Designing light clients to securely and efficiently read Proof-of-Work blockchains has been a foundational problem since the inception of blockchains. Nakamoto themselves, in the original Bitcoin paper, presented the first client protocol, i.e., the Simplified Payment Verification, which consumes an amount of bandwidth, computational, and storage resources that grows linearly in the system’s lifetime \(\mathcal {C}\) . Today, the blockchain ecosystem is more mature and presents a variety of applications and protocols deployed on-chain and, often, cross-chain. In this landscape, light clients have become the cornerstone of decentralized bridges, playing a pivotal role in the security and efficiency of cross-chain operations. These new use cases, combined with the growth of blockchains over time, raise the need for more minimalist clients, which further reduce the resource requirements and, when applicable, on-chain costs. Over the years, the light client resource consumption has been reduced from \(\mathcal {O}( \mathcal {C})\) to \(\mathcal {O}(\text {polylog}( \mathcal {C}))\) , and then down to \(\mathcal {O}(1)\) with zero-knowledge techniques at the cost of often assuming a trusted setup. In this paper, we present Blink, the first interactive provably secure \(\mathcal {O}(1)\) PoW light client without trusted setup. Blink can be used for a variety of applications ranging from payment verification and bootstrapping, to bridges. We prove Blink secure in the Bitcoin Backbone model, and we evaluate its proof size demonstrating that, at the moment of writing, Blink obtains a commitment to the current state of Bitcoin by downloading only 1.6KB, instead of 67.3 MB and 197 KB for SPV and zk-based clients, respectively.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Blink: An Optimal Proof of Proof-of-Work

  • Lukas Aumayr,
  • Zeta Avarikioti,
  • Matteo Maffei,
  • Giulia Scaffino,
  • Dionysis Zindros

摘要

Designing light clients to securely and efficiently read Proof-of-Work blockchains has been a foundational problem since the inception of blockchains. Nakamoto themselves, in the original Bitcoin paper, presented the first client protocol, i.e., the Simplified Payment Verification, which consumes an amount of bandwidth, computational, and storage resources that grows linearly in the system’s lifetime \(\mathcal {C}\) . Today, the blockchain ecosystem is more mature and presents a variety of applications and protocols deployed on-chain and, often, cross-chain. In this landscape, light clients have become the cornerstone of decentralized bridges, playing a pivotal role in the security and efficiency of cross-chain operations. These new use cases, combined with the growth of blockchains over time, raise the need for more minimalist clients, which further reduce the resource requirements and, when applicable, on-chain costs. Over the years, the light client resource consumption has been reduced from \(\mathcal {O}( \mathcal {C})\) to \(\mathcal {O}(\text {polylog}( \mathcal {C}))\) , and then down to \(\mathcal {O}(1)\) with zero-knowledge techniques at the cost of often assuming a trusted setup. In this paper, we present Blink, the first interactive provably secure \(\mathcal {O}(1)\) PoW light client without trusted setup. Blink can be used for a variety of applications ranging from payment verification and bootstrapping, to bridges. We prove Blink secure in the Bitcoin Backbone model, and we evaluate its proof size demonstrating that, at the moment of writing, Blink obtains a commitment to the current state of Bitcoin by downloading only 1.6KB, instead of 67.3 MB and 197 KB for SPV and zk-based clients, respectively.