Security analysis of blockchain technology is an active domain of research. There has been both cryptographic and game-theoretic security analysis of Proof-of-Work (PoW) blockchains. Prominent work includes the cryptographic security analysis under the Universal Composable framework and Game-theoretic security analysis using Rational Protocol Design. These security analysis models rely on stricter assumptions that might not hold. In this paper, we analyze the security of PoW blockchain protocols. We first show how assumptions made by previous models need not be valid in reality, which attackers can exploit to launch attacks that these models fail to capture. These include Difficulty Alternating Attack, under which forking is possible for an adversary with less than 0.5 mining power, Quick-Fork Attack, a general bound on selfish mining attack and transaction withholding attack. Following this, we argue why previous models for security analysis fail to capture these attacks and propose a more practical framework for security analysis pRPD. We then propose a framework to build PoW blockchains PRAGTHOS, which is secure from the attacks mentioned above. Finally, we argue that PoW blockchains complying with the PRAGTHOS framework are secure against a computationally bounded adversary under certain conditions on the reward scheme.

翻译：区块链技术的安全性分析是一个活跃的研究领域。目前已有对工作量证明（PoW）区块链进行的密码学与博弈论安全性分析。主要工作包括在通用可组合框架下的密码学安全性分析，以及使用理性协议设计的博弈论安全性分析。这些安全性分析模型依赖于可能不成立的严格假设。本文分析了PoW区块链协议的安全性。我们首先展示了先前模型所作的假设在现实中可能不成立，攻击者可利用这些假设发起这些模型无法捕获的攻击，包括难度交替攻击（在该攻击下，算力低于50%的对手可能实现分叉）、快速分叉攻击、自私挖矿攻击的一般界限及交易扣押攻击。随后，我们论证了为何先前的安全性分析模型无法捕获这些攻击，并提出了一种更实用的安全性分析框架pRPD。接着，我们提出了用于构建PoW区块链的PRAGTHOS框架，该框架能抵御上述攻击。最后，我们证明在特定奖励机制条件下，遵循PRAGTHOS框架的PoW区块链能够抵御计算能力受限的对手。