Research Pulse #73 07/11/2022

  1. Applicability of Intrusion Detection System on Ethereum Attacks: A Comprehensive Review
    Authors: Arkan Hammoodi Hasan Kabla, Mohammed Anbar, Selvakumar Manickam, Taief Alaa Alamiedy, Peterson Bernabe Cruspe, Ahmed K. Al-Ani, and Shankar Karupayah

Ethereum attracts more investors, researchers, and even scammers for many reasons; this is the first platform that enables the new Decentralized Applications (DApps) to run on top of the blockchain network. However, the rich semantics and applications of DApps inevitably introduce many security issues that have grabbed significant attention from industry and academics due to their destructive impact on DApps in recent years. Therefore, there is a vital need to study the applicability of Intrusion Detection System in detecting Ethereum-based attacks. Hence, this paper is among the first comprehensive review that studies the applicability of IDS in detecting Ethereum-based attacks. In addition, this paper lists all the potential attacks on Ethereum passing through the vulnerabilities that cause those attacks and ending with the consequences of each attack. Besides, this paper analyses all the IDS-based related works of Ethereum attacks detection since the Ethereum platform was launched in 2015. Finally, this paper discusses the open issues regarding vulnerabilities and attacks, challenges, and future directions.

  • Smart contract security is an emerging field and many established best practices from cyber security have yet to be applied to it.
  • Intrusion Detection Systems (IDSs) are a critical cyber security component, as they are encumbered with detecting when a system has been compromised.
  • This paper is interesting as it explores how an IDS could be applied to smart contracts to identify exploits quicker and prevent loss of funds.

Link: IEEE Xplore Full-Text PDF:

  1. Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on Ethereum
    Authors: Dabao Wang, Hang Feng, Siwei Wu, Yajin Zhou, Lei Wu, and Xingliang Yuan

The prosperity of decentralized finance motivates many investors to profit via trading their crypto assets on decentralized applications (DApps for short) of the Ethereum ecosystem. Apart from Ether (the native cryptocurrency of Ethereum), many ERC20 (a widely used token standard on Ethereum) tokens obtain vast market value in the ecosystem. Specifically, the approval mechanism is used to delegate the privilege of spending users’ tokens to DApps. By doing so, the DApps can transfer these tokens to arbitrary receivers on behalf of the users. To increase the usability, unlimited approval is commonly adopted by DApps to reduce the required interaction between them and their users. However, as shown in existing security incidents, this mechanism can be abused to steal users’ tokens.
In this paper, we present the first systematic study to quantify the risk of unlimited approval of ERC20 tokens on Ethereum. Specifically, by evaluating existing transactions up to 31st July 2021, we find that unlimited approval is prevalent (60%, 15.2M/25.4M) in the ecosystem, and 22% of users have a high risk of their approved tokens for stealing. After that, we investigate the security issues that are involved in interacting with the UIs of 22 representative DApps and 9 famous wallets to prepare the approval transactions. The result reveals the worrisome fact that all DApps request unlimited approval from the front-end users and only 10% (3/31) of UIs provide explanatory information for the approval mechanism. Meanwhile, only 16% (5/31) of UIs allow users to modify their approval amounts. Finally, we take a further step to characterize the user behavior into five modes and formalize the good practice, i.e., on-demand approval and timely spending, towards securely spending approved tokens. However, the evaluation result suggests that only 0.2% of users follow the good practice to mitigate the risk. Our study sheds light on the risk of unlimited approval and provides suggestions to secure the approval mechanism of the ERC20 tokens on Ethereum.

  • This paper examines the relationship between a smart contract’s spend conditions (the conditions through which funds can be spent) and common security vulnerabilities that exploit those conditions to steal user funds.
  • It provides an interesting framework to evaluate how spend conditions are structured in smart contracts, such as ERC20s implementers, and applies this to many popular applications.
  • It also sheds light on the role that front-end applications have on this type of exploit. The authors found that only 10% of the UIs analyzed have clearly defined spend conditions, which complicates the development of mitigation strategies.

Link: https://arxiv.org/pdf/2207.01790.pdf

  1. Nirvana: Instant and Anonymous Payment-Guarantees
    Authors: Akash Madhusudan, Mahdi Sedaghat, Philipp Jovanovic, and Bart Preneel

Given the high transaction confirmation latencies in public blockchains, cryptocurrencies such as Bitcoin, Ethereum, etc. are not yet suitable to support real-time services such as transactions on retail markets. There are several solutions to address this latency problem, with layer-2 solutions being the most promising ones. Existing layer-2 solutions, however, suffer from privacy and/or collateral issues when applied to retail environments where customer-merchant relationships are usually ephemeral.
In this paper, we propose Nirvana, that can be combined with existing cryptocurrencies to provide instant, anonymous and unlinkable payment guarantees. Nirvana does not require any trusted third party. It conceals the identities of honest participants, thus ensuring customer anonymity within the system while only relying on efficient Groth-Sahai proof systems. We introduce a novel randomness-reusable threshold encryption that mitigates doublespending by revealing the identities of malicious users. We formally prove how our scheme provides customer anonymity, unlinkability of transactions and payment guarantees to merchants. Our experiments demonstrate that Nirvana allows for fast (zero-confirmation) global payments in a retail setting with a delay of less than ∼ 1.7 seconds.

  • This paper introduces a new type of layer 2 network that uses novel, state-of-the-art cryptography to enable scalable and private payments with short finality times.
  • The schema heavily relies on Groth-Sahai proofs and claims to achieve economic finality in roughly 1.7 seconds via a type of validity proof.
  • Albeit complex relative to other layer 2s, such as the Lightning Network, this schema can be an interesting alternative to more complex constructs, such as zk-rollups.

Link: https://eprint.iacr.org/2022/872.pdf

  1. Can Bitcoin help money cross the border: International evidence
    Authors: Hong Bao, Jianjun Li, Yuchao Peng, and Qiang Qu

This paper constructs a regional monthly co-movement indicator (Dynamic Conditional Correlation, DCC) between Bitcoin and MSCI indices of 21 regions based on the DCC-GARCH model. DCCs in most sample regions are positive, implying a strong linkage of Bitcoin and local stock markets. Furthermore, a region’s capital account control of has positive impact on DCC, and the impact is more pronounced in regions with better money laundering supervision and less developed financial systems. This implies that Bitcoin, with investment and illegal purposes, tends to be likely used as an unregulated global currency to channel the funds from home to abroad. Finally, we also find that the rise in DCC will increase the pressure on the local financial system. Our study can assist cryptocurrency investors and regulators in making more informed decisions.

  • Tracking the movement of Bitcoin across nations has been an interesting research field as Bitcoin gains popularity in countries facing political instability.
  • This study attempts to shed light on Bitcoin capital flows by evaluating the relationship between local stock market performance (measured via MSCI indexes) and demand for BTC.
  • The authors provide a methodology for a co-movement indicator (DCC) and conclude that it is likely that Bitcoin is currently used as a global currency to move funds across borders.

Link: Can Bitcoin help money cross the border: International evidence - ScienceDirect

  1. BitAnalysis: A Visualization System for Bitcoin Wallet Investigation
    Authors: Yujing Sun, Hao Xiong, Siu Ming Yiu, and Kwok Yan Lam

Bitcoin is gaining ever increasing popularity. However, professional skills are required if people want to check bitcoin transaction information from the blockchain. As pointed out in a recent study [1], there is a lack of tools to support effective interactive investigation of bitcoin transactions. Therefore, we present a novel visualization system, BitAnalysis, for interactive bitcoin wallet investigation. The analytical and visualization functions of BitAnalysis are defined and developed by following the advice and requirements of a group of entrepreneurs and regulators of bitcoin-related business. BitAnalysis provides a rich set of functions and intuitive visual interfaces for the users, such as law-enforcement officers and regulators, to effectively visualize and analyze the transactions of a bitcoin wallet (i.e., a cluster of bitcoin addresses) and its related wallets, to track the flow of bitcoins, and to identify wallet correlation using our novel clustering functions. To achieve these functions, we have designed new visualization techniques for presenting bitcoin transactions information and introduced the connection diagram and bitcoin flow map as new ways of analyzing, tracking and monitoring the trading activities of a cluster of closely related wallets. We also present an extensive user study that validated the effectiveness and usability of BitAnalysis.

  • Graph analysis is useful when evaluating on-chain flows between addresses and clusters (wallets).
  • However, the industry still lacks the tooling required in order to perform this type of forensic study at scale.
  • This paper introduces a tool called BitAnalysis, which embeds several clustering heuristics and attempts to make it easier for analysts to evaluate the flow of funds between wallets.

Link: BitAnalysis: A Visualization System for Bitcoin Wallet Investigation | IEEE Journals & Magazine | IEEE Xplore

3 Likes

Hello @cipherix :wave:

The link for “Applicability of Intrusion Detection System on Ethereum Attacks: A Comprehensive Review” isn’t working

1 Like

Try using Google Chrome browser. I just downloaded the PDF using it.

1 Like