Safety, liveness, and privacy are three critical properties for any private proof-of-stake (PoS) blockchain. However, prior work (SP'21) has shown that to obtain safety and liveness, a PoS blockchain must in theory forgo privacy. In particular, to obtain safety and liveness, PoS blockchains elect parties proportional to their stake, which, in turn, can potentially reveal the stake of a party even if the transaction processing mechanism is private.
In this work, we make two key contributions. First, we present the first stake inference attack that can be actually run in practice. Specifically, our attack applies to both deterministic and randomized PoS protocols and has exponentially lesser running time in comparison with the SOTA approach. Second, we use differentially private stake distortion to achieve privacy in PoS blockchains. We formulate certain privacy requirements to achieve transaction and stake privacy, and design two stake distortion mechanisms that any PoS protocol can use. Moreover, we analyze our proposed mechanisms with Ethereum 2.0, a well-known PoS blockchain that is already operating in practice. The results indicate that our mechanisms mitigate stake inference risks and, at the same time, provide reasonable privacy while preserving required safety and liveness properties.
more »
« less
Private Proof-of-Stake Blockchains using Differentially-Private Stake Distortion
Safety, liveness, and privacy are three critical properties for any private proof-of-stake (PoS) blockchain. However, prior work (SP'21) has shown that to obtain safety and liveness, a PoS blockchain must, in theory, forgo privacy. In particular, to obtain safety and liveness, PoS blockchains elect parties proportional to their stake, which, in turn, can potentially reveal the stake of a party even if the transaction processing mechanism is private.
In this work, we make two key contributions. First, we present the first stake inference attack that can be actually run in practice. Specifically, our attack applies to both deterministic and randomized PoS protocols and has exponentially lesser running time in comparison with the SOTA approach. Second, we use differentially private stake distortion to achieve privacy in PoS blockchains. We formulate certain privacy requirements to achieve transaction and stake privacy, and design two stake distortion mechanisms that any PoS protocol can use. Moreover, we analyze our proposed mechanisms with Ethereum 2.0, a well-known PoS blockchain that is already operating in practice. The results indicate that our mechanisms mitigate stake inference risks and, at the same time, provide reasonable privacy while preserving required safety and liveness properties.
more »
« less
- PAR ID:
- 10469342
- Publisher / Repository:
- Usenix
- Date Published:
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Blockchain technology that came with the introduction of Bitcoin offers many powerful use-cases while promising the establishment of distributed autonomous organizations (DAOs) that may transform our current understanding of client-server interactions on the cyberspace. They employ distributed consensus mechanisms that were subject to a lot of research in recent years. While most of such research focused on security and performance of consensus protocols, less attention was given to their incentive mechanisms which relate to a critical feature of blockchains. Unfortunately, while blockchains are advocating decentralized operations, they are not egalitarian due to existing incentive mechanisms. Many current consensus protocols inadvertently incentivize centralization of mining power and inequitable participation. This paper explores and evaluates alternative incentive mechanisms for a more decentralized and equitable participation. We first evaluate inequality in existing Proof of Stake (PoS) based incentive mechanisms, then we examine three alternatives in which rewards scheme is more partial to low-stakeholders. Through simulation, we show that two of our alternative mechanisms can reduce inequality and offer an attractive solution for sustainability of blockchain-based applications and DAOs.more » « less
-
In this work, we demonstrate the design and implementation of a novel privacy-preserving blockchain for the resource-constrained Internet of Things (IoT). Blockchain, by design, ensures trust, provides built-in integrity of information and security of immutability in an IoT system without the need of a centralized entity. However, its slow transaction rate, lack of transaction privacy, and high resource consumption are three of the major hindrances to the practical realization of blockchain in IoT. While directed acyclic graphs (DAG)-based blockchain variants (e.g., hashgraph) improve the transaction rate, the other two problems remain open. To this end, we designed and constructed the prototype of a blockchain by utilizing the benefits of high transaction rate and miner-free transaction validation process from hashgraph. The proposed blockchain, coined as PrivLiteChain, implements the concept of local differential privacy to provide transaction privacy and temporal constraint to the lifecycle of the blockchain to make it lightweight.more » « less
-
Payment channel networks are a promising solution to the scalability challenge of blockchains and are designed for significantly increased transaction throughput compared to the layer one blockchain. Since payment channel networks are essentially decentralized peerto- peer networks, routing transactions is a fundamental challenge. Payment channel networks have some unique security and privacy requirements that make pathfinding challenging, for instance, network topology is not publicly known, and sender/receiver privacy should be preserved, in addition to providing atomicity guarantees for payments. In this paper, we present an efficient privacypreserving routing protocol, SPRITE, for payment channel networks that supports concurrent transactions. By finding paths offline and processing transactions online, SPRITE can process transactions in just two rounds, which is more efficient compared to prior work. We evaluate SPRITE’s performance using Lightning Network data and prove its security using the Universal Composability framework. In contrast to the current cutting-edge methods that achieve rapid transactions, our approach significantly reduces the message complexity of the system by 3 orders of magnitude while maintaining similar latencies.more » « less
-
null (Ed.)Blockchain is the technology used by developers of cryptocurrencies, like Bitcoin, to enable exchange of financial “coins” between participants in the absence of a trusted third party to ensure the transaction, such as is typically done by governments. Blockchain has evolved to become a generic approach to store and process data in a highly decentralized and secure way. In this article, we review blockchain concepts and use cases, and discuss the challenges in using them from a governmental viewpoint. We begin with reviewing the categories of blockchains, the underlying mechanisms, and why blockchains can achieve their security goals. We then review existing known governmental use cases by regions. To show both technical and deployment details of blockchain adoption, we study a few representative use cases in the domains of healthcare and energy infrastructures. Finally, the review of both technical details and use cases helps us summarize the adoption and technical challenges of blockchains.more » « less