Scalable Off-Chain Auctions
Mohsen Minaei
Network and Distributed System Security (NDSS) Symposium 2026 · Day 3 · Attacks
Running sealed-bid auctions on public blockchains like **Ethereum** faces a fundamental scalability problem: every bid requires an on-chain transaction, causing gas costs to grow linearly with the number of bidders. The current state of the art, **RCTC (CCS 2023)**, hits the Ethereum block gas limit with just **20 bidders**. This talk presents a new protocol that scales sealed-bid auctions to **1,000+ bidders** with constant on-chain cost when all parties behave honestly, and O(K) cost when K bidders misbehave. The protocol achieves **full post-auction privacy** (only the winning bid is revealed), **financial fairness** through collateral and covenants, and delivers a **50x improvement** over RCTC in gas costs. The key insight is that combining **Programmable Payment Channels (PPCs)** for off-chain execution, **zk-SNARKs** for zero-knowledge winner verification, and **covenant contracts** for on-chain dispute resolution provides better scalability than deploying heavy cryptographic primitives directly on-chain.
AI review
A well-engineered blockchain auction protocol that achieves impressive scalability through off-chain execution and zk-SNARKs. Solid applied cryptography work, but entirely in the blockchain/financial protocol space with no relevance to offensive security, vulnerability research, or defensive operations.