PRBC: A practical redactable blockchain incorporating chameleon hash functions with attribute control

Abstract

The introduction of a redactable blockchain overcomes the challenges posed by immutability, including the inability to correct erroneous data, delete private information, and regulate illegal content. In recent years, to achieve fine-grained control over the redaction permissions of transaction data, policy-based chameleon hash (PCH) functions and their various variants have been proposed and integrated into traditional blockchains to support transaction-level redacting. However, these solutions face the problem of permission abuse, where authorized users may transfer their permissions to unauthorized individuals driven by self-interest, leading to a loss of control over permissions. Additionally, the modifiability of block data results in the potential existence of multiple legitimate block versions at the same height, making it difficult for off-chain validators to verify the timeliness of blocks solely based on block height and timestamps. To address these issues, this paper introduces attribute-based policies and identity tracing mechanisms into the chameleon hash function, proposing a practical redactable blockchain called PRBC, with the formal definitions and security models. By employing several simple cryptographic tools, such as chameleon hash functions, threshold signatures, and identity lists, fine-grained control over redaction permissions, tracking of malicious user identities, and effective validation of block timeliness are achieved, along with a complete construction and rigorous security proof of the scheme. Finally, the prototype of PRBC is constructed on the Tendermint blockchain and compared with the state-of-the-art solutions. The comprehensive evaluation indicates that the solution presented in this paper offers superior performance.