Abstract
In 2008 Satoshi Nakamoto invented the basis for blockchain-based distributed ledgers. The core concept of this system is an open and anonymous network of nodes, or miners, which together maintain a public ledger of transactions. The ledger takes the form of a chain of blocks, the blockchain, where each block is a batch of new transactions collected from users. One primary problem with Satoshi's blockchain is its highly limited scalability. The security of Satoshi's longest chain rule, more generally known as the Bitcoin protocol, requires that all honest nodes be aware of each other's blocks very soon after the block's creation. To this end, the throughput of the system is artificially suppressed so that each block fully propagates before the next one is created, and that very few "orphan blocks"that fork the chain be created spontaneously. In this paper we present PHANTOM, a proof-of-work based protocol for a permissionless ledger that generalizes Nakamoto's blockchain to a direct acyclic graph of blocks (blockDAG). PHANTOM includes a parameter k that controls the level of tolerance of the protocol to blocks that were created concurrently, which can be set to accommodate higher throughput. It thus avoids the security-scalability tradeoff which Satoshi's protocol suffers from. PHANTOM solves an optimization problem over the blockDAG to distinguish between blocks mined properly by honest nodes and those created by non-cooperating nodes who chose to deviate from the mining protocol. Using this distinction, PHANTOM provides a robust total order on the blockDAG in a way that is eventually agreed upon by all honest nodes. Implementing PHANTOM requires solving an NP-hard problem, and to avoid this prohibitive computation, we devised an efficient greedy algorithm GHOSTDAG that captures the essence of PHANTOM. The GHOSTDAG protocol has been implemented as the underlying technology of the Kaspa cryptocurrency. The Kaspa network allows us to produce statistics about the performance of GHOSTDAG in real world scenarios. We provide an analysis of confirmation times obtained by observing the Kaspa network. We provide a formal proof of the security of GHOSTDAG, namely, that its ordering of blocks is irreversible up to an exponentially negligible factor. We discuss the properties of GHOSTDAG and how it compares to other DAG based protocols.
| Original language | English |
|---|---|
| Title of host publication | AFT 2021 - Proceedings of the 2021 3rd ACM Conference on Advances in Financial Technologies |
| Publisher | Association for Computing Machinery, Inc |
| Pages | 57-70 |
| Number of pages | 14 |
| ISBN (Electronic) | 9781450390828 |
| DOIs | |
| State | Published - 26 Sep 2021 |
| Event | 3rd ACM Conference on Advances in Financial Technologies, AFT 2021 - Virtual, Online, United States Duration: 26 Sep 2021 → 28 Sep 2021 |
Publication series
| Name | AFT 2021 - Proceedings of the 2021 3rd ACM Conference on Advances in Financial Technologies |
|---|
Conference
| Conference | 3rd ACM Conference on Advances in Financial Technologies, AFT 2021 |
|---|---|
| Country/Territory | United States |
| City | Virtual, Online |
| Period | 26/09/21 → 28/09/21 |
Bibliographical note
Publisher Copyright:© 2021 ACM.