See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/318131748

An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends

Conference Paper · June 2017

DOI: 10.1109/BigDataCongress.2017.85

CITATIONS
READS
2,031
284,969

5 authors, including:

Zibin Zheng Shaoan Xie

Sun Yat-Sen University Sun Yat-Sen University
353 PUBLICATIONS 14,416 CITATIONS 7 PUBLICATIONS 4,211 CITATIONS

Hong-Ning Dai
Lingnan University
198 PUBLICATIONS 6,943 CITATIONS

Some of the authors of this publication are also working on these related projects:

Scalability of Blockchain View project

Blockchain technologies and applications View project

All content following this page was uploaded by Hong-Ning Dai on 06 October 2017.

The user has requested enhancement of the downloaded file.

2017 IEEE 6th International Congress on Big Data

An Overview of Blockchain Technology:

Architecture, Consensus, and Future Trends
Zibin Zheng1, Shaoan Xie1, Hongning Dai2, Xiangping Chen4, and Huaimin Wang3
1
School of Data and Computer Science, Sun Yat-sen University Guangzhou, China
2
Faculty of Information Technology, Macau University of Science and Technology, Macau, SAR
3
National Laboratory for Parallel & Distributed Processing
National University of Defense Technology, Changsha 410073 China
4
Institute of Advanced Technology,National Engineering Research Center of Digital Life
Sun Yat-sen University, Guangzhou, China
Email: [email protected]

Abstract—Blockchain, the foundation of Bitcoin, has received

extensive attentions recently. Blockchain serves as an immutable Things (IoT) [7], reputation systems [8] and security services
ledger which allows transactions take place in a decentralized [9]. Those fields favor blockchain in multiple ways. First of
manner. Blockchain-based applications are springing up, cov- all, blockchain is immutable. Transaction cannot be tampered
ering numerous fields including financial services, reputation once it is packed into the blockchain. Businesses that require
system and Internet of Things (IoT), and so on. However,
high reliability and honesty can use blockchain to attract
there are still many challenges of blockchain technology such
as scalability and security problems waiting to be overcome. customers. Besides, blockchain is distributed and can avoid
This paper presents a comprehensive overview on blockchain the single point of failure situation. As for smart contracts, the
technology. We provide an overview of blockchain architechture contract could be executed by miners automatically once the
firstly and compare some typical consensus algorithms used contract has been deployed on the blockchain.
in different blockchains. Furthermore, technical challenges and
Although the blockchain technology has great potential for
recent advances are briefly listed. We also lay out possible future
trends for blockchain. the construction of the future Internet systems, it is facing a
Index Terms—Blockchain, decentralization, consensus, scala- number of technical challenges. Firstly, scalability is a huge
bility concern. Bitcoin block size is limited to 1 MB now while
a block is mined about every ten minutes. Subsequently, the
I. INTRODUCTION Bitcoin network is restricted to a rate of 7 transactions per
second, which is incapable of dealing with high frequency
Nowadays cryptocurrency has become a buzzword in both
trading. However, larger blocks means larger storage space
industry and academia. As one of the most successful cryp-
and slower propagation in the network. This will lead to
tocurrency, Bitcoin has enjoyed a huge success with its capital
centralization gradually as less users would like to maintain
market reaching 10 billion dollars in 2016 [1]. With a spe-
such a large blockchain. Therefore the tradeoff between block
cially designed data storage structure, transactions in Bitcoin
size and security has been a tough challenge. Secondly, it has
network could happen without any third party and the core
been proved that miners could achieve larger revenue than
technology to build Bitcoin is blockchain, which was first
their fair share through selfish mining strategy [10]. Miners
proposed in 2008 and implemented in 2009 [2]. Blockchain
hide their mined blocks for more revenue in the future. In
could be regarded as a public ledger and all committed
that way, branches could take place frequently, which hinders
transactions are stored in a list of blocks. This chain grows
blockchain development. Hence some solutions need to be put
as new blocks are appended to it continuously. Asymmetric
forward to fix this problem. Moreover, it has been shown that
cryptography and distributed consensus algorithms have been
privacy leakage could also happen in blockchain even users
implemented for user security and ledger consistency. The
only make transactions with their public key and private key
blockchain technology generally has key characteristics of
[11]. Furthermore, current consensus algorithms like proof of
decentralization, persistency, anonymity and auditability.
work or proof of stake are facing some serious problems. For
With these traits, blockchain can greatly save the cost and
example, proof of work wastes too much electricity energy
improve the efficiency.
while the phenomenon that the rich get richer could appear in
Since it allows payment to be finished without any bank or
the proof of stake consensus process.
any intermediary, blockchain can be used in various financial
There is a lot of literature on blockchain from various
services such as digital assets, remittance and online payment
sources, such as blogs, wikis, forum posts, codes, confer-
[3], [4]. Additionally, it can also be applied into other fields
ence proceedings and journal articles. Tschorsch et al. [12]
including smart contracts [5], public services [6], Internet of
made a technical survey about decentralized digital currencies

978-1-5386-1996-4/17 $31.00 © 2017 IEEE

DOI 10.1109/BigDataCongress.2017.85
557
including Bitcoin. Compared to [12], our paper focuses on (ii) Merkle tree root hash: the hash value of all the transac-
blockchain technology instead of digital currencies. Nomura tions in the block.
Research Institut made a technical report about blockchain (iii) Timestamp: current time as seconds in universal time
[13]. Contrast to [13], our paper focuses on state-of-art since January 1, 1970.
blockchain researches including recent advances and future (iv) nBits: target threshold of a valid block hash.
trends. (v) Nonce: an 4-byte field, which usually starts with 0
The rest of this paper is organized as follows. Section II and increases for every hash calculation (will be explained
introduces blockchain architecture. Section III shows typical in details in Section III).
consensus algorithms used in blockchain. Section IV summa- (vi) Parent block hash: a 256-bit hash value that points to
rizes the technical challenges and the recent advances in this the previous block.
area. Section V discusses some possible future directions and The block body is composed of a transaction counter and
section VI concludes the paper. transactions. The maximum number of transactions that a
block can contain depends on the block size and the size of
II. BLOCKCHAIN ARCHITECTURE
each transaction. Blockchain uses an asymmetric
cryptography mechanism to validate the authentication of
transactions [13]. Digital signature based on asymmetric
Block Header
Parent Block Hash
a
Block Header
Parent Block Hash
a
Block Header
Parent Block Hash
a
cryptography is used in an untrustworthy environment. We next
briefly illustrate digital signature.
Transaction Counter Transaction Counter Transaction Counter

TXTXTX TXTXTX TXTXTX

B. Digital Signature
Each user owns a pair of private key and public key.
Block i-1 Block i Block i+1 The private key that shall be kept in confidentiality is used
to sign the transactions. The digital signed transactions are
Fig. 1: An example of blockchain which consists of a contin- broadcasted throughout the whole network. The typical digital
uous sequence of blocks. signature is involved with two phases: signing phase and
verification phase. For instance, an user Alice wants to send
another user Bob a message. (1) In the signing phase, Alice
encrypts her data with her private key and sends Bob the
Block Header encrypted result and original data. (2) In the verification
Merkle Tree Root Hash
TimeParent
phase, Bob validates the value with Alice’s public key. In that
Block Version e
stampnBitsNonceBlock
Hash
way, Bob could easily check if the data has been tampered or
not. The typical digital signature algorithm used in
blockchains is the elliptic curve digital signature algorithm
(ECDSA) [16].
Transaction Counter C. Key Characteristics of Blockchain
TXTXTXTXTXTX
In summary, blockchain has following key characteristics.
• Decentralization. In conventional centralized transaction

Fig. 2: Block structure systems, each transaction needs to be validated through

the central trusted agency (e.g., the central bank), in-
evitably resulting to the cost and the performance bottle-
Blockchain is a sequence of blocks, which holds a complete
necks at the central servers. Contrast to the centralized
list of transaction records like conventional public ledger
mode, third party is no longer needed in blockchain.
[14]. Figure 1 illustrates an example of a blockchain. With
Consensus algorithms in blockchain are used to maintain
a previous block hash contained in the block header, a block
data consistency in distributed network.
has only one parent block. It is worth noting that uncle blocks
• Persistency. Transactions can be validated quickly and
(children of the block’s ancestors) hashes would also be
invalid transactions would not be admitted by honest
stored in ethereum blockchain [15]. The first block of a
miners. It is nearly impossible to delete or rollback
blockchain is called genesis block which has no parent block.
transactions once they are included in the blockchain.
We then explain the internals of blockchain in details.
Blocks that contain invalid transactions could be discov-
A. Block ered immediately.
• Anonymity. Each user can interact with the blockchain
A block consists of the block header and the block body as with a generated address, which does not reveal the
shown in Figure 2. In particular, the block header includes: real identity of the user. Note that blockchain cannot
(i) Block version: indicates which set of block validation guarantee the perfect privacy preservation due to the
rules to follow. intrinsic constraint (details will be discussed in section
IV).

5
 TABLE I: Comparisons among public blockchain, consortium blockchain and private blockchain
Property Public blockchain
Consensus determination All miners
Read permission Public
Immutability Nearly impossible to tamper
Efficiency Low
Centralized No
Consensus process Permissionless
• Auditability. Bitcoin blockchain stores data about user
balances based on the Unspent Transaction Output
(UTX- O) model [2]: Any transaction has to refer to
some previ- ous unspent transactions. Once the current
transaction is recorded into the blockchain, the state of
those referred unspent transactions switch from unspent
to spent. So transactions could be easily verified and
tracked.
D. Taxonomy of blockchain systems
Current blockchain systems are categorized roughly into
three types: public blockchain, private blockchain and con-
sortium blockchain [17]. In public blockchain, all records are
visible to the public and everyone could take part in the con-
sensus process. Differently, only a group of pre-selected
nodes would participate in the consensus process of a
consortium blockchain. As for private blockchain, only those
nodes that come from one specific organization would be
allowed to join the consensus process.
A private blockchain is regarded as a centralized network
since it is fully controlled by one organization. The
consortium blockchain constructed by several organizations is
partially decentralized since only a small portion of nodes
would be selected to determine the consensus. The
comparison among the three types of blockchains is listed in
Table I.
• Consensus determination. In public blockchain, each n-
ode could take part in the consensus process. And only
a selected set of nodes are responsible for validating the
block in consortium blockchain. As for private chain, it
is fully controlled by one organization and the
organization could determine the final consensus.
• Read permission. Transactions in a public blockchain are
visible to the public while it depends when it comes to a
private blockchain or a consortium blockchain.
• Immutability. Since records are stored on a large number
of participants, it is nearly impossible to tamper trans-
actions in a public blockchain. Differently, transactions
in a private blockchain or a consortium blockchain could
be tampered easily as there are only limited number of
participants.
• Efficiency. It takes plenty of time to propagate transac-
tions and blocks as there are a large number of nodes
on public blockchain network. As a result, transaction
throughput is limited and the latency is high. With fewer
Consortium blockchain Private blockchain
Selected set of nodes One organization
Could be public or restricted Could be public or restricted
Could be tampered Could be tampered
High High
Partial Yes
Permissioned Permissioned
validators, consortium blockchain and private blockchain
could be more efficient.
• Centralized. The main difference among the three types
of blockchains is that public blockchain is decentralized,
consortium blockchain is partially centralized and private
blockchain is fully centralized as it is controlled by a
single group.
• Consensus process. Everyone in the world could join
the consensus process of the public blockchain. Different
from public blockchain, both consortium blockchain and
private blockchain are permissioned.
Since public blockchain is open to the world, it can at-
tract many users and communities are active. Many public
blockchains emerge day by day. As for consortium
blockchain, it could be applied into many business
applications. Cur- rently Hyperledger [18] is developing
business consortium blockchain frameworks. Ethereum also
has provided tools for building consortium blockchains [19].
III. CONSENSUS ALGORITHMS
In blockchain, how to reach consensus among the untrust-
worthy nodes is a transformation of the Byzantine Generals
(BG) Problem, which was raised in [20]. In BG problem,
a group of generals who command a portion of Byzantine
army circle the city. Some generals prefer to attack while
other generals prefer to retreat. However, the attack would
fail if only part of the generals attack the city. Thus, they
have to reach an agreement to attack or retreat. How to reach
a consensus in distributed environment is a challenge. It is
also a challenge for blockchain as the blockchain network
is distributed. In blockchain, there is no central node that
ensures ledgers on distributed nodes are all the same. Some
protocols are needed to ensure ledgers in different nodes are
consistent. We next present several common approaches to
reach a consensus in blockchain.
A. Approaches to consensus
PoW (Proof of work) is a consensus strategy used in the
Bitcoin network [2]. In a decentralized network, someone has
to be selected to record the transactions. The easiest way is
random selection. However, random selection is vulnerable to
attacks. So if a node wants to publish a block of transactions,
a lot of work has to be done to prove that the node is not
likely to attack the network. Generally the work means
computer
5
 TABLE II: Typical Consensus Algorithms Comparison
Property PoW
Node identity management open
Energy saving no
Tolerated power < 25%
of adversary computing
power
Example Bitcoin [2]
U4
Shorter Branch
B1 B2
B3
B4 B5
Longer Branch
Fig. 3: An scenario of blockchain branches (the longer branch
would be admitted as the main chain while the shorter one
would be deserted)
calculations. In PoW, each node of the network is calculating
a hash value of the block header. The block header contains
a nonce and miners would change the nonce frequently to
get different hash values. The consensus requires that the
calculated value must be equal to or smaller than a certain
given value. When one node reaches the target value, it would
broadcast the block to other nodes and all other nodes must
mutually confirm the correctness of the hash value. If the
block is validated, other miners would append this new
block to their own blockchains. Nodes that calculate the hash
values are called miners and the PoW procedure is called
mining in Bitcoin.
In the decentralized network, valid blocks might be gen-
erated simultaneously when multiple nodes find the suitable
nonce nearly at the same time. As a result, branches may be
generated as shown in Figure 3. However, it is unlikely that
two competing forks will generate next block simultaneously.
In PoW protocol, a chain that becomes longer thereafter is
judged as the authentic one. Consider two forks created by
simultaneously validated blocks U4 and B4. Miners keep
mining their blocks until a longer branch is found. B4,B5
forms a longer chain, so the miners on U4 would switch to
the longer branch.
Miners have to do a lot of computer calculations in PoW,
yet these works waste too much resources. To mitigate the
loss, some PoW protocols in which works could have some
side-applications have been designed. For example, Primecoin
[25] searches for special prime number chains which can be
PoS PBFT DPOS Ripple Tendermint
open permissioned open open permissioned
partial yes partial yes yes
< 51% < 33.3% < 51% < 20% < 33.3%
stake faulty replicas validators faulty nodes in byzantine voting
UNL power
Peercoin [21] Hyperledger Bitshares [22] Ripple [23] Tendermint [24]
Fabric [18]
used for mathematical research.
PoS (Proof of stake) is an energy-saving alternative to
PoW. Miners in PoS have to prove the ownership of the
amount of currency. It is believed that people with more
currencies would be less likely to attack the network. The
selection based on account balance is quite unfair because the
single richest person is bound to be dominant in the network.
As a result, many solutions are proposed with the combination
of the stake size to decide which one to forge the next
block. In particular, Blackcoin [26] uses randomization to
predict the next generator. It uses a formula that looks for
the lowest hash value in combination with the size of the
stake. Peercoin
[21] favors coin age based selection. In Peercoin, older and
larger sets of coins have a greater probability of mining the
next block. Compared to PoW, PoS saves more energy and
is more effective. Unfortunately, as the mining cost is nearly
zero, attacks might come as a consequence. Many blockchains
adopt PoW at the beginning and transform to PoS gradually.
For instance, ethereum is planing to move from Ethash (a kind
of PoW) [27] to Casper (a kind of PoS) [28].
PBFT (Practical byzantine fault tolerance) is a replication
algorithm to tolerate byzantine faults [29]. Hyperledger Fabric
[18] utilizes the PBFT as its consensus algorithm since PBFT
could handle up to 1/3 malicious byzantine replicas. A new
block is determined in a round. In each round, a primary
would be selected according to some rules. And it is
responsible for ordering the transaction. The whole process
could be divided into three phase: pre-prepared, prepared
and commit. In each phase, a node would enter next phase if
it has received votes from over 2/3 of all nodes. So PBFT
requires that every node is known to the network. Like
PBFT, Stellar Consensus Protocol (SCP) [30] is also a
Byzantine agreement protocol. In PBFT, each node has to
query other nodes while SCP gives participants the right to
choose which set of other participants to believe. Based on
PBFT, Antshares [31] has implemented their dBFT
(delegated byzantine fault tolerance). In dBFT, some
professional nodes are voted to record the transactions.
DPOS (Delegated proof of stake). The major difference
between PoS and DPOS is that PoS is direct democratic while
DPOS is representative democratic. Stakeholders elect their
delegates to generate and validate blocks. With significantly
fewer nodes to validate the block, the block could be
confirmed quickly, leading to the quick confirmation of
transactions. Meanwhile, the parameters of the network such
as block size and block intervals could be tuned by delegates.
Additionally,
5
users need not to worry about the dishonest delegates as they
could be voted out easily. DPOS is the backbone of Bitshares
[22].
Ripple [23] is a consensus algorithm that utilizes
collectively-trusted subnetworks within the larger network. In
the network, nodes are divided into two types: server for
participating consensus process and client for only
transferring funds. Each server has an Unique Node List
(UNL). UNL is important to the server. When determining
whether to put a transaction into the ledger, the server would
query the nodes in UNL and if the received agreements have
reached 80%, the transaction would be packed into the ledger.
For a node, the ledger will remain correct as long as the
percentage of faulty nodes in UNL is less than 20%.
Tendermint [24] is a byzantine consensus algorithm. A
new block is determined in a round. A proposer would be
selected to broadcast an unconfirmed block in this round. It
could be divided into three steps: 1) Prevote step. Validators
choose whether to broadcast a prevote for the proposed block.
2) Precommit step. If the node has received more than 2/3 of
prevotes on the proposed block, it broadcasts a precommit for
that block. If the node has received over 2/3 of precommits,
it enters the commit step. 3) Commit step. The node validates
the block and broadcasts a commit for that block. if the
node has received 2/3 of the commits, it accepts the block.
Contrast to PBFT, nodes have to lock their coins to become
validators. Once a validator is found to be dishonest, it would
be punished.
B. Consensus algorithms comparison
Different consensus algorithms have different advantages
and disadvantages. Table II gives a comparison between d-
ifferent consensus algorithms and we use the properties given
by [32].
• Node identity management. PBFT needs to know the
identity of each miner in order to select a primary in
every round while Tendermint needs to know the
validators in order to select a proposer in each round. For
PoW, PoS, DPOS and Ripple, nodes could join the
network freely.
• Energy saving. In PoW, miners hash the block header
continuously to reach the target value. As a result, the
amount of electricity required to process has reach an
immense scale. As for PoS and DPOS, miners still have
to hash the block header to search the target value but
the work has been largely reduced as the search space
is designed to be limited. As for PBFT, Ripple and
Tendermint, there is no mining in consensus process. So
it saves energy greatly.
• Tolerated power of adversary. Generally 51% of hash
power is regarded as the threshold for one to gain control
of the network. But selfish mining strategy [10] in PoW
systems could help miners to gain more revenue by only
25% of the hashing power. PBFT and Tendermint is
designed to handle up to 1/3 faulty nodes. Ripple is
proved to maintain correctness if the faulty nodes in an
UNL is less than 20%.
5
• Example. Bitcoin is based on PoW while Peercoin is
a new peer-to-peer PoS cryptocurrency. Further, Hyper-
ledger Fabric utilizes PBFT to reach consensus.
Bitshares, a smart contract platform, adopts DPOS as
their con- sensus algorithm. Ripple implements the
Ripple protocol while Tendermint devises the
Tendermint protocol.
PBFT and Tendermint are permissioned protocols. Node
identities are expected to be known to the whole network,
so they might be used in commercial mode rather than public.
PoW and PoS are suitable for public blockchain. Consortium
or private blockchain might has preference for PBFT, Tender-
mint, DPOS and Ripple.
C. Advances on consensus algorithms
A good consensus algorithm means efficiency, safty and
convenience. Recently, a number of endeavors have been
made to improve consensus algorithms in blockchain. New
con- sensus algorithms are devised aiming to solve some
specific problems of blockchain. The main idea of PeerCensus
[33] is to decouple block creation and transaction
confirmation so that the consensus speed can be significantly
increased. Besides, Kraft [34] proposed a new consensus
method to ensure that a block is generated in a relatively
stable speed. It is known that high blocks generation rate
compromise Bitcoin’s security. So the Greedy Heaviest-
Observed Sub-Tree (GHOST) chain selection rule [35] is
proposed to solve this problem. Instead of the longest branch
scheme, GHOST weights the branches and miners could
choose the better one to follow. Chepurnoy et al. [36]
presented a new consensus algorithm for peer-to- peer
blockchain systems where anyone who provides non-
interactive proofs of retrievability for the past state snapshots
is agreed to generate the block. In such a protocol, miners
only have to store old block headers instead of full blocks.
IV. CHALLENGES & RECENT ADVANCES
Despite the great potential of blockchain, it faces numerous
challenges, which limit the wide usage of blockchain. We
enumerate some major challenges and recent advances as
follows.
A. Scalability
With the amount of transactions increasing day by day,
the blockchain becomes bulky. Each node has to store all
transactions to validate them on the blockchain because they
have to check if the source of the current transaction is
unspent or not. Besides, due to the original restriction of block
size and the time interval used to generate a new block, the
Bitcoin blockchain can only process nearly 7 transactions per
second, which cannot fulfill the requirement of processing
millions of transactions in real-time fashion. Meanwhile, as
the capacity of blocks is very small, many small transactions
might be delayed since miners prefer those transactions with
high transaction fee.
There are a number of efforts proposed to address the
scalability problem of blockchain, which could be categorized
into two types:
 • Storage optimization of blockchain. Since it is harder for
node to operate full copy of ledger, Bruce proposed a
novel cryptocurrency scheme, in which the old
transaction records are removed (or forgotten) by the
network [37]. A database named account tree is used to
hold the balance of all non-empty addresses. Besides
lightweight client could also help fix this problem. A
novel schem named VerSum [38] was proposed to
provide another way allowing lightweight clients to exist.
VerSum allows lightweight clients to outsource
expensive computations over large inputs. It ensures the
computation result is correct through comparing results
from multiple servers.
• Redesigning blockchain. In [39], Bitcoin-NG (Next Gen-
eration) was proposed. The main idea of Bitcoin-NG is
to decouple conventional block into two parts: key block
for leader election and microblock to store transactions.
The protocol divides time into epoches. In each epoch,
miners have to hash to generate a key block. Once the
key block is generated, the node becomes the leader who
is responsible for generating microblocks. Bitcoin-NG
also extended the heaviest (longest) chain strategy in
which microblocks carry no weight. In this way,
blockchain is redesigned and the tradeoff between block
size and network security has been addressed.
B. Privacy Leakage
Blockchain can preserve a certain amount of privacy
through the public key and private key. Users transact with
their private key and public key without any real identity
exposure. However, it is shown in [40], [5] that blockchain
cannot guarantee the transactional privacy since the values of
all transactions and balances for each public key are publicly
visible. Besides, the recent study [41] has shown that a user’s
Bitcoin transactions can be linked to reveal user’s
information. Moreover, Biryukov et al. [11] presented an
method to link user pseudonyms to IP addresses even when
users are behind Network Address Translation (NAT) or
firewalls. In [11], each client can be uniquely identified by a
set of nodes it connects to. However, this set can be
learned and used to find the origin of a transaction.
Multiple methods have been proposed to improve anonymity
of blockchain, which could be roughly categorized into two
types:
• Mixing [42]. In blockchain, users addresses are
pseudony- mous. But it is still possible to link addresses
to user real identity as many users make transactions
with the same address frequently. Mixing service is a
kind of service which provides anonymity by transferring
funds from multiple input addresses to multiple output
addresses. For example, user Alice with address A wants
to send some funds to Bob with address B. If Alice
directly makes a transaction with input address A and
output address B, relationship between Alice and Bob
might be revealed. So Alice could send funds to a trusted
intermediary Carol. Then Carol transfer funds to Bob
with multiple inputs c1, c2, c3, etc., and multiple output
d1, d2, B, d3, etc. Bob’s address B is also contained in
the output addresses. So it
5
becomes harder to reveal relationship between Alice and
Bob. However, the intermediary could be dishonest and
reveal Alice and Bob’s private information on purpose.
It is also possible that Carol transfers Alice’s funds to
her own address instead of Bob’s address. Mixcoin [43]
provides a simple method to avoid dishonest behaviours.
The intermediary encrypts users’ requirements including
funds amount and transfer date with its private key. Then
if the intermediary did not transfer the money, anybody
could verify that the intermediary cheated. However,
theft is detected but still not prevented. Coinjoin [44]
depends on a central mixing server to shuffle output
addresses to prevent theft. And inspired by Coinjoin,
CoinShuffle [45] uses decryption mixnets for address
shuffling.
• Anonymous. In Zerocoin [46], zero-knowledge proof
is used. Miners do not have to validate a transaction
with digital signature but to validate coins belong to
a list of valid coins. Payment’s origin are unlinked
from transactions to prevent transaction graph analyses.
But it still reveals payments’ destination and amounts.
Zerocash [47] was proposed to address this problem.
In Zerocash, zero-knowledge Succinct Non-interactive
Arguments of Knowledge (zk-SNARKs) is leveraged.
Transaction amounts and the values of coins held by
users are hidden.
C. Selfish Mining
Blockchain is susceptible to attacks of colluding selfish
miners. In particular, Eyal and Sirer [10] showed that the
network is vulnerable even if only a small portion of the
hashing power is used to cheat. In selfish mining strategy,
selfish miners keep their mined blocks without broadcasting
and the private branch would be revealed to the public only
if some requirements are satisfied. As the private branch is
longer than the current public chain, it would be admitted
by all miners. Before the private blockchain publishment,
honest miners are wasting their resources on an useless branch
while selfish miners are mining their private chain without
competitors. So selfish miners tend to get more revenue.
Based on selfish mining, many other attacks have been
proposed to show that blockchain is not so secure. In stubborn
mining [48], miners could amplify its gain by non-trivially
composing mining attacks with network-level eclipse attacks.
The trail-stubbornness is one of the stubborn strategy that
miners still mine the blocks even if the private chain is left
behind. Yet in some cases, it can result in 13% gains in
comparison with a non-trail-stubborn counterpart. [49] shows
that there are selfish mining strategies that earn more money
and are profitable for smaller miners compared to simple
selfish mining. But the gains are relatively small.
Furthermore, it shows that attackers with less than 25% of the
computational resources can still gain from selfish mining. To
help fix the selfish mining problem, Heilman [50] presented
an novel approach for honest miners to choose which branch
to follow. With random beacons and timestamps, honest
miners would select more fresh blocks. However, [50] is
vulnerable to
forgeable timestamps. ZeroBlock [51] builds on the simple
scheme: Each block must be generated and accepted by the
network within a maximum time interval. Within ZeroBlock,
selfish miners cannot achieve more than its expected reward.
V. POSSIBLE FUTURE DIRECTIONS
Blockchain has shown its potential in industry and
academi-
a. We discuss possible future directions with respect to four
areas: blockchain testing, stop the tendency to centralization,
big data analytics and blockchain application.
A. Blockchain testing
Recently different kinds of blockchains appear and over
700 cryptocurrencies are listed in [52] up to now. However,
some developers might falsify their blockchain performance
to attract investors driven by the huge profit. Besides that,
when users want to combine blockchain into business, they
have to know which blockchain fits their requirements. So
blockchain testing mechanism needs to be in place to test
different blockchains.
Blockchain testing could be separated into two phases:
standardization phase and testing phase. In standardization
phase, all criteria have to be made and agreed. When a
blockchain is born, it could be tested with the agreed criteria
to valid if the blockchain works fine as developers claim. As
for testing phase, blockchain testing needs to be performed
with different criteria. For example, an user who is in charge
of online retail business cares about the throughput of the
blockchain, so the examination needs to test the average time
from a user send a transaction to the transaction is packed into
the blockchain, capacity for a blockchain block and etc.
B. Stop the tendency to centralization
Blockchain is designed as a decentralized system.
However, there is a trend that miners are centralized in the
mining pool. Up to now, the top 5 mining pools together owns
larger than 51% of the total hash power in the Bitcoin network
[53]. Apart from that, selfish mining strategy [10] showed that
pools with over 25% of total computing power could get more
revenue than fair share. Rational miners would be attracted
into the selfish pool and finally the pool could easily exceed
51% of the total power. As the blockchain is not intended to
serve a few organizations, some methods should be proposed
to solve this problem.
C. Big data analytics
Blockchain could be well combined with big data. Here
we roughly categorized the combination into two types: data
management and data analytics. As for data management,
blockchain could be used to store important data as it is
distributed and secure. Blockchain could also ensure the data
is original. For example, if blockchain is used to store patients
health information, the information could not be tampered and
it is hard to stole those private information. When it comes to
data analytics, transactions on blockchain could be used for
big data analytics. For example, user trading patterns might
5
be extracted. Users can predict their potential partners’ trading
behaviours with the analysis.
D. Blockchain applications
Currently most blockchains are used in the financial
domain, more and more applications for different fields are
appearing. Traditional industries could take blockchain into
considera- tion and apply blockchain into their fields to
enhance their systems. For example, user reputations could be
stored on blockchain. At the same time, the up-and-
coming industry could make use of blockchain to improve
performance. For example, Arcade City [51], a ridesharing
startup offers an open marketplace where riders connect
directly with drivers by leveraging blockchain technology.
A smart contract is a computerized transaction protocol that
executes the terms of a contract [54]. It has been proposed
for long time and now this concept can be implemented with
blockchain. In blockchain, smart contract is a code fragment
that could be executed by miners automatically. Smart
contract has transformative potential in various fields like
financial services and IoT.
VI. CONCLUSION
Blockchain has shown its potential for transforming tradi-
tional industry with its key characteristics: decentralization,
persistency, anonymity and auditability. In this paper, we
present a comprehensive overview on blockchain. We first
give an overview of blockchain technologies including
blockchain architecture and key characteristics of blockchain.
We then dis- cuss the typical consensus algorithms used in
blockchain. We analyzed and compared these protocols in
different respects. Furthermore, we listed some challenges and
problems that would hinder blockchain development and
summarized some existing approaches for solving these
problems. Some possible future directions are also proposed.
Nowadays blockchain- based applications are springing up
and we plan to conduct in-depth investigations on blockchain-
based applications in the future.
ACKNOWLEDGEMENT
The work described in this paper was supported by the
National Key Research and Development Program (2016YF-
B1000101), the National Natural Science Foundation of
China under (61472338), the Fundamental Research Funds
for the Central Universities and Macao Science and
Technology De- velopment Fund under Grant No.
096/2013/A3. The authors would like to thank Gordon K.-T.
Hon for his constructive comments.
REFERENCES
[1] “State of blockchain q1 2016: Blockchain funding overtakes
bitcoin,” 2016. [Online]. Available: http://www.coindesk.com/ state-of-
blockchain-q1-2016/
[2] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008.
[Online]. Available: https://bitcoin.org/bitcoin.pdf
[3] G. W. Peters, E. Panayi, and A. Chapelle, “Trends in crypto-currencies
and blockchain technologies: A monetary theory and regulation
perspective,” 2015. [Online]. Available: http://dx.doi.org/10.2139/ssrn.
2646618
 [4] G. Foroglou and A.-L. Tsilidou, “Further applications of the
blockchain,” 2015.
[5] A. Kosba, A. Miller, E. Shi, Z. Wen, and C. Papamanthou, “Hawk:
The blockchain model of cryptography and privacy-preserving smart
contracts,” in Proceedings of IEEE Symposium on Security and Privacy
(SP), San Jose, CA, USA, 2016, pp. 839–858.
[6] B. W. Akins, J. L. Chapman, and J. M. Gordon, “A whole new world:
Income tax considerations of the bitcoin economy,” 2013. [Online].
Available: https://ssrn.com/abstract=2394738
[7] Y. Zhang and J. Wen, “An iot electric business model based on the
protocol of bitcoin,” in Proceedings of 18th International Conference on
Intelligence in Next Generation Networks (ICIN), Paris, France, 2015,
pp. 184–191.
[8] M. Sharples and J. Domingue, “The blockchain and kudos: A distributed
system for educational record, reputation and reward,” in Proceedings of
11th European Conference on Technology Enhanced Learning (EC-TEL
2015), Lyon, France, 2015, pp. 490–496.
[9] C. Noyes, “Bitav: Fast anti-malware by distributed blockchain
consensus and feedforward scanning,” arXiv preprint
arXiv:1601.01405, 2016.
[10] I. Eyal and E. G. Sirer, “Majority is not enough: Bitcoin mining is
vulnerable,” in Proceedings of International Conference on Financial
Cryptography and Data Security, Berlin, Heidelberg, 2014, pp. 436–
454.
[11] A. Biryukov, D. Khovratovich, and I. Pustogarov, “Deanonymisation
of clients in bitcoin p2p network,” in Proceedings of the 2014 ACM
SIGSAC Conference on Computer and Communications Security, New
York, NY, USA, 2014, pp. 15–29.
[12] F. Tschorsch and B. Scheuermann, “Bitcoin and beyond: A technical
survey on decentralized digital currencies,” IEEE Communications Sur-
veys Tutorials, vol. 18, no. 3, pp. 2084–2123, 2016.
[13] NRI, “Survey on blockchain technologies and related services,” Tech.
Rep., 2015. [Online]. Available: http://www.meti.go.jp/english/press/
2016/pdf/0531 01f.pdf
[14] D. Lee Kuo Chuen, Ed., Handbook of Digital Currency, 1st ed.
Elsevier, 2015. [Online]. Available: http://EconPapers.repec.org/RePEc:
eee:monogr:9780128021170
[15] V. Buterin, “A next-generation smart contract and decentralized appli-
cation platform,” white paper, 2014.
[16] D. Johnson, A. Menezes, and S. Vanstone, “The elliptic curve digital
signature algorithm (ecdsa),” International Journal of Information Se-
curity, vol. 1, no. 1, pp. 36–63, 2001.
[17] V. Buterin, “On public and private blockchains,”
2015. [Online]. Available: https://blog.ethereum.org/2015/08/07/ on-
public-and-private-blockchains/
[18] “Hyperledger project,” 2015. [Online]. Available: https://www.
hyperledger.org/
[19] “Consortium chain development.” [Online]. Available: https://github.
com/ethereum/wiki/wiki/Consortium-Chain-Development
[20] L. Lamport, R. Shostak, and M. Pease, “The byzantine generals prob-
lem,” ACM Transactions on Programming Languages and Systems
(TOPLAS), vol. 4, no. 3, pp. 382–401, 1982.
[21] S. King and S. Nadal, “Ppcoin: Peer-to-peer crypto-currency with proof-
of-stake,” Self-Published Paper, August, vol. 19, 2012.
[22] “Bitshares - your share in the decentralized exchange.” [Online].
Available: https://bitshares.org/
[23] D. Schwartz, N. Youngs, and A. Britto, “The ripple protocol consensus
algorithm,” Ripple Labs Inc White Paper, vol. 5, 2014.
[24] J. Kwon, “Tendermint: Consensus without mining,” URL
http://tendermint. com/docs/tendermint v04. pdf, 2014.
{ strategies in bitcoin,” arXiv preprint arXiv:1507.06183, 2015.
[25] S. King, “Primecoin: Cryptocurrency with prime number proof-of-
work,” July 7th, 2013.
[26] P. Vasin, “Blackcoins proof-of-stake protocol v2,” 2014. [Online].
Avail- able: https://blackcoin.co/blackcoin-pos-protocol-v2-
whitepaper.pdf
[27] G. Wood, “Ethereum: A secure decentralised generalised transaction
ledger,” Ethereum Project Yellow Paper, 2014.
[28] V. Zamfir, “Introducing casper the friendly ghost,” Ethereum
Blog URL: https://blog. ethereum. org/2015/08/01/introducing-casper-
friendly-ghost, 2015.
[29] C. Miguel and L. Barbara, “Practical byzantine fault tolerance,” in
Proceedings of the Third Symposium on Operating Systems Design and
Implementation, vol. 99, New Orleans, USA, 1999, pp. 173–186.
[30] D. Mazieres, “The stellar consensus protocol: A federated model for
internet-level consensus,” Stellar Development Foundation, 2015.
[31] “Antshares digital assets for everyone,” 2016. [Online]. Available:
https://www.antshares.org
[32] M. Vukolic´, “The quest for scalable blockchain fabric: Proof-of-
work vs. bft replication,” in International Workshop on Open Problems
in Network Security, Zurich, Switzerland, 2015, pp. 112–125.
[33] C. Decker, J. Seidel, and R. Wattenhofer, “Bitcoin meets strong con-
sistency,” in Proceedings of the 17th International Conference on Dis-
tributed Computing and Networking (ICDCN). Singapore, Singapore:
ACM, 2016, p. 13.
[34] D. Kraft, “Difficulty control for blockchain-based consensus systems,”
Peer-to-Peer Networking and Applications, vol. 9, no. 2, pp. 397–413,
2016.
[35] Y. Sompolinsky and A. Zohar, “Accelerating bitcoin’s transaction pro-
cessing. fast money grows on trees, not chains.” IACR Cryptology ePrint
Archive, vol. 2013, no. 881, 2013.
[36] A. Chepurnoy, M. Larangeira, and A. Ojiganov, “A prunable blockchain
consensus protocol based on non-interactive proofs of past states retriev-
ability,” arXiv preprint arXiv:1603.07926, 2016.
[37] J. Bruce, “The mini-blockchain scheme,” July 2014. [Online]. Available:
http://cryptonite.info/files/mbc-scheme-rev3.pdf
[38] J. van den Hooff, M. F. Kaashoek, and N. Zeldovich, “Versum:
Verifiable computations over large public logs,” in Proceedings of the
2014 ACM SIGSAC Conference on Computer and Communications
Security, New York, NY, USA, 2014, pp. 1304–1316.
[39] I. Eyal, A. E. Gencer, E. G. Sirer, and R. Van Renesse, “Bitcoin-
ng: A scalable blockchain protocol,” in Proceedings of 13th USENIX
Symposium on Networked Systems Design and Implementation (NSDI
16), Santa Clara, CA, USA, 2016, pp. 45–59.
[40] S. Meiklejohn, M. Pomarole, G. Jordan, K. Levchenko, D. McCoy, G.
M. Voelker, and S. Savage, “A fistful of bitcoins: Characterizing
payments among men with no names,” in Proceedings of the 2013
Conference on Internet Measurement Conference (IMC’13), New York,
NY, USA, 2013.
[41] J. Barcelo, “User privacy in the public bitcoin blockchain,” 2014.
[42] M. Mo¨ser, “Anonymity of bitcoin transactions: An analysis of
mixing services,” in Proceedings of Mu¨nster Bitcoin Conference,
Mu¨nster, Germany, 2013, pp. 17–18.
[43] J. Bonneau, A. Narayanan, A. Miller, J. Clark, J. A. Kroll, and E. W.
Felten, “Mixcoin: Anonymity for bitcoin with accountable mixes,” in
Proceedings of International Conference on Financial Cryptography
and Data Security, Berlin, Heidelberg, 2014, pp. 486–504.
[44] G. Maxwell, “Coinjoin: Bitcoin privacy for the real world,” in Post on
Bitcoin Forum, 2013.
[45] T. Ruffing, P. Moreno-Sanchez, and A. Kate, “Coinshuffle: Practical
decentralized coin mixing for bitcoin,” in Proceedings of European
Symposium on Research in Computer Security, Cham, 2014, pp. 345–
364.
[46] I. Miers, C. Garman, M. Green, and A. D. Rubin, “Zerocoin:
Anonymous distributed e-cash from bitcoin,” in Proceedings of IEEE
Symposium Security and Privacy (SP), Berkeley, CA, USA, 2013, pp.
397–411.
[47] E. B. Sasson, A. Chiesa, C. Garman, M. Green, I. Miers, E. Tromer, and
M. Virza, “Zerocash: Decentralized anonymous payments from bitcoin,”
in Proceedings of 2014 IEEE Symposium on Security and Privacy (SP),
San Jose, CA, USA, 2014, pp. 459–474.
[48] K. Nayak, S. Kumar, A. Miller, and E. Shi, “Stubborn mining:
Generaliz- ing selfish mining and combining with an eclipse attack,” in
Proceedings of 2016 IEEE European Symposium on Security and
Privacy (EuroS&P), Saarbrucken, Germany, 2016, pp. 305–320.
[49] A. Sapirshtein, Y. Sompolinsky, and A. Zohar, “Optimal selfish mining
[50] S. Billah, “One weird trick to stop selfish miners: Fresh bitcoins, a
solution for the honest miner,” 2015.
[51] S. Solat and M. Potop-Butucaru, “ZeroBlock: Timestamp-Free
Prevention of Block-Withholding Attack in Bitcoin,” Sorbonne
Universites, UPMC University of Paris 6, Technical Report, May 2016.
[Online]. Available: https://hal.archives-ouvertes.fr/hal-01310088
[52] “Crypto-currency market capitalizations,” 2017. [Online]. Available:
https://coinmarketcap.com
[53] “The biggest mining pools.” [Online]. Available: https:
//bitcoinworldwide.com/mining/pools/
[54] N. Szabo, “The idea of smart contracts,” 1997.
564
View publication stats