cial case of asset tracking, where the
“asset” is a person. The key challenges
are the same.
Tamper-resistant record storage.
The append-only ledger of a blockchain system can be used to store documents, including the history of changes to these documents. This use case is
best suited for records that are highly
valuable (such as certificates and government licenses), have a small data
size, and are publicly available (as they
will be replicated by all miners). If large
and/or confidential documents need to
be stored, a blockchain system might
store secure pointers (that is, binding/
hiding commitments) for the documents, while the documents themselves are stored in a different system.
Other use cases. Electronic voting
is a challenging problem that is often asserted to benefit from blockchain technology’s properties. Shared
governance could be used to ensure
multiple parties (the government,
nongovernmental organizations, international watchdogs) can work together
to ensure an election is legitimate.
Auditability is important in providing
evidence to the electorate that the election was fair. Finally, the resilience of
blockchain technology is important
in preventing cyberattacks against the
voting system. Voting on a blockchain
system, however, has many challenges
to solve: Blockchain systems offer no
inherent support for secret ballots;
electronic votes can be changed by the
device from which they are submitted (undetectably if a secret ballot is
achieved); cryptographic keys could be
sold to vote buyers; and key recovery
mechanisms would need to be established for lost keys.
Gambling and games. Gambling
is already very popular on Bitcoin and
Ethereum. Players can audit the contract code to ensure execution is fair,
and the contract can use cryptocurrency to handle the finances (
including holding the money in escrow to
prevent losing parties from aborting
before paying). This use case is best
suited for gambling games that do not
require randomness, private state, or
knowledge of off-chain events.
Ultimately, blockchain technology is
not a panacea, but it is a useful tool
when the overhead is justified by the
system’s needs. A good place to start is
by posing the following questions:
1. Does the system require shared
2. Does the system require shared
If both answers to these questions
are no, the overhead of blockchain
technology is unnecessary. If both
answers are yes, there is a good fit. If
only one of the answers is yes—if only
shared governance or shared operation
is needed but not both—then two more
questions should be considered:
3. Is it necessary to audit the sys-
4. Is it necessary to prevent mali-
cious data deletion?
If auditability and data replication
are critical, blockchain technology
should be considered. This is because
meaningful shared governance and
operation require miners to audit the
operations of others and to be able to
recover data that a malicious miner
might try to delete.
Even though blockchain technology
does not solve all the problems that its
proponents claim it does, it is nonetheless a meaningful technology that will
continue to be used in industry and is
deserving of further research and experimentation.
Bitcoin’s Academic Pedigree
Arvind Narayanan and Jeremy Clark
Research for Practice: Cryptocurrencies,
Blockchains, and Smart Contracts
Arvind Narayanan and Andrew Miller
A Hitchhiker’s Guide to
the Blockchain Universe
1. Avizheh, S., Safavi-Naini, R., Shahandashti, S. F. A new
look at the refund mechanism in the Bitcoin payment
protocol. In Proceedings of Financial Cryptography and
Data Security, 2018; https://arxiv.org/abs/1807.01793.
2. Bano, S., Sonnino, A., Al-Bassam, M., Azouvi, S.,
McCorry, P., Meiklejohn, S., Danezis, G. SoK: Consensus
in the age of blockchains. In Proceedings of ACM
Advances in Financial Technology, 2019; https://arxiv.
3. Corbin, J., Strauss, A. Grounded theory research:
Procedures, canons and evaluative criteria. Zeitschrift
für Soziologie 19, 6 (1990), 418–427.
4. Digiconomist. Bitcoin energy consumption index, 2019;
5. Garay J., Kiayias, A. SoK: A consensus taxonomy in
the blockchain era. Cryptology ePrint Archive, Report
6. Goldfeder, S., Kalodner, H.A., Reisman, D., Narayanan,
A. When the cookie meets the blockchain: Privacy
risks of web payments via cryptocurrencies. Privacy
Enhancing Technologies 179–199; https://www.
7. Kosba, A.E., Miller, A., Shi, E., Wen, A., Papamanthou,
C. Hawk: The blockchain model of cryptography and
privacy-preserving smart contracts. In Proceedings
of IEEE Symp. Security and Privacy, 2016, 839–858;
8. Nakamoto, S. Bitcoin: A peer-to-peer electronic cash
system, 2008; https://bitcoin.org/bitcoin.pdf.
9. Narayanan, A., and Jeremy Clark, J. Bitcoin’s
academic pedigree. acmqueue 15, 4 (2017); https://
10. Ruoti, S. et al. A usability study of four secure email
tools using paired participants. ACM Trans. Privacy
and Security 22, 2 (2019), 13:1–13: 33; https://dl.acm.
11. Ruoti, S., Kaiser, B., Yerukhimovich, A., Clark, J.,
Cunningham, R. SoK: Blockchain technology and its
potential use cases. Technical report, 2019; https://
12. Schneier, B. There’s no good reason to trust blockchain
technology. Wired, 2019; https://www.wired.com/
13. Siegel, D. Understanding the DAO hack. Coindesk,
14. Tamassia, R. Authenticated data structures. In
Proceedings of European Symposium on Algorithms,
2003, 2–5. Springer; https://link.springer.com/
15. Wolfswinkel, J. F., Furtmueller, E., Wilderom, C. P.M.
Using grounded theory as a method for rigorously
reviewing literature. European J. Information Systems
22, 1 (2013), 45–55; https://link.springer.com/
The majority of this work was completed while
the authors (other than Jeremy Clark) were working
at MIT Lincoln Laboratory.
Scott Ruoti is an assistant professor in the electrical
engineering and computer science department at the
University of Tennessee in Knoxville. His research
includes using blockchain technology to build and secure
noncryptocurrency systems, improving the security
and accessibility of password managers and two-factor
authentication, and helping software developers create
Ben Kaiser is a Ph. D. student in the Center for
Information Technology Policy at Princeton University,
Princeton, NJ. He previously worked on applied
cryptography as a staff researcher at MIT Lincoln
Laboratory and now focuses on issues surrounding
disinformation and online speech.
Arkady Yerukhimovich is an assistant professor of
computer science at George Washington University.
Previously, he was a research staff member at the
MIT Lincoln Laboratory. His recent research is focused
on developing cryptographic protocols for secure
computation and database search.
Jeremy Clark is an associate professor at the
Concordia Institute for Information Systems
Engineering in Montreal, Canada, where he holds the
NSERC/RCGT/Catallaxy Industrial Research Chair in
Blockchain Technologies. He collaborates regularly with
government agencies and municipalities on voting and
Robert Cunningham is Associate Director for Cyber
Assurance in the CERT division of the Software
Engineering Institute, and an adjunct professor of
cybersecurity at Carnegie Mellon University. Previously,
he led a series of computer security groups at MIT Lincoln
Laboratory. He regularly briefs the U. S. Government on
technical matters related to computer security.
Copyright held by authors/owners.
Publication rights licensed to ACM.