Constant-Round Linear-Broadcast Secure Computation with Penalties. (arXiv:2206.06010v2 [cs.CR] UPDATED)

It is known that Bitcoin enables achieving fairness in secure computation by
imposing monetary penalties on adversarial parties. This functionality is
called secure computation with penalties. Bentov and Kumaresan (Crypto 2014)
introduced the claim-or-refund functionality that can be implemented via
Bitcoin. They achieved secure computation with penalties with $O(n)$ rounds and
$O(n)$ broadcasts for any function, where $n$ is the number of parties. After
that, Kumaresan and Bentov (CCS 2014) showed a constant-round protocol.
Unfortunately, this protocol requires $O(n^2)$ broadcasts. …

computation