A proof of the security of the Bitcoin protocol is made rigorous, and simplified in certain parts. A computational model in which an adversary can delay transmission of blocks by time $Δ$ is considered. The protocol is generalized to allow blocks of different scores and a proof within this more general model is presented. An approach used in a previous paper that used random walk theory is shown through a counterexample to be incorrect; an approach involving a punctured block arrival process is shown to remedy this error. Thus, it is proven that with probability one, the Bitcoin protocol will have infinitely many honest blocks so long as the fully-delayed honest mining rate exceeds the adversary mining rate. This means that an adversary cannot censor future transactions of a user in perpetuity, which would render the protocol useless.

翻译：对比特币协议安全性的证明被严格化，并在某些部分得到简化。文中考虑了一种敌手可将区块传输延迟时间Δ的计算模型。该协议被泛化以允许不同分数的区块，并在这一更一般的模型下给出了相应证明。通过反例表明，先前一篇论文中基于随机游走理论的方法存在错误；而采用一种间断区块到达过程的方法则可纠正该错误。由此证明，当完全延迟的诚实挖矿速率超过敌手挖矿速率时，比特币协议几乎必然会产生无限多个诚实区块。这意味着敌手无法永久审查用户未来交易——否则该协议将失去效用。