<div class="csl-bib-body">
<div class="csl-entry">Judmayer, A., Stifter, N., Zamyatin, A., Tsabary, I., Eyal, I., Gaži, P., Meiklejohn, S., & Weippl, E. (2021). Pay to Win: Cheap, Cross-Chain Bribing Attacks on PoW Cryptocurrencies. In <i>Financial Cryptography and Data Security. FC 2021 International Workshops</i> (pp. 533–549). Springer. https://doi.org/10.1007/978-3-662-63958-0_39</div>
</div>
-
dc.identifier.uri
http://hdl.handle.net/20.500.12708/142566
-
dc.description.abstract
In this paper we extend the attack landscape of bribing attacks on cryptocurrencies by presenting a new method, which we call Pay-To-Win (P2W). To the best of our knowledge, it is the first approach capable of facilitating double-spend collusion across different blockchains. Moreover, our technique can also be used to specifically incentivize transaction exclusion or (re)ordering. For our construction we rely on smart contracts to render the payment and receipt of bribes trustless for the briber as well as the bribee. Attacks using our approach are operated and financed out-of-band i.e., on a funding cryptocurrency, while the consequences are induced in a different target cryptocurrency. Hereby, the main requirement is that smart contracts on the funding cryptocurrency are able to verify consensus rules of the target. For a concrete instantiation of our P2W method, we choose Bitcoin as a target and Ethereum as a funding cryptocurrency. Our P2W method is designed in a way that reimburses collaborators even in the case of an unsuccessful attack. Interestingly, this actually renders our approach approximately one order of magnitude cheaper than comparable bribing techniques (e.g., the whale attack). We demonstrate the technical feasibility of P2W attacks through publishing all relevant artifacts of this paper, ranging from calculations of success probabilities to a fully functional proof-of-concept implementation, consisting of an Ethereum smart contract and a Python client.
en
dc.description.sponsorship
CDG Christian Doppler Forschungsgesellschaft; CDG Christian Doppler Forschungsgesellschaft
-
dc.language.iso
en
-
dc.relation.ispartofseries
Lecture Notes in Computer Science
-
dc.subject
Algorithmic incentive manipulation
en
dc.subject
Bitcoin
en
dc.subject
Bribing
en
dc.subject
Ethereum
en
dc.subject
Smart contracts
en
dc.title
Pay to Win: Cheap, Cross-Chain Bribing Attacks on PoW Cryptocurrencies
-
dc.type
Inproceedings
en
dc.type
Konferenzbeitrag
de
dc.contributor.affiliation
SBA Research, Austria
-
dc.contributor.affiliation
SBA Research, Austria
-
dc.contributor.affiliation
Imperial College London, United Kingdom of Great Britain and Northern Ireland (the)
-
dc.contributor.affiliation
Technion and IC3
-
dc.contributor.affiliation
Technion – Israel Institute of Technology, Israel
-
dc.contributor.affiliation
IOHK
-
dc.contributor.affiliation
University College London, United Kingdom of Great Britain and Northern Ireland (the)
-
dc.relation.isbn
978-3-662-63958-0
-
dc.description.startpage
533
-
dc.description.endpage
549
-
dc.relation.grantno
CDL SQI
-
dc.type.category
Full-Paper Contribution
-
dc.relation.eissn
1611-3349
-
tuw.booktitle
Financial Cryptography and Data Security. FC 2021 International Workshops
-
tuw.container.volume
12676
-
tuw.relation.publisher
Springer
-
tuw.project.title
Verbesserung der Sicherheit von Informationsprozessen in Produktionssystemen
-
tuw.researchTopic.id
I2
-
tuw.researchTopic.id
I4a
-
tuw.researchTopic.name
Computer Engineering and Software-Intensive Systems
-
tuw.researchTopic.name
Information Systems Engineering
-
tuw.researchTopic.value
50
-
tuw.researchTopic.value
50
-
tuw.publication.orgunit
E194-01 - Forschungsbereich Software Engineering
-
tuw.publisher.doi
10.1007/978-3-662-63958-0_39
-
dc.description.numberOfPages
17
-
tuw.author.orcid
0000-0002-5434-6344
-
tuw.author.orcid
0000-0001-7595-2258
-
tuw.author.orcid
0000-0003-1572-3255
-
tuw.author.orcid
0000-0001-5671-1395
-
tuw.event.name
Financial Cryptography and Data Security 2021
en
dc.description.sponsorshipexternal
Austrian Federal Ministry for Digital and Economic Affairs
-
dc.description.sponsorshipexternal
Nation Foundation for Research, Technology and Development
-
dc.description.sponsorshipexternal
FFG
-
dc.relation.grantnoexternal
864738 PR4DLT
-
tuw.event.startdate
01-03-2021
-
tuw.event.enddate
05-03-2021
-
tuw.event.online
Online
-
tuw.event.type
Event for scientific audience
-
tuw.event.country
unknown
-
tuw.event.presenter
Judmayer, Aljosha
-
tuw.presentation.online
Online
-
wb.sciencebranch
Informatik
-
wb.sciencebranch
Wirtschaftswissenschaften
-
wb.sciencebranch.oefos
1020
-
wb.sciencebranch.oefos
5020
-
wb.sciencebranch.value
90
-
wb.sciencebranch.value
10
-
item.languageiso639-1
en
-
item.grantfulltext
restricted
-
item.cerifentitytype
Publications
-
item.openairetype
conference paper
-
item.openairecristype
http://purl.org/coar/resource_type/c_5794
-
item.fulltext
no Fulltext
-
crisitem.author.dept
E194 - Institut für Information Systems Engineering
-
crisitem.author.dept
E194-01 - Forschungsbereich Software Engineering
-
crisitem.author.dept
E188 - Institut für Softwaretechnik und Interaktive Systeme
-
crisitem.author.dept
Technion and IC3
-
crisitem.author.dept
Technion – Israel Institute of Technology
-
crisitem.author.dept
IOHK
-
crisitem.author.dept
University College London
-
crisitem.author.dept
E194-01 - Forschungsbereich Software Engineering
-
crisitem.author.orcid
0000-0002-5434-6344
-
crisitem.author.orcid
0000-0001-7595-2258
-
crisitem.author.orcid
0000-0003-1572-3255
-
crisitem.author.orcid
0000-0001-5671-1395
-
crisitem.author.parentorg
E180 - Fakultät für Informatik
-
crisitem.author.parentorg
E194 - Institut für Information Systems Engineering
-
crisitem.author.parentorg
E180 - Fakultät für Informatik
-
crisitem.author.parentorg
E194 - Institut für Information Systems Engineering
