Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Tie-Breaking Rule Based on Partial Proof of Work in a Blockchain

Akira Sakurai, Kazuyuki Shudo

TL;DR

The paper tackles the problem of suppressing intentional forks in PoW blockchains without major protocol changes or trusted parties. It introduces a last-generated tie-breaking rule that uses partial PoW as a finer clock, enabling miners to prefer the last-generated chain within an acceptance window while requiring only weak synchrony. The approach is analyzed theoretically and via simulations, showing the attacker threshold for selfish mining rises to about $\alpha \approx 0.31479$ for Bitcoin-like networks, and extended selfish mining (ESM) clarifies the role of parameter settings. Practically, the method can be applied to existing systems (e.g., Bitcoin) with minimal overhead by embedding shared partial PoW data in blocks, offering a scalable defense with wide applicability.

Abstract

In the area of blockchain, numerous methods have been proposed for suppressing intentional forks by attackers more effectively than the random rule. However, all of them, except for the random rule, require major updates, rely on a trusted third party, or assume strong synchrony. Hence, it is challenging to apply these methods to existing systems such as Bitcoin. To address these issues, we propose another countermeasure that can be easily applied to existing proof of work blockchain systems. Our method is a tie-breaking rule that uses partial proof of work, which does not function as a block, as a time standard with finer granularity. By using the characteristic of partial proof of work, the proposed method enables miners to choose the last-generated block in a chain tie, which suppresses intentional forks by attackers. Only weak synchrony, which is already met by existing systems such as Bitcoin, is required for effective functioning. We evaluated the proposed method through a detailed analysis that is lacking in existing works. In networks that adopt our method, the proportion of the attacker hashrate necessary for selfish mining was approximately 0.31479 or higher, regardless of the block propagation capability of the attacker. Furthermore, we demonstrated through extended selfish mining that the impact of Match against pre-generated block, which is a concern in all last-generated rules, can be mitigated with appropriate parameter settings.

Tie-Breaking Rule Based on Partial Proof of Work in a Blockchain

TL;DR

The paper tackles the problem of suppressing intentional forks in PoW blockchains without major protocol changes or trusted parties. It introduces a last-generated tie-breaking rule that uses partial PoW as a finer clock, enabling miners to prefer the last-generated chain within an acceptance window while requiring only weak synchrony. The approach is analyzed theoretically and via simulations, showing the attacker threshold for selfish mining rises to about for Bitcoin-like networks, and extended selfish mining (ESM) clarifies the role of parameter settings. Practically, the method can be applied to existing systems (e.g., Bitcoin) with minimal overhead by embedding shared partial PoW data in blocks, offering a scalable defense with wide applicability.

Abstract

In the area of blockchain, numerous methods have been proposed for suppressing intentional forks by attackers more effectively than the random rule. However, all of them, except for the random rule, require major updates, rely on a trusted third party, or assume strong synchrony. Hence, it is challenging to apply these methods to existing systems such as Bitcoin. To address these issues, we propose another countermeasure that can be easily applied to existing proof of work blockchain systems. Our method is a tie-breaking rule that uses partial proof of work, which does not function as a block, as a time standard with finer granularity. By using the characteristic of partial proof of work, the proposed method enables miners to choose the last-generated block in a chain tie, which suppresses intentional forks by attackers. Only weak synchrony, which is already met by existing systems such as Bitcoin, is required for effective functioning. We evaluated the proposed method through a detailed analysis that is lacking in existing works. In networks that adopt our method, the proportion of the attacker hashrate necessary for selfish mining was approximately 0.31479 or higher, regardless of the block propagation capability of the attacker. Furthermore, we demonstrated through extended selfish mining that the impact of Match against pre-generated block, which is a concern in all last-generated rules, can be mitigated with appropriate parameter settings.
Paper Structure (18 sections, 9 theorems, 17 equations, 13 figures, 1 table, 1 algorithm)

This paper contains 18 sections, 9 theorems, 17 equations, 13 figures, 1 table, 1 algorithm.

Table of Contents

  1. Introduction
  2. Intentional Forks by Attackers
  3. Related Work
  4. Proposed Method
  5. Our Model
  6. Details
  7. Parameter Settings
  8. Evaluation
  9. Suppression of Match against post-generated block
  10. Theoretical Analysis
  11. Simulation Analysis
  12. Suppression of Match against pre-generated block
  13. Implementation Details
  14. Application to Bitcoin
  15. Partial Application
  16. ...and 3 more sections

Key Result

Theorem 1

When an attacker performs a Match against post-generated block, any honest miner can receive the block that is generated by another honest miner before their own acceptance window ends if the acceptance window $w$ is at least $\Delta_B$.

Figures (13)

  • Figure 1: Blockchain functions as a clock that progresses block by block. Partial PoWs are easier to generate than blocks. Hence, the number of partial PoWs is larger than that of blocks. Consequently, the blockchain functions as a more precise clock by using partial PoWs.
  • Figure 2: How to include shared partial PoW in a block. Each miner considers a partial PoW "sufficiently shared" if $2 \Delta_B + \Delta_P$ has elapsed since its arrival. Each miner includes sufficiently shared partial PoWs into a block and mines.
  • Figure 3: If the attacker successfully generates a block, they must publish their partial PoW. This is because if an insufficiently shared PoW is included in a block, honest miners will assign a value of $-1$ to the block, leading to the attacker's block not being chosen in the event of a tie. It takes $2\Delta_B + 2\Delta_P$ for honest miners to include one partial PoW after it has been published. This duration includes $\Delta_P$ for the partial PoW to be propagated across the network and $2\Delta_B + \Delta_P$ for each miner to consider it sufficiently shared and include it in a block. Figure \ref{['PPoWEVEN']} shows the situation in which an honest miner's block is chosen randomly in a tie. This is because the attacker's shared partial PoWs that have been published are included in the block generated by the honest miner. Figure \ref{['PPoWWIN']} shows the situation in which an honest miner's block is chosen in a tie. Figure \ref{['PPOWLOSE']} shows the situation in which an honest miner's block may not be chosen in a tie. This is because the attacker's partial PoW that has been published may not be included in blocks honest miners are mining.
  • Figure 4: Impact of difficulty adjuster $n$ on effectiveness of proposed method with $\alpha = 0.5$, $T = 600$, and $\Delta_B = \Delta_P = 10$.
  • Figure 5: Impact of difficulty adjuster $n$ on effectiveness of proposed method with $\alpha = 0.5$, $T = 600$, and $\Delta_B = \Delta_P = 20$.
  • ...and 8 more figures

Theorems & Definitions (14)

  • Theorem 1
  • proof
  • Theorem 2
  • proof
  • Theorem 3
  • proof
  • Lemma 4
  • proof
  • Lemma 5
  • proof
  • ...and 4 more