Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Which Games are Unaffected by Absolute Commitments?

Daji Landis, Nikolaj I. Schwartzbach

TL;DR

The paper investigates how absolute commitments—irrevocable, self-executing strategies that can condition on others' commitments—alter equilibria in extensive-form games, with particular relevance to Web3 smart contracts. It introduces Stackelberg resilience as the property that the subgame-perfect equilibrium set remains unchanged under any order of commitments, and develops a formal framework to analyze such resilience, including complexity results and a constructive algorithm for two-agent, perfect-information cases. Key findings show PSPACE-hardness in general and NP-hardness for $1$-resilience with multiple agents, while full resilience is tractable for two-agent games; downward closure is established, and non-triviality is illustrated via escrow mechanisms that differ in resilience. The work has practical implications for designing secure, commitment-aware smart-contract mechanisms, highlighting that some deployed contracts may be vulnerable to Stackelberg-style attacks while others remain robust.

Abstract

We identify a subtle security issue that impacts mechanism design in scenarios in which agents can absolutely commit to strategies. Absolute commitments allow the strategy of an agent to depend on the commitments made by the other agents. This changes fundamental game-theoretic assumptions by inducing a meta-game in which agents choose which strategies they commit to. We say that a game that is unaffected by such commitments is Stackelberg resilient and show that computing it is intractible in general, although it can be computed efficiently for two-player games of perfect information. We show the intuitive, but technically non-trivial result, that, if a game is resilient when some number of players have the capacity to make commitments, it is also resilient when these commitments are available to fewer players. We demonstrate the non-triviality of Stackelberg resilience by analyzing two escrow mechanisms from the literature. These mechanisms have the same intended functionality, but we show that only one is Stackelberg resilient. Our model is particularly relevant in Web3 scenarios, where these absolute commitments can be realized by the automated and irrevocable nature of smart contracts. Our work highlights an important issue in ensuring the secure design of Web3. In particular, our work suggests that smart contracts already deployed on major blockchains may be susceptible to these attacks.

Which Games are Unaffected by Absolute Commitments?

TL;DR

The paper investigates how absolute commitments—irrevocable, self-executing strategies that can condition on others' commitments—alter equilibria in extensive-form games, with particular relevance to Web3 smart contracts. It introduces Stackelberg resilience as the property that the subgame-perfect equilibrium set remains unchanged under any order of commitments, and develops a formal framework to analyze such resilience, including complexity results and a constructive algorithm for two-agent, perfect-information cases. Key findings show PSPACE-hardness in general and NP-hardness for -resilience with multiple agents, while full resilience is tractable for two-agent games; downward closure is established, and non-triviality is illustrated via escrow mechanisms that differ in resilience. The work has practical implications for designing secure, commitment-aware smart-contract mechanisms, highlighting that some deployed contracts may be vulnerable to Stackelberg-style attacks while others remain robust.

Abstract

We identify a subtle security issue that impacts mechanism design in scenarios in which agents can absolutely commit to strategies. Absolute commitments allow the strategy of an agent to depend on the commitments made by the other agents. This changes fundamental game-theoretic assumptions by inducing a meta-game in which agents choose which strategies they commit to. We say that a game that is unaffected by such commitments is Stackelberg resilient and show that computing it is intractible in general, although it can be computed efficiently for two-player games of perfect information. We show the intuitive, but technically non-trivial result, that, if a game is resilient when some number of players have the capacity to make commitments, it is also resilient when these commitments are available to fewer players. We demonstrate the non-triviality of Stackelberg resilience by analyzing two escrow mechanisms from the literature. These mechanisms have the same intended functionality, but we show that only one is Stackelberg resilient. Our model is particularly relevant in Web3 scenarios, where these absolute commitments can be realized by the automated and irrevocable nature of smart contracts. Our work highlights an important issue in ensuring the secure design of Web3. In particular, our work suggests that smart contracts already deployed on major blockchains may be susceptible to these attacks.
Paper Structure (7 sections, 11 theorems, 3 equations, 7 figures, 1 algorithm)

This paper contains 7 sections, 11 theorems, 3 equations, 7 figures, 1 algorithm.

Table of Contents

  1. Introduction
  2. Our Results
  3. Preliminaries
  4. Absolute Commitments in Games
  5. Stackelberg Resilient Games
  6. Non-Triviality of Resilience
  7. Downward Closure

Key Result

theorem 1.1

Determining Stackelberg resilience is PSPACE-hard in general, although it can be determined efficiently for two-agent games of perfect information.

Figures (7)

  • Figure 1: Expanding an absolute commitment for a simple game. The square symbol is a smart contract move for agent $1$. We compute all $1$-cuts in the game and connect them with a node belonging to $1$. The first coordinate is the leader payoff, and the second is the follower payoff. The dominating paths are shown in bold. We see that the optimal strategy for $1$ is to commit to choosing $(-\infty, -\infty)$ unless $2$ chooses $(1, -1)$.
  • Figure 2: An example of a game that is not 1-resilient (to see explicitly why, see \ref{['fig:expansion']}). Agent $2$ has a coin that they can choose to give to agent $1$. Agent $1$ is subsequently given the option to trigger nuclear annihilation. Without absolute commitments, the SPE is the node $(0,1)$ where agent $2$ keeps the coin because nuclear annihilation is an empty threat. However, when agent $1$ has an absolute commitment, they will automatically retaliate if they do not receive the coin, thus changing the SPE to $(1,0)$. Such an equilibrium is called a Stackelberg equilibrium. Note that in this example the inducible region for $i$ is everything but nuclear annihilation.
  • Figure 3: Mechanism \ref{['contract_1']} represented as an extensive-form game. Each branch is labeled with the agent who owns the node. We denote by $u^j$ the $j^\text{th}$ utility vector from left-to-right, for $j=1\ldots 4$.
  • Figure 4: Mechanism \ref{['contract_2']} represented as an extensive-form game. Each branch is labeled with the agent who owns the node. We denote by $u^j$ the $j^\text{th}$ utility vector from left-to-right, for $j=1\ldots 6$.
  • Figure 5: An example of a game that is 1-resilient, but neither 2-resilient nor 3-resilient. We denote by $u^\ell$ the $\ell^\text{th}$ utility vector from left-to-right, for $\ell=1\ldots 4$.
  • ...and 2 more figures

Theorems & Definitions (19)

  • theorem 1.1: Computational Complexity, \ref{['thm:no_efficient_algo']}
  • theorem 1.2: Non-Triviality, \ref{['thm:contract1_not_resilient', 'thm:contract2_full_resilient']}
  • theorem 1.3: Downward Closure, \ref{['thm:downward_trans']}
  • theorem 1.4: Hall-Andersen, Schwartzbach, smart_contracts
  • definition thmcounterdefinition: Equivalent Games
  • definition thmcounterdefinition: Stackelberg Resilience
  • theorem 1.6
  • proof : Sketch
  • theorem 1.8: Asgaonkar, Krishnamachari contract_1
  • theorem 1.10: Schwartzbach, contract_2
  • ...and 9 more