The purpose of a consensus protocol is to keep a distributed network of nodes "in sync," even in the presence of an unpredictable communication network and adversarial behavior by some of the participating nodes. In the permissionless setting, these nodes may be operated by unknown players, with each player free to use multiple identifiers and to start or stop running the protocol at any time. Establishing that a permissionless consensus protocol is "secure" thus requires both a distributed computing argument (that the protocol guarantees consistency and liveness unless the fraction of adversarial participation is sufficiently large) and an economic argument (that carrying out an attack would be prohibitively expensive for an attacker). There is a mature toolbox for assembling arguments of the former type; the goal of this paper is to lay the foundations for arguments of the latter type. An ideal permissionless consensus protocol would, in addition to satisfying standard consistency and liveness guarantees, render consistency violations prohibitively expensive for the attacker without collateral damage to honest participants. We make this idea precise with our notion of the EAAC (expensive to attack in the absence of collapse) property, and prove the following results: 1. In the synchronous and dynamically available setting, with an adversary that controls at least one-half of the overall resources, no protocol can be EAAC. 2. In the partially synchronous and quasi-permissionless setting, with an adversary that controls at least one-third of the overall resources, no protocol can be EAAC. 3. In the synchronous and quasi-permissionless setting, there is a proof-of-stake protocol that, provided the adversary controls less than two-thirds of the overall stake, satisfies the EAAC property. All three results are optimal with respect to the size of the adversary.

翻译：共识协议的目的是使分布式节点网络保持"同步"，即使在通信网络不可预测且部分参与节点存在对抗行为的情况下也是如此。在无需许可的环境中，这些节点可能由未知参与者运行，每个参与者可自由使用多个标识符，并可随时启动或停止运行协议。因此，要确立无需许可共识协议的"安全性"，既需要分布式计算论证（即除非对抗参与比例足够大，否则协议能保证一致性和活性），也需要经济学论证（即实施攻击对攻击者而言成本过高）。目前已有成熟的工具箱可用于构建前一类论证；本文的目标是为后一类论证奠定基础。理想的无需许可共识协议除了满足标准的一致性和活性保证外，还应使攻击者实施一致性破坏的成本极高，同时不会对诚实参与者造成附带损害。我们通过提出EAAC（无崩溃状态下攻击成本高昂）属性的概念来精确表述这一思想，并证明以下结果：1. 在同步且动态可用的环境中，若对手控制至少一半总资源，则不存在满足EAAC属性的协议。2. 在部分同步且准无需许可的环境中，若对手控制至少三分之一总资源，则不存在满足EAAC属性的协议。3. 在同步且准无需许可的环境中，存在一种权益证明协议，当对手控制少于三分之二总权益时，可满足EAAC属性。所有三个结果在对手规模方面均达到最优。