Controlled Redactable Blockchain Based on T-Times Chameleon Hash and Signature

Immutability is widely recognized as one of the blockchain's key security attributes. However, in recent years, incidents involving the use of blockchain for disseminating illegal or malicious information have raised concerns over its strict immutability. To address these issues, redactable blockchains are proposed as a novel solution, permitting authorized content redactions without compromising the structural integrity of the blockchain. Unfortunately, current solutions are unable to restrict the abuse of redaction privilege, except for relying on a trusted authority or committee, which contradicts the trustlessness principle of blockchain. In this paper, we propose a controlled redactable blockchain protocol that allows for a limited number of redactions and supports a transparent setup. The cryptographic tools enabling this functionality are our proposed t-times chameleon hash (t-CH) and signature (t-CS) schemes, where generating more than t collisions will expose the trapdoor. We present security models, discrete logarithm-based instantiations, and formal security proofs for both t-CH and t-CS. Subsequently, we present the construction of our redaction protocol in both permissioned and permissionless settings. Finally, we experimentally demonstrate the effectiveness of the proposed protocol in practice.