WebOfTrustInfo / rwot3-sf
Abstract
This document analyses the security and performance characteristics of six interesting software systems related to blockchain technology and decentralized identity systems. The systems analyzed in this report are Bitcoin, Ethereum, Stellar, IPFS, Blockstack, and Hashgraph.
Overview
The security and performance findings of this report are summarized in table form at the beginning of the report. Each technology is then analyzed in detail for the rest of the report.
Each analysis of a particular blockchain technology starts by documenting the basic data structures used for the system. The basic data structures are a window into the information that the system needs to operate. They also provide a view into the capabilities and complexity of the given system.
Once the data structures are highlighted, an analysis on the security characteristics of the system is performed. This analysis is based on what the system is capable of doing today. A similar analysis is then performed for the performance characteristics of the system. Finally, the notable characteristics of the system are outlined in an attempt to highlight what makes the particular blockchain different from other blockchains.
Disclaimer
Terminology
In order to perform a meaningful analysis of each system, it is important to define and use the terminology that is applied to each system consistently. The terminology below is used throughout the document and readers are strongly advised to understand the terminology before going further and to refer back to this section in order to fully understand the usage of each term in the analysis sections.
: Asserts that information is not made available or disclosed to unauthorized individuals, entities, or processes.
: Asserts that information accuracy and completeness of data over its entire life-cycle is maintained and assured.
: Asserts that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction.
: Asserts that all information to perform a particular action must be available when it is needed.
: Asserts that the the chronology of ownership, custody, or location of a piece of information can be traced throughout time.
: Asserts that interactions do not expose an entity’s true name or legal identity
: A situation where an entity may disclose information to one or more selected entities without disclosing that information outside of the selected set.
: Asserts that all nodes in a decentralized system see the same data at the same time.
: Asserts that every request receives a response about whether it succeeded or failed.
: Asserts that the a decentralized system continues to operate despite arbitrary partitioning due to network failures.
: A characteristic of a system that states how performance characteristics change as the system grows or shrinks in size.
: A characteristic of a system that states how much time it takes to complete certain operations.
: A characteristic of a system that ensures that the complete system state can be verified at any given time to be correct.
: A characteristic of a system that states that all data requested may be retrieved from the system at any point.
: A measure of a system’s ability to respond to requests when under extreme load. Typically, a mechanism is utilized that is capable of determining a valid request from an invalid one or that makes the price the attacker must pay far greater than the price the receiver must pay to execute the request.
: The level of complexity in the system that exists to achieve a set of tasks.
Security Principles Summary Chart
| Principle | Bitcoin | Ethereum | Stellar | IPFS | Blockstack | Hashgraph |
|---|---|---|---|---|---|---|
| Confidentiality | Hash-based content addresses | |||||
| Information Availability | Block Mirroring | Block Mirroring | Ledger Mirroring | Graph and file Mirroring | Block Mirroring / DHT Mirroring | Hashgraph Mirroring; optional event history |
| Integrity | Multiple block verifications | Multiple block verifications | Latest block verification | Hash-based content addressing | Multiple block verifications | Consensus with probability one |
| Non-repudiation | Digital signatures | Digital signatures | Digital signatures | Digital signatures | Digital signatures | Digital signatures |
| Provenance | Transaction inputs/outputs | Ethereum state machine and transition functions | Digitally signed ledger transition instructions | Digital signatures and versioning | Transaction inputs & outputs and virtualchain references | Hashgraph Mirroring; optional event history |
| Pseudonymity | Public keys | Public keys and contract addresses | Public keys | Public keys | Public keys, but public information encouraged | Not supported; could be layered |
| Selective Disclosure | Selective access to encrypted storage | Not supported; could be layered |
Performance Principles Summary Chart
| Principle | Bitcoin | Ethereum | Stellar | IPFS | Blockstack | Hashgraph |
|---|---|---|---|---|---|---|
| Consistency | Block verifications. 30-60 minutes | Block verifications. 20-60 minutes | Single block verification. Less than 1 minute | P2P mirroring. Limited primarily by network I/O. Several seconds for files less than 128KB. | Block verifications. 30-60 minutes | Consensus with probability one; Byzantine agreement, but attackers must control less than one-third |
| System Availability | Block verifications. 30-60 minutes | Block verifications. 20-60 minutes | Single block verification. Less than 1 minute. | Single storage request response. Several seconds for files less than 128KB | Block verifications. 30-60 minutes | Virtual voting; DoS resistant w/o proof-of-work, fast gossip |
| Failure Tolerance | Longest chain wins | Longest chain wins | Last balloted block always has consensus. | Content address hash. Highly resilient against network partitioning | Longest chain wins | Strong Byzantine fault tolerance |
| Scalability | Block size. 7 transactions per second | Block size. 7-20 transactions per second | Thousands to tens of thousands of transactions per second. | Thousands to tens of thousands of transactions per second. Scales linearly as nodes are added. | Block size. 7 transactions per second | Thousands to tens of thousands of transactions per second. Limited by bandwidth only |
| Latency | Block verifications. 30-60 minutes | Block verifications. 20-60 minutes | Single block verification. Less than 1 minute. | Single storage request response. Several seconds for files less than 128KB. | Block verifications. 30-60 minutes | Virtual voting; limited only by exponentially fast gossip protocol |
| Auditability | Full | Full | Full | Difficult | Full | Configurable |
| Liveliness | Full | Full | Full | Fails if nodes storing data fail | Full | Full |
| Denial of Service Resistance | Spend Bitcoin | Spend Ether | Spend Stellar | Files are only mirrored if requested | Spend Bitcoin | Signed State / Proof-of-stake / < 1/3 attackers |
| System Complexity | Medium | High | Medium | Medium | Medium | Low, but not full system |
Bitcoin
Data Structures
Block Format
| Field | Description | Size |
|---|---|---|
| value always | 4 bytes | |
| number of bytes following up to end of block | 4 bytes | |
| See below | 80 bytes | |
| positive integer | 1 - 9 bytes | |
| the (non empty) list of transactions | - many transactions |
Blockheader Format
| Field | Description | Size |
|---|---|---|
| Block version number | 4 bytes | |
| 256-bit hash of the previous block header | 32 bytes | |
| 256-bit hash based on all of the transactions in the block | 32 bytes | |
| Current timestamp as seconds since | 4 bytes | |
| Current target in compact format | 4 bytes | |
| 32-bit number (starts at 0) | 4 bytes |
Transaction Format
| Field | Description | Size |
|---|---|---|
| currently 1 | 4 bytes | |
| positive integer | 1 - 9 bytes | |
| the first input of the first transaction is also called "coinbase" (its content was ignored in earlier versions) | - many inputs | |
| positive integer | 1 - 9 bytes | |
| the outputs of the first transaction spend the mined bitcoins for the block | - many outputs | |
| if non-zero and sequence numbers are < : block height or timestamp when transaction is final | bytes |
Transaction Input Format
| Field | Description | Size |
|---|---|---|
| doubled SHA256-hashed of a (previous) to-be-used transaction | 32 bytes | |
| non negative integer indexing an output of the to-be-used transaction | 4 bytes | |
| non negative integer | 1 - 9 bytes | |
| Script | - many bytes | |
| normally ; irrelevant unless transaction's lock_time is > 0 | 4 bytes |
Transaction Output Format
| Field | Description | Size |
|---|---|---|
| non negative integer giving the number of Satoshis to be transferred | 8 bytes | |
| non negative integer | 1 - 9 bytes | |
| Script | - many bytes |
Security Characteristics
: None. All information in the Bitcoin blockchain is public. Confidentiality is achieved by hashing data and placing it in the blockchain.
: Block mirroring. In general, all information is highly mirrored and available at all times. It may be true that some of the more recent information cannot be trusted until more block verifications are performed.
: Multiple block verifications. Information is accurate given no blockchain forks. Integrity cannot be strongly trusted until at least 6+ verifications have been performed.
: Digital signatures. All transactions are digitally signed and are thus non-repudiable.
: Transaction inputs and outputs. All transactions can be traced using block inputs and outputs.
: Public keys used as identifiers. All transactions use public keys as identifiers (not legal names or identifiers). Pseudonymity may be compromised via court orders to Bitcoin money transmitters.
: None. All information in the Bitcoin blockchain is public. Selective disclosure could theoretically be achieved via symmetric key encryption, but due to the permanent nature of the Bitcoin blockchain and the impermanent nature of cryptographic protection, storing encrypted information directly on the Blockchain is ill advised.
Performance Characteristics
: Multiple block verifications. Eventual consistency is guaranteed through multiple block verifications. Consistency of a freshly committed block cannot be highly trusted until between 30 to 60 minutes after the transaction.
: Multiple block verifications. Transactions are not verified to a high degree of certainty until between 30 to 60 minutes after the transaction occurs.
: Longest chain wins. Eventual consistency during arbitrary network partitioning. Mining allocation may cause one network partition to gain blocks at a faster rate than other partitions. In these cases, transactions are not very tolerant to failure depending on which network partition a transaction is written to.
: Block size. Transaction speed is currently set at 7 transactions per second with a 1MB block size.
: Multiple block verifications. Transaction verifications take between 30 to 60 minutes after a transaction occurs to be verified. In May 2016, boot-up time for new nodes takes 1-3 days due to having to download 69GBs of data from peers and audit the blockchain.
Notable Features
: Processing cycles must be expended in order to be able to write a new block to the blockchain.
: A non-turing complete, Forth-like, stack-based scripting system, without support for loops is used for transaction inputs and outputs enabling some programmability for how transactions can be spent.
: To incentivize block verification, bounties are provided to miners that make securing the blockchain a profitable endeavor.
Ethereum
Data Structures
Account Format
| Field | Description | Size |
|---|---|---|
| A scalar value equal to the number of transactions sent from this address or, in the case of accounts with associated code, the number of contract-creations made by this account. | 32 bytes | |
| A scalar value equal to the number of Wei owned by this address. | 32 bytes | |
| A 256-bit hash of the root node of a Merkle Patricia tree that encodes the storage contents of the account (a mapping between 256-bit integer values), encoded into the trie as a mapping from the Keccak 256-bit hash of the 256-bit integer keys to the RLP-encoded 256-bit integer values. | 32 bytes | |
| The hash of the EVM code of this account—this is the code that gets executed should this address receive a message call; it is immutable and thus, unlike all other fields, cannot be changed after construction. All such code fragments are contained in the state database under their corresponding hashes for later retrieval. | 32 bytes |
Message Transaction Format
| Field | Description | Size |
|---|---|---|
| A 64-bit hash which proves combined with the mix-hash that a sufficient amount of computation has been carried out on this block | 8 bytes | |
| A scalar value equal to the number of Wei to be paid per unit of gas for all computation costs incurred as a result of the execution of this transaction. | 32 bytes | |
| A scalar value equal to the current limit of gas expenditure per block | 32 bytes | |
0 thoughts to “Bitcoin transaction limit per second”