Rational Threshold Cryptosystems
share
We propose a framework for threshold cryptosystems under a permissionless-economic model in which the participants are rational profit-maximizing entities. To date, threshold cryptosystems have been considered under permissioned settings with a limited adversary. Our framework relies on an escrow service that slashes and redistributes deposits to incentivize participants to adhere desired behaviors. Today, more than ever, sophisticated escrow services can be implemented over public blockchains like Ethereum, without additional trust assumptions. The key threat to rational threshold cryptosystems is collusion---by cooperating `illegally', a subset of participants can reveal the cryptosystem's secret, which, in turn is translated to unfair profit. Our countermeasure to collusion is framing. If the escrow is notified of collusion, it rewards the framer and slashes the deposits of all other participants. We show that colluding parties find themselves in the prisoner's dilemma, where the dominant strategy is framing.
READ FULL TEXT