FPPW: A Fair and Privacy Preserving Watchtower For Bitcoin
Authors: Arash Mirzaei, Amin Sakzad, Jiangshan Yu, and Ron Steinfeld
In this paper, we introduce FPPW, a new payment channel with watchtower scheme for Bitcoin. This new scheme provides fairness w.r.t. all channel participants including both channel parties and the watchtower. It means that the funds of any honest channel participant are safe even assuming that other two channel participants are corrupted and/or collude with each other. Furthermore, the watchtower in FPPW learns no information about the off-chain transactions and hence the channel balance privacy is preserved. As a byproduct, we also define the coverage of a watchtower scheme, that is the total capacity of channels that a watchtower can cover on a scale of 0 to 1, and show that FPPW’s coverage is higher than those of PISA and Cerberus. The scheme can be implemented without any update in Bitcoin script.
Low-cost attacks on Ethereum 2.0 by sub-1/3 stakeholders
Authors: Michael Neuder, Daniel J. Moroz, Rithvik Rao, and David C. Parkesk
We outline two dishonest strategies that can be cheaply executed on the Ethereum 2.0 beacon chain, even by validators holding less than one-third of the total stake: malicious chain reorganizations (“reorgs”) and finality delays. In a malicious reorg, an attacker withholds their blocks and attestations before releasing them at an opportune time in order to force a chain reorganization, which they can take advantage of by double-spending or front-running transactions. To execute a finality delay an attacker uses delayed block releases and withholding of attestations to increase the mean and variance of the time it takes blocks to become finalized. This impacts the efficiency and predictability of the system. We provide a probabilistic and cost analysis for each of these attacks, considering a validator with 30% of the total stake.
An Evaluation of Cryptocurrency Payment Channel Networks and Their Privacy Implications
Authors: Enes Erdin, Suat Mercan, and Kemal Akkaya
Cryptocurrencies redefined how money can be stored and transferred among users. However, independent of the amount being sent, public blockchain-based cryptocurrencies suffer from high transaction waiting times and fees. These drawbacks hinder the wide use of cryptocurrencies by masses. To address these challenges, payment channel network concept is touted as the most viable solution to be used for micro-payments. The idea is exchanging the ownership of money by keeping the state of the accounts locally. The users inform the blockchain rarely, which decreases the load on the blockchain. Specifically, payment channel networks can provide transaction approvals in seconds by charging a nominal fee proportional to the payment amount. Such attraction on payment channel networks inspired many recent studies which focus on how to design them and allocate channels such that the transactions will be secure and efficient. However, as payment channel networks are emerging and reaching large number of users, privacy issues are becoming more relevant that raise concerns about exposing not only individual habits but also businesses’ revenues. In this paper, we first propose a categorization of the existing payment networks formed on top of blockchain-backed cryptocurrencies. After discussing several emerging attacks on user/business privacy in these payment channel networks, we qualitatively evaluate them based on a number of privacy metrics that relate to our case. Based on the discussions on the strengths and weaknesses of the approaches, we offer possible directions for research for the future of privacy based payment channel networks.
Investigating Static Analyzers Detection Capabilities on Ethereum Smart Contracts
Authors: Mirko Staderini, Andrea Bondavalli
Ethereum smart contracts had ever-increasing development in recent years. Hidden vulnerabilities can not be patched once a smart contract is deployed on a blockchain because of the code immutability. The use of static analyzers reduces the number of vulnerabilities in smart contracts. The paper focuses on the outcomes of some static analyzers for Solidity smart contracts. Based on a language-independent systematization of vulnerabilities, the work performs an analysis of positives detection of some static analyzers on a smart contracts dataset. Such analysis permits (i) identifying a positive correlation among some smart contracts’ metrics and tools’ outcomes, and (ii) investigating where tools detect specific classes of the systematization.
Analysis of Selfish Miner Behavior in the Bitcoin Network
Authors: Saeideh G. Motlagh, Jelena Misic, and Vojislav B. Misic
Selfish mining is a recognized misbehaving attack in Bitcoin. Selfish miners intentionally delay the release of newly mined blocks with the goal of gaining more revenue. While several studies have been devoted to analyzing the selfish miner behavior, the impact of selfish behavior on Bitcoin network performance has received little to no attention at all. In this work, we focus on that impact using a Markov chain that models selfish behavior both from the aspect of mining and form the aspect of block distribution time. We find that blocks mined by honest miners undergo longer distribution time compared to blocks mined by selfish miners. This delay results in intentional forking and the resulting network inconsistency provides more opportunity for selfish miners to gain unfair revenue.
OptSmart: A Space Efficient Optimistic Concurrent Execution of Smart Contracts
Authors: Parwat Singh Anjana, Sweta Kumari, Sathya Peri, Sachin Rathor, and Archit Somani
Popular blockchains such as Ethereum and several others execute complex transactions in blocks through user-defined scripts known as smart contracts. Serial execution of smart contract transactions/atomic-units (AUs) fails to harness the multiprocessing power offered by the prevalence of multi-core processors. By adding concurrency to the execution of AUs, we can achieve better efficiency and higher throughput. In this paper, we develop a concurrent miner that proposes a block by executing the AUs concurrently using optimistic Software Transactional Memory systems (STMs) . It captures the independent AUs in a concurrent bin and dependent AUs in the block graph (BG) efficiently. Later, we propose a concurrent validator that re-executes the same AUs concurrently and deterministically using a concurrent bin followed by BG given by the miner to verify the block. We rigorously prove the correctness of concurrent execution of AUs and show significant performance gain than state-of-the-art.
BFastPay: A Routing-free Protocol for Fast Payment in Bitcoin Network
Authors: Xinyu Lei, Guan-Hua Tu, Tian Xie, Sihan Wang
Bitcoin is the most popular cryptocurrency which supports payment services via the Bitcoin peer-to-peer network. However, Bitcoin suffers from a fundamental problem. In practice, a secure Bitcoin transaction requires the payee to wait for at least 6 block confirmations (one hour) to be validated. Such a long waiting time thwarts the wide deployment of the Bitcoin payment services because many usage scenarios require a much shorter waiting time. In this paper, we propose BFastPay to accelerate the Bitcoin payment validation. BFastPay employs a smart contract called BFPayArbitrator to host the payer’s security deposit and fulfills the role of a trusted payment arbitrator which guarantees that a payee always receives the payment even if attacks occur. BFastPay is a routing-free solution that eliminates the requirement for payment routing in the traditional payment routing network (e.g., Lightning Network). The theoretical and experimental results show that BFastPay is able to significantly reduce the Bitcoin payment waiting time (e.g., from 60 mins to less than 1 second) with nearly no extra operation cost.
Order-Fair Consensus in the Permissionless Setting
Authors: Mahimna Kelkar, Soubhik Deb, Sreeram Kannan
Over the past five years, a significant line of research has investigated the blockchain consensus problem in the general permissionless setting, where protocol nodes can leave and join dynamically. The work of Garay et al. (Eurocrypt 2015) and Pass et al. (Eurocrypt 2017) showed the security properties of consistency and liveness for Nakamoto’s seminal proof-of-work protocol. However, consistency and liveness do not provide any guarantees on the relationship between the order in which transactions arrive into the network and the finalized order in the ledger, making protocols prone to transaction order-manipulation attacks. As a solution, a recent paper by Kelkar et al. (Crypto 2020) introduced a third useful property for consensus protocols: transaction-order-fairness. Their model was limited to the classical (permissioned) setting, where the set of protocol nodes is fixed a priori, and does not fit well for permissionless environments where order-manipulation attacks have been most prominent. In this work, we initiate the investigation of order-fairness in the permissionless setting and provide two protocols that realize it. Our protocols work in a synchronous network and use an underlying longest-chain blockchain. As an added contribution, we show that any fair ordering protocol achieves a powerful zero-block confirmation property, through which honest transactions can be securely confirmed even before they are included in any block.