An academic report that shows differences between Ripple and Bitcoin

Security: Similar to Bitcoin, Ripple relies on ECDSA signatures to ensure the authenticity and non-repudiation of transactions in the system. Furthermore, since Ripple is an open payment system (like Bitcoin), all transactions and their orders of execution are publicly available. This ensures the detection of any

double-spending attempt (and of malformed transactions). In Ripple, validating servers check the log of all transactions in order to select and vote for the correct transactions in the system. In this way, Ripple adopts a voting scheme across all validating servers (one vote per each validating server); the transactions for which (80% of) the validators agree upon are considered to be valid .

Ripple Tech claims it is easy to identify colluding validators and recommend users to choose a set of heterogenous validators which are unlikely to be coerced as a group and are unlikely to collude. Notice that if validators refuse to come to a consensus with each other, this is detectable by other validators, which then pronounce the network broken. In this case, the only way to resolve the problem would be to manually analyze the signed validations and proposals to see which validators were being unreasonable and for all honest participants to remove those validators from the UNLs (i.e., from the lists of validators they try to come to a consensus with). As far as we are aware, there is no formal security treatment of the correctness of Ripple’s consensus protocol; this protocol has recently received some criticism .

As we show that the current choice of parameters does not prevent the occurrence of forks in the system, and we give a necessary and sufficient condition to prevent any fork in the system. In contrast, Bitcoin security has been thoroughly investigated in numerous studies, and as such is better understood than Ripple. In Bitcoin, transaction security is guaranteed by means of Proof of Work (PoW) which replaces the vote per validating server notion of Ripple, with a vote per computing power of the miners that are solving the PoW. Unlike Ripple, once transactions are confirmed in the global ledger (i.e., once transactions receive six confirmation blocks), it is computationally infeasible to modify these transactions . In contrast, in Ripple, if at any instant in time the majority of the validating servers becomes malicious, then they can rewrite the entire history of transactions in the system.

Recall that, at the time of writing, there are only a handful of Ripple validating servers which are mostly maintained by the Ripple ; if these servers are

compromised, then the security of Ripple is at risk. Fast Payments: In Bitcoin, payments are confirmed by means of PoW in Bitcoinblocks every 10 minutes on average. A study has shown that the generation of Bitcoin blocks follows a geometric distribution with parameter 0.19.

This means that, since transactions are only confirmed after the generation of six consecutive blocks, then a payment is only confirmed after 1 hour on average. Although Bitcoin still recommends merchants to accept fast payments—where the time between the exchange of currency and goods is short (i.e., in the order of few seconds), several attacks have been reported against fast payments in Bitcoin; a best-effort countermeasure has also been included in the Bitcoin client .

Unlike Bitcoin, Ripple inherently supports fast payments. Almost all ledgers are closed within few seconds; this also suggests that payments in Ripple can be verified after few seconds from being executed.

Privacy and Anonymity: Ripple and Bitcoin are instances of open payment systems. In an open payment system, all transactions that occur in the system are publicly announced. Here, user anonymity is ensured through the reliance on pseudonyms and/or anonymizing networks, such as TOR. Users are also expected to have several accounts (corresponding to different pseudonyms) in order to prevent the leakage of their total account balance. Notice that, in Bitcoin, transactions can take different inputs, which originate from different accounts. This is not the case in Ripple, in which payments typically have a single account as input. Although user identities are protected in Ripple and Bitcoin, the transactional behavior of users (i.e., time and amount of transactions) is leaked in the process—since transactions are publicly announced in the system. In this respect, several recent studies have shown the limits of privacy in open payment systems. There are also several proposals for enhancing user privacy in these systems; most proposals leverage zero-knowledge proofs of knowledge and cryptographic accumulators in order to prevent tracking of expenditure in the network. Although most of these studies focus on the Bitcoin system, we argue that they equally apply to Ripple. Recently, a secure privacy-preserving payment protocol for credit networks which provides transaction obliviousness has been proposed .

Clients, Protocol Update, and Maintenance: Both Ripple and Bitcoin are currently open source, which allows any entity to build and release its own software client to interface with either systems. The official clients for Bitcoin and Ripple are however maintained and regularly updated by the Bitcoin foundation,

and Ripple respectively. Bitcoin clients can also run on resource-constrained devices such as mobile phones—owing to the simple payment verification of Bitcoin . As far as we are aware, there exists no secure lightweight version of Ripple.

Notice that all changes to the official Bitcoin client are publicly discussed in online forums, well justified, and voted on amongst Bitcoin developers. This process is however less transparent in Ripple.

((De-)Centralized Deployment: Ripple and Bitcoin leverage completely decentralized protocols. Nevertheless, a recent study has shown the limits of decentralization in the current deployment of Bitcoin; here, it was shown that only a handful of entities can control the security of all Bitcoin transactions [18]. We argue that the current deployment of Ripple is also centralized. At the time of writing, most validating servers are run by Ripple company. Although there are few other servers that are run by external entities, the default list of validating servers for all clients point to the ones maintained by Ripple . This also suggests that Ripple can control the security of all transactions that occur in the Ripple system. Moreover, Ripple and its founders retain a considerable fraction of XRPs; this represents the largest holdback of any crypto-currency and suggests that Ripple can currently effectively control Ripple’s economy. We contrast this to Bitcoin, where the current system deployment is not entirely decentralized, yet the entities which control the security of transactions, the protocol maintenance and update, and the creation of new coins are distinct .

In Ripple, the same entity, Ripple , controls the fate of the entire system.

Authors Frederik Armknecht, Ghassan O. Karame, Avikarsha Mandal , FranckYoussef and Erik Zenner

Download Paper ripplevsbitcoin