Design and analysis of a distributed ECDSA signing service
Authors: Jens Groth and Victor Shoup
We present and analyze a new protocol that provides a distributed ECDSA signing service, with the following properties:
• it works in an asynchronous communication model;
• it works with n parties with up to f < n/3 Byzantine corruptions;
• it provides guaranteed output delivery;
• it provides a very efficient, non-interactive online signing phase;
• it supports additive key derivation according to the BIP32 standard.
This service is being implemented and integrated into the architecture of the Internet Computer, enabling smart contracts running on the Internet Computer to securely hold and spend Bitcoin and other cryptocurrencies.
Panoptic: a perpetual, oracle-free options protocol
Authors: Guillaume Lambert and Jesper Kristensen
Panoptic is a perpetual, oracle-free, instant-settlement options trading protocol on the Ethereum blockchain. Panoptic enables the permissionless trading of options on top of any asset pool in the Uniswap v3 ecosystem and seeks to develop a trustless, permissionless, and composable options product, i.e., do for decentralized options markets what x·y=k automated market maker protocols did for spot trading.
Symbolon: Enabling Flexible Multi-device-based User Authentication
Authors: Thalia Laing, Eduard Marin, Mark D. Ryan, Joshua Schiffman, and Gaetan Wattiau
Hardware tokens are increasingly used to support second-factor and passwordless authentication schemes. While these devices improve security over weaker factors like passwords, they suffer from a number of security and practical issues. We present the design and implementation of Symbolon, a system that allows users to authenticate to an online service in a secure and flexible manner by using multiple personal devices (e.g., their smartphone and smart watch) together, in place of a password. The core idea behind Symbolon is to let users authenticate only if they carry a sufficient number of their personal devices and give explicit consent. We use threshold cryptography at the client side to protect against strong adversaries while overcoming the limitations of multi-factor authentication in terms of flexibility. Symbolon is compatible with FIDO servers, but improves the client-side experience compared to FIDO in terms of security, privacy, and user control. We design Symbolon such that the user can (i) authenticate using a flexible selection of devices, which we call “authenticators”; (ii) define fine-grained threshold policies that enforce user consent without involving or modifying online services; and (iii) add or revoke authenticators without needing to generate new cryptographic keys or manually (un)register them with online services. Finally, we present a detailed design and analyse the security, privacy and practical properties of Symbolon; this includes a formal proof using ProVerif to show the required security properties are satisfied.
Self-Supervised Learning of Smart Contract Representations
Authors: Shouliang Yang, Xiaodong Gu, and Beijun Shen
Learning smart contract representations can greatly facilitate the development of smart contracts in many tasks such as bug detection and clone detection. Existing approaches for learning program representations are difficult to apply to smart contracts which have insufficient data and significant homogenization. To overcome these challenges, in this paper, we propose SRCL, a novel, self-supervised approach for learning smart contract representations. Unlike existing supervised methods, which are tied on task-specific data labels, SRCL leverages large-scale unlabeled data by self-supervised learning of both local and global information of smart contracts. It automatically extracts structural sequences from abstract syntax trees (ASTs). Then, two discriminators are designed to guide the Transformer encoder to learn local and global semantic features of smart contracts. We evaluate SRCL on a dataset of 75,006 smart contracts collected from Etherscan. Experimental results show that SRCL considerably outperforms the state-of-the-art code representation models on three downstream tasks.
zk-Sherlock: Exposing Hardware Trojans in Zero-Knowledge
Authors: Dimitris Mouris, Charles Gouert, and Nektarios Georgios Tsoutsos
As integrated circuit (IC) design and manufacturing have become highly globalized, hardware security risks become more prominent as malicious parties can exploit multiple stages of the supply chain for profit. Two potential targets in this chain are third-party intellectual property (3PIP) vendors and their customers. Untrusted parties can insert hardware Trojans into 3PIP circuit designs that can both alter device functionalities when triggered or create a side channel to leak sensitive information such as cryptographic keys. To mitigate this risk, the absence of Trojans in 3PIP designs should be verified before integration, imposing a major challenge for vendors who have to argue their IPs are safe to use, while also maintaining the privacy of their designs before ownership is transferred. To achieve this goal, in this work we employ modern cryptographic protocols for zero-knowledge proofs and enable 3PIP vendors prove an IP design is free of Trojan triggers without disclosing the corresponding netlist. Our approach uses a specialized circuit compiler that transforms arbitrary netlists into a zero-knowledgefriendly format, and introduces a versatile Trojan detection module that maintains the privacy of the actual netlist. We evaluate the effectiveness of our methodology using selected benchmarks.
Topology Analysis of the XRP Network
Authors: Vytautas Tumas, Sean Rivera, Damien Magoni, and Radu State
XRP is one of the oldest, well-established cryptocurrencies. Despite the popularity of XRP, little is known about its underlying peer-to-peer network. The structural properties of a network impact its efficiency, security and robustness. We aim to close the knowledge gap by providing a detailed analysis of the XRP overlay network.
In this paper we examine the graph-theoretic properties of the XRP Network topology and its temporal characteristics. We crawl the XRP Network over two months and collect 1,300 unique network snapshots. We uncover a small group of nodes that act as a networking backbone. In addition, we observe a high network churn, with a third of the nodes changing every five days. Our findings have strong implications for the resilience and safety of the XRP Ledger.