The purpose of a consensus protocol is to keep a distributed network of nodes "in sync," even in the presence of an unpredictable communication network and adversarial behavior by some of the participating nodes. In the permissionless setting, these nodes may be operated by unknown players, with each player free to use multiple identifiers and to start or stop running the protocol at any time. Establishing that a permissionless consensus protocol is "secure" thus requires both a distributed computing argument (that the protocol guarantees consistency and liveness unless the fraction of adversarial participation is sufficiently large) and an economic argument (that carrying out an attack would be prohibitively expensive for an attacker). There is a mature toolbox for assembling arguments of the former type; the goal of this paper is to lay the foundations for arguments of the latter type. An ideal permissionless consensus protocol would, in addition to satisfying standard consistency and liveness guarantees, render consistency violations prohibitively expensive for the attacker without collateral damage to honest participants. We make this idea precise with our notion of the EAAC (expensive to attack in the absence of collapse) property, and prove the following results: 1. In the synchronous and dynamically available setting, with an adversary that controls at least one-half of the overall resources, no protocol can be EAAC. 2. In the partially synchronous and quasi-permissionless setting, with an adversary that controls at least one-third of the overall resources, no protocol can be EAAC. 3. In the synchronous and quasi-permissionless setting, there is a proof-of-stake protocol that, provided the adversary controls less than two-thirds of the overall stake, satisfies the EAAC property. All three results are optimal with respect to the size of the adversary.

翻译：共识协议的目的是在不可预测的通信网络及部分参与节点的恶意行为存在时，保持分布式节点网络的"同步"。在无许可环境下，这些节点可能由未知参与者运营，每个参与者可自由使用多个身份标识，并随时启动或停止运行协议。要证明无许可共识协议是"安全的"，既需要分布式计算论证（即确保协议在恶意参与比例未超过阈值时保证一致性及活跃性），也需要经济论证（即攻击者发动攻击的代价需高到难以承受）。目前已有成熟的工具组合用于前一类论证，而本文的目标是为后一类论证奠定基础。理想的无许可共识协议应满足：除标准的一致性及活跃性保证外，还应使攻击者发动一致性破坏攻击的代价高昂，同时不对诚实参与者造成附带损害。我们通过引入"无崩溃状态下攻击代价高昂"（EAAC）这一概念精确表述上述思想，并证明以下结论：1. 在同步且动态可用的环境下，当恶意方控制至少一半总资源时，不存在协议能实现EAAC属性；2. 在部分同步且准无许可环境下，当恶意方控制至少三分之一总资源时，不存在协议能实现EAAC属性；3. 在同步且准无许可环境下，存在一种权益证明协议，当恶意方控制的总权益比例低于三分之二时，该协议满足EAAC属性。上述三项结论在恶意方规模限制上均为最优。