Demystifying Incentives in the Consensus Computer
Top Cited Papers
- 12 October 2015
- conference paper
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
Cryptocurrencies like Bitcoin and the more recent Ethereum system allow users to specify scripts in transactions and contracts to support applications beyond simple cash transactions. In this work, we analyze the extent to which these systems can enforce the correct semantics of scripts. We show that when a script execution requires nontrivial computation effort, practical attacks exist which either waste miners' computational resources or lead miners to accept incorrect script results. These attacks drive miners to an ill-fated choice, which we call the verifier's dilemma, whereby rational miners are well-incentivized to accept unvalidated blockchains. We call the framework of computation through a scriptable cryptocurrency a consensus computer and develop a model that captures incentives for verifying computation in it. We propose a resolution to the verifier's dilemma which incentivizes correct execution of certain applications, including outsourced computation, where scripts require minimal time to verify. Finally we discuss two distinct, practical implementations of our consensus computer in real cryptocurrency networks like Ethereum.Keywords
Funding Information
- Ministry of Education, Singapore (R-252-000-560-112)
This publication has 20 references indexed in Scilit:
- SoK: Research Perspectives and Challenges for Bitcoin and CryptocurrenciesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Zerocash: Decentralized Anonymous Payments from BitcoinPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2014
- Permacoin: Repurposing Bitcoin Work for Data PreservationPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2014
- Bitcoin Mining and its Energy FootprintPublished by Institution of Engineering and Technology (IET) ,2014
- Verifying computations with statePublished by Association for Computing Machinery (ACM) ,2013
- Pinocchio: Nearly Practical Verifiable ComputationPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- Zerocoin: Anonymous Distributed E-Cash from BitcoinPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- SNARKs for C: Verifying Program Executions Succinctly and in Zero KnowledgeLecture Notes in Computer Science, 2013
- Time-Optimal Interactive Proofs for Circuit EvaluationLecture Notes in Computer Science, 2013
- Practical verified computation with streaming interactive proofsPublished by Association for Computing Machinery (ACM) ,2012