries regressive? evidence from the powerball. National Tax Journal, June, 2004.

[35]

Bryan Parno. A note on the unsoundness of vntinyram's snark. Cryptology ePrint Archive, Report 2015/437, 2015. http://eprint.iacr.org/.

[36]

Bryan Parno, Craig Gentry, Jon Howell, and Mariana Raykova. Pinocchio: Nearly practical verifiable computation. In IEEE Symposium on Security and Privacy, pages 238--252, 2013.

Digital Library

[37]

Colin Percival and Simon Josefsson. The scrypt password-based key derivation function. 2012.

[38]

John Quiggin. On the optimal design of lotteries. Economica, 58(229):1--16, 1991.

[39]

Meni Rosenfeld. Analysis of bitcoin pooled mining reward systems. arXiv preprint arXiv:1112.4980, 2011.

[40]

Yonatan Sompolinsky and Aviv Zohar. Secure high-rate transaction processing in bitcoin. Financial Cryptography and Data Security. Springer, 2015.

[41]

Spreadcoin. http://spreadcoin.net/files/SpreadCoin-WhitePaper.pdf, October 2014.

[42]

Douglas Stebila, Lakshmi Kuppusamy, Jothi Rangasamy, Colin Boyd, and Juan Gonzalez Nieto. Stronger difficulty notions for client puzzles and denial-of-service-resistant protocols. In Topics in Cryptology--CT-RSA 2011, pages 284--301. Springer, 2011.

Digital Library

[43]

John Tromp. Cuckoo cycle: a new memory-hard proof-of-work system. Bitcoin Research Workshop, 2015.

[44]

Forrest Voight. p2pool: Decentralized, dos-resistant, hop-proof pool. https://bitcointalk.org/index.php?topic=18313, June 2011.

Cited By

Gupta AGupta RKiran Choudhary S(2024)Blockchain Technology for Sustainable InvestmentHarnessing Blockchain-Digital Twin Fusion for Sustainable Investments10.4018/979-8-3693-1878-2.ch014(329-362)Online publication date: 16-Feb-2024
https://doi.org/10.4018/979-8-3693-1878-2.ch014
Papathanasiou AKyriakidou CPittaras IPolyzos G(2024)Smart Contract-Based Decentralized Mining Pools for Proof-of- Work Blockchains2024 IEEE International Conference on Blockchain (Blockchain)10.1109/Blockchain62396.2024.00037(227-234)Online publication date: 19-Aug-2024
https://doi.org/10.1109/Blockchain62396.2024.00037
Kim JLee JMoon S(2024)Trie-Hashimoto: State Trie-Based Proof-of-Work Mining for Optimizing Blockchain StorageIEEE Access10.1109/ACCESS.2024.336037912(18315-18329)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3360379
Show More Cited By

Index Terms

Nonoutsourceable Scratch-Off Puzzles to Discourage Bitcoin Mining Coalitions
1. Software and its engineering
  1. Software organization and properties
    1. Software system structures
      1. Distributed systems organizing principles
        Organizing principles for web applications

Recommendations

Mastering Bitcoin: The Secret Tips on Making Money Through Bitcoin Mining and Investment
Double-spending fast payments in bitcoin
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Bitcoin is a decentralized payment system that relies on Proof-of-Work (PoW) to verify payments. Nowadays, Bitcoin is increasingly used in a number of fast payment scenarios, where the time between the exchange of currency and goods is short (in the ...
Bitcoin for Dummies: Bitcoin Secrets and Tips that Will Change Your Life in Three Weeks

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

October 2015

1750 pages

ISBN:9781450338325

DOI:10.1145/2810103

General Chair:
Indrajit Ray
Colorado State University, USA
,
Program Chairs:
Ninghui Li
Purdue University, USA
,
Christopher Kruegel
University of California, Santa Barbara, USA

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF

Conference

CCS'15

Sponsor:

SIGSAC

CCS'15: The 22nd ACM Conference on Computer and Communications Security

October 12 - 16, 2015

Colorado, Denver, USA

Acceptance Rates

CCS '15 Paper Acceptance Rate 128 of 660 submissions, 19%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

75
Total Citations
View Citations
876
Total Downloads

Downloads (Last 12 months)19
Downloads (Last 6 weeks)1

Reflects downloads up to 23 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Gupta AGupta RKiran Choudhary S(2024)Blockchain Technology for Sustainable InvestmentHarnessing Blockchain-Digital Twin Fusion for Sustainable Investments10.4018/979-8-3693-1878-2.ch014(329-362)Online publication date: 16-Feb-2024
https://doi.org/10.4018/979-8-3693-1878-2.ch014
Papathanasiou AKyriakidou CPittaras IPolyzos G(2024)Smart Contract-Based Decentralized Mining Pools for Proof-of- Work Blockchains2024 IEEE International Conference on Blockchain (Blockchain)10.1109/Blockchain62396.2024.00037(227-234)Online publication date: 19-Aug-2024
https://doi.org/10.1109/Blockchain62396.2024.00037
Kim JLee JMoon S(2024)Trie-Hashimoto: State Trie-Based Proof-of-Work Mining for Optimizing Blockchain StorageIEEE Access10.1109/ACCESS.2024.336037912(18315-18329)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3360379
Kazem HEl Madhoun NBouzefrane SConord P(2024)Security Challenges and Countermeasures in Blockchain’s Peer-to-Peer ArchitectureInformation Security Theory and Practice10.1007/978-3-031-60391-4_8(111-127)Online publication date: 18-Jun-2024
https://doi.org/10.1007/978-3-031-60391-4_8
Wenhua ZQamar FAbdali THassan RJafri SNguyen Q(2023)Blockchain Technology: Security Issues, Healthcare Applications, Challenges and Future TrendsElectronics10.3390/electronics1203054612:3(546)Online publication date: 20-Jan-2023
https://doi.org/10.3390/electronics12030546
Bazzanella DGangemi A(2023)Bitcoin: a new proof-of-work system with reduced varianceFinancial Innovation10.1186/s40854-023-00505-29:1Online publication date: 3-May-2023
https://doi.org/10.1186/s40854-023-00505-2
Xu JWang CJia X(2023)A Survey of Blockchain Consensus ProtocolsACM Computing Surveys10.1145/357984555:13s(1-35)Online publication date: 13-Jul-2023
https://dl.acm.org/doi/10.1145/3579845
Yu J(2023)Fault Independence in Blockchain2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S)10.1109/DSN-S58398.2023.00035(117-121)Online publication date: Jun-2023
https://doi.org/10.1109/DSN-S58398.2023.00035
Stouka AZacharias T(2023)On the (De) centralization of FruitChains2023 IEEE 36th Computer Security Foundations Symposium (CSF)10.1109/CSF57540.2023.00020(229-244)Online publication date: Jul-2023
https://doi.org/10.1109/CSF57540.2023.00020
Zeng GHuang ZWang YMu XZhang C(2023)Strongly nonoutsourceable scratch-off puzzles in blockchainSoft Computing10.1007/s00500-023-08753-127:17(11941-11960)Online publication date: 4-Jul-2023
https://doi.org/10.1007/s00500-023-08753-1
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents