-
Unconditionally Safe Light Client
Authors:
Niusha Moshrefi,
Peiyao Sheng,
Soubhik Deb,
Sreeram Kannan,
Pramod Viswanath
Abstract:
Blockchain applications often rely on lightweight clients to access and verify on-chain data efficiently without the need to run a resource-intensive full node. These light clients must maintain robust security to protect the blockchain's integrity for users of applications built upon it, achieving this with minimal resources and without significant latency. Moreover, different applications have v…
▽ More
Blockchain applications often rely on lightweight clients to access and verify on-chain data efficiently without the need to run a resource-intensive full node. These light clients must maintain robust security to protect the blockchain's integrity for users of applications built upon it, achieving this with minimal resources and without significant latency. Moreover, different applications have varying security needs. This work focuses on addressing these two key requirements in the context of Proof-of-Stake (PoS) blockchains and identifying the fundamental cost-latency trade-offs to achieve tailored, optimal security for each light client.
The key security guarantee of PoS blockchains is economic (implied by the "stake"). In this paper we formalize this cryptoeconomic security to light clients, ensuring that the cost of corrupting the data provided to light clients must outweigh the potential profit, thereby economically deterring malicious actors. We further introduce "insured" cryptoeconomic security to light clients, providing unconditional protection via the attribution of adversarial actions and the consequent slashing of stakes. The divisible and fungible nature of stake facilitates programmable security, allowing for customization of the security level and insurance amount according to the specific needs of different applications.
We implemented the protocols in less than 1000 lines of Solidity and TypeScript code and evaluated their gas cost, latency, and the computational overhead. For example, for a transaction with value of \$32k, the light client can choose between zero cost with a latency of 5 hours or instant confirmation with an insurance cost of \$7.45. Thus, the client can select the optimal point on the latency-cost trade-off spectrum that best aligns with its needs. Light clients require negligible storage and face minimal computational costs,...
△ Less
Submitted 2 May, 2024;
originally announced May 2024.
-
TeleBTC: Trustless Wrapped Bitcoin
Authors:
Mahyar Daneshpajooh,
Niusha Moshrefi,
Mahdi Darabi,
Sina Hashemi,
Mehrafarin Kazemi
Abstract:
This paper introduces TeleBTC, a fully decentralized protocol designed to wrap Bitcoin (BTC) on programmable blockchains. The creation of a decentralized wrapped BTC presents challenges due to the non-programmable nature of Bitcoin, making it difficult to custody BTCs in a decentralized way. Existing solutions have addressed this challenge by introducing an external layer of validators who take cu…
▽ More
This paper introduces TeleBTC, a fully decentralized protocol designed to wrap Bitcoin (BTC) on programmable blockchains. The creation of a decentralized wrapped BTC presents challenges due to the non-programmable nature of Bitcoin, making it difficult to custody BTCs in a decentralized way. Existing solutions have addressed this challenge by introducing an external layer of validators who take custody of users' BTCs. However, the security and decentralization of this layer are inferior to the underlying blockchains on which wrapped BTC is built. Moreover, the process of joining or leaving for a validator has become overly complex and expensive. To overcome these limitations, we propose a novel approach that eliminates the need for such an external layer by leveraging the light client bridge protocol. Additionally, we employ economic mechanisms such as incentivization and slashing, resulting in a secure and trust-minimized wrapped BTC solution. With TeleBTC, users can seamlessly transfer their BTC to other blockchains and utilize it within decentralized applications. Furthermore, they can unwrap their TeleBTC and reclaim the native BTC. To address the high costs associated with light client bridges, we present an optimistic approach that minimizes the cost. This approach significantly reduces the operational expenses of running the protocol.
△ Less
Submitted 25 July, 2023;
originally announced July 2023.
-
LightSync: Ultra Light Client for PoW Blockchains
Authors:
Niusha Moshrefi,
Mahyar Daneshpajooh,
Chen Feng
Abstract:
Full nodes in a blockchain network store and verify a copy of the whole blockchain. Unlike full nodes, light clients are low-capacity devices that want to validate certain data on a blockchain. They query the data they want from a full node. If light clients do not verify the data they receive, full nodes might deceive them. SPV, introduced in the Bitcoin paper, is a practical solution to this pro…
▽ More
Full nodes in a blockchain network store and verify a copy of the whole blockchain. Unlike full nodes, light clients are low-capacity devices that want to validate certain data on a blockchain. They query the data they want from a full node. If light clients do not verify the data they receive, full nodes might deceive them. SPV, introduced in the Bitcoin paper, is a practical solution to this problem currently used in many PoW blockchains. In SPV, the resources needed to verify a full node's response grow linearly with the blockchain size, making it inefficient over the long run. Another issue with SPV is that the full nodes do not get compensated for the services they provide.
In this work, we introduce LightSync, a simple and cost-effective solution for light clients to verify the inclusion of certain data in a PoW blockchain. The resources needed for running LightSync remain constant no matter what the size of the blockchain is. LightSync uses an incentive mechanism that encourages full nodes to participate in the protocol. We perform a thorough analysis of the security of LightSync and discuss the details of deploying it in a real-world environment.
△ Less
Submitted 6 December, 2021;
originally announced December 2021.
-
New Bounds For Distributed Mean Estimation and Variance Reduction
Authors:
Peter Davies,
Vijaykrishna Gurunathan,
Niusha Moshrefi,
Saleh Ashkboos,
Dan Alistarh
Abstract:
We consider the problem of distributed mean estimation (DME), in which $n$ machines are each given a local $d$-dimensional vector $x_v \in \mathbb{R}^d$, and must cooperate to estimate the mean of their inputs $μ= \frac 1n\sum_{v = 1}^n x_v$, while minimizing total communication cost.
DME is a fundamental construct in distributed machine learning, and there has been considerable work on variants…
▽ More
We consider the problem of distributed mean estimation (DME), in which $n$ machines are each given a local $d$-dimensional vector $x_v \in \mathbb{R}^d$, and must cooperate to estimate the mean of their inputs $μ= \frac 1n\sum_{v = 1}^n x_v$, while minimizing total communication cost.
DME is a fundamental construct in distributed machine learning, and there has been considerable work on variants of this problem, especially in the context of distributed variance reduction for stochastic gradients in parallel SGD. Previous work typically assumes an upper bound on the norm of the input vectors, and achieves an error bound in terms of this norm. However, in many real applications, the input vectors are concentrated around the correct output $μ$, but $μ$ itself has large norm. In such cases, previous output error bounds perform poorly.
In this paper, we show that output error bounds need not depend on input norm. We provide a method of quantization which allows distributed mean estimation to be performed with solution quality dependent only on the distance between inputs, not on input norm, and show an analogous result for distributed variance reduction. The technique is based on a new connection with lattice theory. We also provide lower bounds showing that the communication to error trade-off of our algorithms is asymptotically optimal.
As the lattices achieving optimal bounds under $\ell_2$-norm can be computationally impractical, we also present an extension which leverages easy-to-use cubic lattices, and is loose only up to a logarithmic factor in $d$. We show experimentally that our method yields practical improvements for common applications, relative to prior approaches.
△ Less
Submitted 7 April, 2021; v1 submitted 21 February, 2020;
originally announced February 2020.