Modeling Resources in Permissionless Longest-Chain Total-Order Broadcast

Authors Sarah Azouvi, Christian Cachin , Duc V. Le , Marko Vukolić, Luca Zanolini

Thumbnail PDF


  • Filesize: 0.95 MB
  • 23 pages

Document Identifiers

Author Details

Sarah Azouvi
  • Protocol Labs
Christian Cachin
  • University of Bern, Switzerland
Duc V. Le
  • University of Bern, Switzerland
Marko Vukolić
  • Protocol Labs
Luca Zanolini
  • University of Bern, Switzerland


The authors thank anonymous reviewers for helpful feedback.

Cite AsGet BibTex

Sarah Azouvi, Christian Cachin, Duc V. Le, Marko Vukolić, and Luca Zanolini. Modeling Resources in Permissionless Longest-Chain Total-Order Broadcast. In 26th International Conference on Principles of Distributed Systems (OPODIS 2022). Leibniz International Proceedings in Informatics (LIPIcs), Volume 253, pp. 19:1-19:23, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2023)


Blockchain protocols implement total-order broadcast in a permissionless setting, where processes can freely join and leave. In such a setting, to safeguard against Sybil attacks, correct processes rely on cryptographic proofs tied to a particular type of resource to make them eligible to order transactions. For example, in the case of Proof-of-Work (PoW), this resource is computation, and the proof is a solution to a computationally hard puzzle. Conversely, in Proof-of-Stake (PoS), the resource corresponds to the number of coins that every process in the system owns, and a secure lottery selects a process for participation proportionally to its coin holdings. Although many resource-based blockchain protocols are formally proven secure in the literature, the existing security proofs fail to demonstrate why particular types of resources cause the blockchain protocols to be vulnerable to distinct classes of attacks. For instance, PoS systems are more vulnerable to long-range attacks, where an adversary corrupts past processes to re-write the history, than PoW and Proof-of-Storage systems. Proof-of-Storage-based and PoS-based protocols are both more susceptible to private double-spending attacks than PoW-based protocols; in this case, an adversary mines its chain in secret without sharing its blocks with the rest of the processes until the end of the attack. In this paper, we formally characterize the properties of resources through an abstraction called resource allocator and give a framework for understanding longest-chain consensus protocols based on different underlying resources. In addition, we use this resource allocator to demonstrate security trade-offs between various resources focusing on well-known attacks (e.g., the long-range attack and nothing-at-stake attacks).

Subject Classification

ACM Subject Classification
  • Theory of computation → Cryptographic protocols
  • Software and its engineering → Distributed systems organizing principles
  • blockchain
  • consensus
  • resource
  • broadcast


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. Sarah Azouvi, George Danezis, and Valeria Nikolaenko. Winkle: Foiling long-range attacks in proof-of-stake systems. In AFT, pages 189-201. ACM, 2020. Google Scholar
  2. Christian Badertscher, Peter Gazi, Aggelos Kiayias, Alexander Russell, and Vassilis Zikas. Ouroboros genesis: Composable proof-of-stake blockchains with dynamic availability. In CCS, pages 913-930. ACM, 2018. Google Scholar
  3. Joseph Bonneau, Jeremy Clark, and Steven Goldfeder. On bitcoin as a public randomness source. IACR Cryptol. ePrint Arch., page 1015, 2015. Google Scholar
  4. Mic Bowman, Debajyoti Das, Avradip Mandal, and Hart Montgomery. On elapsed time consensus protocols. In INDOCRYPT, volume 13143 of Lecture Notes in Computer Science, pages 559-583. Springer, 2021. Google Scholar
  5. Jonah Brown-Cohen, Arvind Narayanan, Alexandros Psomas, and S. Matthew Weinberg. Formal barriers to longest-chain proof-of-stake protocols. In EC, pages 459-473. ACM, 2019. Google Scholar
  6. Ethan Buchman, Jae Kwon, and Zarko Milosevic. The latest gossip on BFT consensus. CoRR, abs/1807.04938, 2018. URL:
  7. Christian Cachin, Rachid Guerraoui, and Luís E. T. Rodrigues. Introduction to Reliable and Secure Distributed Programming (2. ed.). Springer, 2011. Google Scholar
  8. Phil Daian, Rafael Pass, and Elaine Shi. Snow white: Robustly reconfigurable consensus and applications to provably secure proof of stake. In Financial Cryptography, volume 11598 of Lecture Notes in Computer Science, pages 23-41. Springer, 2019. Google Scholar
  9. Bernardo David, Peter Gazi, Aggelos Kiayias, and Alexander Russell. Ouroboros praos: An adaptively-secure, semi-synchronous proof-of-stake blockchain. In EUROCRYPT (2), volume 10821 of Lecture Notes in Computer Science, pages 66-98. Springer, 2018. Google Scholar
  10. Evangelos Deirmentzoglou, Georgios Papakyriakopoulos, and Constantinos Patsakis. A survey on long-range attacks for proof of stake protocols. IEEE Access, 7:28712-28725, 2019. Google Scholar
  11. Amir Dembo, Sreeram Kannan, Ertem Nusret Tas, David Tse, Pramod Viswanath, Xuechao Wang, and Ofer Zeitouni. Everything is a race and nakamoto always wins. In CCS, pages 859-878. ACM, 2020. Google Scholar
  12. Yevgeniy Dodis and Aleksandr Yampolskiy. A verifiable random function with short proofs and keys. In Public Key Cryptography, volume 3386 of Lecture Notes in Computer Science, pages 416-431. Springer, 2005. Google Scholar
  13. drand: Distributed randomness beacon. URL:
  14. Cynthia Dwork, Nancy A. Lynch, and Larry J. Stockmeyer. Consensus in the presence of partial synchrony. J. ACM, 35(2):288-323, 1988. Google Scholar
  15. Matthias Fitzi, Xuechao Wang, Sreeram Kannan, Aggelos Kiayias, Nikos Leonardos, Pramod Viswanath, and Gerui Wang. Minotaur: Multi-resource blockchain consensus. In CCS, pages 1095-1108. ACM, 2022. Google Scholar
  16. Juan A. Garay, Aggelos Kiayias, and Nikos Leonardos. The bitcoin backbone protocol: Analysis and applications. In EUROCRYPT (2), volume 9057 of Lecture Notes in Computer Science, pages 281-310. Springer, 2015. Google Scholar
  17. Peter Gazi, Aggelos Kiayias, and Alexander Russell. Stake-bleeding attacks on proof-of-stake blockchains. In CVCBT, pages 85-92. IEEE, 2018. Google Scholar
  18. Peter Gazi, Aggelos Kiayias, and Alexander Russell. Tight consistency bounds for bitcoin. In CCS, pages 819-838. ACM, 2020. Google Scholar
  19. Yossi Gilad, Rotem Hemo, Silvio Micali, Georgios Vlachos, and Nickolai Zeldovich. Algorand: Scaling byzantine agreements for cryptocurrencies. In SOSP, pages 51-68. ACM, 2017. Google Scholar
  20. Aggelos Kiayias, Alexander Russell, Bernardo David, and Roman Oliynykov. Ouroboros: A provably secure proof-of-stake blockchain protocol. In CRYPTO (1), volume 10401 of Lecture Notes in Computer Science, pages 357-388. Springer, 2017. Google Scholar
  21. Andrew Lewis-Pye. Byzantine generals in the permissionless setting. CoRR, abs/2101.07095, 2021. URL:
  22. Ling Ren. Analysis of nakamoto consensus. IACR Cryptol. ePrint Arch., page 943, 2019. Google Scholar
  23. Selma Steinhoff, Chrysoula Stathakopoulou, Matej Pavlovic, and Marko Vukolic. BMS: secure decentralized reconfiguration for blockchain and BFT systems. CoRR, abs/2109.03913, 2021. URL:
  24. Ertem Nusret Tas, David Tse, Fangyu Gai, Sreeram Kannan, Mohammad Ali Maddah-Ali, and Fisher Yu. Bitcoin-enhanced proof-of-stake security: Possibilities and impossibilities. IACR Cryptol. ePrint Arch., page 932, 2022. Google Scholar
  25. Benjamin Terner. Permissionless consensus in the resource model. In Financial Cryptography, volume 13411 of Lecture Notes in Computer Science, pages 577-593. Springer, 2022. Google Scholar
  26. Bitcoin Wiki. Target. URL:
  27. Maofan Yin, Dahlia Malkhi, Michael K. Reiter, Guy Golan-Gueta, and Ittai Abraham. Hotstuff: BFT consensus with linearity and responsiveness. In PODC, pages 347-356. ACM, 2019. Google Scholar
Questions / Remarks / Feedback

Feedback for Dagstuhl Publishing

Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail