Winkle: Foiling Long-Range Attacks in Proof-of-Stake Systems

Sarah Azouvi; George Danezis; Valeria Nikolaenko

Paper 2019/1440

Winkle: Foiling Long-Range Attacks in Proof-of-Stake Systems

Sarah Azouvi, George Danezis, and Valeria Nikolaenko

Abstract

Winkle protects any validator-based byzantine fault tolerant consensus mechanisms, such as those used in modern Proof-of-Stake blockchains, against long-range attacks where old validators’ signature keys get compromised. Winkle is a decentralized secondary layer of client-based validation, where a client includes a single additional field into a transaction that they sign: a hash of the previously sequenced block. The block that gets a threshold of signatures (confirmations) weighted by clients’ coins is called a “confirmed” checkpoint. We show that under plausible and flexible security assumptions about clients the confirmed checkpoints can not be equivocated. We discuss how client key rotation increases security, how to accommodate for coins’ minting and how delegation allows for faster checkpoints. We evaluate checkpoint latency experimentally using Bitcoin and Ethereum transaction graphs, with and without delegation of stake.

Metadata

Available format(s): PDF
Category: Applications
Publication info: Published elsewhere. Minor revision. ACM Advances in Financial Technologies - AFT 2020
Keywords: blockchain proof-of-stake distributed cryptography
Contact author(s): valerini @ fb com
sarah azouvi 13 @ ucl ac uk
gdanezis @ fb com
History: 2020-10-21: revised; 2019-12-12: received; See all versions
Short URL: https://ia.cr/2019/1440
License: CC BY

BibTeX

@misc{cryptoeprint:2019/1440,
      author = {Sarah Azouvi and George Danezis and Valeria Nikolaenko},
      title = {Winkle: Foiling Long-Range Attacks in Proof-of-Stake Systems},
      howpublished = {Cryptology ePrint Archive, Paper 2019/1440},
      year = {2019},
      note = {\url{https://eprint.iacr.org/2019/1440}},
      url = {https://eprint.iacr.org/2019/1440}
}