Publication

Winkle: Foiling Long-Range Attacks in Proof-of-Stake Systems

ACM Conference on Advances in Financial Technologies (AFT)


Abstract

Winkle protects any validator-based byzantine fault tolerant consensus mechanisms, such as those used in modern Proof-of-Stake blockchains, against long-range attacks where old validators’ signature keys get compromised. Winkle is a decentralized secondary layer of client-based validation, where a client includes a single additional field into a transaction that they sign: a hash of the previously sequenced block. The block that gets a threshold of signatures (confirmations) weighted by clients’ coins is called a “confirmed” checkpoint. We show that under plausible and flexible security assumptions about clients the confirmed checkpoints can not be equivocated. We discuss how client key rotation increases security, how to accommodate for coins’ minting and how delegation allows for faster checkpoints. We evaluate checkpoint latency experimentally using Bitcoin and Ethereum transaction graphs, with and without delegation of stake.

Related Publications

All Publications

PETS - July 16, 2021

HashWires: Hyperefficient Credential-Based Range Proofs

Konstantinos (Kostas) Chalkias, Shir Cohen, Kevin Lewi, Fredric Moezinia, Yolan Romailler

ICML - July 17, 2021

Recovering AES Keys with a Deep Cold Boot Attack

Itamar Zimerman, Eliya Nachmani, Lior Wolf

Trusted Smart Contracts Workshop at Financial Cryptography (FC) - May 12, 2021

Reactive Key-Loss Protection in Blockchains

Sam Blackshear, Konstantinos (Kostas) Chalkias, Panagiotis Chatzigiannis, Riyaz Faizullabhoy, Irakliy Khaburzaniya, Lefteris Kokoris Kogias, Joshua Lind, David Wong, Tim Zakian

VLDB - July 31, 2021

CALYPSO: Private Data Management for Decentralized Ledgers

Eleftherios Kokoris-Kogias, Enis Ceyhun Alp, Linus Gasser, Philipp Jovanovic, Ewa Syta, Bryan Ford

To help personalize content, tailor and measure ads, and provide a safer experience, we use cookies. By clicking or navigating the site, you agree to allow our collection of information on and off Facebook through cookies. Learn more, including about available controls: Cookies Policy