1 Introduction

Conventional systems usually rely on a centralized entity to maintain and validate transactions among parties who do not trust each other. The process of centralization might weaken the security of the system as it grants control of data to a single entity, which may engage in unauthorized manipulation. In addition, centralization might result in a single point of vulnerability that could impact the overall availability of the system. Blockchain technology resolves these limitations through its decentralized, transparent, and immutable nature [1]. It functions as a decentralized and distributed ledger, securely recording transactions across multiple computers in a transparent manner. (In addition) It consists of connected blocks of transactions. Once a transaction is recorded in a block, it cannot be altered without modifying all subsequent blocks, promoting data immutability. While blockchain was initially adopted in cryptocurrencies, it can also be applied to various domains such as healthcare [2], finance [3], supply chain management [4], and real estate [5].

In the blockchain network, miners, also known as nodes, have the responsibility of adding new blocks of transactions to the blockchain ledger. Blockchain networks can be classified into two categories: public and private. In a public blockchain, each node has the ability to join the network, examine the data stored in the blockchain, initiate transactions, add new blocks, and verify existing ones. Due to the inclusion of both malicious and rational nodes in the network, it is necessary to implement a consensus mechanism in order to deter dishonest behavior and ensure security. One of the most prominent consensus methods for public networks is Proof-of-Work (PoW), which requires nodes to spend their processing resources to be able to build blocks and validate transactions.

This article aims to examine the security implications of PoW blockchains, specifically focusing on the stale block rate and the absence of the block verification process.

  • Stale block rate: The stale block rate is a crucial security metric for PoW blockchains, reflecting the proportion of rejected blocks due to conflicts. Miners compete to create the next block, and the consensus mechanism resolves conflicts using the longest-chain rule. Limiting the stale block rate is essential for maintaining an up-to-date and consistent blockchain ledger, enhancing security, and preventing malicious behaviors.

  • Absence of block verification: The security of PoW blockchains depends on miners accurately and honestly verifying recipient blocks and their associated transactions before incorporating them into their local blockchain ledger. However, some rational miners may choose to skip the block verification task in order to optimize their mining earnings by focusing on creating the next block. This behavior poses a risk to the security of the blockchain system by potentially permitting incorrect transactions to occur within the network.

The main contributions of this article are as follows.

  • Analytical model for PoW blockchains: We propose and implement a flexible model that utilizes the Performance Evaluation Process Algebra (PEPA) to study specific case studies of PoW blockchains. This model can be parameterized according to the case study at hand, which makes it a valuable tool for blockchain designers, architects, and analysts to achieve the ideal security level by determining the appropriate network and consensus settings. Additionally, it can be extended to analyze more complex situations, such as selfish mining or stubborn mining.

  • PoW security analysis and experiments: We conduct two distinct studies to analyze the security features of PoW blockchains, focusing on the stale block rate and the absence of block verification tasks. We perform extensive experiments to assess the sensitivity of security to various aspects, including the number of active miners, their mining hash rates, block interval time, block propagation latency, and block verification time. Unlike existing studies, we incorporate the number of active miners in our assessment of the stale block rate and investigate the impact of block propagation delay on the incentives received by rational miners who do not verify recipient blocks.

  • Exploring additional factors in PoW security analysis: Our research contributes to the existing body of knowledge on PoW security in several ways. Firstly, we investigate the influence of miner quantity on the stale block rate results. Secondly, we analyze the impact of block propagation delay on the fees received by rational miners. By considering these factors, our findings extend the results obtained in existing research, shedding light on how these factors can contribute to the overall understanding of PoW security.

This study contributes the following concrete insights from our experiments. Regarding the stale block rate, our findings indicate that the delay in block propagation and the duration of block intervals have a substantial impact on the proportion of stale blocks. A higher count of active miners in the network can lead to a slightly elevated occurrence of stale blocks. Due to the absence of block verification, we have observed that a shorter delay in block propagation and/or a lower mining hash rate can increase rewards for miners who skip the verification procedure. In contrast, extended periods for block intervals or validating blocks result in decreased incentives for miners who do not engage in the block verification process.

The organization of this article is as follows. Section 2 provides background information on PoW blockchains and their associated security considerations. Section 3 provides an overview of PEPA and its syntax. In Sects. 4 and 5, we provide our proposed model and describe how it was implemented using the PEPA tool. Additionally, we validate certain aspects of the model by comparing its results to findings from previous studies. In Sect. 6, we present the security outcomes in relation to the rate of stale blocks and the absence of block verification tasks. We examined previous research in Sect. 7 and provided a concise overview of our findings in Sect. 8.

2 Background

This section provides background information about blockchain technology and PoW blockchain systems. It also discusses the security of PoW blockchains, which is relevant to the work presented in this article.

2.1 Blockchain overview

Traditional systems often involve a centralized authority to manage and confirm transactions between non-trusting parties. This centralization can lead to vulnerabilities, such as unauthorized changes and a sole point of failure, along with high costs. Blockchain technology addresses these shortcomings by enabling a decentralized mode of operation where all participants maintain a collective history of all network activities. This ensures transparent, irreversible transactions without a central authority [1].

In a blockchain network, all transactional information is batched into distinct blocks, which are then chronologically chained together. Each block carries a unique cryptographic signature, making tampering difficult. This enhances security and prevents fraudulent activities like double-spending. Initially, blockchain technology was applied to digital currencies, with Bitcoin being the most common platform for this purpose [6]. Unlike Bitcoin, which has limitations in supporting advanced transactions, next-generation blockchain platforms like Ethereum [7] and Hyperledger Fabric [8] have enabled complex decentralized applications via smart contracts that can benefit various domains such as supply chain [9], cloud computing [10], healthcare [11, 12], Internet of Things [13, 14], and access control [15, 16]. These are essentially code snippets that execute automatically when certain conditions are met, and they are integrated into the blockchain for enforcement [17].

In the context of blockchain networks, there are primarily two kinds of setups based on the level of permission needed to participate: public and private networks [18, 19]. In a public blockchain framework, the requirement for trust between users or nodes is eliminated. Anyone can enter the network, inspect the blockchain’s data, initiate transactions, append new blocks, or validate existing ones. While this inclusivity offers its advantages, it does have drawbacks, mainly in operational efficiency in terms of transaction latency and throughput.

Because these networks are open to all, including potentially malicious and rational network nodes, the algorithms used for consensus, such as Proof-of-Work (PoW), are intentionally proposed to be computationally intensive. This acts as a form of security measure to deter such dishonest nodes from manipulating the system [20]. Well-known instances of open blockchain systems include, but are not limited to, Bitcoin, Zcash, and Ethereum. This paper focuses on open blockchain networks that rely on the PoW consensus algorithm.

2.2 How does PoW-based blockchain work?

In the context of PoW-based blockchain systems, special types of network nodes, referred to as miners, have the main responsibility of adding new blocks of transactions to the blockchain ledger. This intricate process unfolds as follows:

Transaction propagation: Network nodes initiate transactions and disseminate them across the blockchain network. Miners uphold a pool of pending transactions submitted by the participating nodes.

Block generation: Miners meticulously curate a selection of transactions from their respective pools. Subsequently, these transactions are embraced into a new block by miners by actively engaging in the PoW consensus algorithm to authenticate and append the freshly created block to the blockchain ledger. The PoW algorithm entails the resolution of computationally demanding puzzles as a validation process. Following the successful creation of a new block, miners disseminate it to other nodes within the network.

Block verification: Each receiving node undertakes the crucial task of verifying the integrity of blocks. This verification process encompasses two critical phases:

  • Block construction verification: Nodes rigorously assess the correctness of block construction by checking the PoW solution provided for the block.

  • Transaction verification: Nodes additionally authenticate all transactions enclosed within the block by executing them to ascertain their validity and correctness.

Consensus confirmation and miner compensation: Should most of the nodes within the network accept and embrace the received block in their blockchain copies and subsequently continue the process of blockchain extension, the block is conferred the status of confirmation and is formally integrated into the overarching global blockchain ledger. The miner who successfully manages the creation and incorporation of the block into the global blockchain ledger is rewarded for their endeavors. This compensation typically comprises freshly generated cryptocurrency coins along with transaction fees. The verification process assumes a pivotal role in protecting the integrity and security of the blockchain. The consensus mechanism ensures that a block attains permanence within the blockchain when a consensus majority is achieved.

2.3 PoW consensus mechanism

The role of consensus mechanisms in blockchain technology is critical, as they set the guidelines that nodes in the network must adhere to for establishing a unified blockchain state. These mechanisms also mitigate conflicts that might arise from delays in network communication. A variety of consensus methods have been discussed in academic research, catering to both public and private blockchains. These include, but are not limited to, PoW, PoS, and variations of Byzantine Fault Tolerance (BFT). PoW is predominantly used in public or permissionless blockchains, whereas BFT is generally applied to private or permissioned blockchains. For an in-depth understanding, one may refer to academic sources such as [21, 22].

In the realm of public blockchain networks, the PoW algorithm is the most common one. Here, a miner’s likelihood of adding new blocks to the decentralized blockchain ledger hinges on the amount of computational power they deploy. To mint a new block, miners have to engage in a resource-intensive guessing game that involves finding a specific random number, known as a nonce, which, when hashed with the block data, meets certain criteria known as block difficulty. This is essentially a competitive exercise; miners put their computational prowess against one another to discover the next hash value that fits within the set limits. Additionally, the level of difficulty in solving these problems can be modulated to manage the rate at which new blocks are produced.

There can be timing delays due to disseminating blocks through the network, creating instances where multiple versions of the blockchain exist. These discrepancies are known as forks, and they necessitate resolution. This is where consensus algorithms come in. They determine which version of the blockchain should be universally recognized. The longest blockchain typically serves as the authoritative record in the PoW model that blockchain networks use. There are alternative methods as well, such as the GHOST protocol [23], which prioritizes the blockchain with the most computational work done. Blocks that do not make it into the universally accepted blockchain ledger are usually discarded and are known as stale or orphan blocks. These blocks have no bearing on the ledger’s official state.

2.4 Security of PoW blockchains

In this section, we discuss the security aspects of PoW-based blockchains, including the stale block rate and lack of block verification.

2.4.1 Rate of stale blocks

The stale block rate is a crucial security metric for PoW blockchains, determining the proportion of rejected blocks in the blockchain network. Within PoW blockchains, miners engage in a competitive process to discover the subsequent block. Once a miner successfully generates a block, it will notify other nodes in the network about it. Nevertheless, due to the latency in disseminating the recently announced block, it is possible for other miners to successfully generate a rival block prior to being informed about the aforementioned block. This leads to different views of the blockchain record, commonly known as conflicts or forks. The consensus mechanism of PoW blockchains resolves conflicts by implementing the longest-chain rule. Any block that is not included in the longest chain is disregarded as a ’stale block’. Miners who mine stale blocks do not receive any rewards for such blocks. In contrast, Ethereum [7] proposed compensating miners for stale blocks if their blocks are referenced in subsequent blocks. The purpose of this is to strengthen the security of the system and provide compensation to miners.

To enhance security, it is crucial to limit the stale block rate by eliminating network conflicts. This ensures that all network nodes maintain an up-to-date and consistent version of the blockchain ledger, thus effectively thwarting malicious behaviors such as the duplication of transactions.

2.5 Lack of block verification

The security of PoW blockchains depends on miners accurately and honestly validating the recipient blocks and their embraced transactions before incorporating them into their local blockchain ledger. In PoW blockchains, it is anticipated that there will be rational miners who might decide not to perform the block verification task in order to maximize their mining earnings by concentrating on creating the next block. If miners refuse to perform the block verification task, the security of the blockchain system will be compromised, allowing for the occurrence of invalid transactions inside the network.

Blockchain security relies on the recipient miners’ verification of blocks. Nevertheless, the verification process necessitates an amount of time to be completed and is not awarded any form of compensation [24]. Consequently, miners, particularly those who are rational, may not perceive it as financially advantageous. Rational miners might decide to conserve the time spent on block verification in order to dedicate it to the mining process of the subsequent block, with the aim of maximizing their earnings. Simply stated, the decision depends on whether miners prioritize the security of the blockchain network or their own financial gains.

3 Performance evaluation process algebra (PEPA)

Performance modeling is a technique employed to analyze the behavior of systems, with a specific emphasis on timing and probability, in order to optimize the utilization of resources. Advanced modeling formalisms such as stochastic Petri nets, stochastic process algebras, and queuing networks are frequently employed to facilitate the construction of models. Nevertheless, neither approach offers abstraction mechanisms; queueing networks ensure compositionality without formality, whereas stochastic extensions of Petri nets ensure formality without compositionality [25].

Performance Evaluation Process Algebra, known as PEPA, is a formal language used for modeling and analyzing the performance of concurrent systems. It provides a structured way to describe the components of a system and their interactions, making it particularly useful for performance analysis and system design. In PEPA, the process can be represented as a continuous-time Markov chain and is used to create and examine models in a variety of systems for the purpose of performance assessment. Examples encompass security protocols [26, 27], healthcare systems, and resource allocation mechanisms [28].

The key features of PEPA that set it apart from other performance modeling approaches are numerous and distinct. One notable feature is compositionality, which enables the modeling of a system through the interactions of its subsystems, offering a modular approach. Additionally, formality ensures a rigorous semantic framework, providing precise definitions for all terms and thereby eliminating ambiguities. Another significant aspect is abstraction, which allows the construction of intricate models from individual components, permitting the omission of non-essential details when deemed appropriate. Furthermore, the separation of concerns facilitates the independent modeling of components and their interactions. Structure also plays a crucial role by imposing a clear and organized framework on models, enhancing their comprehensibility and ease of maintenance. The concept of refinement supports the systematic development of models by progressively detailing their specifications. Finally, reusability allows for the maintenance of a repository of model components, enabling their reuse in future projects [25]

PEPA represents systems as collections of components that participate in activities, where each component represents a system aspect or behavior. The frequency of each activity in the system is dictated by the corresponding rate for each action within that activity. The action rate is a stochastic variable that represents the duration of an activity, and it follows a negative exponential distribution . The rate \(\lambda \) can have positive values from the set of real numbers greater than or equal to zero or it can remain unspecified, denoted as \(\top \). When the rate is unspecified, it refers to a situation when the component lacks control over the rate of a certain operation. Thus, although the collaboration of the components may be required to perform the activity, the component itself is not actively involved in the task, and the activity’s rate is determined by other components.

PEPA facilitates various aspects of performance modeling, such as compositionality, formality, and abstraction. This technique allows for the efficient utilization of resources in modeling systems while ensuring effective and precise resource allocation.

3.1 The syntax of PEPA

The paper [29] provides a detailed and structured explanation of the PEPA syntax. However, for the purpose of this paper, a concise and less detailed summary will be sufficient. PEPA is a model specification language that consists of two main building blocks: components and activities. It has a small collection of combinators for establishing expressions that define the behavior of components based on their activities and interactions. Component interactions are expressed using PEPA syntax as follows [30]:

\(P::=(\alpha ,r).P \mid P\vartriangleright \!\!\!\vartriangleleft {L}Q \mid P+Q \mid P/L \mid \textit{X}\) \(\mid \textit{A}\)

The prefix represents the method utilized to form the behavior of the system components. The component \((\alpha ,r).P\) carries out the activity \((\alpha ,r)\), where \(\alpha \) denotes the action type and r represents an exponentially distributed duration with rate r (mean 1/r). After initiating the activity, the components behave as (P). The concept of choice \(P+Q\) indicates that the system can exhibit the behavior of component P or component Q, with a race condition governing which component is to be invoked.

Cooperation \(P \vartriangleright \!\!\!\vartriangleleft {L} Q\) is the interaction between components over shared activity, and the cooperation set defines the interaction between both components. If components do not have shared activity, they will proceed independently. The cooperation set impacts the behavior of the model. Hiding: P/L The element acts like P, but it conceals any actions of categories in the group L.

Fig. 1
figure 1

M/M/1/3 Queue

Full size image
Fig. 2
figure 2

The representation of the M/M/1/3 queuing model in PEPA

Full size image

To illustrate the representation of a simple system in PEPA, we referenced the M/M/1/N Queue depicted in Fig. 1. In this case, the service time follows an exponential distribution, and the arrival process is Poisson. There is just one server in the system. The number of possible buffer sizes is N = 3. In this scenario, task submissions go into a single queue, and the server uses First Come First Served (FCFS) to process them. The PEPA model of this system is depicted in Fig. 2.

4 Proposed model

Fig. 3
figure 3

The proposed model

Full size image

Figure 3 shows the generic form of our proposed model for estimating the security of PoW blockchains. The model captures the consensus and network layers within PoW blockchains through four different input parameters. We define these input parameters as follows:

  • Number of miners (N): miners are special types of network nodes that are responsible for creating new blocks.

  • Block interval time (\(B_t\)): a configurable parameter that determines the frequency of block creation within the network. It defines the amount of time in seconds between two successive blocks.

  • Block propagation delay (\(B_d)\): a configurable parameter to set the average time (in seconds) needed to propagate a block to the rest of the network nodes. The network delay rate (\(\beta \)) for block propagation is defined as follows.

    $$\begin{aligned} \beta = \frac{1}{B_{d}} \end{aligned}$$
    (1)

  • Block verification time (\(B_v\)): a configurable parameter to set the average time (in seconds) needed to verify a block. This time delay depends on the block size, as large blocks require more time for verification. The rate for block verification delay (\(\delta \)) is defined as follows.

    $$\begin{aligned} \delta = \frac{1}{B_{v}} \end{aligned}$$
    (2)

Based on the configured consensus and network parameters, we can measure the following security metrics from the proposed model, which are as follows:

  • Stale block rate (\(B_s\)): This is a security metric of PoW blockchain that indicates the existence of conflicts among miners. It can be measured as the percentage of rejected blocks in the network (blocks that do not make it in the longest chain), as follows.

    $$\begin{aligned} B_s = (1 - (B_t * T)) \end{aligned}$$
    (3)

    where T indicates the throughput of the create block action in our proposed PEPA model in Sect. 5.

  • Lack of block verification process (\(B_l\)): This security metric captures the behavior of rational miners who do not perform the block verification process. Instead, they aim to maximize their revenue by switching to the process of creating the next block. In our model, we can configure a miner to skip the verification process and then measure the percentage of gain the rational miner would receive. This can be easily done by returning to the process of creating a new block when a miner receives a block from other miners (or by making the verification time equal to zero for that miner). To measure the percentage of gain received by a rational (non-verifying) miner, we can compare the incentive a miner might receive when skipping the verification process with the case when the verification task is committed.

Fig. 4
figure 4

The PoW implementation of the proposed model

Full size image

The current model is abstracted to the block granularity. That is, transactions have not been considered. The PoW blockchain model proposed in this study is illustrated in Fig. 4. The model defines a group of autonomous network miners whose role is to generate and append new blocks to the blockchain ledger. Each miner controls a proportion of the overall hash power, which, in our model, must range between 0.0 and 1. The total hash power of all the miners in the network must sum to 1.

Mining is a process in which miners may engage in two distinct activities, namely block creation and block reception. Block creation pertains to the process of constructing new blocks. Once a miner discovers a new block, it is sent to the network, and the miner commences work on a new block. Block reception, on the other hand, involves the process of receiving and verifying blocks that have been proposed by other miners in the network. It is noteworthy that there is a network delay required before the block is received. Moreover, there is a verification delay required to authenticate the block by the recipient miner.

The block creation rate (\(\lambda \)) for a miner depends on the block interval time (\(B_t\)) and the miner’s hash power (\(\alpha \)), and it is computed as follows:

$$\begin{aligned} \lambda = \alpha \cdot \frac{1}{B_t} \end{aligned}$$
(4)

From Eq. (4), it is apparent that the values of \(B_t\) and \(\alpha \) can impact the rate at which blocks can be created by a miner in the network. Miners with a large \(\alpha \) are expected to generate more blocks in the network compared to those with small \(\alpha \), and vice versa. Similarly, when the value of \(B_t\) is small, miners can create more blocks in the network.

The block reception rate (\(\mu \)) for a miner is dependent on their hash power (\(\alpha \)) and the block interval time (\(B_t\)), and it is calculated as follows:

$$\begin{aligned} \mu =1- \frac{\alpha }{B_{t}} \end{aligned}$$
(5)

From Eq. (5), it is evident that miners with small \(\alpha \) are expected to receive more blocks from the network compared to those with large \(\alpha \), and vice versa. For instance, a miner with \(\alpha \) = 0.1 is likely to receive and verify approximately 90% of the network blocks. Similarly, when the value of \(B_t\) is small, miners are expected to receive more blocks from other miners in the network.

5 Model implementation in PEPA

We utilize the PEPA modeling tool [31] to implement the proposed model in PEPA. Figure 5 shows the PEPA representation for the proposed model where all miners operate autonomously in creating blocks as well as performing the verification process for recipient blocks. It can represent miners with different hash rates by adjusting the rate of \(\lambda \).

In our PEPA model, we have three main components: \(Miner_n\), \(RecBlock_n\), and \(VerifyBlock_n\).The \(Miner_n\) component represents the mining process in the blockchain network, where miners can engage in one of two possible activities: \((createBlock,\lambda )\) and \((reciveBlock,\mu )\). The former is for creating a block with rate \(\lambda \) and returning to the \(Miner_n\) component, while the latter activity is for receiving a block from the network with rate \(\mu \). When engaging in a block reception activity, miners switch to the \(RecBlock_n\) component to perform the \((networkDelay,\beta )\) activity. This activity with the associated rate represents a network delay for block transmission. Once a block is received after some network delay, miners then switch to the component \(VerifyBlock_n\) to perform the activity \((Verfification,\delta )\). This activity is to represent the time delay of rate \(\delta \) required to verify the recipient block.

Fig. 5
figure 5

A PEPA representation for autonomous miners with different hash rates

Full size image
Fig. 6
figure 6

A PEPA representation for autonomous miners with different hash rates

Full size image

Blockchain miners operate autonomously and do not engage in collaboration or interaction with one another during their actions. In PEPA, components will continue separately if they do not share an activity \(Miner_1 \vartriangleright \!\!\!\vartriangleleft {K} Miner_2\), where \(K =\varnothing \). As \(Miner_1\) and \(Miner_2\) share no activity K could be replaced with \(\varnothing \) to refer to empty set \(Miner_1 \vartriangleright \!\!\!\vartriangleleft {\varnothing } Miner_2\). For this situation, the parallel combinator shorthand is \(Miner_1 \parallel Miner_2\). To represent N identical miners synchronized over an empty set \(\vartriangleright \!\!\!\vartriangleleft {\varnothing }\), we can use a shorthand notation \(Miner_n[N]\), indicating N instances of component \(Miner_n\) in parallel. In the case of identical miners, the previous model could be written in a simple form as depicted in Fig. 6.

Fig. 7
figure 7

A PEPA representation for two autonomous miners with one miner neglecting the block verification process

Full size image

The model representation captured in Figs. 5 and 6 presumed that all miners operate with integrity and do not skip the block verification process. However, certain miners may opt not to perform the verification process. This behavior is demonstrated in the model by eliminating the VerifyBlock component and directly proceeding to the Miner component to resume mining. The model depicted in Fig. 7 illustrates two components for representing miners: VerifierMiner and NonVerifierMiner. The VerifierMiner component represents an honest miner who performs the verification process, while the NonVerifierMiner component neglects the block verification process.

5.1 Model validation

In this section, we intend to validate the outcomes from our proposed model with those of existing literature in terms of the percentage of stale blocks and the percentage of gain increase for rational miners. Such validation is essential to ensure the correct construction and functionalities of our proposed model.

Verification of the rate of stale blocks: We compare the stale block rate data generated from our proposed model with observations from peer-reviewed literature, as shown in Table 1. The authors of [32] established an observation node within the Bitcoin network to quantify the proportion of stale blocks. A total of 169 stale blocks were discovered out of the 10,000 observed blocks, resulting in a stale rate of 1.69%. Additionally, it takes approximately 12.6 s for a block to be transmitted to the majority of the network nodes. The authors of [33] performed a series of simulation experiments to examine alternative blockchain systems by altering block propagation latency and block interval time. The authors of [34] introduced a blockchain simulator capable of being customized to assess the proportion of stale blocks. It has been observed that there are variations in the outcomes reported in the current body of research. The disparities in the results might result from solely taking into account the block propagation delay and block interval time as influential factors. None of the current research has provided information regarding the total number of miners included. In this study, we demonstrate that the quantity of miners has a marginal impact on the rate of stale blocks, as emphasized in Section 6.1.

Table 1 Comparison of stale block rate results obtained from our proposed model and that from existing literature
Full size table

Despite this, the results obtained from our model somehow overestimate that of existing literature, with a difference of up to 20%. We urge that our model is very abstract and that there might be other factors that are not covered by our model.

Validation of lack of block verification: We analyze the percentage of gain increase obtained by miners who deviate from conducting the block verification process using our proposed model and compare it with the findings reported in earlier studies. The researchers in [35] conducted a series of simulation experiments to determine the extent to which a miner may increase their rewards by deviating from the block verification process. They considered many aspects that influenced the outcome, including the time interval between blocks, the block verification time, and the hash rate contributed to rational miners. The authors failed to consider the block propagation delay in their analysis, despite our demonstration in Sect. 6 that this factor can considerably impact the results.

In order to verify the results of our proposed model, we conduct experiments using the identical setups utilized in the study as in [1]. The comprehensive findings are analyzed in Sect. 6. The block interval time has been configured to 12.42 s, while the block verification time is fixed at 0.87 s. The block propagation delay is disregarded in [35], as it is given a value of zero. The outcome of our model and the model presented in [35] are presented in Table 2. We examine a range of hash rates for rational miners, varying from 5 to 40%. Our model can replicate the findings described in the existing literature.

Table 2 A comparison between our proposed model and an existing study in terms of the percentage of gain increase received by rational miners
Full size table

6 Results

In this section, we present the security implication results of PoW blockchains concerning stale block rates and lack of block verification. For stale blocks, we consider multiple factors that potentially contribute to the results such as the number of miners, block propagation delay, and the interval time between blocks. Concerning the lack of block verification process, we present the result by exploring to what extent rational miners could financially benefit when avoiding the verification process. We consider various factors that may impact the results, embracing block propagation delay, the hash rate of miners, block interval time, and block verification time.

We provide a summary of the main findings that have been derived from our discussion as follows:

Stale block rate: We found that block propagation delay and block interval time can significantly impact the percentage of stale blocks. Blockchain implementations (e.g., Ethereum) that set a small interval time between consecutive blocks can lead to an increase in stale block rate figures. Similarly, the stale block rate rises if block dissemination takes longer to be received by other network nodes. The number of active miners in the network can result in a slightly higher rate of stale blocks.

Lack of block verification: We found that block propagation delay, block intervals, verification times, and hash rate of miners can all contribute to the percentage of gain increase for rational miners. The rewards miners would receive by not executing the verification process are expected to increase when the block propagation delay and/or the block interval time are relatively small. Similarly, the rewards are expected to rise for miners with low mining hash rates. On the contrary, large block verification time can lead to higher gains for rational miners.

6.1 Stale rate results

Figures 8 and 9 show the stale block rate results, considering different configurations of the number of network miners, block propagation delay, and block interval time. To the best of our knowledge, our work is the first of its kind to analyze and discuss the impact of the number of miners on the stale block rate within PoW blockchains. Figure 8 shows the impact of each factor on the stale block rate results, while Fig. 9 illustrates how different combinations of these factors can impact the stale rate results.

Impact of the number of miners: Figure 8a shows the effect of the number of miners on the stale block rate. We set the block interval time to 12 s and the block propagation delay to 2 s. From the figure, we can observe that the percentage of stale blocks increases slightly when the number of network miners increases. For instance, the percentage is increased from around 11.76–14.28% when the number of miners is increased from 5 to 5000 (about 21% increase). This somehow is anticipated as miners work independently of each other. In other words, multiple miners might manage to find the next block before hearing of each other blocks. However, when the number of miners goes beyond 50, the stale block rate is somehow stable. The percentage of stale blocks would only increase by about 1.7% when increasing the number of miners from 50 to 5000.

Impact of block propagation delay: Figure 8b shows the effect of the block propagation delay on the stale block rate. We note that the block propagation delay can be impacted by various factors, but mainly by the block size [36]. The larger the block the more time delay is required to propagate it to the network nodes. This figure shows the impact of different block sizes on the percentage of stale blocks. We set the block interval time to 12 s and the number of miners to 50. From Fig. 8b, we can observe that the percentage of stale blocks increases significantly when the block propagation delay increases. For instance, the percentage of stale blocks is increased from 7.6 to 39.5% (about 420% increase) when the block delay is increased from 1 to 8 s. To that end, the block size is a key factor that contributes to the stale block ratio.

Impact of block interval time: Figure 8c shows the effect of the block interval time on the stale block rate. The block interval time is controlled by the block difficulty within the PoW mechanism to specify the period between each two consecutive blocks. We set the block propagation delay to 2 s and the number of miners to 50. From the figure, we can observe that the percentage of stale blocks decreases significantly when the block interval time increases. For instance, the percentage of stale blocks is decreased from 14 to 0.3% (about 97% decrease) when the block interval time is increased from 12 to 600 s. This indicates that significant block interval times can lead to a lower rate of stale blocks, which in turn improves the security of the blockchain system.

Fig. 8
figure 8

The stale block rate results for different configurations of a number of miners, b block propagation delay, and c block interval time

Full size image
Fig. 9
figure 9

The stale block rate results for different combinations of contributing factors. The x-axis shows the block propagation delay and the y-axis shows the stale block rate. Each sub-plot captures the results for a particular setting in terms of number of miners (N). The colorful curves in each plot represent the interval time (\(B_t\)) in seconds between successive blocks

Full size image

Based on our analysis, we draw the following conclusions. Firstly, a large number of miners in the blockchain network can lead to an increase in the stale block rate, which is expected as miners operate independently of each other. Similarly, significant block propagation delays within the network can substantially increase the stale block rate. This can be attributed to large block sizes or inefficient broadcast protocols. Improving the network broadcast protocol and/or limiting the size of blocks can both help minimize the occurrence of stale block rates. On the other hand, a longer block interval time results in lower stale block rates, thereby enhancing the security and efficiency of the blockchain. That is, blockchain designers should ensure an appropriate amount of time between the creation of consecutive blocks to reduce conflicts within the network.

6.2 Lack of block verification results

In this section, we intend to show to what extent rational miners can benefit from avoiding the block verification process. In our model-based analysis, we consider four factors that can contribute to the gain of rational miners: block propagation delay, block interval time, block verification time, and the hash rate of miners. To the best of our knowledge, there has been no work in the literature that considers the effect of the block dissemination delay on the revenue received by rational miners.

Figures 10 and 11 show the percentage of gain a miner would receive by not performing the verification process. The x-axis represents the block propagation delay, while the y-axis represents the percentage of gain increase for rational miners. The colorful curves in the plots of both figures represent the percentage of the hash rate controlled by the rational miners. In Fig. 10, each plot shows the results for a particular block interval time (in seconds). We use a fixed block verification time of 0.87 s. In Fig. 11, each plot shows the obtained results for various settings of block verification time (in seconds). We consider a fixed block interval time of 12.42 s.

From Figs. 10 and 11, we can observe that miners always gain more reward when skipping the verification process as opposed to verifying miners. This implies that rational miners might not verify the network blocks, which in turn exploit the security of the system as invalid transactions can take place.

Fig. 10
figure 10

The percentage of incentive increase a miner would receive by avoiding the verification process. Each plot captures a different setting of block interval time (in seconds). The colorful curves in each plot represent the percentage of the hash rate (\(\alpha \)) controlled by the rational miners

Full size image
Fig. 11
figure 11

The percentage of incentive increase a miner would receive by avoiding the verification process. Each plot captures a different setting of block verification time (in seconds). The colorful curves in each plot represent the percentage of the hash rate (\(\alpha \)) controlled by the rational miners

Full size image

Impact of block propagation delay: From both figures, we can conclude that the gain received by miners for not verifying blocks decreases with the increase of the block propagation delay. That means when the size of network blocks is large, the benefit from this rational behavior is negatively impacted. Considering a block interval time of 6 s, for instance, the percentage of gain for a rational miner with \(\alpha =5\%\) decreases by over 50% when the block delay is 8 s compared to the case when there is no block delay at all. Previous studies such as [35, 37] only show the best-case scenario results as they do not account for block propagation delays. We contribute to the existing literature by demonstrating to what extent the result figures can be diminished when the block propagation delay is considered.

Impact of miner’s hash rate: We can see that miners with small hash rates can benefit more from this behavior compared to those with large hash rates. As shown in Fig. 10, a miner with \(\alpha =5\%\) would increase their received reward by almost 14% when the block interval time is at 6 s and block delay of 2 s, while a miner with \(\alpha =40\%\) can only increase their revenue by about 9%. This observation is expected and aligned with the results presented in the existing work. Miners with small hash rates are expected to receive and verify more blocks as opposed to those with large hash rates. For instance, a miner with \(\alpha =5\%\) can receive and verify 95% of all blocks generated in the network. That is, when miners with a low hash rate do not execute the verification process, they would save more time that can be used for mining the next blocks to maximize their financial rewards.

Impact of block interval time: Figure 10 illustrates the effect of block interval time on the percentage of gain increase miners would receive from skipping the verification process. We can observe that increasing the block interval time results in less gain for miners who avoid the verification process. This is because the frequency at which blocks are created in the network is minimized. Considering a block delay of 2 s, for instance, a rational miner with \(\alpha =5\%\) could only rise their revenue by 4.81% when the block interval time is at 15.3 s, while the fraction of reward increase can reach about 10.46% when the block interval time is at 6 s. That is, increasing the block interval time can lead to a reduction of the gain received by rational miners and thus mitigate this behavior.

Impact of block verification time: Figure 11 shows the impact of block verification time on the percentage of gain increase miners would receive from skipping the verification process. The more time is required by miners to verify blocks, the more benefit rational miners would gain. This is expected since rational miners would utilize the verification time to build the next block, increasing their chances of winning it. Considering a block delay of 2 s, the percentage of gain increase for rational miners with \(\alpha =5\%\) is about 21% when the block verification time is at 3.18 s, compared to only 3% when the verification time is 0.46 s.

Based on our analysis, we draw the following conclusions. Firstly, rational miners can achieve optimal benefits from not verifying recipient blocks under the following conditions: when the block propagation delay is negligible, when their hash rate is small, when the block interval time is small, and when the block verification time is large. To diminish the profitability of rational miners, it is crucial to ensure a sufficiently large block interval time and minimize the time required for block verification.

7 Related work

In this section, we present the state-of-the-art literature regarding the security of PoW blockchains. In particular, we focus on two security aspects of PoW blockchains, namely, the stale block rate and the lack of block verification.

Existing literature on stale block rate: Several research studies examine and analyze the frequency of stale blocks in PoW blockchains. The authors of [32] established an observation node within the Bitcoin network to quantify the proportion of stale blocks. A total of 169 stale blocks were discovered out of 10,000 observed blocks, resulting in a stale rate of 1.69%. Additionally, it takes approximately 12.6 s for a block to be propagated to the majority of network nodes. The authors of [33] performed a series of simulation experiments to examine alternative blockchain implementations. These experiments involved altering block propagation delay and block interval time to capture different configurations. The authors of [34] introduced a blockchain simulator capable of being customized to assess the proportion of stale blocks. The authors of [38] performed simulation experiments to examine the scalability of PoW blockchains, particularly analyzing the effects of block interval time and block propagation delay. They demonstrated to what extent the performance of blockchains can be enhanced by shortening the block interval time while maintaining the security of blockchains. In other words, they evaluated the balance between the rate of stale blocks and the speed of transaction processing for several setups comprising block interval duration and block propagation delay. To mitigate the implications of stale blocks, the Ethereum network introduces the uncle blocks mechanism to reward miners whose blocks are discarded due to block delays [7]. Various studies, such as [39], examine the impact of this mechanism on the blockchain network’s security.

Table 3 A comparison summary of related work on stale block rates
Full size table

However, the majority of previous studies focus on examining and presenting findings on the rate of stale blocks, considering both the block interval time and the block propagation delay. To the best of our knowledge, there has been no study that takes into account the quantity of competing miners and its impact on the rate of stale blocks. Furthermore, most research studies employ modeling or measurement methodologies to reach their conclusions. Both simulation and measurement methods need significant computational resources and effort. Our contribution to the existing literature is twofold. Firstly, we analyze the influence of the number of miners on the rate of stale results. Additionally, we employ a model-based approach using a performance modeling tool called PEPA, which offers the advantage of generating outputs more rapidly compared to simulation-based tools. Table 3 provides a comparative summary of the factors considered in related work and our study.

Existing literature on lack of block verification: In the existing literature, several studies have investigated different selfish mining strategies that miners can exploit to increase their profits. For instance, in [40], the authors introduce various selfish mining strategies aimed at maximizing attackers’ mining incentives while minimizing those of honest miners, using reinforcement learning to identify optimal attack strategies under different conditions. The study demonstrates significant revenue increases even for attackers with small hash powers. Another study, [41], proposes a Markov chain model to estimate the profitable threshold for multiple selfish miners based on their hash powers. However, these studies primarily focus on the profitability of selfish mining strategies based on hash powers, without considering network and consensus parameter configurations such as block interval time, block propagation delay, and block verification time.

Furthermore, there are several studies that study the lack of block verification as a strategy exploited by selfish miners to maximize their incentives. The authors in [24] are the first to raise this issue in PoW blockchains. They referred to it as the ’Verifier’s Dilemma’ whereby miners should freely support the security of the network by verifying the recipient blocks honestly or avoid the verification process to save time that can be allocated for the rewarded task, which is the mining of new blocks. They stated that this argument is especially correct in blockchain, which supports the execution of smart contracts. This is because miners in such blockchains have to execute all smart contract transactions embedded in the blocks to verify them. In addition, they claimed that this issue is expected to exacerbate when the block size increases. A large block may contain more transactions, increasing the time required to accomplish the verification process. More recent quantitative studies have been conducted to estimate the financial benefit (in terms of reward) miners can obtain from not performing the verification task. In [35], the authors conducted various simulation experiments to estimate the percentage of gain a rational miner can receive. They consider different configurations of block interval time, block verification time, and mining hash rates. In addition, they derive mathematical equations to estimate the results as an alternative to running simulation experiments. To address the impact of this behavior, they proposed parallel transaction validation to reduce the time required for the verification task and suggested the inclusion of incorrect blocks as a penalty for selfish miners. Similarly, the authors in [37] utilize the PEPA modeling tool to estimate the gain for rational miners. Their findings are aligned with those reported in [35]. In [42], the authors proposed a game theory model to estimate the gains received by selfish miners in the presence of invalid blocks in blockchain networks, considering different configurations of block interval time, block verification time, and mining hash rates.

Table 4 A comparison summary of related work on block verification
Full size table

However, existing studies have not considered block propagation delay as a factor contributing to the impact of the lack of block verification on the profitability of selfish miners. In this work, we contribute to the existing literature by considering the impact of block propagation delay on the financial advantages for rational miners. We show that the results of the existing literature overestimate the advantages of rational miners, as discussed in Sect. 6. Table 4 provides a comparative summary of the factors considered in related work and our study.

8 Conclusion

In this paper, we make several significant contributions. Firstly, we introduce an analytical model designed to capture the core functionality of PoW blockchains. The proposed model is implemented using the PEPA tool to assist blockchain designers, architects, and analysts in studying the security aspects of existing PoW blockchain systems and achieving the desired security level by identifying appropriate network and consensus settings. Secondly, we conduct two distinct studies using the proposed model to examine the security features of PoW blockchains, focusing on the stale block rate and the absence of block verification tasks. Thirdly, we conduct comprehensive experiments to assess the sensitivity of security to various factors, including the number of active miners and their mining hash rates, the duration between blocks, the latency in block propagation, and the time required for block verification. Lastly, our work contributes to and expands upon the existing body of research in the field, presenting the first analysis of the impact of miner quantity on the rate of stale results as well as the first analysis of the influence of block propagation delay on the fees received by rational miners who do not verify recipient blocks.

The conclusions of our investigation are obtained by the execution of extensive experiments, which take into account various aspects, including the number of miners, block interval time, block propagation delay, and block verification time, all of which might influence the results. The primary conclusions can be summarized as follows. Regarding the rate of stale blocks, our findings indicate that both the delay in propagating blocks and the duration between blocks might have a considerable impact on the percentage of stale blocks. A higher number of active miners in the network can lead to a slightly increased occurrence of stale blocks. Due to the absence of block verification, we have seen that a shorter delay in block propagation and/or a lower mining hash rate can lead to increased rewards for miners who neglect the verification process. In contrast, extended periods of time required between blocks and validating huge blocks result in increased incentives for miners who do not perform block verification.

In our future work, we aim to expand the proposed analytical model to encompass various aspects of PoW blockchains, including transactions and network broadcast protocols. Additionally, we intend to incorporate different mining strategies and potential attacks, such as eclipse and 51% attacks. Furthermore, we plan to generalize the model by considering various consensus protocols, such as PoS, and their security implications. This will enhance the generality of the proposed model, ensuring it is not solely designed for PoW blockchains.