On the Security and Performance of Proof of Work Blockchains

In this thesis, we examine the security, performance, and privacy of Proof of Work-based (PoW) blockchains and digital currencies such as Bitcoin. The decentralized characteristics of blockchains have the benefit of removing trusted third parties; however, they create new challenges for security, performance, scalability, and privacy, which we investigate. The blockchain's security, for example, affects the ability of participants to exchange monetary value or participate in the network communication and the consensus process. In our first contribution, we observe the decentralized nature of Bitcoin and show that few individuals typically control vital operations in the Bitcoin ecosystem. Moreover, we show that a third party can unilaterally affect the fungibility of individual Bitcoins. Our second contribution provides a quantitative framework to objectively compare the security and performance characteristics of Proof of Work-based blockchains under adversaries with optimal strategies. Our work allows us to increase Bitcoin's transaction throughput by a factor of ten, given only one parameter change and without deteriorating the security of the underlying blockchain. In our third contribution, we highlight previously unconsidered impacts of the PoW blockchain's scalability on its security and propose design modifications that are now implemented in the primary Bitcoin client. In our fourth contribution, we investigate the privacy of lightweight Bitcoin clients, those that are the most critical to Bitcoin's mainstream adoption. Similarly, we propose appropriate design modifications that are being implemented to protect the user's privacy. Orthogonally, in our fifth contribution, we analyze the location privacy implications of public transaction prices. Surprisingly, we show that, given only a few prices from a consumer, we can accurately position the purchase location.