PHANTOM GHOSTDAG: A scalable generalization of Nakamoto consensus: September 2, 2021

Yonatan Sompolinsky, Shai Wyborski, Aviv Zohar

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

25 Scopus citations

Abstract

In 2008 Satoshi Nakamoto invented the basis for blockchain-based distributed ledgers. The core concept of this system is an open and anonymous network of nodes, or miners, which together maintain a public ledger of transactions. The ledger takes the form of a chain of blocks, the blockchain, where each block is a batch of new transactions collected from users. One primary problem with Satoshi's blockchain is its highly limited scalability. The security of Satoshi's longest chain rule, more generally known as the Bitcoin protocol, requires that all honest nodes be aware of each other's blocks very soon after the block's creation. To this end, the throughput of the system is artificially suppressed so that each block fully propagates before the next one is created, and that very few "orphan blocks"that fork the chain be created spontaneously. In this paper we present PHANTOM, a proof-of-work based protocol for a permissionless ledger that generalizes Nakamoto's blockchain to a direct acyclic graph of blocks (blockDAG). PHANTOM includes a parameter k that controls the level of tolerance of the protocol to blocks that were created concurrently, which can be set to accommodate higher throughput. It thus avoids the security-scalability tradeoff which Satoshi's protocol suffers from. PHANTOM solves an optimization problem over the blockDAG to distinguish between blocks mined properly by honest nodes and those created by non-cooperating nodes who chose to deviate from the mining protocol. Using this distinction, PHANTOM provides a robust total order on the blockDAG in a way that is eventually agreed upon by all honest nodes. Implementing PHANTOM requires solving an NP-hard problem, and to avoid this prohibitive computation, we devised an efficient greedy algorithm GHOSTDAG that captures the essence of PHANTOM. The GHOSTDAG protocol has been implemented as the underlying technology of the Kaspa cryptocurrency. The Kaspa network allows us to produce statistics about the performance of GHOSTDAG in real world scenarios. We provide an analysis of confirmation times obtained by observing the Kaspa network. We provide a formal proof of the security of GHOSTDAG, namely, that its ordering of blocks is irreversible up to an exponentially negligible factor. We discuss the properties of GHOSTDAG and how it compares to other DAG based protocols.

Original languageAmerican English
Title of host publicationAFT 2021 - Proceedings of the 2021 3rd ACM Conference on Advances in Financial Technologies
PublisherAssociation for Computing Machinery, Inc
Pages57-70
Number of pages14
ISBN (Electronic)9781450390828
DOIs
StatePublished - 26 Sep 2021
Event3rd ACM Conference on Advances in Financial Technologies, AFT 2021 - Virtual, Online, United States
Duration: 26 Sep 202128 Sep 2021

Publication series

NameAFT 2021 - Proceedings of the 2021 3rd ACM Conference on Advances in Financial Technologies

Conference

Conference3rd ACM Conference on Advances in Financial Technologies, AFT 2021
Country/TerritoryUnited States
CityVirtual, Online
Period26/09/2128/09/21

Bibliographical note

Publisher Copyright:
© 2021 ACM.

Fingerprint

Dive into the research topics of 'PHANTOM GHOSTDAG: A scalable generalization of Nakamoto consensus: September 2, 2021'. Together they form a unique fingerprint.

Cite this