A Composable Rational Framework for Blockchain Systems

Bitcoin marked the beginning of a new era in digital finance; the data structure known as the blockchain enabled financial transactions to be executed in a secure decentralized manner, therefore revolutionizing the financial landscape. Blockchains naturally form environments where the participants act for profit (i.e., participants are rational). Nevertheless, current works typically analyze the security of blockchain protocols in the traditional setting where some of the participants are malicious and the rest are honest as there is no general framework to analyze blockchains from a rational perspective. Furthermore, blockchain systems are complex and consist of several components that handle different performance aspects, such as the network layer or Layer 0, the consensus layer or Layer 1, and the off-chain network or Layer 2. All these layers interact with each other and the security of each layer depends on the security of its substrate layer and vice versa. Therefore, the composition of protocols in the blockchain setting is vital for the security guarantees and the correct operation of cryptocurrencies. The goal of this project is to introduce a composable framework for the security analysis of blockchain protocols under a hybrid model of both rational and malicious participants. This is a significant yet currently missing tool with impact across multiple disciplines such as computer science and economics.

Blockchains are the technology behind cryptocurrencies like Bitcoin, enabling secure digital transactions without banks or other central authorities. They have transformed digital finance by allowing people to transfer value and data directly and transparently. However, most existing research assumes that participants are either fully honest or outright malicious. In reality, blockchain users are often "rational" or selfish, acting strategically to maximize profit or reduce costs. This project set out to fill a major gap: creating a general, composable framework for analysing blockchain systems that considers both malicious and rational behaviour. "Composable" means that the framework can be used to analyse multiple interacting layers of a blockchain and understand how their security depends on each other. These layers include: (1) a basic network layer controlling how information flows among participants, (2) a consensus layer determining how participants agree on which data (e.g., transactions) is included in the blockchain, and (3) Layer 2 protocols that process transactions off-chain securely. Over three years, we studied how these layers interact and developed new models and protocols to make blockchains faster, more secure, and more interoperable. We identified bribery attacks arising from layer interactions and built protocols that remain secure when combined with their underlying layer. Notably, we developed Layer 2 protocols that keep security guarantees when integrated with the consensus layer, enabling blockchains to scale securely to millions of users. We also created mechanisms for fair reward distribution in Proof-of-Work blockchains like Bitcoin and developed a transformation that adapts consensus protocols originally secure against honest and malicious participants, to remain secure when some "honest" participants act strategically for profit. Beyond individual protocols, we unified our work into the first composable framework for rational participants in a blockchain ecosystem, introducing a practical security model that captures real-world blockchain systems. These advances have been recognised both in academia and in industry. The results were published in top-tier international venues, including USENIX Security, ACM CCS, NDSS, FC, and AFT. They were also shared widely with industry through invited talks at major events such as a16z Crypto and Encode London, and through public outreach, including an article in the TU Wien Alumni Bulletin. This research advances the next generation of blockchain systems, making them resilient not only to attacks but also to profit-driven strategies that threaten fairness, performance, and security. The results can improve decentralised finance, cross-chain trading, and payment networks, strengthening the security and scalability of digital transaction systems for millions of users worldwide.