RFC: Stacker-Signing, a protocol upgrade to defeat the 51% attack on the Stacks blockchain

The context is around miner already having centralized control (as we currently do). With centralized mining, Alice can reorg as an eventuality.

As described in point A2, one of the security postulates is the requirement to have consolidated capital that is at risk if the miner is not performant. For stacks, STX stacking is the manifestation of this requirement. For bitcoin, ASIC investment is the manifestation of this requirement. It is possible to use other manifestations as long as the stated qualities are satisfied - if you buy into the security postulate.

Turbo Blocks:

In this section we explore the possibility of how stacks blocks can be produced in between anchor blocks. We can refer to this period of time between anchor blocks as a Term (credit to @aaron for initializing this concept). The additional stacks blocks created during a term have the same security guarantees (reorg and censorship resistance) as a stacks block created during the anchor block. This is because the source of security that backs the Security Postulates comes from the pseudo random stacker slot selection that permits the Chosen Stacker to write to the chain-tip.

This pseudo random slot selection can, in fact, take place at any time during the protocol to invoke the Security Postulate guarantee that a Stacker-led chain-tip extension provides. Let’s illustrate an example:

  1. Starting at the sortition step, Bob is the winner of the sortition and becomes the Block Committer whose block is chosen to extend the chain (same as before).

  2. The pseudo random slot selection process promotes two Stackers into Chosen Stackers and they sign and propagate the block, extending the chain. They receive their PoX rewards (same as before).

  3. (New step) During this period of time until the next anchor block, referred to as the current Term, Bob can create another block motivated purely by transaction fees. He creates a block, signs this block and broadcasts it to the Stackers at-large.

  4. (New step) The Stackers receives this block and hashes the block. Using the hash as a pseudo random seed along with modulo arithmetic, the Stackers can deterministically know which 2 slots are the Chosen Stackers to process this block.

  5. (New step) The 2 self-identified Chosen Stackers verifies the signature of the block and confirms that it originates from Bob who is the authorized block producer for this term. They verify and sign the block, extend the chain tip, and broadcast the result. The other nodes verify the block as usual. The Chosen Stackers do not receive a PoX yield. They are motivated purely by their desire to keep a lively network due to their consolidated investment.

  6. (New step) Bob receives the broadcasted chain-tip and updates his chain. He can now repeat step 1 and construct another block.

  7. Stackers can continue to validate blocks from Bob until a new sortition winner - a new Block Committer - is declared.

This process is feed-forward. Bob produces a block and forwards this data to the Stackers. The Stackers receive the block and each individually perform the pseudo random hash-block seed-based computation to self-recognize as the Chosen Stacker. The Chosen Stackers verifies that Bob is the Block Committer for the current term, verifies and signs the block and forwards the updated chain-tip to the network. Bob receives the chain-tip update and the process repeats again. There are no artificial delays, threshold checks, nor handshakes between actors. The simplicity of the verifications mean block production can move at almost the speed of the network propagation limits all while maintaining the security postulates. Should adverse behavior arise, the block production would gracefully degrade to the performance level of the 10-minute anchor block cadence.

Comments or feedback?