I Introduction
As an emerging frontier technology, blockchain has received increasing attention in recent years. The success of the blockchain concept is ultimately connected with Bitcoin [1]. Blockchain technology is not only limited in Bitcoin, but also used in many communication areas, such as Internet of things (IoT)[2, 3, 4, 5, 6, 7], edge computing[8, 9, 10, 11, 12], spectrum sharing [13, 14] and interference management[15]. The security and reliability of blockchain are mainly determined by the distributed consensus mechanisms, for example, proof of work (PoW) mining mechanism (see Section IIA for details) for Bitcoin system[16], proof of stake for Ethereum [17] and so on. In essence, blockchain is a tamperproofing and distributed database, which records transactional data without the requisition of a trusted authority or central server in the peertopeer (P2P) network.
Although blockchain has many advantages, heavy equipments and fixed access points have become shortcomings of the traditional blockchain network, which can limit its further development. To tackle this problem, mobile blockchain with largescale IoT devices [3] would be a better choice in the future. Nevertheless, IoT devices have poor privacy, security and scalability. Fortunately, the emergence of blockchain technology creates opportunities to overcome the aforementioned drawbacks. The research on mobile IoT devices deployed in the mobile blockchain network is emerging. Recently, some researches on the combination of blockchain and IoT technologies have been published [4, 5, 6, 7]. Specifically, authors in [5] had a systematic survey on IoT security and proposed that the frontier blockchain technology has enormous potentials as the solution scheme. [6] has investigated synchronization protocols with different communication costs and security levels, which synchronize mobile IoT users with the blockchain network. Blockchain technology provides a distributed architecture for coordinating IoT devices, whereas it is not feasible to store the full blockchain ledger for lowpower and memoryconstrained IoT devices. Thus authors have proposed a lightweight software scheme, where IoT devices only download useful data structures in [7].
The above researches improved the system performance to some extent. Nevertheless, mobile blockchain network is constrained by consuming too much hash computing, storage, and energy resources during the mining process on mobile IoT devices. It is unable to satisfy some characteristics of IoT devices with relatively low computing ability, low power consumption, and scattered lowbandwidth wireless connections. Instead, mobile edge computing (MEC) is a network architecture concept that implements cloud computing capabilities and an IT service environment at any network edge [18, 19, 20]. So MEC can supply these resources for mobile blockchainenabled IoT devices. Deploying MEC server in the mobile blockchain network is a feasible way to handle the low computing power dilemma [8, 9, 10, 11, 12]. In particular, the PoW mining process focuses on finding a correct nonce for solving PoW puzzle. While it is unrealistic for mobile IoT users to continuously run such a computationintensive mining task, which requires high computing ability and consumes substantial energy and time. Due to the prominent characteristics of MEC server, such as low latency, high mobility, and wide regional distribution, we consider to offload the blockchain mining tasks to MEC server.
Currently, there is substantial interest in investigating computation offloading in the mobile blockchain network with MEC server. For example, prior works in [8, 9] have formulated the interaction between MEC server and users as the twostage Stackelberg game in the mobile blockchain network. The Stackelberg equilibrium ensures that MEC server maximizes its revenue. Alternatively, it is also significant to maximize the profit of mobile users. Auction schemes in [10, 11, 12] are the feasible solutions to accomplish this goal. The work in [10] has investigated an auctionbased MEC system model to maximize the revenue of mobile users. Essentially, the auction of the edge computing service is an optimization problem, which tackle the biggest profit of users. This optimization problem is a nonlinear programming problem with linear constraints, which is NPhard. Authors in [11]
have applied the approximate fractional relaxation and local search (FRLS) method to ensure a lower bound. Whereas MEC server cannot achieve optimal auction by using traditional singleitem auctions. An optimal singleitem auction for the edge computing resource allocation was developed via a multilayer neural network architecture based on an analytical solution of the optimal auction in
[12]. Another line of research takes content cashing and different offloading modes into consideration [21, 22, 23], because PoW consensus mechanism of blockchain also requires to spend lots of storage resources in the mining process. To tackle this problem, the work in [21] has considered that computationally difficult mining task can be offload to nearby edge computing nodes and transactional content of blocks can be cached in the MEC server. This paper has proposed two offload modes, offloading to the nearby access point (AP) or a group of nearby D2D devices. In addition, the research in [22] has also considered the advanced multiaccess MEC server in the mobile blockchain network.In these previous researches, many works have investigated the resource allocation of MEC server in a mobile blockchain network with the assumption that MEC is a trusted server. However, in this case, MEC server will have an opportunity to profit from the usage of information of IoT users. It is likely that MEC server will allocate more computing resources to some selfish users so as to obtain more revenue. Generally speaking, if MEC is a trusted server, it may lead to unfair computing resource allocation for mobile users and also increase the possibility of malicious collusion between MEC server and selfish users. To the best of authors’ knowledge, few works focus on untrusted MEC servers in the mobile blockchain network. Moreover, the previous works treated the mining task as a general computing demand, which really reflect the characteristics of the blockchain mining task. In this paper, different from previous works, we consider an untrusted MEC PoW scheme and specially design a nonce ordering algorithm for the scheme. In the untrusted MEC PoW framework, user’s nonce selection strategy is formulated as a noncooperative game, where the utilities of individual user are maximized. Meanwhile, we design a blockchain’s difficulty adjustment mechanism for keeping network stable.
In this paper, we intend to obtain insights into users’ nonce selection strategies and blockchain’s difficulty adjustment mechanism in the proposed untrusted MECaided mobile blockchain network. The main contributions of this paper are listed as follows.

We propose an untrusted MEC PoW scheme and a nonce ordering algorithm to provide fairer nonce computing resource allocation for all mobile IoT users. For any mobile user, such ordering algorithm guarantees that the probability of successfully mining a new block corresponding to other users is proportional to its nonce length.

Based on Theorem 1, we formulate the user’s nonce selection strategy as a noncooperative game, in which the utilities of individual user are maximized. We analyze the Nash equilibrium (NE) existence in this game and propose an alternating optimization algorithm of users’ nonce selection. Furthermore, we drive the NE in analytical expression which only needs to know partial information of other users and analyze that cooperation is unsuitable for the blockchainenabled IoT devices in the repeated game.

We design the blockchain’s difficulty adjustment mechanism to keep block times stable during a long period of time. The mean and variance of rounds for mining
blocks are derived. Moreover, the adjustment rule of difficulty factor is to minimize the distance between the average rounds for blocks and the predefined threshold. 
Simulation results verify the effectiveness of our proposed nonce ordering algorithm under the untrusted MEC PoW scheme. Then we demonstrate that the expected optimal user’s nonce selection strategy is influenced by multiple system parameters jointly, such as the block size, the fixed reward for successfully, the transaction fee rate, etc. In addition, the design of blockchain’s difficulty adjustment mechanism achieves a good performance over a long period of time.
The rest of the paper is organized as follows. Section II introduces the PoW mining process and system model of MECaided mobile blockchain network. Section III represents our proposed untrusted MEC PoW scheme and nonce ordering algorithm. Section IV formulates user’s selection strategy problem, designs blockchain’s difficulty adjustment mechanism and affords some theoretical analysis. Simulations are presented in Section V to confirm the analytical results. At last, we conclude the main results of the work in Section VI.
Ii Preliminaries and System Model
In this section, we will introduce the background on PoW mining mechanism in the Bitcoin network and MEC system model of edge computing resource allocation for mobile blockchain network.
Iia PoW Mining Mechanism
As a matter of fact, PoW mining mechanism is to prevent lowcomputing malicious entities from publishing blocks arbitrarily. To obtain the billing power, nodes in the network have to construct a block in advance and select some unconfirmed transaction records into a new block. Then, each node solves the PoW puzzle, making the hash value of the block header smaller than the blockchain’s target value by changing nonces randomly. The input of the hash function is the block header and the output is a 256bit hash value. This process of solving PoW puzzle is called mining. Once the PoW puzzle is resolved, the newly mined block will be immediately announced to the whole blockchain network. Meanwhile, the other nodes receive this information and execute a validating process to decide whether to approve and add a newly generated block to the blockchain or not. Each extension of this block is equivalent to an additional confirmation of the transaction in the block. If getting 6 confirmations, the block is approved by the whole network and encapsulated in the historical block. The miner which successfully mines a new block will achieve a certain number of reward, including a fixed bonus and a variable transaction fee, as an incentive of mining.
The Bitcoin system will control the completion time of mining a new block in about 10 minutes. If the block time is less than 10 minutes, the Bitcoin system will automatically increase the difficulty value and the number of 0 at the beginning of the target hash value. Oppositely, if the block time is higher than 10 minutes, the number of 0 at the beginning of the target hash value is appropriately reduced to obtain a lower difficulty value. To simplify the explanation, let denote the hash function which uses a cryptographic algorithm to generate a short summary from any size of data. denotes block header information, such as version, the hash value of the previous block, Merkle root and so on. Given an adjustable hardness condition parameter , the process of PoW puzzle solution aims to search a correct nonce to be included in the block. The target hash value of block header which concatenates and nonce is smaller than a target value :
(1) 
where we have , denotes the fixed length of bits, determining the searching space of the hash function, i.e., all , and is blockchain’s difficulty value.
IiB MEC System Model
The mobile blockchain network is constrained because the mining process demands too much computing, storage, and energy resource on mobile IoT devices. Instead, MEC server can supply these resources for mobile blockchainenabled IoT devices. We only consider computing resources in this paper. Fig. 1 depicts the system model of MECaided mobile blockchain network, which includes single MEC and mobile IoT devices/users running blockchain application denoted as . Due to the computing limitation on mobile IoT devices, users want to offload the task of solving the PoW puzzle to MEC server. Besides, all mobile IoT users send requests to MEC server in a time slot.
Previous researches on the MEC server in a mobile blockchain network have the assumption that MEC is a trusted server. If MEC is a trusted server, it may lead to unfair computing resource allocation for mobile users and increase the possibility of malicious collusion between MEC server and selfish users. Consequently, we consider an untrusted MEC server in this paper and focus on designing a reasonable allocation mechanism to make computing resource allocation fairer for all users.
On the other hand, each user independently selects nonces for hash computing because the block content of each user is different. Even though each user chooses the same nonce, the corresponding hash is different (if the SHA256 hash function is used, then all ). For mobile IoT devices, the computationintensive mining demand is too high. Given the cost of renting MEC’s service and mining time, the final user’s revenue can be reduced or even negative. Thus we assume that each user only chooses some nonces to do hash computing.
With the combination of above analysis, we put forward an untrusted MEC PoW scheme and design a nonce ordering algorithm for this mobile blockchain network. The detailed process of this new scheme is described in the following Section III.
Iii Untrusted MEC PoW scheme
In this section, we focus on the untrusted MEC PoW scheme in the mobile blockchain network. We design a nonce ordering algorithm for this scheme to achieve fairer hash computation resource of MEC server for all mobile IoT users.
Iiia General Process of the Untrusted MEC PoW
Selected nonces of each user are open and transparent in the whole network so that it can reduce the cheating possibility by the untrusted MEC server. Then MEC server provides hash computing service to these nonces. Mobile IoT user
randomly selects a part of nonces as own computing demand by vector
for and the nonce number/length of is denoted as . Without loss of generality, nonces in the sequence are ordered from small to large by , where is the element of for . The MEC server, i.e., the seller, sells the computing services, and the users, i.e., the buyers, access and consume this service from the nearby MEC. All users submit their nonce sequence demand profile to MEC server. Next, we represent the general process of the untrusted MEC PoW scheme as follows.After having received users’ computation demands, the MEC server provides the hash computing service and achieves payment from all mobile IoT users. We introduce the detailed interaction process between MEC server and users in the untrusted MEC PoW scheme as follows.

Step 1: Users select nonces. Each mobile user randomly selects some nonces as its own computing demand.

Step 2: Submit tasks to MEC. All mobile users submit their mining tasks, i.e., the nonce hash computing demand profile to MEC server.

Step 3: MEC accepts the tasks. The MEC server accepts mining tasks for the users who arrive in a time slot and those users arriving after this time slot are not accepted. We assume that users submit the nonce sequences to the MEC server for hash computing in a time slot.

Step 4: Nonce ordering. Since MEC is an untrusted server, it is necessary to order nonces before providing mobile users with the computing service, so that MEC provides the computing service to users as fair and transparent as possible. The ordering algorithm adopted in this paper is introduced below (see Section IIIB ).

Step 5: MEC provides services. The MEC server provides the computing service and receives payment from users. Once a user has coped with the PoW puzzle, MEC server will stop all tasks immediately and announce the result to all mobile IoT users. Then a new round of computing resource allocation will begin.
IiiB Nonce Ordering
The following work highlights that how to order users’ nonces on the MEC server for providing users computing services fairly, that is, how to map multiple nonce sequences into a sequence. We introduce this ordering algorithm for the untrusted MEC PoW scheme as follow:
Firstly, each user’s nonces have a local order from small to large, i.e., for . The original sequences are denoted . We use another sequences, to denote the nonces selected from the corresponding original sequences to the merged sequence. Initially, the sequence is empty for . As showed in Fig. 2, the untrusted MEC server selects the top nonce in each user’s nonce sequence as the alternative set into candidate pool. We intend to design a fairer nonce ordering algorithm to select a nonce in each round. Then the remaining nonces in the previous round are taken as elements of the next round into candidate pool. We desire that nonce sequences are merged into one sequence as shown in Fig. 2. The objective of our ordering algorithm is that for any position in the merged sequence, the number of selected nonces of each original sequence is proportional to its nonce length. So the target probability of being served for user is
(2) 
and the target probability mass is . Suppose the length of sequence is and the length of sequence is . In each round of nonce ordering, a nonce of each original sequence is selected to the candidate pool as shown in Fig. 2, and then a nonce is randomly selected among these nonces to the merged sequence. The index of the round is denoted as and the lengths of sequence and sequence are and respectively. We calculate the expected winning probability of being served for user , suppose it to be and the expected winning probability mass is . In each round of nonce ordering, the top nonce of the th sequence is selected, so that there will be the distance between probability mass and , where
the expected winning experience probability distribution of user
for . In this case, the two probability distributions can be rewritten by(3) 
(4) 
We will take a look at the way of comparing two probability distributions called KullbackLeibler(KL) divergence. Next, we offer the definition of KL divergence as follows.
Definition 1. If we have two separate probability distributions and
over the same random variable
, we can measure the difference between the two distributions using the KL divergence:(5) 
We have a target probability distribution and wish to approximate it with another expect winning probability distribution , so that the probability of selecting each nonce for all users is fairer for . The KL divergence between the two probability distributions and is as follows,
(6) 
By convention, in the context of information theory, we treat these expressions as , for . We have the choice of minimizing by
(7) 
So the th user’s top nonce is selected to the merged sequence^{1}^{1}1If there are more than one nonce choices, we select one randomly in this case.. We use the similar selecting rule as (7) to select nonces to enter into the merged sequence, then multiple users’ nonce sequences can be mapped into a sequence. Eventually, combining the above analysis part, the nonce ordering algorithm for the untrusted MEC PoW scheme can be obtained, as summarized in Algorithm 1.
To analyze the performance of this untrusted MECaided mobile blockchain network system, we want to provide a mining probability for each user corresponding to other users in the following theorem under the aboveproposed ordering algorithm.
Theorem 1.
For any mobile user , the probability of successfully mining a new block corresponding to other users is nearest to this target probability:
(8) 
Proof.
We prove this theorem by using reduction to absurdity. We assume that the th mobile user’s probability of successfully mining a new block corresponding to other users, i.e., the probability of the untrusted MEC server providing nonce hash computing service in the merged sequence, is not nearest to the target probability under above proposed ordering algorithm.
Under this assumption, it is easy to obtain that the th mobile user’s nonces in the merged sequence obviously cannot satisfy the nonce selecting rule (7) of our proposed ordering algorithm. Meanwhile, the selecting rule (7) requires that each selected nonce has the smallest KL divergence between the expected winning probability and target probability distribution, namely, the expected winning probability approximates the target probability. When the total nonce length approaches infinity, the user’s successful mining probability is almost equal to the target probability. Nevertheless, it directly contradicts our current assumption that the th mobile user’s probability of successfully mining a new block is not nearest to the target probability. Hence, the statement in this theorem is proved. ∎
Remark 1.
(Property of Theorem 1): Our proposed nonce ordering algorithm in the untrusted MEC PoW scheme achieves better fairness of computing resource allocation among all mobile IoT users. For any position in the merged sequence of the untrusted MEC server, the number of selected nonces of each original sequence is proportional to its nonce length.
Previous researches have the assumption that MEC is a trusted server, resulting in many problems. For example, when multiple users submit mining task requests to a trusted MEC, users will inform the MEC server of all their information. This will offer MEC an opportunity to profit from the usage of this information, and it is likely that the MEC server will allocate more computing resources to some selfish users in order to obtain more revenue. Generally speaking, if the MEC is a trusted server, it may lead to unfair computing resource allocation for mobile users and also increase the possibility of malicious collusion between MEC server and selfish users. Accordingly, our proposed nonce ordering algorithm in the untrusted MEC PoW scheme is more reasonable and implement fairer computing resource distribution of MEC server among all IoT users in the mobile blockchain network.
Iv System Formulation and Analysis
In this section, we first present the noncooperative game formulation for the mobile users’ nonce selection strategy in the untrusted MEC PoW scheme. Then we analyze the NE existence of this game and propose an alternating optimization algorithm for users’ nonce selection. We also derive the NE in analytical expression which only needs to know partial information of other users. Furthermore, we analyze that cooperation behavior is unsuitable for the blockchainenabled IoT devices by using the repeated game. In the end, we design the difficulty adjustment process for the untrusted MECaided mobile blockchain network in detail.
Iva Noncooperative Game Formulation
In the PoW mining process, users compete to be first to solve the PoW puzzle with right nonce and broadcast the block to reach agreement in the whole blockchain network. We describe the size of transaction (TX) of each user by . The first user which successfully mines a block and achieves agreement can get a reward . The reward is composed of a fixed bonus for mining a new block and a flexible transaction fee determined by the size of its collected transactions and the transaction fee rate . Then mobile user ’s expected reward can be expressed by
(9) 
where is the probability that user receives the reward by contributing a block to the blockchain corresponding to other users. From the nonce ordering algorithm above mentioned, the probability of mining a new block is proportional to user ’s nonce length, i.e., , for .
The untrusted MECaided blockchain network system discussed in this paper has only one MEC server. There is no fork and the orphaning probability will not be considered. While equation (9) does not reflect the effect of blockchain’s difficulty on the mining process. Even though all users’ nonces are provided hash computing service by MEC server, the block will not be mined successfully. Nonce hash computing is a memoryless searching process, and the searching probability is only related to the difficulty value , regardless of the size of this searching space. For a given difficulty value , each nonce hash computing is i.i.d Bernoulli trial with a successful probability
(10) 
With this effect in mind, our equation for the th user’s expected revenues gets discounted by the chances of blockchain’s difficulty value, , becoming
(11) 
Once receiving computing resource demands from all mobile users, MEC server will provide hash computing service for mobile users’ nonce sequence, and finally finds the correct nonce for mining. Here, we assume the price of each hash computing for the MEC is fixed by . The users compete with each other to maximize their own utility by choosing their individual nonce computing demand, which forms the noncooperative game as follows:
Player: the mobile users;
Actions: each player selects some nonces and corresponding th user’s nonce length denoted as ;
Utility function: the utility function is denoted as the th user’s revenue.
The revenue of th user is that the achieved rewards minus computing service cost of MEC server. Given the price of once hash computing , the user determines its nonce hash computing service demand by maximizing the expected utility function which is given as:
(12) 
IvB NE Analysis of the Noncooperative Game
We consider this noncooperative game Nash equilibrium (NE) as a solution to the users’ nonce selection strategies. In this case, the NE is obtained by using the best response function which is the best strategy of one player given other users’ strategies. The best response function of th user’s nonce selection, given a vector of strategies offered by other users’ nonce selection , is defined as follows:
(13) 
where for . The vector denotes a NE of this game on nonce selection for
(14) 
where denotes the vector of best responses for player for . The above variable has the nonnegative integer constraint, making become a mixed integer programming function. Here, we remove the integer restriction and solve the optimal nonce selection strategy directly, and then get the integer solution by rounding down to nearest integer. We next analyze the existence of NE in the noncooperative game .
Theorem 2.
A NE exists in the noncooperative game .
Proof.
First of all, the strategy space for each user is defined to be , which is a nonempty, convex, compact subset of the Euclidean space. From (12), it is easier to treat discrete functions as continuous functions in . Then we take the first order and second order derivatives of (12) with to prove its concavity, which can be written as follows
(15) 
(16) 
for , and where . Hence we have proved that is strictly concave with respect to . Accordingly, the NE exists (see [24]Theorem 3.2) in the noncooperative game . The proof is now completed. ∎
Mathematically, to obtain the NE, we have to address the following set of equations:
(17) 
for all . Then we can obtain the best response function of user by solving (17)
(18) 
The solution , which is a NE, can be obtained by solving the above set of linear equations by using a numerical method when all the parameters in (18) are available. We see other users’ nonce selection strategies as an integrated part. Assume other parameters such as are fixed, then we get the first order and second order derivatives of (18) with , which can be written as follows
(19) 
and
(20) 
Hence we easily obtain that the th user’s best response is strictly concave with respect to other users’ nonce selection strategies. In the first place, increases with the increment of , and then reaching an optimal point, it decreases when increases. This conclusion is also consistent with the subsequent simulation result of Fig. 7. At last, combining the above analysis part, the optimal users’ nonce selection under the untrusted MEC PoW scheme can be obtained, as summarized in Algorithm 2.
From (18), we can see that the selected nonce numbers of all other users are known and it is apparently difficult to apply in the actual system. For this reason, the best response function can be rewritten in the analytical expression of Theorem 3.
Theorem 3.
The NE for user in the noncooperative game (N,M,) is given by
(21) 
Proof.
According to (17), for each user , we have the mathematical expression
(22) 
Then we calculate the summation of this expression (22) for all users as follows
(23) 
we can obtain
(24) 
By substituting (24) into (18), we can have
(25) 
After squaring both sides and simple transformations, we can obtain the NE for user as shown in (21). ∎
Remark 2.
For ease of analysis, the above is considered to be a continuous variable value. Whereas the th user’s optimal nonce length is nonnegative integer in real system. Then the formula (21) is rounded down to obtain
(26) 
Remark 3.
(Interpretation of formula (26)): From (26), is related to some parameters of this mobile blockchain system, such as , , and so on. From the perspective of analyzing , the following cases will occur in the untrusted MEC PoW scheme.
Case 1: When for no one user. We can see that users all participate in the mobile blockchain network for mining block, i.e., the number of users is unchanged, and the values of the system parameters are all appropriate in this case.
Case 2: When for part users. Some users will quit the mobile blockchain system, because the system parameters are inappropriate. From the formula (26), we can see that possible reasons result in quitting system for some users, for instance, the total number of user is too large, the mining revenue of user is too small, or the blockchain difficulty factor is too large. Once system parameters are fixed, the users having larger block sizes will be reserved, and the users having smaller block sizes will be exited. After some users exit the mobile blockchain system, we still need to continue to calculate the optimal nonce selection strategies for the remaining users.
Case 3: When for all users. All users exit from the mobile blockchain system for mining, leading to the entire system crashing dramatically. The system parameters are unsuitable exceedingly, such as the total number of user too much large, the mining revenue of user too much small, the blockchain difficulty factor too much large. In this case, an incentive mechanism should be designed to activate the system.
To demonstrate the effect of system parameters on user access for three cases, we compare the user access probabilities for different users by changing the fixed reward for successfully mining and the difficulty factor in Fig. 3(a) and Fig. 3(b) respectively. From Fig. 3, we can see that when is small, the all users can access the mobile blockchain system to participate in mining block (Case 1); when is large, some users will quit our system (Case 2 or Case 3). The reasons are given as follows. As observed from Fig. 3(a), the user access probability decreases with the declining fixed reward . This is because as reduces, each user can get less revenue, and thus some users decide to quit system. From Fig. 3(b), when increases, the user access probability decreases, for example, when increases by and , the user access probability drops to , i.e., the mobile blockchain system crashes dramatically. This is because as increases, the difficulty of mining block in the mobile blockchain network increases, and thus more users cannot deal with PoW puzzle and then quit system. When is large, or is small, or is large, the mobile blockchain system is highly competitive and less benefit, and thus the user access probability will be low and even the entire system will crash.
In this paper, we mainly investigate the Case 1, where we analyze the optimal number of nonces selected by each user and the specific mathematical relationship with all system parameters when the system parameters are fixed. Some possible problems in the other two cases, such as how to dynamically adjust the system parameters, and how to design the incentive mechanism for solving the problem of system crashing, are not analyze theoretically in this paper. These may be important research topics in the future.
Here, we will consider a special case, where we assume to know the average block size of all mobile users and let denotes the fixed average block size. Then we can rewrite the expression (26 ) simply as
(27) 
for . From expression (27), we can achieve that user’s nonce selection strategy only depends on the total number of users , when others parameters are fixed in the whole untrusted MECaided mobile blockchain network. Moreover, we can obtain that the th user’s nonce selection strategy approaches to when is sufficiently large. In this case, all players are trying to select nonces as much as possible, severe competition for a large number of users often leads to low computing resource allocation. Since the untrusted MEC server coexists over a long period of time, the user’s nonce selection game will be played for multiple times, where the unfair competition could be handled through mutual trust and cooperation. By repeating a game over multiple time, the players can be conscious of the previous behavior of the players and change their strategies accordingly. Next, we use the repeated game to boost cooperation among competitive players.
IvC Analysis by Using Repeated Game
Let be number of stage of the game . The repeated game, denoted by , consists of game repeated for time slots form until . First of all, we have to define the utility for a player in the finitely repeated game (FRG) () is expressed as
(28) 
where is a discount factor, and is player ’s payoff at the th time slot. When is closer to 1, the player is more patient.
Theorem 4.
Consider FRG , and the oneshot stage game has a unique nonce selection strategy . Then has a unique subgame perfect equilibrium (SPE). In this unique SPE, there is for each regardless of history.
Proof.
By using backward induction, in the last stage , we will have regardless of the history of the FRG. Then we can inversely move to the previous stage , the subgame also has . With this argument and continuing inductively, we can know that in this repeated game of complete information, there exists for regardless of history. ∎
Thus, FRG is impossible to bring cooperative behavior among players, because we expect the emergence of cooperative behavior in the infinitely repeated games (IRG), denoted by . Then we define the utility for a player in the IRG () is calculated as
(29) 
where the factor is introduced as a normalization, to measure stage and repeated game utilities in the same units. In this IRG, we consider a cooperation behavior to maximize the total utility function for all players which is given by
(30) 
The above optimization problem (30) is multiple variables nonconvex problem. This optimization problem is more difficult to solve. Here, we only need simple analysis, therefore, there is no request to address this problem. Here, we simulate individual revenues of three player in the untrusted MECaided mobile blockchain network by using the cooperative or noncooperative behaviors, as shown in Fig. 4, where the parameter settings are consistent with the later simulation Section V. Firstly, we can see that the total revenue of the cooperative behavior in IRG is much higher than that of the noncooperative behavior in oneshot game. While the individual revenues of player 1 and player 2 according to the cooperation in repeated games do not achieve a higher revenue than using the oneshot noncooperative game. Consequently, these players will not want cooperation with other players in the repeated game. By cooperation, the individual revenues of each player do not increase together, therefore, the repeated game is not appropriate to analyze user’s nonce selection in the mobile blockchain network. Moreover, if the block size for all players is the same, i.e., , the optimization problem (30) will be a linear problem. In this case, all user’s nonce selection strategies are approximately equal to , which does not accord with the actual situation. This further illustrates that cooperation approach of the repeated game is not feasible for IoT users in blockchain networks.
IvD Blockchain’s Difficulty Adjustment
Too high or too low difficulty can bring about different mining time. The blockchain network desires to ensure a stable average block time over long periods of time. For the sake of making the blockchain network run smoothly, the design of blockchain’s difficulty adjustment is necessary. Next, we will focus more on blockchain’s difficulty adjustment mechanism. We assume that the time for once nonce hash computing is and the total nonce number denotes as for a round of interaction between MEC server and mobile users. From the above analysis for user’s nonce selection strategies in noncooperative game , we can obtain the total expected optimal nonce number by
(31) 
In one interaction, the longest time during MEC providing computing service to users process is . Each nonce hash computing is i.i.d. Bernoulli trial with the same successful probability, i.e., , so the expected time from starting nonce hash computing to the successful mining can yield
(32) 
where is the number of nonces, and denotes the upper bound of its number. Hence users may need to selected nonces according to multiple rounds of interaction between MEC server and users, so that block will be mined successfully. Let is the interaction rounds of mining a new block between MEC server and users, and should satisfy the following inequality,
(33) 
Then we obtain
(34) 
where is the minimum interaction rounds between MEC server and users for mining a new block. Here, we consider that a round time including the hash computing time and transmission time between MEC and users are almost the same. It is assumed that a round time is fixed for the interaction process between users selecting nonces and MEC server providing computing service. Then the actual minimum time to mine a new block is
(35) 
So we keep the threshold number of rounds fixed in the process of adjusting the difficulty, which is equivalent to keeping the block time unchanged. Next, we are mainly interested in the average rounds for mining blocks, then we can obtain
(36) 
where denotes the interaction rounds between MEC server and all IoT devices for mining th new block. The variance of rounds for mining blocks is given as
(37) 
From the above expression, we can see that the variance of rounds only depends on the number of mining blocks when other parameters are constant. Particularly, the variance of these rounds will become worse with smaller block cycle . Then, the rule of difficulty adjustment factor is to minimize the distance between the average rounds for blocks in (36) and the threshold rounds as follows
(38) 
When , then the optimal difficulty adjustment factor is expressed as follows
(39) 
where the may change for mining different blocks. Eventually, combining the above analysis part, we update the difficulty factor based on previous blocks. We propose the blockchain’s difficulty adjustment mechanism to be summarized as follows.

Step 1: Start with an initial difficulty factor , yielding the initial rounds according to equation (34).

Step 2: Keep constant over the difficulty adjustment interval of blocks. The average number of rounds can be obtained by (36).

Step 4: Repeat this process with as initial difficulty factor.
It is easy to see that we will increase the difficulty factor if the average rounds of mining the previous blocks are shorter than , and decrease the difficulty factor if the average rounds of mining the previous blocks are longer than . According to this proposed difficulty adjustment mechanism, the blockchain network can keep block times stable during a long period of time.
V Numerical Results
In this section, we demonstrate simulation results to justify the effectiveness of our proposed nonce ordering algorithm in untrusted MEC PoW scheme, evaluate the expected optimal user’s nonce selection strategies and the performance of blockchain’s difficulty adjustment mechanism. Here, we consider a group of 3 users and each user’s block size
is uniformly distributed over
, for . The default parameter values are presented as follows: , , , and . Note that some of these system parameters are varied in different simulation scenarios.Va Proposed Nonce Ordering Algorithm
First of all, in order to verify the rationality of the our proposed ordering algorithm, i.e., for any position in the merged sequence by using Algorithm 1, the number of selected nonces of each original sequence is proportional to its nonce length, we consider to compare the target and actual probability distribution. Without loss of generality, we assume only three users in the mobile blockchain system and submitted nonce numbers have a fixed proportion as , i.e., the target probability distribution is , while the total nonce numbers is changed. We compare our proposed ordering Algorithm 1 with weighted round robin (WRR) algorithm, where the weights of user 1, user 2 and user 3 are 1, 3 and 6, respectively.
Fig. 5 reveals the comparison of target and actual probability distribution by Algorithm 1 and WRR algorithm. Here, we take the first and nonces of the merged sequence in Fig. 5(a) and Fig. 5(b), respectively. By using Algorithm 1, it can be observed that actual probability has a little error with target probability when is small and then it approaches or even equals the target probability for all three users when increases in Fig. 5(a) and Fig. 5(b). The reason why the performance of Algorithm 1 is not good when the total nonce number is small, and then the nonce length of each user is smaller. For example, if , user 1 has only one nonce and then we take any position of the merged sequence to verify the rationality of the ordering algorithm. The selected probability of user 1 mostly is , not the target probability . Moreover, because of the large amount of nonce computing in the blockchain network (e.g., the SHA256 hash function commonly used by Bitcoin requires nonce hash computing), the shortcoming of Algorithm 1 can be ignored when is small. When the total nonce length approaches infinity, the user’s successful mining probability is nearest to the target probability.
On the other hand, the fairness performance of the WRR algorithm is significantly worse than that of Algorithm 1, the WRR algorithm becomes better with the increment of , however, the convergence of WRR algorithm is still poor due to the limitations of the WRR algorithm. For example, by using WRR algorithm, the user 3 with a high weight is always selected until the number of weights is reached, and then the next user 1 will be selected. This implies that the service is consecutively provided on the same user 3, resulting in the next user 1 with a low weight may be idle and having no smooth resource allocation. By comparing Fig. 5(a) and Fig. 5(b), it can be see that our proposed nonce ordering algorithm, Algorithm 1, can provide a much fairer hash computing service for all users than the WRR algorithm.
VB Nonce Selection Strategies of Users
We assume that only two users in this MECaided mobile blockchain network and the parameters of block size are and . To find the NE we construct the best response functions by (14), for every player , , the best response functions can be obtained by using (18)
(40) 
(41) 
In Fig. 7, we plot the best response functions of the players in (40) and (41). We can observe from Fig. 7 that the best response function associates a unique strategy for player 1 to each strategy of player 2. Similarly, the best response function associates a unique strategy for player 2 to each strategy of player 1. As shown in Fig. 7, the two best response functions intersect at a unique point . In fact, this point constitutes the unique purestrategy NE of the noncooperative game, at this point, every player’s nonce selection strategy is the best response to the other player’s strategies, i.e., and . Thus we can conclude that this noncooperative game exists a unique NE. Moreover, we can see that the player’s nonce length decreases for remaining own revenue when other users’ length is larger than their best strategy. These simulation results are consistent with the above NE analysis in Section IVB.
To demonstrate the performance of the proposed optimization algorithm of user’s nonce selection and the impacts of various parameters on the nonce selection strategies, we consider three users in this MECaided mobile blockchain system with the following parameters of block size: . First, the convergence performance of the proposed alternating optimization algorithm of user’s nonce selection is depicted in Fig. 7. We can see that nonce length of Algorithm 2 is unstable in the first 4 iterations. When the iteration is larger than 4, the alternating Algorithm 2 reaches a stable state and the gap between the proposed alternating Algorithm 2 and the analytical solution is rather small for all users, which verifies the good convergence of our proposed Algorithm 2 and the correctness of Theorem 3 about analytical expression (21). The impacts of several parameters including fixed reward and transaction fee rate on user’s nonce selection strategies are investigated in Fig. 99. We illustrate nonce lengths for all users versus the fixed reward for successfully mining in Fig. 9. We observed that the optimal nonce lengths for all users increase with the increment of fixed reward. Because of the fixed reward ascending, all users have greater incentives to cause higher nonce hash computing demand. Next, Fig. 9 illustrates nonce lengths for all users versus the transaction fee rate. We can see that the optimal nonce lengths for user 2 and user 3 raise with the transaction fee rate ascending. Nevertheless, the optimal nonce length for user 1 reduces with the increment of transaction fee rate. This reason is that the transaction fee rate increases, the incentive of each user are greater to have higher nonce hash computing demand. But the incentives of user 1 with smaller block size are still not much as that of user 2 and user 3, and becomes smaller than that of user 2 and user 3 when the transaction fee rate increases.
VC Difficulty’s Adjustment Mechanism
In the end, to display the performance of the proposed blockchain’s difficulty adjustment mechanism, we plot the block time versus the block number for and in Fig. 10(a) and Fig. 10(b), respectively. Here, we assume that each round time of the interaction process between MEC server and users is set to and the target time of mining a block is denoted as for Bitcoin system. Note that blue ’*’ represents individual block times, and the red line presents the average block time within block intervals. Firstly, in Fig. 10, though the individual block time reveals a random property, the gap between the individual block time and the target time is within one minute, which ensures the effectiveness of our proposed difficulty adjustment mechanism. As observed from Fig. 10(a) and Fig. 10(b), we can see that average block times fluctuate around the target time every block intervals, because the blockchain’s difficulty factor updates every blocks by using the proposed blockchain’s difficulty adjustment mechanism. Meanwhile, the variance between the average block time and the target time of in Fig. 10(b) is significantly larger than that of in Fig. 10(a), which is also consistent with the theoretical results of the above expression (37). We can see that the variance of these block times for smaller becomes particularly worse than larger . Accordingly, we should select the appropriate block intervals in the process of adjusting the blockchain’s difficulty value.
Vi Conclusion
In this paper, we have considered the untrusted MEC PoW scheme in the mobile blockchainenabled IoT network. We have proposed a nonce ordering algorithm in this scheme, which guarantees that the number of selected nones of each original sequence is proportional to its nonce length for any position in the merged sequence. Then, the user’s nonce selection strategies have been analyzed by using a noncooperative game, and the NE has been considered as the solution. Furthermore, we have illustrated that cooperation approach of the repeated game is not feasible for IoT users in blockchain networks. Finally, we have designed the blockchain’s difficulty adjustment mechanism to keep block times stable during a long period of time. Simulation results indicate that the nonce ordering algorithm can allocate computing resource of the untrusted MEC server more fairly. The mobile IoT users can achieve optimal nonce selection strategies and we have verified that the proposed blockchain’s difficulty adjustment mechanism is effective.
References
 [1] S. Nakamoto, “Bitcoin: A peertopeer electronic cash system,” Oct. 2008.
 [2] H.N. Dai, Z. Zheng, and Y. Zhang, “Blockchain for internet of things: A survey,” arXiv:1906.00245, Jun. 2019.
 [3] B. Cao, et al., “When internet of things meets blockchain: challenges in distributed consensus,” arXiv:1905.06022, May 2019.
 [4] M. Conoscenti, A. Vetrò, and J. C. De Martin, “Blockchain for the internet of things: A systematic literature review,” in IEEE/ACS 13th Int. Conf. of Comp. Syst. and Applica. (AICCSA), Nov. 2016, pp. 1–6.
 [5] M. Banerjee, J. Lee, and K.K. R. Choo, “A blockchain future for internet of things security: A position paper,” Digi. Commun. and Net., vol. 4, no. 3, pp. 149–160, Aug. 2018.
 [6] P. Danzi, A. E. Kalor, C. Stefanovic, et al., “Analysis of the communication traffic for blockchain synchronization of IoT devices,” in Proc. IEEE Int. Conf. Commun. (ICC), May 2018, pp. 1–7.
 [7] P. Danzi, A. E. Kalor, C. Stefanovic, and P. Popovski, “Delay and communication tradeoffs for blockchain systems with lightweight IoT clients,” IEEE Internet Things J., vol. 6, no. 2, pp. 2354–2365, Apr. 2019.
 [8] Z. Xiong, Y. Zhang, D. Niyato, et al., “When mobile blockchain meets edge computing,” IEEE Commun. Mag., vol. 56, no. 8, pp. 33–39, Aug. 2018.
 [9] Z. Xiong, et al., “Cloud/fog computing resource management and pricing for blockchain networks,” IEEE Internet Things J., pp. 1–1, Sept. 2018.
 [10] Y. Jiao, P. Wang, D. Niyato, et al., “Social welfare maximization auction in edge computing resource allocation for mobile blockchain,” in Proc. IEEE Int. Conf. Commun. (ICC), Jul. 2018, pp. 1–6.
 [11] Y. Jiao, P. Wang, D. Niyato, and K. Suankaewmanee, “Auction mechanisms in cloud/fog computing resource allocation for public blockchain networks,” IEEE Trans. Parallel Distrib. Syst., pp. 1–1, Mar. 2019.

[12]
N. C. Luong, Z. Xiong, P. Wang, and D. Niyato, “Optimal auction for edge computing resource management in mobile blockchain networks: A deep learning approach,” in
Proc. IEEE Int. Conf. Commun. (ICC), Jul. 2018, pp. 1–6.  [13] S. Bayhan, A. Zubow, and A. Wolisz, “Spass: Spectrum sensing as a service via smart contracts,” in IEEE Int. Symp. on Dyna. Spec, Access Net. (DySPAN), Oct. 2018, pp. 1–10.
 [14] K. Kotobi and S. G. Bilén, “Blockchainenabled spectrum access in cognitive radio networks,” in Proc. Int. Wireless Commun. Symp. (WTS), Apr. 2017, pp. 1–6.
 [15] A. El Gamal and H. El Gamal, “A single coin monetary mechanism for distributed cooperative interference management,” IEEE Wireless Commun. Lett., vol. 8, no. 3, pp. 757–760, Jun. 2019.
 [16] J. Garay, A. Kiayias, and N. Leonardos, “The bitcoin backbone protocol: Analysis and applications,” in Annual Int. Conf. on the Theo. and Applica. of Crypto. Techn. Springer, Apr. 2015, pp. 281–310.
 [17] I. Bentov, A. Gabizon, and A. Mizrahi, “Cryptocurrencies without proof of work,” in Int. Conf. on Finan. Crypto. and Data Secu. Springer, Aug. 2016, pp. 142–157.
 [18] P. Mach and Z. Becvar, “Mobile edge computing: A survey on architecture and computation offloading,” IEEE Commun. Surveys Tuts., vol. 19, no. 3, pp. 1628–1656, Mar. 2017.
 [19] Y. Mao, C. You, J. Zhang, et al., “A survey on mobile edge computing: The communication perspective,” IEEE Commun. Surveys Tuts., vol. 19, no. 4, pp. 2322–2358, Aug. 2017.
 [20] W. Yu, et al., “A survey on the edge computing for the internet of things,” IEEE Access, vol. 6, pp. 6900–6919, Nov. 2018.
 [21] M. Liu, F. R. Yu, Y. Teng, et al., “Computation offloading and content caching in wireless blockchain networks with mobile edge computing,” IEEE Trans. Veh. Technol., vol. 67, no. 11, pp. 11 008–11 021, Aug. 2018.
 [22] Y. Wu, et al., “Optimal computational power allocation in multiaccess mobile edge computing for blockchain,” Sensors, vol. 18, no. 10, p. 3472, Oct. 2018.
 [23] M. Liu, F. Richard, et al., “Distributed resource allocation in blockchainbased video streaming systems with mobile edge computing,” IEEE Trans. Wireless Commun., vol. 18, no. 1, pp. 695–708, Jan. 2019.
 [24] H. Zhu, D. Niyato, W. Saad, et al., Game Theory in Wireless and Communication Networks: Theory, Models, and Applications. Cambridge, UK: Cambridge university press, 2012.
Comments
There are no comments yet.