Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Blockchain-based Cryptocurrencies
Arlo Miles
November 16, 2016
Abstract
Current implementations of blockchain-based cryptocurrencies require
a large amount of disk space to store the transaction history of the network, and require that the transaction history is downloaded before use.
The most widely used solution to these problems is to rely on a trusted
third party to store and verify transactions. This allows resource-constrained
devices to conduct cryptocurrency transactions, but makes cryptocurrency networks more centralized. We describe a distributed storage system
for blockchain-based cryptocurrencies. A computer model was created and
the results of the model were analyzed. We found that our protocol is secure enough and has low enough latency to support a cryptocurrency at
a large scale.
1
1.1
Introduction
Problem Description
transaction history, but each computer must be able to verify every new transaction that takes place in the network, without having to trust data coming
from any other computers.
1.2
Review of Literature
1.3
Our Investigation
attack. A process for allowing computers in the network to verify all transactions without requiring that the entire transaction history be stored on each
computer will make the network less vulnerable and more scalable.
1.4
2
2.1
2.2
Two computer models of the network were created using Java. The first model
was used to determine the probability that a properly-functioning computer
would connect only to malicious computers, thereby putting itself at risk of
not receiving some messages. An initial set of simulated computers were created, and a fraction of those computers were marked as malicious. Next, new
simulated computers were created, a fraction of which were also marked as
malicious. For each new computer, a random set of computers already in the
network were selected, to which connections from the new computer would be
simulated. The number of properly-functioning computers that only connected
to malicious computers was recorded. A formula for approximating this number
was produced.
The second model was used to determine the amount of time required for a
message to reach some fraction of computers in the network. An initial set of
simulated computers was created, and each simulated computer was connected
with a number of other randomly-selected computers. The broadcast of a mes4
sage was simulated, and the number of computers that had received the message
at a given time was recorded. A formula for approximating this number was
produced.
3
3.1
Results
Security
We found that the fraction of computers that were malicious or only connected
to malicious computers had a positive relationship with the initial fraction of
malicious computers in the network and the fraction of malicious computers
added to the network. We observed an inverse relationship with the proportion
of added computers to the number of initial computers and with the number
of connections that each computer made. This number can be approximated
AA
, where F is the fraction of malicious computers
by the formula F = MI I+M
I+A
and computers that only connect to malicious computers, I is the initial number of computers in the network, A is the number of computers added to the
network, MI is the fraction of initial computers that are malicious, and MA is
the fraction of additional computers that are malicious. The probability that a
randomly-selected computer is not malicious itself, but only connects to malicious computers, can be approximated by the formula P = F C, where C is the
number of connections made by each computer added to the network.
3.2
Latency
where F (t) is the fraction of computers in a network that a message has reached,
t is the amount of time since the message was sent, L is the average connection
1)lnC
lnN ln2
latency, k = ln(N
, N is the number of computers in the
lnN ln2 , x0 =
lnC
network, and C is the average number of connections per computer. We found
that this approximation is most accurate when t is close to zero and when F (t)
is close to one.
Discussion
4.1
The least resource-intensive attack that would allow a malicious party to gain
control of a significant part of the network is a Sybil attack, in which a single
computer claims to be multiple independent computers. This sort of attack can
be prevented by requiring each computer to periodically submit a completed
proof-of-work to each computer connected to it. This proof-of-work may be
different than the one used in the cryptocurrency. Such a requirement would
increase the resources required to conduct a Sybil attack.
4.2
Implementation
Our protocol was originally designed to be separate from the underlying cryptocurrency protocol. Implementing our protocol in this way would allow existing
cryptocurrency clients to continue being used. However, our protocol could also
be integrated into the existing cryptocurrency protocol. Although this would
require an upgrade of cryptocurrency client software, it may improve the integration of our protocol with existing cryptocurrency networks.
References
[1] S. Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System,
Bitcoin - Open source P2P money, 31-Oct-2008. [Online]. Available:
https://bitcoin.org/bitcoin.pdf. [Accessed: 27-Sep-2016].
[2] W.
Dai,
b-money,
1998.
[Online].
http://www.weidai.com/bmoney.txt. [Accessed: 27-Sep-2016].
Available:
[3] M. Jakobsson and A. Juels, Proofs of Work and Bread Pudding Protocols,
Secure Information Networks, pp. 258272, 1999.