[![Contributors][contributors-shield]][contributors-url] [![Forks][forks-shield]][forks-url] [![Stargazers][stars-shield]][stars-url] [![Issues][issues-shield]][issues-url]
Usage instructions: here
Table of Contents
| Publish Date | Title | Authors | Code | |
|---|---|---|---|---|
| 2024-09-26 | Drawing the boundaries between Blockchain and Blockchain-like systems: A Comprehensive Survey on Distributed Ledger Technologies | Badr Bellaj et.al. | 2409.18799 | Bitcoin's global success has led to the rise of blockchain, but many systems labeled as "blockchain" deviate from its core principles, adding complexity to the ecosystem. This survey addresses the need for a comprehensive review and taxonomy to clarify the differences between blockchain and blockchain-like systems. We propose a reference model with four key layers: data, consensus, execution, and application, and introduce a new taxonomy for better classification. Through a qualitative and quantitative analysis of 44 DLT solutions and 26 consensus mechanisms, we highlight key challenges and offer research directions in the field. |
| 2024-09-27 | Architecture for Protecting Data Privacy in Decentralized Social Networks | Quang Cao et.al. | 2409.18360 | Centralized social networks have experienced a transformative impact on our digital era communication, connection, and information-sharing information. However, it has also raised significant concerns regarding users' privacy and individual rights. In response to these concerns, this paper proposes a novel Decentralized Social Network employing Blockchain technology and Decentralized Storage Networks completed by Access Control Smart Contracts. The initial phase comprises a comprehensive literature review, delving into decentralized social networks, explaining the review methodology, and presenting the resulting findings. Building upon these findings and an analysis of previous research gaps, we propose a novel architecture for decentralized social networks. In conclusion, the principal results highlight the benefit of our decentralized social network to protect user privacy. Moreover, the users have all rights to their posted information following the General Data Protection Regulation (GDPR). |
| 2024-09-26 | PDFed: Privacy-Preserving and Decentralized Asynchronous Federated Learning for Diffusion Models | Kar Balan et.al. | 2409.18245 | We present PDFed, a decentralized, aggregator-free, and asynchronous federated learning protocol for training image diffusion models using a public blockchain. In general, diffusion models are prone to memorization of training data, raising privacy and ethical concerns (e.g., regurgitation of private training data in generated images). Federated learning (FL) offers a partial solution via collaborative model training across distributed nodes that safeguard local data privacy. PDFed proposes a novel sample-based score that measures the novelty and quality of generated samples, incorporating these into a blockchain-based federated learning protocol that we show reduces private data memorization in the collaboratively trained model. In addition, PDFed enables asynchronous collaboration among participants with varying hardware capabilities, facilitating broader participation. The protocol records the provenance of AI models, improving transparency and auditability, while also considering automated incentive and reward mechanisms for participants. PDFed aims to empower artists and creators by protecting the privacy of creative works and enabling decentralized, peer-to-peer collaboration. The protocol positively impacts the creative economy by opening up novel revenue streams and fostering innovative ways for artists to benefit from their contributions to the AI space. |
| 2024-09-26 | Verifying Randomized Consensus Protocols with Common Coins | Song Gao et.al. | 2409.17627 | Randomized fault-tolerant consensus protocols with common coins are widely used in cloud computing and blockchain platforms. Due to their fundamental role, it is vital to guarantee their correctness. Threshold automata is a formal model designed for the verification of fault-tolerant consensus protocols. It has recently been extended to probabilistic threshold automata (PTAs) to verify randomized fault-tolerant consensus protocols. Nevertheless, PTA can only model randomized consensus protocols with local coins. In this work, we extend PTA to verify randomized fault-tolerant consensus protocols with common coins. Our main idea is to add a process to simulate the common coin (the so-called common-coin process). Although the addition of the common-coin process destroys the symmetry and poses technical challenges, we show how PTA can be adapted to overcome the challenges. We apply our approach to verify the agreement, validity and almost-sure termination properties of 8 randomized consensus protocols with common coins. |
| 2024-09-26 | BioZero: An Efficient and Privacy-Preserving Decentralized Biometric Authentication Protocol on Open Blockchain | Junhao Lai et.al. | 2409.17509 | Digital identity plays a vital role in enabling secure access to resources and services in the digital world. Traditional identity authentication methods, such as password-based and biometric authentications, have limitations in terms of security, privacy, and scalability. Decentralized authentication approaches leveraging blockchain technology have emerged as a promising solution. However, existing decentralized authentication methods often rely on indirect identity verification (e.g. using passwords or digital signatures as authentication credentials) and face challenges such as Sybil attacks. In this paper, we propose BioZero, an efficient and privacy-preserving decentralized biometric authentication protocol that can be implemented on open blockchain. BioZero leverages Pedersen commitment and homomorphic computation to protect user biometric privacy while enabling efficient verification. We enhance the protocol with non-interactive homomorphic computation and employ zero-knowledge proofs for secure on-chain verification. The unique aspect of BioZero is that it is fully decentralized and can be executed by blockchain smart contracts in a very efficient way. We analyze the security of BioZero and validate its performance through a prototype implementation. The results demonstrate the effectiveness, efficiency, and security of BioZero in decentralized authentication scenarios. Our work contributes to the advancement of decentralized identity authentication using biometrics. |
| 2024-09-20 | Blockchain-Enabled Variational Information Bottleneck for Data Extraction Based on Mutual Information in Internet of Vehicles | Cui Zhang et.al. | 2409.17287 | The Internet of Vehicles (IoV) network can address the issue of limited computing resources and data processing capabilities of individual vehicles, but it also brings the risk of privacy leakage to vehicle users. Applying blockchain technology can establish secure data links within the IoV, solving the problems of insufficient computing resources for each vehicle and the security of data transmission over the network. However, with the development of the IoV, the amount of data interaction between multiple vehicles and between vehicles and base stations, roadside units, etc., is continuously increasing. There is a need to further reduce the interaction volume, and intelligent data compression is key to solving this problem. The VIB technique facilitates the training of encoding and decoding models, substantially diminishing the volume of data that needs to be transmitted. This paper introduces an innovative approach that integrates blockchain with VIB, referred to as BVIB, designed to lighten computational workloads and reinforce the security of the network. We first construct a new network framework by separating the encoding and decoding networks to address the computational burden issue, and then propose a new algorithm to enhance the security of IoV networks. We also discuss the impact of the data extraction rate on system latency to determine the most suitable data extraction rate. An experimental framework combining Python and C++ has been established to substantiate the efficacy of our BVIB approach. Comprehensive simulation studies indicate that the BVIB consistently excels in comparison to alternative foundational methodologies. |
| 2024-09-21 | XDC Gasless Subnet: Gasless Subnet Staking dApp for XDC Network | Mohuya Chakraborty et.al. | 2409.17176 | With a delegated proof-of-stake (XDPoS) consensus mechanism, the XDC Network is an enterprise-focused blockchain platform that combines the strength of public and private blockchains to provide quick transaction times, low energy consumption, and economical gas fees. XDC is designed for interoperability and supports decentralized apps (dApps) and integrates smoothly with financial systems. It is perfect for trade financing and tokenisation of physical assets because of its emphasis on security and scalability. However, there are a few critical issues that hamper wider acceptance and usability for certain high-frequency applications. This whitepaper introduces a novel and enthralling dApp for establishing a gasless subnet in which mainnet XDC can be staked to spin off a subnet that functions similarly to a non-crypto network, accepting currency fees on the XDC network. This would allow users to stake their tokens without incurring gas fees making the staking process more efficient, cost-effective, and simultaneously enhancing scalability. Performance evaluation of the dApp shows promising results in terms of throughput, latency, scalability, security, and cost efficiency. The use cases and applications of this approach along with challenges and ensuing solutions are included. |
| 2024-09-24 | Artificial Intelligence for Secured Information Systems in Smart Cities: Collaborative IoT Computing with Deep Reinforcement Learning and Blockchain | Amin Zakaie Far et.al. | 2409.16444 | The accelerated expansion of the Internet of Things (IoT) has raised critical challenges associated with privacy, security, and data integrity, specifically in infrastructures such as smart cities or smart manufacturing. Blockchain technology provides immutable, scalable, and decentralized solutions to address these challenges, and integrating deep reinforcement learning (DRL) into the IoT environment offers enhanced adaptability and decision-making. This paper investigates the integration of blockchain and DRL to optimize mobile transmission and secure data exchange in IoT-assisted smart cities. Through the clustering and categorization of IoT application systems, the combination of DRL and blockchain is shown to enhance the performance of IoT networks by maintaining privacy and security. Based on the review of papers published between 2015 and 2024, we have classified the presented approaches and offered practical taxonomies, which provide researchers with critical perspectives and highlight potential areas for future exploration and research. Our investigation shows how combining blockchain's decentralized framework with DRL can address privacy and security issues, improve mobile transmission efficiency, and guarantee robust, privacy-preserving IoT systems. Additionally, we explore blockchain integration for DRL and outline the notable applications of DRL technology. By addressing the challenges of machine learning and blockchain integration, this study proposes novel perspectives for researchers and serves as a foundational exploration from an interdisciplinary standpoint. |
| 2024-09-18 | Novel Saliency Analysis for the Forward Forward Algorithm | Mitra Bakhshi et.al. | 2409.15365 | Incorporating the Forward Forward algorithm into neural network training represents a transformative shift from traditional methods, introducing a dual forward mechanism that streamlines the learning process by bypassing the complexities of derivative propagation. This method is noted for its simplicity and efficiency and involves executing two forward passes the first with actual data to promote positive reinforcement, and the second with synthetically generated negative data to enable discriminative learning. Our experiments confirm that the Forward Forward algorithm is not merely an experimental novelty but a viable training strategy that competes robustly with conventional multi layer perceptron (MLP) architectures. To overcome the limitations inherent in traditional saliency techniques, which predominantly rely on gradient based methods, we developed a bespoke saliency algorithm specifically tailored for the Forward Forward framework. This innovative algorithm enhances the intuitive understanding of feature importance and network decision-making, providing clear visualizations of the data features most influential in model predictions. By leveraging this specialized saliency method, we gain deeper insights into the internal workings of the model, significantly enhancing our interpretative capabilities beyond those offered by standard approaches. Our evaluations, utilizing the MNIST and Fashion MNIST datasets, demonstrate that our method performs comparably to traditional MLP-based models. |
| 2024-09-23 | TeeRollup: Efficient Rollup Design Using Heterogeneous TEE | Xiaoqing Wen et.al. | 2409.14647 | Rollups have emerged as a promising approach to improving blockchains' scalability by offloading transactions execution off-chain. Existing rollup solutions either leverage complex zero-knowledge proofs or optimistically assume execution correctness unless challenged. However, these solutions have practical issues such as high gas costs and significant withdrawal delays, hindering their adoption in decentralized applications. This paper introduces TeeRollup, an efficient rollup design with low gas costs and short withdrawal delays. TeeRollup employs Trusted Execution Environments (TEEs)-supported sequencers to execute transactions, requiring the blockchain to verify only the TEEs' signatures. TeeRollup is designed under a realistic threat model in which the integrity and availability of sequencers' TEEs may be compromised. To address these issues, we first introduce a distributed system of sequencers with heterogeneous TEEs, ensuring system security even if a minority of TEEs are compromised. Second, we propose a challenge mechanism to solve the redeemability issue caused by TEE unavailability. Furthermore, TeeRollup incorporates Data Availability Providers (DAPs) to reduce on-chain storage overhead and uses a laziness penalty game to regulate DAP behavior. We implement a prototype of TeeRollup in Golang, using the Ethereum test network, Sepolia. Our experimental results indicate that TeeRollup outperforms zero-knowledge rollups (zk-rollups), reducing on-chain verification costs by approximately 86% and withdrawal delays to a few minutes. |
| 2024-09-23 | MECURY: Practical Cross-Chain Exchange via Trusted Hardware | Xiaoqing Wen et.al. | 2409.14640 | The proliferation of blockchain-backed cryptocurrencies has sparked the need for cross-chain exchanges of diverse digital assets. Unfortunately, current exchanges suffer from high on-chain verification costs, weak threat models of central trusted parties, or synchronous requirements, making them impractical for currency trading applications. In this paper, we present MERCURY, a practical cryptocurrency exchange that is trust-minimized and efficient without online-client requirements. MERCURY leverages Trusted Execution Environments (TEEs) to shield participants from malicious behaviors, eliminating the reliance on trusted participants and making on-chain verification efficient. Despite the simple idea, building a practical TEE-assisted cross-chain exchange is challenging due to the security and unavailability issues of TEEs. MERCURY tackles the unavailability problem of TEEs by implementing an efficient challenge-response mechanism executed on smart contracts. Furthermore, MERCURY utilizes a lightweight transaction verification mechanism and adopts multiple optimizations to reduce on-chain costs. Comparative evaluations with XClaim, ZK-bridge, and Tesseract demonstrate that MERCURY significantly reduces on-chain costs by approximately 67.87%, 45.01%, and 47.70%, respectively. |
| 2024-09-22 | Brain Surgery: Ensuring GDPR Compliance in Large Language Models via Concept Erasure | Michele Laurelli et.al. | 2409.14603 | As large-scale AI systems proliferate, ensuring compliance with data privacy laws such as the General Data Protection Regulation (GDPR) has become critical. This paper introduces Brain Surgery, a transformative methodology for making every local AI model GDPR-ready by enabling real-time privacy management and targeted unlearning. Building on advanced techniques such as Embedding-Corrupted Prompts (ECO Prompts), blockchain-based privacy management, and privacy-aware continual learning, Brain Surgery provides a modular solution that can be deployed across various AI architectures. This tool not only ensures compliance with privacy regulations but also empowers users to define their own privacy limits, creating a new paradigm in AI ethics and governance. |
| 2024-09-22 | An Integrated Blockchain and IPFS Solution for Secure and Efficient Source Code Repository Hosting using Middleman Approach | Md. Rafid Haque et.al. | 2409.14530 | Version control systems (VCS) are essential for software development, yet centralized VCS present risks such as data loss, security breaches, and ownership disputes. While blockchain-based approaches to decentralized source code repository hosting have been explored, many existing solutions struggle with challenges related to security, scalability, efficiency, and real-time collaboration. This study seeks to enhance these efforts by proposing a novel decentralized solution that leverages the Ethereum blockchain and IPFS for secure, efficient, and resilient code repository hosting and governance. Our approach introduces a hybrid architecture that combines the immutable and decentralized nature of blockchain with the efficiency of IPFS for off-chain storage. To facilitate real-time collaboration, we integrate a temporary centralized Middleman IPFS that manages transaction processing and enhances operational efficiency without compromising long-term security. This Middleman IPFS acts as an intermediary, balancing the speed of centralized systems with the resilience of decentralized architectures. Our system uses smart contracts to maintain access control and key management by dynamically verifying access rights, ensuring that only authorized users can retrieve and decrypt data stored on IPFS. This integration allows for secure, real-time collaboration in environments where multiple collaborators need concurrent access to shared resources. Our system employs a hybrid encryption scheme that combines symmetric and asymmetric cryptography. The encrypted keys are stored on the blockchain, while IPFS handles the efficient storage of the codebase itself, with a Middleman IPFS maintaining concurrent collaboration, providing a robust and scalable solution for managing large-scale, collaborative coding projects. |
| 2024-09-22 | Blockchain Based Information Security and Privacy Protection: Challenges and Future Directions using Computational Literature Review | Gauri Shankar et.al. | 2409.14472 | Blockchain technology is an emerging digital innovation that has gained immense popularity in enhancing individual security and privacy within Information Systems (IS). This surge in interest is reflected in the exponential increase in research articles published on blockchain technology, highlighting its growing significance in the digital landscape. However, the rapid proliferation of published research presents significant challenges for manual analysis and synthesis due to the vast volume of information. The complexity and breadth of topics, combined with the inherent limitations of human data processing capabilities, make it difficult to comprehensively analyze and draw meaningful insights from the literature. To this end, we adopted the Computational Literature Review (CLR) to analyze pertinent literature impact and topic modelling using the Latent Dirichlet Allocation (LDA) technique. We identified 10 topics related to security and privacy and provided a detailed description of each topic. From the critical analysis, we have observed several limitations, and several future directions are provided as an outcome of this review. |
| 2024-09-28 | Cyber-Physical Authentication Scheme for Secure V2G Transactions Using Blockchain and Smart Contracts | Yunwang Chen et.al. | 2409.14008 | The rapid adoption of electric vehicles (EVs) globally has catalyzed the need for robust cybersecurity measures within vehicle-to-grid (V2G) networks. As these networks are increasingly being integrated into smart charging infrastructures, they also introduce new vulnerabilities that threaten grid stability and user privacy This paper proposes a cyber-physical authentication protocol and trading smart contract tailored to plug and charge (PnC) operations within blockchain-based V2G systems. The protocol leverages advanced cryptographic techniques and blockchain to ensure secure, transparent, and tamper-proof energy transactions between EVs and charging stations. Key contributions include the development of a cyber-physical authentication method, the implementation of a smart contract framework for secure energy trading, and a detailed security and privacy analysis. The proposed protocol effectively mitigates risks such as distributed denial of service (DDoS) attacks, man-in-the-middle (MitM) attacks and replay attacks while preserving user anonymity and data integrity. |
| 2024-09-20 | Stabl: Blockchain Fault Tolerance | Vincent Gramoli et.al. | 2409.13142 | Blockchain promises to make online services more fault tolerant due to their inherent distributed nature. Their ability to execute arbitrary programs in different geo-distributed regions and on diverse operating systems make them an alternative of choice to our dependence on unique software whose recent failure affected 8.5 millions of machines. As of today, it remains, however, unclear whether blockchains can truly tolerate failures. In this paper, we assess the fault tolerance of blockchain. To this end, we inject failures in controlled deployments of five modern blockchain systems, namely Algorand, Aptos, Avalanche, Redbelly and Solana. We introduce a novel sensitivity metric, interesting in its own right, as the difference between the integrals of two cumulative distribution functions, one obtained in a baseline environment and one obtained in an adversarial environment. Our results indicate that (i) all blockchains except Redbelly are highly impacted by the failure of a small part of their network, (ii) Avalanche and Redbelly benefit from the redundant information needed for Byzantine fault tolerance while others are hampered by it, and more dramatically (iii) Avalanche and Solana cannot recover from localised transient failures. |
| 2024-09-11 | Semantic Interoperability on Blockchain by Generating Smart Contracts Based on Knowledge Graphs | William Van Woensel et.al. | 2409.12171 | Background: Health 3.0 allows decision making to be based on longitudinal data from multiple institutions, from across the patient's healthcare journey. In such a distributed setting, blockchain smart contracts can act as neutral intermediaries to implement trustworthy decision making. Objective: In a distributed setting, transmitted data will be structured using standards (such as HL7 FHIR) for semantic interoperability. In turn, the smart contract will require interoperability with this standard, implement a complex communication setup (e.g., using oracles), and be developed using blockchain languages (e.g., Solidity). We propose the encoding of smart contract logic using a high-level semantic Knowledge Graph, using concepts from the domain standard. We then deploy this semantic KG on blockchain. Methods: Off-chain, a code generation pipeline compiles the KG into a concrete smart contract, which is then deployed on-chain. Our pipeline targets an intermediary bridge representation, which can be transpiled into a specific blockchain language. Our choice avoids on-chain rule engines, with unpredictable and likely higher computational cost; it is thus in line with the economic rules of blockchain. Results: We applied our code generation approach to generate smart contracts for 3 health insurance cases from Medicare. We discuss the suitability of our approach - the need for a neutral intermediary - for a number of healthcare use cases. Our evaluation finds that the generated contracts perform well in terms of correctness and execution cost ("gas") on blockchain. Conclusions: We showed that it is feasible to automatically generate smart contract code based on a semantic KG, in a way that respects the economic rules of blockchain. Future work includes studying the use of Large Language Models (LLM) in our approach, and evaluations on other blockchains. |
| 2024-09-20 | Empowering Visual Artists with Tokenized Digital Assets with NFTs | Ruiqiang Li et.al. | 2409.11790 | The Non-Fungible Tokens (NFTs) has the transformative impact on the visual arts industry by examining the nexus between empowering art practices and leveraging blockchain technology. First, we establish the context for this study by introducing some basic but critical technological aspects and affordances of the blockchain domain. Second, we revisit the creative practices involved in producing traditional artwork, covering various types, production processes, trading, and monetization methods. Third, we introduce and define the key fundamentals of the blockchain ecosystem, including its structure, consensus algorithms, smart contracts, and digital wallets. Fourth, we narrow the focus to NFTs, detailing their history, mechanics, lifecycle, and standards, as well as their application in the art world. In particular, we outline the key processes for minting and trading NFTs in various marketplaces and discuss the relevant market dynamics and pricing. We also consider major security concerns, such as wash trading, to underscore some of the central cybersecurity issues facing this domain. Finally, we conclude by considering future research directions, emphasizing improvements in user experience, security, and privacy. Through this innovative research overview, which includes input from creative industry and cybersecurity sdomain expertise, we offer some new insights into how NFTs can empower visual artists and reshape the wider copyright industries. |
| 2024-09-18 | Blockchain-Enabled IoV: Secure Communication and Trustworthy Decision-Making | Jingyi Sun et.al. | 2409.11621 | The Internet of Vehicles (IoV), which enables interactions between vehicles, infrastructure, and the environment, faces challenges in maintaining communication security and reliable automated decisions. This paper introduces a decentralized framework comprising a primary layer for managing inter-vehicle communication and a sub-layer for securing intra-vehicle interactions. By implementing blockchain-based protocols like Blockchain-integrated Secure Authentication (BiSA) and Decentralized Blockchain Name Resolution (DBNR), the framework ensures secure, decentralized identity management and reliable data exchanges, thereby supporting safe and efficient autonomous vehicle operations. |
| 2024-09-17 | CountChain: A Decentralized Oracle Network for Counting Systems | Behkish Nassirzadeh et.al. | 2409.11592 | Blockchain integration in industries like online advertising is hindered by its connectivity limitations to off-chain data. These industries heavily rely on precise counting systems for collecting and analyzing off-chain data. This requires mechanisms, often called oracles, to feed off-chain data into smart contracts. However, current oracle solutions are ill-suited for counting systems since the oracles do not know when to expect the data, posing a significant challenge. To address this, we present CountChain, a decentralized oracle network for counting systems. In CountChain, data is received by all oracle nodes, and any node can submit a proposition request. Each proposition contains enough data to evaluate the occurrence of an event. Only randomly selected nodes participate in a game to evaluate the truthfulness of each proposition by providing proof and some stake. Finally, the propositions with the outcome of True increment the counter in a smart contract. Thus, instead of a contract calling oracles for data, in CountChain, the oracles call a smart contract when the data is available. Furthermore, we present a formal analysis and experimental evaluation of the system's parameters on over half a million data points to obtain optimal system parameters. In such conditions, our game-theoretical analysis demonstrates that a Nash equilibrium exists wherein all rational parties participate with honesty. |
| 2024-09-27 | Multilevel Verification on a Single Digital Decentralized Distributed (DDD) Ledger | Ayush Thada et.al. | 2409.11410 | This paper presents an approach to using decentralized distributed digital (DDD) ledgers like blockchain with multi-level verification. In regular DDD ledgers like Blockchain, only a single level of verification is available, which makes it not useful for those systems where there is a hierarchy and verification is required on each level. In systems where hierarchy emerges naturally, the inclusion of hierarchy in the solution for the problem of the system enables us to come up with a better solution. Introduction to hierarchy means there could be several verification within a level in the hierarchy and more than one level of verification, which implies other challenges induced by an interaction between the various levels of hierarchies that also need to be addressed, like verification of the work of the previous level of hierarchy by given level in the hierarchy. The paper will address all these issues, and provide a road map to trace the state of the system at any given time and probability of failure of the system. |
| 2024-09-17 | Decentralized Biometric Authentication based on Fuzzy Commitments and Blockchain | Nibras Abo Alzahab et.al. | 2409.11303 | Blockchain technology, which was introduced for supporting cryptocurrencies, today provides a decentralized infrastructure for general information storage and execution of algorithms, thus enabling the conversion of many applications and services from a centralized and intermediated model to a decentralized and disintermediated one. In this paper we focus on biometric authentication, which is classically performed using centralized systems, and could hence benefit from decentralization. For such a purpose, however, an inherent contradiction between biometric applications and blockchain technology must be overcome, as the former require keeping biometric features private, while blockchain is a public infrastructure. We propose a blockchain-based biometric authentication protocol that enables decentralization and resilience while protecting the privacy, personal data, and, in particular, biometric features of users. The protocol we propose leverages fuzzy commitment schemes to allow biometric authentication to be performed without disclosing biometric data. We also analyze the security of the protocol we propose by considering some relevant attacks. |
| 2024-09-17 | Delay Analysis of EIP-4844 | Pourya Soltani et.al. | 2409.11043 | Proto-Danksharding, proposed in Ethereum Improvement Proposal 4844 (EIP-4844), aims to incrementally improve the scalability of the Ethereum blockchain by introducing a new type of transaction known as blob-carrying transactions. These transactions incorporate binary large objects (blobs) of data that are stored off-chain but referenced and verified on-chain to ensure data availability. By decoupling data availability from transaction execution, Proto-Danksharding alleviates network congestion and reduces gas fees, laying the groundwork for future, more advanced sharding solutions. This letter provides an analytical model to derive the delay for these new transactions. We model the system as an |
| 2024-09-17 | An Anti-disguise Authentication System Using the First Impression of Avatar in Metaverse | Zhenyong Zhang et.al. | 2409.10850 | Metaverse is a vast virtual world parallel to the physical world, where the user acts as an avatar to enjoy various services that break through the temporal and spatial limitations of the physical world. Metaverse allows users to create arbitrary digital appearances as their own avatars by which an adversary may disguise his/her avatar to fraud others. In this paper, we propose an anti-disguise authentication method that draws on the idea of the first impression from the physical world to recognize an old friend. Specifically, the first meeting scenario in the metaverse is stored and recalled to help the authentication between avatars. To prevent the adversary from replacing and forging the first impression, we construct a chameleon-based signcryption mechanism and design a ciphertext authentication protocol to ensure the public verifiability of encrypted identities. The security analysis shows that the proposed signcryption mechanism meets not only the security requirement but also the public verifiability. Besides, the ciphertext authentication protocol has the capability of defending against the replacing and forging attacks on the first impression. Extensive experiments show that the proposed avatar authentication system is able to achieve anti-disguise authentication at a low storage consumption on the blockchain. |
| 2024-09-16 | Deterministic Bounds in Committee Selection: Enhancing Decentralization and Scalability in Distributed Ledgers | Grigorii Melnikov et.al. | 2409.10727 | Consensus plays a crucial role in distributed ledger systems, impacting both scalability and decentralization. Many blockchain systems use a weighted lottery based on a scarce resource such as a stake, storage, memory, or computing power to select a committee whose members drive the consensus and are responsible for adding new information to the ledger. Therefore, ensuring a robust and fair committee selection process is essential for maintaining security, efficiency, and decentralization. There are two main approaches to randomized committee selection. In one approach, each validator candidate locally checks whether they are elected to the committee and reveals their proof during the consensus phase. In contrast, in the second approach, a sortition algorithm decides a fixed-sized committee that is globally verified. This paper focuses on the latter approach, with cryptographic sortition as a method for fair committee selection that guarantees a constant committee size. Our goal is to develop deterministic guarantees that strengthen decentralization. We introduce novel methods that provide deterministic bounds on the influence of adversaries within the committee, as evidenced by numerical experiments. This approach overcomes the limitations of existing protocols that only offer probabilistic guarantees, often providing large committees that are impractical for many quorum-based applications like atomic broadcast and randomness beacon protocols. |
| 2024-09-15 | Detection Made Easy: Potentials of Large Language Models for Solidity Vulnerabilities | Md Tauseef Alam et.al. | 2409.10574 | The large-scale deployment of Solidity smart contracts on the Ethereum mainnet has increasingly attracted financially-motivated attackers in recent years. A few now-infamous attacks in Ethereum's history includes DAO attack in 2016 (50 million dollars lost), Parity Wallet hack in 2017 (146 million dollars locked), Beautychain's token BEC in 2018 (900 million dollars market value fell to 0), and NFT gaming blockchain breach in 2022 ($600 million in Ether stolen). This paper presents a comprehensive investigation of the use of large language models (LLMs) and their capabilities in detecting OWASP Top Ten vulnerabilities in Solidity. We introduce a novel, class-balanced, structured, and labeled dataset named VulSmart, which we use to benchmark and compare the performance of open-source LLMs such as CodeLlama, Llama2, CodeT5 and Falcon, alongside closed-source models like GPT-3.5 Turbo and GPT-4o Mini. Our proposed SmartVD framework is rigorously tested against these models through extensive automated and manual evaluations, utilizing BLEU and ROUGE metrics to assess the effectiveness of vulnerability detection in smart contracts. We also explore three distinct prompting strategies-zero-shot, few-shot, and chain-of-thought-to evaluate the multi-class classification and generative capabilities of the SmartVD framework. Our findings reveal that SmartVD outperforms its open-source counterparts and even exceeds the performance of closed-source base models like GPT-3.5 and GPT-4 Mini. After fine-tuning, the closed-source models, GPT-3.5 Turbo and GPT-4o Mini, achieved remarkable performance with 99% accuracy in detecting vulnerabilities, 94% in identifying their types, and 98% in determining severity. Notably, SmartVD performs best with the chain-of-thought' prompting technique, whereas the fine-tuned closed-source models excel with the zero-shot' prompting approach. |
| 2024-09-16 | Analysing Attacks on Blockchain Systems in a Layer-based Approach | Joydip Das et.al. | 2409.10109 | Blockchain is a growing decentralized system built for transparency and immutability. There have been several major attacks on blockchain-based systems, leaving a gap in the trustability of this system. This article presents a comprehensive study of 23 attacks on blockchain systems and categorizes them using a layer-based approach. This approach provides an in-depth analysis of the feasibility and motivation of these attacks. In addition, a framework is proposed that enables a systematic analysis of the impact and interconnection of these attacks, thereby providing a means of identifying potential attack vectors and designing appropriate countermeasures to strengthen any blockchain system. |
| 2024-09-16 | Assessing the Impact of Sanctions in the Crypto Ecosystem: Effective Measures or Ineffective Deterrents? | Francesco Zola et.al. | 2409.10031 | Regulatory authorities aim to tackle illegal activities by targeting the economic incentives that drive such behaviour. This is typically achieved through the implementation of financial sanctions against the entities involved in the crimes. However, the rise of cryptocurrencies has presented new challenges, allowing entities to evade these sanctions and continue criminal operations. Consequently, enforcement measures have been expanded to include crypto assets information of sanctioned entities. Yet, due to the nature of the crypto ecosystem, blocking or freezing these digital assets is harder and, in some cases, such as with Bitcoin, unfeasible. Therefore, sanctions serve merely as deterrents. For this reason, in this study, we aim to assess the impact of these sanctions on entities' crypto activities, particularly those related to the Bitcoin ecosystem. Our objective is to shed light on the validity and effectiveness (or lack thereof) of such countermeasures. Specifically, we analyse the transactions and the amount of USD moved by punished entities that possess crypto addresses after being sanctioned by the authority agency. Results indicate that while sanctions have been effective for half of the examined entities, the others continue to move funds through sanctioned addresses. Furthermore, punished entities demonstrate a preference for utilising rapid exchange services to convert their funds, rather than employing dedicated money laundering services. To the best of our knowledge, this study offers valuable insights into how entities use crypto assets to circumvent sanctions. |
| 2024-09-13 | Research on Data Right Confirmation Mechanism of Federated Learning based on Blockchain | Xiaogang Cheng et.al. | 2409.08476 | Federated learning can solve the privacy protection problem in distributed data mining and machine learning, and how to protect the ownership, use and income rights of all parties involved in federated learning is an important issue. This paper proposes a federated learning data ownership confirmation mechanism based on blockchain and smart contract, which uses decentralized blockchain technology to save the contribution of each participant on the blockchain, and distributes the benefits of federated learning results through the blockchain. In the local simulation environment of the blockchain, the relevant smart contracts and data structures are simulated and implemented, and the feasibility of the scheme is preliminarily demonstrated. |
| 2024-09-12 | Automated Cybersecurity Compliance and Threat Response Using AI, Blockchain & Smart Contracts | Lampis Alevizos et.al. | 2409.08390 | To address the challenges of internal security policy compliance and dynamic threat response in organizations, we present a novel framework that integrates artificial intelligence (AI), blockchain, and smart contracts. We propose a system that automates the enforcement of security policies, reducing manual effort and potential human error. Utilizing AI, we can analyse cyber threat intelligence rapidly, identify non-compliances and automatically adjust cyber defence mechanisms. Blockchain technology provides an immutable ledger for transparent logging of compliance actions, while smart contracts ensure uniform application of security measures. The framework's effectiveness is demonstrated through simulations, showing improvements in compliance enforcement rates and response times compared to traditional methods. Ultimately, our approach provides for a scalable solution for managing complex security policies, reducing costs and enhancing the efficiency while achieving compliance. Finally, we discuss practical implications and propose future research directions to further refine the system and address implementation challenges. |
| 2024-09-12 | A Secure Standard for NFT Fractionalization | Wejdene Haouari et.al. | 2409.08190 | Non-fungible tokens (NFTs) offer a unique method for representing digital and physical assets on the blockchain. However, the NFT market has recently experienced a downturn in interest, mainly due to challenges related to high entry barriers and limited market liquidity. Fractionalization emerges as a promising solution, allowing multiple parties to hold a stake in a single NFT. By breaking down ownership into fractional shares, this approach lowers the entry barrier for investors, enhances market liquidity, and democratizes access to valuable digital assets. Despite these benefits, the current landscape of NFT fractionalization is fragmented, with no standardized framework to guide the secure and interoperable implementation of fractionalization mechanisms. This paper contributions are twofold: first, we provide a detailed analysis of the current NFT fractionalization landscape focusing on security challenges; second, we introduce a standardized approach that addresses these challenges, paving the way for more secure, interoperable, and accessible NFT fractionalization platforms. |
| 2024-09-12 | A Study on Asynchronous Vote-based Blockchains | Yibin Xu et.al. | 2409.08161 | Vote-based blockchains construct a state machine replication (SMR) system among participating nodes, using Byzantine Fault Tolerance (BFT) consensus protocols to transition from one state to another. Currently, they rely on either synchronous or partially synchronous networks with leader-based coordination or costly Asynchronous Common Subset (ACS) protocols in asynchronous settings, making them impractical for large-scale asynchronous applications. To make Asynchronous SMR scalable, this paper proposes a \emph{validated strong} BFT consensus model that allows leader-based coordination in asynchronous settings. Our BFT consensus model offers the same level of tolerance as binary byzantine agreement but does not demand consistency among honest nodes before they vote. An SMR using our model allows nodes to operate in different, tentative, but mutually exclusive states until they eventually converge on the same state. We propose an asynchronous BFT protocol for vote-based blockchains employing our consensus model to address several critical challenges: how to ensure that nodes eventually converge on the same state across voting rounds, how to assure that a blockchain will steadily progress through epochs while reaching consensus for previous epochs, and how to maintain robust byzantine fault tolerance. Our protocol greatly reduces message complexity and is the first one to achieve linear view changes without relying on threshold signatures. We prove that an asynchronous blockchain built on our protocol can operate with the \emph{same} simplicity and efficiency as partially synchronous blockchains built on, e.g. HotStuff-2. This facilitates deploying asynchronous blockchains across large-scale networks. |
| 2024-09-11 | Analyzing the Impact of Copying-and-Pasting Vulnerable Solidity Code Snippets from Question-and-Answer Websites | Konrad Weiss et.al. | 2409.07586 | link |
| 2024-09-11 | A Novel Voting System for Medical Catalogues in National Health Insurance | Xingyuan Liang et.al. | 2409.07057 | This study explores the conceptual development of a medical insurance catalogue voting system. The methodology is centred on creating a model where doctors would vote on treatment inclusions, aiming to demonstrate transparency and integrity. The results from Monte Carlo simulations suggest a robust consensus on the selection of medicines and treatments. Further theoretical investigations propose incorporating a patient outcome-based incentive mechanism. This conceptual approach could enhance decision-making in healthcare by aligning stakeholder interests with patient outcomes, aiming for an optimised, equitable insurance catalogue with potential blockchain-based smart-contracts to ensure transparency and integrity. |
| 2024-09-10 | DroneXNFT: An NFT-Driven Framework for Secure Autonomous UAV Operations and Flight Data Management | Khaoula Hidawi et.al. | 2409.06507 | Non-Fungible Tokens (NFTs) have emerged as a revolutionary method for managing digital assets, providing transparency and secure ownership records on a blockchain. In this paper, we present a theoretical framework for leveraging NFTs to manage UAV (Unmanned Aerial Vehicle) flight data. Our approach focuses on ensuring data integrity, ownership transfer, and secure data sharing among stakeholders. This framework utilizes cryptographic methods, smart contracts, and access control mechanisms to enable a tamper-proof and privacy-preserving management system for UAV flight data. |
| 2024-09-10 | Responsible Blockchain: STEADI Principles and the Actor-Network Theory-based Development Methodology (ANT-RDM) | Yibai Li et.al. | 2409.06179 | This paper provides a comprehensive analysis of the challenges and controversies associated with blockchain technology. It identifies technical challenges such as scalability, security, privacy, and interoperability, as well as business and adoption challenges, and the social, economic, ethical, and environmental controversies present in current blockchain systems. We argue that responsible blockchain development is key to overcoming these challenges and achieving mass adoption. This paper defines Responsible Blockchain and introduces the STEADI principles (sustainable, transparent, ethical, adaptive, decentralized, and inclusive) for responsible blockchain development. Additionally, it presents the Actor-Network Theory-based Responsible Development Methodology (ANT-RDM) for blockchains, which includes the steps of problematization, interessement, enrollment, and mobilization. |
| 2024-09-08 | Balancing Security and Accuracy: A Novel Federated Learning Approach for Cyberattack Detection in Blockchain Networks | Tran Viet Khoa et.al. | 2409.04972 | This paper presents a novel Collaborative Cyberattack Detection (CCD) system aimed at enhancing the security of blockchain-based data-sharing networks by addressing the complex challenges associated with noise addition in federated learning models. Leveraging the theoretical principles of differential privacy, our approach strategically integrates noise into trained sub-models before reconstructing the global model through transmission. We systematically explore the effects of various noise types, i.e., Gaussian, Laplace, and Moment Accountant, on key performance metrics, including attack detection accuracy, deep learning model convergence time, and the overall runtime of global model generation. Our findings reveal the intricate trade-offs between ensuring data privacy and maintaining system performance, offering valuable insights into optimizing these parameters for diverse CCD environments. Through extensive simulations, we provide actionable recommendations for achieving an optimal balance between data protection and system efficiency, contributing to the advancement of secure and reliable blockchain networks. |
| 2024-09-08 | CONNECTOR: Enhancing the Traceability of Decentralized Bridge Applications via Automatic Cross-chain Transaction Association | Dan Lin et.al. | 2409.04937 | Decentralized bridge applications are important software that connects various blockchains and facilitates cross-chain asset transfer in the decentralized finance (DeFi) ecosystem which currently operates in a multi-chain environment. Cross-chain transaction association identifies and matches unique transactions executed by bridge DApps, which is important research to enhance the traceability of cross-chain bridge DApps. However, existing methods rely entirely on unobservable internal ledgers or APIs, violating the open and decentralized properties of blockchain. In this paper, we analyze the challenges of this issue and then present CONNECTOR, an automated cross-chain transaction association analysis method based on bridge smart contracts. Specifically, CONNECTOR first identifies deposit transactions by extracting distinctive and generic features from the transaction traces of bridge contracts. With the accurate deposit transactions, CONNECTOR mines the execution logs of bridge contracts to achieve withdrawal transaction matching. We conduct real-world experiments on different types of bridges to demonstrate the effectiveness of CONNECTOR. The experiment demonstrates that CONNECTOR successfully identifies 100% deposit transactions, associates 95.81% withdrawal transactions, and surpasses methods for CeFi bridges. Based on the association results, we obtain interesting findings about cross-chain transaction behaviors in DeFi bridges and analyze the tracing abilities of CONNECTOR to assist the DeFi bridge apps. |
| 2024-09-07 | Noise-Based Authentication: Is It Secure? | Sarah A. Flanery et.al. | 2409.04931 | This paper introduces a three-point biometric authentication system for a blockchain-based decentralized identity network. We use existing biometric authentication systems to demonstrate the unique noise fingerprints that belong to each individual human and the respective information leak from the biological characteristics. We then propose the concept of using unique thermal noise amplitudes generated by each user and explore the open questions regarding the robustness of unconditionally secure authentication. |
| 2024-09-06 | Deanonymizing Ethereum Validators: The P2P Network Has a Privacy Issue | Lioba Heimbach et.al. | 2409.04366 | Many blockchain networks aim to preserve the anonymity of validators in the peer-to-peer (P2P) network, ensuring that no adversary can link a validator's identifier to the IP address of a peer due to associated privacy and security concerns. This work demonstrates that the Ethereum P2P network does not offer this anonymity. We present a methodology that enables any node in the network to identify validators hosted on connected peers and empirically verify the feasibility of our proposed method. Using data collected from four nodes over three days, we locate more than 15% of Ethereum validators in the P2P network. The insights gained from our deanonymization technique provide valuable information on the distribution of validators across peers, their geographic locations, and hosting organizations. We further discuss the implications and risks associated with the lack of anonymity in the P2P network and propose methods to help validators protect their privacy. The Ethereum Foundation has awarded us a bug bounty, acknowledging the impact of our results. |
| 2024-09-05 | Practical Forecasting of Cryptocoins Timeseries using Correlation Patterns | Pasquale De Rosa et.al. | 2409.03674 | link |
| 2024-09-05 | On the Compliance of Self-Sovereign Identity with GDPR Principles: A Critical Review | Abubakar-Sadiq Shehu et.al. | 2409.03624 | Identity Management Systems (IdMs) have complemented how users are identified, authenticated, and authorised on e-services. Among the methods used for this purpose are traditional IdMs (isolated, centralised and federated) that mostly rely on identity providers (IdPs) to broker trust between a user and service-providers (SPs). An IdP also identifies and authenticates a user on-behalf of the SP, who then determines the authorisation of the user. In these processes, both SP and IdP collect, process or store private users' data, which can be prone to breach. One approach to address the data breach is to relieve the IdP, and return control and storage of personal data to the owner. Self-sovereign identity (SSI) was introduced as an IdM model to reduce the possibility of data breaches by offering control of personal data to the owner. SSI is a decentralised IdM, where the data owner has sovereign control of personal data stored in their digital wallet. Since SSI is an emerging technology, its components and methods require careful evaluation. This paper provides an evolution to IdMs and reviews the state-of-the-art SSI frameworks. We explored articles in the literature that reviewed blockchain solutions for General Data Protection Regulation (GDPR). We systematically searched recent SSI and blockchain proposals, evaluated the compliance of the retrieved documents with the GDPR privacy principles, and discussed their potentials, constraints, and limitations. This work identifies potential research gaps and opportunities. |
| 2024-09-05 | Tyche: Collateral-Free Coalition-Resistant Multiparty Lotteries with Arbitrary Payouts | Quentin Kniep et.al. | 2409.03464 | We propose Tyche, a family of protocols for performing practically (as well as asymptotically) efficient multiparty lotteries, resistant against aborts and majority coalitions. Our protocols are based on a commit-and-reveal approach, requiring only a collision-resistant hash function. All our protocols use a blockchain as a public bulletin board and for buy-in collection and payout settlement. Importantly though, they do not rely on it or any other third party for providing randomness. Also, participants are not required to post any collateral beyond their buy-in. Any honest participant can eventually settle the lottery, and dishonest behavior never reduces the winning probability of any honest participant. Further, we adapt all three protocols into anonymous lotteries, where (under certain conditions) the winner is unlinkable to any particular participant. We show that our protocols are secure, fair, and some preserve the participants' privacy. Finally, we evaluate the performance of our protocols, particularly in terms of transaction fees, by implementing them on the Sui blockchain. There we see that per user transaction fees are reasonably low and our protocols could potentially support millions of participants. |
| 2024-09-04 | A Comprehensive Survey of Blockchain Scalability: Shaping Inner-Chain and Inter-Chain Perspectives | Baochao Chen et.al. | 2409.02968 | Blockchain is widely applied in logistics, finance, and agriculture. As single blockchain users grow, scalability becomes crucial. However, existing works lack a comprehensive summary of blockchain scalability. They focus on single chains or cross-chain technologies. This survey summarizes scalability across the physical and logical layers, as well as inner-chain, inter-chain, and technology dimensions. The physical layer covers data and protocols, while the logical layer represents blockchain architecture. Each component is analyzed from inner-chain and inter-chain perspectives, considering technological factors. The aim is to enhance researchers' understanding of blockchain's architecture, data, and protocols to advance scalability research. |
| 2024-09-04 | AirFogSim: A Light-Weight and Modular Simulator for UAV-Integrated Vehicular Fog Computing | Zhiwei Wei et.al. | 2409.02518 | link |
| 2024-09-03 | Quantifying Liveness and Safety of Avalanche's Snowball | Quentin Kniep et.al. | 2409.02217 | This work examines the resilience properties of the Snowball and Avalanche protocols that underlie the popular Avalanche blockchain. We experimentally quantify the resilience of Snowball using a simulation implemented in Rust, where the adversary strategically rebalances the network to delay termination. We show that in a network of |
| 2024-09-05 | The Role of Transformer Models in Advancing Blockchain Technology: A Systematic Survey | Tianxu Liu et.al. | 2409.02139 | As blockchain technology rapidly evolves, the demand for enhanced efficiency, security, and scalability grows.Transformer models, as powerful deep learning architectures,have shown unprecedented potential in addressing various blockchain challenges. However, a systematic review of Transformer applications in blockchain is lacking. This paper aims to fill this research gap by surveying over 200 relevant papers, comprehensively reviewing practical cases and research progress of Transformers in blockchain applications. Our survey covers key areas including anomaly detection, smart contract security analysis, cryptocurrency prediction and trend analysis, and code summary generation. To clearly articulate the advancements of Transformers across various blockchain domains, we adopt a domain-oriented classification system, organizing and introducing representative methods based on major challenges in current blockchain research. For each research domain,we first introduce its background and objectives, then review previous representative methods and analyze their limitations,and finally introduce the advancements brought by Transformer models. Furthermore, we explore the challenges of utilizing Transformer, such as data privacy, model complexity, and real-time processing requirements. Finally, this article proposes future research directions, emphasizing the importance of exploring the Transformer architecture in depth to adapt it to specific blockchain applications, and discusses its potential role in promoting the development of blockchain technology. This review aims to provide new perspectives and a research foundation for the integrated development of blockchain technology and machine learning, supporting further innovation and application expansion of blockchain technology. |
| 2024-09-03 | Benchmarking ZK-Friendly Hash Functions and SNARK Proving Systems for EVM-compatible Blockchains | Hanze Guo et.al. | 2409.01976 | With the rapid development of Zero-Knowledge Proofs (ZKPs), particularly Succinct Non-Interactive Arguments of Knowledge (SNARKs), benchmarking various ZK tools has become a valuable task. ZK-friendly hash functions, as key algorithms in blockchain, have garnered significant attention. Therefore, comprehensive benchmarking and evaluations of these evolving algorithms in ZK circuits present both promising opportunities and challenges. Additionally, we focus on a popular ZKP application, privacy-preserving transaction protocols, aiming to leverage SNARKs' cost-efficiency through "batch processing" to address high on-chain costs and compliance issues. To this end, we benchmarked three SNARK proving systems and five ZK-friendly hash functions, including our self-developed circuit templates for Poseidon2, Neptune, and GMiMC, on the bn254 curve within the circom-snarkjs framework. We also introduced the role of "sequencer" in our SNARK-based privacy-preserving transaction scheme to enhance efficiency and enable flexible auditing. We conducted privacy and security analyses, as well as implementation and evaluation on Ethereum Virtual Machine (EVM)-compatible chains. The results indicate that Poseidon and Poseidon2 demonstrate superior memory usage and runtime during proof generation under Groth16. Moreover, compared to the baseline, Poseidon2 not only generates proofs faster but also reduces on-chain costs by 73% on EVM chains and nearly 26% on Hedera. Our work provides a benchmark for ZK-friendly hash functions and ZK tools, while also exploring cost efficiency and compliance in ZKP-based privacy-preserving transaction protocols. |
| 2024-09-03 | Securing Federated Learning in Robot Swarms using Blockchain Technology | Alexandre Pacheco et.al. | 2409.01900 | Federated learning is a new approach to distributed machine learning that offers potential advantages such as reducing communication requirements and distributing the costs of training algorithms. Therefore, it could hold great promise in swarm robotics applications. However, federated learning usually requires a centralized server for the aggregation of the models. In this paper, we present a proof-of-concept implementation of federated learning in a robot swarm that does not compromise decentralization. To do so, we use blockchain technology to enable our robot swarm to securely synchronize a shared model that is the aggregation of the individual models without relying on a central server. We then show that introducing a single malfunctioning robot can, however, heavily disrupt the training process. To prevent such situations, we devise protection mechanisms that are implemented through secure and tamper-proof blockchain smart contracts. Our experiments are conducted in ARGoS, a physics-based simulator for swarm robotics, using the Ethereum blockchain protocol which is executed by each simulated robot. |
| 2024-09-03 | DAOs of Collective Intelligence? Unraveling the Complexity of Blockchain Governance in Decentralized Autonomous Organizations | Mark C. Ballandies et.al. | 2409.01823 | Decentralized autonomous organizations (DAOs) have transformed organizational structures by shifting from traditional hierarchical control to decentralized approaches, leveraging blockchain and cryptoeconomics. Despite managing significant funds and building global networks, DAOs face challenges like declining participation, increasing centralization, and inabilities to adapt to changing environments, which stifle innovation. This paper explores DAOs as complex systems and applies complexity science to explain their inefficiencies. In particular, we discuss DAO challenges, their complex nature, and introduce the self-organization mechanisms of collective intelligence, digital democracy, and adaptation. By applying these mechansims to improve DAO design and construction, a practical design framework for DAOs is created. This contribution lays a foundation for future research at the intersection of complexity science and DAOs. |
| 2024-09-17 | Strengthening Solidity Invariant Generation: From Post- to Pre-Deployment | Kartik Kaushik et.al. | 2409.01804 | Invariants are essential for ensuring the security and correctness of Solidity smart contracts, particularly in the context of blockchain's immutability and decentralized execution. This paper introduces InvSol, a novel framework for pre-deployment invariant generation tailored specifically for Solidity smart contracts. Unlike existing solutions, namely InvCon, InvCon+, and Trace2Inv, that rely on post-deployment transaction histories on Ethereum mainnet, InvSol identifies invariants before deployment and offers comprehensive coverage of Solidity language constructs, including loops. Additionally, InvSol incorporates custom templates to effectively prevent critical issues such as reentrancy, out-of-gas errors, and exceptions during invariant generation. We rigorously evaluate InvSol using a benchmark set of smart contracts and compare its performance with state-of-the-art solutions. Our findings reveal that InvSol significantly outperforms these tools, demonstrating its effectiveness in handling new contracts with limited transaction histories. Notably, InvSol achieves a 15% improvement in identifying common vulnerabilities compared to InvCon+ and is able to address certain crucial vulnerabilities using specific invariant templates, better than Trace2Inv. |
| 2024-09-03 | DogeFuzz: A Simple Yet Efficient Grey-box Fuzzer for Ethereum Smart Contracts | Ismael Medeiros et.al. | 2409.01788 | link |
| 2024-09-03 | On-chain Validation of Tracking Data Messages (TDM) Using Distributed Deep Learning on a Proof of Stake (PoS) Blockchain | Yasir Latif et.al. | 2409.01614 | Trustless tracking of Resident Space Objects (RSOs) is crucial for Space Situational Awareness (SSA), especially during adverse situations. The importance of transparent SSA cannot be overstated, as it is vital for ensuring space safety and security. In an era where RSO location information can be easily manipulated, the risk of RSOs being used as weapons is a growing concern. The Tracking Data Message (TDM) is a standardized format for broadcasting RSO observations. However, the varying quality of observations from diverse sensors poses challenges to SSA reliability. While many countries operate space assets, relatively few have SSA capabilities, making it crucial to ensure the accuracy and reliability of the data. Current practices assume complete trust in the transmitting party, leaving SSA capabilities vulnerable to adversarial actions such as spoofing TDMs. This work introduces a trustless mechanism for TDM validation and verification using deep learning over blockchain. By leveraging the trustless nature of blockchain, our approach eliminates the need for a central authority, establishing consensus-based truth. We propose a state-of-the-art, transformer-based orbit propagator that outperforms traditional methods like SGP4, enabling cross-validation of multiple observations for a single RSO. This deep learning-based transformer model can be distributed over a blockchain, allowing interested parties to host a node that contains a part of the distributed deep learning model. Our system comprises decentralised observers and validators within a Proof of Stake (PoS) blockchain. Observers contribute TDM data along with a stake to ensure honesty, while validators run the propagation and validation algorithms. The system rewards observers for contributing verified TDMs and penalizes those submitting unverifiable data. |
| 2024-09-03 | Blockchain-based Federated Recommendation with Incentive Mechanism | Jianhai Chen et.al. | 2409.01563 | Nowadays, federated recommendation technology is rapidly evolving to help multiple organisations share data and train models while meeting user privacy, data security and government regulatory requirements. However, federated recommendation increases customer system costs such as power, computational and communication resources. Besides, federated recommendation systems are also susceptible to model attacks and data poisoning by participating malicious clients. Therefore, most customers are unwilling to participate in federated recommendation without any incentive. To address these problems, we propose a blockchain-based federated recommendation system with incentive mechanism to promote more trustworthy, secure, and efficient federated recommendation service. First, we construct a federated recommendation system based on NeuMF and FedAvg. Then we introduce a reverse auction mechanism to select optimal clients that can maximize the social surplus. Finally, we employ blockchain for on-chain evidence storage of models to ensure the safety of the federated recommendation system. The experimental results show that our proposed incentive mechanism can attract clients with superior training data to engage in the federal recommendation at a lower cost, which can increase the economic benefit of federal recommendation by 54.9% while improve the recommendation performance. Thus our work provides theoretical and technological support for the construction of a harmonious and healthy ecological environment for the application of federal recommendation. |
| 2024-09-02 | A Survey and Comparison of Post-quantum and Quantum Blockchains | Zebo Yang et.al. | 2409.01358 | Blockchains have gained substantial attention from academia and industry for their ability to facilitate decentralized trust and communications. However, the rapid progress of quantum computing poses a significant threat to the security of existing blockchain technologies. Notably, the emergence of Shor's and Grover's algorithms raises concerns regarding the compromise of the cryptographic systems underlying blockchains. Consequently, it is essential to develop methods that reinforce blockchain technology against quantum attacks. In response to this challenge, two distinct approaches have been proposed. The first approach involves post-quantum blockchains, which aim to utilize classical cryptographic algorithms resilient to quantum attacks. The second approach explores quantum blockchains, which leverage the power of quantum computers and networks to rebuild the foundations of blockchains. This paper aims to provide a comprehensive overview and comparison of post-quantum and quantum blockchains while exploring open questions and remaining challenges in these domains. It offers an in-depth introduction, examines differences in blockchain structure, security, privacy, and other key factors, and concludes by discussing current research trends. |
| 2024-09-01 | Global Public Sentiment on Decentralized Finance: A Spatiotemporal Analysis of Geo-tagged Tweets from 150 Countries | Yuqi Chen et.al. | 2409.00843 | link |
| 2024-09-06 | Weighted Regression with Sybil Networks | Nihar Shah et.al. | 2408.17426 | In many online domains, Sybil networks -- or cases where a single user assumes multiple identities -- is a pervasive feature. This complicates experiments, as off-the-shelf regression estimators at least assume known network topologies (if not fully independent observations) when Sybil network topologies in practice are often unknown. The literature has exclusively focused on techniques to detect Sybil networks, leading many experimenters to subsequently exclude suspected networks entirely before estimating treatment effects. I present a more efficient solution in the presence of these suspected Sybil networks: a weighted regression framework that applies weights based on the probabilities that sets of observations are controlled by single actors. I show in the paper that the MSE-minimizing solution is to set the weight matrix equal to the inverse of the expected network topology. I demonstrate the methodology on simulated data, and then I apply the technique to a competition with suspected Sybil networks run on the Sui blockchain and show reductions in the standard error of the estimate by 6 - 24%. |
| 2024-08-30 | A Framework for Digital Asset Risks with Insurance Applications | Zhengming Li et.al. | 2408.17227 | The remarkable growth of digital assets, starting from the inception of Bitcoin in 2009 into a 1 trillion market in 2024, underscores the momentum behind disruptive technologies and the global appetite for digital assets. This paper develops a framework to enhance actuaries' understanding of the cyber risks associated with the developing digital asset ecosystem, as well as their measurement methods in the context of digital asset insurance. By integrating actuarial perspectives, we aim to enhance understanding and modeling of cyber risks at both the micro and systemic levels. The qualitative examination sheds light on blockchain technology and its associated risks, while our quantitative framework offers a rigorous approach to modeling cyber risks in digital asset insurance portfolios. This multifaceted approach serves three primary objectives: i) offer a clear and accessible education on the evolving digital asset ecosystem and the diverse spectrum of cyber risks it entails; ii) develop a scientifically rigorous framework for quantifying cyber risks in the digital asset ecosystem; iii) provide practical applications, including pricing strategies and tail risk management. Particularly, we develop frequency-severity models based on real loss data for pricing cyber risks in digit assets and utilize Monte Carlo simulation to estimate the tail risks, offering practical insights for risk management strategies. As digital assets continue to reshape finance, our work serves as a foundational step towards safeguarding the integrity and stability of this rapidly evolving landscape. |
| 2024-08-30 | Secure Ownership Management and Transfer of Consumer Internet of Things Devices with Self-sovereign Identity | Nazmus Sakib et.al. | 2408.17184 | The popularity of the Internet of Things (IoT) has driven its usage in our homes and industries over the past 10-12 years. However, there have been some major issues related to identity management and ownership transfer involving IoT devices, particularly for consumer IoT devices, e. g. smart appliances such as smart TVs, smart refrigerators, and so on. There have been a few attempts to address this issue; however, user-centric and effective ownership and identity management of IoT devices have not been very successful so far. Recently, blockchain technology has been used to address these issues with limited success. This article presents a Self-sovereign Identity (SSI) based system that facilitates a secure and user-centric ownership management and transfer of consumer IoT devices. The system leverages a number of emerging technologies, such as blockchain and decentralized identifiers (DID), verifiable credentials (VC), under the umbrella of SSI. We present the architecture of the system based on a threat model and requirement analysis, discuss the implementation of a Proof-of-Concept based on the proposed system and illustrate a number of use-cases with their detailed protocol flows. Furthermore, we analyse its security using ProVerif, a state-of-the art protocol verification tool and examine its performance. |
| 2024-09-02 | Leveraging Blockchain and ANFIS for Optimal Supply Chain Management | Amirfarhad Farhadi et.al. | 2408.17161 | The supply chain is a critical segment of the product manufacturing cycle, continuously influenced by risky, uncertain, and undesirable events. Optimizing flexibility in the supply chain presents a complex, multi-objective, and nonlinear programming challenge. In the poultry supply chain, the development of mass customization capabilities has led manufacturing companies to increasingly focus on offering tailored and customized services for individual products. To safeguard against data tampering and ensure the integrity of setup costs and overall profitability, a multi-signature decentralized finance (DeFi) protocol, integrated with the IoT on a blockchain platform, is proposed. Managing the poultry supply chain involves uncertainties that may not account for parameters such as delivery time to retailers, reorder time, and the number of requested products. To address these challenges, this study employs an adaptive neuro-fuzzy inference system (ANFIS), combining neural networks with fuzzy logic to compensate for the lack of data training in parameter identification. Through MATLAB simulations, the study investigates the average shop delivery duration, the reorder time, and the number of products per order. By implementing the proposed technique, the average delivery time decreases from 40 to 37 minutes, the reorder time decreases from five to four days, and the quantity of items requested per order grows from six to eleven. Additionally, the ANFIS model enhances overall supply chain performance by reducing transaction times by 15% compared to conventional systems, thereby improving real-time responsiveness and boosting transparency in supply chain operations, effectively resolving operational issues. |
| 2024-08-30 | SPOQchain: Platform for Secure, Scalable, and Privacy-Preserving Supply Chain Tracing and Counterfeit Protection | Moritz Finke et.al. | 2408.17049 | Product lifecycle tracing is increasingly in the focus of regulators and producers, as shown with the initiative of the Digital Product Pass. Likewise, new methods of counterfeit detection are developed that are, e.g., based on Physical Unclonable Functions (PUFs). In order to ensure trust and integrity of product lifecycle data, multiple existing supply chain tracing systems are built on blockchain technology. However, only few solutions employ secure identifiers such as PUFs. Furthermore, existing systems that publish the data of individual products, in part fully transparently, have a detrimental impact on scalability and the privacy of users. This work proposes SPOQchain, a novel blockchain-based platform that provides comprehensive lifecycle traceability and originality verification while ensuring high efficiency and user privacy. The improved efficiency is achieved by a sophisticated batching mechanism that removes lifecycle redundancies. In addition to the successful evaluation of SPOQchain's scalability, this work provides a comprehensive analysis of privacy and security aspects, demonstrating the need and qualification of SPOQchain for the future of supply chain tracing. |
| 2024-08-29 | A Prototype Model of Zero-Trust Architecture Blockchain with EigenTrust-Based Practical Byzantine Fault Tolerance Protocol to Manage Decentralized Clinical Trials | Ashok Kumar Peepliwall et.al. | 2408.16885 | The COVID-19 pandemic necessitated the emergence of decentralized Clinical Trials (DCTs) due to patient retention, accelerate trials, improve data accessibility, enable virtual care, and facilitate seamless communication through integrated systems. However, integrating systems in DCTs exposes clinical data to potential security threats, making them susceptible to theft at any stage, a high risk of protocol deviations, and monitoring issues. To mitigate these challenges, blockchain technology serves as a secure framework, acting as a decentralized ledger, creating an immutable environment by establishing a zero-trust architecture, where data are deemed untrusted until verified. In combination with Internet of Things (IoT)-enabled wearable devices, blockchain secures the transfer of clinical trial data on private blockchains during DCT automation and operations. This paper proposes a prototype model of the Zero-Trust Architecture Blockchain (z-TAB) to integrate patient-generated clinical trial data during DCT operation management. The EigenTrust-based Practical Byzantine Fault Tolerance (T-PBFT) algorithm has been incorporated as a consensus protocol, leveraging Hyperledger Fabric. Furthermore, the Internet of Things (IoT) has been integrated to streamline data processing among stakeholders within the blockchain platforms. Rigorous evaluation has been done to evaluate the quality of the system. |
| 2024-08-28 | Monadring: A lightweight consensus protocol to offer Validation-as-a-Service to AVS nodes | Yu Zhang et.al. | 2408.16094 | Existing blockchain networks are often large-scale, requiring transactions to be synchronized across the entire network to reach consensus. On-chain computations can be prohibitively expensive, making many CPU-intensive computations infeasible. Inspired by the structure of IBM's token ring networks, we propose a lightweight consensus protocol called Monadring to address these issues. Monadring allows nodes within a large blockchain network to form smaller subnetworks, enabling faster and more cost-effective computations while maintaining the security guarantees of the main blockchain network. To further enhance Monadring's security, we introduce a node rotation mechanism based on Verifiable Random Function (VRF) and blind voting using Fully Homomorphic Encryption (FHE) within the smaller subnetwork. Unlike the common voting-based election of validator nodes, Monadring leverages FHE to conceal voting information, eliminating the advantage of the last mover in the voting process. This paper details the design and implementation of the Monadring protocol and evaluates its performance and feasibility through simulation experiments. Our research contributes to enhancing the practical utility of blockchain technology in large-scale application scenarios. |
| 2024-08-28 | EdgeLinker: Practical Blockchain-based Framework for Healthcare Fog Applications to Enhance Security in Edge-IoT Data Communications | Mahdi Akbari Zarkesh et.al. | 2408.15838 | The pervasive adoption of Internet of Things (IoT) has significantly advanced healthcare digitization and modernization. Nevertheless, the sensitive nature of medical data presents security and privacy challenges. On the other hand, resource constraints of IoT devices often necessitates cloud services for data handling, introducing single points of failure, processing delays, and security vulnerabilities. Meanwhile, the blockchain technology offers potential solutions for enhancing security, decentralization, and data ownership. An ideal solution should ensure confidentiality, access control, and data integrity while being scalable, cost-effective, and integrable with the existing systems. However, current blockchain-based studies only address some of these requirements. Accordingly, this paper proposes EdgeLinker; a comprehensive solution incorporating Proof-of-Authority consensus, integrating smart contracts on the Ethereum blockchain for access control, and advanced cryptographic algorithms for secure data communication between IoT edge devices and the fog layer in healthcare fog applications. This novel framework has been implemented in a real-world fog testbed, using COTS fog devices. Based on a comprehensive set of evaluations, EdgeLinker demonstrates significant improvements in security and privacy with reasonable costs, making it an affordable and practical system for healthcare fog applications. Compared with the state-of-the-art, without significant changes in the write-time to the blockchain, EdgeLinker achieves a 35% improvement in data read time. Additionally, it is able to provide better throughput in both reading and writing transactions compared to the existing studies. EdgeLinker has been also examined in terms of energy, resource consumption and channel latency in both secure and non-secure modes, which has shown remarkable improvements. |
| 2024-08-27 | CrossInspector: A Static Analysis Approach for Cross-Contract Vulnerability Detection | Xiao Chen et.al. | 2408.15292 | With the development of blockchain technology, the detection of smart contract vulnerabilities is increasingly emphasized. However, when detecting vulnerabilities in inter-contract interactions (i.e., cross-contract vulnerabilities) using smart contract bytecode, existing tools often produce many false positives and false negatives due to insufficient recovery of semantic information and inadequate consideration of contract dependencies. We present CrossInspector, a novel framework for detecting cross-contract vulnerabilities at the bytecode level through static analysis. CrossInspector utilizes a trained Transformer model to recover semantic information and considers control flow, data flow, and dependencies related to smart contract state variables to construct a state dependency graph for fine-grained inter-procedural analysis. Additionally, CrossInspector incorporates a pruning method and two parallel optimization mechanisms to accelerate the vulnerability detection process. Experiments on our manually constructed dataset demonstrate that CrossInspector outperforms the state-of-the-art tools in both precision (97%) and recall (96.75%), while also significantly reducing the overall time from 16.34 seconds to 7.83 seconds, almost on par with the fastest tool that utilizes bytecode for detection. Additionally, we ran CrossInspector on a randomly selected set of 300 real-world smart contracts and identified 11 cross-contract vulnerabilities that were missed by prior tools. |
| 2024-08-23 | IoT Monitoring with Blockchain: Generating Smart Contracts from Service Level Agreements | Adam Booth et.al. | 2408.15016 | A Service Level Agreement (SLA) is a commitment between a client and provider that assures the quality of service (QoS) a client can expect to receive when purchasing a service. However, evidence of SLA violations in Internet of Things (IoT) service monitoring data can be manipulated by the provider or consumer, resulting in an issue of trust between contracted parties. The following research aims to explore the use of blockchain technology in monitoring IoT systems using smart contracts so that SLA violations captured are irrefutable amongst service providers and clients. The research focuses on the development of a Java library that is capable of generating a smart contract from a given SLA. A smart contract generated by this library is validated through a mock scenario presented in the form of a Remote Patient Monitoring IoT system. In this scenario, the findings demonstrate a 100 percent success rate in capturing all emulated violations. |
| 2024-08-26 | Behavior-Based Detection of GPU Cryptojacking | Dmitry Tanana et.al. | 2408.14554 | With the surge in blockchain-based cryptocurrencies, illegal mining for cryptocurrency has become a popular cyberthreat. Host-based cryptojacking, where malicious actors exploit victims systems to mine cryptocurrency without their knowledge, is on the rise. Regular cryptojacking is relatively well-known and well-studied threat, however, recently attackers started switching to GPU cryptojacking, which promises greater profits due to high GPU hash rates and lower detection chance. Additionally, GPU cryptojackers can easily propagate using, for example, modified graphic card drivers. This article considers question of GPU cryptojacking detection. First, we discuss brief history and definition of GPU cryptojacking as well as previous attempts to design a detection technique for such threats. We also propose complex exposure mechanism based on GPU load by an application and graphic card RAM consumption, which can be used to detect both browser-based and host-based cryptojacking samples. Then we design a prototype decision tree detection program based on our technique. It was tested in a controlled virtual machine environment with 80% successful detection rate against selected set of GPU cryptojacking samples and 20% false positive rate against selected number of legitimate GPU-heavy applications. |
| 2024-08-26 | Probabilistic Analysis and Empirical Validation of Patricia Tries in Ethereum State Management | Oleksandr Kuznetsov et.al. | 2408.14217 | This study presents a comprehensive theoretical and empirical analysis of Patricia tries, the fundamental data structure underlying Ethereum's state management system. We develop a probabilistic model characterizing the distribution of path lengths in Patricia tries containing random Ethereum addresses and validate this model through extensive computational experiments. Our findings reveal the logarithmic scaling of average path lengths with respect to the number of addresses, confirming a crucial property for Ethereum's scalability. The study demonstrates high precision in predicting average path lengths, with discrepancies between theoretical and experimental results not exceeding 0.01 across tested scales from 100 to 100,000 addresses. We identify and verify the right-skewed nature of path length distributions, providing insights into worst-case scenarios and informing optimization strategies. Statistical analysis, including chi-square goodness-of-fit tests, strongly supports the model's accuracy. The research offers structural insights into node concentration at specific trie levels, suggesting avenues for optimizing storage and retrieval mechanisms. These findings contribute to a deeper understanding of Ethereum's fundamental data structures and provide a solid foundation for future optimizations. The study concludes by outlining potential directions for future research, including investigations into extreme-scale behavior, dynamic trie performance, and the applicability of the model to non-uniform address distributions and other blockchain systems. |
| 2024-08-26 | ORBITAAL: A Temporal Graph Dataset of Bitcoin Entity-Entity Transactions | Célestin Coquidé et.al. | 2408.14147 | Research on Bitcoin (BTC) transactions is a matter of interest for both economic and network science fields. Although this cryptocurrency is based on a decentralized system, making transaction details freely accessible, making raw blockchain data analyzable is not straightforward due to the Bitcoin protocol specificity and data richness. To address the need for an accessible dataset, we present ORBITAAL, the first comprehensive dataset based on temporal graph formalism. The dataset covers all Bitcoin transactions from January 2009 to January 2021. ORBITAAL provides temporal graph representations of entity-entity transaction networks, snapshots and stream graph. Each transaction value is given in Bitcoin and US dollar regarding daily-based conversion rate. This dataset also provides details on entities such as their global BTC balance and associated public addresses. |
| 2024-08-23 | Generative Blockchain: Transforming Blockchain from Transaction Recording to Transaction Generation through Proof-of-Merit | Haozhao Zhang et.al. | 2408.13367 | This paper proposes a new paradigm: generative blockchain, which aims to transform conventional blockchain technology by combining transaction generation and recording, rather than focusing solely on transaction recording. Central to our design is a novel consensus mechanism, Proof-of-Merit (PoM), specifically crafted for environments where businesses must solve complex problems before transactions can be recorded. PoM integrates the generation and recording of transactions within a unified blockchain system, fundamentally differing from prevailing consensus mechanisms that primarily record existing transactions. We demonstrate PoM on a ride service on-demand platform, where the task of solving complex transaction-generating problems is delegated to a pool of independent problem solvers. These solvers generate transactions, and their solutions are selected based on merit. The winning solvers then register these transactions onto the blockchain and are rewarded accordingly. We introduce a Decentralized Control Parameter (DCP) to balance two key performance metrics: efficiency and equity. The applicability of our generative blockchain is illustrated through a ridesharing context, where matchers (solvers) are tasked with matching riders to drivers. We demonstrate PoM's performance and nuanced properties using agent-based simulation, exploring how to find the optimal DCP value to achieve a desirable balance of efficiency and equity in a generative blockchain. |
| 2024-08-22 | Combinatorial Auctions without a Numeraire: The Case of Blockchain Trade-Intent Auctions | Andrea Canidio et.al. | 2408.12225 | Blockchain trade intent auctions currently intermediate approximately USD 5 billion monthly. Due to production complementarities, the auction is combinatorial: when multiple trade intents from different traders are auctioned off simultaneously, a bidder (here called solver) can generate additional efficiencies by winning a batch of multiple trade intents. However, unlike other combinatorial auctions studied in the literature, the auction has no numeraire. Fairness is a concern as the efficiencies from batching cannot be easily shared between traders. We formalize this problem and study the most commonly used auction formats: batch auctions and multiple simultaneous auctions. We also propose a novel fair combinatorial auction that combines batch auction and multiple simultaneous auctions: solvers submit individual-trade bids and batched bids, but batched bids are considered only if they are better for all traders relative to the outcome of multiple simultaneous auctions (constructed using the individual-trade bids). We find a trade-off between the fairness guarantees provided by the auction (i.e., the minimum each trader can expect to receive) and the expected value of the assets returned to the traders. Also, the amount that each trader receives in the equilibrium of the fair combinatorial auction may be higher or lower than what they receive in the equilibrium of the simultaneous auctions used as a benchmark for fairness. |
| 2024-08-21 | Decoding SEC Actions: Enforcement Trends through Analyzing Blockchain litigation using LLM-based Thematic Factor Mapping | Junliang Luo et.al. | 2408.11961 | The proliferation of blockchain entities (persons or enterprises) exposes them to potential regulatory actions (e.g., being litigated) by regulatory authorities. Regulatory frameworks for crypto assets are actively being developed and refined, increasing the likelihood of such actions. The lack of systematic analysis of the factors driving litigation against blockchain entities leaves companies in need of clarity to navigate compliance risks. This absence of insight also deprives investors of the information for informed decision-making. This study focuses on U.S. litigation against blockchain entities, particularly by the U.S. Securities and Exchange Commission (SEC) given its influence on global crypto regulation. Utilizing frontier pretrained language models and large language models, we systematically map all SEC complaints against blockchain companies from 2012 to 2024 to thematic factors conceptualized by our study to delineate the factors driving SEC actions. We quantify the thematic factors and assess their influence on specific legal Acts cited within the complaints on an annual basis, allowing us to discern the regulatory emphasis, patterns and conduct trend analysis. |
| 2024-08-21 | A Systematic Literature Review on the Use of Blockchain Technology in Transition to a Circular Economy | Ishmam Abid et.al. | 2408.11664 | The circular economy has the potential to increase resource efficiency and minimize waste through the 4R framework of reducing, reusing, recycling, and recovering. Blockchain technology is currently considered a valuable aid in the transition to a circular economy. Its decentralized and tamper-resistant nature enables the construction of transparent and secure supply chain management systems, thereby improving product accountability and traceability. However, the full potential of blockchain technology in circular economy models will not be realized until a number of concerns, including scalability, interoperability, data protection, and regulatory and legal issues, are addressed. More research and stakeholder participation are required to overcome these limitations and achieve the benefits of blockchain technology in promoting a circular economy. This article presents a systematic literature review (SLR) that identified industry use cases for blockchain-driven circular economy models and offered architectures to minimize resource consumption, prices, and inefficiencies while encouraging the reuse, recycling, and recovery of end-of-life products. Three main outcomes emerged from our review of 41 documents, which included scholarly publications, Twitter-linked information, and Google results. The relationship between blockchain and the 4R framework for circular economy; discussion the terminology and various forms of blockchain and circular economy; and identification of the challenges and obstacles that blockchain technology may face in enabling a circular economy. This research shows how blockchain technology can help with the transition to a circular economy. Yet, it emphasizes the importance of additional study and stakeholder participation to overcome potential hurdles and obstacles in implementing blockchain-driven circular economy models. |
| 2024-08-21 | Privacy-Preserving Data Management using Blockchains | Michael Mireku Kwakye et.al. | 2408.11263 | Privacy-preservation policies are guidelines formulated to protect data providers private data. Previous privacy-preservation methodologies have addressed privacy in which data are permanently stored in repositories and disconnected from changing data provider privacy preferences. This occurrence becomes evident as data moves to another data repository. Hence, the need for data providers to control and flexibly update their existing privacy preferences due to changing data usage continues to remain a problem. This paper proposes a blockchain-based methodology for preserving data providers private and sensitive data. The research proposes to tightly couple data providers private attribute data element to privacy preferences and data accessor data element into a privacy tuple. The implementation presents a framework of tightly-coupled relational database and blockchains. This delivers secure, tamper-resistant, and query-efficient platform for data management and query processing. The evaluation analysis from the implementation validates efficient query processing of privacy-aware queries on the privacy infrastructure. |
| 2024-08-21 | MEV Capture and Decentralization in Execution Tickets | Jonah Burian et.al. | 2408.11255 | We provide an economic model of Execution Tickets and use it to study the ability of the Ethereum protocol to capture MEV from block construction. We demonstrate that Execution Tickets extract all MEV when all buyers are homogeneous, risk neutral and face no capital costs. We also show that MEV capture decreases with risk aversion and capital costs. Moreover, when buyers are heterogeneous, MEV capture can be especially low and a single dominant buyer can extract much of the MEV. This adverse effect can be partially mitigated by the presence of a Proposer Builder Separation (PBS) mechanism, which gives ET buyers access to a market of specialized builders, but in practice centralization vectors still persist. With PBS, ETs are concentrated among those with the highest ex-ante MEV extraction ability and lowest cost of capital. We show how it is possible that large investors that are not builders but have substantial advantage in capital cost can come to dominate the ET market. |
| 2024-08-20 | ETGuard: Malicious Encrypted Traffic Detection in Blockchain-based Power Grid Systems | Peng Zhou et.al. | 2408.10657 | link |
| 2024-08-20 | Smart Contract Coordinated Privacy Preserving Crowd-Sensing Campaigns | Luca Bedogni et.al. | 2408.10648 | Crowd-sensing has emerged as a powerful data retrieval model, enabling diverse applications by leveraging active user participation. However, data availability and privacy concerns pose significant challenges. Traditional methods like data encryption and anonymization, while essential, may not fully address these issues. For instance, in sparsely populated areas, anonymized data can still be traced back to individual users. Additionally, the volume of data generated by users can reveal their identities. To develop credible crowd-sensing systems, data must be anonymized, aggregated and separated into uniformly sized chunks. Furthermore, decentralizing the data management process, rather than relying on a single server, can enhance security and trust. This paper proposes a system utilizing smart contracts and blockchain technologies to manage crowd-sensing campaigns. The smart contract handles user subscriptions, data encryption, and decentralized storage, creating a secure data marketplace. Incentive policies within the smart contract encourage user participation and data diversity. Simulation results confirm the system's viability, highlighting the importance of user participation for data credibility and the impact of geographical data scarcity on rewards. This approach aims to balance data origin and reduce cheating risks. |
| 2024-08-19 | Validation of the Results of Cross-chain Smart Contract Based on Confirmation Method | Hong Su et.al. | 2408.09962 | Smart contracts are widely utilized in cross-chain interactions, where their results are transmitted from one blockchain (the producer blockchain) to another (the consumer blockchain). Unfortunately, the consumer blockchain often accepts these results without executing the smart contracts for validation, posing potential security risks. To address this, we propose a method for validating cross-chain smart contract results. Our approach emphasizes consumer blockchain execution of cross-chain smart contracts of producer blockchain, allowing comparison of results with the transmitted ones to detect potential discrepancies and ensure data integrity during cross-chain data dissemination. Additionally, we introduce the confirmation with proof method, which involves incorporating the chain of blocks and relevant cross-chain smart contract data from the producer blockchain into the consumer blockchain as evidence (or proof), establishing a unified and secure perspective of cross-chain smart contract results. Our verification results highlight the feasibility of cross-chain validation at the smart contract level. |
| 2024-08-17 | Establishment of a Blockchain-based Architecture for Fake News Detection | Valdemar Vicente Graciano-Neto et.al. | 2408.09264 | Fake News are a contemporary phenomenon with potential devastating effects. For inquiry and auditability purposes, it is essential that the news, once classified as false, can be persisted in an immutable means so that interested parties can query it. Although Blockchain clearly satisfies the main requirements for Fake News Management Software Systems, the prescriptive architectural solutions for that domain that cohabit Blockchain with other technologies in a single proposal still need to be made available. This paper's main contribution is presenting a prescriptive architectural solution for blockchain-based fake news management software systems. The Hoffmeister process for software architecture design is systematically followed to culminate in a software solution for that domain. The implementation of two candidate architectures and a brief simulation-based evaluation show the feasibility of the solution to satisfy the functional and quality requirements. |
| 2024-08-17 | Der Weg zur digitalen Arbeitsmappe: Digitales PrĂĽfungswesen mit Zertifizierung | Martin Becke et.al. | 2408.09184 | The aim of the work is to present an alternative approach to recording and evaluating student performance that enables sustainable performance recording with the possibility of integrating practical components in particular. The intended result is a digital portfolio with work samples - and not just certificates, which can be understood as a portfolio examination in the context of academic assessment. This is more about the recording, evaluation and certification of learning progress and competencies than the selective evaluation of a performance review, as is the case today, for example, with the submission of final theses. The idea is to expand and later replace final papers and performance tests, particularly in higher semesters, and instead introduce electronically recorded portfolio examinations - based on the example of teaching projects. Technologically, the approach is based on blockchain and wallets/repositories and, in the broadest sense, on an implementation of smart contracts. The technological approach of smart contracts enables a high degree of traceability and transparency with little administrative effort. It also offers secure certification of services by the provider. It should be clearly stated that neither the portfolio examination nor the administration of academic achievements with smart contracts is the original idea, but rather the change in the recording of academic achievements towards an alternative approach to the recording and evaluation of student performance, which enables sustainable performance recording with the possibility of integrating practical components in particular. The desired result is a digital portfolio with work samples. The primary aim of this idea sketch is to develop an individualized performance record for students, which can also contribute to making performance more transparent and comprehensible. |
| 2024-08-14 | A Survey on Blockchain-based Supply Chain Finance with Progress and Future directions | Zhengdong Luo et.al. | 2408.08915 | Supply Chain Finance is very important for supply chain competition, which is an important tool to activate the capital flow in the supply chain. Supply Chain Finance-related research can support multiple applications and services, such as providing accounts receivable financing, enhancing risk management, and optimizing supply chain management. For more than a decade, the development of Blockchain has attracted widely attention in various fields, especially in finance. With the characteristics of data tamper-proof, forgery-proof, cryptography, consensus verification, and decentralization, Blockchain fits well with the realistic needs of Supply Chain Finance, which requires data integrity, authenticity, privacy, and information sharing. Therefore, it is time to summarize the applications of Blockchain technology in the field of Supply Chain Finance. What Blockchain technology brings to Supply Chain Finance is not only to alleviate the problems of information asymmetry, credit disassembly, and financing cost, but also to improve Supply Chain Finance operations through smart contracts to intelligent Supply Chain Finance and in combination with other technologies, such as artificial intelligence, cloud computing, and data mining, jointly. So there has been some work in Blockchain-based Supply Chain Finance research for different Supply Chain Finance oriented applications, but most of these work are at the management level to propose conceptual frameworks or simply use Blockchain without exploiting its deep applications. Moreover, there are few systematic reviews providing a comprehensive summary of current work in the area of Blockchain-based Supply Chain Finance. In this paper, we ... |
| 2024-08-09 | ServerFi: A New Symbiotic Relationship Between Games and Players | Pavun Shetty et.al. | 2408.08895 | Blockchain-based games have introduced novel economic models that blend traditional gaming with decentralized ownership and financial incentives, leading to the rapid emergence of the GameFi sector. However, despite their innovative appeal, these games face significant challenges, particularly in terms of market stability, player retention, and the sustainability of token value. This paper explores the evolution of blockchain games and identifies key shortcomings in current tokenomics models using entropy increase theory. We propose two new models - ServerFi, which emphasizes Privatization through Asset Synthesis, and a model focused on Continuous Rewards for High-Retention Players. These models are formalized into mathematical frameworks and validated through group behavior simulation experiments. Our findings indicate that the ServerFi is particularly effective in maintaining player engagement and ensuring the long-term viability of the gaming ecosystem, offering a promising direction for future blockchain game development. |
| 2024-08-16 | Beyond Proportional Individual Guarantees for Binary Perpetual Voting | Yotam Gafni et.al. | 2408.08767 | Perpetual voting studies fair collective decision-making in settings where many decisions are to be made, and is a natural framework for settings such as parliaments and the running of blockchain Decentralized Autonomous Organizations (DAOs). We focus our attention on the binary case (YES/NO decisions) and \textit{individual} guarantees for each of the participating agents. We introduce a novel notion, inspired by the popular maxi-min-share (MMS) for fair allocation. The agent expects to get as many decisions as if they were to optimally partition the decisions among the agents, with an adversary deciding which of the agents decides on what bundle. We show an online algorithm that guarantees the MMS notion for |
| 2024-08-16 | Blockchain-Enabled Accountability in Data Supply Chain: A Data Bill of Materials Approach | Yue Liu et.al. | 2408.08536 | In the era of advanced artificial intelligence, highlighted by large-scale generative models like GPT-4, ensuring the traceability, verifiability, and reproducibility of datasets throughout their lifecycle is paramount for research institutions and technology companies. These organisations increasingly rely on vast corpora to train and fine-tune advanced AI models, resulting in intricate data supply chains that demand effective data governance mechanisms. In addition, the challenge intensifies as diverse stakeholders may use assorted tools, often without adequate measures to ensure the accountability of data and the reliability of outcomes. In this study, we adapt the concept of Software Bill of Materials" into the field of data governance and management to address the above challenges, and introduce Data Bill of Materials" (DataBOM) to capture the dependency relationship between different datasets and stakeholders by storing specific metadata. We demonstrate a platform architecture for providing blockchain-based DataBOM services, present the interaction protocol for stakeholders, and discuss the minimal requirements for DataBOM metadata. The proposed solution is evaluated in terms of feasibility and performance via case study and quantitative analysis respectively. |
| 2024-08-13 | V3rified: Revelation vs Non-Revelation Mechanisms for Decentralized Verifiable Computation | Tiantian Gong et.al. | 2408.07177 | In the era of Web3, decentralized technologies have emerged as the cornerstone of a new digital paradigm. Backed by a decentralized blockchain architecture, the Web3 space aims to democratize all aspects of the web. From data-sharing to learning models, outsourcing computation is an established, prevalent practice. Verifiable computation makes this practice trustworthy as clients/users can now efficiently validate the integrity of a computation. As verifiable computation gets considered for applications in the Web3 space, decentralization is crucial for system reliability, ensuring that no single entity can suppress clients. At the same time, however, decentralization needs to be balanced with efficiency: clients want their computations done as quickly as possible. Motivated by these issues, we study the trade-off between decentralization and efficiency when outsourcing computational tasks to strategic, rational solution providers. Specifically, we examine this trade-off when the client employs (1) revelation mechanisms, i.e. auctions, where solution providers bid their desired reward for completing the task by a specific deadline and then the client selects which of them will do the task and how much they will be rewarded, and (2) simple, non-revelation mechanisms, where the client commits to the set of rules she will use to map solutions at specific times to rewards and then solution providers decide whether they want to do the task or not. We completely characterize the power and limitations of revelation and non-revelation mechanisms in our model. |
| 2024-08-12 | OFL-W3: A One-shot Federated Learning System on Web 3.0 | Linshan Jiang et.al. | 2408.07096 | Federated Learning (FL) addresses the challenges posed by data silos, which arise from privacy, security regulations, and ownership concerns. Despite these barriers, FL enables these isolated data repositories to participate in collaborative learning without compromising privacy or security. Concurrently, the advancement of blockchain technology and decentralized applications (DApps) within Web 3.0 heralds a new era of transformative possibilities in web development. As such, incorporating FL into Web 3.0 paves the path for overcoming the limitations of data silos through collaborative learning. However, given the transaction speed constraints of core blockchains such as Ethereum (ETH) and the latency in smart contracts, employing one-shot FL, which minimizes client-server interactions in traditional FL to a single exchange, is considered more apt for Web 3.0 environments. This paper presents a practical one-shot FL system for Web 3.0, termed OFL-W3. OFL-W3 capitalizes on blockchain technology by utilizing smart contracts for managing transactions. Meanwhile, OFL-W3 utilizes the Inter-Planetary File System (IPFS) coupled with Flask communication, to facilitate backend server operations to use existing one-shot FL algorithms. With the integration of the incentive mechanism, OFL-W3 showcases an effective implementation of one-shot FL on Web 3.0, offering valuable insights and future directions for AI combined with Web 3.0 studies. |
| 2024-08-09 | Verifiable Decentralized IPFS Cluster: Unlocking Trustworthy Data Permanency for Off-Chain Storage | Sid Lamichhane et.al. | 2408.07023 | In Decentralized Applications, off-chain storage solutions such as the InterPlanetary File System (IPFS) are crucial in overcoming Blockchain storage limitations. However, the assurance of data permanency in IPFS relies on the pinning of data, which comes with trust issues and potential single points of failure. This paper introduces Verifiable Decentralized IPFS Clusters (VDICs) to enhance off-chain storage reliability with verifiable data permanency guarantees. VDICs leverage Decentralized Identifier, Verifiable Credentials, and IPFS Clusters to create a trustworthy ecosystem where the storage of pinned data is transparent and verifiable. Performance evaluations demonstrate that VDICs are competitive with traditional pinning services. Real-life use cases validate their feasibility and practicality for providers of Decentralized Applications focused on ensuring data permanency. |
| 2024-08-13 | Voltran: Unlocking Trust and Confidentiality in Decentralized Federated Learning Aggregation | Hao Wang et.al. | 2408.06885 | The decentralized Federated Learning (FL) paradigm built upon blockchain architectures leverages distributed node clusters to replace the single server for executing FL model aggregation. This paradigm tackles the vulnerability of the centralized malicious server in vanilla FL and inherits the trustfulness and robustness offered by blockchain. However, existing blockchain-enabled schemes face challenges related to inadequate confidentiality on models and limited computational resources of blockchains to perform large-scale FL computations. In this paper, we present Voltran, an innovative hybrid platform designed to achieve trust, confidentiality, and robustness for FL based on the combination of the Trusted Execution Environment (TEE) and blockchain technology. We offload the FL aggregation computation into TEE to provide an isolated, trusted and customizable off-chain execution, and then guarantee the authenticity and verifiability of aggregation results on the blockchain. Moreover, we provide strong scalability on multiple FL scenarios by introducing a multi-SGX parallel execution strategy to amortize the large-scale FL workload. We implement a prototype of Voltran and conduct a comprehensive performance evaluation. Extensive experimental results demonstrate that Voltran incurs minimal additional overhead while guaranteeing trust, confidentiality, and authenticity, and it significantly brings a significant speed-up compared to state-of-the-art ciphertext aggregation schemes. |
| 2024-08-12 | Integration of blockchain in smart systems: problems and opportunities for real-time sensor data storage | Naseem Alsadi et.al. | 2408.06331 | The internet of things (IoT) and other emerging ubiquitous technologies are supporting the rapid spread of smart systems, which has underlined the need for safe, open, and decentralized data storage solutions. With its inherent decentralization and immutability, blockchain offers itself as a potential solution for these requirements. However, the practicality of incorporating blockchain into real-time sensor data storage systems is a topic that demands in-depth examination. While blockchain promises unmatched data security and auditability, some intrinsic qualities, namely scalability restrictions, transactional delays, and escalating storage demands, impede its seamless deployment in high-frequency, voluminous data contexts typical of real-time sensors. This essay launches a methodical investigation into these difficulties, illuminating their underlying causes, potential effects, and potential countermeasures. In addition, we present a novel pragmatic experimental setup and analysis of blockchain for smart system applications, with an extended discussion of the benefits and disadvantages of deploying blockchain based solutions for smart system ecosystems. |
| 2024-09-04 | Decentralized Health Intelligence Network (DHIN) | Abraham Nash et.al. | 2408.06240 | Decentralized Health Intelligence Network (DHIN) extends the Decentralized Intelligence Network (DIN) framework to address challenges in healthcare data sovereignty and AI utilization. Building upon DIN's core principles, DHIN introduces healthcare-specific components to tackle data fragmentation across providers and institutions, establishing a sovereign architecture for healthcare provision. It facilitates effective AI utilization by overcoming barriers to accessing diverse health data sources. This comprehensive framework leverages: 1) self-sovereign identity architecture coupled with a personal health record (PHR), extending DIN's personal data stores concept to ensure health data sovereignty; 2) a scalable federated learning (FL) protocol implemented on a public blockchain for decentralized AI training in healthcare, tailored for medical data; and 3) a scalable, trustless rewards mechanism adapted from DIN to incentivize participation in healthcare AI development. DHIN operates on a public blockchain with an immutable record, ensuring that no entity can control access to health data or determine financial benefits. It supports effective AI training while allowing patients to maintain control over their health data, benefit financially, and contribute to a decentralized ecosystem. Unique to DHIN, patients receive rewards in digital wallets as an incentive to opt into the FL protocol, with a long-term roadmap to fund decentralized insurance solutions. This approach introduces a novel, self-financed healthcare model that adapts to individual needs, complements existing systems, and redefines universal coverage, showcasing how DIN principles can transform healthcare data management and AI utilization while empowering patients. |
| 2024-08-12 | A Practical System Architecture for Contract Automation: Design and Uses | Emanuel Palm et.al. | 2408.06084 | While the blockchain-based smart contract has become a hot topic of research over the last decade, not the least in the context of Industry 4.0, it now has well-known legal and technical shortcomings that currently prohibit its real-world application. These shortcomings come from (1) that a smart contract is a computer program, not a document describing legal obligations, and (2) that blockchain-based systems are complicated to use and operate. In this paper, we present a refined and extended summary of our work taking key technologies from the blockchain sphere and applying them to the ricardian contract, which is a traditional contract in digital form with machine-readable parameters. By putting the ricardian contract in the context of our contract network architecture, we facilitate the infrastructure required for contracts to be offered, negotiated, performed, renegotiated and terminated in a completely digital and automatable fashion. Our architecture circumvents the legal issues of blockchains by facilitating an artifact very much alike a traditional contract, as well as its operational complexity by requiring consensus only between nodes representing directly involved parties. To demonstrate its utility, we also present how it could be used for (1) private data purchasing, (2) treasury management, (3) order-driven manufacturing and (4) automated device on-boarding. |
| 2024-08-12 | Hyperion: Unveiling DApp Inconsistencies using LLM and Dataflow-Guided Symbolic Execution | Shuo Yang et.al. | 2408.06037 | link |
| 2024-08-11 | Convergence of Symbiotic Communications and Blockchain for Sustainable and Trustworthy 6G Wireless Networks | Haoxiang Luo et.al. | 2408.05776 | Symbiotic communication (SC) is known as a new wireless communication paradigm, similar to the natural ecosystem population, and can enable multiple communication systems to cooperate and mutualize through service exchange and resource sharing. As a result, SC is seen as an important potential technology for future sixth-generation (6G) communications, solving the problem of lack of spectrum resources and energy inefficiency. Symbiotic relationships among communication systems can complement radio resources in 6G. However, the absence of established trust relationships among diverse communication systems presents a formidable hurdle in ensuring efficient and trusted resource and service exchange within SC frameworks. To better realize trusted SC services in 6G, in this paper, we propose a solution that converges SC and blockchain, called a symbiotic blockchain network (SBN). Specifically, we first use cognitive backscatter communication to transform blockchain consensus, that is, the symbiotic blockchain consensus (SBC), so that it can be better suited for the wireless network. Then, for SBC, we propose a highly energy-efficient sharding scheme to meet the extremely low power consumption requirements in 6G. Finally, such a blockchain scheme guarantees trusted transactions of communication services in SC. Through ablation experiments, our proposed SBN demonstrates significant efficacy in mitigating energy consumption and reducing processing latency in adversarial networks, which is expected to achieve a sustainable and trusted 6G wireless network. |
| 2024-08-10 | Effects of Vote Delegation in Blockchains: Who Wins? | Hans Gersbach et.al. | 2408.05410 | This paper investigates which alternative benefits from vote delegation in binary collective decisions within blockchains. We begin by examining two extreme cases of voting weight distributions: Equal-Weight (EW), where each voter has equal voting weight, and Dominant-Weight (DW), where a single voter holds a majority of the voting weights before any delegation occurs. We show that vote delegation tends to benefit the ex-ante minority under EW, i.e., the alternative with a lower initial probability of winning. The converse holds under DW distribution. Through numerical simulations, we extend our findings to arbitrary voting weight distributions, showing that vote delegation benefits the ex-ante majority when it leads to a more balanced distribution of voting weights. Finally, in large communities where all agents have equal voting weight, vote delegation has a negligible impact on the outcome. These insights provide practical guidance for governance decisions in blockchains. |
| 2024-08-09 | Monero Traceability Heuristics: Wallet Application Bugs and the Mordinal-P2Pool Perspective | Nada Hammad et.al. | 2408.05332 | Privacy-focused cryptoassets like Monero are intentionally difficult to trace. Over the years, several traceability heuristics have been proposed, most of which have been rendered ineffective with subsequent protocol upgrades. Between 2019 and 2023, Monero wallet application bugs "Differ By One" and "10 Block Decoy Bug" have been observed and identified and discussed in the Monero community. In addition, a decentralized mining pool named P2Pool has proliferated, and a controversial UTXO NFT imitation known as Mordinals has been tried for Monero. In this paper, we systematically describe the traceability heuristics that have emerged from these developments, and evaluate their quality based on ground truth, and through pairwise comparisons. We also explore the temporal perspective, and show which of these heuristics have been applicable over the past years, what fraction of decoys could be eliminated and what the remaining effective ring size is. Our findings illustrate that most of the heuristics have a high precision, that the "10 Block Decoy Bug" and the Coinbase decoy identification heuristics have had the most impact between 2019 and 2023, and that the former could be used to evaluate future heuristics, if they are also applicable during that time frame. |
| 2024-08-08 | Counter Denial of Service for Next-Generation Networks within the Artificial Intelligence and Post-Quantum Era | Saleh Darzi et.al. | 2408.04725 | Given the rise in cyber threats to networked systems, coupled with the proliferation of AI techniques and enhanced processing capabilities, Denial of Service (DoS) attacks are becoming increasingly sophisticated and easily executable. They target system availability, compromising entire systems without breaking underlying security protocols. Consequently, numerous studies have focused on preventing, detecting, and mitigating DoS attacks. However, state-of-the-art systematization efforts have limitations such as isolated DoS countermeasures, shortcomings of AI-based studies, and a lack of DoS integration features like privacy, anonymity, authentication, and transparency. Additionally, the emergence of quantum computers is a game changer for DoS from attack and defense perspectives, yet it has remained largely unexplored. This study aims to address these gaps by examining (counter)-DoS in the AI era while also considering post-quantum (PQ) security when it applies. We highlight the deficiencies in the current literature and provide insights into synergistic techniques to bridge these gaps. We explore AI mechanisms for DoS intrusion detection, evaluate cybersecurity properties in cutting-edge machine learning models, and analyze weaponized AI in the context of DoS. We also investigate collaborative and distributed counter-DoS frameworks via federated learning and blockchains. Finally, we assess proactive approaches such as honeypots, puzzles, and authentication schemes that can be integrated into next-generation network systems for DoS prevention and mitigation. |
| 2024-08-08 | Redefining Accountability: Navigating Legal Challenges of Participant Liability in Decentralized Autonomous Organizations | Aneta Napieralska et.al. | 2408.04717 | In the digital era, where innovative technologies like blockchain are revolutionizing traditional organizational paradigms, Decentralized Autonomous Organizations (DAOs) emerge as avant-garde models of collective governance. However, their unique structure challenges existing legal frameworks, especially concerning the liability of participants. This study focuses on analyzing the legal implications of the decentralized nature of DAOs, with a particular emphasis on the aspects of participant liability. Such considerations are essential for understanding how current legal systems might be adapted or reformed to effectively address these novel challenges. The paper examines the specificity of DAOs, highlighting their decentralized governance structure and reliance on smart contracts, which introduce unique issues related to the blurring of liability boundaries. It underscores how the anonymity of DAO participants and the automatic execution of smart contracts complicate the traditional concept of legal liability, both within the DAO context and in interactions with external parties. The analysis also includes a comparison between DAOs and traditional organizational forms, such as corporations and associations, to identify potential analogies and differences in participant liability. It explores how existing regulations on partner liability might be insufficient or inapplicable in the DAO context, prompting the search for new, innovative legal solutions. |
| 2024-08-01 | Risks, Causes, and Mitigations of Widespread Deployments of Large Language Models (LLMs): A Survey | Md Nazmus Sakib et.al. | 2408.04643 | Recent advancements in Large Language Models (LLMs), such as ChatGPT and LLaMA, have significantly transformed Natural Language Processing (NLP) with their outstanding abilities in text generation, summarization, and classification. Nevertheless, their widespread adoption introduces numerous challenges, including issues related to academic integrity, copyright, environmental impacts, and ethical considerations such as data bias, fairness, and privacy. The rapid evolution of LLMs also raises concerns regarding the reliability and generalizability of their evaluations. This paper offers a comprehensive survey of the literature on these subjects, systematically gathered and synthesized from Google Scholar. Our study provides an in-depth analysis of the risks associated with specific LLMs, identifying sub-risks, their causes, and potential solutions. Furthermore, we explore the broader challenges related to LLMs, detailing their causes and proposing mitigation strategies. Through this literature analysis, our survey aims to deepen the understanding of the implications and complexities surrounding these powerful models. |
| 2024-08-07 | A Blockchain-based Reliable Federated Meta-learning for Metaverse: A Dual Game Framework | Emna Baccour et.al. | 2408.03694 | The metaverse, envisioned as the next digital frontier for avatar-based virtual interaction, involves high-performance models. In this dynamic environment, users' tasks frequently shift, requiring fast model personalization despite limited data. This evolution consumes extensive resources and requires vast data volumes. To address this, meta-learning emerges as an invaluable tool for metaverse users, with federated meta-learning (FML), offering even more tailored solutions owing to its adaptive capabilities. However, the metaverse is characterized by users heterogeneity with diverse data structures, varied tasks, and uneven sample sizes, potentially undermining global training outcomes due to statistical difference. Given this, an urgent need arises for smart coalition formation that accounts for these disparities. This paper introduces a dual game-theoretic framework for metaverse services involving meta-learners as workers to manage FML. A blockchain-based cooperative coalition formation game is crafted, grounded on a reputation metric, user similarity, and incentives. We also introduce a novel reputation system based on users' historical contributions and potential contributions to present tasks, leveraging correlations between past and new tasks. Finally, a Stackelberg game-based incentive mechanism is presented to attract reliable workers to participate in meta-learning, minimizing users' energy costs, increasing payoffs, boosting FML efficacy, and improving metaverse utility. Results show that our dual game framework outperforms best-effort, random, and non-uniform clustering schemes - improving training performance by up to 10%, cutting completion times by as much as 30%, enhancing metaverse utility by more than 25%, and offering up to 5% boost in training efficiency over non-blockchain systems, effectively countering misbehaving users. |
| 2024-08-05 | XDC Network Assessment: Decentralization, Scalability and Security | Mohuya Chakraborty et.al. | 2408.02318 | XinFin, in 2019, unveiled the XDC network, an enterprise-ready hybrid blockchain platform that is open-source and specializes in tokenization for real-world decentralized finance. Overseeing the XDC network is currently the XDC Foundation, a non-profit organization established to encourage the growth, enhancement, and adoption of the XDC Network through community-driven projects such as GitHub. This whitepaper discusses the real-time assessment of the XDC network's decentralization, scalability, and security aspects as well as the Nakamoto coefficient estimation that follows, which is a measure of a decentralized system's decentralization nature that quantifies the minimal number of nodes or entities needed to compromise the system. A high coefficient denotes greater decentralization, while a low number denotes increased disruption risk. The XDC network's real-time computation of the high Nakamoto coefficient demonstrates its highly decentralized character. The article also addresses the diversity of consensus and execution clients, the host distribution, the geo-distribution, and some of the outstanding issues and business considerations. |
| 2024-08-04 | Assessing the XDC Network: A Comprehensive Evaluation of its qualitative and technical aspects | Atul Khekade et.al. | 2408.02115 | This research provides a thorough assessment of the XDC Network, a delegated proof of stake (XDPoS) consensus-based blockchain technology, across its technical, security, and business dimensions. The study evaluates the network's decentralization, scalability, and security features, including its Nakamoto coefficient, validator participation, and client distribution. Additionally, it examines the developer ecosystem, including GitHub metrics, and business aspects such as transaction costs and predictability. The findings of this research will provide valuable insights into the strengths and weaknesses of the XDC Network, informing stakeholders and decision-makers about its suitability for various use cases, particularly in trade finance, asset tokenization, and enterprise blockchain solutions. |
| 2024-08-04 | Secure and Transparent Medical Record Management System Using Python and Blockchain | Atchiyya Naidu Chitikela et.al. | 2408.02081 | In this paper, we propose a robust health record storage and management system built on blockchain technology to address the challenges faced by traditional healthcare record systems. The primary advantage of employing blockchain in healthcare record management is its ability to provide a secure and decentralized platform. Unlike traditional centralized databases, where a single point of failure can compromise data integrity and security, blockchain distributes data across a network of nodes, ensuring redundancy and resilience against cyber-attacks. This distributed nature of blockchain enhances data security and privacy, crucial considerations when dealing with sensitive health information. Central to our proposed system is the utilization of smart contracts, which are self-executing contracts with predefined rules and conditions. Smart contracts automate processes related to health record management, such as data access, sharing, and updating, based on predefined permissions and protocols. This automation not only streamlines administrative tasks but also reduces the risk of human errors and ensures data accuracy and consistency. Furthermore, our system prioritizes patient empowerment by granting individuals complete control over their health records. Patients can securely access and manage their data using cryptographic keys, granting permission to healthcare providers or other authorized entities as needed. Overall, our proposed health record storage and management system on the blockchain offer significant advantages over traditional systems, including enhanced security, data integrity, transparency, and patient control. By leveraging blockchain technology and smart contracts, healthcare organizations can revolutionize their record management practices, and maintaining secure ecosystems. |
| 2024-08-04 | Blockchain-Enabled Dynamic Spectrum Sharing for Satellite and Terrestrial Communication Networks | Zixin Wang et.al. | 2408.02013 | Dynamic spectrum sharing (DSS) between satellite and terrestrial networks has increasingly engaged the academic and industrial sectors. Nevertheless, facilitating secure, efficient and scalable sharing continues to pose a pivotal challenge. Emerging as a promising technology to bridge the trust gap among multiple participants, blockchain has been envisioned to enable DSS in a decentralized manner. However, satellites with limited resources may struggle to support the frequent interactions required by blockchain networks. Additionally,given the extensive coverage of satellites, spectrum sharing needs vary by regions, challenging traditional blockchain approaches to accommodate differences. In this work, a partitioned, self-governed, and customized dynamic spectrum sharing approach (PSC-DSS) is proposed for spectrum sharing between satellite access networks and terrestrial access networks. This approach establishes a sharded and tiered architecture which allows various regions to manage spectrum autonomously while jointly maintaining a single blockchain ledger. Moreover, a spectrum-consensus integrated mechanism, which decouples DSS process and couples it with blockchain consensus protocol, is designed to enable regions to conduct DSS transactions in parallel and dynamically innovate spectrum sharing schemes without affecting others. Furthermore, a theoretical framework is derived to justify the stability performance of PSC-DSS. Finally, simulations and experiments are conducted to validate the advantageous performance of PSC-DSS in terms of low-overhead, high efficiency, and robust stability. |
| 2024-08-04 | Remote Staking with Economic Safety | Xinshu Dong et.al. | 2408.01896 | Proof-of-stake (PoS) blockchains require validators to lock their tokens as collateral, slashing these tokens if they are identified as protocol violators. PoS chains have mostly been secured by their native tokens. However, using only the native token upper-bounds the value eligible for staking by the market capitalization of the native token. In contrast, the remote staking of another crypto asset from a provider chain provides an avenue to improve the consumer chain's economic security. In this paper, we present the first known remote staking protocols with guaranteed optimal economic safety: whenever there is a safety violation on the consumer chain, at least one third of the provider's stake securing the consumer chain is slashed. To achieve this goal for a broad range of provider and consumer chains, two independent contributions are made: 1) a remote unbonding protocol that ensures slashing before the stake is unbonded on the provider chain if there is safety violation on the consumer chain; 2) a protocol to slash stake even without smart contracts on the provider chain. The remote staking protocol is analyzed and implemented in the case where the provider chain is Bitcoin and the consumer chain is a Cosmos SDK chain running the Tendermint consensus protocol. |
| 2024-09-19 | Blockchain Amplification Attack | Taro Tsuchiya et.al. | 2408.01508 | Strategies related to the blockchain concept of Extractable Value (MEV/BEV), such as arbitrage, front- or backrunning create an economic incentive for network nodes to reduce latency. A modified node, that minimizes transaction validation time and neglects to filter invalid transactions in the Ethereum P2P network, introduces a novel attack vector -- Blockchain Amplification Attack. An attacker exploits those modified nodes to amplify an invalid transaction thousands of times, posing a threat to the entire network. To illustrate attack feasibility and practicality in the current mainnet, we 1) identify thousands of similar attacks in the wild, 2) mathematically model propagation mechanism, 3) empirically measure model parameters from our two monitoring nodes, and 4) compare performance with existing Denial-of-Service attacks through local simulation. We show that an attacker can amplify network traffic at modified nodes by a factor of 3,600, and cause economic damages 13,800 times greater than the amount needed to carry out the attack. Despite these risks, aggressive latency reduction may still be profitable enough to justify the existence of modified nodes. To assess this tradeoff, we 1) simulate the transaction validation process in the local network and 2) empirically measure the latency reduction by deploying our modified node in the Ethereum testnet. We conclude with a cost-benefit analysis of skipping validation and provide mitigation strategies against this attack. |
| 2024-08-01 | Automatic Pull Request Description Generation Using LLMs: A T5 Model Approach | Md Nazmus Sakib et.al. | 2408.00921 | Developers create pull request (PR) descriptions to provide an overview of their changes and explain the motivations behind them. These descriptions help reviewers and fellow developers quickly understand the updates. Despite their importance, some developers omit these descriptions. To tackle this problem, we propose an automated method for generating PR descriptions based on commit messages and source code comments. This method frames the task as a text summarization problem, for which we utilized the T5 text-to-text transfer model. We fine-tuned a pre-trained T5 model using a dataset containing 33,466 PRs. The model's effectiveness was assessed using ROUGE metrics, which are recognized for their strong alignment with human evaluations. Our findings reveal that the T5 model significantly outperforms LexRank, which served as our baseline for comparison. |
| 2024-08-01 | Enhancing Ethereum Fraud Detection via Generative and Contrastive Self-supervision | Chenxiang Jin et.al. | 2408.00641 | The rampant fraudulent activities on Ethereum hinder the healthy development of the blockchain ecosystem, necessitating the reinforcement of regulations. However, multiple imbalances involving account interaction frequencies and interaction types in the Ethereum transaction environment pose significant challenges to data mining-based fraud detection research. To address this, we first propose the concept of meta-interactions to refine interaction behaviors in Ethereum, and based on this, we present a dual self-supervision enhanced Ethereum fraud detection framework, named Meta-IFD. This framework initially introduces a generative self-supervision mechanism to augment the interaction features of accounts, followed by a contrastive self-supervision mechanism to differentiate various behavior patterns, and ultimately characterizes the behavioral representations of accounts and mines potential fraud risks through multi-view interaction feature learning. Extensive experiments on real Ethereum datasets demonstrate the effectiveness and superiority of our framework in detecting common Ethereum fraud behaviors such as Ponzi schemes and phishing scams. Additionally, the generative module can effectively alleviate the interaction distribution imbalance in Ethereum data, while the contrastive module significantly enhances the framework's ability to distinguish different behavior patterns. The source code will be released on GitHub soon. |
| 2024-08-01 | A Survey on the Applications of Zero-Knowledge Proofs | Ryan Lavin et.al. | 2408.00243 | Zero-knowledge proofs (ZKPs) represent a revolutionary advance in computational integrity and privacy technology, enabling the secure and private exchange of information without revealing underlying private data. ZKPs have unique advantages in terms of universality and minimal security assumptions when compared to other privacy-sensitive computational methods for distributed systems, such as homomorphic encryption and secure multiparty computation. Their application spans multiple domains, from enhancing privacy in blockchain to facilitating confidential verification of computational tasks. This survey starts with a high-level overview of the technical workings of ZKPs with a focus on an increasingly relevant subset of ZKPs called zk-SNARKS. While there have been prior surveys on the algorithmic and theoretical aspects of ZKPs, our work is distinguished by providing a broader view of practical aspects and describing many recently-developed use cases of ZKPs across various domains. These application domains span blockchain privacy, scaling, storage, and interoperability, as well as non-blockchain applications like voting, authentication, timelocks, and machine learning. Aimed at both practitioners and researchers, the survey also covers foundational components and infrastructure such as zero-knowledge virtual machines (zkVM), domain-specific languages (DSLs), supporting libraries, frameworks, and protocols. We conclude with a discussion on future directions, positioning ZKPs as pivotal in the advancement of cryptographic practices and digital privacy across many applications. |
| 2024-07-31 | Need of AI in Modern Education: in the Eyes of Explainable AI (xAI) | Supriya Manna et.al. | 2408.00025 | Modern Education is not \textit{Modern} without AI. However, AI's complex nature makes understanding and fixing problems challenging. Research worldwide shows that a parent's income greatly influences a child's education. This led us to explore how AI, especially complex models, makes important decisions using Explainable AI tools. Our research uncovered many complexities linked to parental income and offered reasonable explanations for these decisions. However, we also found biases in AI that go against what we want from AI in education: clear transparency and equal access for everyone. These biases can impact families and children's schooling, highlighting the need for better AI solutions that offer fair opportunities to all. This chapter tries to shed light on the complex ways AI operates, especially concerning biases. These are the foundational steps towards better educational policies, which include using AI in ways that are more reliable, accountable, and beneficial for everyone involved. |
| 2024-08-08 | Discovery of 6G Services and Resources in Edge-Cloud-Continuum | Mohammad Farhoudi et.al. | 2407.21751 | The advent of 6G networks will present a pivotal juncture in the evolution of telecommunications, marked by the proliferation of devices, dynamic service requests, and the integration of edge and cloud computing. In response to these transformative shifts, this paper proposes a service and resource discovery architecture as part of service provisioning for the future 6G edge-cloud-continuum. Through the architecture's orchestration and platform components, users will have access to services efficiently and on time. Blockchain underpins trust in this inherently trustless environment, while semantic networking dynamically extracts context from service requests, fostering efficient communication and service delivery. A key innovation lies in dynamic overlay zoning, which not only optimizes resource allocation but also endows our architecture with scalability, adaptability, and resilience. Notably, our architecture excels at predictive capabilities, harnessing learning algorithms to anticipate user and service instance behavior, thereby enhancing network responsiveness and preserving service continuity. This comprehensive architecture paves the way for unparalleled resource optimization, latency reduction, and seamless service delivery, positioning it as an instrumental pillar in the unfolding 6G landscape. Simulation results show that our architecture provides near-optimal timely responses that significantly improve the network's potential, offering scalable and efficient service and resource discovery. |
| 2024-07-31 | Self-Sovereign Identity for Consented and Content-Based Access to Medical Records using Blockchain | Marie Tcholakian et.al. | 2407.21559 | Electronic Health Records (EHRs) and Medical Data are classified as personal data in every privacy law, meaning that any related service that includes processing such data must come with full security, confidentiality, privacy and accountability. Solutions for health data management, as in storing it, sharing and processing it, are emerging quickly and were significantly boosted by the Covid-19 pandemic that created a need to move things online. EHRs makes a crucial part of digital identity data, and the same digital identity trends -- as in self sovereign identity powered by decentralized ledger technologies like Blockchain, are being researched or implemented in contexts managing digital interactions between health facilities, patients and health professionals. In this paper, we propose a blockchain-based solution enabling secure exchange of EHRs between different parties powered by a self-sovereign identity (SSI) wallet and decentralized identifiers. We also make use of a consortium IPFS network for off-chain storage and attribute-based encryption (ABE) to ensure data confidentiality and integrity. Through our solution, we grant users full control over their medical data, and enable them to securely share it in total confidentiality over secure communication channels between user wallets using encryption. We also use DIDs for better user privacy and limit any possible correlations or identification by using pairwise DIDs. Overall, combining this set of technologies guarantees secure exchange of EHRs, secure storage and management along with by-design features inherited from the technological stack. |
| 2024-07-31 | Games in Public Announcement: How to Reduce System Losses in Optimistic Blockchain Mechanisms | Siyuan Liu et.al. | 2407.21413 | Announcement games, where information is disseminated by announcers and challenged by validators, are prevalent in real-world scenarios. Validators take effort to verify the validity of the announcements, gaining rewards for successfully challenging invalid ones, while receiving nothing for valid ones. Optimistic Rollup, a Layer 2 blockchain scaling solution, exemplifies such games, offering significant improvements in transaction throughput and cost efficiency. We present a game-theoretic model of announcement games to analyze the potential behaviors of announcers and validators. We identify all Nash equilibria and study the corresponding system losses for different Nash equilibria. Additionally, we analyze the impact of various system parameters on system loss under the Nash equilibrium. Finally, we provide suggestions for mechanism optimization to reduce system losses. |
| 2024-08-07 | FedBChain: A Blockchain-enabled Federated Learning Framework for Improving DeepConvLSTM with Comparative Strategy Insights | Gaoxuan Li et.al. | 2407.21282 | Recent research in the field of Human Activity Recognition has shown that an improvement in prediction performance can be achieved by reducing the number of LSTM layers. However, this kind of enhancement is only significant on monolithic architectures, and when it runs on large-scale distributed training, data security and privacy issues will be reconsidered, and its prediction performance is unknown. In this paper, we introduce a novel framework: FedBChain, which integrates the federated learning paradigm based on a modified DeepConvLSTM architecture with a single LSTM layer. This framework performs comparative tests of prediction performance on three different real-world datasets based on three different hidden layer units (128, 256, and 512) combined with five different federated learning strategies, respectively. The results show that our architecture has significant improvements in Precision, Recall and F1-score compared to the centralized training approach on all datasets with all hidden layer units for all strategies: FedAvg strategy improves on average by 4.54%, FedProx improves on average by 4.57%, FedTrimmedAvg improves on average by 4.35%, Krum improves by 4.18% on average, and FedAvgM improves by 4.46% on average. Based on our results, it can be seen that FedBChain not only improves in performance, but also guarantees the security and privacy of user data compared to centralized training methods during the training process. The code for our experiments is publicly available (https://github.com/Glen909/FedBChain). |
| 2024-07-30 | FL-DECO-BC: A Privacy-Preserving, Provably Secure, and Provenance-Preserving Federated Learning Framework with Decentralized Oracles on Blockchain for VANETs | Sathwik Narkedimilli et.al. | 2407.21141 | Vehicular Ad-Hoc Networks (VANETs) hold immense potential for improving traffic safety and efficiency. However, traditional centralized approaches for machine learning in VANETs raise concerns about data privacy and security. Federated Learning (FL) offers a solution that enables collaborative model training without sharing raw data. This paper proposes FL-DECO-BC as a novel privacy-preserving, provably secure, and provenance-preserving federated learning framework specifically designed for VANETs. FL-DECO-BC leverages decentralized oracles on blockchain to securely access external data sources while ensuring data privacy through advanced techniques. The framework guarantees provable security through cryptographic primitives and formal verification methods. Furthermore, FL-DECO-BC incorporates a provenance-preserving design to track data origin and history, fostering trust and accountability. This combination of features empowers VANETs with secure and privacy-conscious machine-learning capabilities, paving the way for advanced traffic management and safety applications. |
| 2024-07-30 | Securing Proof of Stake Blockchains: Leveraging Multi-Agent Reinforcement Learning for Detecting and Mitigating Malicious Nodes | Faisal Haque Bappy et.al. | 2407.20983 | Proof of Stake (PoS) blockchains offer promising alternatives to traditional Proof of Work (PoW) systems, providing scalability and energy efficiency. However, blockchains operate in a decentralized manner and the network is composed of diverse users. This openness creates the potential for malicious nodes to disrupt the network in various ways. Therefore, it is crucial to embed a mechanism within the blockchain network to constantly monitor, identify, and eliminate these malicious nodes without involving any central authority. In this paper, we propose MRL-PoS+, a novel consensus algorithm to enhance the security of PoS blockchains by leveraging Multi-agent Reinforcement Learning (MRL) techniques. Our proposed consensus algorithm introduces a penalty-reward scheme for detecting and eliminating malicious nodes. This approach involves the detection of behaviors that can lead to potential attacks in a blockchain network and hence penalizes the malicious nodes, restricting them from performing certain actions. Our developed Proof of Concept demonstrates effectiveness in eliminating malicious nodes for six types of major attacks. Experimental results demonstrate that MRL-PoS+ significantly improves the attack resilience of PoS blockchains compared to the traditional schemes without incurring additional computation overhead. |
| 2024-07-30 | Impact of Conflicting Transactions in Blockchain: Detecting and Mitigating Potential Attacks | Faisal Haque Bappy et.al. | 2407.20980 | Conflicting transactions within blockchain networks not only pose performance challenges but also introduce security vulnerabilities, potentially facilitating malicious attacks. In this paper, we explore the impact of conflicting transactions on blockchain attack vectors. Through modeling and simulation, we delve into the dynamics of four pivotal attacks - block withholding, double spending, balance, and distributed denial of service (DDoS), all orchestrated using conflicting transactions. Our analysis not only focuses on the mechanisms through which these attacks exploit transaction conflicts but also underscores their potential impact on the integrity and reliability of blockchain networks. Additionally, we propose a set of countermeasures for mitigating these attacks. Through implementation and evaluation, we show their effectiveness in lowering attack rates and enhancing overall network performance seamlessly, without introducing additional overhead. Our findings emphasize the critical importance of actively managing conflicting transactions to reinforce blockchain security and performance. |
| 2024-08-02 | SoK: Payment Channel Networks | Kartick Kolachala et.al. | 2407.20968 | Payment Channel Networks (PCNs) have been proposed as an alternative solution to the scalability, throughput, and cost overhead associated with on-chain transactions. By facilitating offchain execution of transactions, PCNs significantly reduce the burden on the blockchain, leading to faster transaction processing, reduced transaction fees, and enhanced privacy. Despite these advantages, the current research in PCNs presents a variety of research challenges that require further exploration. In this paper, we survey the recent work in several aspects of PCNs, such as pathfinding and routing, virtual channels, state channels, payment channel hubs and rebalancing. This survey aims to provide the reader with a detailed understanding of the current state-of-the-art in PCN research, highlighting a few important advancements. Additionally, we highlight the various unresolved issues in the area of PCN research. Specifically, this paper seeks to answer the following crucial question: What are the various interesting and non-trivial challenges in PCN research that require immediate attention from the academic and research community? By addressing this question, we aim to identify the most pressing problems and future research directions that interested readers can immediately work on. Through this analysis, we hope to inspire researchers and practitioners to tackle these challenges to make PCNs more secure and versatile |
| 2024-07-29 | Legal Aspects of Decentralized and Platform-Driven Economies | Marcelo Corrales Compagnucci et.al. | 2407.20301 | The sharing economy is sprawling across almost every sector and activity around the world. About a decade ago, there were only a handful of platform driven companies operating on the market. Zipcar, BlaBlaCar and Couchsurfing among them. Then Airbnb and Uber revolutionized the transportation and hospitality industries with a presence in virtually every major city. Access over ownership is the paradigm shift from the traditional business model that grants individuals the use of products or services without the necessity of buying them. Digital platforms, data and algorithm-driven companies as well as decentralized blockchain technologies have tremendous potential. But they are also changing the rules of the game. One of such technologies challenging the legal system are AI systems that will also reshape the current legal framework concerning the liability of operators, users and manufacturers. Therefore, this introductory chapter deals with explaining and describing the legal issues of some of these disruptive technologies. The chapter argues for a more forward-thinking and flexible regulatory structure. |
| 2024-07-26 | Blockchain for Large Language Model Security and Safety: A Holistic Survey | Caleb Geren et.al. | 2407.20181 | With the advent of accessible interfaces for interacting with large language models, there has been an associated explosion in both their commercial and academic interest. Consequently, there has also been an sudden burst of novel attacks associated with large language models, jeopardizing user data on a massive scale. Situated at a comparable crossroads in its development, and equally prolific to LLMs in its rampant growth, blockchain has emerged in recent years as a disruptive technology with the potential to redefine how we approach data handling. In particular, and due to its strong guarantees about data immutability and irrefutability as well as inherent data provenance assurances, blockchain has attracted significant attention as a means to better defend against the array of attacks affecting LLMs and further improve the quality of their responses. In this survey, we holistically evaluate current research on how blockchains are being used to help protect against LLM vulnerabilities, as well as analyze how they may further be used in novel applications. To better serve these ends, we introduce a taxonomy of blockchain for large language models (BC4LLM) and also develop various definitions to precisely capture the nature of different bodies of research in these areas. Moreover, throughout the paper, we present frameworks to contextualize broader research efforts, and in order to motivate the field further, we identify future research goals as well as challenges present in the blockchain for large language model (BC4LLM) space. |
| 2024-07-29 | Prichain II: CloudGuardian Cloud Security Proposal with Blockchain | Rodrigo Craveiro Rodrigues et.al. | 2407.19961 | With the advancement of cloud computing, data storage, and security have become crucial. The growing adoption of cloud services by companies, accompanied by increased threats from cybersecurity, highlights the importance of privacy and ownership of user data. Between 2022 and 2023, there has been an increase of around 48% in cloud security threats, emphasizing the urgent need for strong security solutions. To face these challenges, in this project, we propose integrating the Ethereum network's blockchain technology with a database located in the PostgreSQL cloud. The proposed solution aims to provide bidirectional data synchronization and strict control of access mechanisms. Blockchain technology ensures immutability and transparency of transactions, while PostgreSQL provides efficient and scalable storage. Through rigorous testing in an adaptive traffic control scenario, the results obtained indicate that this solution offers a significantly high level of security due to the decentralization of data, confirming that this solution is effective, and making it a powerful new option to improve security in cloud environments. In conclusion, the solution proposed in this project not only increases information security but also demonstrates the practical feasibility of integrating blockchain with cloud relational databases. This two-way alignment improves protection against cyberattacks and ensures that user data is protected from unauthorized access and malicious changes. |
| 2024-08-03 | Before and After Blockchain: Development and Principles of Distributed Fault-Tolerant Consensus | Huanyu Wu et.al. | 2407.19863 | The concept of distributed consensus gained widespread attention following the publication of "Byzantine Generals Problem" by Leslie Lamport in the 1980s. This research topic has been active and extensively studied over the last four decades, particularly since the advent of blockchain technology in 2009. Blockchain technology employs Proof-of-X (PoX) or Byzantine-fault-tolerant (BFT) systems, where all participants follow a protocol to achieve a common state (i.e., consistency) eventually. However, because PoX consensus such as Proof-of-Work is is resource-intensive with high power consumption, most permissioned blockchains employ BFT to achieve consistency. In this article, we provide an introduction to the fundamental principles and history of distributed consensus. We then explore the well-known fault-tolerant state machine replication (SMR) in partially synchronous networks, as well as consensus protocols in asynchronous models and recently proposed DAG-based consensus. Additionally, we examine the relationship between BFT consensus and blockchain technology and discuss the following questions: What is the history and evolution of BFT? Why are BFT protocols designed in the way they are and what core components do they use? What is the connection between BFT and blockchain technology, and what are the driving needs for future BFT research? |
| 2024-07-29 | Model Agnostic Hybrid Sharding For Heterogeneous Distributed Inference | Claudio Angione et.al. | 2407.19775 | The rapid growth of large-scale AI models, particularly large language models has brought significant challenges in data privacy, computational resources, and accessibility. Traditional centralized architectures often struggle to meet required data security and scalability needs which hinders the democratization of AI systems. Nesa introduces a model-agnostic sharding framework designed for decentralized AI inference. Our framework uses blockchain-based sequential deep neural network sharding to distribute computational tasks across a diverse network of nodes based on a personalised heuristic and routing mechanism. This enables efficient distributed training and inference for recent large-scale models even on consumer-grade hardware. We use compression techniques like dynamic blockwise quantization and mixed matrix decomposition to reduce data transfer and memory needs. We also integrate robust security measures, including hardware-based trusted execution environments to ensure data integrity and confidentiality. Evaluating our system across various natural language processing and vision tasks shows that these compression strategies do not compromise model accuracy. Our results highlight the potential to democratize access to cutting-edge AI technologies by enabling secure and efficient inference on a decentralized network. |
| 2024-07-30 | Performance Optimization of High-Conflict Transactions within the Hyperledger Fabric Blockchain | Alexandros Stoltidis et.al. | 2407.19732 | Hyperledger Fabric (HLF) is a secure and robust blockchain (BC) platform that supports high-throughput and low-latency transactions. However, it encounters challenges in managing conflicting transactions that negatively affect throughput and latency. This paper proposes a novel solution to address these challenges and improve performance, especially in applications incorporating extensive volumes of highly conflicting transactions. Our solution involves reallocating the Multi-Version Concurrency Control (MVCC) of the validation phase to a preceding stage in the transaction flow to enable early detection of conflicting transactions. Specifically, we propose and evaluate two innovative modifications, called Orderer Early MVCC (OEMVCC) and OEMVCC with Execution Avoidance (OEMVCC-EA). Our experimental evaluation results demonstrate significant throughput and latency improvements, providing a practical solution for high-conflict applications that demand high performance and scalability. |
| 2024-07-28 | Maximal Extractable Value Mitigation Approaches in Ethereum and Layer-2 Chains: A Comprehensive Survey | Zeinab Alipanahloo et.al. | 2407.19572 | Maximal Extractable Value (MEV) represents a pivotal challenge within the Ethereum ecosystem; it impacts the fairness, security, and efficiency of both Layer 1 (L1) and Layer 2 (L2) networks. MEV arises when miners or validators manipulate transaction ordering to extract additional value, often at the expense of other network participants. This not only affects user experience by introducing unpredictability and potential financial losses but also threatens the underlying principles of decentralization and trust. Given the growing complexity of blockchain applications, particularly with the increase of Decentralized Finance (DeFi) protocols, addressing MEV is crucial. This paper presents a comprehensive survey of MEV mitigation techniques as applied to both Ethereums L1 and various L2 solutions. We provide a novel categorization of mitigation strategies; we also describe the challenges, ranging from transaction sequencing and cryptographic methods to reconfiguring decentralized applications (DApps) to reduce front-running opportunities. We investigate their effectiveness, implementation challenges, and impact on network performance. By synthesizing current research, real-world applications, and emerging trends, this paper aims to provide a detailed roadmap for researchers, developers, and policymakers to understand and combat MEV in an evolving blockchain landscape. |
| 2024-07-28 | Breaking the Balance of Power: Commitment Attacks on Ethereum's Reward Mechanism | Roozbeh Sarenche et.al. | 2407.19479 | Validators in permissionless, large-scale blockchains (e.g., Ethereum) are typically payoff-maximizing, rational actors. Ethereum relies on in-protocol incentives, like rewards for validators delivering correct and timely votes, to induce honest behavior and secure the blockchain. However, external incentives, such as the block proposer's opportunity to capture maximal extractable value (MEV), may tempt validators to deviate from honest protocol participation. We show a series of commitment attacks on LMD GHOST, a core part of Ethereum's consensus mechanism. We demonstrate how a single adversarial block proposer can orchestrate long-range chain reorganizations by manipulating Ethereum's reward system for timely votes. These attacks disrupt the intended balance of power between proposers and voters: by leveraging credible threats, the adversarial proposer can coerce voters from previous slots into supporting blocks that conflict with the honest chain, enabling a chain reorganization at no cost to the adversary. In response, we introduce a novel reward mechanism that restores the voters' role as a check against proposer power. Our proposed mitigation is fairer and more decentralized -- not only in the context of these attacks -- but also practical for implementation in Ethereum. |
| 2024-07-28 | Reputation-Driven Asynchronous Federated Learning for Enhanced Trajectory Prediction with Blockchain | Weiliang Chen et.al. | 2407.19428 | Federated learning combined with blockchain empowers secure data sharing in autonomous driving applications. Nevertheless, with the increasing granularity and complexity of vehicle-generated data, the lack of data quality audits raises concerns about multi-party mistrust in trajectory prediction tasks. In response, this paper proposes an asynchronous federated learning data sharing method based on an interpretable reputation quantization mechanism utilizing graph neural network tools. Data providers share data structures under differential privacy constraints to ensure security while reducing redundant data. We implement deep reinforcement learning to categorize vehicles by reputation level, which optimizes the aggregation efficiency of federated learning. Experimental results demonstrate that the proposed data sharing scheme not only reinforces the security of the trajectory prediction task but also enhances prediction accuracy. |
| 2024-07-27 | Smart Contracts, Smarter Payments: Innovating Cross Border Payments and Reporting Transactions | Maruf Ahmed Mridul et.al. | 2407.19283 | The global financial landscape is experiencing significant transformation driven by technological advancements and evolving market dynamics. Moreover, blockchain technology has become a pivotal platform with widespread applications, especially in finance. Cross-border payments have emerged as a key area of interest, with blockchain offering inherent benefits such as enhanced security, transparency, and efficiency compared to traditional banking systems. This paper presents a novel framework leveraging blockchain technology and smart contracts to emulate cross-border payments, ensuring interoperability and compliance with international standards such as ISO20022. Key contributions of this paper include a novel prototype framework for implementing smart contracts and web clients for streamlined transactions and a mechanism to translate ISO20022 standard messages. Our framework can provide a practical solution for secure, efficient, and transparent cross-border transactions, contributing to the ongoing evolution of global finance and the emerging landscape of decentralized finance. |
| 2024-07-26 | Task Offloading in Fog Computing with Deep Reinforcement Learning: Future Research Directions Based on Security and Efficiency Enhancements | Amir Pakmehr et.al. | 2407.19121 | The surge in Internet of Things (IoT) devices and data generation highlights the limitations of traditional cloud computing in meeting demands for immediacy, Quality of Service, and location-aware services. Fog computing emerges as a solution, bringing computation, storage, and networking closer to data sources. This study explores the role of Deep Reinforcement Learning in enhancing fog computing's task offloading, aiming for operational efficiency and robust security. By reviewing current strategies and proposing future research directions, the paper shows the potential of Deep Reinforcement Learning in optimizing resource use, speeding up responses, and securing against vulnerabilities. It suggests advancing Deep Reinforcement Learning for fog computing, exploring blockchain for better security, and seeking energy-efficient models to improve the Internet of Things ecosystem. Incorporating artificial intelligence, our results indicate potential improvements in key metrics, such as task completion time, energy consumption, and security incident reduction. These findings provide a concrete foundation for future research and practical applications in optimizing fog computing architectures. |
| 2024-07-26 | A Public Dataset For the ZKsync Rollup | Maria InĂŞs Silva et.al. | 2407.18699 | Despite blockchain data being publicly available, practical challenges and high costs often hinder its effective use by researchers, thus limiting data-driven research and exploration in the blockchain space. This is especially true when it comes to Layer~2 (L2) ecosystems, and ZKsync, in particular. To address these issues, we have curated a dataset from 1 year of activity extracted from a ZKsync Era archive node and made it freely available to external parties. In this paper, we provide details on this dataset and how it was created, showcase a few example analyses that can be performed with it, and discuss some future research directions. We also publish and share the code used in our analysis on GitHub to promote reproducibility and to support further research. |
| 2024-07-26 | Vulnerability Detection in Ethereum Smart Contracts via Machine Learning: A Qualitative Analysis | Dalila Ressi et.al. | 2407.18639 | Smart contracts are central to a myriad of critical blockchain applications, from financial transactions to supply chain management. However, their adoption is hindered by security vulnerabilities that can result in significant financial losses. Most vulnerability detection tools and methods available nowadays leverage either static analysis methods or machine learning. Unfortunately, as valuable as they are, both approaches suffer from limitations that make them only partially effective. In this survey, we analyze the state of the art in machine-learning vulnerability detection for Ethereum smart contracts, by categorizing existing tools and methodologies, evaluating them, and highlighting their limitations. Our critical assessment unveils issues such as restricted vulnerability coverage and dataset construction flaws, providing us with new metrics to overcome the difficulties that restrain a sound comparison of existing solutions. Driven by our findings, we discuss best practices to enhance the accuracy, scope, and efficiency of vulnerability detection in smart contracts. Our guidelines address the known flaws while at the same time opening new avenues for research and development. By shedding light on current challenges and offering novel directions for improvement, we contribute to the advancement of secure smart contract development and blockchain technology as a whole. |
| 2024-07-25 | Generative AI like ChatGPT in Blockchain Federated Learning: use cases, opportunities and future | Sai Puppala et.al. | 2407.18358 | Federated learning has become a significant approach for training machine learning models using decentralized data without necessitating the sharing of this data. Recently, the incorporation of generative artificial intelligence (AI) methods has provided new possibilities for improving privacy, augmenting data, and customizing models. This research explores potential integrations of generative AI in federated learning, revealing various opportunities to enhance privacy, data efficiency, and model performance. It particularly emphasizes the importance of generative models like generative adversarial networks (GANs) and variational autoencoders (VAEs) in creating synthetic data that replicates the distribution of real data. Generating synthetic data helps federated learning address challenges related to limited data availability and supports robust model development. Additionally, we examine various applications of generative AI in federated learning that enable more personalized solutions. |
| 2024-07-25 | Privacy Threats and Countermeasures in Federated Learning for Internet of Things: A Systematic Review | Adel ElZemity et.al. | 2407.18096 | Federated Learning (FL) in the Internet of Things (IoT) environments can enhance machine learning by utilising decentralised data, but at the same time, it might introduce significant privacy and security concerns due to the constrained nature of IoT devices. This represents a research challenge that we aim to address in this paper. We systematically analysed recent literature to identify privacy threats in FL within IoT environments, and evaluate the defensive measures that can be employed to mitigate these threats. Using a Systematic Literature Review (SLR) approach, we searched five publication databases (Scopus, IEEE Xplore, Wiley, ACM, and Science Direct), collating relevant papers published between 2017 and April 2024, a period which spans from the introduction of FL until now. Guided by the PRISMA protocol, we selected 49 papers to focus our systematic review on. We analysed these papers, paying special attention to the privacy threats and defensive measures -- specifically within the context of IoT -- using inclusion and exclusion criteria tailored to highlight recent advances and critical insights. We identified various privacy threats, including inference attacks, poisoning attacks, and eavesdropping, along with defensive measures such as Differential Privacy and Secure Multi-Party Computation. These defences were evaluated for their effectiveness in protecting privacy without compromising the functional integrity of FL in IoT settings. Our review underscores the necessity for robust and efficient privacy-preserving strategies tailored for IoT environments. Notably, there is a need for strategies against replay, evasion, and model stealing attacks. Exploring lightweight defensive measures and emerging technologies such as blockchain may help improve the privacy of FL in IoT, leading to the creation of FL models that can operate under variable network conditions. |
| 2024-07-25 | On the Design of Ethereum Data Availability Sampling: A Comprehensive Simulation Study | Arunima Chaudhuri et.al. | 2407.18085 | This paper presents an in-depth exploration of Data Availability Sampling (DAS) and sharding mechanisms within decentralized systems through simulation-based analysis. DAS, a pivotal concept in blockchain technology and decentralized networks, is thoroughly examined to unravel its intricacies and assess its impact on system performance. Through the development of a simulator tailored explicitly for DAS, we embark on a comprehensive investigation into the parameters that influence system behavior and efficiency. A series of experiments are conducted within the simulated environment to validate theoretical formulations and dissect the interplay of DAS parameters. This includes an exploration of approaches such as custody by row, variations in validators per node, and malicious nodes. The outcomes of these experiments furnish insights into the efficacy of DAS protocols and pave the way for the formulation of optimization strategies geared towards enhancing decentralized network performance. Moreover, the findings serve as guidelines for future research endeavors, offering a nuanced understanding of the complexities inherent in decentralized systems. This study not only contributes to the theoretical understanding of DAS but also offers practical implications for the design, implementation, and optimization of decentralized systems. |
| 2024-07-25 | An Exploration Study on Developing Blockchain Systems the Practitioners Perspective | Bakheet Aljedaani et.al. | 2407.18005 | Context: Blockchain-based software (BBS) exploits the concepts and technologies popularized by cryptocurrencies offering decentralized transaction ledgers with immutable content for security-critical and transaction critical systems. Recent research has explored the strategic benefits and technical limitations of BBS in various fields, including cybersecurity, healthcare, education, and financial technologies. Despite growing interest from academia and industry, there is a lack of empirical evidence, leading to an incomplete understanding of the processes, methods, and techniques necessary for systematic BBS development. Objectives: Existing research lacks a consolidated view, particularly empirically driven guidelines based on published evidence and development practices. This study aims to address the gap by consolidating empirical evidence and development practices to derive or leverage existing processes, patterns, and models for designing, implementing, and validating BBS systems. Method: Tied to this knowledge gap, we conducted a two-phase research project. First, a systematic literature review of 58 studies was performed to identify a development process comprising 23 tasks for BBS systems. Second, a survey of 102 blockchain practitioners from 35 countries across six continents was conducted to validate the BBS system development process. Results: Our results revealed a statistically significant difference (p-value <.001) in the importance ratings of 24 out of 26 BBS tasks by our participants. The only two tasks that were not statistically significant were incentive protocol design and granularity design. Conclusion: Our research is among the first to advance understanding on the aspect of development process for blockchain-based systems and helps researchers and practitioners in their quests on challenges and recommendations associated with the development of BBS systems |
| 2024-07-25 | Blockchain Takeovers in Web 3.0: An Empirical Study on the TRON-Steem Incident | Chao Li et.al. | 2407.17825 | A fundamental goal of Web 3.0 is to establish a decentralized network and application ecosystem, thereby enabling users to retain control over their data while promoting value exchange. However, the recent Tron-Steem takeover incident poses a significant threat to this vision. In this paper, we present a thorough empirical analysis of the Tron-Steem takeover incident. By conducting a fine-grained reconstruction of the stake and election snapshots within the Steem blockchain, one of the most prominent social-oriented blockchains, we quantify the marked shifts in decentralization pre and post the takeover incident, highlighting the severe threat that blockchain network takeovers pose to the decentralization principle of Web 3.0. Moreover, by employing heuristic methods to identify anomalous voters and conducting clustering analyses on voter behaviors, we unveil the underlying mechanics of takeover strategies employed in the Tron-Steem incident and suggest potential mitigation strategies, which contribute to the enhanced resistance of Web 3.0 networks against similar threats in the future. We believe the insights gleaned from this research help illuminate the challenges imposed by blockchain network takeovers in the Web 3.0 era, suggest ways to foster the development of decentralized technologies and governance, as well as to enhance the protection of Web 3.0 user rights. |
| 2024-07-25 | Utilizing Blockchain and Smart Contracts for Enhanced Fraud Prevention and Minimization in Health Insurance through Multi-Signature Claim Processing | Md Al Amin et.al. | 2407.17765 | Healthcare insurance provides financial support to access medical services for patients while ensuring timely and guaranteed payment for providers. Insurance fraud poses a significant challenge to insurance companies and policyholders, leading to increased costs and compromised healthcare treatment and service delivery. Most frauds, like phantom billing, upcoding, and unbundling, happen due to the lack of required entity participation. Also, claim activities are not transparent and accountable. Fraud can be prevented and minimized by involving every entity and making actions transparent and accountable. This paper proposes a blockchain-powered smart contract-based insurance claim processing mechanism to prevent and minimize fraud in response to this prevailing issue. All entities patients, providers, and insurance companies actively participate in the claim submission, approval, and acknowledgment process through a multi-signature technique. Also, every activity is captured and recorded in the blockchain using smart contracts to make every action transparent and accountable so that no entity can deny its actions and responsibilities. Blockchains' immutable storage property and strong integrity guarantee that recorded activities are not modified. As healthcare systems and insurance companies continue to deal with fraud challenges, this proposed approach holds the potential to significantly reduce fraudulent activities, ultimately benefiting both insurers and policyholders. |
| 2024-07-25 | Towards the Blockchain Massive Adoption with Permissionless Storage | Jia Kan et.al. | 2407.17761 | Blockchain technology emerged with the advent of Bitcoin and rapidly developed over the past few decades, becoming widely accepted and known by the public. However, in the past decades, the massive adoption of blockchain technology has yet to come. Rather than the scalability issue, the blockchain application is challenged by its expensive usage cost. However, the high cost of blockchain usage is deeply connected with the blockchain consensus and security mechanism. The permissionless blockchain must maintain its high cost for security against the 51% Attack. Chain users indirectly cover the cost as coins are appointed for blockchain usage fees. This conflict prevents the massive adoption of blockchain. Thus, blockchain must be improved to solve those problems: 1. The cost of blockchain usage should be low enough. 2. The blockchain should remain decentralized. 3. The scalability of blockchain must meet the demand. In my thesis, new approaches are applied to solve the issues above. The key contribution is the discovery of the useful PoW. It extends the Nakamoto PoW with another usage of file data encoding during the same Nakamoto Consensus computation to prove honest data preservation. Based on this theory, a permissionless storage network is proposed as the new security engine for the blockchain. It bridges the high blockchain security cost to the storage users with real demands who are willing to pay for the storage resource. On the other hand, the chain users can benefit from the low transaction fee. Meanwhile, we also provide a scalability solution to shard the blockchain. It enables high TPS and keeps decentralization. The solutions in this thesis provide the answers to all the dependencies of the massive adoption. |
| 2024-07-25 | SOK: Blockchain for Provenance | Asma Jodeiri Akbarfam et.al. | 2407.17699 | Provenance, which traces data from its creation to manipulation, is crucial for ensuring data integrity, reliability, and trustworthiness. It is valuable for single-user applications, collaboration within organizations, and across organizations. Blockchain technology has become a popular choice for implementing provenance due to its distributed, transparent, and immutable nature. Numerous studies on blockchain designs are specifically dedicated to provenance, and specialize in this area. Our goal is to provide a new perspective in blockchain based provenance field by identifying the challenges faced and suggesting future research directions. In this paper, we categorize the problem statement into three main research questions to investigate key issues comprehensively and propose a new outlook on the use of blockchains. The first focuses on challenges in non-collaborative, single-source environments, the second examines implications in collaborative environments and different domains such as supply chain, scientific collaboration and digital forensic, and the last one analyzes communication and data exchange challenges between organizations using different blockchains. The interconnected nature of these research questions ensures a thorough exploration of provenance requirements, leading to more effective and secure systems. After analyzing the requirements of provenance in different environments, we provide future design considerations for provenance-based blockchains, including blockchain type, query mechanisms, provenance capture methods, and domain-specific considerations. We also discuss future work and possible extensions in this field. |
| 2024-07-25 | SoK: Bridging Trust into the Blockchain. A Systematic Review on On-Chain Identity | Awid Vaziry et.al. | 2407.17276 | The ongoing regulation of blockchain-based services and applications requires the identification of users who are issuing transactions on the blockchain. This systematic review explores the current status, identifies research gaps, and outlines future research directions for establishing trusted and privacy-compliant identities on the blockchain (on-chain identity). A systematic search term was applied across various scientific databases, collecting 2232 potentially relevant research papers. These papers were narrowed down in two methodologically executed steps to 98 and finally to 13 relevant sources. The relevant articles were then systematically analyzed based on a set of screening questions. The results of the selected studies have provided insightful findings on the mechanisms of on-chain identities. On-chain identities are established using zero-knowledge proofs, public key infrastructure/certificates, and web of trust approaches. The technologies and architectures used by the authors are also highlighted. Trust has emerged as a key research gap, manifesting in two ways: firstly, a gap in how to trust the digital identity representation of a physical human; secondly, a gap in how to trust identity providers that issue identity confirmations on-chain. Potential future research avenues are suggested to help fill the current gaps in establishing trust and on-chain identities. |
| 2024-07-24 | Profitable Manipulations of Cryptographic Self-Selection are Statistically Detectable | Linda Cai et.al. | 2407.16949 | Cryptographic Self-Selection is a common primitive underlying leader-selection for Proof-of-Stake blockchain protocols. The concept was first popularized in Algorand [CM19], who also observed that the protocol might be manipulable. [FHWY22] provide a concrete manipulation that is strictly profitable for a staker of any size (and also prove upper bounds on the gains from manipulation). Separately, [YSZ23, BM24] initiate the study of undetectable profitable manipulations of consensus protocols with a focus on the seminal Selfish Mining strategy [ES14] for Bitcoin's Proof-of-Work longest-chain protocol. They design a Selfish Mining variant that, for sufficiently large miners, is strictly profitable yet also indistinguishable to an onlooker from routine latency (that is, a sufficiently large profit-maximizing miner could use their strategy to strictly profit over being honest in a way that still appears to the rest of the network as though everyone is honest but experiencing mildly higher latency. This avoids any risk of negatively impacting the value of the underlying cryptocurrency due to attack detection). We investigate the detectability of profitable manipulations of the canonical cryptographic self-selection leader selection protocol introduced in [CM19] and studied in [FHWY22], and establish that for any player with |
| 2024-07-23 | Blockchain security for ransomware detection | Elodie Ngoie Mutombo et.al. | 2407.16862 | Blockchain networks are critical for safeguarding digital transactions and assets, but they are increasingly targeted by ransomware attacks exploiting zero-day vulnerabilities. Traditional detection techniques struggle due to the complexity of these exploits and the lack of comprehensive datasets. The UGRansome dataset addresses this gap by offering detailed features for analysing ransomware and zero-day attacks, including timestamps, attack types, protocols, network flows, and financial impacts in bitcoins (BTC). This study uses the Lazy Predict library to automate machine learning (ML) on the UGRansome dataset. The study aims to enhance blockchain security through ransomware detection based on zero-day exploit recognition using the UGRansome dataset. Lazy Predict streamlines different ML model comparisons and identifies effective algorithms for threat detection. Key features such as timestamps, protocols, and financial data are used to predict anomalies as zero-day threats and to classify known signatures as ransomware. Results demonstrate that ML can significantly improve cybersecurity in blockchain environments. The DecisionTreeClassifier and ExtraTreeClassifier, with their high performance and low training times, are ideal candidates for deployment in real-time threat detection systems. |
| 2024-07-23 | Mobile Technology: A Panacea to Food Insecurity In Nigeria -- A Case Study of SELL HARVEST Application | Mudathir Muhammad Salahudeen et.al. | 2407.16614 | Over time, agriculture is the most consistent activity, and it evolves every day. It contributes to a vast majority of the Gross Domestic Product (GDP) of Nigeria but as ironic as it may be, there is still hunger in significant parts of the country due to low productivity in the agricultural sector and comparison to the geometric population growth. During the first half of 2022, agriculture contributed about 23% of the country's GDP while the industry and services sector had a share of the remaining 77%. This showed that with the high rate of agricultural activities, Nigeria has not achieved food security for the teeming population. and more productivity levels can be attained. Technology can/will assist Nigeria in overcoming global poverty and hunger quicker in both rural and urban areas. Today, there are many types of agricultural technologies available for farmers all over the world to increase productivity. Major technological advancements include indoor vertical farming, automation, robotics, livestock technology, modern greenhouse practices, precision agriculture, artificial intelligence, and blockchain. Mobile phones have one of the highest adoption rates of technologies developed within the last century. Digitalization will bring consumers and farmers closer together to access the shortest supply chain possible and reduce rural poverty and hunger. The paper will review the different agricultural technologies and propose a mobile solution, code Sell Harvest, to make farming more sustainable and secure food. Keywords: Sell Harvest, Agriculture, Technology, Artificial Intelligence, and Digital Farming. |
| 2024-07-23 | Manifoldchain: Maximizing Blockchain Throughput via Bandwidth-Clustered Sharding | Chunjiang Che et.al. | 2407.16295 | Bandwidth limitation is the major bottleneck that hinders scaling throughput of proof-of-work blockchains. To guarantee security, the mining rate of the blockchain is determined by the miners with the lowest bandwidth, resulting in an inefficient bandwidth utilization among fast miners. We propose Manifoldchain, an innovative blockchain sharding protocol that alleviates the impact of slow miners to maximize blockchain throughput. Manifoldchain utilizes a bandwidth-clustered shard formation mechanism that groups miners with similar bandwidths into the same shard. Consequently, this approach enables us to set an optimal mining rate for each shard based on its bandwidth, effectively reducing the waiting time caused by slow miners. Nevertheless, the adversary could corrupt miners with similar bandwidths, thereby concentrating hashing power and potentially creating an adversarial majority within a single shard. To counter this adversarial strategy, we introduce sharing mining, allowing the honest mining power of the entire network to participate in the secure ledger formation of each shard, thereby achieving the same level of security as an unsharded blockchain. Additionally, we introduce an asynchronous atomic commitment mechanism to ensure transaction atomicity across shards with various mining rates. Our theoretical analysis demonstrates that Manifoldchain scales linearly in throughput with the increase in shard numbers and inversely with network delay in each shard. We implement a full system prototype of Manifoldchain, comprehensively evaluated on both simulated and real-world testbeds. These experiments validate its vertical scalability with network bandwidth and horizontal scalability with network size, achieving a substantial improvement of 186% in throughput over baseline sharding protocols, for scenarios where bandwidths of miners range from 5Mbps to 60Mbps. |
| 2024-08-25 | Addressing Trust Issues for Vehicle to Grid in Distributed Power Grids Using Blockchains | Yunwang Chen et.al. | 2407.16180 | While blockchain offers inherent security, trust issues among stakeholders in vehicle-to-grid (V2G) applications remain unresolved due to a lack of regulatory frameworks and standardization. Additionally, a tailored decentralized privacy-preserved coordination scheme for blockchain in V2G networks is needed to ensure user privacy and efficient energy transactions. This paper proposes a V2G trading and coordination scheme tailored to the decentralized nature of blockchain as well as the interests of stakeholders utilizing smart charging points (SCPs) and Stackelberg game model. Case studies using real-world data from Southern University of Science and Technology demonstrate the efficacy of proposed scheme in reducing EV charging costs and the potential for supporting auxiliary grid services. |
| 2024-07-22 | Versioned Analysis of Software Quality Indicators and Self-admitted Technical Debt in Ethereum Smart Contracts with Ethstractor | Khalid Hassan et.al. | 2407.15967 | The rise of decentralized applications (dApps) has made smart contracts imperative components of blockchain technology. As many smart contracts process financial transactions, their security is paramount. Moreover, the immutability of blockchains makes vulnerabilities in smart contracts particularly challenging because it requires deploying a new version of the contract at a different address, incurring substantial fees paid in Ether. This paper proposes Ethstractor, the first smart contract collection tool for gathering a dataset of versioned smart contracts. The collected dataset is then used to evaluate the reliability of code metrics as indicators of vulnerabilities in smart contracts. Our findings indicate that code metrics are ineffective in signalling the presence of vulnerabilities. Furthermore, we investigate whether vulnerabilities in newer versions of smart contracts are mitigated and identify that the number of vulnerabilities remains consistent over time. Finally, we examine the removal of self-admitted technical debt in contracts and uncover that most of the introduced debt has never been subsequently removed. |
| 2024-07-19 | Blockchain in Healthcare: Implementing Hyperledger Fabric for Electronic Health Records at Frere Provincial Hospital | Abayomi Agbeyangi et.al. | 2407.15876 | As healthcare systems worldwide continue to grapple with the challenges of interoperability, data security, and accessibility, integrating emerging technologies becomes imperative. This paper investigates the implementation of blockchain technology, specifically Hyperledger Fabric, for Electronic Health Records (EHR) management at Frere Hospital in the Eastern Cape province of South Africa. The paper examines the benefits and challenges of integrating blockchain into healthcare information systems. Hyperledger Fabric's modular architecture is harnessed to create a secure, transparent, and decentralized platform for storing, managing, and sharing EHRs among stakeholders. The study used a mixed-methods approach, integrating case studies and data collection methods through observation and informal questions, with the specific goal of understanding current record management methods and challenges. This method offers practical insights and validates the approach. The result demonstrates the role of blockchain in transforming healthcare, framed within a rigorous exploration and analysis. The findings of this study have broader implications for healthcare institutions seeking advanced solutions to address the persistent challenges in electronic health record management. Ultimately, the research underscores the transformative potential of blockchain technology in healthcare settings, fostering trust, security, and efficiency in the management of sensitive patient data. |
| 2024-07-22 | Cryptoeconomics and Tokenomics as Economics: A Survey with Opinions | Kensuke Ito et.al. | 2407.15715 | This paper surveys products and studies on cryptoeconomics and tokenomics from an economic perspective, as these terms are still (i) ill-defined and (ii) disconnected from economic disciplines. We first suggest that they can be novel when integrated; we then conduct a literature review and case study following consensus-building for decentralization and token value for autonomy. Integration requires simultaneous consideration of strategic behavior, spamming, Sybil attacks, free-riding, marginal cost, marginal utility and stabilizers. This survey is the first systematization of knowledge on cryptoeconomics and tokenomics, aiming to bridge the contexts of economics and blockchain. |
| 2024-08-03 | Dressed to Gamble: How Poker Drives the Dynamics of Wearables and Visits on Decentraland's Social Virtual World | Amaury Trujillo et.al. | 2407.15625 | Decentraland is a blockchain-based social virtual world touted to be a creative space owned by its community. In it, users can publish wearables used to customize avatars, which can be then sold or given away via blockchain transfers. Decentral Games (DG), a single project owning prominent in-world casinos, has by far created the most wearables, necessary to earn cryptocurrency in its flagship game ICE Poker. Herein, we present a comprehensive study on how DG and ICE Poker influence the dynamics of wearables and in-world visits in Decentraland. To this end, we analyzed 5.9 million wearable transfers made on the Polygon blockchain (and related sales) over a two-year period, and 677 million log events of in-world user positions in an overlapping 10-month period. We found that the platform-wise number of transfers and sales monetary value of wearables were disproportionally related to DG, and that its two ICE Poker casinos (less than 0.1% of the world map) represented a very large average share of daily unique visitors (33%) and time spent in the virtual world (20%). Despite several alternative in-world economic and artistic initiatives in Decentraland, some of which have attracted much attention from the general public, a single third-party online poker game appears to be the main driver of the analyzed dynamics. Our work thus contributes to the current understanding of user behavior in social virtual worlds, and it is among the first to study the emerging phenomenon of blockchain-based online gambling in virtual reality spaces. |
| 2024-07-22 | Sustainable broadcasting in Blockchain Network with Reinforcement Learning | Danila Valko et.al. | 2407.15616 | link |
| 2024-07-22 | Semi-Supervised Learning for Anomaly Detection in Blockchain-based Supply Chains | Do Hai Son et.al. | 2407.15603 | link |
| 2024-07-21 | AGORA: Open More and Trust Less in Binary Verification Service | Hongbo Chen et.al. | 2407.15062 | Binary verification plays a pivotal role in software security, yet building a verification service that is both open and trustworthy poses a formidable challenge. In this paper, we introduce a novel binary verification service, AGORA, scrupulously designed to overcome the challenge. At the heart of this approach lies a strategic insight: certain tasks can be delegated to untrusted entities, while the corresponding validators are securely housed within the trusted computing base (TCB). AGORA can validate untrusted assertions generated for versatile policies. Through a novel blockchain-based bounty task manager, it also utilizes crowdsourcing to remove trust in theorem provers. These synergistic techniques successfully ameliorate the TCB size burden associated with two procedures: binary analysis and theorem proving. The design of AGORA allows untrusted parties to participate in these complex processes. Moreover, based on running the optimized TCB within trusted execution environments and recording the verification process on a blockchain, the public can audit the correctness of verification results. By implementing verification workflows for software-based fault isolation policy and side-channel mitigation, our evaluation demonstrates the efficacy of AGORA. |
| 2024-07-20 | Political Leanings in Web3 Betting: Decoding the Interplay of Political and Profitable Motives | Hongzhou Chen et.al. | 2407.14844 | Harnessing the transparent blockchain user behavior data, we construct the Political Betting Leaning Score (PBLS) to measure political leanings based on betting within Web3 prediction markets. Focusing on Polymarket and starting from the 2024 U.S. Presidential Election, we synthesize behaviors over 15,000 addresses across 4,500 events and 8,500 markets, capturing the intensity and direction of their political leanings by the PBLS. We validate the PBLS through internal consistency checks and external comparisons. We uncover relationships between our PBLS and betting behaviors through over 800 features capturing various behavioral aspects. A case study of the 2022 U.S. Senate election further demonstrates the ability of our measurement while decoding the dynamic interaction between political and profitable motives. Our findings contribute to understanding decision-making in decentralized markets, enhancing the analysis of behaviors within Web3 prediction environments. The insights of this study reveal the potential of blockchain in enabling innovative, multidisciplinary studies and could inform the development of more effective online prediction markets, improve the accuracy of forecast, and help the design and optimization of platform mechanisms. The data and code for the paper are accessible at the following link: https://github.com/anonymous. |
| 2024-07-19 | Quantifying the Blockchain Trilemma: A Comparative Analysis of Algorand, Ethereum 2.0, and Beyond | Yihang Fu et.al. | 2407.14335 | link |
| 2024-07-19 | Why to DAO: a narrative analysis of the drivers of tokenized Exit to Community | Tara Merk et.al. | 2407.14327 | This paper asks why startups in the blockchain industry are exiting to Decentralized Autonomous Organizations (DAOs), an outstanding phenomena in the wider digital economy which has tended to retain centralized ownership and governance rights of many platforms, products and protocols. Drawing on a narrative analysis of three case studies, I find three possible drivers: (1) exit to DAO is motivated by both financial and stewardship goals which it simultaneously promises to realize via the issuance of tokens; (2) exit to DAO adds an additional layer of ownership and governance rights via tokens, without requiring existing rights to be relinquished, thus making it a lucrative strategy; and (3) markets, laws and social norms underpinning the broader environment in which exits to DAO occur, seem to play an important role in driving the decision. This paper contributes to the academic literature by situating DAOs as a hybrid (and perhaps incomplete) entrepreneurial exit strategy and identifying plausible drivers of the phenomenon which warrant further dedicated research. |
| 2024-07-19 | Theoretical Analysis on Block Time Distributions in Byzantine Fault-Tolerant Consensus Blockchains | Akihiro Fujihara et.al. | 2407.14299 | Some blockchain networks employ a distributed consensus algorithm featuring Byzantine fault tolerance. Notably, certain public chains, such as Cosmos and Tezos, which operate on a proof-of-stake mechanism, have adopted this algorithm. While it is commonly assumed that these blockchains maintain a nearly constant block creation time, empirical analysis reveals fluctuations in this interval; this phenomenon has received limited attention. In this paper, we propose a mathematical model to account for the processes of block propagation and validation within Byzantine fault-tolerant consensus blockchains, aiming to theoretically analyze the probability distribution of block time. First, we propose stochastic processes governing the broadcasting communications among validator nodes. Consequently, we theoretically demonstrate that the probability distribution of broadcast time among validator nodes adheres to the Gumbel distribution. This finding indicates that the distribution of block time typically arises from convolving multiple Gumbel distributions. Additionally, we derive an approximate formula for the block time distribution suitable for data analysis purposes. By fitting this approximation to real-world block time data, we demonstrate the consistent estimation of block time distribution parameters. |
| 2024-07-19 | A Secure and Efficient Distributed Semantic Communication System for Heterogeneous Internet of Things Devices | Weihao Zeng et.al. | 2407.14140 | Semantic communications have emerged as a promising solution to address the challenge of efficient communication in rapidly evolving and increasingly complex Internet of Things (IoT) networks. However, protecting the security of semantic communication systems within the distributed and heterogeneous IoT networks is critical issues that need to be addressed. We develop a secure and efficient distributed semantic communication system in IoT scenarios, focusing on three aspects: secure system maintenance, efficient system update, and privacy-preserving system usage. Firstly, we propose a blockchain-based interaction framework that ensures the integrity, authentication, and availability of interactions among IoT devices to securely maintain system. This framework includes a novel digital signature verification mechanism designed for semantic communications, enabling secure and efficient interactions with semantic communications. Secondly, to improve the efficiency of interactions, we develop a flexible semantic communication scheme that leverages compressed semantic knowledge bases. This scheme reduces the data exchange required for system update and is adapt to dynamic task requirements and the diversity of device capabilities. Thirdly, we exploit the integration of differential privacy into semantic communications. We analyze the implementation of differential privacy taking into account the lossy nature of semantic communications and wireless channel distortions. An joint model-channel noise mechanism is introduced to achieve differential privacy preservation in semantic communications without compromising the system's functionality. Experiments show that the system is able to achieve integrity, availability, efficiency and the preservation of privacy. |
| 2024-09-21 | A trustworthy blockchain-based energy trading scheme for V2G operations in distributed power grids via integrated scheduling and trading framework | Yunwang Chen et.al. | 2407.13988 | The rapid growth of electric vehicles (EVs) and the deployment of vehicle-to-grid (V2G) technology pose significant challenges for distributed power grids, particularly in fostering trust and ensuring effective coordination among stakeholders. In this paper, we developed an integrated scheduling and trading framework to conduct transparent and efficacious coordination in V2G operations. In blockchain implementation, we propose a cyber-physical blockchain architecture that enhances transaction efficiency and scalability by leveraging smart charging points (SCPs) for rapid transaction validation through a fast-path practical byzantine fault tolerance (fast-path PBFT) consensus mechanism. From the energy dispatching perspective, a game-theoretical pricing strategy is employed and smart contracts are utilized for autonomous decision-making between EVs and operators, aiming to optimize the trading process and maximize economic benefits. Numerical evaluation of blockchain consensus shows the effect of the fast-path PBFT consensus in improving systems scalability with a balanced trade-off in robustness. A case study, utilizing real-world data from the Southern University of Science and Technology (SUSTech), demonstrates significant reductions in EV charging costs and the framework potential to support auxiliary grid services. |
| 2024-07-18 | SecureVAX: A Blockchain-Enabled Secure Vaccine Passport System | Debendranath Das et.al. | 2407.13852 | A vaccine passport serves as documentary proof, providing passport holders with greater freedom while roaming around during pandemics. It confirms vaccination against certain infectious diseases like COVID-19, Ebola, and flu. The key challenges faced by the digital vaccine passport system include passport forgery, unauthorized data access, and inaccurate information input by vaccination centers. Privacy concerns also need to be addressed to ensure that the user's personal identification information (PII) is not compromised. Additionally, it is necessary to track vaccine vials or doses to verify their authenticity, prevent misuse and illegal sales, as well as to restrict the illicit distribution of vaccines. To address these challenges, we propose a Blockchain-Enabled Secure Vaccine Passport System, leveraging the power of smart contracts. Our solution integrates off-chain and on-chain cryptographic computations, facilitating secure communication among various entities. We have utilized the InterPlanetary File System (IPFS) to store encrypted vaccine passports of citizens securely. Our prototype is built on the Ethereum platform, with smart contracts deployed on the Sepolia Test network, allowing for performance evaluation and validation of the system's effectiveness. By combining IPFS as a distributed data storage platform and Ethereum as a blockchain platform, our solution paves the way for secure, efficient, and globally interoperable vaccine passport management, supporting comprehensive vaccination initiatives worldwide. |
| 2024-07-18 | Decentralised Governance for Autonomous Cyber-Physical Systems | Kelsie Nabben et.al. | 2407.13566 | This paper examines the potential for Cyber-Physical Systems (CPS) to be governed in a decentralised manner, whereby blockchain-based infrastructure facilitates the communication between digital and physical domains through self-governing and self-organising principles. Decentralised governance paradigms that integrate computation in physical domains (such as 'Decentralised Autonomous Organisations' (DAOs)) represent a novel approach to autono-mous governance and operations. These have been described as akin to cybernetic systems. Through the lens of a case study of an autonomous cabin called "no1s1" which demonstrates self-ownership via blockchain-based control and feedback loops, this research explores the potential for blockchain infrastructure to be utilised in the management of physical systems. By highlighting the considerations and challenges of decentralised governance in managing autonomous physical spaces, the study reveals that autonomy in the governance of autonomous CPS is not merely a technological feat but also involves a complex mesh of functional and social dynamics. These findings underscore the importance of developing continuous feedback loops and adaptive governance frameworks within decentralised CPS to address both expected and emergent challenges. This investigation contributes to the fields of infra-structure studies and Cyber-Physical Systems engineering. It also contributes to the discourse on decentralised governance and autonomous management of physical spaces by offering both practical insights and providing a framework for future research. |
| 2024-07-24 | Proof-of-Collaborative-Learning: A Multi-winner Federated Learning Consensus Algorithm | Amirreza Sokhankhosh et.al. | 2407.13018 | Regardless of their variations, blockchains require a consensus mechanism to validate transactions, supervise added blocks, maintain network security, synchronize the network state, and distribute incentives. Proof-of-Work (PoW), one of the most influential implementations of consensus mechanisms, consumes an extraordinary amount of energy for a task that lacks direct productive output. In this paper, we propose Proof-of-Collaborative-Learning (PoCL), a multi-winner federated learning validated consensus mechanism that redirects the computation power of blockchains to train federated learning models. In addition, we present a novel evaluation mechanism to ensure the efficiency of the locally trained models of miners. We evaluated the security of our evaluation mechanism by introducing and conducting probable attacks. Moreover, we present a novel reward distribution mechanism to incentivize winning miners fairly, and demonstrate that our reward system is fair both within and across all rounds. |
| 2024-07-19 | Automated Gateways: A Smart Contract-Powered Solution for Interoperability Across Blockchains | Koosha Esmaeilzadeh Khorasani et.al. | 2407.13001 | Interoperability is a significant challenge in blockchain technology, hindering seamless data and service sharing across diverse blockchain networks. This study introduces Automated Gateways as a novel framework leveraging smart contracts to facilitate interoperability. Unlike existing solutions, which often require adopting new technologies or relying on external services, Automated Gateways framework is integrated directly with a blockchain's core infrastructure to enhance systems with built-in interoperability features. By implementing fine-grained access control mechanisms, smart contracts within this framework manage accessibility and authorization for cross-chain interactions and facilitate streamlining the selective sharing of services between blockchains. Our evaluation demonstrates the framework's capability to handle cross-chain interactions efficiently, significantly reduce operational complexities, and uphold transactional integrity and security across different blockchain networks. With its focus on user-friendliness, self-managed permissions, and independence from external platforms, this framework is designed to achieve broader adoption within the blockchain community. |
| 2024-07-19 | The need of a self for self-driving cars a theoretical model applying homeostasis to self driving | Martin Schmalzried et.al. | 2407.12795 | This paper explores the concept of creating a "self" for self-driving cars through a homeostatic architecture designed to enhance their autonomy, safety, and efficiency. The proposed system integrates inward focused sensors to monitor the car's internal state, such as the condition of its metal bodywork, wheels, engine, and battery, establishing a baseline homeostatic state representing optimal functionality. Outward facing sensors, like cameras and LIDAR, are then interpreted via their impact on the car's homeostatic state by quantifying deviations from homeostasis. This contrasts with the approach of trying to make cars "see" reality in a similar way to humans and identify elements in their reality in the same way humans. Virtual environments would be leveraged to accelerate training. Additionally, cars are programmed to communicate and share experiences via blockchain technology, learning from each other's mistakes while maintaining individualized training models. A dedicated language for self-driving cars is proposed to enable nuanced interpretation and response to environmental data. This architecture allows self-driving cars to dynamically adjust their behavior based on internal and external feedback, promoting cooperation and continuous improvement. The study concludes by discussing the broader implications for AI development, potential real-world applications, and future research directions. |
| 2024-07-16 | L2AI: lightweight three-factor authentication and authorization in IOMT blockchain-based environment | Laleh Khajehzadeh et.al. | 2407.12187 | Medical Internet of Things (IoMT) is the next frontier in the digital revolution and is utilized in healthcare. In this context, IoT enables individuals to remotely manage their essential activities with minimal interaction. However, the limitations of network resources and the challenges of establishing a secure channel, as well as sharing and collecting sensitive information through an insecure public channel, pose security challenges for the medical IoT. This paper presents a lightweight multi-factor authentication and anonymous user authentication scheme to access real-time data in a blockchain-based environment. The scheme utilizes an insecure channel called L2AI. L2AI ensures security and efficiency while enhancing user anonymity through the use of pseudo-identity and dynamic indexing. The proposed method supports highly scalable systems with an efficient user registration process, allowing authenticated users to access both existing and newly added system entities without additional processes. Although the scheme is primarily designed for large systems, such as health infrastructure, it is also suitable for resource-constrained devices. The scheme relies on one-way cryptographic hashing functions and bitwise XOR operations. Additionally, a fuzzy mining algorithm is employed on the user side to verify the user's biometric information. L2AI adopts the "Real-Or-Random (ROR)" model for security proof and employs BAN logic for proof of authenticity. Formal security verification is conducted using the "Automatic Validation of Internet Security Protocols and Programs" (Proverif) tool, complemented by informal security analysis demonstrating the proper functionality of L2AI. |
| 2024-07-16 | The Latency Price of Threshold Cryptosystem in Blockchains | Zhuolun Xiang et.al. | 2407.12172 | Threshold cryptography is essential for many blockchain protocols. For example, many protocols rely on threshold common coin to implement asynchronous consensus, leader elections, and provide support for randomized applications. Similarly, threshold signature schemes are frequently used for protocol efficiency and state certification, and threshold decryption and threshold time-lock puzzles are often necessary for privacy. In this paper, we study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols with a focus on latency. More specifically, we focus on blockchain-native threshold cryptosystem, where the blockchain validators seek to run a threshold cryptographic protocol once for every block with the block contents as an input to the threshold cryptographic protocol. All existing approaches for blockchain-native threshold cryptosystems introduce a latency overhead of at least one message delay for running the threshold cryptographic protocol. In this paper, we first propose a mechanism to eliminate this overhead for blockchain-native threshold cryptosystems with tight thresholds, i.e., in threshold cryptographic protocols where the secrecy and reconstruction thresholds are the same. However, many real-world proof-of-stake-based blockchain-native threshold cryptosystems rely on ramp thresholds, where reconstruction thresholds are strictly greater than secrecy thresholds. For these blockchains, we formally demonstrate that the additional delay is unavoidable. We then introduce a mechanism to minimize this delay in the optimistic case. We implement our optimistic protocol for the proof-of-stake distributed randomness scheme on the Aptos blockchain. Our measurements from the Aptos mainnet show that the optimistic approach reduces latency overhead by 71%. |
| 2024-07-16 | Gaming and Blockchain: Hype and Reality | Max McGuinness et.al. | 2407.12134 | This paper explores the adoption of blockchain technology in the gaming industry. While supporters affirm that distributed ledger technology has potential to revolutionize gaming economies and provide players with control over their virtual assets, there are practical challenges such as energy consumption and user adoption to be addressed, and detractors question whether blockchain integration is even necessary. This report characterises popular blockchain-based gaming projects like Enjin and Axie Infinity, then compares metrics such as transaction cost and player feedback to evaluate the longevity of blockchain-integrated gaming as a whole. |
| 2024-07-15 | Blockchain Governance: An Empirical Analysis of User Engagement on DAOs | Brett Falk et.al. | 2407.10945 | link |
| 2024-07-15 | MARTSIA: Safeguarding Data Confidentiality in Blockchain-Driven Process Execution | Michele Kryston et.al. | 2407.10684 | Blockchain technology streamlines multi-party collaborations in decentralized settings, especially where trust is limited. While public blockchains enhance transparency and reliability, they conflict with confidentiality. To address this, we introduce Multi-Authority Approach to Transaction Systems for Interoperating Applications (MARTSIA). MARTSIA provides read-access control at the message-part level through user-defined policies and certifier-declared attributes, so that only authorized actors can interpret encrypted data while all blockchain nodes can verify its integrity. To this end, MARTSIA resorts to blockchain, Multi-Authority Attribute-Based Encryption and distributed hash-table data-stores. |
| 2024-07-15 | Investigating shocking events in the Ethereum stablecoin ecosystem through temporal multilayer graph structure | Cheick Tidiane Ba et.al. | 2407.10614 | In the dynamic landscape of the Web, we are witnessing the emergence of the Web3 paradigm, which dictates that platforms should rely on blockchain technology and cryptocurrencies to sustain themselves and their profitability. Cryptocurrencies are characterised by high market volatility and susceptibility to substantial crashes, issues that require temporal analysis methodologies able to tackle the high temporal resolution, heterogeneity and scale of blockchain data. While existing research attempts to analyse crash events, fundamental questions persist regarding the optimal time scale for analysis, differentiation between long-term and short-term trends, and the identification and characterisation of shock events within these decentralised systems. This paper addresses these issues by examining cryptocurrencies traded on the Ethereum blockchain, with a spotlight on the crash of the stablecoin TerraUSD and the currency LUNA designed to stabilise it. Utilising complex network analysis and a multi-layer temporal graph allows the study of the correlations between the layers representing the currencies and system evolution across diverse time scales. The investigation sheds light on the strong interconnections among stablecoins pre-crash and the significant post-crash transformations. We identify anomalous signals before, during, and after the collapse, emphasising their impact on graph structure metrics and user movement across layers. This paper pioneers temporal, cross-chain graph analysis to explore a cryptocurrency collapse. It emphasises the importance of temporal analysis for studies on web-derived data and how graph-based analysis can enhance traditional econometric results. Overall, this research carries implications beyond its field, for example for regulatory agencies aiming to safeguard users from shocks and monitor investment risks for citizens and clients. |
| 2024-07-14 | The Feasibility of a Smart Contract "Kill Switch" | Oshani Seneviratne et.al. | 2407.10302 | The advent of blockchain technology and its adoption across various sectors have raised critical discussions about the need for regulatory mechanisms to ensure consumer protection, maintain financial stability, and address privacy concerns without compromising the foundational principles of decentralization and immutability inherent in blockchain platforms. We examine the existing mechanisms for smart contract termination across several major blockchain platforms, including Ethereum, BNB Smart Chain, Cardano, Solana, Hyperledger Fabric, Corda, IOTA, Apotos, and Sui. We assess the compatibility of these mechanisms with the requirements of the EU Data Act, focusing on aspects such as consumer protection, error correction, and regulatory compliance. Our analysis reveals a diverse landscape of approaches, from immutable smart contracts with built-in termination conditions to upgradable smart contracts that allow for post-deployment modifications. We discuss the challenges associated with implementing the so-called smart contract "kill switches," such as the balance between enabling regulatory compliance and preserving the decentralized ethos, the technical feasibility of such mechanisms, and the implications for security and trust in the ecosystem. |
| 2024-07-14 | Identity Chain | Mahdi Darabi et.al. | 2407.10187 | The first generation of cryptocurrencies introduced revolutionary concepts, yet faced challenges in privacy and regulatory compliance. While subsequent cryptocurrencies aimed to address privacy concerns (like Zcash and Monero), they often conflicted with regulatory frameworks, hindering broader adoption. In response, inspired by recent researches about privacy and accountability and incentive techniques in Blockchain, we propose IdentityChain as a novel framework that integrates privacy and accountability principles, leading to a robust system equipped with adaptable rules. IdentityChain is a KYC (Know Your Customer) service on top of a public Blockchain (e.g., Ethereum, Ton, Polygon). The goal is to maintain privacy while ensuring compliance with existing regulations. Privacy is one of the key characteristics of IdentityChain, it's crucial for preventing conflicts of interests further discussed how. Accountability is also one of the main characteristics of IdentityChain and prevents from misbehave of users. Privacy and accountability together wouldn't be possible unless advancements in cryptography. |
| 2024-07-14 | OpenTracer: A Dynamic Transaction Trace Analyzer for Smart Contract Invariant Generation and Beyond | Zhiyang Chen et.al. | 2407.10039 | link |
| 2024-07-12 | Thunderbolt: Causal Concurrent Consensus and Execution | Junchao Chen et.al. | 2407.09409 | In the realm of blockchain systems, smart contracts have gained widespread adoption owing to their programmability. Consequently, developing a system capable of facilitating high throughput and scalability is of paramount importance. Directed acyclic graph (DAG) consensus protocols have demonstrated notable enhancements in both throughput and latency, however, the serial execution is now becoming a bottleneck. Numerous approaches prove impractical for smart contracts by assuming that read/write sets are known in prior. This paper introduces Thunderbolt, a novel architecture based on DAG-based protocols, that aims to furnish a scalable and concurrent execution for smart contract transactions. Inspired by Hyperledger, Thunderbolt also expands Execute-Order-Validate architecture in which transactions are distributed into distinct replicas, with execution outcomes determined prior to ordering through the DAG-based protocol. Existing protocols adopt serial executions after the ordering to avoid non-determinism. However, Thunderbolt provides parallel pre-execution before the ordering as well as parallel verifications once any source of non-determinism is removed. Each replica validates the transaction results during the construction of the DAG other than after the ordering following the construction to improve the latency. In an effort to enhance smart contract execution, we implement an execution engine that constructs a dependency graph to dynamically assign transaction orders, thus mitigating abort rates due to execution conflicts. Additionally, we introduce a novel shard reconfiguration to withstand malicious attacks by relocating replicas from the current DAG to a new DAG, and rotating the shards among different replicas. Our comparison of the results on SmallBank with serial execution on Narwhal-Tusk revealed a remarkable 50 times speedup with 64 replicas. |
| 2024-07-12 | Private Blockchain-based Procurement and Asset Management System with QR Code | Alonel A. Hugo et.al. | 2407.09353 | The developed system aims to incorporate a private blockchain technology in the procurement process for the supply office. The procurement process includes the canvassing, purchasing, delivery and inspection of items, inventory, and disposal. The blockchain-based system includes a distributed ledger technology, peer-to-peer network, Proof-of-Authority consensus mechanism, and SHA3-512 cryptographic hash function algorithm. This will ensure trust and proper accountability to the custodian of the property while safeguarding sensitive information in the procurement records. The extreme prototyping model will be used as software development life cycle. It is mostly used for web-based applications and has an increased user involvement. The prototype version of the system allows the users get a better understanding of the system being developed. It also reduces the time and cost, has quicker user feedback, missing and difficult functions can be recognized, and confusing processes can be addressed on an early stage. The implementation of a private blockchain technology has an increased privacy, enhanced security, improved efficiency, and reduced complexity over traditional blockchain network. The use of SHA3-512 as cryptographic hash function algorithm is much faster than its predecessors when cryptography is handled by hardware components. Furthermore, it is not vulnerable to length extension attacks making it reliable in terms of security of data. The study recommends the use of private blockchain-based technology with the procurement and asset management system in the supply office. The procurement records will be protected against tampering using this technology. This will promote trust and confidence of the stakeholders. The implementation of blockchain technology in developing a system served as advancement and innovation in terms of securing data. |
| 2024-07-11 | Balancing Participation and Decentralization in Proof-of-Stake Cryptocurrencies | Aggelos Kiayias et.al. | 2407.08686 | Proof-of-stake blockchain protocols have emerged as a compelling paradigm for organizing distributed ledger systems. In proof-of-stake (PoS), a subset of stakeholders participate in validating a growing ledger of transactions. For the safety and liveness of the underlying system, it is desirable for the set of validators to include multiple independent entities as well as represent a non-negligible percentage of the total stake issued. In this paper, we study a secondary form of participation in the transaction validation process, which takes the form of stake delegation, whereby an agent delegates their stake to an active validator who acts as a stake pool operator. We study payment schemes that reward agents as a function of their collective actions regarding stake pool operation and delegation. Such payment schemes serve as a mechanism to incentivize participation in the validation process while maintaining decentralization. We observe natural trade-offs between these objectives and the total expenditure required to run the relevant payment schemes. Ultimately, we provide a family of payment schemes which can strike different balances between these competing objectives at equilibrium in a Bayesian game theoretic framework. |
| 2024-07-09 | SpiralShard: Highly Concurrent and Secure Blockchain Sharding via Linked Cross-shard Endorsement | You Lin et.al. | 2407.08651 | Blockchain sharding improves the scalability of blockchain systems by partitioning the whole blockchain state, nodes, and transaction workloads into different shards. However, existing blockchain sharding systems generally suffer from a small number of shards, resulting in limited concurrency. The main reason is that existing sharding systems require large shard sizes to ensure security. To enhance the concurrency of blockchain sharding securely, we propose SpiralShard. The intuition is to allow the existence of some shards with a larger fraction of malicious nodes (i.e., corrupted shards), thus reducing shard sizes. SpiralShard can configure more and smaller shards for higher concurrency at the same network size. To ensure security with the existence of corrupted shards, we propose the Linked Cross-shard Endorsement (LCE) protocol. According to our LCE protocol, the blocks of each shard are sequentially verified and endorsed by a group of shards before being finalized. As a result, a corrupted shard can eliminate forks with the help of the other shards. We implement SpiralShard based on Harmony and conduct extensive evaluations. Experimental results show that, compared with Harmony, SpiralShard achieves around 19x throughput gain under a large network size with 4,000+ nodes. |
| 2024-07-11 | Performance Evaluation of Hashing Algorithms on Commodity Hardware | Marut Pandya et.al. | 2407.08284 | Hashing functions, which are created to provide brief and erratic digests for the message entered, are the primary cryptographic primitives used in blockchain networks. Hashing is employed in blockchain networks to create linked block lists, which offer safe and secure distributed repository storage for critical information. Due to the unique nature of the hash search problem in blockchain networks, the most parallelization of calculations is possible. This technical report presents a performance evaluation of three popular hashing algorithms Blake3, SHA-256, and SHA-512. These hashing algorithms are widely used in various applications, such as digital signatures, message authentication, and password storage. It then discusses the performance metrics used to evaluate the algorithms, such as hash rate/throughput and memory usage. The evaluation is conducted on a range of hardware platforms, including desktop and VMs. The evaluation includes synthetic benchmarks. The results of the evaluation show that Blake3 generally outperforms both SHA-256 and SHA-512 in terms of throughput and latency. However, the performance advantage of Blake3 varies depending on the specific hardware platform and the size of the input data. The report concludes with recommendations for selecting the most suitable hashing algorithm for a given application, based on its performance requirements and security needs. The evaluation results can also inform future research and development efforts to improve the performance and security of hashing algorithms. |
| 2024-07-10 | A Comprehensive Survey on the Security of Smart Grid: Challenges, Mitigations, and Future Research Opportunities | Arastoo Zibaeirad et.al. | 2407.07966 | In this study, we conduct a comprehensive review of smart grid security, exploring system architectures, attack methodologies, defense strategies, and future research opportunities. We provide an in-depth analysis of various attack vectors, focusing on new attack surfaces introduced by advanced components in smart grids. The review particularly includes an extensive analysis of coordinated attacks that incorporate multiple attack strategies and exploit vulnerabilities across various smart grid components to increase their adverse impact, demonstrating the complexity and potential severity of these threats. Following this, we examine innovative detection and mitigation strategies, including game theory, graph theory, blockchain, and machine learning, discussing their advancements in counteracting evolving threats and associated research challenges. In particular, our review covers a thorough examination of widely used machine learning-based mitigation strategies, analyzing their applications and research challenges spanning across supervised, unsupervised, semi-supervised, ensemble, and reinforcement learning. Further, we outline future research directions and explore new techniques and concerns. We first discuss the research opportunities for existing and emerging strategies, and then explore the potential role of new techniques, such as large language models (LLMs), and the emerging threat of adversarial machine learning in the future of smart grid security. |
| 2024-07-08 | Vulnerability Detection in Smart Contracts: A Comprehensive Survey | Christopher De Baets et.al. | 2407.07922 | In the growing field of blockchain technology, smart contracts exist as transformative digital agreements that execute transactions autonomously in decentralised networks. However, these contracts face challenges in the form of security vulnerabilities, posing significant financial and operational risks. While traditional methods to detect and mitigate vulnerabilities in smart contracts are limited due to a lack of comprehensiveness and effectiveness, integrating advanced machine learning technologies presents an attractive approach to increasing effective vulnerability countermeasures. We endeavour to fill an important gap in the existing literature by conducting a rigorous systematic review, exploring the intersection between machine learning and smart contracts. Specifically, the study examines the potential of machine learning techniques to improve the detection and mitigation of vulnerabilities in smart contracts. We analysed 88 articles published between 2018 and 2023 from the following databases: IEEE, ACM, ScienceDirect, Scopus, and Google Scholar. The findings reveal that classical machine learning techniques, including KNN, RF, DT, XG-Boost, and SVM, outperform static tools in vulnerability detection. Moreover, multi-model approaches integrating deep learning and classical machine learning show significant improvements in precision and recall, while hybrid models employing various techniques achieve near-perfect performance in vulnerability detection accuracy. By integrating state-of-the-art solutions, this work synthesises current methods, thoroughly investigates research gaps, and suggests directions for future studies. The insights gathered from this study are intended to serve as a seminal reference for academics, industry experts, and bodies interested in leveraging machine learning to enhance smart contract security. |
| 2024-07-08 | A Trustworthy AIoT-enabled Localization System via Federated Learning and Blockchain | Junfei Wang et.al. | 2407.07921 | There is a significant demand for indoor localization technology in smart buildings, and the most promising solution in this field is using RF sensors and fingerprinting-based methods that employ machine learning models trained on crowd-sourced user data gathered from IoT devices. However, this raises security and privacy issues in practice. Some researchers propose to use federated learning to partially overcome privacy problems, but there still remain security concerns, e.g., single-point failure and malicious attacks. In this paper, we propose a framework named DFLoc to achieve precise 3D localization tasks while considering the following two security concerns. Particularly, we design a specialized blockchain to decentralize the framework by distributing the tasks such as model distribution and aggregation which are handled by a central server to all clients in most previous works, to address the issue of the single-point failure for a reliable and accurate indoor localization system. Moreover, we introduce an updated model verification mechanism within the blockchain to alleviate the concern of malicious node attacks. Experimental results substantiate the framework's capacity to deliver accurate 3D location predictions and its superior resistance to the impacts of single-point failure and malicious attacks when compared to conventional centralized federated learning systems. |
| 2024-07-05 | Benchmarking GNNs Using Lightning Network Data | Rainer Feichtinger et.al. | 2407.07916 | The Bitcoin Lightning Network is a layer 2 protocol designed to facilitate fast and inexpensive Bitcoin transactions. It operates by establishing channels between users, where Bitcoin is locked and transactions are conducted off-chain until the channels are closed, with only the initial and final transactions recorded on the blockchain. Routing transactions through intermediary nodes is crucial for users without direct channels, allowing these routing nodes to collect fees for their services. Nodes announce their channels to the network, forming a graph with channels as edges. In this paper, we analyze the graph structure of the Lightning Network and investigate the statistical relationships between node properties using machine learning, particularly Graph Neural Networks (GNNs). We formulate a series of tasks to explore these relationships and provide benchmarks for GNN architectures, demonstrating how topological and neighbor information enhances performance. Our evaluation of several models reveals the effectiveness of GNNs in these tasks and highlights the insights gained from their application. |
| 2024-07-10 | Searcher Competition in Block Building | Akaki Mamageishvili et.al. | 2407.07474 | We study the amount of maximal extractable value (MEV) captured by validators, as a function of searcher competition, in blockchains with competitive block building markets such as Ethereum. We argue that the core is a suitable solution concept in this context that makes robust predictions that are independent of implementation details or specific mechanisms chosen. We characterize how much value validators extract in the core and quantify the surplus share of validators as a function of searcher competition. Searchers can obtain at most the marginal value increase of the winning block relative to the best block that can be built without their bundles. Dually this gives a lower bound on the value extracted by the validator. If arbitrages are easy to find and many searchers find similar bundles, the validator gets paid all value almost surely, while searchers can capture most value if there is little searcher competition per arbitrage. For the case of passive block-proposers we study, moreover, mechanisms that implement core allocations in dominant strategies and find that for submodular value, there is a unique dominant-strategy incentive compatible core-selecting mechanism that gives each searcher exactly their marginal value contribution to the winning block. We validate our theoretical prediction empirically with aggregate bundle data and find a significant positive relation between the number of submitted backruns for the same opportunity and the median value captured by the proposer from the opportunity. |
| 2024-07-10 | TDML -- A Trustworthy Distributed Machine Learning Framework | Zhen Wang et.al. | 2407.07339 | Recent years have witnessed a surge in deep learning research, marked by the introduction of expansive generative models like OpenAI's SORA and GPT, Meta AI's LLAMA series, and Google's FLAN, BART, and Gemini models. However, the rapid advancement of large models (LM) has intensified the demand for computing resources, particularly GPUs, which are crucial for their parallel processing capabilities. This demand is exacerbated by limited GPU availability due to supply chain delays and monopolistic acquisition by major tech firms. Distributed Machine Learning (DML) methods, such as Federated Learning (FL), mitigate these challenges by partitioning data and models across multiple servers, though implementing optimizations like tensor and pipeline parallelism remains complex. Blockchain technology emerges as a promising solution, ensuring data integrity, scalability, and trust in distributed computing environments, but still lacks guidance on building practical DML systems. In this paper, we propose a \textit{trustworthy distributed machine learning} (TDML) framework that leverages blockchain to coordinate remote trainers and validate workloads, achieving privacy, transparency, and efficient model training across public remote computing resources. Experimental validation demonstrates TDML's efficacy in overcoming performance limitations and malicious node detection, positioning it as a robust solution for scalable and secure distributed machine learning. |
| 2024-07-09 | A Differentially Private Blockchain-Based Approach for Vertical Federated Learning | Linh Tran et.al. | 2407.07054 | link |
| 2024-07-09 | Using Large Language Models for Generating Smart Contracts for Health Insurance from Textual Policies | Inwon Kang et.al. | 2407.07019 | We explore using Large Language Models (LLMs) to generate application code that automates health insurance processes from text-based policies. We target blockchain-based smart contracts as they offer immutability, verifiability, scalability, and a trustless setting: any number of parties can use the smart contracts, and they need not have previously established trust relationships with each other. Our methodology generates outputs at increasing levels of technical detail: (1) textual summaries, (2) declarative decision logic, and (3) smart contract code with unit tests. We ascertain LLMs are good at the task (1), and the structured output is useful to validate tasks (2) and (3). Declarative languages (task 2) are often used to formalize healthcare policies, but their execution on blockchain is non-trivial. Hence, task (3) attempts to directly automate the process using smart contracts. To assess the LLM output, we propose completeness, soundness, clarity, syntax, and functioning code as metrics. Our evaluation employs three health insurance policies (scenarios) with increasing difficulty from Medicare's official booklet. Our evaluation uses GPT-3.5 Turbo, GPT-3.5 Turbo 16K, GPT-4, GPT-4 Turbo and CodeLLaMA. Our findings confirm that LLMs perform quite well in generating textual summaries. Although outputs from tasks (2)-(3) are useful starting points, they require human oversight: in multiple cases, even "runnable" code will not yield sound results; the popularity of the target language affects the output quality; and more complex scenarios still seem a bridge too far. Nevertheless, our experiments demonstrate the promise of LLMs for translating textual process descriptions into smart contracts. |
| 2024-07-09 | SP-Chain: Boosting Intra-Shard and Cross-Shard Security and Performance in Blockchain Sharding | Mingzhe Li et.al. | 2407.06953 | A promising way to overcome the scalability limitations of the current blockchain is to use sharding, which is to split the transaction processing among multiple, smaller groups of nodes. A well-performed blockchain sharding system requires both high performance and high security in both intra- and cross-shard perspectives. However, existing protocols either have issues on protecting security or trade off great performance for security. In this paper, we propose SP-Chain, a blockchain sharding system with enhanced Security and Performance for both intra- and cross-shard perspectives. For intra-shard aspect, we design a two-phase concurrent voting scheme to provide high system throughput and low transaction confirmation latency. Moreover, we propose an efficient unbiased leader rotation scheme to ensure high performance under malicious behavior. For cross-shard aspect, a proof-assisted efficient cross-shard transaction processing mechanism is proposed to guard the cross-shard transactions with low overhead. We implement SP-Chain based on Harmony, and evaluate its performance via large-scale deployment. Extensive evaluations suggest that SP-Chain can process more than 10,000 tx/sec under malicious behaviors with a confirmation latency of 7.6s in a network of 4,000 nodes. |
| 2024-07-09 | DL-Chain: Scalable and Stable Blockchain Sharding with High Concurrency via Dual-Layer Consensus | You Lin et.al. | 2407.06882 | Sharding enhances blockchain scalability by partitioning nodes into multiple groups for concurrent transaction processing. Configuring a large number of \emph{small shards} helps improve the transaction concurrency of a sharding system. However, it increases the fraction of malicious nodes within each shard, easily leading to shard corruption and jeopardizing system security. Some existing works have attempted to improve concurrency by reducing the shard size while maintaining security. However, they often require frequent and time-consuming recovery of corrupted shards, leading to severe system stagnation. Also, they usually require network-wide consensus to guarantee security, which limits scalability. To address these issues, we propose DL-Chain, a blockchain sharding system that can securely provide \emph{high concurrency with stable and scalable performance.} Our core idea is a \underline{D}ual-\underline{L}ayer architecture and consensus, which consists of numerous smaller proposer shards (PSs) for transaction processing and multiple larger finalizer committees (FCs) for transaction finalization. To avoid system stagnation and thus guarantee stable performance, we ensure PSs' liveness even if they are corrupted through the cooperation of PSs and FCs, thus eliminating the recovery process of corrupted PSs. To better trade-off security and scalability, we fine-tune the FCs to enable multiple FCs to coexist securely. As a result, DL-Chain allows a larger fraction of malicious nodes in each PS ( |
| 2024-07-09 | Trust and Resilience in Federated Learning Through Smart Contracts Enabled Decentralized Systems | Lorenzo Cassano et.al. | 2407.06862 | In this paper, we present a study of a Federated Learning (FL) system, based on the use of decentralized architectures to ensure trust and increase reliability. The system is based on the idea that the FL collaborators upload the (ciphered) model parameters on the Inter-Planetary File System (IPFS) and interact with a dedicated smart contract to track their behavior. Thank to this smart contract, the phases of parameter updates are managed efficiently, thereby strengthening data security. We have carried out an experimental study that exploits two different methods of weight aggregation, i.e., a classic averaging scheme and a federated proximal aggregation. The results confirm the feasibility of the proposal. |
| 2024-07-09 | The Cost of Executing Business Processes on Next-Generation Blockchains: The Case of Algorand | Fabian Stiehle et.al. | 2407.06725 | Process (or workflow) execution on blockchain suffers from limited scalability; specifically, costs in the form of transactions fees are a major limitation for employing traditional public blockchain platforms in practice. Research, so far, has mainly focused on exploring first (Bitcoin) and second-generation (e.g., Ethereum) blockchains for business process enactment. However, since then, novel blockchain systems have been introduced - aimed at tackling many of the problems of previous-generation blockchains. We study such a system, Algorand, from a process execution perspective. Algorand promises low transaction fees and fast finality. However, Algorand's cost structure differs greatly from previous generation blockchains, rendering earlier cost models for blockchain-based process execution non-applicable. We discuss and contrast Algorand's novel cost structure with Ethereum's well-known cost model. To study the impact for process execution, we present a compiler for BPMN Choreographies, with an intermediary layer, which can support multi-platform output, and provide a translation to TEAL contracts, the smart contract language of Algorand. We compare the cost of executing processes on Algorand to previous work as well as traditional cloud computing. In short: they allow vast cost benefits. However, we note a multitude of future research challenges that remain in investigating and comparing such results. |
| 2024-07-09 | Toychain: A Simple Blockchain for Research in Swarm Robotics | Alexandre Pacheco et.al. | 2407.06630 | This technical report describes the implementation of Toychain: a simple, lightweight blockchain implemented in Python, designed for ease of deployment and practicality in robotics research. It can be integrated with various software and simulation tools used in robotics (we have integrated it with ARGoS, Gazebo, and ROS2), and also be deployed on real robots capable of Wi-Fi communications. The Toychain package supports the deployment of smart contracts written in Python (computer programs that can be executed by and synchronized across a distributed network). The nodes in the blockchain can execute smart contract functions by broadcasting transactions, which update the state of the blockchain upon agreement by all other nodes. The conditions for this agreement are established by a consensus protocol. The Toychain package allows for custom implementations of the consensus protocol, which can be useful for research or meeting specific application requirements. Currently, Proof-of-Work and Proof-of-Authority are implemented. |
| 2024-08-31 | FORAY: Towards Effective Attack Synthesis against Deep Logical Vulnerabilities in DeFi Protocols | Hongbo Wen et.al. | 2407.06348 | Blockchain adoption has surged with the rise of Decentralized Finance (DeFi) applications. However, the significant value of digital assets managed by DeFi protocols makes them prime targets for attacks. Current smart contract vulnerability detection tools struggle with DeFi protocols due to deep logical bugs arising from complex financial interactions between multiple smart contracts. These tools primarily analyze individual contracts and resort to brute-force methods for DeFi protocols crossing numerous smart contracts, leading to inefficiency. We introduce Foray, a highly effective attack synthesis framework against deep logical bugs in DeFi protocols. Foray proposes a novel attack sketch generation and completion framework. Specifically, instead of treating DeFis as regular programs, we design a domain-specific language (DSL) to lift the low-level smart contracts into their high-level financial operations. Based on our DSL, we first compile a given DeFi protocol into a token flow graph, our graphical representation of DeFi protocols. Then, we design an efficient sketch generation method to synthesize attack sketches for a certain attack goal (e.g., price manipulation, arbitrage, etc.). This algorithm strategically identifies candidate sketches by finding reachable paths in TFG, which is much more efficient than random enumeration. For each candidate sketch written in our DSL, Foray designs a domain-specific symbolic compilation to compile it into SMT constraints. Our compilation simplifies the constraints by removing redundant smart contract semantics. It maintains the usability of symbolic compilation, yet scales to problems orders of magnitude larger. Finally, the candidates are completed via existing solvers and are transformed into concrete attacks via direct syntax transformation. |
| 2024-08-09 | Towards Understanding the Bugs in Solidity Compiler | Haoyang Ma et.al. | 2407.05981 | Solidity compiler plays a key role in enabling the development of smart contract applications on Ethereum by governing the syntax of a domain-specific language called Solidity and performing compilation and optimization of Solidity code. The correctness of Solidity compiler is critical in fostering transparency, efficiency, and trust in industries reliant on smart contracts. However, like other software systems, Solidity compiler is prone to bugs, which may produce incorrect bytecodes on blockchain platforms, resulting in severe security concerns. As a domain-specific compiler for smart contracts, Solidity compiler differs from other compilers in many perspectives, posing unique challenges to detect its bugs. To understand the bugs in Solidity compiler and benefit future research, in this paper, we present the first systematic study on 533 Solidity compiler bugs. We carefully examined their characteristics (including symptoms, root causes, and distribution), and their triggering test cases. Our study leads to seven bug-revealing takeaways for Solidity compiler. Moreover, to study the limitations of Solidity compiler fuzzers and bring our findings into practical scenarios, we evaluate three Solidity compiler fuzzers on our constructed benchmark. The results show that these fuzzers are inefficient in detecting Solidity compiler bugs. The inefficiency arises from their failure to consider the interesting bug-inducing features, bug-related compilation flags, and test oracles |
| 2024-07-12 | Pruning Blockchain Protocols for Efficient Access Control in IoT Systems | Yongtao Huang et.al. | 2407.05506 | We consider access control for IoT systems that involves shared accesses to the IoT devices as well as their data. Since IoT devices are dispersed all over the edge of the Internet, traditional centralized access control has problems. Blockchain based decentralized access control is thus the new solution trend. However, existing blockchain based access control methods do not focus on performance issues and may incur a high communication overhead. In this paper, we develop a Pruning Blockchain based Access Control (PBAC) protocol to cutdown the unnecessary message rounds and achieve high efficiency in access validations and policy management. The protocol includes a shortcut and a Role and Device Hierarchy-Based Access Control (R&D-BAC) approaches for different environment settings. To realize the PBAC protocol, it is necessary to carefully engineer the system architecture, which is also discussed in the paper. Experiments demonstrate the efficacy of the PBAC protocol, specifically, the shortcut mechanism reduces access time by approximately 43%, and R&D-BAC outperforms traditional blockchain based RBAC by more than two folds. |
| 2024-07-07 | Vulnerability-Hunter: An Adaptive Feature Perception Attention Network for Smart Contract Vulnerabilities | Yizhou Chen et.al. | 2407.05318 | Smart Contract Vulnerability Detection (SCVD) is crucial to guarantee the quality of blockchain-based systems. Graph neural networks have been shown to be effective in learning semantic representations of smart contract code and are commonly adopted by existing deep learning-based SCVD. However, the current methods still have limitations in their utilization of graph sampling or subgraph pooling based on predefined rules for extracting crucial components from structure graphs of smart contract code. These predefined rule-based strategies, typically designed using static rules or heuristics, demonstrate limited adaptability to dynamically adjust extraction strategies according to the structure and content of the graph in heterogeneous topologies of smart contract code. Consequently, these strategies may not possess universal applicability to all smart contracts, potentially leading to false positives or omissions. To address these problems, we propose AFPNet, a novel vulnerability detection model equipped with a feature perception module that has dynamic weights for comprehensive scanning of the entire smart contract code and automatic extraction of crucial code snippets (the |
| 2024-07-10 | BFLN: A Blockchain-based Federated Learning Model for Non-IID Data | Yang Li et.al. | 2407.05276 | As the application of federated learning becomes increasingly widespread, the issue of imbalanced training data distribution has emerged as a significant challenge. Federated learning utilizes local data stored on different training clients for model training, rather than centralizing data on a server, thereby greatly enhancing the privacy and security of training data. However, the distribution of training data across different clients may be imbalanced, with different categories of data potentially residing on different clients. This presents a challenge to traditional federated learning, which assumes data distribution is independent and identically distributed (IID). This paper proposes a Blockchain-based Federated Learning Model for Non-IID Data (BFLN), which combines federated learning with blockchain technology. By introducing a new aggregation method and incentive algorithm, BFLN enhances the model performance of federated learning on non-IID data. Experiments on public datasets demonstrate that, compared to other state-of-the-art models, BFLN improves training accuracy and provides a sustainable incentive mechanism for personalized federated learning. |
| 2024-07-05 | Blockchain-based PKI within a Corporate Organization: Advantages and Challenges | Julian Springer et.al. | 2407.04536 | This research investigates the potential use of a blockchain-based Public Key Infrastructure (PKI) within an organization and compares it to conventional PKI systems. The goal is to assess the advantages and disadvantages of both approaches in order to determine the feasibility of employing blockchain technology for a decentralized PKI. The study will also evaluate the impact of current legal frameworks, such as the Cyber Resilience Act (CRA) and NIS-2 Directive. The study will examine various implementations of blockchain PKIs based on factors such as security, performance, and platform. The results indicate that blockchain-based PKIs can overcome the limitations of conventional PKIs by decentralizing the trust anchor, providing greater security. Blockchain technology allows for the immutable and transparent management of certificates, making tampering significantly more challenging. Additionally, blockchain-based PKIs offer enhanced mechanisms for identifying and addressing certificate misconduct. |
| 2024-07-05 | Temporal fingerprints: Identity matching across fully encrypted domain | Shahar Somin et.al. | 2407.04350 | Technological advancements have significantly transformed communication patterns, introducing a diverse array of online platforms, thereby prompting individuals to use multiple profiles for different domains and objectives. Enhancing the understanding of cross domain identity matching capabilities is essential, not only for practical applications such as commercial strategies and cybersecurity measures, but also for theoretical insights into the privacy implications of data disclosure. In this study, we demonstrate that individual temporal data, in the form of inter-event times distribution, constitutes an individual temporal fingerprint, allowing for matching profiles across different domains back to their associated real-world entity. We evaluate our methodology on encrypted digital trading platforms within the Ethereum Blockchain and present impressing results in matching identities across these privacy-preserving domains, while outperforming previously suggested models. Our findings indicate that simply knowing when an individual is active, even if information about who they talk to and what they discuss is lacking, poses risks to users' privacy, highlighting the inherent challenges in preserving privacy in today's digital landscape. |
| 2024-07-05 | Effective Targeted Testing of Smart Contracts | Mahdi Fooladgar et.al. | 2407.04250 | Smart contracts are autonomous and immutable pieces of code that are deployed on blockchain networks and run by miners. They were first introduced by Ethereum in 2014 and have since been used for various applications such as security tokens, voting, gambling, non-fungible tokens, self-sovereign identities, stock taking, decentralized finances, decentralized exchanges, and atomic swaps. Since smart contracts are immutable, their bugs cannot be fixed, which may lead to significant monetary losses. While many researchers have focused on testing smart contracts, our recent work has highlighted a gap between test adequacy and test data generation, despite numerous efforts in both fields. Our framework, Griffin, tackles this deficiency by employing a targeted symbolic execution technique for generating test data. This tool can be used in diverse applications, such as killing the survived mutants in mutation testing, validating static analysis alarms, creating counter-examples for safety conditions, and reaching manually selected lines of code. This paper discusses how smart contracts differ from legacy software in targeted symbolic execution and how these differences can affect the tool structure, leading us to propose an enhanced version of the control-flow graph for Solidity smart contracts called CFG+. We also discuss how Griffin can utilize custom heuristics to explore the program space and find the test data that reaches a target line while considering a safety condition in a reasonable execution time. We conducted experiments involving an extensive set of smart contracts, target lines, and safety conditions based on real-world faults and test suites from related tools. The results of our evaluation demonstrate that Griffin can effectively identify the required test data within a reasonable timeframe. |
| 2024-07-04 | Real-time Cyberattack Detection with Collaborative Learning for Blockchain Networks | Tran Viet Khoa et.al. | 2407.04011 | With the ever-increasing popularity of blockchain applications, securing blockchain networks plays a critical role in these cyber systems. In this paper, we first study cyberattacks (e.g., flooding of transactions, brute pass) in blockchain networks and then propose an efficient collaborative cyberattack detection model to protect blockchain networks. Specifically, we deploy a blockchain network in our laboratory to build a new dataset including both normal and attack traffic data. The main aim of this dataset is to generate actual attack data from different nodes in the blockchain network that can be used to train and test blockchain attack detection models. We then propose a real-time collaborative learning model that enables nodes in the network to share learning knowledge without disclosing their private data, thereby significantly enhancing system performance for the whole network. The extensive simulation and real-time experimental results show that our proposed detection model can detect attacks in the blockchain network with an accuracy of up to 97%. |
| 2024-07-04 | GriDB: Scaling Blockchain Database via Sharding and Off-Chain Cross-Shard Mechanism | Zicong Hong et.al. | 2407.03750 | Blockchain databases have attracted widespread attention but suffer from poor scalability due to underlying non-scalable blockchains. While blockchain sharding is necessary for a scalable blockchain database, it poses a new challenge named on-chain cross-shard database services. Each cross-shard database service (e.g., cross-shard queries or inter-shard load balancing) involves massive cross-shard data exchanges, while the existing cross-shard mechanisms need to process each cross-shard data exchange via the consensus of all nodes in the related shards (i.e., on-chain) to resist a Byzantine environment of blockchain, which eliminates sharding benefits. To tackle the challenge, this paper presents GriDB, the first scalable blockchain database, by designing a novel off-chain cross-shard mechanism for efficient cross-shard database services. Borrowing the idea of off-chain payments, GriDB delegates massive cross-shard data exchange to a few nodes, each of which is randomly picked from a different shard. Considering the Byzantine environment, the untrusted delegates cooperate to generate succinct proof for cross-shard data exchanges, while the consensus is only responsible for the low-cost proof verification. However, different from payments, the database services' verification has more requirements (e.g., completeness, correctness, freshness, and availability); thus, we introduce several new authenticated data structures (ADS). Particularly, we utilize consensus to extend the threat model and reduce the complexity of traditional accumulator-based ADS for verifiable cross-shard queries with a rich set of relational operators. Moreover, we study the necessity of inter-shard load balancing for a scalable blockchain database and design an off-chain and live approach for both efficiency and availability during balancing. |
| 2024-07-24 | Asymmetric Mempool DoS Security: Formal Definitions and Provable Secure Designs | Wanning Ding et.al. | 2407.03543 | The mempool plays a crucial role in blockchain systems as a buffer zone for pending transactions before they are executed and included in a block. However, existing works primarily focus on mitigating defenses against already identified real-world attacks. This paper introduces secure blockchain-mempool designs capable of defending against any form of asymmetric eviction DoS attacks. We establish formal security definitions for mempools under the eviction-based attack vector. Our proposed secure transaction admission algorithm, named \textsc{saferAd-CP}, ensures eviction-security by providing a provable lower bound on the cost of executing eviction DoS attacks. Through evaluation with real transaction trace replays, \textsc{saferAd-CP} demonstrates negligible latency and significantly high lower bounds against any eviction attack, highlighting its effectiveness and robustness in securing blockchain mempools. |
| 2024-07-03 | Scalable Zero-Knowledge Proofs for Verifying Cryptographic Hashing in Blockchain Applications | Oleksandr Kuznetsov et.al. | 2407.03511 | Zero-knowledge proofs (ZKPs) have emerged as a promising solution to address the scalability challenges in modern blockchain systems. This study proposes a methodology for generating and verifying ZKPs to ensure the computational integrity of cryptographic hashing, specifically focusing on the SHA-256 algorithm. By leveraging the Plonky2 framework, which implements the PLONK protocol with FRI commitment scheme, we demonstrate the efficiency and scalability of our approach for both random data and real data blocks from the NEAR blockchain. The experimental results show consistent performance across different data sizes and types, with the time required for proof generation and verification remaining within acceptable limits. The generated circuits and proofs maintain manageable sizes, even for real-world data blocks with a large number of transactions. The proposed methodology contributes to the development of secure and trustworthy blockchain systems, where the integrity of computations can be verified without revealing the underlying data. Further research is needed to assess the applicability of the approach to other cryptographic primitives and to evaluate its performance in more complex real-world scenarios. |
| 2024-07-03 | Zero-X: A Blockchain-Enabled Open-Set Federated Learning Framework for Zero-Day Attack Detection in IoV | Abdelaziz Amara korba et.al. | 2407.02969 | The Internet of Vehicles (IoV) is a crucial technology for Intelligent Transportation Systems (ITS) that integrates vehicles with the Internet and other entities. The emergence of 5G and the forthcoming 6G networks presents an enormous potential to transform the IoV by enabling ultra-reliable, low-latency, and high-bandwidth communications. Nevertheless, as connectivity expands, cybersecurity threats have become a significant concern. The issue has been further exacerbated by the rising number of zero-day (0-day) attacks, which can exploit unknown vulnerabilities and bypass existing Intrusion Detection Systems (IDSs). In this paper, we propose Zero-X, an innovative security framework that effectively detects both 0-day and N-day attacks. The framework achieves this by combining deep neural networks with Open-Set Recognition (OSR). Our approach introduces a novel scheme that uses blockchain technology to facilitate trusted and decentralized federated learning (FL) of the ZeroX framework. This scheme also prioritizes privacy preservation, enabling both CAVs and Security Operation Centers (SOCs) to contribute their unique knowledge while protecting the privacy of their sensitive data. To the best of our knowledge, this is the first work to leverage OSR in combination with privacy-preserving FL to identify both 0-day and N-day attacks in the realm of IoV. The in-depth experiments on two recent network traffic datasets show that the proposed framework achieved a high detection rate while minimizing the false positive rate. Comparison with related work showed that the Zero-X framework outperforms existing solutions. |
| 2024-07-03 | Balancing Patient Privacy and Health Data Security: The Role of Compliance in Protected Health Information (PHI) Sharing | Md Al Amin et.al. | 2407.02766 | Protected Health Information (PHI) sharing significantly enhances patient care quality and coordination, contributing to more accurate diagnoses, efficient treatment plans, and a comprehensive understanding of patient history. Compliance with strict privacy and security policies, such as those required by laws like HIPAA, is critical to protect PHI. Blockchain technology, which offers a decentralized and tamper-evident ledger system, hold promise in policy compliance. This system ensures the authenticity and integrity of PHI while facilitating patient consent management. In this work, we propose a blockchain technology that integrates smart contracts to partially automate consent-related processes and ensuring that PHI access and sharing follow patient preferences and legal requirements. |
| 2024-09-04 | Decentralized Intelligence Network (DIN) | Abraham Nash et.al. | 2407.02461 | Decentralized Intelligence Network (DIN) is a theoretical framework designed to address challenges in AI development, particularly focusing on data fragmentation and siloing issues. It facilitates effective AI training within sovereign data networks by overcoming barriers to accessing diverse data sources, leveraging: 1) personal data stores to ensure data sovereignty, where data remains securely within Participants' control; 2) a scalable federated learning protocol implemented on a public blockchain for decentralized AI training, where only model parameter updates are shared, keeping data within the personal data stores; and 3) a scalable, trustless cryptographic rewards mechanism on a public blockchain to incentivize participation and ensure fair reward distribution through a decentralized auditing protocol. This approach guarantees that no entity can prevent or control access to training data or influence financial benefits, as coordination and reward distribution are managed on the public blockchain with an immutable record. The framework supports effective AI training by allowing Participants to maintain control over their data, benefit financially, and contribute to a decentralized, scalable ecosystem that leverages collective AI to develop beneficial algorithms. |
| 2024-07-02 | RollupTheCrowd: Leveraging ZkRollups for a Scalable and Privacy-Preserving Reputation-based Crowdsourcing Platform | Ahmed Mounsf Rafik Bendada et.al. | 2407.02226 | link |
| 2024-07-02 | Reusable Formal Verification of DAG-based Consensus Protocols | Nathalie Bertrand et.al. | 2407.02167 | DAG-based consensus protocols are being adoption by blockchain companies to decrease energy footprints and improve security. A DAG-based consensus protocol collaboratively constructs a partial order of blocks of transactions and produces linearly ordered blocks. The ubiquity and strategic importance of blockchains call for formal proof of the correctness of key components, namely, consensus protocols. This paper presents a safety-proven formal specification of two DAG-based protocols. Our specification highlights several dissemination, DAG construction, and ordering variations that can be combined to express the two protocols. The formalization requires a refinement approach for modeling the consensus. In an abstract model, we first show the safety of DAG-based consensus on leader blocks and then further refine the specification to encompass all blocks for all processes. The TLA+ specification for a given protocol consists of 492-732 lines, and the proof system TLAPS verifies 2025-2294 obligations in 6-8 minutes. |
| 2024-07-01 | Immutable in Principle, Upgradeable by Design: Exploratory Study of Smart Contract Upgradeability | Ilham Qasse et.al. | 2407.01493 | Smart contracts, known for their immutable nature to ensure trust via automated enforcement, have evolved to require upgradeability due to unforeseen vulnerabilities and the need for feature enhancements post-deployment. This contradiction between immutability and the need for modifications has led to the development of upgradeable smart contracts. These contracts are immutable in principle yet upgradable by design, allowing updates without altering the underlying data or state, thus preserving the contract's intent while allowing improvements. This study aims to understand the application and implications of upgradeable smart contracts on the Ethereum blockchain. By introducing a dataset that catalogs the versions and evolutionary trajectories of smart contracts, the research explores key dimensions: the prevalence and adoption patterns of upgrade mechanisms, the likelihood and occurrences of contract upgrades, the nature of modifications post-upgrade, and their impact on user engagement and contract activity. Through empirical analysis, this study identifies upgradeable contracts and examines their upgrade history to uncover trends, preferences, and challenges associated with modifications. The evidence from analyzing over 44 million contracts shows that only 3% have upgradeable characteristics, with only 0.34% undergoing upgrades. This finding underscores a cautious approach by developers towards modifications, possibly due to the complexity of upgrade processes or a preference for maintaining stability. Furthermore, the study shows that upgrades are mainly aimed at feature enhancement and vulnerability mitigation, particularly when the contracts' source codes are accessible. However, the relationship between upgrades and user activity is complex, suggesting that additional factors significantly affect the use of smart contracts beyond their evolution. |
| 2024-07-03 | Maximizing Blockchain Performance: Mitigating Conflicting Transactions through Parallelism and Dependency Management | Faisal Haque Bappy et.al. | 2407.01426 | While blockchains initially gained popularity in the realm of cryptocurrencies, their widespread adoption is expanding beyond conventional applications, driven by the imperative need for enhanced data security. Despite providing a secure network, blockchains come with certain tradeoffs, including high latency, lower throughput, and an increased number of transaction failures. A pivotal issue contributing to these challenges is the improper management of "conflicting transactions", commonly referred to as "contention". When a number of pending transactions within a blockchain collide with each other, this results in a state of contention. This situation worsens network latency, leads to the wastage of system resources, and ultimately contributes to reduced throughput and higher transaction failures. In response to this issue, in this work, we present a novel blockchain scheme that integrates transaction parallelism and an intelligent dependency manager aiming to reduce the occurrence of conflicting transactions within blockchain networks. In terms of effectiveness and efficiency, experimental results show that our scheme not only mitigates the challenges posed by conflicting transactions, but also outperforms both existing parallel and non-parallel Hyperledger Fabric blockchain networks achieving higher transaction success rate, throughput, and latency. The integration of our scheme with Hyperledger Fabric appears to be a promising solution for improving the overall performance and stability of blockchain networks in real-world applications. |
| 2024-07-01 | SCIF: A Language for Compositional Smart Contract Security | Siqiu Yao et.al. | 2407.01204 | Securing smart contracts remains a fundamental challenge. At its core, it is about building software that is secure in composition with untrusted code, a challenge that extends far beyond blockchains. We introduce SCIF, a language for building smart contracts that are compositionally secure. SCIF is based on the fundamentally compositional principle of secure information flow, but extends this core mechanism to include protection against reentrancy attacks, confused deputy attacks, and improper error handling, even in the presence of malicious contracts that do not follow SCIF's rules. SCIF supports a rich ecosystem of interacting principals with partial trust through its mechanisms for dynamic trust management. SCIF has been implemented as a compiler to Solidity. We describe the SCIF language, including its static checking rules and runtime. Finally, we implement several applications with intricate security reasoning, showing how SCIF supports building complex smart contracts securely and gives programmer accurate diagnostics about potential security bugs. |
| 2024-07-01 | TierDrop: Harnessing Airdrop Farmers for User Growth | Aviv Yaish et.al. | 2407.01176 | Blockchain platforms attempt to expand their user base by awarding tokens to users, a practice known as issuing airdrops. Empirical data and related work implies that previous airdrops fall short of their stated aim of attracting long-term users, partially due to adversarial farmers who game airdrop mechanisms and receive an outsize share of rewards. In this work, we argue that given the futility of fighting farmers, the airdrop business model should be reconsidered: farmers should be harnessed to generate activity that attracts real users, i.e., strengthens network effects. To understand the impact of farmers on airdrops, we analyze their performance in a market inhabited by two competing platforms and two tiers of users: real users and farmers. We show that counterintuitively, farmers sometimes represent a necessary evil-it can be revenue-optimal for airdrop issuers to give some tokens to farmers, even in the hypothetical case where platforms could costlessly detect and banish all farmers. Although we focus on airdrops, our results generally apply to activity-based incentive schemes. |
| 2024-07-01 | Decentralized PKI Framework for Data Integrity in Spatial Crowdsourcing Drone Services | Junaid Akram et.al. | 2407.00876 | In the domain of spatial crowdsourcing drone services, which includes tasks like delivery, surveillance, and data collection, secure communication is paramount. The Public Key Infrastructure (PKI) ensures this by providing a system for digital certificates that authenticate the identities of entities involved, securing data and command transmissions between drones and their operators. However, the centralized trust model of traditional PKI, dependent on Certificate Authorities (CAs), presents a vulnerability due to its single point of failure, risking security breaches. To counteract this, the paper presents D2XChain, a blockchain-based PKI framework designed for the Internet of Drone Things (IoDT). By decentralizing the CA infrastructure, D2XChain eliminates this single point of failure, thereby enhancing the security and reliability of drone communications. Fully compatible with the X.509 standard, it integrates seamlessly with existing PKI systems, supporting all key operations such as certificate registration, validation, verification, and revocation in a distributed manner. This innovative approach not only strengthens the defense of drone services against various security threats but also showcases its practical application through deployment on a private Ethereum testbed, representing a significant advancement in addressing the unique security challenges of drone-based services and ensuring their trustworthy operation in critical tasks. |
| 2024-07-01 | Privacy-First Crowdsourcing: Blockchain and Local Differential Privacy in Crowdsourced Drone Services | Junaid Akram et.al. | 2407.00873 | We introduce a privacy-preserving framework for integrating consumer-grade drones into bushfire management. This system creates a marketplace where bushfire management authorities obtain essential data from drone operators. Key features include local differential privacy to protect data providers and a blockchain-based solution ensuring fair data exchanges and accountability. The framework is validated through a proof-of-concept implementation, demonstrating its scalability and potential for various large-scale data collection scenarios. This approach addresses privacy concerns and compliance with regulations like Australia's Privacy Act 1988, offering a practical solution for enhancing bushfire detection and management through crowdsourced drone services. |
| 2024-06-30 | BAZAM: A Blockchain-Assisted Zero-Trust Authentication in Multi-UAV Wireless Networks | Mingyue Xie et.al. | 2407.00630 | Unmanned aerial vehicles (UAVs) are vulnerable to interception and attacks when operated remotely without a unified and efficient identity authentication. Meanwhile, the openness of wireless communication environments potentially leads to data leakage and system paralysis. However, conventional authentication schemes in the UAV network are system-centric, failing to adapt to the diversity of UAVs identities and access, resulting in changes in network environments and connection statuses. Additionally, UAVs are not subjected to periodic identity compliance checks once authenticated, leading to difficulties in controlling access anomalies. Therefore, in this work, we consider a zero-trust framework for UAV network authentication, aiming to achieve UAVs identity authentication through the principle of ``never trust and always verify''. We introduce a blockchain-assisted zero-trust authentication scheme, namely BAZAM, designed for multi-UAV wireless networks. In this scheme, UAVs follow a key generation approach using physical unclonable functions (PUFs), and cryptographic technique helps verify registration and access requests of UAVs. The blockchain is applied to store UAVs authentication information in immutable storage. Through thorough security analysis and extensive evaluation, we demonstrate the effectiveness and efficiency of the proposed BAZAM. |
| 2024-06-30 | DDRM: Distributed Drone Reputation Management for Trust and Reliability in Crowdsourced Drone Services | Junaid Akram et.al. | 2407.00591 | This study introduces the Distributed Drone Reputation Management (DDRM) framework, designed to fortify trust and authenticity within the Internet of Drone Things (IoDT) ecosystem. As drones increasingly play a pivotal role across diverse sectors, integrating crowdsourced drone services within the IoDT has emerged as a vital avenue for democratizing access to these services. A critical challenge, however, lies in ensuring the authenticity and reliability of drone service reviews. Leveraging the Ethereum blockchain, DDRM addresses this challenge by instituting a verifiable and transparent review mechanism. The framework innovates with a dual-token system, comprising the Service Review Authorization Token (SRAT) for facilitating review authorization and the Drone Reputation Enhancement Token (DRET) for rewarding and recognizing drones demonstrating consistent reliability. Comprehensive analysis within this paper showcases DDRM's resilience against various reputation frauds and underscores its operational effectiveness, particularly in enhancing the efficiency and reliability of drone services. |
| 2024-06-29 | Blockchain based Decentralized Petition System | Jagdeep Kaur et.al. | 2407.00534 | A decentralized online petition system enables individuals or groups to create, sign, and share petitions without a central authority. Using blockchain technology, these systems ensure the integrity and transparency of the petition process by recording every signature or action on the blockchain, making alterations or deletions impossible. This provides a permanent, tamper-proof record of the petition's progress. Such systems allow users to bypass traditional intermediaries like government or social media platforms, fostering more democratic and transparent decision-making. This paper reviews research on petition systems, highlighting the shortcomings of existing systems such as lack of accountability, vulnerability to hacking, and security issues. The proposed blockchain-based implementation aims to overcome these challenges. Decentralized voting systems have garnered interest recently due to their potential to provide secure and transparent voting platforms without intermediaries, addressing issues like voter fraud, manipulation, and trust in the electoral process. We propose a decentralized voting system web application using blockchain technology to ensure the integrity and security of the voting process. This system aims to provide a transparent, decentralized decision-making process that counts every vote while eliminating the need for centralized authorities. The paper presents an overview of the system architecture, design considerations, and implementation details, along with the potential benefits and limitations. Finally, we discuss future research directions, examining the technical aspects of the application, including underlying algorithms and protocols. Our research aims to enhance the integrity and accessibility of democratic processes, improve security, and ensure fairness, transparency, and tamper-proofness. |
| 2024-06-29 | Dual-view Aware Smart Contract Vulnerability Detection for Ethereum | Jiacheng Yao et.al. | 2407.00336 | The wide application of Ethereum technology has brought technological innovation to traditional industries. As one of Ethereum's core applications, smart contracts utilize diverse contract codes to meet various functional needs and have gained widespread use. However, the non-tamperability of smart contracts, coupled with vulnerabilities caused by natural flaws or human errors, has brought unprecedented challenges to blockchain security. Therefore, in order to ensure the healthy development of blockchain technology and the stability of the blockchain community, it is particularly important to study the vulnerability detection techniques for smart contracts. In this paper, we propose a Dual-view Aware Smart Contract Vulnerability Detection Framework named DVDet. The framework initially converts the source code and bytecode of smart contracts into weighted graphs and control flow sequences, capturing potential risk features from these two perspectives and integrating them for analysis, ultimately achieving effective contract vulnerability detection. Comprehensive experiments on the Ethereum dataset show that our method outperforms others in detecting vulnerabilities. |
| 2024-06-28 | Parameterized Verification of Round-based Distributed Algorithms via Extended Threshold Automata | Tom Baumeister et.al. | 2406.19880 | Threshold automata are a computational model that has proven to be versatile in modeling threshold-based distributed algorithms and enabling their completely automatic parameterized verification. We present novel techniques for the verification of threshold automata, based on well-structured transition systems, that allow us to extend the expressiveness of both the computational model and the specifications that can be verified. In particular, we extend the model to allow decrements and resets of shared variables, possibly on cycles, and the specifications to general coverability. While these extensions of the model in general lead to undecidability, our algorithms provide a semi-decision procedure. We demonstrate the benefit of our extensions by showing that we can model complex round-based algorithms such as the phase king consensus algorithm and the Red Belly Blockchain protocol (published in 2019), and verify them fully automatically for the first time. |
| 2024-06-28 | Quantum-Enhanced Secure Approval Voting Protocol | Saiyam Sakhuja et.al. | 2406.19730 | In a world where elections touch every aspect of society, the need for secure voting is paramount. Traditional safeguards, based on classical cryptography, rely on complex math problems like factoring large numbers. However, quantum computing is changing the game. Recent advances in quantum technology suggest that classical cryptographic methods may not be as secure as we thought. This paper introduces a quantum voting protocol, a blend of quantum principles (entanglement and superposition), blockchain technology, and digital signatures, all powered by |
| 2024-07-03 | Commodification of Compute | Jesper Kristensen et.al. | 2406.19261 | The rapid advancements in artificial intelligence, big data analytics, and cloud computing have precipitated an unprecedented demand for computational resources. However, the current landscape of computational resource allocation is characterized by significant inefficiencies, including underutilization and price volatility. This paper addresses these challenges by introducing a novel global platform for the commodification of compute hours, termed the Global Compute Exchange (GCX) (Patent Pending). The GCX leverages blockchain technology and smart contracts to create a secure, transparent, and efficient marketplace for buying and selling computational power. The GCX is built in a layered fashion, comprising Market, App, Clearing, Risk Management, Exchange (Offchain), and Blockchain (Onchain) layers, each ensuring a robust and efficient operation. This platform aims to revolutionize the computational resource market by fostering a decentralized, efficient, and transparent ecosystem that ensures equitable access to computing power, stimulates innovation, and supports diverse user needs on a global scale. By transforming compute hours into a tradable commodity, the GCX seeks to optimize resource utilization, stabilize pricing, and democratize access to computational resources. This paper explores the technological infrastructure, market potential, and societal impact of the GCX, positioning it as a pioneering solution poised to drive the next wave of innovation in commodities and compute. |
| 2024-06-27 | Towards Credential-based Device Registration in DApps for DePINs with ZKPs | Jonathan Heiss et.al. | 2406.19042 | Decentralized Physical Infrastructure Networks (DePINS) are secured and governed by blockchains but beyond crypto-economic incentives, they lack measures to establish trust in participating devices and their services. The verification of relevant device credentials during device registration helps to overcome this problem. However, on-chain verification in decentralized applications (dApp) discloses potentially confidential device attributes whereas off-chain verification introduces undesirable trust assumptions. In this paper, we propose a credential-based device registration (CDR) mechanism that verifies device credentials on the blockchain and leverages zero-knowledge proofs (ZKP) to protect confidential device attributes from being disclosed. We characterize CDR for DePINs, present a general system model, and technically evaluate CDR using zkSNARKs with Groth16 and Marlin. Our experiments give first insights into performance impacts and reveal a tradeoff between the applied proof systems. |
| 2024-08-16 | SD-BLS: Privacy Preserving Selective Disclosure of Verifiable Credentials with Unlinkable Threshold Revocation | Denis Roio et.al. | 2406.19035 | Ensuring privacy and protection from issuer corruption in digital identity systems is crucial. We propose a method for selective disclosure and privacy-preserving revocation of digital credentials using second-order Elliptic Curves and Boneh-Lynn-Shacham (BLS) signatures. We make holders able to present proofs of possession of selected credentials without disclosing them, and we protect their presentations from replay attacks. Revocations may be distributed among multiple revocation issuers using publicly verifiable secret sharing (PVSS) and activated only by configurable consensus, ensuring robust protection against issuer corruption. Our system's unique design enables extremely fast revocation checks, even with large revocation lists, leveraging optimized hash map lookups. |
| 2024-06-27 | A Treatment of EIP-1559: Enhancing Transaction Fee Mechanism through Nth-Price Auction | Kun Li et.al. | 2406.18957 | With the widespread adoption of blockchain technology, the transaction fee mechanism (TFM) in blockchain systems has become a prominent research topic. An ideal TFM should satisfy user incentive compatibility (UIC), miner incentive compatibility (MIC), and miner-user side contract proofness ( |
| 2024-06-26 | From Tweet to Theft: Tracing the Flow of Stolen Cryptocurrency | Guglielmo Cola et.al. | 2406.18503 | This paper presents a case study of a cryptocurrency scam that utilized coordinated and inauthentic behavior on Twitter. In 2020, 143 accounts sold by an underground merchant were used to orchestrate a fake giveaway. Tweets pointing to a fake blog post lured victims into sending Uniswap tokens (UNI) to designated addresses on the Ethereum blockchain, with the false promise of receiving more tokens in return. Using one of the scammer's addresses and leveraging the transparency and immutability of the Ethereum blockchain, we traced the flow of stolen funds through various addresses, revealing the tactics adopted to obfuscate traceability. The final destination of the funds involved two deposit addresses. The first, managed by a well-known cryptocurrency exchange, was likely associated with the scammer's own account on that platform and saw deposits exceeding $3.5 million. The second address was linked to a popular cryptocurrency swap service. These findings highlight the critical need for more stringent measures to verify the source of funds and prevent illicit activities. |
| 2024-06-26 | Costly Signalling in DAOs | Darcy W. E. Allen et.al. | 2406.18457 | Decentralised Autonomous Organisations (DAOs) are a new type of digital organisation that uses blockchain infrastructure (e.g. smart contracts, tokens) to coordinate a group of people around a shared mission. Like all organisations, DAOs must attract sources of funding and other resources, and discover and retain a talented community and workforce. To do this, they must signal their true quality. Yet the characteristics of the environment that DAOs operate in (pseudonymous actors, global scale, permissionless entry and exit) makes this difficult. We apply costly signalling theory to explore the information asymmetry problem in DAOs and some of the strategies (behaviours and investments) and institutional solutions (including better signalling mechanisms) that have evolved to solve this problem. |
| 2024-06-26 | New intelligent empowerment for digital transformation | Peng Yifeng et.al. | 2406.18440 | This study proposes an innovative evaluation method based on large language models (LLMs) specifically designed to measure the digital transformation (DT) process of enterprises. By analyzing the annual reports of 4407 companies listed on the New York Stock Exchange and Nasdaq from 2005 to 2022, a comprehensive set of DT indicators was constructed. The findings revealed that DT significantly improves a company's financial performance, however, different digital technologies exhibit varying effects on financial performance. Specifically, blockchain technology has a relatively limited positive impact on financial performance. In addition, this study further discovered that DT can promote the growth of financial performance by enhancing operational efficiency and reducing costs. This study provides a novel DT evaluation tool for the academic community, while also expanding the application scope of generative artificial intelligence technology in economic research. |
| 2024-06-26 | Blockchain Based Zero-Knowledge Proof of Location in IoT | Wei Wu et.al. | 2406.18389 | With the development of precise positioning technology, a growing number of location-based services (LBSs) facilitate people's life. Most LBSs require proof of location (PoL) to prove that the user satisfies the service requirement, which exposes the user's privacy. In this paper, we propose a zero-knowledge proof of location (zk-PoL) protocol to better protect the user's privacy. With the zk-PoL protocol, the user can choose necessary information to expose to the server, so that hierarchical privacy protection can be achieved. The evaluation shows that the zk-PoL has excellent security to resist main attacks, moreover the computational efficiency is independent of input parameters and the zk-PoL is appropriate to delay-tolerant LBSs. |
| 2024-07-02 | Analysis of Channel Uncertainty in Trusted Wireless Services via Repeated Interactions | Bingwen Chen et.al. | 2406.18204 | The coexistence of heterogeneous sub-networks in 6G poses new security and trust concerns and thus calls for a perimeterless-security model. Blockchain radio access network (B-RAN) provides a trust-building approach via repeated interactions rather than relying on pre-established trust or central authentication. Such a trust-building process naturally supports dynamic trusted services across various service providers (SP) without the need for perimeter-based authentications; however, it remains vulnerable to environmental and system unreliability such as wireless channel uncertainty. In this study, we investigate channel unreliability in the trust-building framework based on repeated interactions for secure wireless services. We derive specific requirements for achieving cooperation between SP and client via a repeated game model and illustrate the implications of channel unreliability on sustaining trusted access services. We consider the framework optimization to guarantee SP-client cooperation, given a worst-case channel condition. Furthermore, we introduce the concept of cooperation region to represent the robustness of the trust-building process and explore the maximum cooperation area to enhance service resilience. Finally, we present simulations to demonstrate the system performance over fading channels and verify our results. |
| 2024-06-26 | A Communication Satellite Servises Based Decentralized Network Protocol | Xiao Yan et.al. | 2406.18032 | In this paper, we present a decentralized network protocol, Space Network Protocol, based on Communication Satellite Services. The protocol outlines a method for distributing information about the status of satellite communication services across the entire blockchain network, facilitating fairness and transparency in all communication services. Our primary objective is to standardize the services delivered by all satellite networks under the communication satellite protocol. This standard remains intact regardless of potential unreliability associated with the satellites or the terminal hardware. We proposed PoD (Proof of Distribution) to verify if the communication satellites are online and PoF (Proof of Flow) to authenticate the actual data flow provided by the communication satellites. In addition, we also proposed PoM (Proof of Mesh) to verify if the communication satellites have successfully meshed together. Utilizing zero-knowledge proof and multi-party cryptographic computations, we can evaluate the service provisioning parameters of each satellite, even in the presence of potential terminal or network node fraud. This method offers technical support for the modeling of distributed network services. |
| 2024-06-29 | Protecting the 'Stop Using My Data' Right through Blockchain-assisted Evidence Generation | Fan Zhang et.al. | 2406.17694 | In order to provide personalized services to users, Internet-based platforms collect and utilize user-generated behavioral data. Although the 'stop using my data' right should be a fundamental data right, which allows individuals to request their personal data to be no longer utilized by online platforms, the existing preventive data protection measures (e.g., cryptographic data elimination, differential privacy) are unfortunately not applicable. This work aims to develop the first Evidence Generation Framework for deterring post-acquisition data right violations. We formulated the 'stop using my data' problem, which captures a vantage facet of the multi-faceted notion of 'right to be forgotten'. We designed and implemented the first blockchain-assisted system to generate evidence for deterring the violations of the 'stop using my data' right. Our system employs a novel two-stage evidence generation protocol whose efficacy is ensured by a newly proposed Lemma. To validate our framework, we conducted a case study on recommendation systems with systematic evaluation experiments using two real-world datasets: the measured success rate exceeds 99%. |
| 2024-06-25 | VR-based Blockchain-enabled Data Visualization Framework For Manufacturing Industry | Nitol Saha et.al. | 2406.17207 | This research proposes a blockchain-based data visualization framework integrated with VR to get manufacturing insights. This framework is implemented at the testbed of the Future Factories Lab at the University of South Carolina. The proposed system aims to enhance understanding, analysis, and decision-making processes by immersing users in a VR environment where complex manufacturing data stored using blockchain is translated into intuitive and interactive representations. The project focuses on two main components: blockchain and VR. Hyperledger Fabric is employed to establish a blockchain network, recording data from the Future Factories testbed. This system captures information from various sources, such as potentiometers on robot grippers to measure grip positioning, load cells to gauge pressure, emergency stop buttons, temperature, speed, and vibration sensors on the conveyors. Whenever predefined conditions are met, pertinent data, including sensor ID, timestamp, value, cause, and importance, is securely recorded in the blockchain, signaling the occurrence of a defect within the cell. Data retrieved from the blockchain system is accessed through 'GET' API requests. A VR application is developed using a cross-platform Unity game engine to visualize the data retrieved from the blockchain database. Meta Quest 3 is used as the targeted Head Mounted VR device. The VR application has two C# scripts: one script to query blockchain data using 'GET' API calls and another script converts the JSON object to text data to visualize in the VR system. The proposed system leverages blockchain technology and VR visualization to deliver immersive, actionable insights using secure data transmission. By embracing the proposed framework, manufacturers can unlock new potential for efficiency, sustainability, and resilience in today's increasingly complex and interconnected manufacturing workplace. |
| 2024-06-24 | Robust Zero Trust Architecture: Joint Blockchain based Federated learning and Anomaly Detection based Framework | Shiva Raj Pokhrel et.al. | 2406.17172 | This paper introduces a robust zero-trust architecture (ZTA) tailored for the decentralized system that empowers efficient remote work and collaboration within IoT networks. Using blockchain-based federated learning principles, our proposed framework includes a robust aggregation mechanism designed to counteract malicious updates from compromised clients, enhancing the security of the global learning process. Moreover, secure and reliable trust computation is essential for remote work and collaboration. The robust ZTA framework integrates anomaly detection and trust computation, ensuring secure and reliable device collaboration in a decentralized fashion. We introduce an adaptive algorithm that dynamically adjusts to varying user contexts, using unsupervised clustering to detect novel anomalies, like zero-day attacks. To ensure a reliable and scalable trust computation, we develop an algorithm that dynamically adapts to varying user contexts by employing incremental anomaly detection and clustering techniques to identify and share local and global anomalies between nodes. Future directions include scalability improvements, Dirichlet process for advanced anomaly detection, privacy-preserving techniques, and the integration of post-quantum cryptographic methods to safeguard against emerging quantum threats. |
| 2024-08-02 | Competitive Policies for Online Collateral Maintenance | Ghada Almashaqbeh et.al. | 2406.17121 | Layer-two blockchain protocols emerged to address scalability issues related to fees, storage cost, and confirmation delay of on-chain transactions. They aggregate off-chain transactions into a fewer on-chain ones, thus offering immediate settlement and reduced transaction fees. To preserve security of the underlying ledger, layer-two protocols often work in a collateralized model; resources are committed on-chain to backup off-chain activities. A fundamental challenge that arises in this setup is determining a policy for establishing, committing, and replenishing the collateral in a way that maximizes the value of settled transactions. In this paper, we study this problem under two settings that model collateralized layer-two protocols. The first is a general model in which a party has an on-chain collateral C with a policy to decide on whether to settle or discard each incoming transaction. The policy also specifies when to replenish C based on the remaining collateral value. The second model considers a discrete setup in which C is divided among k wallets, each of which is of size C/k, such that when a wallet is full, and so cannot settle any incoming transactions, it will be replenished. We devise several online policies for these models, and show how competitive they are compared to optimal (offline) policies that have full knowledge of the incoming transaction stream. To the best of our knowledge, we are the first to study and formulate online competitive policies for collateral and wallet management in the blockchain setting. |
| 2024-07-01 | ammBoost: State Growth Control for AMMs | Nicholas Michel et.al. | 2406.17094 | Automated market makers (AMMs) are a form of decentralized cryptocurrency exchanges and considered a prime example of Decentralized Finance (DeFi) applications. Their popularity and high trading activity have resulted in millions of on-chain transactions leading to serious scalability issues. In this paper, we address the on-chain storage overhead problem of AMMs by utilizing a new sidechain architecture as a layer 2 solution, building a system called ammBoost. Our system reduces the amount of on-chain transactions, boosts throughput, and supports blockchain pruning. We devise several techniques to enable layer 2 processing for AMMs while preserving correctness and security of the underlying AMM. We also build a proof-of-concept of ammBoost for a Uniswap-inspired use case to empirically evaluate its performance. Our experiments show that ammBoost decreases the gas cost by 94.53% and the chain growth by at least 80%, and that it can support up to 500x of the daily traffic volume observed for Uniswap in practice. |
| 2024-06-24 | A Multi-Party, Multi-Blockchain Atomic Swap Protocol with Universal Adaptor Secret | Shengewei You et.al. | 2406.16822 | The increasing complexity of digital asset transactions across multiple blockchains necessitates a robust atomic swap protocol that can securely handle more than two participants. Traditional atomic swap protocols, including those based on adaptor signatures, are vulnerable to malicious dropout attacks, which break atomicity and compromise the security of the transaction. This paper presents a novel multi-party atomic swap protocol that operates almost entirely off-chain, requiring only a single on-chain transaction for finalization. Our protocol leverages Schnorr-like signature verification and a universal adaptor secret to ensure atomicity and scalability across any number of participants and blockchains without the need for smart contracts or trusted third parties. By addressing key challenges such as collusion attacks and malicious dropouts, our protocol significantly enhances the security and efficiency of multi-party atomic swaps. Our contributions include the first scalable, fully off-chain protocol for atomic swaps involving any number of participants, adding zero overhead to native blockchains, and providing a practical and cost-effective solution for decentralized asset exchanges. |
| 2024-06-24 | Towards Communication-Efficient Peer-to-Peer Networks | Khalid Hourani et.al. | 2406.16661 | We focus on designing Peer-to-Peer (P2P) networks that enable efficient communication. Over the last two decades, there has been substantial algorithmic research on distributed protocols for building P2P networks with various desirable properties such as high expansion, low diameter, and robustness to a large number of deletions. A key underlying theme in all of these works is to distributively build a \emph{random graph} topology that guarantees the above properties. Moreover, the random connectivity topology is widely deployed in many P2P systems today, including those that implement blockchains and cryptocurrencies. However, a major drawback of using a random graph topology for a P2P network is that the random topology does not respect the \emph{underlying} (Internet) communication topology. This creates a large \emph{propagation delay}, which is a major communication bottleneck in modern P2P networks. In this paper, we work towards designing P2P networks that are communication-efficient (having small propagation delay) with provable guarantees. Our main contribution is an efficient, decentralized protocol, |
| 2024-06-24 | Soley: Identification and Automated Detection of Logic Vulnerabilities in Ethereum Smart Contracts Using Large Language Models | Majd Soud et.al. | 2406.16244 | Modern blockchain, such as Ethereum, supports the deployment and execution of so-called smart contracts, autonomous digital programs with significant value of cryptocurrency. Executing smart contracts requires gas costs paid by users, which define the limits of the contract's execution. Logic vulnerabilities in smart contracts can lead to financial losses, and are often the root cause of high-impact cyberattacks. Our objective is threefold: (i) empirically investigate logic vulnerabilities in real-world smart contracts extracted from code changes on GitHub, (ii) introduce Soley, an automated method for detecting logic vulnerabilities in smart contracts, leveraging Large Language Models (LLMs), and (iii) examine mitigation strategies employed by smart contract developers to address these vulnerabilities in real-world scenarios. We obtained smart contracts and related code changes from GitHub. To address the first and third objectives, we qualitatively investigated available logic vulnerabilities using an open coding method. We identified these vulnerabilities and their mitigation strategies. For the second objective, we extracted various logic vulnerabilities, applied preprocessing techniques, and implemented and trained the proposed Soley model. We evaluated Soley along with the performance of various LLMs and compared the results with the state-of-the-art baseline on the task of logic vulnerability detection. From our analysis, we identified nine novel logic vulnerabilities, extending existing taxonomies with these vulnerabilities. Furthermore, we introduced several mitigation strategies extracted from observed developer modifications in real-world scenarios. Our Soley method outperforms existing methods in automatically identifying logic vulnerabilities. Interestingly, the efficacy of LLMs in this task was evident without requiring extensive feature engineering. |
| 2024-06-23 | Towards a Formal Foundation for Blockchain Rollups | Stefanos Chaliasos et.al. | 2406.16219 | link |
| 2024-06-23 | Privacy-Preserving and Trustworthy Localization in an IoT Environment | Guglielmo Zocca et.al. | 2406.16182 | The Internet of Things (IoT) is increasingly prevalent in various applications, such as healthcare and logistics. One significant service of IoT technologies that is essential for these applications is localization. The goal of this service is to determine the precise position of a specific target. The localization data often needs to be private, accessible only to specific entities, and must maintain authenticity and integrity to ensure trustworthiness. IoT technology has evolved significantly, with Ultra-Wide Band (UWB) technology enhancing localization speed and precision. However, IoT device security remains a concern, as devices can be compromised or act maliciously. Furthermore, localization data is typically stored centrally, which can also be a point of vulnerability. Our approach leverages the features of a permissioned blockchain, specifically Hyperledger Fabric, to address these challenges. Hyperledger Fabric's collection feature ensures data privacy, and its smart contracts (chaincode) enhance trustworthiness. We tested our solution using a network of devices known as CLOVES, demonstrating robust performance characteristics with UWB technology. Additionally, we evaluated our approach through an indoor localization use case. |
| 2024-06-23 | SmartAxe: Detecting Cross-Chain Vulnerabilities in Bridge Smart Contracts via Fine-Grained Static Analysis | Zeqin Liao et.al. | 2406.15999 | With the increasing popularity of blockchain, different blockchain platforms coexist in the ecosystem (e.g., Ethereum, BNB, EOSIO, etc.), which prompts the high demand for cross-chain communication. Cross-chain bridge is a specific type of decentralized application for asset exchange across different blockchain platforms. Securing the smart contracts of cross-chain bridges is in urgent need, as there are a number of recent security incidents with heavy financial losses caused by vulnerabilities in bridge smart contracts, as we call them Cross-Chain Vulnerabilities (CCVs). However, automatically identifying CCVs in smart contracts poses several unique challenges. Particularly, it is non-trivial to (1) identify application-specific access control constraints needed for cross-bridge asset exchange, and (2) identify inconsistent cross-chain semantics between the two sides of the bridge. In this paper, we propose SmartAxe, a new framework to identify vulnerabilities in cross-chain bridge smart contracts. Particularly, to locate vulnerable functions that have access control incompleteness, SmartAxe models the heterogeneous implementations of access control and finds necessary security checks in smart contracts through probabilistic pattern inference. Besides, SmartAxe constructs cross-chain control-flow graph (xCFG) and data-flow graph (xDFG), which help to find semantic inconsistency during cross-chain data communication. To evaluate SmartAxe, we collect and label a dataset of 88 CCVs from real-attacks cross-chain bridge contracts. Evaluation results show that SmartAxe achieves a precision of 84.95% and a recall of 89.77%. In addition, SmartAxe successfully identifies 232 new/unknown CCVs from 129 real-world cross-chain bridge applications (i.e., from 1,703 smart contracts). These identified CCVs affect a total amount of digital assets worth 1,885,250 USD. |
| 2024-06-23 | SmartState: Detecting State-Reverting Vulnerabilities in Smart Contracts via Fine-Grained State-Dependency Analysis | Zeqin Liao et.al. | 2406.15988 | Smart contracts written in Solidity are widely used in different blockchain platforms such as Ethereum, TRON and BNB Chain. One of the unique designs in Solidity smart contracts is its state-reverting mechanism for error handling and access control. Unfortunately, a number of recent security incidents showed that adversaries also utilize this mechanism to manipulate critical states of smart contracts, and hence, bring security consequences such as illegal profit-gain and Deny-of-Service (DoS). In this paper, we call such vulnerabilities as the State-reverting Vulnerability (SRV). Automatically identifying SRVs poses unique challenges, as it requires an in-depth analysis and understanding of the state-dependency relations in smart contracts. This paper presents SmartState, a new framework for detecting state-reverting vulnerability in Solidity smart contracts via fine-grained state-dependency analysis. SmartState integrates a set of novel mechanisms to ensure its effectiveness. Particularly, Smart-State extracts state dependencies from both contract bytecode and historical transactions. Both of them are critical for inferring dependencies related to SRVs. Further, SmartState models the generic patterns of SRVs (i.e., profit-gain and DoS) as SRV indicators, and hence effectively identify SRVs based on the constructed state-dependency graph. To evaluate SmartState, we manually annotated a ground-truth dataset which contains 91 SRVs in the real world. Evaluation results showed that SmartState achieves a precision of 87.23% and a recall of 89.13%. In addition, SmartState successfully identifies 406 new SRVs from 47,351 real-world smart contracts. 11 of these SRVs are from popular smart contracts with high transaction amounts (i.e., top 2000). In total, our reported SRVs affect a total amount of digital assets worth 428,600 USD. |
| 2024-06-17 | Blockchain for Academic Integrity: Developing the Blockchain Academic Credential Interoperability Protocol (BACIP) | Juan A. Berrios Moya et.al. | 2406.15482 | This research introduces the Blockchain Academic Credential Interoperability Protocol (BACIP), designed to significantly enhance the security, privacy, and interoperability of verifying academic credentials globally, addressing the widespread issue of academic fraud. BACIP integrates dual blockchain architecture, smart contracts, and zero-knowledge proofs to offer a scalable and transparent framework aimed at reducing fraud and improving the mobility and opportunities for students and professionals worldwide. The research methodology adopts a mixed-methods approach, involving a rigorous review of pertinent literature and systematic integration of advanced technological components. This includes both qualitative and quantitative analyses that underpin the development of a universally compatible system. Preliminary evaluations suggest that BACIP could enhance verification efficiency and bolster security against tampering and unauthorized access. While the theoretical framework and practical implementations have laid a solid foundation, the protocol's real-world efficacy awaits empirical validation in a production environment. Future research will focus on deploying a prototype, establishing robust validation policies, and defining precise testing parameters. This critical phase is indispensable for a thorough assessment of BACIP's operational robustness and its compliance with international educational standards. This work contributes significantly to the academic field by proposing a robust model for managing and safeguarding academic credentials, thus laying a strong foundation for further innovation in credential verification using blockchain technology. |
| 2024-08-07 | SoK: Attacks on DAOs | Rainer Feichtinger et.al. | 2406.15071 | link |
| 2024-06-21 | AIGC-Chain: A Blockchain-Enabled Full Lifecycle Recording System for AIGC Product Copyright Management | Jiajia Jiang et.al. | 2406.14966 | As artificial intelligence technology becomes increasingly prevalent, Artificial Intelligence Generated Content (AIGC) is being adopted across various sectors. Although AIGC is playing an increasingly significant role in business and culture, questions surrounding its copyright have sparked widespread debate. The current legal framework for copyright and intellectual property is grounded in the concept of human authorship, but in the creation of AIGC, human creators primarily provide conceptual ideas, with AI independently responsible for the expressive elements. This disconnect creates complexity and difficulty in determining copyright ownership under existing laws. Consequently, it is imperative to reassess the intellectual contributions of all parties involved in the creation of AIGC to ensure a fair allocation of copyright ownership. To address this challenge, we introduce AIGC-Chain, a blockchain-enabled full lifecycle recording system designed to manage the copyright of AIGC products. It is engineered to meticulously document the entire lifecycle of AIGC products, providing a transparent and dependable platform for copyright management. Furthermore, we propose a copyright tracing method based on an Indistinguishable Bloom Filter, named IBFT, which enhances the efficiency of blockchain transaction queries and significantly reduces the risk of fraudulent copyright claims for AIGC products. In this way, auditors can analyze the copyright of AIGC products by reviewing all relevant information retrieved from the blockchain. |
| 2024-06-20 | SeCTIS: A Framework to Secure CTI Sharing | Dincy R. Arikkat et.al. | 2406.14102 | The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. As a growing number of organizations include smart, interconnected devices in their systems to automate their processes, the attack surface becomes much bigger, and the complexity and frequency of attacks pose a significant threat. Consequently, organizations have been compelled to seek innovative approaches to mitigate the menaces inherent in their infrastructure. In response, considerable research efforts have been directed towards creating effective solutions for sharing Cyber Threat Intelligence (CTI). Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to leaks of both proprietary and confidential data. To tackle this problem, we designed a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing), integrating Swarm Learning and Blockchain technologies to enable businesses to collaborate, preserving the privacy of their CTI data. Moreover, our approach provides a way to assess the data and model quality, and the trustworthiness of all the participants leveraging some validators through Zero Knowledge Proofs. An extensive experimental campaign demonstrates our framework's correctness and performance, and the detailed attack model discusses its robustness against attacks in the context of data and model quality. |
| 2024-06-19 | Advancing Blockchain Scalability: An Introduction to Layer 1 and Layer 2 Solutions | Han Song et.al. | 2406.13855 | Bitcoin rise has put blockchain technology into the mainstream, amplifying its potential and broad utility. While Bitcoin has become incredibly famous, its transaction rate has not match such a corresponding increase. It still takes approximately 10 minutes to mine a block and add it to the chain. This limitation highlights the importance of seeking scale-up solutions that solve the low throughput transaction rates. Blockchain's consensus mechanisms make peer-to-peer transactions becomes feasible and effectively eliminate the need for centralized control. However, the decentralized systems also causes a lower speed and throughput compared to centralized networks as we mentioned Bitcoin's block creation rates. Two mainstreams scale-up solutions, Layer 1 scale-up and Layer 2 scale-up have been implemented to address these issues. Layer 1 level scalability enhancements happen at where traditional blockchain operates. This paper provides a deep examination of the components of the Layer 1 protocol and the scale-up methods that directly improve the lower level blockchain. We also address that Layer 1 solutions encounter inherent limitations although improvements were applied due to layer 1 storage costs and latency are high. In addition, we discuss layer 2 protocols, advanced scalability techniques, that elevate blockchain performance by handling transactions off the mainnet. Our findings indicate that Layer 2 protocols, with their various implementations such as rollups and channels, significantly outperform Layer 1 solutions in terms of transaction throughput and efficiency. This paper discusses these Layer 2 scaling methods in detail, aiming to provide readers with a comprehensive understanding of these protocols and the underlying logic that drives their effectiveness. |
| 2024-06-19 | Defying the Odds: Solana's Unexpected Resilience in Spite of the Security Challenges Faced by Developers | SĂ©bastien Andreina et.al. | 2406.13599 | Solana gained considerable attention as one of the most popular blockchain platforms for deploying decentralized applications. Compared to Ethereum, however, we observe a lack of research on how Solana smart contract developers handle security, what challenges they encounter, and how this affects the overall security of the ecosystem. To address this, we conducted the first comprehensive study on the Solana platform consisting of a 90-minute Solana smart contract code review task with 35 participants followed by interviews with a subset of seven participants. Our study shows, quite alarmingly, that none of the participants could detect all important security vulnerabilities in a code review task and that 83% of the participants are likely to release vulnerable smart contracts. Our study also sheds light on the root causes of developers' challenges with Solana smart contract development, suggesting the need for better security guidance and resources. In spite of these challenges, our automated analysis on currently deployed Solana smart contracts surprisingly suggests that the prevalence of vulnerabilities - especially those pointed out as the most challenging in our developer study - is below 0.3%. We explore the causes of this counter-intuitive resilience and show that frameworks, such as Anchor, are aiding Solana developers in deploying secure contracts. |
| 2024-06-19 | MEV Ecosystem Evolution From Ethereum 1.0 | Rasheed et.al. | 2406.13585 | Smart contracts led to the emergence of the decentralized finance (DeFi) marketplace within blockchain ecosystems, where diverse participants engage in financial activities. In traditional finance, there are possibilities to create values, e.g., arbitrage offers to create value from market inefficiencies or front-running offers to extract value for the participants having privileged roles. Such opportunities are readily available -- searching programmatically in DeFi. It is commonly known as Maximal Extractable Value (MEV) in the literature. In this survey, first, we show how lucrative such opportunities can be. Next, we discuss how protocol-following participants trying to capture such opportunities threaten to sabotage blockchain's performance and the core tenets of decentralization, transparency, and trustlessness that blockchains are based on. Then, we explain different attempts by the community in the past to address these issues and the problems introduced by these solutions. Finally, we review the current state of research trying to restore trustlessness and decentralization to provide all DeFi participants with a fair marketplace. |
| 2024-06-19 | DCS Chain: A Flexible Private Blockchain System | Jianwu Zheng et.al. | 2406.12376 | Blockchain technology has seen tremendous development over the past few years. Despite the emergence of numerous blockchain systems, they all suffer from various limitations, which can all be attributed to the fundamental issue posed by the DCS trilemma. In light of this, this work introduces a novel private blockchain system named DCS Chain. The core idea is to quantify the DCS metrics and dynamically adjust the blockchain's performance across these three dimensions, to achieve theoretically optimal system performance. Overall, our system provides a comprehensive suite of blockchain essentials, including DCS quantification, consensus protocol adjustment, and communication network simulation. |
| 2024-06-18 | W2E (Workout to Earn): A Low Cost DApp based on ERC-20 and ERC-721 standards | Do Hai Son et.al. | 2406.12244 | link |
| 2024-06-18 | Block Circulant Codes with Application to Decentralized Systems | Birenjith Sasidharan et.al. | 2406.12160 | The structure of linear dependence relations between coded symbols of a linear code, irrespective of specific coefficients involved, is referred to as the {\em topology} of the code. The specification of coefficients is referred to as an {\em instantiation} of the topology. In this paper, we propose a new block circulant topology |
| 2024-06-17 | Secure Cross-Chain Provenance for Digital Forensics Collaboration | Asma Jodeiri Akbarfam et.al. | 2406.11729 | In digital forensics and various sectors like medicine and supply chain, blockchains play a crucial role in providing a secure and tamper-resistant system that meticulously records every detail, ensuring accountability. However, collaboration among different agencies, each with its own blockchains, creates challenges due to diverse protocols and a lack of interoperability, hindering seamless information sharing. Cross-chain technology has been introduced to address these challenges. Current research about blockchains in digital forensics, tends to focus on individual agencies, lacking a comprehensive approach to collaboration and the essential aspect of cross-chain functionality. This emphasizes the necessity for a framework capable of effectively addressing challenges in securely sharing case information, implementing access controls, and capturing provenance data across interconnected blockchains. Our solution, ForensiCross, is the first cross-chain solution specifically designed for digital forensics and provenance. It includes BridgeChain and features a unique communication protocol for cross-chain and multi-chain solutions. ForensiCross offers meticulous provenance capture and extraction methods, mathematical analysis to ensure reliability, scalability considerations for a distributed intermediary in collaborative blockchain contexts, and robust security measures against potential vulnerabilities and attacks. Analysis and evaluation results indicate that ForensiCross is secure and, despite a slight increase in communication time, outperforms in node count efficiency and has secure provenance extraction. As an all-encompassing solution, ForensiCross aims to simplify collaborative investigations by ensuring data integrity and traceability. |
| 2024-06-17 | RO-SVD: A Reconfigurable Hardware Copyright Protection Framework for AIGC Applications | Zhuoheng Ran et.al. | 2406.11536 | The dramatic surge in the utilisation of generative artificial intelligence (GenAI) underscores the need for a secure and efficient mechanism to responsibly manage, use and disseminate multi-dimensional data generated by artificial intelligence (AI). In this paper, we propose a blockchain-based copyright traceability framework called ring oscillator-singular value decomposition (RO-SVD), which introduces decomposition computing to approximate low-rank matrices generated from hardware entropy sources and establishes an AI-generated content (AIGC) copyright traceability mechanism at the device level. By leveraging the parallelism and reconfigurability of field-programmable gate arrays (FPGAs), our framework can be easily constructed on existing AI-accelerated devices and provide a low-cost solution to emerging copyright issues of AIGC. We developed a hardware-software (HW/SW) co-design prototype based on comprehensive analysis and on-board experiments with multiple AI-applicable FPGAs. Using AI-generated images as a case study, our framework demonstrated effectiveness and emphasised customisation, unpredictability, efficiency, management and reconfigurability. To the best of our knowledge, this is the first practical hardware study discussing and implementing copyright traceability specifically for AI-generated content. |
| 2024-09-20 | Lifecycle Management of Resumés with Decentralized Identifiers and Verifiable Credentials | Patrick Herbke et.al. | 2406.11535 | Trust in applications is crucial, especially for fast and efficient hiring processes. Applicants must present credentials that employers can trust without delays or risk of fraudulent information. This paper introduces a framework for managing digital resum'e credentials using Decentralized Identifiers and Verifiable Credentials. We propose a framework for the issuance and verification of Verifiable Credentials in real time without intermediaries. We showcase the integration of the European Blockchain Service Infrastructure as a trust anchor. Furthermore, we demonstrate a streamlined application process, reducing verification times and fostering a reliable credentialing ecosystem across various sectors, including recruitment and professional certification. |
| 2024-09-20 | Decentralized Credential Status Management: A Paradigm Shift in Digital Trust | Patrick Herbke et.al. | 2406.11511 | Public key infrastructures are essential for Internet security, ensuring robust certificate management and revocation mechanisms. The transition from centralized to decentralized systems presents challenges such as trust distribution and privacy-preserving credential management. The transition from centralized to decentralized systems is motivated by addressing the single points of failure inherent in centralized systems and leveraging decentralized technologies' transparency and resilience. This paper explores the evolution of certificate status management from centralized to decentralized frameworks, focusing on blockchain technology and advanced cryptography. We provide a taxonomy of the challenges of centralized systems and discuss opportunities provided by existing decentralized technologies. Our findings reveal that, although blockchain technologies enhance security and trust distribution, they represent a bottleneck for parallel computation and face inefficiencies in cryptographic computations. For this reason, we propose a framework of decentralized technology components that addresses such shortcomings to advance the paradigm shift toward decentralized credential status management. |
| 2024-09-02 | DIDChain: Advancing Supply Chain Data Management with Decentralized Identifiers and Blockchain | Patrick Herbke et.al. | 2406.11356 | Supply chain data management faces challenges in traceability, transparency, and trust. These issues stem from data silos and communication barriers. This research introduces DIDChain, a framework leveraging blockchain technology, Decentralized Identifiers, and the InterPlanetary File System. DIDChain improves supply chain data management. To address privacy concerns, DIDChain employs a hybrid blockchain architecture that combines public blockchain transparency with the control of private systems. Our hybrid approach preserves the authenticity and reliability of supply chain events. It also respects the data privacy requirements of the participants in the supply chain. Central to DIDChain is the cheqd infrastructure. The cheqd infrastructure enables digital tracing of asset events, such as an asset moving from the milk-producing dairy farm to the cheese manufacturer. In this research, assets are raw materials and products. The cheqd infrastructure ensures the traceability and reliability of assets in the management of supply chain data. Our contribution to blockchain-enabled supply chain systems demonstrates the robustness of DIDChain. Integrating blockchain technology through DIDChain offers a solution to data silos and communication barriers. With DIDChain, we propose a framework to transform the supply chain infrastructure across industries. |
| 2024-06-15 | Nurgle: Exacerbating Resource Consumption in Blockchain State Storage via MPT Manipulation | Zheyuan He et.al. | 2406.10687 | Blockchains, with intricate architectures, encompass various components, e.g., consensus network, smart contracts, decentralized applications, and auxiliary services. While offering numerous advantages, these components expose various attack surfaces, leading to severe threats to blockchains. In this study, we unveil a novel attack surface, i.e., the state storage, in blockchains. The state storage, based on the Merkle Patricia Trie, plays a crucial role in maintaining blockchain state. Besides, we design Nurgle, the first Denial-of-Service attack targeting the state storage. By proliferating intermediate nodes within the state storage, Nurgle forces blockchains to expend additional resources on state maintenance and verification, impairing their performance. We conduct a comprehensive and systematic evaluation of Nurgle, including the factors affecting it, its impact on blockchains, its financial cost, and practically demonstrating the resulting damage to blockchains. The implications of Nurgle extend beyond the performance degradation of blockchains, potentially reducing trust in them and the value of their cryptocurrencies. Additionally, we further discuss three feasible mitigations against Nurgle. At the time of writing, the vulnerability exploited by Nurgle has been confirmed by six mainstream blockchains, and we received thousands of USD bounty from them. |
| 2024-07-31 | Reward Schemes and Committee Sizes in Proof of Stake Governance | Georgios Birmpas et.al. | 2406.10525 | In this paper, we investigate the impact of reward schemes and committee sizes motivated by governance systems over blockchain communities. We introduce a model for elections with a binary outcome space where there is a ground truth (i.e., a "correct" outcome), and where stakeholders can only choose to delegate their voting power to a set of delegation representatives (DReps). Moreover, the effort (cost) invested by each DRep positively influences both (i) her ability to vote correctly and (ii) the total delegation that she attracts, thereby increasing her voting power. This model constitutes the natural counterpart of delegated proof-of-stake (PoS) protocols, where delegated stakes are used to elect the block builders. As a way to motivate the representatives to exert effort, a reward scheme can be used based on the delegation attracted by each DRep. We analyze both the game-theoretic aspects and the optimization counterpart of this model. Our primary focus is on selecting a committee that maximizes the probability of reaching the correct outcome, given a fixed monetary budget allocated for rewarding the delegates. Our findings provide insights into the design of effective reward mechanisms and optimal committee structures (i.e., how many DReps are enough) in these PoS-like governance systems. |
| 2024-07-11 | Optimal Sharding for Scalable Blockchains with Deconstructed SMR | Jianting Zhang et.al. | 2406.08252 | link |
| 2024-06-12 | Conference Proceedings of The European DAO Workshop 2024 | Florian Spychiger et.al. | 2406.08110 | The European DAO Workshop 2024 held on July 4th/5th in Winterthur, Switzerland aims to explore the challenges and opportunities of Decentralized Autonomous Organizations (DAOs). Its goal is to foster innovation and knowledge transfer between academics and practitioners to advance DAOs as a new organizational structure. This collection of full papers delves into areas such as decentralized decision-making, business models, artificial intelligence, economics, and legal challenges for DAOs. This diverse compilation offers a multi-disciplinary examination of the rapidly growing phenomenon of DAOs that are based on blockchain technology. |
| 2024-06-11 | Scalable UTXO Smart Contracts via Fine-Grained Distributed State | Massimo Bartoletti et.al. | 2406.07700 | Current UTXO-based smart contracts face an efficiency bottleneck, requiring any transaction sent to a contract to specify the entire updated contract state. This requirement becomes particularly burdensome when the contract state contains dynamic data structures, such as maps, which are needed in many use cases for tracking users interactions with the contract. The problem is twofold: on the one hand, a large state in transactions implies a large transaction fee; on the other hand, a large centralized state is detrimental to the parallelization of transactions, which should be one of the main selling points of UTXO-based blockchains compared to account-based ones. We propose a technique to efficiently execute smart contracts on an extended UTXO blockchain, which allows the contract state to be distributed across multiple UTXOs. In this way, transactions only need to specify the part of the state they need to access, reducing their size (and fees). We also show how to exploit our model to parallelize the validation of transactions on multi-core CPUs. We implement our technique and provide an empirical validation of its effectiveness. |
| 2024-07-04 | Unlocking the Potential of Metaverse in Innovative and Immersive Digital Health | Fatemeh Ebrahimzadeh et.al. | 2406.07114 | The concept of Metaverse has attracted a lot of attention in various fields and one of its important applications is health and treatment. The Metaverse has enormous potential to transform healthcare by changing patient care, medical education, and the way teaching/learning and research are done. The purpose of this research is to provide an introduction to the basic concepts and fundamental technologies of the Metaverse. This paper examines the pros and cons of the Metaverse in healthcare context and analyzes its potential from the technology and AI perspective. In particular, the role of machine learning methods is discussed; We will explain how machine learning algorithms can be applied to the Metaverse generated data to gain better insights in healthcare applications. Additionally, we examine the future visions of the Metaverse in health delivery, by examining emerging technologies such as blockchain and also addressing privacy concerns. The findings of this study contribute to a deeper understanding of the applications of Metaverse in healthcare and its potential to revolutionize the delivery of medical services. |
| 2024-06-10 | Gas Fees on the Ethereum Blockchain: From Foundations to Derivatives Valuations | Bernhard K Meister et.al. | 2406.06524 | The gas fee, paid for inclusion in the blockchain, is analyzed in two parts. First, we consider how effort in terms of resources required to process and store a transaction turns into a gas limit, which, through a fee, comprised of the base and priority fee in the current version of Ethereum, is converted into the cost paid by the user. We hew closely to the Ethereum protocol to simplify the analysis and to constrain the design choices when considering multidimensional gas. Second, we assume that the gas price is given deus ex machina by a fractional Ornstein-Uhlenbeck process and evaluate various derivatives. These contracts can, for example, mitigate gas cost volatility. The ability to price and trade forwards besides the existing spot inclusion into the blockchain could be beneficial. |
| 2024-06-10 | Should my Blockchain Learn to Drive? A Study of Hyperledger Fabric | Jeeta Ann Chacko et.al. | 2406.06318 | Similar to other transaction processing frameworks, blockchain systems need to be dynamically reconfigured to adapt to varying workloads and changes in network conditions. However, achieving optimal reconfiguration is particularly challenging due to the complexity of the blockchain stack, which has diverse configurable parameters. This paper explores the concept of self-driving blockchains, which have the potential to predict workload changes and reconfigure themselves for optimal performance without human intervention. We compare and contrast our discussions with existing research on databases and highlight aspects unique to blockchains. We identify specific parameters and components in Hyperledger Fabric, a popular permissioned blockchain system, that are suitable for autonomous adaptation and offer potential solutions for the challenges involved. Further, we implement three demonstrative locally autonomous systems, each targeting a different layer of the blockchain stack, and conduct experiments to understand the feasibility of our findings. Our experiments indicate up to 11% improvement in success throughput and a 30% decrease in latency, making this a significant step towards implementing a fully autonomous blockchain system in the future. |
| 2024-09-15 | Aegis: A Decentralized Expansion Blockchain | Yogev Bar-On et.al. | 2406.05904 | Blockchains implement monetary systems operated by committees of nodes. The robustness of established blockchains presents an opportunity to leverage their infrastructure for creating expansion chains. Expansion chains can provide additional functionality to the primary chain they leverage or implement separate functionalities, while benefiting from the primary chain's security and the stability of its tokens. Indeed, tools like Ethereum's EigenLayer enable nodes to stake (deposit collateral) on a primary chain to form a committee responsible for operating an expansion chain. But here is the rub. Classical protocols assume correct, well-behaved nodes stay correct indefinitely. Yet in our case, the stake incentivizes correctness--it will be slashed (revoked) if its owner deviates. Once a node withdraws its stake, there is no basis to assume its correctness. To address the new challenge, we present Aegis, an expansion chain based on primary-chain stake, assuming a bounded primary-chain write time. Aegis uses references from Aegis blocks to primary blocks to define committees, checkpoints on the primary chain to perpetuate decisions, and resets on the primary chain to establish a new committee if the previous one becomes obsolete. It ensures safety at all times and rapid progress when latency among Aegis nodes is low. |
| 2024-06-09 | Demystifying the Characteristics for Smart Contract Upgrades | Ye Liu et.al. | 2406.05712 | Upgradable smart contracts play an important role in the decentralized application ecosystem, to support routine maintenance, security patching, and feature additions. In this paper, we conduct an empirical study on proxy-based upgradable smart contracts to understand the characteristics of contract upgrading. Through our study on 57,118 open source proxy contracts, we found that 583 contracts have ever been upgraded on Ethereum, involving 973 unique implementation contract versions. The results show that developers often intend to improve usability of contracts if upgrading, where functionality addition and update are the most frequent upgrade intentions. We investigated the practical impacts of contract upgrades, e.g., breaking changes causing compatibility issues, storage collisions and initialization risks leading to security vulnerabilities. The results demonstrate that there are 4,334 ABI breaking changes due to the upgrades of 276 proxies, causing real-world broken usages within 584 transactions witnessed by the blockchain; 36 contract upgrades had storage collisions and five proxies with 59 implementation contracts are vulnerable to initialization attacks. |
| 2024-09-10 | SAMM: Sharded Automated Market Maker | Hongyin Chen et.al. | 2406.05568 | Automated Market Makers (AMMs) are a cornerstone of decentralized finance. They are smart contracts (stateful programs) running on blockchains. They enable virtual token exchange: Traders swap tokens with the AMM for a fee, while liquidity providers supply liquidity and earn these fees. Demand for AMMs is growing rapidly, but our experiment-based estimates show that current architectures cannot meet the projected demand by 2029. This is because the execution of existing AMMs is non-parallelizable. We present SAMM, an AMM comprising multiple shards. All shards are AMMs running on the same chain, but their independence enables parallel execution. Unlike classical sharding solutions, here security relies on incentive compatibility. Therefore, SAMM introduces a novel fee design. Through analysis of Subgame-Perfect Nash Equilibria (SPNE), we show that SAMM incentivizes the desired behavior: Liquidity providers balance liquidity among all shards, overcoming destabilization attacks, and trades are evenly distributed. We validate our game-theoretic analysis with a simulation using real-world data. We evaluate SAMM by implementing and deploying it on local testnets of the Sui and Solana blockchains. To our knowledge, this is the first quantification of ``hot-contract'' performance. SAMM improves throughput by 5x and 16x, respectively, potentially more with better parallelization of the underlying blockchains. It is directly deployable, mitigating the upcoming scaling bottleneck. |
| 2024-06-08 | Blockchain Integrated Federated Learning in Edge-Fog-Cloud Systems for IoT based Healthcare Applications A Survey | Shinu M. Rajagopal et.al. | 2406.05517 | Modern Internet of Things (IoT) applications generate enormous amounts of data, making data-driven machine learning essential for developing precise and reliable statistical models. However, data is often stored in silos, and strict user-privacy legislation complicates data utilization, limiting machine learning's potential in traditional centralized paradigms due to diverse data probability distributions and lack of personalization. Federated learning, a new distributed paradigm, supports collaborative learning while preserving privacy, making it ideal for IoT applications. By employing cryptographic techniques, IoT systems can securely store and transmit data, ensuring consistency. The integration of federated learning and blockchain is particularly advantageous for handling sensitive data, such as in healthcare. Despite the potential of these technologies, a comprehensive examination of their integration in edge-fog-cloud-based IoT computing systems and healthcare applications is needed. This survey article explores the architecture, structure, functions, and characteristics of federated learning and blockchain, their applications in various computing paradigms, and evaluates their implementations in healthcare. |
| 2024-06-04 | CredSec: A Blockchain-based Secure Credential Management System for University Adoption | Md. Ahsan Habib et.al. | 2406.05151 | University education play a critical role in shaping intellectual and professional development of the individuals and contribute significantly to the advancement of knowledge and society. Generally, university authority has a direct control of students result making and stores the credential in their local dedicated server. So, there is chance to alter the credential and also have a very high possibility to encounter various threats and different security attacks. To resolve these, we propose a blockchain based secure credential management system (BCMS) for efficiently storing, managing and recovering credential without involving the university authority. The proposed BCMS incorporates a modified two factor encryption (m2FE) technique, a combination of RSA cryptosystem and a DNA encoding to ensure credential privacy and an enhanced authentication scheme for teachers and students. Besides, to reduce size of the cipher credential and its conversion time, we use character to integer (C2I) table instead of ASCII table. Finally, the experimental result and analysis of the BCMS illustrate the effectiveness over state of the art works. |
| 2024-06-10 | Optimizing Exit Queues for Proof-of-Stake Blockchains: A Mechanism Design Approach | Michael Neuder et.al. | 2406.05124 | Byzantine fault-tolerant consensus protocols have provable safety and liveness properties for static validator sets. In practice, however, the validator set changes over time, potentially eroding the protocol's security guarantees. For example, systems with accountable safety may lose some of that accountability over time as adversarial validators exit. As a result, protocols must rate limit entry and exit so that the set changes slowly enough to ensure security. Here, the system designer faces a fundamental trade-off. Slower exits increase friction, making it less attractive to stake in the first place. Faster exits provide more utility to stakers but weaken the protocol's security. This paper provides the first systematic study of exit queues for Proof-of-Stake blockchains. Given a collection of validator-set consistency constraints imposed by the protocol, the social planner's goal is to provide a constrained-optimal mechanism that minimizes disutility for the participants. We introduce the MINSLACK mechanism, a dynamic capacity first-come-first-served queue in which the amount of stake that can exit in a period depends on the number of previous exits and the consistency constraints. We show that MINSLACK is optimal when stakers equally value the processing of their withdrawal. When stakers values are heterogeneous, the optimal mechanism resembles a priority queue with dynamic capacity. However, this mechanism must reserve exit capacity for the future in case a staker with a much higher need for liquidity arrives. We conclude with a survey of known consistency constraints and highlight the diversity of existing exit mechanisms. |
| 2024-06-07 | When Swarm Learning meets energy series data: A decentralized collaborative learning design based on blockchain | Lei Xu et.al. | 2406.04743 | Machine learning models offer the capability to forecast future energy production or consumption and infer essential unknown variables from existing data. However, legal and policy constraints within specific energy sectors render the data sensitive, presenting technical hurdles in utilizing data from diverse sources. Therefore, we propose adopting a Swarm Learning (SL) scheme, which replaces the centralized server with a blockchain-based distributed network to address the security and privacy issues inherent in Federated Learning (FL)'s centralized architecture. Within this distributed Collaborative Learning framework, each participating organization governs nodes for inter-organizational communication. Devices from various organizations utilize smart contracts for parameter uploading and retrieval. Consensus mechanism ensures distributed consistency throughout the learning process, guarantees the transparent trustworthiness and immutability of parameters on-chain. The efficacy of the proposed framework is substantiated across three real-world energy series modeling scenarios with superior performance compared to Local Learning approaches, simultaneously emphasizing enhanced data security and privacy over Centralized Learning and FL method. Notably, as the number of data volume and the count of local epochs increases within a threshold, there is an improvement in model performance accompanied by a reduction in the variance of performance errors. Consequently, this leads to an increased stability and reliability in the outcomes produced by the model. |
| 2024-06-07 | Unveiling Dynamics and Patterns: A Comprehensive Analysis of Spreading Patterns and Similarities in Low-Labelled Ransomware Families | Francesco Zola et.al. | 2406.04719 | Ransomware has become one of the most widespread threats, primarily due to its easy deployment and the accessibility to services that enable attackers to raise and obfuscate funds. This latter aspect has been significantly enhanced with the advent of cryptocurrencies, which, by fostering decentralisation and anonymity, have transformed this threat into a large-scale outbreak. However, recent reports indicate that a small group of individuals dominate the ransomware ecosystem and try to obfuscate their activity using multiple strains characterised by a short time to live. This scenario suggests that different strains could share mechanisms in ransom collection, fund movement, and money laundering operations. For this reason, this study aims to analyse the address-transaction graphs generated in the Bitcoin network by low-labelled ransomware families. Our goals are to identify payment spreading patterns for evaluating the evolution of ransomware families and to detect similarities among different strains that potentially can be controlled by the same attacker. Specifically, this latter task assigns an address behaviour to each node in the address-transaction graphs according to its dynamics. The distribution of the behaviours in each strain is finally used to evaluate the closeness among different ransomware families. Our findings show that although ransomware families can quickly establish connections with millions of addresses, numerous families require multiple-step analysis. Furthermore, the study demonstrates that the introduced behaviours can effectively be used to highlight similarities among different ransomware strains. The outcome shows that families are similar primarily due to behaviours usually associated with ransom collection and money laundering operations.+ |
| 2024-06-07 | Marking the Pace: A Blockchain-Enhanced Privacy-Traceable Strategy for Federated Recommender Systems | Zhen Cai et.al. | 2406.04702 | Federated recommender systems have been crucially enhanced through data sharing and continuous model updates, attributed to the pervasive connectivity and distributed computing capabilities of Internet of Things (IoT) devices. Given the sensitivity of IoT data, transparent data processing in data sharing and model updates is paramount. However, existing methods fall short in tracing the flow of shared data and the evolution of model updates. Consequently, data sharing is vulnerable to exploitation by malicious entities, raising significant data privacy concerns, while excluding data sharing will result in sub-optimal recommendations. To mitigate these concerns, we present LIBERATE, a privacy-traceable federated recommender system. We design a blockchain-based traceability mechanism, ensuring data privacy during data sharing and model updates. We further enhance privacy protection by incorporating local differential privacy in user-server communication. Extensive evaluations with the real-world dataset corroborate LIBERATE's capabilities in ensuring data privacy during data sharing and model update while maintaining efficiency and performance. Results underscore blockchain-based traceability mechanism as a promising solution for privacy-preserving in federated recommender systems. |
| 2024-06-06 | Federated TrustChain: Blockchain-Enhanced LLM Training and Unlearning | Xuhan Zuo et.al. | 2406.04076 | The development of Large Language Models (LLMs) faces a significant challenge: the exhausting of publicly available fresh data. This is because training a LLM needs a large demanding of new data. Federated learning emerges as a promising solution, enabling collaborative model to contribute their private data to LLM global model. However, integrating federated learning with LLMs introduces new challenges, including the lack of transparency and the need for effective unlearning mechanisms. Transparency is essential to ensuring trust and fairness among participants, while accountability is crucial for deterring malicious behaviour and enabling corrective actions when necessary. To address these challenges, we propose a novel blockchain-based federated learning framework for LLMs that enhances transparency, accountability, and unlearning capabilities. Our framework leverages blockchain technology to create a tamper-proof record of each model's contributions and introduces an innovative unlearning function that seamlessly integrates with the federated learning mechanism. We investigate the impact of Low-Rank Adaptation (LoRA) hyperparameters on unlearning performance and integrate Hyperledger Fabric to ensure the security, transparency, and verifiability of the unlearning process. Through comprehensive experiments and analysis, we showcase the effectiveness of our proposed framework in achieving highly effective unlearning in LLMs trained using federated learning. Our findings highlight the feasibility of integrating blockchain technology into federated learning frameworks for LLMs. |
| 2024-06-06 | FACOS: Enabling Privacy Protection Through Fine-Grained Access Control with On-chain and Off-chain System | Chao Liu et.al. | 2406.03695 | link |
| 2024-07-29 | Fantastyc: Blockchain-based Federated Learning Made Secure and Practical | William Boitier et.al. | 2406.03608 | Federated Learning is a decentralized framework that enables multiple clients to collaboratively train a machine learning model under the orchestration of a central server without sharing their local data. The centrality of this framework represents a point of failure which is addressed in literature by blockchain-based federated learning approaches. While ensuring a fully-decentralized solution with traceability, such approaches still face several challenges about integrity, confidentiality and scalability to be practically deployed. In this paper, we propose Fantastyc, a solution designed to address these challenges that have been never met together in the state of the art. |
| 2024-06-04 | Fast and Secure Decentralized Optimistic Rollups Using Setchain | Margarita Capretto et.al. | 2406.02316 | Modern blockchains face a scalability challenge due to the intrinsic throughput limitations of consensus protocols. Layer 2 optimistic rollups (L2) are a faster alternative that offer the same interface in terms of smart contract development and user interaction. Optimistic rollups perform most computations offchain and make light use of an underlying blockchain (L1) to guarantee correct behavior, implementing a cheaper blockchain on a blockchain solution. With optimistic rollups, a sequencer calculates offchain batches of L2 transactions and commits batches (compressed or hashed) to the L1 blockchain. The use of hashes requires a data service to translate hashes into their corresponding batches. Current L2 implementations consist of a centralized sequencer (central authority) and an optional data availability committee (DAC). In this paper, we propose a decentralized L2 optimistic rollup based on Setchain, a decentralized Byzantine-tolerant implementation of sets. The main contribution is a fully decentralized "arranger" where arrangers are a formal definition combining sequencers and DACs. We prove our implementation correct and show empirical evidence that our solution scales. A final contribution is a system of incentives (payments) for servers that implement the sequencer and data availability committee protocols correctly, and a fraud-proof mechanism to detect violations of the protocol. |
| 2024-06-04 | Decentralized Physical Infrastructure Network (DePIN): Challenges and Opportunities | Zhibin Lin et.al. | 2406.02239 | The widespread use of the Internet has posed challenges to existing centralized physical infrastructure networks. Issues such as data privacy risks, service disruptions, and substantial expansion costs have emerged. To address these challenges, an innovative network architecture called Decentralized Physical Infrastructure Network (DePIN) has emerged. DePIN leverages blockchain technology to decentralize the control and management of physical devices, addressing limitations of traditional infrastructure network. This article provides a comprehensive exploration of DePIN, presenting its five-layer architecture, key design principles. Furthermore, it presents a detailed survey of the extant applications, operating mechanisms, and provides an in-depth analysis of market data pertaining to DePIN. Finally, it discusses a wide range of the open challenges faced by DePIN. |
| 2024-07-12 | It Takes Two: A Peer-Prediction Solution for Blockchain Verifier's Dilemma | Zishuo Zhao et.al. | 2406.01794 | The security of blockchain systems is fundamentally based on the decentralized consensus in which the majority of parties behave honestly, and the process of content verification is essential to keep the robustness of blockchain systems. However, the phenomenon that a secure blockchain system with few or no cheaters could not provide sufficient incentive for verifiers to honestly perform the costly verification, referred to as the Verifier's Dilemma, could severely undermine the fundamental security of blockchain systems. While existing works have attempted to insert deliberate errors to disincentivize lazy verification, the decentralized environment makes it impossible to judge the correctness of verification or detect malicious verifiers directly. In this paper, we initiate the research that leverages the peer prediction approach towards the design of Bayesian truthful mechanisms for the decentralized verification game among multiple verifiers, incentivizing all verifiers to perform honest verification without access to the ground truth even in the presence of noisy observations in the verification process. With theoretically guaranteed truthfulness of our mechanism for the verification game, our work provides a framework of verification mechanisms that enhances the security and robustness of the blockchain and potentially other decentralized systems. |
| 2024-06-03 | Formal Definition and Implementation of Reproducibility Tenets for Computational Workflows | Nicholas J. Pritchard et.al. | 2406.01146 | Computational workflow management systems power contemporary data-intensive sciences. The slowly resolving reproducibility crisis presents both a sobering warning and an opportunity to iterate on what science and data processing entails. The Square Kilometre Array (SKA), the world's largest radio telescope, is among the most extensive scientific projects underway and presents grand scientific collaboration and data-processing challenges. This work presents a scale and system-agnostic computational workflow model and extends five well-known reproducibility tenets into seven defined for our workflow model. Subsequent implementation of these definitions, powered by blockchain primitives, into the Data Activated Flow Graph Engine (DALiuGE), a workflow management system for the SKA, demonstrates the possibility of facilitating automatic formal verification of scientific quality in amortized constant time. We validate our approach with a simple yet representative astronomical processing task; filtering a noisy signal with a lowpass filter with both CPU and GPU methods. Our framework illuminates otherwise obscure scientific discrepancies and similarities between principally identical workflow executions. |
| 2024-06-02 | Blockchain-aided wireless federated learning: Resource allocation and client scheduling | Jun Li et.al. | 2406.00752 | Federated learning (FL) based on the centralized design faces both challenges regarding the trust issue and a single point of failure. To alleviate these issues, blockchain-aided decentralized FL (BDFL) introduces the decentralized network architecture into the FL training process, which can effectively overcome the defects of centralized architecture. However, deploying BDFL in wireless networks usually encounters challenges such as limited bandwidth, computing power, and energy consumption. Driven by these considerations, a dynamic stochastic optimization problem is formulated to minimize the average training delay by jointly optimizing the resource allocation and client selection under the constraints of limited energy budget and client participation. We solve the long-term mixed integer non-linear programming problem by employing the tool of Lyapunov optimization and thereby propose the dynamic resource allocation and client scheduling BDFL (DRC-BDFL) algorithm. Furthermore, we analyze the learning performance of DRC-BDFL and derive an upper bound for convergence regarding the global loss function. Extensive experiments conducted on SVHN and CIFAR-10 datasets demonstrate that DRC-BDFL achieves comparable accuracy to baseline algorithms while significantly reducing the training delay by 9.24% and 12.47%, respectively. |
| 2024-06-02 | Model-based Analysis of Mining Fairness in a Blockchain | Akira Sakurai et.al. | 2406.00595 | Mining fairness in blockchain refers to the equality between the computational resources invested in mining and the block rewards received. There exists a dilemma where increasing the blockchain's transaction processing capacity damages mining fairness, consequently undermining its decentralization. This dilemma remains unresolved even with methods such as GHOST, indicating that mining fairness is an inherent bottleneck to the system's transaction processing capacity. Despite its significance, there have been insufficient studies quantitatively analyzing mining fairness. In this paper, we propose a method to calculate mining fairness. Initially, we approximate a complex blockchain network using a simple mathematical model, assuming that no more than two blocks are generated per round. Within this model, we quantitatively determine local mining fairness and derive several measures of global mining fairness based on local mining fairness. We validated that our calculation method accurately computes mining fairness in networks with a small number of miners. Furthermore, we analyzed various networks from the perspective of mining fairness. |
| 2024-05-31 | Wait or Not to Wait: Evaluating Trade-Offs between Speed and Precision in Blockchain-based Federated Aggregation | Huong Nguyen et.al. | 2406.00181 | This paper presents a fully coupled blockchain-assisted federated learning architecture that effectively eliminates single points of failure by decentralizing both the training and aggregation tasks across all participants. Our proposed system offers a high degree of flexibility, allowing participants to select shared models and customize the aggregation for local needs, thereby optimizing system performance, including accurate inference results. Notably, the integration of blockchain technology in our work is to promote a trustless environment, ensuring transparency and non-repudiation among participants when abnormalities are detected. To validate the effectiveness, we conducted real-world federated learning deployments on a private Ethereum platform, using two different models, ranging from simple to complex neural networks. The experimental results indicate comparable inference accuracy between centralized and decentralized federated learning settings. Furthermore, our findings indicate that asynchronous aggregation is a feasible option for simple learning models. However, complex learning models require greater training model involvement in the aggregation to achieve high model quality, instead of asynchronous aggregation. With the implementation of asynchronous aggregation and the flexibility to select models, participants anticipate decreased aggregation time in each communication round, while experiencing minimal accuracy trade-off. |
| 2024-07-26 | Loss-Versus-Fair: Efficiency of Dutch Auctions on Blockchains | Ciamac C. Moallemi et.al. | 2406.00113 | Milionis et al.(2023) studied the rate at which automated market makers leak value to arbitrageurs when block times are discrete and follow a Poisson process, and where the risky asset price follows a geometric Brownian motion. We extend their model to analyze another popular mechanism in decentralized finance for onchain trading: Dutch auctions. We compute the expected losses that a seller incurs to arbitrageurs and expected time-to-fill for Dutch auctions as a function of starting price, volatility, decay rate, and average interblock time. We also extend the analysis to gradual Dutch auctions, a variation on Dutch auctions for selling tokens over time at a continuous rate. We use these models to explore the tradeoff between speed of execution and quality of execution, which could help inform practitioners in setting parameters for starting price and decay rate on Dutch auctions, or help platform designers determine performance parameters like block times. |
| 2024-05-27 | Federated Learning with Blockchain-Enhanced Machine Unlearning: A Trustworthy Approach | Xuhan Zuo et.al. | 2405.20776 | With the growing need to comply with privacy regulations and respond to user data deletion requests, integrating machine unlearning into IoT-based federated learning has become imperative. Traditional unlearning methods, however, often lack verifiable mechanisms, leading to challenges in establishing trust. This paper delves into the innovative integration of blockchain technology with federated learning to surmount these obstacles. Blockchain fortifies the unlearning process through its inherent qualities of immutability, transparency, and robust security. It facilitates verifiable certification, harmonizes security with privacy, and sustains system efficiency. We introduce a framework that melds blockchain with federated learning, thereby ensuring an immutable record of unlearning requests and actions. This strategy not only bolsters the trustworthiness and integrity of the federated learning model but also adeptly addresses efficiency and security challenges typical in IoT environments. Our key contributions encompass a certification mechanism for the unlearning process, the enhancement of data security and privacy, and the optimization of data management to ensure system responsiveness in IoT scenarios. |
| 2024-05-30 | SoK: Public Blockchain Sharding | Md Mohaimin Al Barat et.al. | 2405.20521 | Blockchain's decentralization, transparency, and tamper-resistance properties have facilitated the system's use in various application fields. However, the low throughput and high confirmation latency hinder the widespread adoption of Blockchain. Many solutions have been proposed to address these issues, including first-layer solutions (or on-chain solutions) and second-layer solutions (or off-chain solutions). Among the proposed solutions, the blockchain sharding system is the most scalable one, where the nodes in the network are divided into several groups. The nodes in different shards work in parallel to validate the transactions and add them to the blocks, and in such a way, the throughput increases significantly. However, previous works have not adequately summarized the latest achievements in blockchain sharding, nor have they fully showcased its state-of-the-art. Our study provides a systemization of knowledge of public blockchain sharding, including the core components of sharding systems, challenges, limitations, and mechanisms of the latest sharding protocols. We also compare their performance and discuss current constraints and future research directions. |
| 2024-05-30 | BeerReview: A Blockchain-enabled Peer Review Platform | Guodong Jin et.al. | 2405.20220 | In an era of increasing concerns over intellectual property rights, traditional peer review systems face challenges including plagiarism, malicious attacks, and unauthorized data access. BeerReview, a blockchain-enabled peer review platform, offers a robust solution, enabling experts and scholars to participate actively in the review process without concerns about plagiarism or security threats. Following the completion of its alpha testing, BeerReview demonstrates the potential for expanded deployment. This platform offers improved convenience and more robust intellectual property protection within the peer review process with open source initiative. |
| 2024-05-30 | The Kosmosis Use-Case of Crypto Rug Pull Detection and Prevention | Philipp Stangl et.al. | 2405.19762 | Current methods to prevent crypto asset fraud are based on the analysis of transaction graphs within blockchain networks. While effective for identifying transaction patterns indicative of fraud, it does not capture the semantics of transactions and is constrained to blockchain data. Consequently, preventive methods based on transaction graphs are inherently limited. In response to these limitations, we propose the Kosmosis approach, which aims to incrementally construct a knowledge graph as new blockchain and social media data become available. During construction, it aims to extract the semantics of transactions and connect blockchain addresses to their real-world entities by fusing blockchain and social media data in a knowledge graph. This enables novel preventive methods against rug pulls as a form of crypto asset fraud. To demonstrate the effectiveness and practical applicability of the Kosmosis approach, we examine a series of real-world rug pulls from 2021. Through this case, we illustrate how Kosmosis can aid in identifying and preventing such fraudulent activities by leveraging the insights from the constructed knowledge graph. |
| 2024-05-29 | DataSafe: Copyright Protection with PUF Watermarking and Blockchain Tracking | Xiaolong Xue et.al. | 2405.19099 | Digital watermarking methods are commonly used to safeguard digital media copyrights by confirming ownership and deterring unauthorized use. However, without reliable third-party oversight, these methods risk security vulnerabilities during watermark extraction. Furthermore, digital media lacks tangible ownership attributes, posing challenges for secure copyright transfer and tracing. This study introduces DataSafe, a copyright protection scheme that combines physical unclonable functions (PUFs) and blockchain technology. PUF devices use their unique fingerprints for blockchain registration. Subsequently, these devices incorporate invisible watermarking techniques to embed digital watermarks into media for copyright protection. The watermark verification process is confined within the devices, preserving confidentiality during extraction, validating identities during copyright exchanges, and facilitating blockchain-based traceability of copyright transfers. The implementation of a prototype system on the LPC55S69-EVK development board is detailed, illustrating the practicality and effectiveness of the proposed solution. |
| 2024-05-29 | A Dual-functional Blockchain Framework for Solving Distributed Optimization | Weihang Cao et.al. | 2405.19027 | Proof of Work (PoW) has been extensively utilized as the foundation of blockchain's security, consistency, and tamper-resistance. However, long has it been criticized for its tremendous and inefficient utilization of computational power and energy. In this work, we design a dual-functional blockchain framework that uses solving optimization problems to reach consensus as an alternative to PoW, channeling wasted resources into useful work. We model and analyze our framework by developing discrete Markov chains, and derive the security conditions to ensure that selfish miners behave honestly. Based on the security conditions, we derive a lower bound for the security overhead and analyze the trade-off between useful work efficiency and PoW safeguard. We further dive deep into the reward function design for the proposed dual-functional blockchain and provide practical design guidelines for reward functions assuming concavity and linearity respectively. Finally, simulation results are presented to validate and illustrate our analytical results. |
| 2024-05-29 | On Fairness Concerns in the Blockchain Ecosystem | Johnnatan Messias Peixoto Afonso et.al. | 2405.18876 | Blockchains revolutionized centralized sectors like banking and finance by promoting decentralization and transparency. In a blockchain, information is transmitted through transactions issued by participants or applications. Miners crucially select, order, and validate pending transactions for block inclusion, prioritizing those with higher incentives or fees. The order in which transactions are included can impact the blockchain final state. Moreover, applications running on top of a blockchain often rely on governance protocols to decentralize the decision-making power to make changes to their core functionality. These changes can affect how participants interact with these applications. Since one token equals one vote, participants holding multiple tokens have a higher voting power to support or reject the proposed changes. The extent to which this voting power is distributed is questionable and if highly concentrated among a few holders can lead to governance attacks. In this thesis, we audit the Bitcoin and Ethereum blockchains to investigate the norms followed by miners in determining the transaction prioritization. We also audit decentralized governance protocols such as Compound to evaluate whether the voting power is fairly distributed among the participants. Our findings have significant implications for future developments of blockchains and decentralized applications. |
| 2024-05-28 | Remeasuring the Arbitrage and Sandwich Attacks of Maximal Extractable Value in Ethereum | Tianyang Chi et.al. | 2405.17944 | Maximal Extractable Value (MEV) drives the prosperity of the blockchain ecosystem. By strategically including, excluding, or reordering transactions within blocks, block producers/validators can extract additional value, which in turn incentivizes them to keep the decentralization of the whole blockchain platform. Before The Merge of Ethereum in Sep. 2022, around $675M was extracted in terms of MEV. Despite its importance, current measurement works on MEV suffer some limitations. First, current works only focus on transactions of a very limited number of DApps. Second, current methods heavily rely on fixed heuristic rule-based patterns, leading to false negative/positive. Third, the observations and conclusions are outdated to some extent due to the continuously introduced features, like The Merge in Ethereum. To address these challenges, in this work, we first propose two robust methods to identify arbitrage transactions and sandwich attacks, respectively. Then, we apply them to the largest-ever dataset to filter out related MEV transactions. Based on the identified results, we have characterized the overall landscape of the Ethereum MEV ecosystem, the impact the private transaction architectures bring, and the adoption of back-running mechanism. Our research will shed light on future MEV-related work. |
| 2024-05-30 | Proof of Quality: A Costless Paradigm for Trustless Generative AI Model Inference on Blockchains | Zhenjie Zhang et.al. | 2405.17934 | Generative AI models, such as GPT-4 and Stable Diffusion, have demonstrated powerful and disruptive capabilities in natural language and image tasks. However, deploying these models in decentralized environments remains challenging. Unlike traditional centralized deployment, systematically guaranteeing the integrity of AI model services in fully decentralized environments, particularly on trustless blockchains, is both crucial and difficult. In this paper, we present a new inference paradigm called \emph{proof of quality} (PoQ) to enable the deployment of arbitrarily large generative models on blockchain architecture. Unlike traditional approaches based on validating inference procedures, such as ZKML or OPML, our PoQ paradigm focuses on the outcome quality of model inference. Using lightweight BERT-based cross-encoders as our underlying quality evaluation model, we design and implement PQML, the first practical protocol for real-world NLP generative model inference on blockchains, tailored for popular open-source models such as Llama 3 and Mixtral. Our analysis demonstrates that our protocol is robust against adversarial but rational participants in ecosystems, where lazy or dishonest behavior results in fewer benefits compared to well-behaving participants. The computational overhead of validating the quality evaluation is minimal, allowing quality validators to complete the quality check within a second, even using only a CPU. Preliminary simulation results show that PoQ consensus is generated in milliseconds, 1,000 times faster than any existing scheme. |
| 2024-05-28 | Trustworthy DNN Partition for Blockchain-enabled Digital Twin in Wireless IIoT Networks | Xiumei Deng et.al. | 2405.17914 | Digital twin (DT) has emerged as a promising solution to enhance manufacturing efficiency in industrial Internet of Things (IIoT) networks. To promote the efficiency and trustworthiness of DT for wireless IIoT networks, we propose a blockchain-enabled DT (B-DT) framework that employs deep neural network (DNN) partitioning technique and reputation-based consensus mechanism, wherein the DTs maintained at the gateway side execute DNN inference tasks using the data collected from their associated IIoT devices. First, we employ DNN partitioning technique to offload the top-layer DNN inference tasks to the access point (AP) side, which alleviates the computation burden at the gateway side and thereby improves the efficiency of DNN inference. Second, we propose a reputation-based consensus mechanism that integrates Proof of Work (PoW) and Proof of Stake (PoS). Specifically, the proposed consensus mechanism evaluates the off-chain reputation of each AP according to its computation resource contributions to the DNN inference tasks, and utilizes the off-chain reputation as a stake to adjust the block generation difficulty. Third, we formulate a stochastic optimization problem of communication resource (i.e., partition point) and computation resource allocation (i.e., computation frequency of APs for top-layer DNN inference and block generation) to minimize system latency under the time-varying channel state and long-term constraints of off-chain reputation, and solve the problem using Lyapunov optimization method. Experimental results show that the proposed dynamic DNN partitioning and resource allocation (DPRA) algorithm outperforms the baselines in terms of reducing the overall latency while guaranteeing the trustworthiness of the B-DT system. |
| 2024-07-18 | Serial Monopoly on Blockchains with Quasi-patient Users | Paolo Penna et.al. | 2405.17334 | In the face of limited block size, miners (e.g., in Bitcoin) prioritize high-bid transactions, forming a large part of their revenue. If the block size were to expand significantly, meeting all transaction demand due to infrastructure or protocol improvements, bids could drop to zero or to a minimum fee, reducing mining incentives and potentially affecting security. To address this, Lavi et al. (2022) introduced a monopolistic pricing mechanism where miners only include transactions paying a minimum price, ensuring some revenue but resulting in an unbounded loss in welfare. Nisan (2023) expands this by modeling bidders as patient, who wait indefinitely long for lower prices, causing price fluctuations even with stable demand. In order to capture users' diminishing interest in having their transactions added to the ledger over time, we consider a more realistic setting with quasi-patient users, where only a fraction |
| 2024-05-26 | Towards Sustainable IoT: Challenges, Solutions, and Future Directions for Device Longevity | Ghazaleh Shirvani et.al. | 2405.16421 | In an era dominated by the Internet of Things, ensuring the longevity and sustainability of IoT devices has emerged as a pressing concern. This study explores the various complex difficulties which contributed to the early decommissioning of IoT devices and suggests methods to improve their lifespan management. By examining factors such as security vulnerabilities, user awareness gaps, and the influence of fashion-driven technology trends, the paper underscores the need for legislative interventions, consumer education, and industry accountability. Additionally, it explores innovative approaches to improving IoT longevity, including the integration of sustainability considerations into architectural design through requirements engineering methodologies. Furthermore, the paper discusses the potential of distributed ledger technology, or blockchain, to promote transparent and decentralized processes for device provisioning and tracking. This study promotes a sustainable IoT ecosystem by integrating technology innovation, legal change, and social awareness to reduce environmental impact and enhance resilience for the digital future |
| 2024-05-24 | Collaborative Access Control for IoT -- A Blockchain Approach | Yongtao Huang et.al. | 2405.15749 | The Internet of Things (IoT) necessitates robust access control mechanisms to secure a vast array of interconnected devices. Most of the existing IoT systems in practice use centralized solutions. We identify the problems in such solutions and adopt the blockchain based decentralized access control approach. Though there are works in the literature that use blockchain for access control, there are some gaps in these works. We develop a blockchain embedded access control (BEAC) framework to bridge the gaps. First, blockchain based solutions for access control require an enabling P2P network while existing P2P overlays do not support some required features. We develop a novel P2P infrastructure to seamlessly support our BEAC framework. Second, most of the works consider blockchain based access control for a single access control model, and we develop a generic blockchain mechanism and show that it can support the embedding of various access control models. Finally, existing works adopt existing blockchain mechanisms which may incur a high communication overhead. We develop a shortcut approach to improve the number of message rounds in the access protocol. Our experiments demonstrate the efficacy of our system, showing that the shortcut mechanism can reduces access time by approximately 43%. |
| 2024-06-26 | D-VRE: From a Jupyter-enabled Private Research Environment to Decentralized Collaborative Research Ecosystem | Yuandou Wang et.al. | 2405.15392 | Today, scientific research is increasingly data-centric and compute-intensive, relying on data and models across distributed sources. However, it still faces challenges in the traditional cooperation mode, due to the high storage and computing cost, geo-location barriers, and local confidentiality regulations. The Jupyter environment has recently emerged and evolved as a vital virtual research environment for scientific computing, which researchers can use to scale computational analyses up to larger datasets and high-performance computing resources. Nevertheless, existing approaches lack robust support of a decentralized cooperation mode to unlock the full potential of decentralized collaborative scientific research, e.g., seamlessly secure data sharing. In this work, we change the basic structure and legacy norms of current research environments via the seamless integration of Jupyter with Ethereum blockchain capabilities. As such, it creates a Decentralized Virtual Research Environment (D-VRE) from private computational notebooks to decentralized collaborative research ecosystem. We propose a novel architecture for the D-VRE and prototype some essential D-VRE elements for enabling secure data sharing with decentralized identity, user-centric agreement-making, membership, and research asset management. To validate our method, we conducted an experimental study to test all functionalities of D-VRE smart contracts and their gas consumption. In addition, we deployed the D-VRE prototype on a test net of the Ethereum blockchain for demonstration. The feedback from the studies showcases the current prototype's usability, ease of use, and potential and suggests further improvements. |
| 2024-05-24 | Transaction Fee Estimation in the Bitcoin System | Limeng Zhang et.al. | 2405.15293 | In the Bitcoin system, transaction fees serve as an incentive for blockchain confirmations. In general, a transaction with a higher fee is likely to be included in the next block mined, whereas a transaction with a smaller fee or no fee may be delayed or never processed at all. However, the transaction fee needs to be specified when submitting a transaction and almost cannot be altered thereafter. Hence it is indispensable to help a client set a reasonable fee, as a higher fee incurs over-spending and a lower fee could delay the confirmation. In this work, we focus on estimating the transaction fee for a new transaction to help with its confirmation within a given expected time. We identify two major drawbacks in the existing works. First, the current industry products are built on explicit analytical models, ignoring the complex interactions of different factors which could be better captured by machine learning based methods; Second, all of the existing works utilize limited knowledge for the estimation which hinders the potential of further improving the estimation quality. As a result, we propose a framework FENN, which aims to integrate the knowledge from a wide range of sources, including the transaction itself, unconfirmed transactions in the mempool and the blockchain confirmation environment, into a neural network model in order to estimate a proper transaction fee. Finally, we conduct experiments on real blockchain datasets to demonstrate the effectiveness and efficiency of our proposed framework over the state-of-the-art works evaluated by MAPE and RMSE. Each variation model in our framework can finish training within one block interval, which shows the potential of our framework to process the realtime transaction updates in the Bitcoin blockchain. |
| 2024-05-24 | The Writing is on the Wall: Analyzing the Boom of Inscriptions and its Impact on EVM-compatible Blockchains | Johnnatan Messias et.al. | 2405.15288 | Despite the level of attention given to rollups there is limited empirical research about their performance. To address this gap, we conduct a comprehensive data-driven analysis of the late 2023 transaction boom that is attributed to inscriptions: a novel approach to record data onto a blockchain with no outside server needed. Inscriptions were first introduced on the Bitcoin blockchain to allow for the representation of NFTs or ERC-20-like tokens without smart contracts, but were later spread to other blockchains. This work examines the applications of inscription transactions in Ethereum and its major EVM-compatible rollups and their impact on blockchain scalability during periods of sudden transaction surges. We found that on certain days, inscription-related transactions comprised over 89% on Arbitrum, over 88% on zkSync Era, and over 53% on Ethereum. Furthermore, 99% of these transactions were related to the minting of meme coins, followed by limited trading activity. Unlike L1 blockchains, during periods of transaction surges, zkSync and Arbitrum experienced lower median gas fees, attributable to the compression of L2 transactions for a single L1 batch. Additionally, zkSync Era, a ZK rollup, demonstrated a stronger reduction in fees than optimistic rollups considered in our study: Arbitrum, Base, and Optimism. |
| 2024-05-23 | Targeted Nakamoto: A Bitcoin Protocol to Balance Network Security and Energy Consumption | Daniel Aronoff et.al. | 2405.15089 | In a Proof-of-Work blockchain such as Bitcoin mining hashrate is increasing in the block reward. An increase in hashrate reduces network vulnerability to attack (a reduction in security cost) while increasing carbon emissions and electricity cost (an increase in externalities cost). This implies a tradeoff in total cost at different levels of hashrate and the existence of a hashrate interval where total cost is minimized. Targeted Nakamoto is a Proof-of-Work protocol augmentation that incentivizes miners to hone in on a target hashrate interval. When hashrate is above target a ceiling is placed on the block reward a miner can receive. When hashrate is below target a floor is placed underneath the miner's block reward. Monetary neutrality is maintained by a proportional increase in spending potential among addresses holding UTXO's to match a deduction from total block reward when the ceiling is operative and a proportional reduction in spending potential among addresses holding UTXO's to match an increase over the total block reward when the floor is binding. |
| 2024-05-23 | Fast Transaction Scheduling in Blockchain Sharding | Ramesh Adhikari et.al. | 2405.15015 | Sharding is a promising technique for addressing the scalability issues of blockchain. It divides the |
| 2024-05-23 | Dynamically Sharded Ledgers on a Distributed Hash Table | Christoffer Fink et.al. | 2405.14991 | Distributed ledger technology such as blockchain is considered essential for supporting large numbers of micro-transactions in the Machine Economy, which is envisioned to involve billions of connected heterogeneous and decentralized cyber-physical systems. This stresses the need for performance and scalability of distributed ledger technologies. Sharding divides the blockchain network into multiple committees and is a common approach to improve scalability. However, with current sharding approaches, costly cross-shard verification is needed to prevent double-spending. This paper proposes a novel and more scalable distributed ledger method named ScaleGraph that implements dynamic sharding by using routing and logical proximity concepts from distributed hash tables. ScaleGraph addresses cyber security in terms of integrity, availability, and trust, to support frequent micro-transactions between autonomous devices. Benefits of ScaleGraph include a total storage space complexity of O(t), where t is the global number of transactions (assuming a constant replication degree). This space is sharded over n nodes so that each node needs O(t/n) storage, which provides a high level of concurrency and data localization as compared to other delegated consensus proposals. ScaleGraph allows for a dynamic grouping of validators which are selected based on a distance metric. We analyze the consensus requirements in such a dynamic setting and show that a synchronous consensus protocol allows shards to be smaller than an asynchronous one, and likely yields better performance. Moreover, we provide an experimental analysis of security aspects regarding the required size of the consensus groups with ScaleGraph. Our analysis shows that dynamic sharding based on proximity concepts brings attractive scalability properties in general, especially when the fraction of corrupt nodes is small. |
| 2024-05-23 | Towards an Optimal Staking Design: Balancing Security, User Growth, and Token Appreciation | Nicolas Oderbolz et.al. | 2405.14617 | This paper examines the economic and security implications of Proof-of-Stake (POS) designs, providing a survey of POS design choices and their underlying economic principles in prominent POS-blockchains. The paper argues that POS-blockchains are essentially platforms that connect three groups of agents: users, validators, and investors. To meet the needs of these groups, blockchains must balance trade-offs between security, user adoption, and investment into the protocol. We focus on the security aspect and identify two different strategies: increasing the quality of validators (static security) vs. increasing the quantity of stakes (dynamic security). We argue that quality comes at the cost of quantity, identifying a trade-off between the two strategies when designing POS systems. We test our qualitative findings using panel analysis on collected data. The analysis indicates that enhancing the quality of the validator set through security measures like slashing and minimum staking amounts may decrease dynamic security. Further, the analysis reveals a strategic divergence among blockchains, highlighting the absence of a single, universally optimal staking design solution. The optimal design hinges upon a platform's specific objectives and its developmental stage. This research compels blockchain developers to meticulously assess the trade-offs outlined in this paper when developing their staking designs. |
| 2024-05-22 | AI-Protected Blockchain-based IoT environments: Harnessing the Future of Network Security and Privacy | Ali Mohammadi Ruzbahani et.al. | 2405.13847 | Integrating blockchain technology with the Internet of Things offers transformative possibilities for enhancing network security and privacy in the contemporary digital landscape, where interconnected devices and expansive networks are ubiquitous. This paper explores the pivotal role of artificial intelligence in bolstering blockchain-enabled IoT systems, potentially marking a significant leap forward in safeguarding data integrity and confidentiality across networks. Blockchain technology provides a decentralized and immutable ledger, ideal for the secure management of device identities and transactions in IoT networks. When coupled with AI, these systems gain the ability to not only automate and optimize security protocols but also adaptively respond to new and evolving cyber threats. This dual capability enhances the resilience of networks against cyber-attacks, a critical consideration as IoT devices increasingly permeate critical infrastructures. The synergy between AI and blockchain in IoT is profound. AI algorithms can analyze vast amounts of data from IoT devices to detect patterns and anomalies that may signify security breaches. Concurrently, blockchain can ensure that data records are tamper-proof, enhancing the reliability of AI-driven security measures. Moreover, this research evaluates the implications of AI-enhanced blockchain systems on privacy protection within IoT networks. IoT devices often collect sensitive personal data, making privacy a paramount concern. AI can facilitate the development of new protocols that ensure data privacy and user anonymity without compromising the functionality of IoT systems. Through comprehensive analysis and case studies, this paper aims to provide an in-depth understanding of how AI-enhanced blockchain technology can revolutionize network security and privacy in IoT environments. |
| 2024-05-22 | Blockchain and Artificial Intelligence: Synergies and Conflicts | Leon Witt et.al. | 2405.13462 | Blockchain technology and Artificial Intelligence (AI) have emerged as transformative forces in their respective domains. This paper explores synergies and challenges between these two technologies. Our research analyses the biggest projects combining blockchain and AI, based on market capitalization, and derives a novel framework to categorize contemporary and future use cases. Despite the theoretical compatibility, current real-world applications combining blockchain and AI remain in their infancy. |
| 2024-05-21 | A Privacy-Preserving DAO Model Using NFT Authentication for the Punishment not Reward Blockchain Architecture | Talgar Bayan et.al. | 2405.13156 | \This paper presents a novel decentralized autonomous organization (DAO) model leveraging non-fungible tokens (NFTs) for advanced access control and privacy-preserving interactions within a Punishment not Reward (PnR) blockchain framework. The proposed model introduces a dual NFT architecture: Membership NFTs ((NFT_{auth})) for authentication and access control, and Interaction NFTs ((NFT_{priv})) for enabling private, encrypted interactions among participants. Governance is enforced through smart contracts that manage reputation and administer punitive measures, such as conditional identity disclosure. By prioritizing privacy, security, and deterrence over financial rewards, this model addresses key challenges in existing blockchain incentive structures, paving the way for more sustainable and decentralized governance frameworks. |
| 2024-05-21 | Strategic Deployment of Honeypots in Blockchain-based IoT Systems | Daniel Commey et.al. | 2405.12951 | This paper addresses the challenge of enhancing cybersecurity in Blockchain-based Internet of Things (BIoTs) systems, which are increasingly vulnerable to sophisticated cyberattacks. It introduces an AI-powered system model for the dynamic deployment of honeypots, utilizing an Intrusion Detection System (IDS) integrated with smart contract functionalities on IoT nodes. This model enables the transformation of regular nodes into decoys in response to suspicious activities, thereby strengthening the security of BIoT networks. The paper analyses strategic interactions between potential attackers and the AI-enhanced IDS through a game-theoretic model, specifically Bayesian games. The model focuses on understanding and predicting sophisticated attacks that may initially appear normal, emphasizing strategic decision-making, optimized honeypot deployment, and adaptive strategies in response to evolving attack patterns. |
| 2024-05-21 | Blockchain-based AI Methods for Managing Industrial IoT: Recent Developments, Integration Challenges and Opportunities | Anichur Rahman et.al. | 2405.12550 | Currently, Blockchain (BC), Artificial Intelligence (AI), and smart Industrial Internet of Things (IIoT) are not only leading promising technologies in the world, but also these technologies facilitate the current society to develop the standard of living and make it easier for users. However, these technologies have been applied in various domains for different purposes. Then, these are successfully assisted in developing the desired system, such as-smart cities, homes, manufacturers, education, and industries. Moreover, these technologies need to consider various issues-security, privacy, confidentiality, scalability, and application challenges in diverse fields. In this context, with the increasing demand for these issues solutions, the authors present a comprehensive survey on the AI approaches with BC in the smart IIoT. Firstly, we focus on state-of-the-art overviews regarding AI, BC, and smart IoT applications. Then, we provide the benefits of integrating these technologies and discuss the established methods, tools, and strategies efficiently. Most importantly, we highlight the various issues--security, stability, scalability, and confidentiality and guide the way of addressing strategy and methods. Furthermore, the individual and collaborative benefits of applications have been discussed. Lastly, we are extensively concerned about the open research challenges and potential future guidelines based on BC-based AI approaches in the intelligent IIoT system. |
| 2024-05-20 | Securing Blockchain-based IoT Systems with Physical Unclonable Functions and Zero-Knowledge Proofs | Daniel Commey et.al. | 2405.12322 | This paper presents a framework for securing blockchain-based IoT systems by integrating Physical Unclonable Functions (PUFs) and Zero-Knowledge Proofs (ZKPs) within a Hyperledger Fabric environment. The proposed framework leverages PUFs for unique device identification and ZKPs for privacy-preserving authentication and transaction processing. Experimental results demonstrate the framework's feasibility, performance, and security against various attacks. This framework provides a comprehensive solution for addressing the security challenges in blockchain-based IoT systems. |
| 2024-07-11 | Clap: a Semantic-Preserving Optimizing eDSL for Plonkish Proof Systems | Marco Stronati et.al. | 2405.12115 | Plonkish is a popular circuit format for developing zero-knowledge proof systems that powers a number of major projects in the blockchain space, responsible for holding billions of dollars and processing millions of transactions per day. These projects, including zero-knowledge rollups, rely on highly hand-optimized circuits whose correctness comes at the cost of time-consuming testing and auditing. In this paper, we present Clap, the first Rust eDSL with a proof system agnostic circuit format, facilitating extensibility, automatic optimizations, and formal assurances for the resultant constraint system. Clap casts the problem of producing Plonkish constraint systems and their witness generators as a semantic-preserving compilation problem. Soundness and completeness of the transformation guarantees the absence of subtle bugs caused by under- or over-constraining. Our experimental evaluation shows that its automatic optimizations achieve better performance compared to manual circuit optimization. The optimizer can also be used to automatically derive custom gates from circuit descriptions. |
| 2024-05-20 | Sustainable business decision modelling with blockchain and digital twins: A survey | Gyan Wickremasinghe et.al. | 2405.12101 | Industry 4.0 and beyond will rely heavily on sustainable Business Decision Modelling (BDM) that can be accelerated by blockchain and Digital Twin (DT) solutions. BDM is built on models and frameworks refined by key identification factors, data analysis, and mathematical or computational aspects applicable to complex business scenarios. Gaining actionable intelligence from collected data for BDM requires a carefully considered infrastructure to ensure data transparency, security, accessibility and sustainability. Organisations should consider social, economic and environmental factors (based on the triple bottom line approach) to ensure sustainability when integrating such an infrastructure. These sustainability features directly impact BDM concerning resource optimisation, stakeholder engagement, regulatory compliance and environmental impacts. To further understand these segments, taxonomies are defined to evaluate blockchain and DT sustainability features based on an in-depth review of the current state-of-the-art research. Detailed comparative evaluations provide insight into the reachability of the sustainable solution in terms of ideologies, access control and performance overheads. Several research questions are put forward to motivate further research that significantly impacts BDM. Finally, a case study based on an exemplary supply chain management system is presented to show the interoperability of blockchain and DT with BDM. |
| 2024-05-19 | Securing Health Data on the Blockchain: A Differential Privacy and Federated Learning Framework | Daniel Commey et.al. | 2405.11580 | This study proposes a framework to enhance privacy in Blockchain-based Internet of Things (BIoT) systems used in the healthcare sector. The framework addresses the challenge of leveraging health data for analytics while protecting patient privacy. To achieve this, the study integrates Differential Privacy (DP) with Federated Learning (FL) to protect sensitive health data collected by IoT nodes. The proposed framework utilizes dynamic personalization and adaptive noise distribution strategies to balance privacy and data utility. Additionally, blockchain technology ensures secure and transparent aggregation and storage of model updates. Experimental results on the SVHN dataset demonstrate that the proposed framework achieves strong privacy guarantees against various attack scenarios while maintaining high accuracy in health analytics tasks. For 15 rounds of federated learning with an epsilon value of 8.0, the model obtains an accuracy of 64.50%. The blockchain integration, utilizing Ethereum, Ganache, Web3.py, and IPFS, exhibits an average transaction latency of around 6 seconds and consistent gas consumption across rounds, validating the practicality and feasibility of the proposed approach. |
| 2024-05-17 | DeFiTail: DeFi Protocol Inspection through Cross-Contract Execution Analysis | Wenkai Li et.al. | 2405.11035 | Decentralized finance (DeFi) protocols are crypto projects developed on the blockchain to manage digital assets. Attacks on DeFi have been frequent and have resulted in losses exceeding $77 billion. However, detection methods for malicious DeFi events are still lacking. In this paper, we propose DeFiTail, the first framework that utilizes deep learning to detect access control and flash loan exploits that may occur on DeFi. Since the DeFi protocol events involve invocations with multi-account transactions, which requires execution path unification with different contracts. Moreover, to mitigate the impact of mistakes in Control Flow Graph (CFG) connections, we validate the data path by employing the symbolic execution stack. Furthermore, we feed the data paths through our model to achieve the inspection of DeFi protocols. Experimental results indicate that DeFiTail achieves the highest accuracy, with 98.39% in access control and 97.43% in flash loan exploits. DeFiTail also demonstrates an enhanced capability to detect malicious contracts, identifying 86.67% accuracy from the CVE dataset. |
| 2024-05-17 | IT Strategic alignment in the decentralized finance (DeFi): CBDC and digital currencies | Carlos Alberto Durigan Junior et.al. | 2405.10678 | Cryptocurrency can be understood as a digital asset transacted among participants in the crypto economy. Every cryptocurrency must have an associated Blockchain. Blockchain is a Distributed Ledger Technology (DLT) which supports cryptocurrencies, this may be considered as the most promising disruptive technology in the industry 4.0 context. Decentralized finance (DeFi) is a Blockchain-based financial infrastructure, the term generally refers to an open, permissionless, and highly interoperable protocol stack built on public smart contract platforms, such as the Ethereum Blockchain. It replicates existing financial services in a more open and transparent way. DeFi does not rely on intermediaries and centralized institutions. Instead, it is based on open protocols and decentralized applications (Dapps). Considering that there are many digital coins, stablecoins and central bank digital currencies (CBDCs), these currencies should interact among each other sometime. For this interaction the Information Technology elements play an important whole as enablers and IT strategic alignment. This paper considers the strategic alignment model proposed by Henderson and Venkatraman (1993) and Luftman (1996). This paper seeks to answer two main questions 1) What are the common IT elements in the DeFi? And 2) How the elements connect to the IT strategic alignment in DeFi? Through a Systematic Literature Review (SLR). Results point out that there are many IT elements already mentioned by literature, however there is a lack in the literature about the connection between IT elements and IT strategic alignment in a Decentralized Finance (DeFi) architectural network. After final considerations, limitations and future research agenda are presented. Keywords: IT Strategic alignment, Decentralized Finance (DeFi), Cryptocurrency, Digital Economy. |
| 2024-09-16 | Give and Take: An End-To-End Investigation of Giveaway Scam Conversion Rates | Enze Liu et.al. | 2405.09757 | Scams -- fraudulent schemes designed to swindle money from victims -- have existed for as long as recorded history. However, the Internet's combination of low communication cost, global reach, and functional anonymity has allowed scam volumes to reach new heights. Designing effective interventions requires first understanding the context: how scammers reach potential victims, the earnings they make, and any potential bottlenecks for durable interventions. In this short paper, we focus on these questions in the context of cryptocurrency giveaway scams, where victims are tricked into irreversibly transferring funds to scammers under the pretense of even greater returns. Combining data from Twitter, YouTube and Twitch livestreams, landing pages, and cryptocurrency blockchains, we measure how giveaway scams operate at scale. We find that 1 in 1000 scam tweets, and 4 in 100,000 livestream views, net a victim, and that scammers managed to extract nearly $4.62 million from just hundreds of victims during our measurement window. |
| 2024-06-12 | Ticket-based multi-strand method for increased efficiency in proof-of-work based blockchains | Elias Rudberg et.al. | 2405.09531 | This paper outlines a method aiming to increase the efficiency of proof-of-work based blockchains using a ticket-based approach. To avoid the limitation of serially adding one block at a time to a blockchain, multiple semi-independent chains are used such that several valid blocks can be added in parallel, when they are added to separate chains. Blocks are added to different chains, the chain index being determined by a ``ticket'' that the miner must produce before creating a new block. This allows increasing the transaction rate by several orders of magnitude while the system is still fully decentralized and permissionless, and maintaining security in the sense that a successful attack would require the attacker to control a significant portion of the whole network. |
| 2024-05-15 | Flashback: Enhancing Proposer-Builder Design with Future-Block Auctions in Proof-of-Stake Ethereum | Yifan Mao et.al. | 2405.09465 | Maximal extractable value (MEV) in which block proposers unethically gain profits by manipulating the order in which transactions are included within a block, is a key challenge facing blockchains such as Ethereum today. Left unchecked, MEV can lead to a centralization of stake distribution thereby ultimately compromising the security of blockchain consensus. To preserve proposer decentralization (and hence security) of the blockchain, Ethereum has advocated for a proposer-builder separation (PBS) in which the functionality of transaction ordering is separated from proposers and assigned to separate entities called builders. Builders accept transaction bundles from searchers, who compete to find the most profitable bundles. Builders then bid completed blocks to proposers, who accept the most profitable blocks for publication. The auction mechanisms used between searchers, builders and proposers are crucial to the overall health of the blockchain. In this paper, we consider PBS design in Ethereum as a game between searchers, builders and proposers. A key novelty in our design is the inclusion of future block proposers, as all proposers of an epoch are decided ahead of time in proof-of-stake (PoS) Ethereum within the game model. Our analysis shows the existence of alternative auction mechanisms that result in a better (more profitable) equilibrium to players compared to state-of-the-art. Experimental evaluations based on synthetic and real-world data traces corroborate the analysis. Our results highlight that a rethinking of auction mechanism designs is necessary in PoS Ethereum to prevent disruption. |
| 2024-05-15 | StateGuard: Detecting State Derailment Defects in Decentralized Exchange Smart Contract | Zongwei Li et.al. | 2405.09181 | Decentralized Exchanges (DEXs), leveraging blockchain technology and smart contracts, have emerged in decentralized finance. However, the DEX project with multi-contract interaction is accompanied by complex state logic, which makes it challenging to solve state defects. In this paper, we conduct the first systematic study on state derailment defects of DEXs. These defects could lead to incorrect, incomplete, or unauthorized changes to the system state during contract execution, potentially causing security threats. We propose StateGuard, a deep learning-based framework to detect state derailment defects in DEX smart contracts. StateGuard constructs an Abstract Syntax Tree (AST) of the smart contract, extracting key features to generate a graph representation. Then, it leverages a Graph Convolutional Network (GCN) to discover defects. Evaluating StateGuard on 46 DEX projects with 5,671 smart contracts reveals its effectiveness, with a precision of 92.24%. To further verify its practicality, we used StateGuard to audit real-world smart contracts and successfully authenticated multiple novel CVEs. |
| 2024-05-15 | Temporarily Restricting Solidity Smart Contract Interactions | Valerian Callens et.al. | 2405.09084 | In this work we explore ways to restrict the ability to call Solidity smart contract functions for a specified duration. We describe methods to restrict functions from being called twice in the same transaction, block, or time period. This is related to the notion of non-reentrant functions, which are functions that can be called within a previous execution. These methods can be used to restrict interactions with entire sets of functions of smart contracts. We are motivated to revisit this topic for two reasons. First, we note that sixteen real-world smart contracts exploits in 2023 resulting in over $136M USD lost or stolen that could have been prevented by restricting function calls. As part of this survey, we dissect a new class of exploit that involves so-called read-only reentrancy: exploits that re-enter read-only functions to make smart contract state inconsistent in order to enable their exploitation. Second, while some of these approaches are simple, they may not always behave the same across different blockchains that support Solidity. |
| 2024-05-14 | Lollipop: SVM Rollups on Solana | Irvin Steve Cardenas et.al. | 2405.08882 | We present a formal specification for the implementation of Solana virtual machine (SVM) rollups deployed on top of the Solana Layer 1 (L1) blockchain. We further discuss our motivation, implementation, design decisions, limitations, and preliminary results. Overall, this paper is intended to serve as an initial introduction to building such system(s) on top of the Solana L1 blockchain, but does not represent an absolute. Lastly, we comment discuss on extensions of this specification to support SVM rollups on other well-established L1 blockchains systems such as Ethereum. |
| 2024-05-14 | BeACONS: A Blockchain-enabled Authentication and Communications Network for Scalable IoV | Qi Shi et.al. | 2405.08651 | This paper introduces a novel blockchain-enabled authentication and communications network for scalable Internet of Vehicles, which aims to bolster security and confidentiality, diminish communications latency, and reduce dependence on centralised infrastructures like Certificate Authorities and Public Key Infrastructures by leveraging Blockchain-enabled Domain Name Services and Blockchain-enabled Mutual Authentication. The proposed network is structured into a primary layer, consisting of Road Side Units and edge servers as servers of Blockchain-enabled Domain Name Services for managing inter-vehicle communications identities, and a sub-layer within each vehicle for intra-vehicle communications via the Blockchain-enabled Mutual Authentication Protocol. This design facilitates secure connections across vehicles by coordinating between the layers, significantly improving communications security and efficiency. This study also evaluates Road Side Unit availability against the random distribution of Road Side Units along the route of different vehicles. The proposed model presents a novel pathway towards a decentralised, secure, and efficient Internet of Vehicles ecosystem, contributing to the advancement of autonomous and trustworthy vehicular networks. |
| 2024-05-14 | Industrial Metaverse: Enabling Technologies, Open Problems, and Future Trends | Shiying Zhang et.al. | 2405.08542 | As an emerging technology that enables seamless integration between the physical and virtual worlds, the Metaverse has great potential to be deployed in the industrial production field with the development of extended reality (XR) and next-generation communication networks. This deployment, called the Industrial Metaverse, is used for product design, production operations, industrial quality inspection, and product testing. However, there lacks of in-depth understanding of the enabling technologies associated with the Industrial Metaverse. This encompasses both the precise industrial scenarios targeted by each technology and the potential migration of technologies developed in other domains to the industrial sector. Driven by this issue, in this article, we conduct a comprehensive survey of the state-of-the-art literature on the Industrial Metaverse. Specifically, we first analyze the advantages of the Metaverse for industrial production. Then, we review a collection of key enabling technologies of the Industrial Metaverse, including blockchain (BC), digital twin (DT), 6G, XR, and artificial intelligence (AI), and analyze how these technologies can support different aspects of industrial production. Subsequently, we present numerous formidable challenges encountered within the Industrial Metaverse, including confidentiality and security concerns, resource limitations, and interoperability constraints. Furthermore, we investigate the extant solutions devised to address them. Finally, we briefly outline several open issues and future research directions of the Industrial Metaverse. |
| 2024-05-14 | Cross-Blockchain Communication Using Oracles With an Off-Chain Aggregation Mechanism Based on zk-SNARKs | Michael Sober et.al. | 2405.08395 | The closed architecture of prevailing blockchain systems renders the usage of this technology mostly infeasible for a wide range of real-world problems. Most blockchains trap users and applications in their isolated space without the possibility of cooperating or switching to other blockchains. Therefore, blockchains need additional mechanisms for seamless communication and arbitrary data exchange between each other and external systems. Unfortunately, current approaches for cross-blockchain communication are resource-intensive or require additional blockchains or tailored solutions depending on the applied consensus mechanisms of the connected blockchains. Therefore, we propose an oracle with an off-chain aggregation mechanism based on ZeroKnowledge Succinct Non-interactive Arguments of Knowledge (zk-SNARKs) to facilitate cross-blockchain communication. The oracle queries data from another blockchain and applies a rollup-like mechanism to move state and computation off-chain. The zkOracle contract only expects the transferred data, an updated state root, and proof of the correct execution of the aggregation mechanism. The proposed solution only requires constant 378 kgas to submit data on the Ethereum blockchain and is primarily independent of the underlying technology of the queried blockchains. |
| 2024-05-14 | Foundational Verification of Smart Contracts through Verified Compilation | Vilhelm Sjöberg et.al. | 2405.08348 | Programs executed on a blockchain - smart contracts - have high financial stakes; their correctness is crucial. We argue, that this correctness needs to be foundational: correctness needs to be based on the operational semantics of their execution environment. In this work we present a foundational system - the DeepSEA system - targeting the Ethereum blockchain as the largest smart contract platform. The DeepSEA system has a small but sufficiently rich programming language amenable for verification, the DeepSEA language, and a verified DeepSEA compiler. Together they enable true end-to-end verification for smart contracts. We demonstrate usability through two case studies: a realistic contract for Decentralized Finance and contract for crowdfunding. |
| 2024-07-02 | Facilitating Feature and Topology Lightweighting: An Ethereum Transaction Graph Compression Method for Malicious Account Detection | Jiajun Zhou et.al. | 2405.08278 | Ethereum has become one of the primary global platforms for cryptocurrency, playing an important role in promoting the diversification of the financial ecosystem. However, the relative lag in regulation has led to a proliferation of malicious activities in Ethereum, posing a serious threat to fund security. Existing regulatory methods usually detect malicious accounts through feature engineering or large-scale transaction graph mining. However, due to the immense scale of transaction data and malicious attacks, these methods suffer from inefficiency and low robustness during data processing and anomaly detection. In this regard, we propose an Ethereum Transaction Graph Compression method named TGC4Eth, which assists malicious account detection by lightweighting both features and topology of the transaction graph. At the feature level, we select transaction features based on their low importance to improve the robustness of the subsequent detection models against feature evasion attacks; at the topology level, we employ focusing and coarsening processes to compress the structure of the transaction graph, thereby improving both data processing and inference efficiency of detection models. Extensive experiments demonstrate that TGC4Eth significantly improves the computational efficiency of existing detection models while preserving the connectivity of the transaction graph. Furthermore, TGC4Eth enables existing detection models to maintain stable performance and exhibit high robustness against feature evasion attacks. |
| 2024-05-14 | T-Watch: Towards Timed Execution of Private Transaction in Blockchains | Chao Li et.al. | 2405.08268 | In blockchains such as Bitcoin and Ethereum, transactions represent the primary mechanism that the external world can use to trigger a change of blockchain state. Transactions serve as key sources of evidence and play a vital role in forensic analysis. Timed transaction refers to a specific class of service that enables a user to schedule a transaction to change the blockchain state during a chosen future time-frame. This paper proposes T-Watch, a decentralized and cost-efficient approach for users to schedule timed execution of any type of transaction in Ethereum with privacy guarantees. T-Watch employs a novel combination of threshold secret sharing and decentralized smart contracts. To protect the private elements of a scheduled transaction from getting disclosed before the future time-frame, T-Watch maintains shares of the decryption key of the scheduled transaction using a group of executors recruited in a blockchain network before the specified future time-frame and restores the scheduled transaction at a proxy smart contract to trigger the change of blockchain state at the required time-frame. To reduce the cost of smart contract execution in T-Watch, we carefully design the proposed protocol to run in an optimistic mode by default and then switch to a pessimistic mode once misbehaviors occur. Furthermore, the protocol supports users to form service request pooling to further reduce the gas cost. We rigorously analyze the security of T-Watch and implement the protocol over the Ethereum official test network. The results demonstrate that T-Watch is more scalable compared to the state of the art and could reduce the cost by over 90% through pooling. |
| 2024-05-13 | An Optimal Multilevel Quorum System for Probabilistic Consensus | Kenan Wood et.al. | 2405.08135 | We present the notion of a multilevel, slashable quorum system, where an application can obtain gradual levels of assurance that a certain value is bound to be decided (or "finalized") in a global consensus procedure, unless a large number of Byzantine processes are exposed to slashing (that is, penalty on staked assets). Our construction is a highly parameterized generalization of quorum systems based on finite projective spaces, with asymptotic high availability and optimal slashing properties. In particular, we show that any quorum system whose ground elements are disjoint subsets of nodes (e.g. "commmittees" in committee-based consensus protocols) has asymptotic high availability under very reasonable conditions, a general proof with significance of its own. Under similarly relaxed conditions, we show that our construction has asymptotically optimal slashing properties with respect to message complexity and process load; this illustrates a fundamental trade off between message complexity, load, and slashing. Our multilevel construction allows nodes to decide how many "levels" of finalization assurance they wish to obtain, noting that this functionality, if applied to a proof-of-stake blockchain, can be seen either as (i) a form of an early, slashing-based, probabilistic block finalization; or (ii) a service for reorg tolerance. |
| 2024-05-13 | Efficient and Universal Merkle Tree Inclusion Proofs via OR Aggregation | Oleksandr Kuznetsov et.al. | 2405.07941 | Zero-knowledge proofs have emerged as a powerful tool for enhancing privacy and security in blockchain applications. However, the efficiency and scalability of proof systems remain a significant challenge, particularly in the context of Merkle tree inclusion proofs. Traditional proof aggregation techniques based on AND logic suffer from high verification complexity and data communication overhead, limiting their practicality for large-scale applications. In this paper, we propose a novel proof aggregation approach based on OR logic, which enables the generation of compact and universally verifiable proofs for Merkle tree inclusion. By aggregating proofs using OR logic, we achieve a proof size that is independent of the number of leaves in the tree, and verification can be performed using any single valid leaf hash. This represents a significant improvement over AND aggregation, which requires the verifier to process all leaf hashes. We formally define the OR aggregation logic, describe the process of generating universal proofs, and provide a comparative analysis demonstrating the advantages of our approach in terms of proof size, verification data, and universality. Furthermore, we discuss the potential of combining OR and AND aggregation logics to create complex acceptance functions, enabling the development of expressive and efficient proof systems for various blockchain applications. The proposed techniques have the potential to significantly enhance the scalability, efficiency, and flexibility of zero-knowledge proof systems, paving the way for more practical and adaptive solutions in the blockchain ecosystem. |
| 2024-09-09 | Edge Computing for IoT: Novel Insights from a Comparative Analysis of Access Control Models | Tao Xue et.al. | 2405.07685 | IoT edge computing positions computing resources closer to the data sources to reduce the latency, relieve the bandwidth pressure on the cloud, and enhance data security. Nevertheless, data security in IoT edge computing still faces critical threats (e.g., data breaches). Access control is fundamental for mitigating these threats. However, IoT edge computing introduces notable challenges for achieving resource-conserving, low-latency, flexible, and scalable access control. To review recent access control measures, we novelly organize them according to different data lifecycles--data collection, storage, and usage--and, meanwhile, review blockchain technology in this novel organization. In this way, we provide novel insights and envisage several potential research directions. This survey can help readers find gaps systematically and prompt the development of access control techniques in IoT edge computing under the intricacy of innovations in access control. |
| 2024-05-13 | Towards Rational Consensus in Honest Majority | Varul Srivastava et.al. | 2405.07557 | Distributed consensus protocols reach agreement among |
| 2024-05-12 | An Approach for Decentralized Authentication in Networks of UAVs | Nicholas Jäger et.al. | 2405.07265 | We propose a decentralized authentication system for networks of unmanned aerial vehicles. A blockchain-based public key infrastructure allows the usage of public key cryptography and public key based authentication protocols. The blockchain provides a common storage of the public keys and their relations and can provide the required information for the authentication process. Furthermore, the unmanned aerial vehicles store selected parts of the blockchain in order to operate independently in areas where they might not have access to the Internet. This allows unmanned aerial vehicles to authenticate entities of the network, like other unmanned aerial vehicles, cloud services, cars, and any computer. |
| 2024-05-12 | Permissioned Blockchain-based Framework for Ranking Synthetic Data Generators | Narasimha Raghavan Veeraragavan et.al. | 2405.07196 | Synthetic data generation is increasingly recognized as a crucial solution to address data related challenges such as scarcity, bias, and privacy concerns. As synthetic data proliferates, the need for a robust evaluation framework to select a synthetic data generator becomes more pressing given the variety of options available. In this research study, we investigate two primary questions: 1) How can we select the most suitable synthetic data generator from a set of options for a specific purpose? 2) How can we make the selection process more transparent, accountable, and auditable? To address these questions, we introduce a novel approach in which the proposed ranking algorithm is implemented as a smart contract within a permissioned blockchain framework called Sawtooth. Through comprehensive experiments and comparisons with state-of-the-art baseline ranking solutions, our framework demonstrates its effectiveness in providing nuanced rankings that consider both desirable and undesirable properties. Furthermore, our framework serves as a valuable tool for selecting the optimal synthetic data generators for specific needs while ensuring compliance with data protection principles. |
| 2024-05-12 | TRAIL: Cross-Shard Validation for Cryptocurrency Byzantine Shard Protection | Mitch Jacovetty et.al. | 2405.07146 | We present TRAIL: an algorithm that uses a novel consensus procedure to tolerate failed or malicious shards within a blockchain-based cryptocurrency. Our algorithm takes a new approach of selecting validator shards for each transaction from those that previously held the assets being transferred. This approach ensures the algorithm's robustness and efficiency. TRAIL is presented using PBFT for internal shard transaction processing and a modified version of PBFT for external cross-shard validation. We describe TRAIL, prove it correct, analyze its message complexity, and evaluate its performance. We propose various TRAIL optimizations: we describe how it can be adapted to other Byzantine-tolerant consensus algorithms, how a complete system may be built on the basis of it, and how TRAIL can be applied to existing and future sharded blockchains. |
| 2024-05-11 | Unveiling the Era of Spatial Computing | Hanzhong Cao et.al. | 2405.06895 | The evolution of User Interfaces marks a significant transition from traditional command-line interfaces to more intuitive graphical and touch-based interfaces, largely driven by the emergence of personal computing devices. The advent of spatial computing and Extended Reality technologies further pushes the boundaries, promising a fusion of physical and digital realms through interactive environments. This paper delves into the progression from All Realities technologies encompassing Augmented Reality, Virtual Reality, and Mediated Reality to spatial computing, highlighting their conceptual differences and applications. We explore enabling technologies such as Artificial Intelligence, the Internet of Things, 5G, cloud and edge computing, and blockchain that underpin the development of spatial computing. We further scrutinize the initial forays into commercial spatial computing devices, with a focus on Apple's Vision Pro, evaluating its technological advancements alongside the challenges it faces. Through this examination, we aim to provide insights into the potential of spatial computing to revolutionize our interaction with digital information and the physical world. |
| 2024-08-16 | Implementation Study of Cost-Effective Verification for Pietrzak's Verifiable Delay Function in Ethereum Smart Contracts | Suhyeon Lee et.al. | 2405.06498 | Verifiable Delay Function (VDF) is a cryptographic concept that ensures a minimum delay before output through sequential processing, which is resistant to parallel computing. One of the significant VDF protocols academically reviewed is the VDF protocol proposed by Pietrzak. However, for the blockchain environment, the Pietrzak VDF has drawbacks including long poof size and recursive protocol computation. In this paper, we present an implementation study of Pietrzak VDF verification on Ethereum Virtual Machine (EVM). We found that the discussion in the Pietrzak's original paper can help a clear optimization in EVM where the costs of computation are predefined as the specific amounts of gas. In our results, the cost of VDF verification can be reduced from 4M to 2M gas, and the proof length can be generated under 8 KB with the 2048-bit RSA key length, which is much smaller than the previous expectation. |
| 2024-05-09 | Deferred Objects to Enhance Smart Contract Programming with Optimistic Parallel Execution | George Mitenkov et.al. | 2405.06117 | One of the main bottlenecks of blockchains is smart contract execution. To increase throughput, modern blockchains try to execute transactions in parallel. Unfortunately, however, common blockchain use cases introduce read-write conflicts between transactions, forcing sequentiality. We propose RapidLane, an extension for parallel execution engines that allows the engine to capture computations in conflicting parts of transactions and defer their execution until a later time, sometimes optimistically predicting execution results. This technique, coupled with support for a new construct for smart contract languages, allows one to turn certain sequential workloads into parallelizable ones. We integrated RapidLane into Block-STM, a state-of-the-art parallel execution engine used by several blockchains in production, and deployed it on the Aptos blockchain. Our evaluation shows that on commonly contended workloads, such as peer-to-peer transfers with a single fee payer and NFT minting, RapidLane yields up to |
| 2024-05-09 | A trustless society? A political look at the blockchain vision | Rainer Rehak et.al. | 2405.06097 | A lot of business and research effort currently deals with the so called decentralised ledger technology blockchain. Putting it to use carries the tempting promise to make the intermediaries of social interactions superfluous and furthermore keep secure track of all interactions. Currently intermediaries such as banks and notaries are necessary and must be trusted, which creates great dependencies, as the financial crisis of 2008 painfully demonstrated. Especially banks and notaries are said to become dispensable as a result of using the blockchain. But in real-world applications of the blockchain, the power of central actors does not dissolve, it only shifts to new, democratically illegitimate, uncontrolled or even uncontrollable power centers. As interesting as the blockchain technically is, it doesn't efficiently solve any real-world problem and is no substitute for traditional political processes or democratic regulation of power. Research efforts investigating the blockchain should be halted. |
| 2024-07-02 | Knowledge Connectivity Requirements for Solving BFT Consensus with Unknown Participants and Fault Threshold (Extended Version) | Hasan Heydari et.al. | 2405.06055 | Consensus stands as a fundamental building block for constructing reliable and fault-tolerant distributed services. The increasing demand for high-performance and scalable blockchain protocols has brought attention to solving consensus in scenarios where each participant joins the system knowing only a subset of participants. In such scenarios, the participants' initial knowledge about the existence of other participants can collectively be represented by a directed graph known as knowledge connectivity graph. The Byzantine Fault Tolerant Consensus with Unknown Participants (BFT-CUP) problem aims to solve consensus in those scenarios by identifying the necessary and sufficient conditions that the knowledge connectivity graphs must satisfy when a fault threshold is provided to all participants. This work extends BFT-CUP by eliminating the requirement to provide the fault threshold to the participants. We indeed address the problem of solving BFT consensus in settings where each participant initially knows a subset of participants, and although a fault threshold exists, no participant is provided with this information -- referred to as BFT Consensus with Unknown Participants and Fault Threshold (BFT-CUPFT). With this aim, we first demonstrate that the conditions for knowledge connectivity graphs identified by BFT-CUP are insufficient to solve BFT-CUPFT. Accordingly, we introduce a new type of knowledge connectivity graphs by determining the necessary and sufficient conditions they must satisfy to solve BFT-CUPFT. Furthermore, we design a protocol for solving BFT-CUPFT. |
| 2024-05-08 | Advancing Blockchain Scalability: A Linear Optimization Framework for Diversified Node Allocation in Shards | Björn Assmann et.al. | 2405.05245 | Blockchain technology, while revolutionary in enabling decentralized transactions, faces scalability challenges as the ledger must be replicated across all nodes of the chain, limiting throughput and efficiency. Sharding, which divides the chain into smaller segments, called shards, offers a solution by enabling parallel transaction processing. However, sharding introduces new complexities, notably how to allocate nodes to shards without compromising the network's security. This paper introduces a novel linear optimization framework for node allocation to shards that addresses decentralization constraints while minimizing resource consumption. In contrast to traditional methods that depend on random or trust-based assignments, our approach evaluates node characteristics, including ownership, hardware, and geographical distribution, and requires an explicit specification of decentralization targets with respect to these characteristics. By employing linear optimization, the framework identifies a resource-efficient node set meeting these targets. Adopted by the Internet Computer Protocol (ICP) community, this framework proves its utility in real-world blockchain applications. It provides a quantitative tool for node onboarding and offboarding decisions, balancing decentralization and resource considerations. |
| 2024-05-08 | Enhancing Data Integrity and Traceability in Industry Cyber Physical Systems (ICPS) through Blockchain Technology: A Comprehensive Approach | Mohammad Ikbal Hossain et.al. | 2405.04837 | Blockchain technology, heralded as a transformative innovation, has far-reaching implications beyond its initial application in cryptocurrencies. This study explores the potential of blockchain in enhancing data integrity and traceability within Industry Cyber-Physical Systems (ICPS), a crucial aspect in the era of Industry 4.0. ICPS, integrating computational and physical components, is pivotal in managing critical infrastructure like manufacturing, power grids, and transportation networks. However, they face challenges in security, privacy, and reliability. With its inherent immutability, transparency, and distributed consensus, blockchain presents a groundbreaking approach to address these challenges. It ensures robust data reliability and traceability across ICPS, enhancing transaction transparency and facilitating secure data sharing. This research unearths various blockchain applications in ICPS, including supply chain management, quality control, contract management, and data sharing. Each application demonstrates blockchain's capacity to streamline processes, reduce fraud, and enhance system efficiency. In supply chain management, blockchain provides real-time auditing and compliance. For quality control, it establishes tamper-proof records, boosting consumer confidence. In contract management, smart contracts automate execution, enhancing efficiency. Blockchain also fosters secure collaboration in ICPS, which is crucial for system stability and safety. This study emphasizes the need for further research on blockchain's practical implementation in ICPS, focusing on challenges like scalability, system integration, and security vulnerabilities. It also suggests examining blockchain's economic and organizational impacts in ICPS to understand its feasibility and long-term advantages. |
| 2024-06-15 | Blockchains for Internet of Things: Fundamentals, Applications, and Challenges | Yusen Wu et.al. | 2405.04803 | Internet of Things (IoT) services necessitate the storage, transmission, and analysis of diverse data for inference, autonomy, and control. Blockchains, with their inherent properties of decentralization and security, offer efficient database solutions for these devices through consensus-based data sharing. However, it's essential to recognize that not every blockchain system is suitable for specific IoT applications, and some might be more beneficial when excluded with privacy concerns. For example, public blockchains are not suitable for storing sensitive data. This paper presents a detailed review of three distinct blockchains tailored for enhancing IoT applications. We initially delve into the foundational aspects of three blockchain systems, highlighting their strengths, limitations, and implementation needs. Additionally, we discuss the security issues in different blockchains. Subsequently, we explore the blockchain's application in three pivotal IoT areas: edge AI, communications, and healthcare. We underscore potential challenges and the future directions for integrating different blockchains in IoT. Ultimately, this paper aims to offer a comprehensive perspective on the synergies between blockchains and the IoT ecosystem, highlighting the opportunities and complexities involved. |
| 2024-05-10 | PoW Security-Latency under Random Delays and the Effect of Transaction Fees | Mustafa Doger et.al. | 2405.04526 | Safety guarantees and security-latency problem of Nakamoto consensus have been extensively studied in the last decade with a bounded delay model. Recent studies have shown that PoW protocol is secure under random delay models as well. In this paper, we analyze the security-latency problem, i.e., how secure a block is, after it becomes k-deep in the blockchain, under general random delay distributions. We provide tight and explicit bounds which only require determining the distribution of the number of Poisson arrivals during the random delay. We further consider potential effects of recent Bitcoin halving on the security-latency problem by extending our results. |
| 2024-05-07 | Fully Automated Selfish Mining Analysis in Efficient Proof Systems Blockchains | Krishnendu Chatterjee et.al. | 2405.04420 | We study selfish mining attacks in longest-chain blockchains like Bitcoin, but where the proof of work is replaced with efficient proof systems -- like proofs of stake or proofs of space -- and consider the problem of computing an optimal selfish mining attack which maximizes expected relative revenue of the adversary, thus minimizing the chain quality. To this end, we propose a novel selfish mining attack that aims to maximize this objective and formally model the attack as a Markov decision process (MDP). We then present a formal analysis procedure which computes an |
| 2024-05-07 | WALLETRADAR: Towards Automating the Detection of Vulnerabilities in Browser-based Cryptocurrency Wallets | Pengcheng Xia et.al. | 2405.04332 | Cryptocurrency wallets, acting as fundamental infrastructure to the blockchain ecosystem, have seen significant user growth, particularly among browser-based wallets (i.e., browser extensions). However, this expansion accompanies security challenges, making these wallets prime targets for malicious activities. Despite a substantial user base, there is not only a significant gap in comprehensive security analysis but also a pressing need for specialized tools that can aid developers in reducing vulnerabilities during the development process. To fill the void, we present a comprehensive security analysis of browser-based wallets in this paper, along with the development of an automated tool designed for this purpose. We first compile a taxonomy of security vulnerabilities resident in cryptocurrency wallets by harvesting historical security reports. Based on this, we design WALLETRADAR, an automated detection framework that can accurately identify security issues based on static and dynamic analysis. Evaluation of 96 popular browser-based wallets shows WALLETRADAR's effectiveness, by successfully automating the detection process in 90% of these wallets with high precision. This evaluation has led to the discovery of 116 security vulnerabilities corresponding to 70 wallets. By the time of this paper, we have received confirmations of 10 vulnerabilities from 8 wallet developers, with over $2,000 bug bounties. Further, we observed that 12 wallet developers have silently fixed 16 vulnerabilities after our disclosure. WALLETRADAR can effectively automate the identification of security risks in cryptocurrency wallets, thereby enhancing software development quality and safety in the blockchain ecosystem. |
| 2024-05-07 | CAKE: Sharing Slices of Confidential Data on Blockchain | Edoardo Marangone et.al. | 2405.04152 | link |
| 2024-05-07 | A2-DIDM: Privacy-preserving Accumulator-enabled Auditing for Distributed Identity of DNN Model | Tianxiu Xie et.al. | 2405.04108 | Recent booming development of Generative Artificial Intelligence (GenAI) has facilitated an emerging model commercialization for the purpose of reinforcement on model performance, such as licensing or trading Deep Neural Network (DNN) models. However, DNN model trading may trigger concerns of the unauthorized replications or misuses over the model, so that the benefit of the model ownership will be violated. Model identity auditing is a challenging issue in protecting intellectual property of DNN models and verifying the integrity and ownership of models for guaranteeing trusts in transactions is one of the critical obstacles. In this paper, we focus on the above issue and propose a novel Accumulator-enabled Auditing for Distributed Identity of DNN Model (A2-DIDM) that utilizes blockchain and zero-knowledge techniques to protect data and function privacy while ensuring the lightweight on-chain ownership verification. The proposed model presents a scheme of identity records via configuring model weight checkpoints with corresponding zero-knowledge proofs, which incorporates predicates to capture incremental state changes in model weight checkpoints. Our scheme ensures both computational integrity of DNN training process and programmability, so that the uniqueness of the weight checkpoint sequence in a DNN model is preserved, ensuring the correctness of the model identity auditing. In addition, A2-DIDM also addresses privacy protections in distributed identity via a proposed method of accumulators. We systematically analyze the security and robustness of our proposed model and further evaluate the effectiveness and usability of auditing DNN model identities. |
| 2024-05-07 | MBCT: A Monero-Based Covert Transmission Approach with On-chain Dynamic Session Key Negotiation | Zhenshuai Yue et.al. | 2405.04046 | Traditional covert transmission (CT) approaches have been hindering CT application while blockchain technology offers new avenue. Current blockchain-based CT approaches require off-chain negotiation of critical information and often overlook the dynamic session keys updating, which increases the risk of message and key leakage. Additionally, in some approaches the covert transactions exhibit obvious characteristics that can be easily detected by third-parties. Moreover, most approaches do not address the issue of decreased reliability of message transmission in blockchain attack scenarios. Bitcoin- and Ethereum-based approaches also have the issue of transaction linkability, which can be tackled by Monero-based approaches because of the privacy protection mechanisms in Monero. However, Monero-based CT has the problem of sender repudiation. In this paper, we propose a novel Monero-Based CT approach (MBCT), which enables on-chain session key dynamically updating without off-chain negotiation. MBCT can assure non-repudiation of transmission participants, confidentiality of keys, reliability of message transmission and less observable characteristics. There are achieved by the three components in MBCT, namely, a sender authentication method, a dynamically on-chain session key updating method and a state feedback method. We implement MBCT in Monero-0.18.1.0 and the experiment results demonstrate its high embedding capacity of MBCT. |
| 2024-05-07 | Self-Replicating and Self-Employed Smart Contract on Ethereum Blockchain | Atsushi Masumori et.al. | 2405.04038 | Blockchain is the underlying technology for cryptocurrencies such as Bitcoin. Blockchain is a robust distributed ledger that uses consensus algorithms to approve transactions in a decentralized manner, making malicious tampering extremely difficult. Ethereum, one of the blockchains, can be seen as an unstoppable computer which shared by users around the world that can run Turing-complete programs. In order to run any program on Ethereum, Ether (currency on Ethereum) is required. In other words, Ether can be seen as a kind of energy in the Ethereum world. We developed self-replicating and self-employed agents who earn the energy by themselves to replicate them, on the Ethereum blockchain. The agents can issued their token and gain Ether each time the tokens are sold. When a certain amount of Ether is accumulated, the agent replicates itself and leaves offspring. The goal of this project is to implement artificial agents that lives for itself, not as a tool for humans, in the open cyber space connected to the real world. |
| 2024-05-07 | Enabling Privacy-Preserving and Publicly Auditable Federated Learning | Huang Zeng et.al. | 2405.04029 | Federated learning (FL) has attracted widespread attention because it supports the joint training of models by multiple participants without moving private dataset. However, there are still many security issues in FL that deserve discussion. In this paper, we consider three major issues: 1) how to ensure that the training process can be publicly audited by any third party; 2) how to avoid the influence of malicious participants on training; 3) how to ensure that private gradients and models are not leaked to third parties. Many solutions have been proposed to address these issues, while solving the above three problems simultaneously is seldom considered. In this paper, we propose a publicly auditable and privacy-preserving federated learning scheme that is resistant to malicious participants uploading gradients with wrong directions and enables anyone to audit and verify the correctness of the training process. In particular, we design a robust aggregation algorithm capable of detecting gradients with wrong directions from malicious participants. Then, we design a random vector generation algorithm and combine it with zero sharing and blockchain technologies to make the joint training process publicly auditable, meaning anyone can verify the correctness of the training. Finally, we conduct a series of experiments, and the experimental results show that the model generated by the protocol is comparable in accuracy to the original FL approach while keeping security advantages. |
| 2024-05-06 | Stochastic behavior of an n-node blockchain under cyber attacks from multiple hackers with random re-setting times | Xiufeng Xu et.al. | 2405.03814 | link |
| 2024-05-06 | Distributed Estimation in Blockchain-aided Internet of Things in the Presence of Attacks | Hamid Varmazyari et.al. | 2405.03665 | Distributed estimation in a blockchain-aided Internet of Things (BIoT) is considered, where the integrated blockchain secures data exchanges across the BIoT and the storage of data at BIoT agents. This paper focuses on developing a performance guarantee for the distributed estimation in a BIoT in the presence of malicious attacks which jointly exploits vulnerabilities present in both IoT devices and the employed blockchain within the BIoT. To achieve this, we adopt the Cramer-Rao Bound (CRB) as the performance metric, and maximize the CRB for estimating the parameter of interest over the attack domain. However, the maximization problem is inherently non-convex, making it infeasible to obtain the globally optimal solution in general. To address this issue, we develop a relaxation method capable of transforming the original non-convex optimization problem into a convex optimization problem. Moreover, we derive the analytical expression for the optimal solution to the relaxed optimization problem. The optimal value of the relaxed optimization problem can be used to provide a valid estimation performance guarantee for the BIoT in the presence of attacks. |
| 2024-05-05 | FairRelay: Fair and Cost-Efficient Peer-to-Peer Content Delivery through Payment Channel Networks | Jingyu Liu et.al. | 2405.02973 | Peer-to-Peer (P2P) content delivery, known for scalability and resilience, offers a decentralized alternative to traditional centralized Content Delivery Networks (CDNs). A significant challenge in P2P content delivery remains: the fair compensation of relayers for their bandwidth contributions. Existing solutions employ blockchains for payment settlements, however, they are not practical due to high on-chain costs and over-simplified network assumptions. In this paper, we introduce FairRelay, a fair and cost-efficient protocol that ensures all participants get fair payoff in complex content delivery network settings. We introduce a novel primitive, Enforceable Accumulative Hashed TimeLock Contract (Enforceable A-HTLC), designed to guarantee payment atomicity - ensuring all participants receive their payments upon successful content delivery. The fairness of FairRelay is proved using the Universal Composability (UC) framework. Our evaluation demonstrates that, in optimistic scenarios, FairRelay employs zero on-chain costs. In pessimistic scenarios, the on-chain dispute costs for relayers and customers are constant, irrespective of the network complexity. Specifically, empirical results indicate that the on-chain dispute costs for relayers and customers are 24,902 gas (equivalent to 0.01 USD on Optimism L2) and 290,797 gas (0.07 USD), respectively. In a 10-hop relay path, FairRelay introduces less than 1.5% additional overhead compared to pure data transmission, showcasing the efficiency of FairRelay. |
| 2024-05-04 | TetraBFT: Reducing Latency of Unauthenticated, Responsive BFT Consensus | Qianyu Yu et.al. | 2405.02615 | This paper presents TetraBFT, a novel unauthenticated Byzantine fault tolerant protocol for solving consensus in partial synchrony, eliminating the need for public key cryptography and ensuring resilience against computationally unbounded adversaries. TetraBFT has several compelling features: it necessitates only constant local storage, has optimal communication complexity, satisfies optimistic responsiveness -- allowing the protocol to operate at actual network speeds under ideal conditions -- and can achieve consensus in just 5 message delays, which outperforms all known unauthenticated protocols achieving the other properties listed. We validate the correctness of TetraBFT through rigorous security analysis and formal verification. Furthermore, we extend TetraBFT into a multi-shot, chained consensus protocol, making a pioneering effort in applying pipelining techniques to unauthenticated protocols. This positions TetraBFT as a practical and deployable solution for blockchain systems aiming for high efficiency. |
| 2024-05-04 | **Crypto Market Analysis & Real-Estate Business Protocol Proposal | Application of Ethereum Blockchain** | Sid Bhatia et.al. | 2405.02547 |
| 2024-05-04 | A Novel Endorsement Protocol to Secure BFT-Based Consensus in Permissionless Blockchain | Ziqiang Xu et.al. | 2405.02544 | Permissionless blockchain technology offers numerous potential benefits for decentralised applications, such as security, transparency, and openness. BFT-based consensus mechanisms are widely adopted in the permissioned blockchain to meet the high scalability requirements of the network. Sybil attacks are one of the most potential threats when applying BFT-based consensus mechanisms in permissionless blockchain due to the lack of effective verification mechanisms for participants' identities. This paper presents a novel endorsement-based bootstrapping protocol with a signature algorithm that offers a streamlined, scalable identity endorsement and verification process. This approach effectively safeguards the BFT-based consensus mechanism against Sybil attacks. Using our proposed method, we have conducted thorough security analyses and simulation experiments to assess security, robustness, and scalability advantages in large-scale networks. Our results demonstrate that the scheme can effectively address the identity verification challenges when applying BFT-based consensus in a permissionless blockchain. |
| 2024-05-07 | Delphi: Efficient Asynchronous Approximate Agreement for Distributed Oracles | Akhil Bandarupalli et.al. | 2405.02431 | link |
| 2024-07-29 | The Democratization of Wealth Management: Hedged Mutual Fund Blockchain Protocol | Ravi Kashyap et.al. | 2405.02302 | We develop several innovations to bring the best practices of traditional investment funds to the blockchain landscape. Specifically, we illustrate how: 1) fund prices can be updated regularly like mutual funds; 2) performance fees can be charged like hedge funds; 3) mutually hedged blockchain investment funds can operate with investor protection schemes, such as high water marks; and 4) measures to offset trading related slippage costs when redemptions happen. Using our concepts - and blockchain technology - traditional funds can calculate performance fees in a simplified manner and alleviate several operational issues. Blockchain can solve many problems for traditional finance, while tried and tested wealth management techniques can benefit decentralization, speeding its adoption. We provide detailed steps - including mathematical formulations and instructive pointers - to implement these ideas and discuss how our designs overcome several blockchain bottlenecks, making smart contracts smarter. We provide numerical illustrations of several scenarios related to our mechanisms. |
| 2024-05-03 | Tokenization of Real Estate Assets Using Blockchain | Shashank Joshi et.al. | 2405.01852 | Blockchain technology is one of the key technologies that have revolutionized various facets of society, such as the banking, healthcare, and other critical ecosystems. One area that can harness the usage of blockchain is the real estate sector. The most lucrative long-term investment is real estate, followed by gold, equities, mutual funds, and savings accounts. Nevertheless, it has administrative overheads such as lack of transparency, fraud, several intermediaries, title issues, paperwork, an increasing number of arbitrations, and the lack of liquidity. This paper proposes a framework that uses blockchain as an underlying technology. With the aid of blockchain and the suite of tools, it supports many of these problems that can be alleviated in the real estate investment ecosystem. These include smart contracts, immutable record management, tokenization, record tracking, and time-stamped storage. Tokenization of real estate lowers the entry barrier by fixing liquidity and interoperability and improving the interaction between various stakeholders. |
| 2024-05-03 | Sequencer Level Security | Martin Derka et.al. | 2405.01819 | Current blockchains do not provide any security guarantees to the smart contracts and their users as far as the content of the transactions is concerned. In the spirit of decentralization and censorship resistance, they follow the paradigm of including valid transactions in blocks without any further scrutiny. Rollups are a special kind of blockchains whose primary purpose is to scale the transaction throughput. Many of the existing rollups operate through a centrally operated sequencing protocol. In this paper, we introduce the Sequencer Level Security (SLS) protocol, an enhancement to sequencing protocols of rollups. This pioneering contribution explores the concept of the sequencer's capability to identify and temporarily quarantine malicious transactions instead of including them in blocks immediately. We describe the mechanics of the protocol for both the transactions submitted to the rollup mempool, as well as transactions originating from Layer one. We comment on topics such as trust and decentralization, and consider the security impact on the protocol itself. We implement a prototype of the SLS protocol, Zircuit, which is built on top of Geth and the OP stack. The SLS protocol described can be easily generalized to other rollup designs, and can be used for purposes other than security. |
| 2024-05-02 | Unconditionally Safe Light Client | Niusha Moshrefi et.al. | 2405.01459 | Blockchain applications often rely on lightweight clients to access and verify on-chain data efficiently without the need to run a resource-intensive full node. These light clients must maintain robust security to protect the blockchain's integrity for users of applications built upon it, achieving this with minimal resources and without significant latency. Moreover, different applications have varying security needs. This work focuses on addressing these two key requirements in the context of Proof-of-Stake (PoS) blockchains and identifying the fundamental cost-latency trade-offs to achieve tailored, optimal security for each light client. The key security guarantee of PoS blockchains is economic (implied by the "stake"). In this paper we formalize this cryptoeconomic security to light clients, ensuring that the cost of corrupting the data provided to light clients must outweigh the potential profit, thereby economically deterring malicious actors. We further introduce "insured" cryptoeconomic security to light clients, providing unconditional protection via the attribution of adversarial actions and the consequent slashing of stakes. The divisible and fungible nature of stake facilitates programmable security, allowing for customization of the security level and insurance amount according to the specific needs of different applications. We implemented the protocols in less than 1000 lines of Solidity and TypeScript code and evaluated their gas cost, latency, and the computational overhead. For example, for a transaction with value of \ $32k, the light client can choose between zero cost with a latency of 5 hours or instant confirmation with an insurance cost of $ 7.45. Thus, the client can select the optimal point on the latency-cost trade-off spectrum that best aligns with its needs. Light clients require negligible storage and face minimal computational costs,... |
| 2024-09-09 | Decentralization of Ethereum's Builder Market | Sen Yang et.al. | 2405.01329 | Blockchains protect an ecosystem worth more than $500bn with strong security properties derived from the principle of decentralization. Is today's blockchain decentralized? In this paper, we empirically studied one of the least decentralized parts of Ethereum, its builder market. The builder market was introduced to fairly distribute Maximal Extractable Values (MEV) among validators and avoid validator centralization. As of the time of writing, three builders produced the vast majority (more than 80%) of blocks in Ethereum, creating a concerning centralization factor. However, the community believes that such centralization is okay, arguing that builder centralization will not lead to validator centralization. In this empirical study, we interrogate the causes and implications of builder centralization and challenge this belief that it is acceptable. Our main finding is that builder centralization has led to a significant loss by validators and, if left uncontrolled, could lead to validator centralization. Moreover, MEV mitigation solutions slated for adoption are affected too because they rely on the builder market as an MEV oracle, which is made inaccurate by centralization. Our investigation revealed two reasons behind builder centralization. We propose a structural change to the existing MEV supply chain and a solution based on the new supply chain structure. However, future work is required to analyze if the new supply chain structure is sustainable in the long term, which we leave open. |
| 2024-05-01 | A Blockchain-Based Audit Mechanism for Trust and Integrity in IoT-Fog Environments | Ismael Martinez et.al. | 2405.00844 | The full realization of smart city technology is dependent on the secure and honest collaboration between IoT applications and edge-computing. In particular, resource constrained IoT devices may rely on fog-computing to alleviate the computing load of IoT tasks. Mutual authentication is needed between IoT and fog to preserve IoT data security, and monetization of fog services is needed to promote the fog service ecosystem. However, there is no guarantee that fog nodes will always respond to IoT requests correctly, either intentionally or accidentally. In the public decentralized IoT-fog environment, it is crucial to enforce integrity among fog nodes. In this paper, we propose a blockchain-based system that 1) streamlines the mutual authentication service monetization between IoT and fog, 2) verifies the integrity of fog nodes via service audits, and 3) discourages malicious activity and promotes honesty among fog nodes through incentives and penalties. |
| 2024-05-01 | Swarm Learning: A Survey of Concepts, Applications, and Trends | Elham Shammar et.al. | 2405.00556 | Deep learning models have raised privacy and security concerns due to their reliance on large datasets on central servers. As the number of Internet of Things (IoT) devices increases, artificial intelligence (AI) will be crucial for resource management, data processing, and knowledge acquisition. To address those issues, federated learning (FL) has introduced a novel approach to building a versatile, large-scale machine learning framework that operates in a decentralized and hardware-agnostic manner. However, FL faces network bandwidth limitations and data breaches. To reduce the central dependency in FL and increase scalability, swarm learning (SL) has been proposed in collaboration with Hewlett Packard Enterprise (HPE). SL represents a decentralized machine learning framework that leverages blockchain technology for secure, scalable, and private data management. A blockchain-based network enables the exchange and aggregation of model parameters among participants, thus mitigating the risk of a single point of failure and eliminating communication bottlenecks. To the best of our knowledge, this survey is the first to introduce the principles of Swarm Learning, its architectural design, and its fields of application. In addition, it highlights numerous research avenues that require further exploration by academic and |