Recently, the paper “Lay Down the Common Metrics: Evaluating Proof-of-Work Consensus Protocols Security” from Nervos & Cryptape researcher Zhang Ren has been accepted by IEEE S&P (Oakland), which is also the first time that the blockchain team in mainland China has published relevant papers at the core conference of the blockchain industry.
IEEE S&P stands for IEEE Symposium on Security and Privacy and it’s one of the four major security conferences (CCS, S&P, USENIX, NDSS) in the field of computer security, considered to be the highest level conference among them. Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. In order to distinguish it from a journal called IEEE Security & Privacy, ‘Oakland’ also referred to this conference because it is held annually in Oakland, USA.
In China, IEEE S&P is rated as a Class A conference in the recommendation list from CCF (China Computer Society) which is a national authoritative academic organization in the computer field. In other words, the international publications and conferences recommended and assessed by CCF is the most authoritative in China. This list divides various areas and directions of the computer field into 10 categories and in each category, high-level conferences and publications will be picked out and rated as level A, B and C by expert groups. The difficulty of paper publication from the level A is the highest with relatively paper level.
Due to the natural relation among blockchain, computer security and cryptography, the four major security conferences above, the three major cryptography conferences (CRYPTO, EUROCRYPT, ASIACRYPT) and FC constitute the most important academic conferences in the blockchain field. Most of the important papers will be published at these conferences and S&P is one of the most important conferences.
Zhang Ren, a former Blockstream researcher who has been focused on blockchain consensus protocols, security and privacy research for a long term, is studying for Ph.D. at COSIC (Computer Security and Institute Cryptography group) in Catholic University of Louvain. In this paper, Zhang Ren introduces a multi-index evaluation framework for quantitative analysis of chain quality and anti-attack performance of PoW protocol and proposes several common defects in PoW security analysis. In addition, he points out a more secure development direction of PoW protocol in the future.
We have intercepted the abstract of this paper below and if you would like to know more information, please click on the paper link: https://www.esat.kuleuven.be/Cosic/publications/article-3005.pdf
Abstract of the paper:
Following Bitcoin’s Nakamoto Consensus protocol (NC), hundreds of cryptocurrencies utilize proofs of work (PoW) to maintain their ledgers. However, research shows that NC fails to achieve perfect chain quality, allowing malicious miners to alter the public ledger in order to launch several attacks, i.e., selfish mining, double-spending and feather-forking. Some later designs, represented by Ethereum, Bitcoin-NG, DECOR+, Byzcoin and Publish or Perish, aim to solve the problem by raising the chain quality; other designs, represented by Fruitchains, DECOR+ and Subchains, claim to successfully defend against the attacks in the absence of perfect chain quality.As their effectiveness remains self-claimed, the community is divided on whether a secure PoW protocol is possible. In order to resolve this ambiguity and to lay down the foundation of a common body of knowledge, this paper introduces a multi-metric evaluation framework to quantitatively analyze PoW protocols’ chain quality and attack resistance.
Subsequently we use this framework to evaluate the security of these improved designs through Markov decision processes. We conclude that to date, no PoW protocol achieves ideal chain quality or is resistant against all three attacks. We attribute existing PoW protocols’ imperfect chain quality to their unrealistic security assumptions, and their unsatisfactory attack resistance to a dilemma between “rewarding the bad” and “punishing the good”. Moreover, our analysis reveals various new protocol-specific attack strategies.Based on our analysis, we propose future directions toward more secure PoW protocols and indicate several common pitfalls in PoW security analyses.
Recommendation list
- Zhang Ren’s article about consensus security analysis “Developing Common Criteria: Assessing the Security of PoW Consensus Agreements”
- Zhang Ren’s article about analyzing the consensus agreement from the perspective of bandwidth utilization “Nervos CKB Consensus Agreement NC-Max: Breaking the Limit of Nakamoto Consensus Throughput”