Fixing Bitcoin's Incentive Alignment
Or: selfish mining for selfless people.
This series was commissioned by Quai network to promote and discuss one of their current efforts: the Proportional Reward Splitting (PRS) protocol.
The goal is to provide an accessible introduction to the problem and the approaches to solving it. Like all of my writing, it attempts to hold the sticks on both ends by appealing both to enthusiastic, curious amateurs and to seasoned researchers who want to start thinking about selfish mining and need a primer.
I can explain the PRS protocol in two paragraphs, but that won't help either the amateur nor the researcher. To truly understand PRS, its current state, and the work needed to analyze it properly, we first need to understand the problem.
The first part introduces the history of selfish mining in Bitcoin and its consequences. The first part is somewhat orthogonal to the selfish-mining section in my book: it doesn't give as many details and history of selfish mining attacks on Bitcoin, but does provide a more abstract, holistic framework to discuss selfish mining, suitable for the more complex algorithms we discuss in the second part. It concludes with a review of the state of the art.
In the second part, we dive into the granddaddy of attempts to fix the issue: FruitChains. FruitChains is infamous for being as elegant as it is impractical. While deeply improving the incentive alignment, it can only work under impossible constraints. The gist is that (depending on how you parametrize it) you either need to wait weeks for rewards to converge, or create overhead a hundred times larger than what contemporary networks can support. Or anything in between. But there is no way to get sufficiently fast convergence for sufficiently low overhead. However, regardless of its practicality, FruitChains has a huge theoretical significance, as it is the first protocol that solves the problem in a cohesive, provable way. It is the conceptual framework underlying other attempts to solve the problem, such as Bobtail, Prism, and now PRS. Understanding FruitChains, its accomplishments, its limitations, and their respective sources is as imperative to understanding selfish mining (and PRS in particular) as studying grade school algebra is imperative to understanding calculus. I hope this justifies how long and meticulous the FruitChains chapter is, despite not even being the protocol we ultimately seek to understand.
Finally, in the third part, we discuss the PRS algorithm itself. However, as of writing this intro, that part is not yet written, and since every inspection is a journey, I cannot tell you exactly what the post will hold. All I can say at this point is that PRS trades-off some of FruitChains pros for its cons. On one hand, while PRS greatly improves fairness compared to Bitcoin, it still falls short of the perfect alignment provided by FruitChains (it improves Bitcoin's 25% to around 42%, falling short of FruitChain's perfect alignment that is resilient against any <50% selfish miner). On the other hand, it significantly reduces assumptions about honesty and can provide proper security guarantees with a very reasonable overhead. However, it can be further improved, but doing so is extremely tricky, and is the current front the Quai team is facing. I hope that, having read all three parts, the reader will have an exact enough understanding of this effort to either join the discussion and help complete PRS, or think about it independently.
Last point: Throughout the post, more challenging aspects are posed as solved questions, hiding within expendable sections. These questions are meant to get your brain gears rotating, but also to clearly mark the more technical comments that might require a bit of formal background. Skipping these questions entirely will not detract from the reading experience, and is recommended on a first read.
I hope you enjoy working through these posts as much as I enjoyed writing them!
Shai Deshe
Last updated