Bitcoin Beacon
This addresses the need for secure randomness generation in decentralized systems like Bitcoin, offering a practical solution with theoretical limits, though it is incremental by building on existing cryptographic and blockchain concepts.
The paper tackles the problem of generating unpredictable and publicly verifiable randomness using Bitcoin, showing it can be instantiated under sensible assumptions with an adversary having a large but not infinite budget, and provides an impossibility result for infinite budgets along with a hybrid protocol combining trusted parties and Bitcoin.
We examine a protocol $π_{\text{beacon}}$ that outputs unpredictable and publicly verifiable randomness, meaning that the output is unknown at the time that $π_{\text{beacon}}$ starts, yet everyone can verify that the output is close to uniform after $π_{\text{beacon}}$ terminates. We show that $π_{\text{beacon}}$ can be instantiated via Bitcoin under sensible assumptions; in particular we consider an adversary with an arbitrarily large initial budget who may not operate at a loss indefinitely. In case the adversary has an infinite budget, we provide an impossibility result that stems from the similarity between the Bitcoin model and Santha-Vazirani sources. We also give a hybrid protocol that combines trusted parties and a Bitcoin-based beacon.