区块链理论研究进展

doi:10.13868/j.cnki.jcr.000258

摘要
图/表
参考文献(105)
相关文章 (15)

全文: PDF (1237 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要

区块链技术是一门新兴的技术, 受到各行各业的广泛关注. 各个国家正在积极研究区块链技术可能给金融乃至生活的方方面面带来的变革. 本文先从比特币区块链的视角出发, 通过了解它的运行机制、基本特征、关键技术、技术挑战等, 给读者建立一个对区块链的直观感受. 然后给出区块链的形式化定义, 并总结目前区块链在相关密码技术、安全性分析、共识机制、隐私保护、可扩展性等方面的最新研究进展. 密码技术是保障区块链安全的关键技术之一, 也是实现区块链具体应用的基本手段. 本文同时指出了多种密码技术如特殊数字签名、零知识证明、同态密码、安全多方计算等在区块链系统中的(潜在)应用价值. 尽管区块链技术的研究和应用发展迅速并取得很大进展, 但区块链所面临的诸如吞吐量低、延迟高、耗能高等一系列技术瓶颈, 严重影响大规模应用的真正落地, 区块链技术的研究和应用还有很长的路要走, 需要各方共同努力.

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	单进勇
	高胜

关键词 ：比特币, 密码货币, 区块链, 共识协议, 可扩展性

Abstract：

Blockchain is an emerging technology that has received an exceptional amount of attention from all walks of life. Many countries are actively studying how blockchain technology could change finance and even aspects of our lives. In this paper, by introducing the operating mechanism, basic features, key technologies, and technical challenges of the Bitcoin blockchain, we firstly build an intuitive feeling of blockchains for readers. Then we propose a formal definition of blockchains, and summarize the current research progress of blockchains in cryptography, security analysis, consensus, privacy, and scalability. Cryptography is one of the key technologies ensuring security in blockchains, and is also the basic means to realize the specific applications of blockchains. In this paper, we also point out the potential application value of the various cryptographic techniques in blockchains, such as special digital signatures, zero-knowledge proofs, homomorphic ciphers, and secure multi-party computations. Although the research and application of blockchain technology has developed rapidly and made great progress, blockchain technology faces a series of technical challenges such as low throughput, high latency, and high energy consumption, which seriously affects its large-scale applications. Therefore, the research and application of blockchains still has a long way to go, and people need to work together.

Key words： Bitcoin cryptocurrency blockchain consensus scalability

收稿日期: 2018-07-28 出版日期: 2018-09-27

基金资助:国家重点研发计划(2017YFB0802500)

通讯作者: 高胜, E-mail: gs14011@163.com

引用本文:

单进勇, 高胜. 区块链理论研究进展[J]. 密码学报, 2018, 5(5): 484-500.
SHAN J Y, GAO S. Research Progress on Theory of Blockchains. Journal of Cryptologic Research, 2018, 5(5): 484-500.

链接本文:

http://www.jcr.cacrnet.org.cn/CN/10.13868/j.cnki.jcr.000258 或 http://www.jcr.cacrnet.org.cn/CN/Y2018/V5/I5/484

\bibitem{1}NAKAMOTO S. Bitcoin: A peer-to-peer electronic cash system[EB/OL]. http://bitcoin.org/bitcoin.pdf. 2008.

\bibitem{2}Litecoin[EB/OL]. https://litecoin.com/.

\bibitem{3}Zcash[EB/OL]. https://z.cash/.

\bibitem{4}Monero[EB/OL]. https://getmonero.org/.

\bibitem{5}DANEZIS G, MEIKLEJOHN S. Centrally banked cryptocurrencies[C]. In: Proceedings of the 23rd Annual Network and Distributed System Security Symposium (NDSS). San Diego, CA, USA. 2016. [DOI: 10.14722/ndss.2016.23187]

\bibitem{6}Project Jasper: A Canadian experiment with distributed ledger technology for domestic interbank payment settlement[EB/OL]. https://www.payments.ca/sites/default/files/29-Sep-17/jasper\_report\_eng.pdf. 2017.

\bibitem{7}Project Ubin: SGD on distributed ledger[EB/OL]. http://www.mas.gov.sg/Singapore-Financial-Centre/Smart-Financial-Centre/Project-Ubin.aspx. 2017.

\bibitem{8}YAO Q. Prototype of Chinese digital fiat currency[J]. China Finance, 2016, 2016(17): 13–15.\\
姚前. 中国法定数字货币原型构想[J]. 中国金融, 2016, 2016(17): 13–15.

\bibitem{9}WANG Y H. Digital currency technology implementation framework[J]. China Finance, 2016, 2016(17): 15–16.\\
王永红. 数字货币技术实现框架[J]. 中国金融, 2016, 2016(17): 15–16.

\bibitem{10}XU Z, YAO Q. Preliminary scheme for digital ticket trading platform[J]. China Finance, 2016, 2016(17): 31–33.\\
徐忠, 姚前. 数字票据交易平台初步方案[J]. 中国金融, 2016, 2016(17): 31–33.

\bibitem{11}XU Z, TANG Y W, LIN X. Discussion on theory of central bank digital currency[J]. China Finance, 2016, 2016(17): 33–34.\\
徐忠, 汤莹玮, 林雪. 央行数字货币理论探讨[J]. 中国金融, 2016, 2016(17): 33–34.

\bibitem{12}YAO Q. Digital currency and bank account[J]. Tsinghua Financial Review, 2017, 7: 63–67. [DOI: 10.19409 /j.cnki.thf-review.2017.07.016]\\
姚前. 数字货币与银行账户[J]. 清华金融评论, 2017, 7: 63–67. [DOI: 10.19409/j.cnki.thf-review.2017.07.016]

\bibitem{13}SWAN M. Blockchain: Blueprint for a New Economy[M]. USA: O'Reilly Media, Inc., 2015.

\bibitem{14}MIIT. China's Blockchain Technology and Application Development Whitepaper[M]. 2016.\\
工信部. 中国区块链技术和应用发展白皮书[M]. 2016.

\bibitem{15}ANTONOPOULOS A. Mastering Bitcoin: Programming the Open Blockchain[M]. 2nd edition. USA: O'Reilly Media, Inc., 2017.

\bibitem{16}National Institute of Standards and Technology (NIST). FIPS PUB 180-4, Secure Hash Standard (SHS)[S]. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf. 2005. [DOI: 10.6028/NIST.FIPS.180-4]

\bibitem{17}National Institute of Standards and Technology (NIST). FIPS PUB 186-4, Digital Signature Standard (DSS)[S]. https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf. 2013. [DOI: 10.6028/NIST.FIPS.186-4]

\bibitem{18}Standards for Efficient Cryptography Group. SEC 2: Recommended elliptic curve domain parameters[S]. http://www.secg.org/sec2-v2.pdf. 2010.

\bibitem{19}MATHEW J. Bitcoin: Blockchain could become `safe haven' for hosting child sexual abuse images[EB/OL]. http://www.dailydot.com/business/bitcoinchild-porn-transaction-code/. 2015.

\bibitem{20}SHIRRIFF K. Hidden surprises in the Bitcoin blockchain and how they are stored: Nelson mandela, wikileaks, photos, and python software[EB/OL]. http://www.righto.com/2014/02/ascii-bernanke-wikileaks-photographs.html. 2014.

\bibitem{21}ATENIESE G, MAGRI B, VENTURI D, et al. Redactable blockchain, or rewriting history in Bitcoin and friends[C]. In: Proceedings of 2017 IEEE European Symposium on Security and Privacy (EuroS\&PW 2017). IEEE, 2017: 111–126. [DOI: 10.1109/EuroSP.2017.37]

\bibitem{22}GARAY J, KIAYIAS A, LEONARDOS N. The Bitcoin backbone protocol: Analysis and applications[C]. In: Advances in Cryptology—EUROCRYPT 2015, Part II. Springer Berlin Heidelberg, 2015: 281–310. [DOI: 10.1007/978-3-662-46803-6\_10]

\bibitem{23}KIAYIAS A, PANAGIOTAKOS G. Speed-security tradeoffs in blockchain protocols[J]. IACR Cryptology ePrint Archive, 2015: 2015/1019. https://eprint.iacr.org/2015/1019.

\bibitem{24}CHAUM D. Blind signatures for untraceable payments[C]. In: Advances in Cryptology: Proceedings of CRYPTO 82. Springer Berlin Heidelberg, 1983: 199–203. [DOI: 10.1007/978-1-4757-0602-4\_18]

\bibitem{25}PARNO B, HOWELL J, GENTRY C, et al. Pinocchio: Nearly practical verifiable computation[C]. In: Proceedings of 2013 IEEE Symposium on Security and Privacy (SP). IEEE, 2013: 238–252. [DOI: 10.1109/SP.2013.47]

\bibitem{26}BENTOV I, KUMARESAN R. How to use Bitcoin to design fair protocols[C]. In: Advances in Cryptology—CRYPTO 2014, Part II. Springer Berlin Heidelberg, 2014: 421–439. [DOI: 10.1007/978-3-662-44381-1\_24]

\bibitem{27}ANDRYCHOWICZ M, DZIEMBOWSKI S, MALINOWSKI D, et al. Secure multiparty computations on Bitcoin[C]. In: Proceedings of 2014 IEEE Symposium on Security and Privacy (SP). IEEE, 2014: 443–458. [DOI: 10.1109/SP.2014.35]

\bibitem{28}KUMARESAN R, MORAN T, BENTOV I. et al. How to use Bitcoin to play decentralized poker[C]. In: Proceedings of the 2015 ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, 2015: 195–206. [DOI: 10.1145/2810103.2813712]

\bibitem{29}BONNEAU J, CLARK J, GOLDFEDER S. On Bitcoin as a public randomness source[J]. IACR Cryptology ePrint Archive, 2015: 2015/1015. https://eprint.iacr.org/2015/1015.

\bibitem{30}PIERROT C, WESOLOWSKI B. Malleability of the blockchain's entropy[J]. Cryptography and Communications, 2018, 10(1): 211–233. [DOI: 10.1007/s12095-017-0264-3]

\bibitem{31}SHOR P. Algorithms for quantum computation: Discrete logarithms and factoring[C]. In: Proceedings of 35th Annual Symposium on Foundations of Computer Science (FOCS). IEEE, 1994: 124–134. [DOI: 10.1109/SFCS.1994.365700]

\bibitem{32}GROVER L. A fast quantum mechanical algorithm for database search[C]. In: Proceedings of the 28th Annual ACM Symposium on Theory of Computing (STOC). ACM, 1996: 212–219. [DOI: 10.1145/237814.237866]

\bibitem{33}TAN A. Post-quantum blockchain[EB/OL]. http://andrewt.me/assets/documents/phy372-final-report.pdf. 2018.

\bibitem{34}ZHANG H, ZHANG F G, TIAN H B, et al. Anonymous post-quantum cryptocash[C]. In: Financial Cryptography and Data Security—FC 2018. Springer Cham, 2018. (to appear)

\bibitem{35}TORRES W, STEINFELD R, SAKZAD A, et al. Post-quantum one-time linkable ring signature and application to ring confidential transactions in blockchain (Lattice RingCT v1.0)[C]. In: Information Security and Privacy—ACISP 2018. Springer Cham, 2018: 558–576. [DOI: 10.1007/978-3-319-93638-3\_32]

\bibitem{36}KIKTENKO E, POZHAR N, ANUFRIEV M, et al. Quantum-secured blockchain[J]. Quantum Science and Technology, 2018, 3(3): 035004. [DOI: 10.1088/2058-9565/aabc6b]

\bibitem{37}ROSENFELD M. Analysis of hashrate-based double spending[J]. arXiv: 1402.2009v1, 2014.

\bibitem{38}HEILMAN E, KENDLER A, ZOHAR A, et al. Eclipse attacks on Bitcoin's per-to-peer network[C]. In: Proceedings of the 24th USENIX Security Symposium. USENIX, 2015: 129–144.

\bibitem{39}EYAL I, SIRER E. Majority is not enough: Bitcoin mining is vulnerable[J]. Communications of the ACM, 2018, 61(7): 95–102. [DOI: 10.1145/3212998]

\bibitem{40}BAHACK L. Theoretical Bitcoin attacks with less than half of the computational power[J]. arXiv:1312.7013v1, 2013.

\bibitem{41}APOSTOLAKI M, ZOHAR A, VANBEVER L. Hijacking Bitcoin: Routing attacks on cryptocurrencies[C]. In: Proceedings of 2017 IEEE Symposium on Security and Privacy (SP). IEEE, 2017: 375–392. [DOI: 10.1109/SP.2017.29]

\bibitem{42}EYAL I. The miner's dilemma[C]. In: Proceedings of 2015 IEEE Symposium on Security and Privacy (SP). IEEE, 2015: 89–103. [DOI: 10.1109/SP.2015.13]

\bibitem{43}SOMPOLINSKY Y, ZOHAR A. Secure high-rate transaction processing in Bitcoin[C]. In: Financial Cryptography and Data Security—FC 2015. Springer Berlin Heidelberg, 2015: 507–527. [DOI: 10.1007/978-3-662-47854-7\_32]

\bibitem{44}PASS R, SEEMAN L, SHELAT A. Analysis of the blockchain protocol in asynchronous networks[C]. In: Advances in Cryptology—EUROCRYPT 2017, Part II. Springer Cham, 2017: 643–673. [DOI: 10.1007/978-3-319-56614-6\_22]

\bibitem{45}GARAY J, KIAYIAS A, LEONARDOS N. The Bitcoin backbone protocol with chains of variable difficulty[C]. In: Advances in Cryptology—CRYPTO 2017, Part I. Springer Cham, 2017: 291–323. [DOI: 10.1007/978-3-319-63688-7\_10]

\bibitem{46}BENTOV I, LEE C, MIZRAHI A, et al. Proof of activity: Extending Bitcoin's proof of work via proof of stake [extended abstract][J]. SIGMETRICS Performance Evaluation Review, 2014, 42(3): 34–37. [DOI: 10.1145/2695533.2695545]

\bibitem{47}BENTOV I, GABIZON A, MIZRAHI A. Cryptocurrencies without proof of work[C]. In: Financial Cryptography and Data Security—FC 2016. Springer Berlin Heidelberg, 2016: 142–157. [DOI: 10.1007/978-3-662-53357-4\_10]

\bibitem{48}KIAYIAS A, RUSSELL A, DAVID B, et al. Ouroboros: A provably secure proof-of-stake blockchain protocol[C]. In: Advances in Cryptology—CRYPTO 2017, Part I. Springer Cham, 2017: 357–388. [DOI: 10.1007/978-3-319-63688-7\_12]

\bibitem{49}DAVID B, GAZI P, KIAYIAS A, et al. Ouroboros Praos: An adaptively-secure, semi-synchronous proof-of-stake blockchain[C]. In: Advances in Cryptology—EUROCRYPT 2018, Part II. Springer Cham, 2018: 66–98. [DOI: 10.1007/978-3-319-78375-8\_3]

\bibitem{50}LAMPORT L. The part-time parliament[J]. ACM Transactions on Computer Systems (TOCS), 1998, 16(2): 133–169. [DOI: 10.1145/279227.279229]

\bibitem{51}ONGARO D, OUSTERHOUT J. In search of an understandable consensus algorithm[C]. In: Proceedings of 2014 USENIX Annual Technical Conference (ATC). USENIX, 2014: 305–319.

\bibitem{52}JUNQUEIRA F, REED B, SERAFINI M. Zab: High-performance broadcast for primary-backup systems[C]. In: Proceedings of 2011 IEEE/IFIP 41st International Conference on Dependable Systems \& Networks (DSN). IEEE, 2011: 245–256. [DOI: 10.1109/DSN.2011.5958223]

\bibitem{53}CASTRO M, LISKOV B. Practical Byzantine fault tolerance[C]. In: Proceedings of the Third Symposium on Operating Systems Design and Implementation (OSDI). USENIX, 1999: 173–186.

\bibitem{54}COWLING J, MYERS D, LISKOV B, et al. HQ replication: A hybrid quorum protocol for Byzantine fault tolerance[C]. In: Proceedings of the 7th Symposium on Operating Systems Design and Implementation (OSDI). USENIX, 2006: 177–190.

\bibitem{55}KOTLA R, ALVISI L, DAHLIN M, et al. Zyzzyva: Speculative Byzantine fault tolerance[C]. In: Proceedings of 21st ACM SIGOPS Symposium on Operating Systems Principles (SOSP). ACM, 2007: 45–58. [DOI: 10.1145/1294261.1294267]

\bibitem{56}DWORK C, NAOR M. Pricing via processing or combatting junk mail[C]. In: Advances in Cryptology—CRYPTO'92. Springer Berlin Heidelberg, 1993: 139–147. [DOI: 10.1007/3-540-48071-4\_10]

\bibitem{57}BANO S, SONNINO A, AL-BASSAM M, et al. SoK: Consensus in the age of blockchain[J]. arXiv:1711.03936v2, 2017.

\bibitem{58}PERCIVAL C. Stronger key derivation via sequential memory-hard functions[EB/OL]. http://www.bsdcan. org/2009/schedule/attachments/87\_scrypt.pdf. 2009.

\bibitem{59}BIRYUKOV A, KHOVRATOVICH D. Equihash: Asymmetric proof-of-work based on the generalized birthday problem[C]. In: Proceedings of the 23rd Annual Network and Distributed System Security Symposium (NDSS). San Diego, CA, USA, 2016. [DOI: 10.14722/ndss.2016.23108]

\bibitem{60}KING S, NADAL S. PPcoin: Peer-to-peer crypto-currency with proof-of-stake[EB/OL]. https://peercoin.net /assets/paper/peercoin-paper.pdf. 2012.

\bibitem{61}The NXT Community. Nxt Whitepaper[EB/OL]. https://bravenewcoin.com/assets/Whitepapers/NxtWhitepaper-v122-rev4.pdf. 2014.

\bibitem{62}DAIAN P, PASS R, SHI E. Snow white: Provably secure proofs of stake[J]. IACR Cryptology ePrint Archive, 2016: 2016/919. https://eprint.iacr.org/2016/919.

\bibitem{63}KWON J. Tendermint: Consensus without mining[EB/OL]. https://tendermint.com/static/docs/tendermint.pdf. 2014.

\bibitem{64}Proof of burn[EB/OL]. https://en.bitcoin.it/wiki/Proof\_of\_burn.

\bibitem{65}MILLER A, JUELS A, SHI E, et al. Permacoin: Repurposing Bitcoin work for data preservation[C]. In: Proceedings of 2014 IEEE Symposium on Security and Privacy (SP). IEEE, 2014: 475–490. [DOI: 10.1109/SP.2014.37]

\bibitem{66}DZIEMBOWSKI S, FAUST S, KOLMOGOROV V, et al. Proofs of space[C]. In: Advances in Cryptology—CRYPTO 2015, Part II. Springer Berlin Heidelberg, 2015: 585–605. [DOI: 10.1007/978-3-662-48000-7\_29]

\bibitem{67}ABUSALAH H, ALWEN J, COHEN B, et al. Beyond Hellman's time-memory trade-offs with applications to proofs of space[C]. In: Advances in Cryptology—ASIACRYPT 2017, Part II. Springer Cham, 2017: 357–379. [DOI: 10.1007/978-3-319-70697-9\_15]

\bibitem{68}INTEL. Sawtooth lake–introduction[EB/OL]. https://intelledger.github.io/introduction.html. 2016.

\bibitem{69}ZHANG F, EYAL I, ESCRIVA R, et al. REM: Resource-efficient mining for blockchains[C]. In: Proceedings of the 26th USENIX Security Symposium. USENIX, 2017: 1427–1444.

\bibitem{70}MAHMOODY M, MORAN T, VADHAN S. Publicly verifiable proofs of sequential work[C]. In: Proceedings of the 4th Conference on Innovations in Theoretical Computer Science (ITCS). ACM, 2013: 373–388. [DOI: 10.1145/2422436.2422479]

\bibitem{71}COHEN B, PIETRZAK K. Simple proofs of sequential work[C]. In: Advances in Cryptology—EUROCRYPT 2018, Part II. Springer Cham, 2018: 451–467. [DOI: 10.1007/978-3-319-78375-8\_15]

\bibitem{72}MORAN T, ORLOV I. Proofs of space-time and rational proofs of storage[J]. IACR Cryptology ePrint Archive, 2016: 2016/035. https://eprint.iacr.org/2016/035.

\bibitem{73}VUKOLIC M. Eventually returning to strong consistency[J]. IEEE Data Engineering Bulletin, 2016, 39(1): 39--44.

\bibitem{74}MICALI S. ALGORAND: The efficient and democratic ledger[J]. arXiv:1607.01341v6, 2017.

\bibitem{75}LUU L, NARAYANAN V, ZHENG C D, et al. A decure sharding protocol for open blockchains[C]. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, 2016: 17--30. [DOI: 10.1145/2976749.2978389]

\bibitem{76}PASS R, SHI E. Hybrid consensus: Efficient consensus in the permissionless model[C]. In: Proceedings of the 31st International Symposium on Distributed Computing (DISC). Dagstuhl, Germany, 2017: 39. [DOI: 10.4230/LIPIcs.DISC.2017.39]

\bibitem{77}DOUNG T, FAN L, ZHOU H. 2-hop blockchain: Combing proof-of-work and proof-of-stake securely[J]. IACR Cryptology ePrint Archive, 2016: 2016/716. https://eprint.iacr.org/2016/716.

\bibitem{78}KOGIAS E, JOVANOVIC P, GAILLY N, et al. Enhancing Bitcoin security and performance with strong consistency via collective signing[C]. In: Proceedings of the 25th USENIX Security Symposium. USENIX, 2016: 279–296.

\bibitem{79}REID F, MARTIN H. An analysis of anonymity in the Bitcoin system[C]. In: Security and Privacy in Social Networks. Springer Berlin Heidelberg, 2012: 197–223. [DOI: 10.1007/978-1-4614-4139-7\_10]

\bibitem{80}BARBER S, BOYEN X, SHI E, et al. Bitter to better---How to make Bitcoin a better currency[C]. In: Financial Cryptography and Data Security—FC 2012. Springer Berlin Heidelberg, 2012: 399–414. [DOI: 10.1007/978-3-642-32946-3\_29]

\bibitem{81}RON D, SHAMIR A. Quantitative analysis of the full Bitcoin transaction graph[C]. In: Financial Cryptography and Data Security—FC 2013. Springer Berlin Heidelberg, 2013: 6–24. [DOI: 10.1007/978-3-642-39884-1\_2]

\bibitem{82}MAXWELL G. Confidential transactions[EB/OL]. https://people.xiph.org/~greg/confidential\_values.txt.

\bibitem{83}BEN-SASSON E, CHIESA A, GARMAN C, et al. Zerocash: Decentralized anonymous payments from Bitcoin[C]. In: Proceedings of 2014 IEEE Symposium on Security and Privacy (SP). IEEE, 2014: 459–474. [DOI: 10.1109/SP.2014.36]

\bibitem{84}CECCHETTI E, ZHANG F, JI Y, et al. Solidus: Confidential distributed ledger transactions via PVORM[C]. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, 2017: 701–717. [DOI: 10.1145/3133956.3134010]

\bibitem{85}CAMENISCH J, CHAABOUNI R, SHELAT A. Efficient protocols for set membership and range proofs[C]. In: Advances in Cryptology—ASIACRYPT 2008. Springer Berlin Heidelberg, 2008: 234–252. [DOI: 10.1007/978-3-540-89255-7\_15]

\bibitem{86}MA S L, DENG Y, HE D B, et al. An efficient NIZK scheme for privacy-preserving transactions over account-model blockchain[J]. IACR Cryptology ePrint Archive, 2017: 2017/1239. https://eprint.iacr.org/2017/1239.

\bibitem{87}BUNZ B, BOOTLE J, BONEH D, et al. Bulletproofs: Efficient range proofs for confidential transactions[J]. IACR Cryptology ePrint Archive, 2017: 2017/1066. https://eprint.iacr.org/2017/1066.

\bibitem{88}FUJISAKI E, OKAMOTO T. Statistical zero knowledge protocols to prove modular polynomial relations[C]. In: Advances in Cryptology—CRYPTO'97. Springer Berlin Heidelberg, 1997: 16–30. [DOI: 10.1007/BFb0052225]

\bibitem{89}BOUDOT F. Efficient proofs that a committed number lies in an interval[C]. In: Advances in Cryptology—EUROCRYPT 2000. Springer Berlin Heidelberg, 2000: 431–444. [DOI: 10.1007/3-540-45539-6\_31]

\bibitem{90}CHAN A, FRANKEL Y, TSIOUNIS Y. Easy come--easy go divisible cash. Updated version with corrections [EB/OL]. http://www.ccs.neu.edu/home/yiannis/. 1998.

\bibitem{91}SABERHAGEN N. Cryptonote v 2.0[EB/OL]. https://cryptonote.org/whitepaper.pdf. 2013.

\bibitem{92}MIERS I, GARMAN C, GREEN M, et al. Zerocoin: Anonymous distributed e-cash from Bitcoin[C]. In: Proceedings of 2013 IEEE Symposium on Security and Privacy (SP). IEEE, 2013: 397–411. [DOI: 10.1109/SP.2013.34]

\bibitem{93}BEN-SASSON E, CHIESA A, GARMAN C, et al. Snarks for C: Verifying program executions succinctly and in zero knowledge[C]. In: Advances in Cryptology—CRYPTO 2013, Part II. Springer Berlin Heidelberg, 2013: 90–108. [DOI: 10.1007/978-3-642-40084-1\_6]

\bibitem{94}KOSBA A, MILLER A, SHI E, et al. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts[C]. In: Proceedings of 2016 IEEE Symposium on Security and Privacy (SP). IEEE, 2016: 839–858. [DOI: 10.1109/SP.2016.55]

\bibitem{95}HEILMAN E, ALSHENIBR L, BALDIMTSI F, et al. TumbleBit: An untrusted Bitcoin-compatible anonymous payment hub[C]. In: Proceedings of the 24rd Annual Network and Distributed System Security Symposium (NDSS). San Diego, CA, USA, 2017. [DOI: 10.14722/ndss.2017.23086]

\bibitem{96}ZIEGELDORF J, GROSSMANN F, HENZE M, et al. Coinparty: Secure multi-party mixing of Bitcoins[C]. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (CODASPY). ACM, 2015: 75–86. [DOI: 10.1145/2699026.2699100]

\bibitem{97}RUFFING T, MORENO-SANCHEZ P, KATE A. CoinShuffle: Practial decentralized coin mixing for Bitcoin[C]. In: Computer Security—ESORICS 2014. Springer Berlin Heidelberg, 2014: 345–364. [DOI: 10.1007/978-3-319-11212-1\_20]

\bibitem{98}MAXWELL G. CoinJoin: Bitcoin privacy for the real world[EB/OL]. http://bitcointalk.org. 2013.

\bibitem{99}EYAL I, GENCER A, SIRER E, et al. Bitcoin-NG: A scalable blockchain protocol[C]. In: Proceedings of the 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI). USENIX, 2016: 45–59.

\bibitem{100}POON J, DRYJA T. The Bitcoin lightning network: Scalable off-chain instant payments (v0.5.9.2)[EB/OL]. https://lightning.network/lightning-network-paper.pdf. 2016.

\bibitem{101}BACK A, CORALLO M, DASH L JR. Enabling blockchain innovations with pegged sidechains[EB/OL]. https: //www.blockstream.ca/sidechains.pdf. 2014.

\bibitem{102} Raiden network[EB/OL]. https://raiden.network/.

\bibitem{103}Reversecoin[EB/OL]. http://www.reversecoin.org/.

\bibitem{104}PUDDU I, DMITRIENKO A, CAPKUN S. $\mu$chain: How to forget without hard forks[J]. IACR Cryptology ePrint Archive, 2017: 2017/106. https://eprint.iacr.org/2017/106.

\bibitem{105}CHASE M, KOHLWEISS M, LYSYANSKAYA A, et al. Malleable signatures: New definitions and delegatable anonymous credentials[C]. In: Proceedings of 2014 IEEE 27th Computer Security Foundations Symposium (CSF). IEEE, 2014: 199–213. [DOI: 10.1109/CSF.2014.22]