Research Pulse Issue #26 08/16/21

  1. A Secure and Efficient Bitcoin Payment Channel Using Intel SGX
    Authors: Yankai Xie, Chi Zhang, Lingbo Wei, Qingtao Wang, and Zhe Yang

Hardware trusted execution environment (TEE) provided by Intel SGX enclave has been introduced in existing payment channel schemes as a root-of-trust to enforce faithful protocol execution so that participants do not need to monitor Bitcoin blockchain anymore. However, the security of these schemes relies totally on enclaves. Since private keys of all channel funds are kept by both payment channel participants’ enclaves, a malicious participant can steal funds from the counterparty by defeating her own enclave. To solve the above problem, we present a novel TEE-based payment channel scheme that transfers the responsibility of running enclaves from participants to a third party committee, while relieving both participants from monitoring the blockchain at the same time. Furthermore, since committee members can try to steal funds by defeating their own enclaves, we exploit the additive homomorphic property of signature keys in Elliptic Curve Cryptography to design a novel secret sharing scheme to tolerate a subset of committee members to be malicious. By using the above secret sharing scheme, private keys of the channel funds are never constructed in any committee member’s enclave, so that a malicious committee member cannot steal funds by defeating his own enclave. Finally, experiment shows our scheme can ensure payment channel funds security without efficient compromises compared with existing TEE-based payment channel schemes.

Link: A Secure and Efficient Bitcoin Payment Channel Using Intel SGX | IEEE Conference Publication | IEEE Xplore

  1. On the Economic Design of Stablecoins
    Authors: Christian Catalini and Alonso de Gortari

Stablecoins are cryptocurrencies designed to trade at par with a reference asset, typically the U.S. Dollar. While they all share the same fundamental objective of maintaining stability against their reference assets, stablecoins differ substantially in terms of their economic design, quality of backing, stability assumptions and legal protections for coin holders. We surface two critical dimensions that underpin the economic design of every stablecoin: (1) the volatility of the reserve assets against the reference asset, which defines the risk profile of the stablecoin for coin holders; and (2) the degree to which the stablecoin is exposed to the risk of a death spiral. To address these risks, fiat-backed stablecoins must rely on reserves of high-quality, liquid assets and be subject to a framework that protects coin holders from credit risk, market risk, operational risk, as well as the insolvency or bankruptcy of the issuer. Although decentralized stablecoin designs eliminate the need to trust an intermediary, they are either exposed to death spirals, or highly capital inefficient, as they must be highly over-collateralized to account for the lack of an intermediary. While these trade-offs might be acceptable for narrow use cases within the cryptocurrency space, without a breakthrough in decentralized stablecoin design, they are likely to limit the usefulness of these coins for mainstream adoption.

Link: On the Economic Design of Stablecoins by Christian Catalini, Alonso de Gortari :: SSRN

  1. SolGuard: Preventing external call issues in smart contract-based multi-agent robotic systems
    Authors: Purathani Praitheeshan, Lei Pan, Xi
    Zheng, Alireza Jolfaei, and Robin Doss

In the new era of blockchain-based multi-agent robotic systems, smart contract programs perform an influential role in implementing decentralized applications with required task allocations. Smart contract programs are developed using script-type of programming languages, and they have already deployed several vulnerable patterns without proper testing and audit. We studied Solidity smart contracts running on the Ethereum platform and identified that they had been exploited because of several programming issues, especially using low-level external calls to malicious sources. Since smart contracts are immutable after their deployment to autonomous multi-robot systems, they should be tested to fix possible development phase issues. We implemented a prototype plugin called SolGuard by extending the solhint linter to prevent three critical issues related to Solidity smart contract programs’ usage of external calls. The SolGuard plugin checks state variable order in the smart contracts, participation of delegatecall invocations, address type parameters in the smart contract’s constructor, and denial of service patterns. We empirically evaluate the SolGuard plugin with existing popular static analysis tools. Our results indicate that SolGuard outperformed the baseline tools in terms of efficiency and accuracy.

Link: SolGuard: Preventing external call issues in smart contract-based multi-agent robotic systems - ScienceDirect

  1. Attacking transaction relay in MimbleWimble blockchains
    Author: Seyed Ali Tabatabaee

Blockchain-based networks are often concerned with privacy. Two common types of privacy in blockchain networks are (1) transaction source privacy, and (2) transaction content privacy. Research has shown that Bitcoin, the most prominent cryptocurrency, cannot easily provide these privacy types. Hence, new protocols have been proposed. For example, Dandelion++ is a solution to the source privacy vulnerability in Bitcoin. Practical systems, however, need to provide multiple privacy guarantees at the same time. To the best of our knowledge, source privacy and content privacy have not been considered simultaneously in the literature. We conjecture that cryptocurrencies that use Dandelion++ for transaction relay could be susceptible to attacks against both types of privacy and also to performance attacks. Our focus in this project is on the implementations of the MimbleWimble cryptocurrency protocol such as Beam. We have designed and implemented three different attacks against these existing privacy-focused protocols. In the first attack, the adversary uses information obtained from an incoming transaction for improved detection of the transaction source. In the second attack, to increase the latency of an incoming transaction, the adversary adds an excessive delay before forwarding the transaction. In the third attack, the adversary exploits the aggregation protocol in MimbleWimble to launch a denial of service attack on an incoming transaction. We have validated our proposed attacks in a private test network of Beam nodes and a network simulator.

Link: Attacking transaction relay in MimbleWimble blockchains - UBC Library Open Collections

  1. Designing a Practical Code-based Signature Scheme from Zero-Knowledge Proofs with Trusted Setup
    Authors: Shay Gueron, Edoardo Persichetti, and Paolo Santini

This paper defines a new practical construction for a codebased signature scheme. We introduce a new protocol that is designed to follow the recent “Sigma protocol with helper” paradigm, and prove that the protocol’s security reduces directly to the Syndrome Decoding Problem. The protocol is then converted to a full-fledged signature scheme via a sequence of generic steps that include: removing the role of the helper; incorporating a variety of protocol optimizations (using e.g., Merkle trees); applying the Fiat-Shamir transformation. The resulting signature scheme is EUF-CMA secure in the QROM, with the following advantages: a) Security relies on only minimal assumptions and is backed by a long-studied NP-complete problem; b) the trusted setup structure allows for obtaining an arbitrarily small soundness error. This minimizes the required number of repetitions, thus alleviating a major bottleneck associated with Fiat-Shamir schemes. We outline an initial performance estimation to confirm that our scheme greatly outpaces existing similar type solutions.


  1. Sharding-Based Proof-of-Stake Blockchain Protocols: Security Analysis
    Authors: Abdelatif Hafid, Abdelhakim Senhaji Hafid, and Adil Senhaji

Blockchain technology has been gaining great interest from a variety of sectors, including healthcare, supply chain and cryptocurrencies. However, Blockchain suffers from its limited ability to scale (i.e. low throughput and high latency). Several solutions have been appeared to tackle this issue. In particular, sharding proved that it is one of the most promising solutions to Blockchain scalability. Sharding can be divided into two major categories: (1) Sharding-based Proof-of-Work (PoW) Blockchain protocols, and (2) Sharding-based Proof-of-Stake (PoS) Blockchain protocols. The two categories achieve a good performances (i.e. good throughput with a reasonable latency), but raise security issues. This article attends that analyze the security of the second category. More specifically, we compute the probability of committing a faulty block and measure the security by computing the number of years to fail. Finally, to show the effectiveness of the proposed model, we conduct a numerical analysis and evaluate the results obtained.



Research Pulse Issue 26 is out!

In On the Economic Design of Stablecoins, the authors dissect the economic primitives popularly used to design stablecoins. They propose a framework that can be used to evaluate the quality and design of most stablecoins today: the volatility of the reserve assets against the reference asset, which defines the risk profile of the stablecoin for coin holders, as well as the degree to which the stablecoin is exposed to the risk of a death spiral. A must read for those interested in mechanism design for stablecoins.

The security of privacy-preserving mechanisms continues to be a widely discussed topic in the context of cryptoassets. Most studies on the privacy guarantees of a cryoptoasset tend to focus on the transaction graph. Specifically, the focus tends to be on deanonymizing (and clustering) addresses of entities recorded on the blockchain. Nevertheless, privacy can be broken in different ways. In Attacking transaction relay in MimbleWimble blockchains, the author focuses on a different angle and proposes an attack on the P2P layer, which relates to how nodes communicate and relay transactions.

Finally, in Sharding-Based Proof-of-Stake Blockchain Protocols: Security Analysis, authors provide a framework to evaluate the consensus and Sybil-protection mechanisms used in the context of cryptoasset networks. In order to do that, they compute the probability of committing a faulty block and measure the security by computing the number of years it would probabilistically take for a chain to fail. While the focus is rather narrow, it is reassuring to see more analyses of blockchain systems accounting for sharded architectures.