SlideShare a Scribd company logo

Sidechains introduction

Download as PPTX, PDF
L
Lin Lin (Wendy)

Sidechains allow the transfer of assets between blockchains through a two-way peg mechanism. This mechanism uses cryptographic proofs to lock assets on one blockchain and unlock equivalent assets on another blockchain. It provides properties like atomic transfers without counterparty risk. There are challenges around complexity, potential for fraudulent transfers through deep reorganizations, and risks of centralization for sidechains with mining. Applications include experimentation with new features on separate blockchains and issuing new blockchain-based assets.

Technology
1 of 12
Downloaded 16 times
1
2
3
4
5
6
7
8
9
10
11
12
Sidechains
Sidechain in a nutshell
Background information Bitcoin blockheaders can be regarded as example of DDMS DDMS (Dynamic membership multi-party signature) ◦ Digital signature formed by a set of signers which has no fixed size Similarity ◦ any one can contribute with no enrolment process; contribution is weighted by computational power rather than one threshold signature contribution per party Difference ◦ Blockchain use of DDMS as a signature of computational power rather than a signature of knowledge ◦ Blockchain signers prove computational work, rather than proving secret knowledge as is typical for digital signature.
Pegged Sidechain(two-way peg) design idea Interoperable blockchains ◦ Allow movement of asserts between blockchains, new systems could be developed which users could adopt by simply reusing the existing bitcoin currency. Designed Properties 1. Assets which are moved between sidechains should be able to be moved back by whomever their current holder is, and nobody else (including previous holders). 2. Assets should be moved without counterparty risk; that is, there should be no ability for a dishonest party to prevent the transfer occurring 3. Transfers should be atomic, i.e. happen entirely or not at all. There should not be failure modes that result in loss or allow fraudulent creation of assets. 4. Sidechains should be firewalled: a bug in one sidechain enabling creation (or theft) of assets in that chain should not result in creation or theft of assets on any other chain. 5. Blockchain reorganisations should be handled cleanly, even during transfers; any disruption should be localised to the sidechain on which it occurs. In general, sidechains should ideally be fully independent, with users providing any necessary data from other chains. Validators of a sidechain should only be required to track another chain if that is an explicit consensus rule of the sidechain itself. 6. Users should not be required to track sidechains that they are not actively using.
Proposed method Transfer assets by providing proofs of possession in the transferring transaction themselves Break down: ◦ Chain 1 transfer asset to Chain 2 ◦ Chain 1: create a transaction, locking the assets ◦ Chain 2:create a transaction with input contain a cryptographic proof that lock was done correctly. Inputs tagged with an asset type(the genesis hash of its originating blockchain) ◦ Chain 1 can transfer to chain 2 and vice versa
Definitions Sidechain ◦ is a blockchain that validates data from other blockchains. Two-way peg ◦ refers to the mechanism by which coins are transferred between sidechains and back at a fixed or otherwise deterministic exchange rate. A pegged sidechain ◦ is a sidechain whose assets can be imported from and returned to other chains; that is, a sidechain that supports two-way pegged assets. A simplified payment verification proof (or SPV proof ) ◦ is a DMMS that an action occurred on a Bitcoin-like proof-of-work blockchain.
Symmetric two-way peg This works as follows: to transfer parent chain coins into sidechain coins, the parent chain coins are sent to a special output on the parent chain that can only be unlocked by an SPV proof of possession on the sidechain. To synchronise the two chains, we need to define two waiting periods: ◦ The confirmation period of a transfer between sidechains is a duration for which a coin must be locked on the parent chain before it can be transferred to the sidechain. A typical confirmation period would be on the order of a day or two. ◦ After creating the special output on the parent chain, the user waits out the confirmation period, then creates a transaction on the sidechain referencing this output, providing an SPV proof that it was created and buried under sufficient work on the the parent chain. ◦ The confirmation period is a per-sidechain security parameter, which trades cross-chain transfer speed for security. ◦ The user must then wait for the contest period. This is a duration in which a newly-transferred coin may not be spent on the sidechain. ◦ The purpose of a contest period is to prevent double- 240 spending by transferring previously-locked coins during a reorganisation. If at any point during this delay, a new proof is published containing a chain with more aggregate work which does not include the block in which the lock output was created, the conversion is retroactively invalidated. We call this a reorganisation proof. ◦ All users of the sidechain have an incentive to produce reorganisation proofs if possible, as the consequence of a bad proof being admitted is a dilution in the value of all coins. A typical contest period would also be on the order of a day or two. To avoid these delays, users will likely use atomic swaps (described in Appendix C) for most transfers, as long as a liquid market is available.
Symmetric two-way peg
Drawbacks of sidechain Complexity ◦ Network level:multiple independent unsynchronized blockchain supporting transfers between each other. Must support transaction scripts which can be invalidate by a later reorganization proof. ◦ Software needed to detect misbehaviors, and produce and publish proofs. ◦ Assets level: each chain may support arbitrarily many assets ◦ Each of these assets is labelled with the chain it was transferred from ◦ User interface: need to have wallets that adapt and support multiple chains and transfers of assets between chains Fraudulent transfers ◦ Reorganisation of arbitrary depth in principle possible, which could allow attacker to completely transfer coins between sidechains before causing a reorganisation longer than the contest period on the sending chain to undo its half of the transfer. ◦ Reaction design ◦ No reaction: the sidechain is a “fractional reserve” of the assets it is storing from other chains ◦ The peg and all dependent transactions could be reversed. ◦ The amount of all coins could be reduced, while leaving the exchange rate intact.
Drawbacks of sidechain Risk of centralisation of mining ◦ Sidechain with mining fee may place resource pressure on miners, creating bitcoin centralisation risks Risk of soft-fork
Applications Altchain experiments ◦ Technical experiment ◦ Fixing undesired transaction malleability ◦ Improved payer privacy ◦ Script extensions ◦ Many ideas for extending bitcoin in incompatible way ◦ Economic experimentation Issued assets ◦ Side chains can have their own assets and currencies
SPV proof composed of (a) a list of blockheaders demonstrating proof-of work, and (b) a cryptographic proof that an output was created in one of the blocks in the list. This allows verifiers to check that some amount of work has been committed to the existence of an output. Such a proof may be invalidated by another proof demonstrating the existence of a chain with more work which does not include the block which created the output. Using SPV proofs to determine history, implicitly trusting that the longest blockchain is also the longest correct blockchain, is done by so-called SPV clients in Bitcoin. Only a dishonest collusion with greater than 50% of the hashpower can persistently fool an SPV client (unless the client is under a long-term Sybil attack, preventing it from seeing the actual longest chain), since the honest hashpower will not contribute work to an invalid chain

More Related Content

PDF
Sidechains Presentation
Brian Fabian Crain
 
PDF
Sidechain talk
jojva
 
PDF
AdsCash - New Cryptocurrency
J.D Evies
 
PDF
create your own cryptocurrency
Bellaj Badr
 
PPTX
Cryptocurrency - Digital Currency
Sameer Satyam
 
PDF
Bitcoin, Blockchain and Crypto Contracts - Part 3
Prithwis Mukerjee
 
PPTX
Bitcoin, Blockchain and the Crypto Contracts - Part 2
Prithwis Mukerjee
 
PPTX
How to Create AltCoin(Alternative Cryptocurrency)?
Abdullah Khan Zehady
 
Sidechains Presentation
Brian Fabian Crain
 
Sidechain talk
jojva
 
AdsCash - New Cryptocurrency
J.D Evies
 
create your own cryptocurrency
Bellaj Badr
 
Cryptocurrency - Digital Currency
Sameer Satyam
 
Bitcoin, Blockchain and Crypto Contracts - Part 3
Prithwis Mukerjee
 
Bitcoin, Blockchain and the Crypto Contracts - Part 2
Prithwis Mukerjee
 
How to Create AltCoin(Alternative Cryptocurrency)?
Abdullah Khan Zehady
 

What's hot (20)

PPTX
Cryptocurrencies 101 v5 public
Brett Colbert
 
PDF
Girl Develop It - Intro To Blockchain And Cryptocurrencies
magnachef
 
PDF
Blockchain, bitcoin
Sathish VJ
 
PDF
Metadata in the Blockchain: The OP_RETURN Explosion
Coin Sciences Ltd
 
PDF
cryptocurrency mining and digital currencies Bitcoin, Ethereum underlying te...
rsiyengar.com
 
PDF
Economías criptográficas
navajanegra
 
PDF
Blockchain - a basic overview
Syed Rakib Al Hasan
 
PPTX
A quick introduction to Consensus Models
Oded Noam
 
PDF
Introduction to blockchain and cryptocurrency technologies
Paweł Wacławczyk
 
ODP
Intro to Blockchain - And, by the way, what the heck is proof-of-work?
Jim Flynn
 
PDF
From bitcoin to_algorand_
JitendraNaik16
 
ODP
CBGTBT - Part 2 - Blockchains 101
Blockstrap.com
 
PPTX
Blockchain 101
Oded Noam
 
PDF
Blockchain overview, use cases, implementations and challenges
Sébastien Tandel
 
PPTX
Intro into blockchain
Roderik van der Veer
 
PPTX
Altcoins
sameezahur
 
PDF
Pi network
VamsikrishnaVemavara
 
PPTX
Bitcoin lightning network and ethereum protocols
SUSMIT LAVANIA
 
ODP
CBGTBT - Part 3 - Transactions 101
Blockstrap.com
 
PPTX
Overview of bitcoin
Abdul Nasir
 
Cryptocurrencies 101 v5 public
Brett Colbert
 
Girl Develop It - Intro To Blockchain And Cryptocurrencies
magnachef
 
Blockchain, bitcoin
Sathish VJ
 
Metadata in the Blockchain: The OP_RETURN Explosion
Coin Sciences Ltd
 
cryptocurrency mining and digital currencies Bitcoin, Ethereum underlying te...
rsiyengar.com
 
Economías criptográficas
navajanegra
 
Blockchain - a basic overview
Syed Rakib Al Hasan
 
A quick introduction to Consensus Models
Oded Noam
 
Introduction to blockchain and cryptocurrency technologies
Paweł Wacławczyk
 
Intro to Blockchain - And, by the way, what the heck is proof-of-work?
Jim Flynn
 
From bitcoin to_algorand_
JitendraNaik16
 
CBGTBT - Part 2 - Blockchains 101
Blockstrap.com
 
Blockchain 101
Oded Noam
 
Blockchain overview, use cases, implementations and challenges
Sébastien Tandel
 
Intro into blockchain
Roderik van der Veer
 
Altcoins
sameezahur
 
Pi network
VamsikrishnaVemavara
 
Bitcoin lightning network and ethereum protocols
SUSMIT LAVANIA
 
CBGTBT - Part 3 - Transactions 101
Blockstrap.com
 
Overview of bitcoin
Abdul Nasir
 
Ad

Similar to Sidechains introduction (20)

DOCX
Bitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docx
jasoninnes20
 
PDF
bitcoin.pdf
nafeesarani1
 
PDF
bitcoin.pdf
kikofx
 
PDF
Bitcoin Whitepaper
JohnAvery36
 
PDF
Bitcoin whitepaper
AbdulShamilMS
 
PDF
Bitcoin White Paper
Andre Vianna (Brazil)
 
PDF
Whitepaper Bitcoin: A Peer-to-Peer Electronic Cash System
IQbal KHan
 
PDF
Introduction for Bitcoin. Original Pater
MarkYang62
 
PDF
bitcoin.pdf
RoselinGuerr
 
PDF
Satoshinakamotobitcoin
Nivaldo Torres
 
PPTX
BitCoin explained
Harelc
 
DOCX
Disertation cryptocurrency
SHIVANSH PATANKAR
 
PDF
190221 masterclass blockchain
BoFrank01
 
PPTX
The Hive Think Tank: Sidechains by Adam Back, President of Blockstream
The Hive
 
PPTX
Bitcoin
Puneet Kumar
 
PPTX
The Basic Theories of Blockchain
Sota Watanabe
 
PPTX
01 what is blockchain
BastianBlankenburg
 
PDF
Hyperchains
Grzegorz Uriasz
 
PPTX
Blockchain general presentation nov 2017 v eng
David Vangulick
 
PPTX
Introduction to State Channels & Payment Channels
Priyab Satoshi
 
Bitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docx
jasoninnes20
 
bitcoin.pdf
nafeesarani1
 
bitcoin.pdf
kikofx
 
Bitcoin Whitepaper
JohnAvery36
 
Bitcoin whitepaper
AbdulShamilMS
 
Bitcoin White Paper
Andre Vianna (Brazil)
 
Whitepaper Bitcoin: A Peer-to-Peer Electronic Cash System
IQbal KHan
 
Introduction for Bitcoin. Original Pater
MarkYang62
 
bitcoin.pdf
RoselinGuerr
 
Satoshinakamotobitcoin
Nivaldo Torres
 
BitCoin explained
Harelc
 
Disertation cryptocurrency
SHIVANSH PATANKAR
 
190221 masterclass blockchain
BoFrank01
 
The Hive Think Tank: Sidechains by Adam Back, President of Blockstream
The Hive
 
Bitcoin
Puneet Kumar
 
The Basic Theories of Blockchain
Sota Watanabe
 
01 what is blockchain
BastianBlankenburg
 
Hyperchains
Grzegorz Uriasz
 
Blockchain general presentation nov 2017 v eng
David Vangulick
 
Introduction to State Channels & Payment Channels
Priyab Satoshi
 
Ad

Recently uploaded (20)

PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Approach and Philosophy of On baking technology
30anthuong17
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Encapsulation theory and applications.pdf
gurumoop
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
A Presentation on Artificial Intelligence
memembruh336
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Teaching material agriculture food technology
LiaRayya
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 

Sidechains introduction

  • 2. Sidechain in a nutshell
  • 3. Background information Bitcoin blockheaders can be regarded as example of DDMS DDMS (Dynamic membership multi-party signature) ◦ Digital signature formed by a set of signers which has no fixed size Similarity ◦ any one can contribute with no enrolment process; contribution is weighted by computational power rather than one threshold signature contribution per party Difference ◦ Blockchain use of DDMS as a signature of computational power rather than a signature of knowledge ◦ Blockchain signers prove computational work, rather than proving secret knowledge as is typical for digital signature.
  • 4. Pegged Sidechain(two-way peg) design idea Interoperable blockchains ◦ Allow movement of asserts between blockchains, new systems could be developed which users could adopt by simply reusing the existing bitcoin currency. Designed Properties 1. Assets which are moved between sidechains should be able to be moved back by whomever their current holder is, and nobody else (including previous holders). 2. Assets should be moved without counterparty risk; that is, there should be no ability for a dishonest party to prevent the transfer occurring 3. Transfers should be atomic, i.e. happen entirely or not at all. There should not be failure modes that result in loss or allow fraudulent creation of assets. 4. Sidechains should be firewalled: a bug in one sidechain enabling creation (or theft) of assets in that chain should not result in creation or theft of assets on any other chain. 5. Blockchain reorganisations should be handled cleanly, even during transfers; any disruption should be localised to the sidechain on which it occurs. In general, sidechains should ideally be fully independent, with users providing any necessary data from other chains. Validators of a sidechain should only be required to track another chain if that is an explicit consensus rule of the sidechain itself. 6. Users should not be required to track sidechains that they are not actively using.
  • 5. Proposed method Transfer assets by providing proofs of possession in the transferring transaction themselves Break down: ◦ Chain 1 transfer asset to Chain 2 ◦ Chain 1: create a transaction, locking the assets ◦ Chain 2:create a transaction with input contain a cryptographic proof that lock was done correctly. Inputs tagged with an asset type(the genesis hash of its originating blockchain) ◦ Chain 1 can transfer to chain 2 and vice versa
  • 6. Definitions Sidechain ◦ is a blockchain that validates data from other blockchains. Two-way peg ◦ refers to the mechanism by which coins are transferred between sidechains and back at a fixed or otherwise deterministic exchange rate. A pegged sidechain ◦ is a sidechain whose assets can be imported from and returned to other chains; that is, a sidechain that supports two-way pegged assets. A simplified payment verification proof (or SPV proof ) ◦ is a DMMS that an action occurred on a Bitcoin-like proof-of-work blockchain.
  • 7. Symmetric two-way peg This works as follows: to transfer parent chain coins into sidechain coins, the parent chain coins are sent to a special output on the parent chain that can only be unlocked by an SPV proof of possession on the sidechain. To synchronise the two chains, we need to define two waiting periods: ◦ The confirmation period of a transfer between sidechains is a duration for which a coin must be locked on the parent chain before it can be transferred to the sidechain. A typical confirmation period would be on the order of a day or two. ◦ After creating the special output on the parent chain, the user waits out the confirmation period, then creates a transaction on the sidechain referencing this output, providing an SPV proof that it was created and buried under sufficient work on the the parent chain. ◦ The confirmation period is a per-sidechain security parameter, which trades cross-chain transfer speed for security. ◦ The user must then wait for the contest period. This is a duration in which a newly-transferred coin may not be spent on the sidechain. ◦ The purpose of a contest period is to prevent double- 240 spending by transferring previously-locked coins during a reorganisation. If at any point during this delay, a new proof is published containing a chain with more aggregate work which does not include the block in which the lock output was created, the conversion is retroactively invalidated. We call this a reorganisation proof. ◦ All users of the sidechain have an incentive to produce reorganisation proofs if possible, as the consequence of a bad proof being admitted is a dilution in the value of all coins. A typical contest period would also be on the order of a day or two. To avoid these delays, users will likely use atomic swaps (described in Appendix C) for most transfers, as long as a liquid market is available.
  • 9. Drawbacks of sidechain Complexity ◦ Network level:multiple independent unsynchronized blockchain supporting transfers between each other. Must support transaction scripts which can be invalidate by a later reorganization proof. ◦ Software needed to detect misbehaviors, and produce and publish proofs. ◦ Assets level: each chain may support arbitrarily many assets ◦ Each of these assets is labelled with the chain it was transferred from ◦ User interface: need to have wallets that adapt and support multiple chains and transfers of assets between chains Fraudulent transfers ◦ Reorganisation of arbitrary depth in principle possible, which could allow attacker to completely transfer coins between sidechains before causing a reorganisation longer than the contest period on the sending chain to undo its half of the transfer. ◦ Reaction design ◦ No reaction: the sidechain is a “fractional reserve” of the assets it is storing from other chains ◦ The peg and all dependent transactions could be reversed. ◦ The amount of all coins could be reduced, while leaving the exchange rate intact.
  • 10. Drawbacks of sidechain Risk of centralisation of mining ◦ Sidechain with mining fee may place resource pressure on miners, creating bitcoin centralisation risks Risk of soft-fork
  • 11. Applications Altchain experiments ◦ Technical experiment ◦ Fixing undesired transaction malleability ◦ Improved payer privacy ◦ Script extensions ◦ Many ideas for extending bitcoin in incompatible way ◦ Economic experimentation Issued assets ◦ Side chains can have their own assets and currencies
  • 12. SPV proof composed of (a) a list of blockheaders demonstrating proof-of work, and (b) a cryptographic proof that an output was created in one of the blocks in the list. This allows verifiers to check that some amount of work has been committed to the existence of an output. Such a proof may be invalidated by another proof demonstrating the existence of a chain with more work which does not include the block which created the output. Using SPV proofs to determine history, implicitly trusting that the longest blockchain is also the longest correct blockchain, is done by so-called SPV clients in Bitcoin. Only a dishonest collusion with greater than 50% of the hashpower can persistently fool an SPV client (unless the client is under a long-term Sybil attack, preventing it from seeing the actual longest chain), since the honest hashpower will not contribute work to an invalid chain

Editor's Notes

  • #8: The purpose of this confirmation period is to allow for sufficient work to be created such that a denial of service attack in the next waiting period becomes more difficult.