July 2020 list
If you feel a paper should belong to another category, or that we missed a relevant paper just let us know. Participation is most welcome!
Categories:
- Attacks and defenses
- Blockchain-general
- Blockchain-noncrypto uses
- Financial
- Internet of Things (IoT)
- Mathematical
- Proof of Work (PoW) alternatives
- Smart contracts
Attacks and defenses
Don’t Fish in Troubled Waters! Characterizing Coronavirus-themed Cryptocurrency Scams
Authors: Pengcheng Xia, Haoyu Wang, Xiapu Luo, Lei Wu, Yajin Zhou, Guangdong Bai, Guoai Xu, Gang Huang, Xuanzhe Liu
Abstract: As COVID-19 has been spreading across the world since early 2020, a growing number of malicious campaigns are exploiting the COVID-19 pandemic. Cryptocurrency has attracted great attentions from attackers in this pandemic, namely, COVID-19 themed cryptocurrency scams are increasingly popular during the pandemic. However, these newly emerging scams are poorly understood by our community. In this paper, we present the first measurement study of COVID-19 themed cryptocurrency scams. We first create a comprehensive taxonomy of COVID-19 scams by manually analyzing the existing scams reported by users from online resources. Then, we propose a hybrid approach to perform the investigation by: 1) collecting reported scams in the wild; and 2) detecting undisclosed ones based on information collected from suspicious entities (e.g., domains, tweets, etc). We have collected 195 confirmed COVID-19 cryptocurrency scams in total, including 91 token scams, 19 giveaway scams, 9 blackmail scams, 14 crypto malware scams, 9 Ponzi scheme scams, and 53 donation scams. We then identified over 200 blockchain addresses associated with these scams, which lead to at least 330K US dollars in losses from 6,329 victims. For each type of scams, we further investigated the tricks and social engineering techniques they used. To facilitate future research, we have publicly released all the well-labelled scams to the community.
Blockchain-general
Efficient Cross-Shard Transaction Execution in Sharded Blockchains
Authors: Sourav Das, Vinith Krishnan, Ling Ren
Abstract: Sharding is a promising blockchain scaling solution. But it currently suffers from high latency and low throughput when it comes to cross-shard transactions, i.e., transactions that require coordination from multiple shards. The root cause of these limitations arise from the use of the classic two-phase commit protocol, which involves locking assets for extended periods of time. This paper presents Rivet, a new paradigm for blockchain sharding that achieves lower latency and higher throughput for cross-shard transactions. Rivet has a single reference shard running consensus, and multiple worker shards maintaining disjoint states and processing a subset of transactions in the system. Rivet obviates the need for consensus within each worker shard, and as a result, tolerates more failures within a shard and lowers communication overhead. We prove the correctness and security of Rivet. We also propose a more realistic framework for evaluating sharded blockchains by creating a benchmark based on real Ethereum transactions. An evaluation of our prototype implementation of Rivet and the baseline two-phase commit, atop 50+ AWS EC2 instances, using our evaluation framework demonstrates the latency and throughput improvements for cross-shard transactions.
JugglingSwap: Scriptless Atomic Cross-Chain Swaps
Authors: Omer Shlomovits, Oded Leiba
Abstract: The blockchain space is changing constantly. New chains are being implemented frequently with different use cases in mind. As more and more types of crypto assets are getting real world value there is an increasing need for blockchain interoperability. Exchange services today are still dominated by central parties which require custody of funds. This trust imposes costs and security risks as frequent breaches testify. Atomic cross-chain swaps (ACCS) allow mutual distrusting parties to securely exchange crypto assets in a peer-to-peer manner while preserving self-custody. Fundamental ACCS protocols leveraged the scripting capabilities of blockchains to conditionalize the transfer of funds between trading parties. Recent work showed that such protocols can be realized in a scriptless setting. This has many benefits to blockchains throughput, efficiency of swap protocols and also to fungibility and privacy. The proposed protocols are limited to assets transferable by either Schnorr signatures or ECDSA that are assuming the same elliptic curve parameters. In this work we present JugglingSwap, a scriptless atomic cross-chain swap protocol with a higher degree of interoperability. We weaken the assumptions about blockchains that can be included in the ACCS protocol, and only require that (1) a threshold variant exists to the underlying digital signature scheme and (2) it is based on the elliptic curve discrete logarithm problem (ECDLP). The fair exchange is achieved by a gradual release of secrets. To achieve this we use a new building block we call Juggling: a public key verifiable encryption scheme to transfer segments of secret shares between parties, which can also be of separate interest. Juggling is then tailored to a specific private key management system design with threshold signatures security.
Foundational Oracle Patterns: Connecting Blockchain to the Off-chain World
Authors: Roman Mühlberger, Stefan Bachhofner, Castelló Eduardo Ferrer, Claudio Ciccio Di, Ingo Weber, Maximilian Wöhrer, Uwe Zdun
Abstract: Blockchain has evolved into a platform for decentralized applications, with beneficial properties like high integrity, transparency, and resilience against censorship and tampering. However, blockchains are closed-world systems which do not have access to external state. To overcome this limitation, oracles have been introduced in various forms and for different purposes. However so far common oracle best practices have not been dissected, classified, and studied in their fundamental aspects. In this paper, we address this gap by studying foundational blockchain oracle patterns in two foundational dimensions characterising the oracles: (i) the data flow direction, i.e., inbound and outbound data flow, from the viewpoint of the blockchain; and (ii) the initiator of the data flow, i.e., whether it is push or pull-based communication. We provide a structured description of the four patterns in detail, and discuss an implementation of these patterns based on use cases. On this basis we conduct a quantitative analysis, which results in the insight that the four different patterns are characterized by distinct performance and costs profiles.
Blockchain and Cryptocurrencies: a Classification and Comparison of Architecture Drivers
Authors: Martin Garriga, Dalla Stefano Palma, Maximiliano Arias, Alan Renzis De, Remo Pareschi, Andrew Damian Tamburri
Abstract: Blockchain is a decentralized transaction and data management solution, the technological leap behind the success of Bitcoin and other cryptocurrencies. As the variety of existing blockchains and distributed ledgers continues to increase, adopters should focus on selecting the solution that best fits their needs and the requirements of their decentralized applications, rather than developing yet another blockchain from scratch. In this paper we present a conceptual framework to aid software architects, developers, and decision makers to adopt the right blockchain technology. The framework exposes the interrelation between technological decisions and architectural features, capturing the knowledge from existing academic literature, industrial products, technical forums/blogs, and experts’ feedback. We empirically show the applicability of our framework by dissecting the platforms behind Bitcoin and other top 10 cryptocurrencies, aided by a focus group with researchers and industry practitioners. Then, we leverage the framework together with key notions of the Architectural Tradeoff Analysis Method (ATAM) to analyze four real-world blockchain case studies from industry and academia. Results shown that applying our framework leads to a deeper understanding of the architectural tradeoffs, allowing to assess technologies more objectively and select the one that best fit developers needs, ultimately cutting costs, reducing time-to-market and accelerating return on investment.
Undercutting Bitcoin Is Not Profitable
Authors: Tiantian Gong, Mohsen Minaei, Wenhai Sun, Aniket Kate
Abstract: A fixed block reward and voluntary transaction fees are two sources of economic incentives for mining in Bitcoin and other cryptocurrencies. For Bitcoin, the block reward halves every 210,000 blocks and it is supposed to vanish gradually. The remaining incentive of transaction fees is optional and arbitrary, and an undercutting attack becomes a potential threat, where the attacker deliberately forks an existing chain by leaving wealthy transactions unclaimed to attract other miners. We look into the profitability of the undercutting attack in this work. Our numerical simulations and experiments demonstrate that (i) only miners with mining power > 40% have a reasonable probability of successfully undercutting. (ii) As honest miners do not shift to the fork immediately in the first round, an undercutter’s profit drops with the number of honest miners. Given the current transaction fee rate distribution in Bitcoin, with half of the miners being honest, undercutting cannot be profitable at all; With 25% honest mining power, an undercutter with > 45% mining power can expect income more than its “fair share”; With no honest miners present, the threshold mining power for a profitable undercutting is 42%. (iii) For the current largest Bitcoin mining pool with 17.2% mining power, the probability of successfully launching an undercutting attack is tiny and the expected returns are far below honest mining gains. (iv) While the larger the prize the undercutter left unclaimed, the higher is the probability of the attack succeeding but the attack’s profits also go down. Finally, we analyze the best responses to undercutting for other rational miners. (v) For two rational miners and one of them being the potential undercutter with 45% mining power, we find the dominant strategy for the responding rational miner is to typical rational.
OptChain: Optimal Transactions Placement for Scalable Blockchain Sharding
Authors: N. Lan Nguyen, T. D. Truc Nguyen, N. Thang Dinh, T. My Thai
Abstract: A major challenge in blockchain sharding protocols is that more than 95% transactions are cross-shard. Not only those cross-shard transactions degrade the system throughput but also double the confirmation time, and exhaust an already scarce network bandwidth. Are cross-shard transactions imminent for sharding schemes? In this paper, we propose a new sharding paradigm, called OptChain, in which cross-shard transactions are minimized, resulting in almost twice faster confirmation time and throughput. By treating transactions as a stream of nodes in an online graph, OptChain utilizes a lightweight and on-the-fly transaction placement method to group both related and soon-related transactions into the same shards. At the same time, OptChain maintains a temporal balance among shards to guarantee the high parallelism. Our comprehensive and large-scale simulation using Oversim P2P library confirms a significant boost in performance with up to 10 folds reduction in cross-shard transactions, more than twice reduction in confirmation time, and 50% increase in throughput. When combined with Omniledger sharding protocol, OptChain delivers a 6000 transactions per second throughput with 10.5s confirmation time.
Model Checking Bitcoin and other Proof-of-Work Consensus Protocols
Authors: Max DiGiacomo-Castillo, Yiyun Liang, Advay Pal, C. John Mitchell
Abstract: The Bitcoin Backbone Protocol [GKL15] is an abstraction of the bitcoin proof-of-work consensus protocol. We use a model-checking tool (UPPAALSMC) to examine the concrete security of proof-ofwork consensus by varying protocol parameters and using an adversary that leverages the selfish mining strategy introduced in [GKL15]. We provide insights into modeling proof-of-work protocols and demonstrate tradeoffs between operating parameters. Applying this methodology to protocol design options, we show that the uniform tie-breaking rule from [ES18] decreases the failure rate of the chain quality property, but increases the failure rate of the common prefix property. This tradeoff illustrates how design decisions affect protocol properties, within a range of concrete operating conditions, in a manner that is not evident from prior asymptotic analysis.
Gravity: a blockchain-agnostic cross-chain communication and data oracles protocol
Authors: Aleksei Pupyshev, Dmitry Gubanov, Elshan Dzhafarov, llya Sapranidi, Inal Kardanov, Vladimir Zhuravlev, Shamil Khalilov, Marc Jansen, Sten Laureyssens, Igor Pavlov, Sasha Ivanov
Abstract: This paper intends to propose the architecture of a blockchain-agnostic protocol designed for communication of blockchains amongst each other (i.e. cross-chain), and for blockchains with the outside world (i.e. data oracles). The expansive growth of cutting-edge technology in the blockchain industry outlines the need and opportunity for addressing oracle consensus in a manner both technologically and economically efficient as well as futureproof. Blockchain-agnosticism is inherently limited if proposing a technological solution involves adding one more architectural layer. As such, Gravity protocol is designed to be a truly blockchain-agnostic protocol. By ensuring parity through direct integration and by leveraging the stability and security of the respective interconnected ecosystems, Gravity circumvents the need for a dedicated, public blockchain and a native token. Ultimately, Gravity protocol intends to address scalability challenges by providing a solid infrastructure for the creation of gateways, cross-chain applications, and sidechains. This paper introduces and defines the concept of Oracle Consensus and its implementation in the Gravity protocol named the Pulse Consensus algorithm. The proposed consensus architecture allows Gravity to be considered a singular decentralized blockchain-agnostic oracle.
Bitcoin Covenants: Three Ways to Control the Future
Authors: Jacob Swambo, Spencer Hommel, Bob McElrath, Bryan Bishop
Abstract: A bitcoin covenant is a mechanism to enforce conditions on how the control of coins will be transferred in the future. This work introduces deleted-key covenants; using pre-signed transactions with secure key deletion. With this, a general class of covenants are possible without introducing new security risks to bitcoin. There is a range of security models for the key deletion process, but this is subject to a security-convenience trade-off and requires interactivity in a multi-party context. On the other hand, this work makes a compelling case for what can be gained through a soft-fork upgrade to the signature hash system [Dec17] which enables recovered-key covenants through elliptic curve key recovery. This has similar properties to script-based covenant mechanisms proposed previously [Rub20]. Key factors are discussed and compared for the three covenant mechanisms, including; the enforcement process, methods for proving accessibility of funds and whether or not they are bound by a covenant, methods for dynamic fee allocation, the underlying cryptographic assumptions, and their feasibility in single-party, hierarchical and adversarial multi-party contexts. Despite the relative downsides of deleted-key covenants, they are a practical tool for custody protocol design. The comparison shows precisely how soft-fork proposals improve the practicality of bitcoin covenants, through non-interactive enforcement and tighter cryptographic assumptions, to enhance custody protocols and enable some adversarial applications such as payment protocols.
Blockchain-noncrypto uses
V-CARE: A Blockchain Based Framework for Secure Vehicle Health Record System
Authors: Kumar Pranav Singh, Roshan Singh, Sukumar Nandi
Abstract: One of the biggest challenges associated with connected and autonomous vehicles (CAVs) is to maintain and make use of vehicles health records (VHR). VHR can facilitate different entities to offer various services in a proactive, transparent, secure, reliable and in an efficient manner. The state-of-the-art solutions for maintaining the VHR are centralized in nature, mainly owned by manufacturer and authorized in-vehicle device developers. Owners, drivers, and other key service providers have limited accessibility and control to the VHR. We need to change the strategy from single or limited party access to multi-party access to VHR in an secured manner so that all stakeholders of intelligent transportation system (ITS) can be benefited from this. Any unauthorized attempt to alter the data should also be prevented. Blockchain is one such potential candidate, which can facilitate the sharing of such data among different participating organizations and individuals. For example, owners, manufacturers, trusted third parties, road authorities, insurance companies, charging stations, and car selling ventures can access VHR stored on the blockchain in a permissioned, secured, and with a higher level of confidence. In this paper, a blockchain-based decentralized secure system for V-CARE is proposed to manage records in an interoperable framework that leads to improved ITS services in terms of safety, availability, reliability, efficiency, and maintenance. Insurance based on pay-how-you-drive (PHYD), and sale and purchase of used vehicles can also be made more transparent and reliable without compromising the confidentiality and security of sensitive data.
B-FERL: Blockchain based Framework for Securing Smart Vehicles
Authors: Chuka Oham, Regio Michelin, S. Salil Kanhere, Raja Jurdak, Sanjay Jha
Abstract: The ubiquity of connecting technologies in smart vehicles and the incremental automation of its functionalities promise significant benefits, including a significant decline in congestion and road fatalities. However, increasing automation and connectedness broadens the attack surface and heightens the likelihood of a malicious entity successfully executing an attack. In this paper, we propose a Blockchain based Framework for sEcuring smaRt vehicLes (B-FERL). B-FERL uses permissioned blockchain technology to tailor information access to restricted entities in the connected vehicle ecosystem. It also uses a challenge-response data exchange between the vehicles and roadside units to monitor the internal state of the vehicle to identify cases of in-vehicle network compromise. In order to enable authentic and valid communication in the vehicular network, only vehicles with a verifiable record in the blockchain can exchange messages. Through qualitative arguments, we show that B-FERL is resilient to identified attacks. Also, quantitative evaluations in an emulated scenario show that B-FERL ensures a suitable response time and required storage size compatible with realistic scenarios. Finally, we demonstrate how B-FERL achieves various important functions relevant to the automotive ecosystem such as trust management, vehicular forensics and secure vehicular networks.
Blockchain Meets COVID-19: A Framework for Contact Information Sharing and Risk Notification System
Authors: Jinyue Song, Tianbo Gu, Xiaotao Feng, Yunjie Ge, Prasant Mohapatra
Abstract: COVID-19 causes a global epidemic infection, which is the most severe infection disaster in human history. In the absence of particular medication and vaccines, tracing and isolating the source of infection is the best option to slow the spread of the virus and reduce infection and death rates among the population. There are three main obstacles in the process of tracing the infection: 1) Patient’s electronic health record is stored in a traditional centralized database that could be stolen and tampered with the infection data, 2) The confidential personal identity of the infected user may be revealed to a third party or organization, 3) Existing infection tracing systems do not trace infections from multiple dimensions. Either the system is location-based or individual-based tracing. In this work, we propose a global COVID-19 information sharing system that utilizes the Blockchain, Smart Contract, and Bluetooth technologies. The proposed system unifies location-based and Bluetooth-based contact tracing services into the Blockchain platform, where the automatically executed smart contracts are deployed so that users can get consistent and non-tamperable virus trails. The anonymous functionality provided by the Blockchain and Bluetooth technology protects the user’s identity privacy. With our proposed analysis formula for estimating the probability of infection, users can take measures to protect themselves in advance. We also implement a prototype system to demonstrate the feasibility and effectiveness of our approach.
Private, Fair, and Verifiable Aggregate Statistics for Mobile Crowdsensing in Blockchain Era
Authors: Miao He, Jianbing Ni, Dongxiao Liu, Haomiao Yang, Xuemin, Shen
Abstract: In this paper, we propose FairCrowd, a private, fair, and verifiable framework for aggregate statistics in mobile crowdsensing based on the public blockchain. In specific, mobile users are incentivized to collect and share private data values (e.g., current locations) to fufill a commonly interested task released by a customer, and the crowdsensing server computes aggregate statistics over the values of mobile users (e.g., the most popular location) for the customer. By utilizing the ElGamal encryption, the server learns nearly nothing about the private data or the statistical result. The correctness of aggregate statistics can be publicly verified by using a new efficient and verifiable computation approach. Moreover, the fairness of incentive is guaranteed based on the public blockchain in the presence of greedy service provider, customers, and mobile users, who may launch payment-escaping, payment-reduction, free-riding, double-reporting, and Sybil attacks to corrupt reward distribution. Finally, FairCrowd is proved to achieve verifiable aggregate statistics with privacy preservation for mobile users. Extensive experiments are conducted to demonstrate the high efficiency of FairCrowd for aggregate statistics in mobile crowdsensing.
Performance Evaluation of Differential Privacy Mechanisms in Blockchain based Smart Metering
Authors: Ul Muneeb Hassan, Husain Mubashir Rehmani, Jinjun Chen
Abstract: The concept of differential privacy emerged as a strong notion to protect database privacy in an untrusted environment. Later on, researchers proposed several variants of differential privacy in order to preserve privacy in certain other scenarios, such as real-time cyber physical systems. Since then, differential privacy has rigorously been applied to certain other domains which has the need of privacy preservation. One such domain is decentralized blockchain based smart metering, in which smart meters acting as blockchain nodes sent their real-time data to grid utility databases for real-time reporting. This data is further used to carry out statistical tasks, such as load forecasting, demand response calculation, etc. However, in case if any intruder gets access to this data it can leak privacy of smart meter users. In this context, differential privacy can be used to protect privacy of this data. In this chapter, we carry out comparison of four variants of differential privacy (Laplace, Gaussian, Uniform, and Geometric) in blockchain based smart metering scenario. We test these variants on smart metering data and carry out their performance evaluation by varying different parameters. Experimental outcomes shows at low privacy budget ($\varepsilon$) and at low reading sensitivity value ($δ$), these privacy preserving mechanisms provide high privacy by adding large amount of noise. However, among these four privacy preserving parameters Geometric parameters is more suitable for protecting high peak values and Laplace mechanism is more suitable for protecting low peak values at ($\varepsilon$ = 0.01).
A Blockchain-based Iterative Double Auction Protocol using Multiparty State Channels
Authors: T. D. Truc Nguyen, T. My Thai
Abstract: Although the iterative double auction has been widely used in many different applications, one of the major problems in its current implementations is that they rely on a trusted third party to handle the auction process. This imposes the risk of single point of failures, monopoly, and bribery. In this paper, we aim to tackle this problem by proposing a novel decentralized and trustless framework for iterative double auction based on blockchain. Our design adopts the smart contract and state channel technologies to enable a double auction process among parties that do not need to trust each other, while minimizing the blockchain transactions. In specific, we propose an extension to the original concept of state channels that can support multiparty computation. Then we provide a formal development of the proposed framework and prove the security of our design against adversaries. Finally, we develop a proof-of-concept implementation of our framework using Elixir and Solidity, on which we conduct various experiments to demonstrate its feasibility and practicality.
Actor-based Risk Analysis for Blockchains in Smart Mobility
Authors: Al Ranwa Mallah, Bilal Farooq
Abstract: Blockchain technology is a crypto-based secure ledger for data storage and transfer through decentralized, trustless peer-to-peer systems. Despite its advantages, previous studies have shown that the technology is not completely secure against cyber attacks. Thus, it is crucial to perform domain specific risk analysis to measure how viable the attacks are on the system, their impact and consequently the risk exposure. Specifically, in this paper, we carry out an analysis in terms of quantifying the risk associated to an operational multi-layered Blockchain framework for Smart Mobility Data-markets (BSMD). We conduct an actor-based analysis to determine the impact of the attacks. The analysis identified five attack goals and five types of attackers that violate the security of the blockchain system. In the case study of the public permissioned BSMD, we highlight the highest risk factors according to their impact on the victims in terms of monetary, privacy, integrity and trust. Four attack goals represent a risk in terms of economic losses and one attack goal contains many threats that represent a risk that is either unacceptable or undesirable.
BDTF: A Blockchain-Based Data Trading Framework with Trusted Execution Environment
Authors: Guoxiong Su, Wenyuan Yang, Zhengding Luo, Yinghong Zhang, Zhiqiang Bai, Yuesheng Zhu
Abstract: The need for data trading promotes the emergence of data market. However, in conventional data markets, both data buyers and data sellers have to use a centralized trading platform which might be dishonest. A dishonest centralized trading platform may steal and resell the data seller’s data, or may refuse to send data after receiving payment from the data buyer. It seriously affects the fair data transaction and harm the interests of both parties to the transaction. To address this issue, we propose a novel blockchain-based data trading framework with Trusted Execution Environment (TEE) to provide a trusted decentralized platform for fair data trading. In our design, a blockchain network is proposed to realize the payments from data buyers to data sellers, and a trusted exchange is built by using a TEE for the first time to achieve fair data transmission. With these help, data buyers and data sellers can conduct transactions directly. We implement our proposed framework on Ethereum and Intel SGX, security analysis and experimental results have demonstrated that the framework proposed can effectively guarantee the fair completion of data tradings.
Blockchain for the Internet of Vehicles towards Intelligent Transportation Systems: A Survey
Authors: Baqer Muhammad Mollah, Jun Zhao, Dusit Niyato, Liang Yong Guan, Chau Yuen, Sumei Sun, Kwok-Yan Lam, Hai Leong Koh
Abstract: Internet of Vehicles (IoV) is an emerging concept that is believed to help realise the vision of intelligent transportation systems (ITS). IoV has become an important research area of impactful applications in recent years due to the rapid advancements in vehicular technologies, high throughput satellite communication, Internet of Things and cyber-physical systems. IoV enables the integration of smart vehicles with the Internet and system components attributing to their environment such as public infrastructures, sensors, computing nodes, pedestrians and other vehicles. By allowing the development of a common information exchange platform between vehicles and heterogeneous vehicular networks, this integration aims to create a better environment and public space to the people as well as to enhance safety for all road users. Being a participatory data exchange and storage, the underlying information exchange platform of IoV needs to be secure, transparent and immutable in order to achieve the intended objectives of ITS. In this connection, the adoption of blockchain as a system platform for supporting the information exchange needs of IoV has been explored. Due to their decentralized and immutable nature, IoV applications enabled by blockchain are believed to have a number of desirable properties such as decentralization, security, transparency, immutability, and automation. In this paper, we present a contemporary survey on the latest advancement in blockchain for IoV. Particularly, we highlight the different application scenarios of IoV after carefully reviewing the recent literatures. We also identify several key challenges where blockchain is applied in IoV, and describe the related works addressing these challenges. Furthermore, we investigate the future opportunities and explore further research directions of IoV as a key enabler of ITS.
Decentralized Accessibility of e-commerce Products through Blockchain Technology
Authors: Gulshan Kumara, Rahul Sahaa, J William Buchanan, G. Geethaa, Reji Thomasa, Tai-Hoon Kimc, Mamoun Alazab
Abstract: A distributed and transparent ledger system is considered for various e-commerce products including health medicines, electronics, security appliances, food products and many more to ensure technological and e-commerce sustainability. This solution, named as ‘PRODCHAIN’, is a generic blockchain framework with lattice-based cryptographic processes for reducing the complexity for tracing the e-commerce products. Moreover, we have introduced a rating based consensus process called Proof of Accomplishment (PoA). The solution has been analyzed and experimental studies are performed on Ethereum network. The results are discussed in terms of latency and throughput which prove the efficiency of PRODCHAIN in e-commerce products and services. The presented solution is beneficial for improving the traceability of the products ensuring the social and financial sustainability. This work will help the researchers to gain knowledge about the blockchain implications for supply chain possibilities in future developments for society.
Open-Pub: A Transparent yet Privacy-Preserving Academic Publication System based on Blockchain
Authors: Yan Zhou, Zhiguo Wan, Zhangshuang Guan
Abstract: Academic publication of latest research results are crucial to advance development of all disciplines. However, there are a number of severe disadvantages in current academic publication systems. The first problem is the misconduct during the publication process due to the opaque paper review process. An anonymous reviewer may give biased comments to a paper without being noticed or punished, because the comments are seldom published for evaluation. Secondly, the author anonymity during the paper review process is easily compromised since this information is simply open to the conference chair or the journal editor. Last but not least, access to research papers is restricted to only subscribers, and even the authors cannot access their own papers. In this paper, we propose Open-Pub, a decentralized, transparent yet privacy-preserving academic publication scheme using the blockchain technology, aiming to reduce academic misconducts and promote free sharing of research results. To this end, we design a threshold group signature to achieve anonymity for reviewers and authors. With this group signature, authors can choose to submit papers anonymously and validators take turns to distribute papers anonymously to reviewers on the blockchain according to their research interests. After the reviewers submit their review comments, the identities of reviewers and anonymous authors will be disclosed. These processes will be recorded on the blockchain so that everyone can trace the entire process. To evaluate its efficiency, we implement Open-Pub based on Ethereum source code and conduct comprehensive experiments to evaluate its performance, including computation cost and processing delay. The experiment results show that Open-Pub is highly efficient in computation and processing anonymous transactions.
Decentralized Blockchain for Privacy-Preserving Large-Scale Contact Tracing
Authors: Wenzhe Lv, Sheng Wu, Chunxiao Jiang, Yuanhao Cui, Xuesong Qiu, Yan Zhang
Abstract: Activity-tracking applications and location-based services using short-range communication (SRC) techniques have been abruptly demanded in the COVID-19 pandemic, especially for automated contact tracing. The attention from both public and policy keeps raising on related practical problems, including \textit{1) how to protect data security and location privacy? 2) how to efficiently and dynamically deploy SRC Internet of Thing (IoT) witnesses to monitor large areas?} To answer these questions, in this paper, we propose a decentralized and permissionless blockchain protocol, named \textit{Bychain}. Specifically, 1) a privacy-preserving SRC protocol for activity-tracking and corresponding generalized block structure is developed, by connecting an interactive zero-knowledge proof protocol and the key escrow mechanism. As a result, connections between personal identity and the ownership of on-chain location information are decoupled. Meanwhile, the owner of the on-chain location data can still claim its ownership without revealing the private key to anyone else. 2) An artificial potential field-based incentive allocation mechanism is proposed to incentivize IoT witnesses to pursue the maximum monitoring coverage deployment. We implemented and evaluated the proposed blockchain protocol in the real-world using the Bluetooth 5.0. The storage, CPU utilization, power consumption, time delay, and security of each procedure and performance of activities are analyzed. The experiment and security analysis is shown to provide a real-world performance evaluation.
Financial
Editorial: Understanding Cryptocurrencies
Authors: Karl Wolfgang Härdle, R. Campbell Harvey, G. C. Raphael Reule
Abstract: Cryptocurrency refers to a type of digital asset that uses distributed ledger, or blockchain, technology to enable a secure transaction. Although the technology is widely misunderstood, many central banks are considering launching their own national cryptocurrency. In contrast to most data in financial economics, detailed data on the history of every transaction in the cryptocurrency complex are freely available. Furthermore, empirically-oriented research is only now beginning, presenting an extraordinary research opportunity for academia. We provide some insights into the mechanics of cryptocurrencies, describing summary statistics and focusing on potential future research avenues in financial economics.
Proposal for a Comprehensive (Crypto) Asset Taxonomy
Authors: Thomas Ankenbrand, Denis Bieri, Roland Cortivo, Johannes Hoehener, Thomas Hardjono
Abstract: Developments in the distributed ledger technology have led to new types of assets with a broad range of purposes. Although some classification frameworks for common instruments from traditional finance and some for these new, so called cryptographic assets already exist and are used, a holistic approach to integrate both worlds is missing. The present paper fills this research gap by identifying 14 attributes, each of which is assigned different characteristics, that can be used to classify all types of assets in a structured manner. Our proposed taxonomy which is an extension of existing classification frameworks, summarises these findings in a morphological box and is tested for practicability by classifying exemplary assets like cash and bitcoin. The final classification framework can help to ensure that the various stakeholders, such as investors or supervisors, have a consistent view of the different types of assets, and in particular of their characteristics, and also helps to establish standardised terminology.
Internet of Things (IoT)
Optimal Witnessing of Healthcare IoT Data Using Blockchain Logging Contract
Authors: Hossein Mohammad Chinaei, Habibi Hassan Gharakheili, Vijay Sivaraman
Abstract: Verification of data generated by wearable sensors is increasingly becoming of concern to health service providers and insurance companies. There is a need for a verification framework that various authorities can request a verification service for the local network data of a target IoT device. In this paper, we leverage blockchain as a distributed platform to realize an on-demand verification scheme. This allows authorities to automatically transact with connected devices for witnessing services. A public request is made for witness statements on the data of a target IoT that is transmitted on its local network, and subsequently, devices (in close vicinity of the target IoT) offer witnessing service. Our contributions are threefold: (1) We develop a system architecture based on blockchain and smart contract that enables authorities to dynamically avail a verification service for data of a subject device from a distributed set of witnesses which are willing to provide (in a privacy-preserving manner) their local wireless measurement in exchange of monetary return; (2) We then develop a method to optimally select witnesses in such a way that the verification error is minimized subject to monetary cost constraints; (3) Lastly, we evaluate the efficacy of our scheme using real Wi-Fi session traces collected from a five-storeyed building with more than thirty access points, representative of a hospital. According to the current pricing schedule of the Ethereum public blockchain, our scheme enables healthcare authorities to verify data transmitted from a typical wearable device with the verification error of the order 0.01% at cost of less than two dollars for one-hour witnessing service.
Mathematical
Blockchain Is Dead, Long Live Blockchain! Accountable State Machine Replication for Longlasting Blockchain
Authors: Alejandro Ranchal-Pedrosa, Vincent Gramoli
Abstract: The long-standing impossibility of reaching agreement restricts the lifespan of blockchains. In fact, most blockchains are doomed to fail in a sufficiently long execution because they either fork as soon as a third of the replicas are Byzantine or they offer a probability of success that decreases with the number of blocks agreed upon. In this paper, we propose the first Longlasting Blockchain system, LLB, that relies on the deceitful failure model where most replicas are either incentivized to foment a coalition and steal assets or rewarded to participate correctly. LLB either reaches consensus or slashes deceitful replicas to obtain $n’$ remaining replicas among which $f'<n'/3$ are faulty. As a result, even with an overwhelmingly high number of deceitful faults, LLB always recovers from transient disputes, or forks, to a consistent state deterministically agreed by all honest replicas. We demonstrate the effectiveness of LLB in a zero loss payment system application that outperforms the raw state machine replication at the heart of Facebook's Libra blockchain starting from 60 geodistributed replicas.
Efficient MDP Analysis for Selfish-Mining in Blockchains
Authors: Bar Roi Zur, Ittay Eyal, Aviv Tamar
Abstract: A proof of work (PoW) blockchain protocol distributes rewards to its participants, called miners, according to their share of the total computational power. Sufficiently large miners can perform selfish mining – deviate from the protocol to gain more than their fair share. Such systems are thus secure if all miners are smaller than a threshold size so their best response is following the protocol. To find the threshold, one has to identify the optimal strategy for miners of different sizes, i.e., solve a Markov Decision Process (MDP). However, because of the PoW difficulty adjustment mechanism, the miners’ utility is a non-linear ratio function. We therefore call this an Average Reward Ratio (ARR) MDP. Sapirshtein et al.\ were the first to solve ARR MDPs by solving a series of standard MDPs that converge to the ARR MDP solution. In this work, we present a novel technique for solving an ARR MDP by solving a single standard MDP. The crux of our approach is to augment the MDP such that it terminates randomly, within an expected number of rounds. We call this Probabilistic Termination Optimization (PTO), and the technique applies to any MDP whose utility is a ratio function. We bound the approximation error of PTO – it is inversely proportional to the expected number of rounds before termination, a parameter that we control. Empirically, PTO’s complexity is an order of magnitude lower than the state of the art. PTO can be easily applied to different blockchains. We use it to tighten the bound on the threshold for selfish mining in Ethereum.
A New Theoretical Framework of Pyramid Markov Processes for Blockchain Selfish Mining
Authors: Quan-Lin Li, Yan-Xia Chang, Xiaole Wu, Guoqing Zhang
Abstract: In this paper, we provide a new theoretical framework of pyramid Markov processes to solve some open and fundamental problems of blockchain selfish mining. To this end, we first describe a more general blockchain selfish mining with both a two-block leading competitive criterion and a new economic incentive, and establish a pyramid Markov process to express the dynamic behavior of the selfish mining from both consensus protocol and economic incentive. Then we show that the pyramid Markov process is stable and so is the blockchain, and its stationary probability vector is matrix-geometric with an explicitly representable rate matrix. Furthermore, we use the stationary probability vector to be able to analyze the waste of computational resource due to generating a lot of orphan (or stale) blocks. Nextly, we set up a pyramid Markov reward process to investigate the long-run average profits of the honest and dishonest mining pools, respectively. Specifically, we show that the long-run average profits are multivariate linear such that we can measure the improvement of mining efficiency of the dishonest mining pool comparing to the honest mining pool. As a by-product, we build three approximative Markov processes when the system states are described as the block-number difference of two forked block branches. Also, by using their special cases with non network latency, we can further provide some useful interpretation for both the Markov chain (Figure 1) and the revenue analysis ((1) to (3)) of the seminal work by Eyal and Sirer (2014). Finally, we use some numerical examples to verify the correctness and computability of our theoretical results. We hope that the methodology and results developed in this paper shed light on the blockchain selfish mining such that a series of promising research can be produced potentially.
Proof of Work (PoW) alternatives
Proof of Learning (PoLe): Empowering Machine Learning with Consensus Building on Blockchains
Authors: Yixiao Lan, Yuan Liu, Boyang Li
Abstract: The progress of deep learning (DL), especially the recent development of automatic design of networks, has brought unprecedented performance gains at heavy computational cost. On the other hand, blockchain systems routinely perform a huge amount of computation that does not achieve practical purposes in order to build Proof-of-Work (PoW) consensus from decentralized participants. In this paper, we propose a new consensus mechanism, Proof of Learning (PoLe), which directs the computation spent for consensus toward optimization of neural networks (NN). In our mechanism, the training/testing data are released to the entire blockchain network (BCN) and the consensus nodes train NN models on the data, which serves as the proof of learning. When the consensus on the BCN considers a NN model to be valid, a new block is appended to the blockchain. We experimentally compare the PoLe protocol with Proof of Work (PoW) and show that PoLe can achieve a more stable block generation rate, which leads to more efficient transaction processing. We also introduce a novel cheating prevention mechanism, Secure Mapping Layer (SML), which can be straightforwardly implemented as a linear NN layer. Empirical evaluation shows that SML can detect cheating nodes at small cost to the predictive performance.
Formalizing Nakamoto-Style Proof of Stake
Authors: Eller Søren Thomsen, Bas Spitters
Abstract: Fault-tolerant distributed systems move the trust in a single party to a majority of parties participating in the protocol. This makes blockchain based crypto-currencies possible: they allow parties to agree on a total order of transactions without a trusted third party. To trust a distributed system, the security of the protocol and the correctness of the implementation must be indisputable. We present the first machine checked proof that guarantees both safety and liveness for a consensus algorithm. We verify a Proof of Stake (PoS) Nakamoto-style blockchain (NSB) protocol, using the foundational proof assistant Coq. In particular, we consider a PoS NSB in a synchronous network with a static set of corrupted parties. We define execution semantics for this setting and prove chain growth, chain quality, and common prefix which together implies both safety and liveness.
Green-PoW: An Energy-Efficient Blockchain Proof-of-Work Consensus Algorithm
Authors: Noureddine Lasla, Lina Alsahan, Mohamed Abdallah, Mohamed Younis
Abstract: This paper opts to mitigate the energy-inefficiency of the Blockchain Proof-of-Work (PoW) consensus algorithm by rationally repurposing the power spent during the mining process. The original PoW mining scheme is designed to consider one block at a time and assign a reward to the first place winner of a computation race. To reduce the mining-related energy consumption, we propose to compensate the computation effort of the runner(s)-up of a mining round, by granting them exclusivity of solving the upcoming block in the next round. This will considerably reduce the number of competing nodes in the next round and consequently, the consumed energy. Our proposed scheme divides time into epochs, where each comprises two mining rounds; in the first one, all network nodes can participate in the mining process, whereas in the second round only runners-up can take part. Thus, the overall mining energy consumption can be reduced to nearly $50\%$. To the best of our knowledge, our proposed scheme is the first to considerably improve the energy consumption of the original PoW algorithm. Our analysis demonstrates the effectiveness of our scheme in reducing energy consumption, the probability of fork occurrences, the level of mining centralization presented in the original PoW algorithm, and the effect of transaction censorship attack.
Proofs of Useless Work — Positive and Negative Results for Wasteless Mining Systems
Authors: Maya Dotan, Saar Tochner
Abstract: Many blockchain systems today, including Bitcoin, rely on Proof of Work (PoW). Proof of work is crucial to the liveness and security of cryptocurrencies. The assumption when using PoW is that a lot of trial and error is required on average before a valid block is generated. One of the main concerns raised with regard to this kind of system is the inherent need to “waste” energy on “meaningless” problems. In fact, the Bitcoin system is believed to consume more electricity than several small countries [5]. In this work we formally define three properties that are necessary for wasteless PoW systems: (1) solve “meaningful” problems (2) solve them efficiently and (3) be secure against double-spend attacks. We analyze these properties and deduce constraints that impose on PoW systems. In particular, we conclude that under realistic assumptions, the set of allowed functions for mining must be preimage resistant functions. Finally, we propose a modification to the Bitcoin consensus rule that allows users to upload a certain subset of preimage resistant problems and let the mining process solve them. We prove security against Double-Spend attacks identical to the existing security guarantee in Bitcoin today.
Smart contracts
Agreements between Enterprises digitized by Smart Contracts in the Domain of Industry 4.0
Authors: Kevin Wallis, Jan Stodt, Eugen Jastremskoj, Christoph Reich
Abstract: The digital transformation of companies is expected to increase the digital interconnection between different companies to develop optimized, customized, hybrid business models. These cross-company business models require secure, reliable, and traceable logging and monitoring of contractually agreed information sharing between machine tools, operators, and service providers. This paper discusses how the major requirements for building hybrid business models can be tackled by the blockchain for building a chain of trust and smart contracts for digitized contracts. A machine maintenance use case is used to discuss the readiness of smart contracts for the automation of workflows defined in contracts. Furthermore, it is shown that the number of failures is significantly improved by using these contracts and a blockchain.
Data Confidentiality In P2P Communication And Smart Contracts Of Blockchain In Industry 4.0
Authors: Jan Stodt, Christoph Reich
Abstract: Increased collaborative production and dynamic selection of production partners within industry 4.0 manufacturing leads to ever-increasing automatic data exchange between companies. Automatic and unsupervised data exchange creates new attack vectors, which could be used by a malicious insider to leak secrets via an otherwise considered secure channel without anyone noticing. In this paper we reflect upon approaches to prevent the exposure of secret data via blockchain technology, while also providing auditable proof of data exchange. We show that previous blockchain based privacy protection approaches offer protection, but give the control of the data to (potentially not trustworthy) third parties, which also can be considered a privacy violation. The approach taken in this paper is not utilize centralized data storage for data. It realizes data confidentiality of P2P communication and data processing in smart contracts of blockchains.
STAN: Towards Describing Bytecodes of Smart Contract
Authors: Xiaoqi Li, Ting Chen, Xiapu Luo, Tao Zhang, Le Yu, Zhou Xu
Abstract: More than eight million smart contracts have been deployed into Ethereum, which is the most popular blockchain that supports smart contract. However, less than 1% of deployed smart contracts are open-source, and it is difficult for users to understand the functionality and internal mechanism of those closed-source contracts. Although a few decompilers for smart contracts have been recently proposed, it is still not easy for users to grasp the semantic information of the contract, not to mention the potential misleading due to decompilation errors. In this paper, we propose the first system named STAN to generate descriptions for the bytecodes of smart contracts to help users comprehend them. In particular, for each interface in a smart contract, STAN can generate four categories of descriptions, including functionality description, usage description, behavior description, and payment description, by leveraging symbolic execution and NLP (Natural Language Processing) techniques. Extensive experiments show that STAN can generate adequate, accurate, and readable descriptions for contract’s bytecodes, which have practical value for users.
Hunting for Re-Entrancy Attacks in Ethereum Smart Contracts via Static Analysis
Authors: Yuichiro Chinen, Naoto Yanai, Paul Jason Cruz, Shingo Okamura
Abstract: Ethereum smart contracts are programs that are deployed and executed in a consensus-based blockchain managed by a peer-to-peer network. Several re-entrancy attacks that aim to steal Ether, the cryptocurrency used in Ethereum, stored in deployed smart contracts have been found in the recent years. A countermeasure to such attacks is based on dynamic analysis that executes the smart contracts themselves, but it requires the spending of Ether and knowledge of attack patterns for analysis in advance. In this paper, we present a static analysis tool named \textit{RA (Re-entrancy Analyzer)}, a combination of symbolic execution and equivalence checking by a satisfiability modulo theories solver to analyze smart contract vulnerabilities to re-entrancy attacks. In contrast to existing tools, RA supports analysis of inter-contract behaviors by using only the Etherum Virtual Machine bytecodes of target smart contracts, i.e., even without prior knowledge of attack patterns and without spending Ether. Furthermore, RA can verify existence of vulnerabilities to re-entrancy attacks without execution of smart contracts and it does not provide false positives and false negatives. We also present an implementation of RA to evaluate its performance in analyzing the vulnerability of deployed smart contracts to re-entrancy attacks and show that RA can precisely determine which smart contracts are vulnerable.
Leave a Comment