Tools for Game Theoretic Models of Security for Cryptocurrencies Sarah Azouvi Protocol Labs, University College London Alexander Hicks University College London CES’20 MIT March, 8th 2020
Blockchains Block1 Block2 Block3 = • Defends against Sybil attacks • Incentivizes consensus • Decentralised • More participation More secure
Blockchains’ Security • Traditional Distributed Systems and Cryptography do not consider incentives • Game Theory does not consider security notions • How to capture blockchains’ security? • Mix Game Theory and Security?
Game Theory (GT) and Security? • Has been studied a lot before Bitcoin • We reviewed a lot of papers • Non-exhaustive
Why mix GT and security? • Security Economics tells us that security is about more than technical constructions • “Incentives in Security Protocols” (SPW 2018) • GT/Mechanism Design (MD) serves to promote good outcomes
GT/MD primer Nash Equilibrium (NE)
NE Limitations Coalitions? Irrational Players Arbitrary Faults External Incentives Computing a NE is hard
Mechanism Design Desired outcome Game Israeli Nursery Study
Security Things “work” No Trusted third party
Why is combining security and GT is hard? • Mixing di ff erent framework: • Addition skills required • Increased Complexity • Di ff erent assumptions
Consensus
BAR Model Rational Players Byzantine (Malicious) Players Altruistic Players
Robustness Rational Players Altruistic Players Byzantine (Malicious) Players Coalitions Coalitions
Cryptography
Rational Cryptography Rational protocol design 𝛒 𝘉 Protocol can have vulnerabilities
Blockchains • Consensus • No model widely adapted • Decentralisation • Empirical work
Open problems • Utilities hard to compute in practice • Most of the research is theoretical • Empirical data on behaviour of players and coalitions (especially short term profit vs long term profit)
Questions? sarah.azouvi@protocol.ai @SarahAzouvi
Recommend
More recommend
