Smart Contract Derivatives

Karantias, Kostis; Kiayias, Aggelos; Zindros, Dionysis

doi:10.1007/978-3-030-53356-4_1

Cited by 8 publications

(1 citation statement)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Previous work. Proofs of Proof-of-Work have been proposed in the context of superlight clients [2,27], cross-chain communication [22,28,44], mining [26], as well as local data consumption by smart contracts [23]. Chain interlinking has been proposed for both chains and DAGs [21,36], has been deployed in production both since genesis [6,10] and using hard forks [41], and relevant verifiers have been implemented [7,8].…”

mentioning

confidence: 99%

The velvet path to superlight blockchain clients

Kiayias

Polydouri

Zindros

2021

Proceedings of the 3rd ACM Conference on Advances in Financial Technologies

Self Cite

View full text Add to dashboard Cite

Superlight blockchain clients learn facts about the blockchain state while requiring merely polylogarithmic communication in the total number of blocks. For proof-of-work blockchains, two known constructions exist: Superblock and FlyClient. Unfortunately, none of them can be easily deployed to existing blockchains, as they require consensus changes and at least a soft fork to implement.In this paper, we investigate how a blockchain can be upgraded to support superblock clients without a soft fork. We show that it is possible to implement the needed changes without modifying the consensus protocol and by requiring only a minority of miners to upgrade, a process termed a "velvet fork" in the literature. While previous work conjectured that superblock clients can be safely deployed using velvet forks as-is, we show that previous constructions are insecure, and that using velvet techniques to interlink a blockchain can pose insidious security risks. We describe a novel class of attacks, called "chain-sewing", which arise in the velvet fork setting: an adversary can cut-and-paste portions of various chains from independent temporary forks, sewing them together to fool a superlight client into accepting a false claim. We show how previous velvet fork constructions can be attacked via chain-sewing. Next, we put forth the first provably secure velvet superblock client construction which we show secure against adversaries that are bounded by 1/3 of the upgraded honest miner population. Like non-velvet superlight clients, our approach allows proving generic predicates about chains using infix proofs and as such can be adopted in practice for fast synchronization of transactions and accounts. CCS CONCEPTS• Security and privacy → Cryptography.

show abstract