Preventing a Fork in a Blockchain - David fighting Goliath
           
                  Przemyslaw Kubiak, Miroslaw Kutylowski
                Wroclaw University of Science and Technology
                
                
A recent CSCML'2020 paper by Dolev and Liber presents a low cost blockchain based on cryptographic mechanism. 
Its main feature is  a mechanism discouraging a user to fork a blockchain --
if this happens, then a user's secret is leaked and thereby  a proof of his misbehavior emerges.

This approach is very attractive as long as we can guarantee that breaking the underlying cryptographic problem 
is  infeasible for all parties. The situation changes dramatically 
in case of a partial compromise of a cryptographic scheme:  
when a powerful adversary can break the underlying scheme, while for the regular users the scheme is still 
resistant to attacks. 
In this case the blockchain techniques proposed becomes a dangerous trap allowing 
discrediting the users by powerful parties hiding own cryptanalytic power.

To address this problem we introduce a David and Goliath adversary model, where 
a powerful adversary (Goliath) can break the underlying cryptographic assumption, but for a regular user (David) 
this is infeasible. For almost all cryptographic schemes, the situation of David is hopeless in this model: 
e.g. Goliath can forge  standard signatures of David. 
Such an advantage of Goliath in case of a blockchain would be disastrous.

We show that one can create a blockchain such that  the advantage of Goliath is limited: 
if he creates a fork in a blockchain mimicking  a double-spending attempt by  David, 
then David can prove to be innocent. 

Keywords: blockchain, attack model, powerful adversary, forking, forgery, failstop signature,proof of misconduct


Paper accepted for IEEE TRUSTCOM 2020