Add draft

Author: liuchengxu

content/blockchain-consensus-attacks.md

@@ -0,0 +1,38 @@
+# 区块链共识级别的攻击
+
+## Double spending attacks
+
+## Grinding attacks
+
+## Transaction denial attacks
+
+## Desynchronization attacks
+
+## Eclipse attacks
+
+## 51% attacks
+
+## Bribery attacks
+
+## Long-range attacks
+
+## Nothing at stake attacks
+
+当发生分叉时，验证人的最优策略是承认每一条分叉，并在所有分叉上继续挖。
+
+- https://en.wikipedia.org/wiki/Proof-of-stake
+- https://blog.goldmint.io/nothing-at-stake-and-longrange-attack-in-pos-4ec486f1fc89
+- https://github.com/ethereum/wiki/wiki/Problems
+- https://pivx.org/nothing-considered-a-look-at-nothing-at-stake-vulnerability-for-cryptocurrencies/
+- https://medium.com/@abhisharm/understanding-proof-of-stake-through-its-flaws-part-2-nothing-s-at-stake-8d12d826956c
+- https://medium.com/coinmonks/understanding-proof-of-stake-the-nothing-at-stake-theory-1f0d71bc027
+
+## Past majority attacks
+
+## Selfish-mining
+
+自私挖矿，恶意挖到块以后，并不广播出去，而是偷偷藏在手里，然后继续挖。当监听到有节点挖出同样高度的块时，迅速将手里的块广播出去，如果恶意节点的网络更好, 那么恶意节点手中同高度的块就会被接受，如此一来，恶意节点就会更有优势挖到下面的块。
+
+## Reference
+
+- Ouroboros

content/cardano/ouroboros.md

@@ -1 +1,43 @@
 [The Bitcoin Backbone Protocol: Analysis and Applications](https://eprint.iacr.org/2014/765.pdf)
+
+
+# Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol
+
+- Proof of Stake
+- Proof of physical resources(e.g., proof of work)
+
+
+First, we provide a model that formalizes the problem of realizing a PoS-based blockchain protocol. The model we introduce is in the spirit of [24], focusing on persistence and liveness,
+
+- *persistence*
+- *liveness*
+
+
+coin-flipping protocol ==> produce the randomness for the leader election process
+
+
+Also, unique to our approach is the fact that the system ignores round-to-round stake modifications. Instead, a snapshot of the current set of stakeholders is taken in regular
+intervals called epochs; in each such interval a secure multiparty computation takes place utilizing the blockchain itself as the broadcast channel.
+
+
+Specifically, in each epoch a set of randomly selected stakeholders form a committee which is then responsible for executing the coin-flipping protocol. The outcome of the protocol determines the set of next stakeholders to execute the protocol in the next epoch as well as the outcomes of all leader elections for the epoch.
+
+
+-  a snapshot of the current set of stakeholders is taken in regular intervals called epochs
+
+-  in each such interval a secure multiparty computation takes place utilizing the blockchain itself as the broadcast channel
+
+
+Our protocol is secure under a number of plausible assumptions:
+(1) the network is synchronous in the sense that an upper bound can be determined during which any honest stakeholder is able to communicate with any other stakeholder,
+(2) a number of stakeholders drawn from the honest majority is available as needed to participate in each epoch,
+(3) the stakeholders do not remain offline for long periods of time,
+(4) the adaptivity of corruptions is subject to a small delay that is measured in rounds linear in the security parameter (or alternatively, the players have access to a sender-anonymous broadcast channel).
+
+Sleepy consensus considers a fixed stakeholder distribution (i.e., stake does not evolve over time) and targets a “mixed” corruption setting, where the adversary is allowed to be adaptive as well as perform fail-stop and recover corruptions in addition to Byzantine faults.
+
+Snow White [7] addresses an evolving stakeholder distribution and uses a corruption delay mechanism similar to ours for arguing security. Nevertheless, contrary to our protocol, the Snow White design is susceptible to a “grinding” type of attack that can bias high probability events in favor of the adversary
+
+Algorand
+
+- [Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol](https://eprint.iacr.org/2016/889.pdf)