If you feel a paper should belong to another category, or that we missed a relevant paper just let us know. Participation is most welcome!
- Attacks and defenses
- Internet as a Service (IaaS)
- Internet of Things (IoT)
- Proof of Work (PoW) alternatives
Attacks and defenses
Adaptive DDoS attack detection method based on multiple-kernel learning
Authors: Jieren Cheng, Chen Zhang, Xiangyan Tang, Victor S. Sheng, Zhe Dong, Junqi Li, Jing Chen
Abstract: Distributed denial of service (DDoS) attacks have caused huge economic losses to society. They have become one of the main threats to Internet security. Most of the current detection methods based on a single feature and fixed model parameters cannot effectively detect early DDoS attacks in cloud and big data environment. In this paper, an adaptive DDoS attack detection method (ADADM) based on multiple kernel learning (MKL) is proposed. Based on the burstiness of DDoS attack flow, the distribution of addresses and the interactivity of communication, we define five features to describe the network flow characteristic. Based on the ensemble learning framework, the weight of each dimension is adaptively adjusted by increasing the inter-class mean with a gradient ascent and reducing the intra-class variance with a gradient descent, and the classifier is established to identify an early DDoS attack by training simple multiple kernel learning (SMKL) models with two characteristics including inter-class mean squared difference growth (M-SMKL) and intra-class variance descent (S-SMKL). The sliding window mechanism is used to coordinate the S-SMKL and M-SMKL to detect the early DDoS attack. The experimental results indicate that this method can detect DDoS attacks early and accurately.
Bandwidth-Efficient Transaction Relay for Bitcoin
Authors: Gleb Naumenko, Gregory Maxwell, Pieter Wuille, Sasha Fedorova, Ivan Beschastnikh
Abstract: Bitcoin is a top-ranked cryptocurrency that has experienced huge growth and survived numerous attacks. The protocols making up Bitcoin must therefore accommodate the growth of the network and ensure security. Security of the Bitcoin network depends on connectivity between the nodes. Higher connectivity yields better security. In this paper we make two observations: (1) current connectivity in the Bitcoin network is too low for optimal security; (2) at the same time, increasing connectivity will substantially increase the bandwidth used by the transaction dissemination protocol, making it prohibitively expensive to operate a Bitcoin node. Half of the total bandwidth needed to operate a Bitcoin node is currently used to just announce transactions. Unlike block relay, transaction dissemination has received little attention in prior work. We propose a new transaction dissemination protocol, Erlay, that not only reduces the bandwidth consumption by 40% assuming current connectivity, but also keeps the bandwidth use almost constant as the connectivity increases. In contrast, the existing protocol increases the bandwidth consumption linearly with the number of connections. By allowing more connections at a small cost, Erlay improves the security of the Bitcoin network. And, as we demonstrate, Erlay also hardens the network against attacks that attempt to learn the origin node of a transaction. Erlay is currently being investigated by the Bitcoin community for future use with the Bitcoin protocol.
Towards Global Asset Management in Blockchain Systems
Authors: Victor Zakhary, Mohammad Javad Amiri, Sujaya Maiyya, Divyakant Agrawal, Amr El Abbadi
Abstract: Permissionless blockchains (e.g., Bitcoin, Ethereum, etc) have shown a wide success in implementing global scale peer-to-peer cryptocurrency systems. In such blockchains, new currency units are generated through the mining process and are used in addition to transaction fees to incentivize miners to maintain the blockchain. Although it is clear how currency units are generated and transacted on, it is unclear how to use the infrastructure of permissionless blockchains to manage other assets than the blockchain’s currency units (e.g., cars, houses, etc). In this paper, we propose a global asset management system by unifying permissioned and permissionless blockchains. A governmental permissioned blockchain authenticates the registration of end-user assets through smart contract deployments on a permissionless blockchain. Afterwards, end-users can transact on their assets through smart contract function calls (e.g., sell a car, rent a room in a house, etc). In return, end-users get paid in currency units of the same blockchain or other blockchains through atomic cross-chain transactions and governmental offices receive taxes on these transactions in cryptocurrency units.
StrongChain: Transparent and Collaborative Proof-of-Work Consensus
Authors: Pawel Szalachowski, Daniel Reijsbergen, Ivan Homoliak, Siwei Sun
Abstract: Bitcoin is the most successful cryptocurrency so far. This is mainly due to its novel consensus algorithm, which is based on proof-of-work combined with a cryptographically-protected data structure and a rewarding scheme that incentivizes nodes to participate. However, despite its unprecedented success Bitcoin suffers from many inefficiencies. For instance, Bitcoin’s consensus mechanism has been proved to be incentive-incompatible, its high reward variance causes centralization, and its hardcoded deflation raises questions about its long-term sustainability.
In this work, we revise the Bitcoin consensus mechanism by proposing StrongChain, a scheme that introduces transparency and incentivizes participants to collaborate rather than to compete. The core design of our protocol is to reflect and utilize the computing power aggregated on the blockchain which is invisible and “wasted” in Bitcoin today. Introducing relatively easy, although important changes to Bitcoin’s design enables us to improve many crucial aspects of Bitcoin-like cryptocurrencies making it more secure, efficient, and profitable for participants. We thoroughly analyze our approach and we present an implementation of StrongChain. The obtained results confirm its efficiency, security, and deployability.
LazyLedger: A Distributed Data Availability Ledger With Client-Side Smart Contracts
Author: Mustafa Al-Bassam
Abstract: We propose LazyLedger, a design for distributed ledgers where the blockchain is optimised for solely ordering and guaranteeing the availability of transactions. Responsibility of executing and validating transactions is shifted to only the clients that have an interest in certain transactions. As the core function of the consensus system of a distributed ledger is to order transactions and ensure their availability, consensus participants do not necessarily need to be concerned with the content of those transactions. This reduces the problem of block verification to data availability verification, which can be achieved probabilistically without downloading the whole block. The amount of resources required to reach consensus can thus be minimised, as transaction validity rules can be decoupled from consensus rules. We also implement and evaluate several example LazyLedger applications, and validate that the workload of clients of specific applications does not significantly increase when the workload of other applications increase.
Blockchain in the Government Technology Fabric
Author: Anwitaman Datta
Abstract: Fuelled by the success (and hype) around cryptocurrencies, distributed ledger technologies (DLT), particularly blockchains, have gained a lot of attention from a wide spectrum of audience who perceive blockchains as a key to carry out business processes that have hitherto been cumbersome in a cost and time effective manner. Governments across the globe have responded to this promising but nascent technology differently – from being apathetic or adopting a wait-and-watch approach: letting the systems shape themselves, to creating regulatory sandboxes and sponsoring capacity building, or in some instances (arguably) over-regulating and attempting to put the blockchain genie back in the bottle. Possible government role spans across a spectrum: regulating crypto-currencies and initial coin offerings (ICO), formulating regulatory frameworks for managing the adoption of blockchains, particularly in critical infrastructure industries, facilitating capacity building, and finally, embracing blockchain technology in conducting the activities of the government itself – be it internally, or in using them to deliver public services. In this paper we survey the last, namely, the use of blockchain and associated distributed ledger technologies in the government technology (GovTech) stack, and discuss the merits and concerns associated with the existing initiatives and approaches.
Spatial Positioning Token (SPToken) for Smart Mobility
Authors: Roman Overko, Rodrigo H. Ordonez-Hurtado, Sergiy Zhuk, Pietro Ferraro, Andrew Cullen, Robert Shorten
Abstract: We introduce a distributed ledger technology (DLT) design for smart mobility applications. The objectives of the DLT are: (i) preserving the privacy of the individuals, including General Data Protection Regulation (GDPR) compliance; (ii) enabling individuals to retain ownership of their own data; (iii) enabling consumers and regulatory agencies alike to confirm the origin, veracity, and legal ownership of data, products and services; and (iv) securing such data sets from misuse by malevolent actors. As a use case of the proposed DLT, we present a blockchain-supported distributed reinforcement learning innovation to determine an unknown distribution of traffic patterns in a city.
Privacy-Preserving P2P Energy Market on the Blockchain
Authors: Alain Brenzikofer, Noa Melchior
Abstract: Quartierstrom creates a peer-to-peer marketplace for locally generated solar power. The marketplace is implemented as a smart contract on a permissioned blockchain governed by all prosumers. Two privacy-by-design concepts are presented which guarantee that the users individual load profile is not leaked to any third party despite using a blockchain. The first approach leverages UTXO based coin mixing protocols in combination with an account-based on-chain smart contract. The second approach relies on an off-chain smart contract running in trusted execution environments.
A Framework for Blockchain Interoperability and Runtime Selection
Authors: Philipp Frauenthaler, Michael Borkowski, Stefan Schulte
Abstract: The suitability of a particular blockchain for a given use case depends mainly on the blockchain’s functional and non-functional properties. Such properties may vary over time, and thus, a selected blockchain may become unsuitable for a given use case. This uncertainty may hinder the widespread adoption of blockchain technologies in general. To mitigate the impact of volatile blockchain properties, we propose a framework that monitors several blockchains, allows the user to define functional and non-functional requirements, determines the most appropriate blockchain, and enables the switchover to that chain at runtime. Our evaluation using a reference implementation shows that switching to another blockchain can save cost and enable users to benefit from better performance and a higher level of trust.
Decentralized Trusted Computing Base for Blockchain Infrastructure Security
Authors: Thomas Hardjono, Ned Smith
Abstract: There is a growing interest today in blockchain technology as a possible foundation for the future global financial ecosystem. However, in order for this future financial ecosystem to be truly global, with a high degree of interoperability and stability, a number challenges need to be addressed related to infrastructure security. One key aspect concerns the security and robustness of the systems that participate in the blockchain peer-to-peer networks. In this paper we discuss the notion of the decentralized trusted computing base as an extension of the TCB concept in trusted computing. We explore how a decentralized TCB can be useful to (i) harden individual nodes and systems in the blockchain infrastructure, and (ii) be the basis for secure group-oriented computations making within the P2P network of nodes that make-up the blockchain system.
Atomic Commitment Across Blockchains
Authors: Victor Zakhary, Divyakant Agrawal, Amr El Abbadi
Abstract: The recent adoption of blockchain technologies and open permissionless networks suggest the importance of peer-to-peer atomic cross-chain transaction protocols. Users should be able to atomically exchange tokens and assets without depending on centralized intermediaries such as exchanges. Recent peer-to-peer atomic cross-chain swap protocols use hashlocks and timelocks to ensure that participants comply to the protocol. However, an expired timelock could lead to a violation of the all-or-nothing atomicity property. An honest participant who fails to execute a smart contract on time due to a crash failure or network delays at her site might end up losing her assets. Although a crashed participant is the only participant who ends up worse off, current proposals are unsuitable for atomic cross-chain transactions in asynchronous environments where crash failures and network delays are the norm. In this paper, we present AC3WN, the first decentralized all-or-nothing atomic cross-chain commitment protocol. Events for redeeming and refunding smart contracts to exchange assets are modeled as conflicting events. An open permissionless network of witnesses is used to guarantee that conflicting events could never simultaneously occur and either all smart contracts in an atomic cross-chain transaction are redeemed or all of them are refunded.
Trustee: Full Privacy Preserving Vickrey Auction on top of Ethereum
Authors: Hisham S. Galal, Amr M. Youssef
Abstract: The wide deployment of tokens for digital assets on top of Ethereum implies the need for powerful trading platforms. Vickrey auctions have been known to determine the real market price of items as bidders are motivated to submit their own monetary valuations without leaking their information to the competitors. Recent constructions have utilized various cryptographic protocols such as ZKP and MPC, however, these approaches either are partially privacy-preserving or require complex computations with several rounds. In this paper, we overcome these limits by presenting Trustee as a Vickrey auction on Ethereum which fully preserves bids’ privacy at relatively much lower fees. Trustee consists of three components: a front-end smart contract deployed on Ethereum, an Intel SGX enclave, and a relay to redirect messages between them. Initially, the enclave generates an Ethereum account and ECDH key-pair. Subsequently, the relay publishes the account’s address and ECDH public key on the smart contract. As a prerequisite, bidders are encouraged to verify the authenticity and security of Trustee by using the SGX remote attestation service. To participate in the auction, bidders utilize the ECDH public key to encrypt their bids and submit them to the smart contract. Once the bidding interval is closed, the relay retrieves the encrypted bids and feeds them to the enclave that autonomously generates a signed transaction indicating the auction winner. Finally, the relay submits the transaction to the smart contract which verifies the transaction’s authenticity and the parameters’ consistency before accepting the claimed auction winner. As part of our contributions, we have made a prototype for Trustee available on Github for the community to review and inspect it. Additionally, we analyze the security features of Trustee and report on the transactions’ gas cost incurred on Trustee smart contract.
Harvey: A Greybox Fuzzer for Smart Contracts
Authors: Valentin Wüstholz, Maria Christakis
Abstract: We present Harvey, an industrial greybox fuzzer for smart contracts, which are programs managing accounts on a blockchain. Greybox fuzzing is a lightweight test-generation approach that effectively detects bugs and security vulnerabilities. However, greybox fuzzers randomly mutate program inputs to exercise new paths; this makes it challenging to cover code that is guarded by narrow checks, which are satisfied by no more than a few input values. Moreover, most real-world smart contracts transition through many different states during their lifetime, e.g., for every bid in an auction. To explore these states and thereby detect deep vulnerabilities, a greybox fuzzer would need to generate sequences of contract transactions, e.g., by creating bids from multiple users, while at the same time keeping the search space and test suite tractable. In this experience paper, we explain how Harvey alleviates both challenges with two key fuzzing techniques and distill the main lessons learned. First, Harvey extends standard greybox fuzzing with a method for predicting new inputs that are more likely to cover new paths or reveal vulnerabilities in smart contracts. Second, it fuzzes transaction sequences in a targeted and demand-driven way. We have evaluated our approach on 27 real-world contracts. Our experiments show that the underlying techniques significantly increase Harvey’s effectiveness in achieving high coverage and detecting vulnerabilities, in most cases orders-of-magnitude faster; they also reveal new insights about contract code.
Ques-Chain: an Ethereum Based E-Voting System
Authors: Qixuan Zhang, Bowen Xu, Haotian Jing, Zeyu Zheng
Abstract: Ethereum is an open-source, public, blockchain-based distributed computing platform and operating system featuring smart contract functionality. In this paper, we proposed an Ethereum based eletronic voting (e-voting) protocol, Ques-Chain, which can ensure the authentication can be done without hurting confidentiality and the anonymity can be protected without problems of scams at the same time. Furthermore, the authors considered the wider usages Ques-Chain can be applied on, pointing out that it is able to process all kinds of messages and can be used in all fields with similar needs.
Empirically Analyzing Ethereum’s Gas Mechanism
Authors: Renlord Yang, Toby Murray, Paul Rimba, Udaya Parampalli
Abstract: Ethereum’s Gas mechanism attempts to set transaction fees in accordance with the computational cost of transaction execution: a cost borne by default by every node on the network to ensure correct smart contract execution. Gas encourages users to author transactions that are efficient to execute and in so doing encourages node diversity, allowing modestly resourced nodes to join and contribute to the security of the network.
However, the effectiveness of this scheme relies on Gas costs being correctly aligned with observed computational costs in reality. In this work, we performed the first large scale empirical study to understand to what degree this alignment exists in practice, by collecting and analyzing Tera-bytes worth of nanosecond-precision transaction execution traces. Besides confirming potential denial-of-service vectors, our results also shed light on the role of I/O in transaction costs which remains poorly captured by the current Gas cost model. Finally, our results suggest that under the current Gas cost model, nodes with modest computational resources are disadvantaged compared to their better resourced peers, which we identify as an ongoing threat to node diversity and network decentralization.
Monetary Stabilization in Cryptocurrencies – Design Approaches and Open Questions
Authors: Ingolf G.A. Pernice, Sebastian Henningsen, Roman Proskalovich, Martin Florian, Hermann Elendner, Björn Scheuermann
Abstract: The price volatility of cryptocurrencies is often cited as a major hindrance to their wide-scale adoption. Consequently, during the last two years, multiple so called stablecoins have surfaced—cryptocurrencies focused on maintaining stable exchange rates. In this paper, we systematically explore and analyze the stablecoin landscape. Based on a survey of 24 specific stablecoin projects, we go beyond individual coins for extracting general concepts and approaches. We combine our findings with learnings from classical monetary policy, resulting in a comprehensive taxonomy of cryptocurrency stabilization. We use our taxonomy to highlight the current state of development from different perspectives and show blank spots. For instance, while over 91% of projects promote 1-to-1 stabilization targets to external assets, monetary policy literature suggests that the smoothing of short term volatility is often a more sustainable alternative. Our taxonomy bridges computer science and economics, fostering the transfer of expertise. For example, we find that 38% of the reviewed projects use a combination of exchange rate targeting and specific stabilization techniques that can render them vulnerable to speculative economic attacks – an avoidable design flaw.
Real-time Prediction of Bitcoin bubble Crashes
Authors: Min Shu, Wei Zhu
Abstract: In the past decade, Bitcoin has become an emerging asset class well known to most people because of their extraordinary return potential in phases of extreme price growth and their unpredictable massive crashes. We apply the LPPLS confidence indicator as a diagnostic tool for identifying bubbles using the daily data of Bitcoin price in the past two years. We find that the LPPLS confidence indicator based on the daily data of Bitcoin price fails to provide effective warnings for detecting the bubbles when the Bitcoin price suffers from a large fluctuation in a short time, especially for positive bubbles. In order to diagnose the existence of bubbles and accurately predict the bubble crashes in the cryptocurrency market, this study proposes an adaptive multilevel time series detection methodology based on the LPPLS model. We adopt two levels of time series, 1 hour and 30 minutes, to demonstrate the adaptive multilevel time series detection methodology. The results show that the LPPLS confidence indicator based on the adaptive multilevel time series detection methodology have not only an outstanding performance to effectively detect the bubbles and accurately forecast the bubble crashes, but can also monitor the development and the crash of bubbles even if a bubble exists in a short time. In addition, we discover that the short-term LPPLS confidence indicator greatly affected by the extreme fluctuations of Bitcoin price can provide some useful insights into the bubble status on a shorter time scale, and the long-term LPPLS confidence indicator has a stable performance in terms of effectively monitoring the bubble status on a longer time scale. The adaptive multilevel time series detection methodology can provide real-time detection of bubbles and advanced forecast to warn of an imminent crash risk in not only the cryptocurrency market but also the other financial markets.
Predicting and Forecasting the Price of Constituents and Index of Cryptocurrency Using Machine Learning
Authors: Reaz Chowdhury, M. Arifur Rahman, M. Sohel Rahman, M.R.C. Mahdy
Abstract: At present, cryptocurrencies have become a global phenomenon in financial sectors as it is one of the most traded financial instruments worldwide. Cryptocurrency is not only one of the most complicated and abstruse fields among financial instruments, but it is also deemed as a perplexing problem in finance due to its high volatility. This paper makes an attempt to apply machine learning techniques on the index and constituents of cryptocurrency with a goal to predict and forecast prices thereof. In particular, the purpose of this paper is to predict and forecast the close (closing) price of the cryptocurrency index 30 and nine constituents of cryptocurrencies using machine learning algorithms and models so that, it becomes easier for people to trade these currencies. We have used several machine learning techniques and algorithms and compared the models with each other to get the best output. We believe that our work will help reduce the challenges and difficulties faced by people, who invest in cryptocurrencies. Moreover, the obtained results can play a major role in cryptocurrency portfolio management and in observing the fluctuations in the prices of constituents of cryptocurrency market. We have also compared our approach with similar state of the art works from the literature, where machine learning approaches are considered for predicting and forecasting the prices of these currencies. In the sequel, we have found that our best approach presents better and competitive results than the best works from the literature thereby advancing the state of the art. Using such prediction and forecasting methods, people can easily understand the trend and it would be even easier for them to trade in a difficult and challenging financial instrument like cryptocurrency.
Relevant Stylized Facts About Bitcoin: Fluctuations, First Return Probability, and Natural Phenomena
Authors: C. R. da Cunha, R. da Silva
Abstract: Bitcoin is a digital financial asset that is devoid of a central authority. This makes it distinct from traditional financial assets in a number of ways. For instance, the total number of tokens is limited and it has not explicit use value. Nonetheless, little is know whether it obeys the same stylized facts found in traditional financial assets. Here we test bitcoin for a set of these stylized facts and conclude that it behaves statistically as most of other assets. For instance, it exhibits aggregational Gaussianity and fluctuation scaling. Moreover, we show by an analogy with natural occurring quakes that bitcoin obeys both the Omori and Gutenberg-Richter laws. Finally, we show that the global persistence, originally defined for spin systems, presents a power law behavior with exponent similar to that found in stock markets.
Initial Crypto-asset Offerings (ICOs), tokenization and corporate governance
Authors: Stéphane Blémus (UP1), Dominique Guegan (CES, UP1)
Abstract: This paper discusses the potential impacts of the so-called `initial coin offerings’, and of several developments based on distributed ledger technology (`DLT’), on corporate governance. While many academic papers focus mainly on the legal qualification of DLT and crypto-assets, and most notably in relation to the potential definition of the latter as securities/financial instruments, the authors analyze some of the use cases based on DLT technology and their potential for significant changes of the corporate governance analyses. This article studies the consequences due to the emergence of new kinds of firm stakeholders, i.e. the crypto-assets holders, on the governance of small and medium-sized enterprises (`SMEs’) as well as of publicly traded companies. Since early 2016, a new way of raising funds has rapidly emerged as a major issue for FinTech founders and financial regulators. Frequently referred to as initial coin offerings, Initial Token Offerings (`ITO’), Token Generation Events (`TGE’) or simply `token sales’, we use in our paper the terminology Initial Crypto-asset Offerings (`ICO’), as it describes more effectively than `initial coin offerings’ the vast diversity of assets that could be created and which goes far beyond the payment instrument issue.
Determining the number of factors in a forecast model by a random matrix test: cryptocurrencies
Authors: Andrés García Medina, Graciela González-Farías
Abstract: We determine the number of statistically significant factors in a forecast model using a random matrices test. The applied forecast model is of the type of Reduced Rank Regression (RRR), in particular, we chose a flavor which can be seen as the Canonical Correlation Analysis (CCA). As empirical data, we use cryptocurrencies at hour frequency, where the variable selection was made by a criterion from information theory. The results are consistent with the usual visual inspection, with the advantage that the subjective element is avoided. Furthermore, the computational cost is minimal compared to the cross-validation approach.
Rough volatility of Bitcoin
Author: Tetsuya Takaishi
Abstract: Recent studies have found that the log-volatility of asset returns exhibit roughness. This study investigates roughness or the anti-persistence of Bitcoin volatility. Using the multifractal detrended fluctuation analysis, we obtain the generalized Hurst exponent of the log-volatility increments and find that the generalized Hurst exponent is less than 1/2, which indicates log-volatility increments that are rough. Furthermore, we find that the generalized Hurst exponent is not constant. This observation indicates that the log-volatility has multifractal property. Using shuffled time series of the log-volatility increments, we infer that the source of multifractality partly comes from the distributional property.
Internet as a Service (IaaS)
Towards a Security Baseline for IaaS-Cloud Back-Ends in Industry 4.0
Authors: Elisabeth Bauer, Oliver Schluga, Silia Maksuti, Ani Bicaku, David Hofbauer, Igor Ivkic, Markus Tauber, Alexander Wöhrer
Abstract: The popularity of cloud based Infrastructure-as-a- Service (IaaS) solutions is becoming increasingly popular. However, since IaaS providers and customers interact in a flexible and scalable environment, security remains a serious concern. To handle such security issues, defining a set of security parameters in the service level agreements (SLA) between both, IaaS provider and customer, is of utmost importance. In this paper, the European Network and Information Security Agency (ENISA) guidelines are evaluated to extract a set of security parameters for IaaS. Furthermore, the level of applicability and implementation of this set is used to assess popular industrial and open-source IaaS cloud platforms, respectively VMware and OpenStack. Both platforms provide private clouds, used as backend infrastructures in Industry 4.0 application scenarios. The results serve as initial work to identify a security baseline and research needs for creating secure cloud environments for Industry 4.0.
Internet of Things (IoT)
Blockchain-based Data Provenance for the Internet of Things
Authors: Marten Sigwart, Michael Borkowski, Marco Peise, Stefan Schulte, Stefan Tai
Abstract: As more and more applications and services depend on data collected by Internet of Things (IoT) devices, it is of utmost importance that such data can be trusted. While data provenance solutions together with blockchain technology are one way to make data more trustworthy, current solutions do not address the heterogeneous nature of IoT applications and their data. In this work, we identify functional and non-functional requirements for a generic IoT data provenance framework, and conceptualise the framework as a layered architecture. Using our proof-of-concept implementation based on Ethereum smart contracts, data provenance concepts can be realised for a wide range of IoT use cases. Benefits of a generic framework include simplified adoption and a more rapid implementation of data provenance for the IoT.
Proof-of-forgery for hash-based signatures
Authors: O. E. Kiktenko, A. M. Kudinov, A. A. Bulychev, K. A. Fedorov
Abstract: In the present work, a peculiar property of hash-based signatures allowing detection of their forgery event is explored. This property relies on the fact that a successful forgery of a hash-based signature most likely results in a collision with respect to the employed hash function, while the demonstration of this collision could serve as convincing evidence of the forgery. Here we prove that with properly adjusted parameters Lamport and Winternitz one-time signatures schemes could exhibit a forgery detection availability property. This property is of significant importance in the framework of crypto-agility paradigm since the considered forgery detection serves as an alarm that the employed cryptographic hash function becomes insecure to use and the corresponding scheme has to be replaced.
SoK: Tools for Game Theoretic Models of Security for Cryptocurrencies
Authors: Sarah Azouvi, Alexander Hicks
Abstract: Cryptocurrencies have garnered much attention in recent years, both from the academic community and industry. One interesting aspect of cryptocurrencies is their explicit consideration of incentives at the protocol level. Understanding how to incorporate this into the models used to design cryptocurrencies has motivated a large body of work, yet many open problems still exist and current systems rarely deal with incentive related problems well. This issue arises due to the gap between Cryptography and Distributed Systems security, which deals with traditional security problems that ignore the explicit consideration of incentives, and Game Theory, which deals best with situations involving incentives. With this work, we aim to offer a systematization of the work that relates to this problem, considering papers that blend Game Theory with Cryptography or Distributed systems and discussing how they can be related. This gives an overview of the available tools, and we look at their (potential) use in practice, in the context of existing blockchain based systems that have been proposed or implemented.
Blockchain Mining Games with Pay Forward
Authors: Elias Koutsoupias, Philip Lazos, Paolo Serafino, Foluso Ogunlana
Abstract: We study the strategic implications that arise from adding one extra option to the miners participating in the bitcoin protocol. We propose that when adding a block, miners also have the ability to pay forward an amount to be collected by the first miner who successfully extends their branch, giving them the power to influence the incentives for mining. We formulate a stochastic game for the study of such incentives and show that with this added option, smaller miners can guarantee that the best response of even substantially more powerful miners is to follow the expected behavior intended by the protocol designer.
Impossibility of Full Decentralization in Permissionless Blockchains
Authors: Yujin Kwon, Jian Liu, Minjeong Kim, Dawn Song, Yongdae Kim
Abstract: Bitcoin uses blockchain technology and proof-of-work (PoW) mechanism where nodes spend computing resources and earn rewards in return for spending these resources. This incentive system has caused power to be significantly biased towards a few nodes, called mining pools. In fact, poor decentralization appears not only in PoW-based coins but also in coins adopting other mechanisms such as proof-of-stake (PoS) and delegated proof-of-stake (DPoS). In this paper, we target this centralization issue. To this end, we first define (m, \varepsilon, \delta)-decentralization as a state that satisfies 1) there are at least m participants running a node and 2) the ratio between the total resource power of nodes run by the richest and \delta-th percentile participants is less than or equal to 1+\varepsilon. To see if it is possible to achieve good decentralization, we introduce sufficient conditions for the incentive system of a blockchain to reach (m, \varepsilon, \delta)-decentralization. Then we find an incentive system satisfying these conditions. Through this incentive system, a blockchain system can reach full decentralization with probability 1. However, to adopt this incentive system, the blockchain system should be able to assign a positive Sybil cost, where the Sybil cost is defined as the difference between the cost for one participant running multiple nodes and the total cost for multiple participants each running one node. On the other hand, we prove that when there is no Sybil cost, the probability of reaching (m, \varepsilon, \delta)-decentralization is upper bounded by a value close to 0, considering a large rich-poor gap. To determine the conditions that each system cannot satisfy, we also analyze protocols of all PoW, PoS, and DPoS coins in the top 100 coins according to our conditions. Finally, we conduct data analysis of these coins to validate our theory.
Selfish Mining in Ethereum
Authors: Cyril Grunspan, Ricardo Pérez-Marco
Abstract: We study selfish mining in Ethereum. The problem is combinatorially more complex than in Bitcoin because of major differences in the reward system and a different difficulty adjustment formula. Equivalent strategies in Bitcoin do have different profitabilities in Ethereum. The attacker can either broadcast his fork one block by one, or keep them secret as long as possible and publish them all at once at the end of an attack cycle. The first strategy is damaging for substantial hashrates, and we show that the second strategy is even worse. This confirms what we already proved for Bitcoin: Selfish mining is most of all an attack on the difficulty adjustment formula. We show that the current reward for signaling uncle blocks is a weak incentive for the attacker to signal blocks. We compute the profitabilities of different strategies and find out that for a large parameter space values, strategies that do not signal blocks are the best ones. We compute closed-form formulas for the apparent hashrates for these strategies and compare them. We use a direct combinatorics analysis with Dyck words to find these closed-form formulas.
An Empirical Evaluation of Selfish Mining and Strategic Mining in Proof-of-Work Blockchain with Multiple Miners
Authors: Tin Leelavimolsilp, Long Tran-Thanh, Sebastian Stein, Viet Hung Nguyen
Abstract: Nowadays, Bitcoin and Proof-of-Work blockchain systems are becoming prominent and incorporated in many applications and multi-agent systems. Despite their wide applications, the security of such systems is not entirely guaranteed even if half of the total hash rate is held by non-malicious miners. Particularly, Selfish mining strategy (Eyal and Sirer, 2014) which could disrupt the economy of Bitcoin mining has not been studied in the context of multiple miners. Our empirical investigation extends the original study by accounting for multiple Selfish miners (who always use Selfish mining strategy) and multiple strategic miners (who choose a mining strategy to maximise their individual mining reward.) We show that the number of miners in the system is as important as the distribution of hash rate among miners and Selfish mining can be prevented in the presence of multiple miners.
A Deep Dive into Bitcoin Mining Pools: An Empirical Analysis of Mining Shares
Authors: Matteo Romiti, Aljosha Judmayer, Alexei Zamyatin, Bernhard Haslhofer
Abstract: Miners play a key role in cryptocurrencies such as Bitcoin: they invest substantial computational resources in processing transactions and minting new currency units. It is well known that an attacker controlling more than half of the network’s mining power could manipulate the state of the system at will. While the influence of large mining pools appears evenly split, the actual distribution of mining power within these pools and their economic relationships with other actors remain undisclosed. To this end, we conduct the first in-depth analysis of mining reward distribution within three of the four largest Bitcoin mining pools and examine their cross-pool economic relationships. Our results suggest that individual miners are simultaneously operating across all three pools and that in each analyzed pool a small number of actors (<= 20) receives over 50% of all BTC payouts. While the extent of an operator’s control over the resources of a mining pool remains an open debate, our findings are in line with previous research, pointing out centralization tendencies in large mining pools and cryptocurrencies in general.
Proof of Work (PoW) alternatives
Zero-Knowledge Proof-of-Identity: Sybil-Resistant, Anonymous Authentication on Permissionless Blockchains and Incentive Compatible, Strictly Dominant Cryptocurrencies
Author: David Cerezo Sánchez
Abstract: Zero-Knowledge Proof-of-Identity from trusted public certificates (e.g., national identity cards and/or ePassports; eSIM) is introduced here to permissionless blockchains in order to remove the inefficiencies of Sybil-resistant mechanisms such as Proof-of-Work (i.e., high energy and environmental costs) and Proof-of-Stake (i.e., capital hoarding and lower transaction volume). The proposed solution effectively limits the number of mining nodes a single individual would be able to run while keeping membership open to everyone, circumventing the impossibility of full decentralization and the blockchain scalability trilemma when instantiated on a blockchain with a consensus protocol based on the cryptographic random selection of nodes. Resistance to collusion is also considered.
Solving one of the most pressing problems in blockchains, a zk-PoI cryptocurrency is proved to have the following advantageous properties:
– an incentive-compatible protocol for the issuing of cryptocurrency rewards based on a unique Nash equilibrium
– strict domination of mining over all other PoW/PoS cryptocurrencies, thus the zk-PoI cryptocurrency becoming the preferred choice by miners is proved to be a Nash equilibrium and the Evolutionarily Stable Strategy
– PoW/PoS cryptocurrencies are condemned to pay the Price of Crypto-Anarchy, redeemed by the optimal efficiency of zk-PoI as it implements the social optimum
– the circulation of a zk-PoI cryptocurrency Pareto dominates other PoW/PoS cryptocurrencies
– the network effects arising from the social networks inherent to national identity cards and ePassports dominate PoW/PoS cryptocurrencies
– the lower costs of its infrastructure imply the existence of a unique equilibrium where it dominates other forms of payment
Proof-of-Prestige: A Useful Work Reward System for Unverifiable Tasks
Authors: Michał Król, Alberto Sonnino, Mustafa Al-Bassam, Argyrios Tasiopoulos, Ioannis Psaras
Abstract: As cryptographic tokens and altcoins are increasingly being built to serve as utility tokens, the notion of useful work consensus protocols, as opposed to number-crunching PoW consensus, is becoming ever more important. In such contexts, users get rewards from the network after they have carried out some specific task useful for the network. While in some cases the proof of some utility or service can be proved, the majority of tasks are impossible to verify. In order to deal with such cases, we design Proof-of-Prestige (PoP) – a reward system that can run on top of Proof-of-Stake blockchains. PoP introduces prestige which is a volatile resource and, in contrast to coins, regenerates over time. Prestige can be gained by performing useful work, spent when benefiting from services and directly translates to users minting power. PoP is resistant against Sybil and Collude attacks and can be used to reward workers for completing unverifiable tasks, while keeping the system free for the end-users. We use two exemplar use-cases to showcase the usefulness of PoP and we build a simulator to assess the cryptoeconomic behaviour of the system in terms of prestige transfer between nodes.