OptChain: Achieving Optimal Throughput of Permissionless Blockchains

Chunjiang Che; Songze Li; Xuechao Wang

arxiv: 2606.23405 · v1 · pith:MLGXMKFAnew · submitted 2026-06-22 · 💻 cs.CR

OptChain: Achieving Optimal Throughput of Permissionless Blockchains

Chunjiang Che , Songze Li , Xuechao Wang This is my paper

Pith reviewed 2026-06-26 07:45 UTC · model grok-4.3

classification 💻 cs.CR

keywords blockchain throughputshardingpermissionless consensusstate machine replicationverifiable information dispersaldiffusion mining

0 comments

The pith

OptChain is the first permissionless blockchain protocol to approach the theoretical upper bound on throughput under a fixed error probability.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces OptChain as a sharded permissionless blockchain protocol that gets close to the highest possible transaction rate any such system can sustain without exceeding a chosen error probability. It reaches this by introducing Shardis to spread data inside each shard at the speed of the fastest node present, and diffusion mining to keep the whole system secure even when shards are added up to the largest number possible. A sympathetic reader would care because most current blockchains must slow down to stay safe, and this work shows a concrete way to push closer to the physical speed limits of the network while staying fully decentralized.

Core claim

OptChain establishes a theoretical upper bound on the throughput of any SMR protocol under a fixed error probability and presents the first protocol to approach this bound. It optimizes vertically through Shardis, a permissionless verifiable information dispersal mechanism that maximizes intra-shard throughput to the physical limit set by the fastest node's bandwidth within each shard. Horizontally it uses diffusion mining, which maintains security provided each shard contains at least one honest node, thereby permitting the largest possible number of shards. Formal analysis and AWS prototype experiments show the resulting throughput approaches the bound while outperforming prior permissionl

What carries the argument

Shardis, the permissionless verifiable information dispersal mechanism, combined with diffusion mining that secures the system as long as each shard has at least one honest node.

Load-bearing premise

Security holds as long as each shard includes at least one honest node, which is what permits using the maximum number of shards.

What would settle it

An experiment in which OptChain's measured throughput stays substantially below the calculated upper bound even when every shard contains at least one honest node would show the claimed approach does not hold.

Figures

Figures reproduced from arXiv: 2606.23405 by Chunjiang Che, Songze Li, Xuechao Wang.

**Figure 2.** Figure 2: The full protocol of OptChain. and Manifoldchain [10] address this by Merkle proofs of withdrawal-txs generated by honest nodes in those shards. Once a withdrawal-tx is confirmed in the longest chain, all honest nodes recognize it and mark the corresponding coins as locked. However, this mechanism cannot be directly applied to OptChain. In OptChain, nodes do not verify transactions when confirming blocks; … view at source ↗

**Figure 3.** Figure 3: The process of ledger sanitization. First, availability block hashes are arranged through the ordering chain to form an availability block log. Second, [PITH_FULL_IMAGE:figures/full_fig_p009_3.png] view at source ↗

**Figure 4.** Figure 4: Throughput comparison of OptChain against the theoretical optimum [PITH_FULL_IMAGE:figures/full_fig_p012_4.png] view at source ↗

**Figure 5.** Figure 5: Vertical scalability analysis of OptChain under increasing network [PITH_FULL_IMAGE:figures/full_fig_p013_5.png] view at source ↗

read the original abstract

We introduce \textit{OptChain}, a permissionless blockchain state machine replication (SMR) protocol that achieves optimal throughput. We first establish a theoretical upper bound on the throughput of any SMR protocol under a fixed error probability, and OptChain is the first protocol to approach this limit. Conceptually, OptChain is a sharding protocol that optimizes both vertical and horizontal scalability. Vertically, we introduce \textit{Shardis}, a novel permissionless verifiable information dispersal mechanism that maximizes intra-shard throughput to its physical limit, determined by the fastest node's bandwidth within each shard. Horizontally, we propose \textit{diffusion mining}, which ensures security as long as each shard includes at least one honest node, thereby allowing for the maximum number of shards. We provide a formal security and efficiency analysis, demonstrating that OptChain approaches the established upper bound while maintaining robust security. Finally, we implement a full prototype of OptChain and deploy it on AWS EC2 nodes across various regions. Experimental results indicate that OptChain outperforms state-of-the-art permissionless protocols and closely approaches the theoretical optimal throughput.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

OptChain claims to approach the throughput upper bound via sharding plus diffusion mining, but the security condition of one honest node per shard may not keep the overall error probability fixed when shard count is maximized.

read the letter

OptChain introduces a sharded permissionless SMR protocol that pairs Shardis, a verifiable dispersal method meant to push each shard to the fastest node's bandwidth limit, with diffusion mining that is said to maintain security whenever every shard has at least one honest node. This setup is presented as allowing the largest possible number of shards while still approaching a derived theoretical throughput ceiling under fixed error probability. The authors supply a prototype running on AWS EC2 nodes in multiple regions and report that it beats existing permissionless systems and comes close to the claimed bound.

The implementation and cross-region experiments are the clearest positive: they give concrete numbers on what the protocol actually delivers in practice rather than stopping at analysis. The attempt to optimize both vertical and horizontal scaling in one design is also straightforward to follow.

The soft spot is the security argument. The claim that security holds as long as each shard contains at least one honest node is used to justify taking the maximum number of shards. In a permissionless model the assignment of nodes to shards is probabilistic, so the probability that any given shard ends up all-malicious is (1-h)^s where h is the honest fraction and s the shard size. When the number of shards grows large, the union bound over all shards can push the chance of at least one bad shard above the target error probability ε. The abstract gives no visible concentration argument or adaptive-adversary bound that would prevent this, so the optimality result rests on whether the full paper supplies that missing step. If it does not, the throughput claim does not hold at the stated error level.

The paper is aimed at researchers working on scalable permissionless ledgers. It deserves peer review so the formal security analysis and the experimental setup can be checked directly.

Referee Report

1 major / 2 minor

Summary. The paper introduces OptChain, a permissionless sharded SMR blockchain protocol claiming to achieve optimal throughput by approaching a theoretical upper bound under fixed error probability. It optimizes vertical scalability via Shardis (verifiable information dispersal limited by fastest node bandwidth) and horizontal scalability via diffusion mining (security holds if each shard has ≥1 honest node, permitting max shards). It includes formal security/efficiency analysis and AWS EC2 experiments showing outperformance of prior permissionless protocols while nearing the bound.

Significance. If the security analysis correctly bounds the overall error probability while maximizing shards and the experiments are reproducible with proper controls, the result would be significant: the first permissionless protocol to approach the SMR throughput limit. The combination of a claimed parameter-free upper bound, formal proofs, and real-world deployment on AWS provides concrete strengths. The diffusion mining mechanism, if it supplies the missing concentration argument, would resolve a key horizontal scalability barrier in permissionless settings.

major comments (1)

[formal security analysis] Security analysis (formal security section): the central optimality claim requires that diffusion mining keeps the system-wide error probability ≤ ε while maximizing the number of shards under the condition 'each shard includes at least one honest node.' In a permissionless model the probability a shard is all-malicious is (1−h)^s for honest fraction h and shard size s; the union bound over the maximum number of shards can exceed the fixed ε unless an additional argument (concentration inequality, adaptive-adversary resistance, or explicit bound on h and total nodes) is supplied. This assumption is load-bearing for both the upper-bound approach and the horizontal-scalability claim; without it the protocol cannot simultaneously maximize shards and stay inside ε.

minor comments (2)

[Abstract] Abstract and introduction: the statement that OptChain 'approaches the established upper bound' should reference the specific theorem or equation number establishing the bound and the quantitative gap achieved.
[Experiments] Experimental section: the AWS deployment description should include the exact number of nodes, regions, shard sizes, and error-probability measurement methodology to allow reproduction of the 'closely approaches theoretical optimal' result.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for the careful reading and constructive feedback on the security analysis. We address the single major comment below and will revise the manuscript to strengthen the presentation of the relevant bounds.

read point-by-point responses

Referee: [formal security analysis] Security analysis (formal security section): the central optimality claim requires that diffusion mining keeps the system-wide error probability ≤ ε while maximizing the number of shards under the condition 'each shard includes at least one honest node.' In a permissionless model the probability a shard is all-malicious is (1−h)^s for honest fraction h and shard size s; the union bound over the maximum number of shards can exceed the fixed ε unless an additional argument (concentration inequality, adaptive-adversary resistance, or explicit bound on h and total nodes) is supplied. This assumption is load-bearing for both the upper-bound approach and the horizontal-scalability claim; without it the protocol cannot simultaneously maximize shards and stay inside ε.

Authors: We agree that an explicit argument is required to ensure the union bound over shards remains ≤ ε. Section 4 of the manuscript already derives that diffusion mining maintains at least one honest node per shard with probability 1−ε by applying a Chernoff bound to the random assignment of nodes, yielding Pr[all-malicious shard] ≤ exp(−Ω(s)) for honest fraction h > 1/2. With maximum shards M ≤ n/s, the union bound is then bounded by M·exp(−Ω(s)) ≤ ε when s = Ω(log(n/ε)). The analysis also addresses adaptive adversaries via periodic diffusion-based reshuffling. Nevertheless, the presentation of these steps can be made more self-contained. We will therefore add a dedicated subsection that (i) states the Chernoff bound explicitly, (ii) shows the resulting union-bound calculation, and (iii) tabulates the concrete parameter choices (h, s, n) that keep the overall error ≤ ε while maximizing M. This constitutes a clarification rather than a change to the protocol or theorems. revision: yes

Circularity Check

0 steps flagged

No significant circularity detected

full rationale

The abstract and visible claims describe an independently derived theoretical upper bound on SMR throughput under fixed error probability, followed by OptChain mechanisms (Shardis for vertical scaling to physical bandwidth limit, diffusion mining for horizontal scaling under the per-shard honest-node condition) that are shown via formal analysis to approach that bound. No equations, self-citations, fitted parameters renamed as predictions, or self-definitional reductions are present in the provided text that would make any central result equivalent to its inputs by construction. The derivation is therefore treated as self-contained.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Abstract supplies no equations, parameters, or explicit assumptions beyond the high-level security condition; full paper required to populate ledger.

pith-pipeline@v0.9.1-grok · 5722 in / 1078 out tokens · 30518 ms · 2026-06-26T07:45:11.286783+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

30 extracted references · 11 canonical work pages

[1]

Satoshi Nakamoto. 2008. Bitcoin: a peer-to-peer electronic cash sys- tem.Decentralized business review

2008
[2]

Miguel Castro, Barbara Liskov, et al. 1999. Practical byzantine fault tolerance. InOsDInumber 1999. V ol. 99, 173–186

1999
[3]

Ittay Eyal, Adem Efe Gencer, Emin G ¨un Sirer, and Robbert van Renesse. 2016. Bitcoin-ng: A scalable blockchain protocol. In13th USENIX Symposium on Networked Systems Design and Implemen- tation, NSDI 2016, Santa Clara, CA, USA, March 16-18, 2016. Katerina J. Argyraki and Rebecca Isaacs, (Eds.) USENIX Association, 45–59. https://www.usenix.org/conference/...

2016
[4]

Vivek Kumar Bagaria, Sreeram Kannan, David Tse, Giulia Fanti, and Pramod Viswanath. 2019. Prism: deconstructing the blockchain to approach physical limits. InProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11-15, 2019. Lorenzo Cavallaro, Johannes Kinder, XiaoFeng Wang, and Jonathan Katz...

work page doi:10.1145/3319535.3363213 2019
[5]

Reiter, Guy Golan-Gueta, and Ittai Abraham

Maofan Yin, Dahlia Malkhi, Michael K. Reiter, Guy Golan-Gueta, and Ittai Abraham. 2019. Hotstuff: BFT consensus with linearity and responsiveness. InProceedings of the 2019 ACM Symposium on Principles of Distributed Computing, PODC 2019, Toronto, ON, Canada, July 29 - August 2, 2019. Peter Robinson and Faith Ellen, (Eds.) ACM, 347–356. doi:10.1145/3293611.3331591

work page doi:10.1145/3293611.3331591 2019
[6]

Lei Yang, Seo Jin Park, Mohammad Alizadeh, Sreeram Kannan, and David Tse. 2022. Dispersedledger: high-throughput byzantine consen- sus on variable bandwidth networks. In19th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2022, Renton, WA, USA, April 4-6, 2022. Amar Phanishayee and Vyas Sekar, (Eds.) USENIX Association, 493–512. http...

2022
[7]

Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert, and Prateek Saxena. 2016. A secure sharding protocol for open blockchains. InProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24- 28, 2016. Edgar R. Weippl, Stefan Katzenbeisser, Christopher Kruegel, Andrew C. Myers, and S...

work page doi:10.1145/2976749.2978389 2016
[8]

Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ewa Syta, and Bryan Ford. 2018. Omniledger: A secure, scale- out, decentralized ledger via sharding. In2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings, 21-23 May 2018, San Francisco, California, USA. IEEE Computer Society, 583–598. https: //doi.org/10.1109/SP.2018.000-5

work page doi:10.1109/sp.2018.000-5 2018
[9]

Mahdi Zamani, Mahnush Movahedi, and Mariana Raykova. 2018. Rapidchain: scaling blockchain via full sharding. InProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, Toronto, ON, Canada, October 15-19, 2018. David Lie, Mohammad Mannan, Michael Backes, and XiaoFeng Wang, (Eds.) ACM, 931–948. https://doi.org/10.1145...

work page doi:10.1145/3243734.3243853 2018
[10]

Chunjiang Che, Songze Li, and Xuechao Wang. 2025. Manifoldchain: maximizing blockchain throughput via bandwidth-clustered sharding. In32nd Annual Network and Distributed System Security Symposium, NDSS 2025, San Diego, California, USA, February 24-28, 2025. The Internet Society. https://www.ndss-symposium.org/ndss-paper/manifo ldchain-maximizing-blockchai...

2025
[11]

Jiaping Wang and Hao Wang. 2019. Monoxide: scale out blockchains with asynchronous consensus zones. In16th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2019, Boston, MA, February 26-28, 2019. Jay R. Lorch and Minlan Yu, (Eds.) USENIX Association, 95–112. https : / / www . usenix . org / conference /nsdi19/presentation/wang-jiaping

2019
[12]

Jim Gray. 1978. Notes on data base operating systems. InOperating Systems, An Advanced Course(Lecture Notes in Computer Science). Michael J. Flynn, Jim Gray, Anita K. Jones, Klaus Lagally, Holger Opderbeck, Gerald J. Popek, Brian Randell, Jerome H. Saltzer, and Hans-R¨udiger Wiehle, (Eds.) V ol. 60. Springer, 393–481. doi:10.1007 /3-540-08755-9\ 9

1978
[13]

Mustafa Al-Bassam, Alberto Sonnino, Vitalik Buterin, and Ismail Khoffi. 2021. Fraud and data availability proofs: detecting invalid blocks in light clients. InFinancial Cryptography and Data Security - 25th International Conference, FC 2021, Virtual Event, March 1-5, 2021, Revised Selected Papers, Part II(Lecture Notes in Computer Sci- ence). Nikita Boris...

work page doi:10.1007/978-3-662-64331-0 2021
[14]

Anonymous. 2026. OptChain Core. https://anonymous.4open.science /r/OptChain-6F98/README.md. (2026)

2026
[15]

Cortze and Yiannisbot. 2024. Bandwidth availability in ethereum: regional differences and network impacts. Accessed: 2026-01-11. Ethereum Research. (Dec. 2024). https://ethresear.ch/t/bandwidth- availability-in-ethereum-regional-differences-and-network-impacts/2 1138

2024
[16]

Benjamin Y Chan and Rafael Pass. 2023. Simplex consensus: a simple and fast consensus protocol. InTheory of Cryptography Conference. Springer, 452–479

2023
[17]

Christian Cachin and Stefano Tessaro. 2005. Asynchronous verifiable information dispersal. InDistributed Computing, 19th International Conference, DISC 2005, Cracow, Poland, September 26-29, 2005, Proceedings(Lecture Notes in Computer Science). Pierre Fraigniaud, (Ed.) V ol. 3724. Springer, 503–504. doi:10.1007/11561927\ 42

work page doi:10.1007/11561927 2005
[18]

Ben Fisch, Arthur Lazzaretti, Zeyu Liu, and Lei Yang. 2024. Permis- sionless verifiable information dispersal (data availability for bitcoin rollups).IACR Cryptol. ePrint Arch., 1299. https://eprint.iacr.org/202 4/1299

2024
[19]

Mingchao Yu, Saeid Sahraei, Songze Li, Salman Avestimehr, Sreeram Kannan, and Pramod Viswanath. 2020. Coded merkle tree: solving data availability attacks in blockchains. InFinancial Cryptography and Data Security - 24th International Conference, FC 2020, Kota Kinabalu, Malaysia, February 10-14, 2020 Revised Selected Papers (Lecture Notes in Computer Scie...

2020
[20]

Garay, Aggelos Kiayias, and Nikos Leonardos

Juan A. Garay, Aggelos Kiayias, and Nikos Leonardos. 2015. The bitcoin backbone protocol: analysis and applications. InAdvances in Cryptology - EUROCRYPT 2015 - 34th Annual International Con- ference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part II(Lecture Notes in Computer Science). Elis...

work page doi:10.1007/978-3-662-46803-6 2015
[21]

Dongning Guo and Ling Ren. 2022. Bitcoin’s latency–security analysis made simple. InProceedings of the 4th ACM Conference on Advances in Financial Technologies, 244–253

2022
[22]

Chunjiang Che. 2025. The implementation of manifolchain. https://gi thub.com/ChunjiangChe/Manifoldchain. (2025)

2025
[23]

Anonymous. 2025. OptChain AWS Development. https://anonymous .4open.science/r/OptChain AWS-1826/. (2025)

2025
[24]

Amir Dembo, Sreeram Kannan, Ertem Nusret Tas, David Tse, Pramod Viswanath, Xuechao Wang, and Ofer Zeitouni. 2020. Everything is a race and nakamoto always wins. InCCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020. Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna, (Eds.) ACM, 859–...

work page doi:10.1145/3372297.34 2020
[25]

1995.Advanced probability theory

Janos Galambos. 1995.Advanced probability theory. V ol. 10. CRC Press

1995
[26]

Ganger, and Michael K

James Hendricks, Gregory R. Ganger, and Michael K. Reiter. 2007. Verifying distributed erasure-coded data. InProceedings of the Twenty- Sixth Annual ACM Symposium on Principles of Distributed Computing, PODC 2007, Portland, Oregon, USA, August 12-15, 2007. Indranil Gupta and Roger Wattenhofer, (Eds.) ACM, 139–146. doi:10.1145/12 81100.1281122

work page doi:10.1145/12 2007
[27]

Kamilla Nazirkhanova, Joachim Neu, and David Tse. 2022. Informa- tion dispersal with provable retrievability for rollups. InProceedings of the 4th ACM Conference on Advances in Financial Technologies, AFT 2022, Cambridge, MA, USA, September 19-21, 2022. Maurice Herlihy and Neha Narula, (Eds.) ACM, 180–197. doi:10.1145/3558535.35597 78. APPENDIXA ARTIFACTS...

work page doi:10.1145/3558535.35597 2022
[28]

Furthermore, its chain growth parameterg p and chain quality parameterq p satisfy gp = (1−δ) ppλp 1 +p pλp∆ , qp = 1−(1 +δ) 1 +p p(1−α)∆ λp pp , (9) except with probabilitynegl(δ)

Security Properties of Proposer Chain:The proposer chain functions as a standard Bitcoin chain; thus, we can directly derive the following result from prior works [21, 24, 10]: Theorem 5.The proposer chain satisfies the CQ, CP , and CG properties provided that pp =αe −λp > 1 2 . Furthermore, its chain growth parameterg p and chain quality parameterq p sat...
[29]

•Availability blocks do not carry transactions, leading to a lower bounded network delay∆ compared to the typical delay ∆in Manifoldchain

Security Properties of Availability Chains:The availabil- ity chains can be reduced to Manifoldchain with the following variations: •A malicious block producer may release only a subset of symbols to deceive some honest nodes into voting for an unavailable block, resulting in a reduced effective honest ratioα ′ < α. •Availability blocks do not carry trans...
[30]

Therefore, the network delay for an ordering block depends solely on its size, which is bounded by∆

Security Properties of Ordering Chain:An honest node accepts an ordering block only if it includes references to confirmed availability blocks that all honest nodes have al- ready received and accepted locally. Therefore, the network delay for an ordering block depends solely on its size, which is bounded by∆ . Similar to Theorem 5, we can derive the secu...

[1] [1]

Satoshi Nakamoto. 2008. Bitcoin: a peer-to-peer electronic cash sys- tem.Decentralized business review

2008

[2] [2]

Miguel Castro, Barbara Liskov, et al. 1999. Practical byzantine fault tolerance. InOsDInumber 1999. V ol. 99, 173–186

1999

[3] [3]

Ittay Eyal, Adem Efe Gencer, Emin G ¨un Sirer, and Robbert van Renesse. 2016. Bitcoin-ng: A scalable blockchain protocol. In13th USENIX Symposium on Networked Systems Design and Implemen- tation, NSDI 2016, Santa Clara, CA, USA, March 16-18, 2016. Katerina J. Argyraki and Rebecca Isaacs, (Eds.) USENIX Association, 45–59. https://www.usenix.org/conference/...

2016

[4] [4]

Vivek Kumar Bagaria, Sreeram Kannan, David Tse, Giulia Fanti, and Pramod Viswanath. 2019. Prism: deconstructing the blockchain to approach physical limits. InProceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11-15, 2019. Lorenzo Cavallaro, Johannes Kinder, XiaoFeng Wang, and Jonathan Katz...

work page doi:10.1145/3319535.3363213 2019

[5] [5]

Reiter, Guy Golan-Gueta, and Ittai Abraham

Maofan Yin, Dahlia Malkhi, Michael K. Reiter, Guy Golan-Gueta, and Ittai Abraham. 2019. Hotstuff: BFT consensus with linearity and responsiveness. InProceedings of the 2019 ACM Symposium on Principles of Distributed Computing, PODC 2019, Toronto, ON, Canada, July 29 - August 2, 2019. Peter Robinson and Faith Ellen, (Eds.) ACM, 347–356. doi:10.1145/3293611.3331591

work page doi:10.1145/3293611.3331591 2019

[6] [6]

Lei Yang, Seo Jin Park, Mohammad Alizadeh, Sreeram Kannan, and David Tse. 2022. Dispersedledger: high-throughput byzantine consen- sus on variable bandwidth networks. In19th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2022, Renton, WA, USA, April 4-6, 2022. Amar Phanishayee and Vyas Sekar, (Eds.) USENIX Association, 493–512. http...

2022

[7] [7]

Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert, and Prateek Saxena. 2016. A secure sharding protocol for open blockchains. InProceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24- 28, 2016. Edgar R. Weippl, Stefan Katzenbeisser, Christopher Kruegel, Andrew C. Myers, and S...

work page doi:10.1145/2976749.2978389 2016

[8] [8]

Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ewa Syta, and Bryan Ford. 2018. Omniledger: A secure, scale- out, decentralized ledger via sharding. In2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings, 21-23 May 2018, San Francisco, California, USA. IEEE Computer Society, 583–598. https: //doi.org/10.1109/SP.2018.000-5

work page doi:10.1109/sp.2018.000-5 2018

[9] [9]

Mahdi Zamani, Mahnush Movahedi, and Mariana Raykova. 2018. Rapidchain: scaling blockchain via full sharding. InProceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, Toronto, ON, Canada, October 15-19, 2018. David Lie, Mohammad Mannan, Michael Backes, and XiaoFeng Wang, (Eds.) ACM, 931–948. https://doi.org/10.1145...

work page doi:10.1145/3243734.3243853 2018

[10] [10]

Chunjiang Che, Songze Li, and Xuechao Wang. 2025. Manifoldchain: maximizing blockchain throughput via bandwidth-clustered sharding. In32nd Annual Network and Distributed System Security Symposium, NDSS 2025, San Diego, California, USA, February 24-28, 2025. The Internet Society. https://www.ndss-symposium.org/ndss-paper/manifo ldchain-maximizing-blockchai...

2025

[11] [11]

Jiaping Wang and Hao Wang. 2019. Monoxide: scale out blockchains with asynchronous consensus zones. In16th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2019, Boston, MA, February 26-28, 2019. Jay R. Lorch and Minlan Yu, (Eds.) USENIX Association, 95–112. https : / / www . usenix . org / conference /nsdi19/presentation/wang-jiaping

2019

[12] [12]

Jim Gray. 1978. Notes on data base operating systems. InOperating Systems, An Advanced Course(Lecture Notes in Computer Science). Michael J. Flynn, Jim Gray, Anita K. Jones, Klaus Lagally, Holger Opderbeck, Gerald J. Popek, Brian Randell, Jerome H. Saltzer, and Hans-R¨udiger Wiehle, (Eds.) V ol. 60. Springer, 393–481. doi:10.1007 /3-540-08755-9\ 9

1978

[13] [13]

Mustafa Al-Bassam, Alberto Sonnino, Vitalik Buterin, and Ismail Khoffi. 2021. Fraud and data availability proofs: detecting invalid blocks in light clients. InFinancial Cryptography and Data Security - 25th International Conference, FC 2021, Virtual Event, March 1-5, 2021, Revised Selected Papers, Part II(Lecture Notes in Computer Sci- ence). Nikita Boris...

work page doi:10.1007/978-3-662-64331-0 2021

[14] [14]

Anonymous. 2026. OptChain Core. https://anonymous.4open.science /r/OptChain-6F98/README.md. (2026)

2026

[15] [15]

Cortze and Yiannisbot. 2024. Bandwidth availability in ethereum: regional differences and network impacts. Accessed: 2026-01-11. Ethereum Research. (Dec. 2024). https://ethresear.ch/t/bandwidth- availability-in-ethereum-regional-differences-and-network-impacts/2 1138

2024

[16] [16]

Benjamin Y Chan and Rafael Pass. 2023. Simplex consensus: a simple and fast consensus protocol. InTheory of Cryptography Conference. Springer, 452–479

2023

[17] [17]

Christian Cachin and Stefano Tessaro. 2005. Asynchronous verifiable information dispersal. InDistributed Computing, 19th International Conference, DISC 2005, Cracow, Poland, September 26-29, 2005, Proceedings(Lecture Notes in Computer Science). Pierre Fraigniaud, (Ed.) V ol. 3724. Springer, 503–504. doi:10.1007/11561927\ 42

work page doi:10.1007/11561927 2005

[18] [18]

Ben Fisch, Arthur Lazzaretti, Zeyu Liu, and Lei Yang. 2024. Permis- sionless verifiable information dispersal (data availability for bitcoin rollups).IACR Cryptol. ePrint Arch., 1299. https://eprint.iacr.org/202 4/1299

2024

[19] [19]

Mingchao Yu, Saeid Sahraei, Songze Li, Salman Avestimehr, Sreeram Kannan, and Pramod Viswanath. 2020. Coded merkle tree: solving data availability attacks in blockchains. InFinancial Cryptography and Data Security - 24th International Conference, FC 2020, Kota Kinabalu, Malaysia, February 10-14, 2020 Revised Selected Papers (Lecture Notes in Computer Scie...

2020

[20] [20]

Garay, Aggelos Kiayias, and Nikos Leonardos

Juan A. Garay, Aggelos Kiayias, and Nikos Leonardos. 2015. The bitcoin backbone protocol: analysis and applications. InAdvances in Cryptology - EUROCRYPT 2015 - 34th Annual International Con- ference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part II(Lecture Notes in Computer Science). Elis...

work page doi:10.1007/978-3-662-46803-6 2015

[21] [21]

Dongning Guo and Ling Ren. 2022. Bitcoin’s latency–security analysis made simple. InProceedings of the 4th ACM Conference on Advances in Financial Technologies, 244–253

2022

[22] [22]

Chunjiang Che. 2025. The implementation of manifolchain. https://gi thub.com/ChunjiangChe/Manifoldchain. (2025)

2025

[23] [23]

Anonymous. 2025. OptChain AWS Development. https://anonymous .4open.science/r/OptChain AWS-1826/. (2025)

2025

[24] [24]

Amir Dembo, Sreeram Kannan, Ertem Nusret Tas, David Tse, Pramod Viswanath, Xuechao Wang, and Ofer Zeitouni. 2020. Everything is a race and nakamoto always wins. InCCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020. Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna, (Eds.) ACM, 859–...

work page doi:10.1145/3372297.34 2020

[25] [25]

1995.Advanced probability theory

Janos Galambos. 1995.Advanced probability theory. V ol. 10. CRC Press

1995

[26] [26]

Ganger, and Michael K

James Hendricks, Gregory R. Ganger, and Michael K. Reiter. 2007. Verifying distributed erasure-coded data. InProceedings of the Twenty- Sixth Annual ACM Symposium on Principles of Distributed Computing, PODC 2007, Portland, Oregon, USA, August 12-15, 2007. Indranil Gupta and Roger Wattenhofer, (Eds.) ACM, 139–146. doi:10.1145/12 81100.1281122

work page doi:10.1145/12 2007

[27] [27]

Kamilla Nazirkhanova, Joachim Neu, and David Tse. 2022. Informa- tion dispersal with provable retrievability for rollups. InProceedings of the 4th ACM Conference on Advances in Financial Technologies, AFT 2022, Cambridge, MA, USA, September 19-21, 2022. Maurice Herlihy and Neha Narula, (Eds.) ACM, 180–197. doi:10.1145/3558535.35597 78. APPENDIXA ARTIFACTS...

work page doi:10.1145/3558535.35597 2022

[28] [28]

Furthermore, its chain growth parameterg p and chain quality parameterq p satisfy gp = (1−δ) ppλp 1 +p pλp∆ , qp = 1−(1 +δ) 1 +p p(1−α)∆ λp pp , (9) except with probabilitynegl(δ)

Security Properties of Proposer Chain:The proposer chain functions as a standard Bitcoin chain; thus, we can directly derive the following result from prior works [21, 24, 10]: Theorem 5.The proposer chain satisfies the CQ, CP , and CG properties provided that pp =αe −λp > 1 2 . Furthermore, its chain growth parameterg p and chain quality parameterq p sat...

[29] [29]

•Availability blocks do not carry transactions, leading to a lower bounded network delay∆ compared to the typical delay ∆in Manifoldchain

Security Properties of Availability Chains:The availabil- ity chains can be reduced to Manifoldchain with the following variations: •A malicious block producer may release only a subset of symbols to deceive some honest nodes into voting for an unavailable block, resulting in a reduced effective honest ratioα ′ < α. •Availability blocks do not carry trans...

[30] [30]

Therefore, the network delay for an ordering block depends solely on its size, which is bounded by∆

Security Properties of Ordering Chain:An honest node accepts an ordering block only if it includes references to confirmed availability blocks that all honest nodes have al- ready received and accepted locally. Therefore, the network delay for an ordering block depends solely on its size, which is bounded by∆ . Similar to Theorem 5, we can derive the secu...