Overview
Syllabus
Intro
Bitcoin main design principle
Difference from the MPC literature
If "majority" is defined in terms of computing power
How is the computing power verified? Proofs of Work (Pows)
Proofs of Work - security
Bitcoin's implementation of the bulletin board
Problems with Bitcoin's solution
Satoshi's solution
Natural idea: start from scratch
Motivation
What is the "Bitcoin network model"?
Modeling computing power
Summary of our results (2/2)
Main tool: a "PoW-based secure broadcast protocol"
The adversary can send a bounded number of messages We assume that several parties can broadcast their messages at the same time.
Observation Proofs of Work make sense only when the challenge is not known in advance. Consider the following protocol
Idea: let every party Pi broadcast her challenger
A problem with this solution What if the adversary ignores r; of some honest party?
Taught by
TheIACR