13 research outputs found
Formal Methods for Secure Bitcoin Smart Contracts
The notion of smart contracts was introduced in 1997 by Nick Szabo, to describe agreements among mutually distrusting parties that can be automatically enforced without resorting to a trusted intermediary.
Then, the idea was mostly forgotten due to the technical impossibility to implement it. The advent of distributed ledger technologies, pioneered by Bitcoin, provided a technical foundation to reshape and develop smart contracts.
Since smart contracts handle the ownership of valuable assets, attackers may be tempted to exploit vulnerabilities in their implementation to steal or tamper with these assets. For instance, a series of vulnerabilities in Ethereum contracts have been exploited, causing money losses in the order of hundreds of millions of dollars.
Over the last years, a variety of smart contracts for Bitcoin have been proposed, both by the academic community and by that of developers. However, the heterogeneity in their treatment, the informal (often incomplete or imprecise) descriptions, and the use of poorly documented Bitcoin features, poses obstacles to the development of secure smart contracts.
Using formal models and domain-specific languages to describe the behaviour of the underlying platform, and to model contracts, could help to overcome these security issues, by reducing the distance between the intended behaviour of a contract and the implementation.
In this thesis, we propose a formal model of Bitcoin transactions, which is the foundation for a new process algebra for defining Bitcoin smart contracts. Furthermore, we present a toolchain for developing smart contracts in BitML, a domain-specific language based on the contributions of this thesis. Moreover, we propose a new extension to Bitcoin, called neighbourhood covenants, which extends its expressiveness as a smart contract platform. We then exploit neighbourhood covenants to implement fungible tokens on Bitcoin
Blockchain technologies as data storage for test results and certificates - the human factor
In the educational sector even the most sophisticated digital environments will not make human
interaction obsolete, as learning and education are inherently social processes. This also means that
any application that involves learning and assessment must deal with problems resulting from human
error. Some of these problems can effectively be countered or excluded by Blockchain-based
technologies. Especially in the case of retroactive manipulation of data, non-Blockchain systems are
prone to manipulation, as even the most advanced safeguards cannot prohibit users with high enough
access rights to manipulate existing data entries (this may be a mere annoyance when a well-meaning
teacher edits a student’s attendance, but it can quickly become a large-scale problem when the
recognition of diplomas is tampered with on an institutional level). As data stored on the Blockchain
cannot be altered retroactively, the problem of tampering with existing data is to be ruled out.
This conference paper looks at the role of humans in the use of state-of-the-art systems that store
grades from exams and certificates on Blockchain, and aims at initiating a broad discussion whilst
providing guidance for future developments.peer-reviewe
The role of blockchain technologies in digital assessment
Once information is stored on the Blockchain, it cannot be altered retroactively. This immutability
makes Blockchain technology an ideal candidate to secure learning achievements and educational
credentials. Keeping data trustworthy, secure and manipulation-proof has become an increasing issue
in education due to the rise of digital learning environments, which often combine learning
experiences, testing procedures and educational credential management. Currently, most digital
learning environments safeguard their data using traditional safety systems (e.g. password protection),
which in turn are not Blockchain-based, but controlled by a centralized authority. While these
centralized systems provide a certain level of security against unauthorized access from outside the
system, manipulation from within the system cannot be excluded. Users with high enough access
rights (teachers, administrators, system managers) can still add, change or delete entries. This
becomes an even greater problem when learning achievements are to be reflected in fair and
transparent credit systems, and especially when these educational credits are to be valid across
different institutions or even countries. Due to their ability to store data in a decentralized, transparent
and manipulation-proof way, Blockchain-based technologies can provide solutions to this problem.
The aim of this paper is to describe the status quo of Blockchain technologies in the educational
sector, including the expected merits and drawbacks.peer-reviewe
Blockchain technologies in the educational sector. Results of the initial data collection
The education system is subject to an ongoing digital transformation. The administrative
departments should be able to handle grading, admissions, enrolments and recognition of
certificates securely and quickly. Course managers should not only have faith in e-learning but also
in e-assessment. And finally, learners should be able to access course material from anywhere and
take exams outside the institutes where they are enrolled. Immutability to changes made
retroactively seem to make Blockchain systems the perfect technology to secure data and in
combination with digital signatures for identity verification, Blockchain could become the key to
digital transformation in education. The paper ‘Blockchain technologies in the educational sector
Results of the initial data collection‘ gives a first insight into the level of knowledge of people
involved and shows which possibilities Blockchain Technologies could bring to the education
sector. Or, more precisely, it shows in which existing applications within the educational system
Blockchain Technology should be integrated.peer-reviewe
Chimeric Ledgers: Translating and Unifying UTXO-based and Account-based Cryptocurrencies
Cryptocurrencies are historically divided in two broad groups with respect to the style of transactions that they accept. In the account-based style, each address is seen as an account with a balance, and transactions are transfers of value from one account to another. In the UTXO-based style, transactions inductively spend outputs generated by previous trans- actions and create new unspent outputs, and there is no intrinsic notion of account associated with an address. Each style has advantages and disadvantages. This paper formally defines: the two styles; translations that allow to simulate one style by the other; new transaction types that allow both styles of transactions to co-exist on the same ledger; and a new transaction type that combines features from both styles
A theory of transaction parallelism in blockchains
Decentralized blockchain platforms have enabled the secure exchange of
crypto-assets without the intermediation of trusted authorities. To this
purpose, these platforms rely on a peer-to-peer network of byzantine nodes,
which collaboratively maintain an append-only ledger of transactions, called
blockchain. Transactions represent the actions required by users, e.g. the
transfer of some units of crypto-currency to another user, or the execution of
a smart contract which distributes crypto-assets according to its internal
logic. Part of the nodes of the peer-to-peer network compete to append
transactions to the blockchain. To do so, they group the transactions sent by
users into blocks, and update their view of the blockchain state by executing
these transactions in the chosen order. Once a block of transactions is
appended to the blockchain, the other nodes validate it, re-executing the
transactions in the same order. The serial execution of transactions does not
take advantage of the multi-core architecture of modern processors, so
contributing to limit the throughput. In this paper we develop a theory of
transaction parallelism for blockchains, which is based on static analysis of
transactions and smart contracts. We illustrate how blockchain nodes can use
our theory to parallelize the execution of transactions. Initial experiments on
Ethereum show that our technique can improve the performance of nodes.Comment: arXiv admin note: text overlap with arXiv:1905.0436
A Formal Treatment of Hardware Wallets
Bitcoin, being the most successful cryptocurrency, has been repeatedly attacked with many users losing their funds. The industry\u27s response to securing the user\u27s assets is to offer tamper-resistant hardware wallets. Although such wallets are considered to be the most secure means for managing an account, no formal attempt has been previously done to identify, model and formally verify their properties. This paper provides the first formal model of the Bitcoin hardware wallet operations. We identify the properties and security parameters of a Bitcoin wallet and formally define them in the Universal Composition (UC) Framework. We present a modular treatment of a hardware wallet ecosystem, by realizing the wallet functionality in a hybrid setting defined by a set of protocols. This approach allows us to capture in detail the wallet\u27s components, their interaction and the potential threats. We deduce the wallet\u27s security by proving that it is secure under common cryptographic assumptions, provided that there is no deviation in the protocol execution. Finally, we define the attacks that are successful under a protocol deviation, and analyze the security of commercially available wallets
A Transaction-Level Model for Blockchain Privacy
Considerable work explores blockchain privacy notions. Yet, it usually employs entirely different models and notations, complicating potential comparisons. In this work, we use the Transaction Directed Acyclic Graph (TDAG) and extend it to capture blockchain privacy notions (PDAG). We give consistent definitions for untraceability and unlinkability. Moreover, we specify conditions on a blockchain system to achieve each aforementioned privacy notion. Thus, we can compare the two most prominent privacy-preserving blockchains -- Monero and Zcash, in terms of privacy guarantees. Finally, we unify linking heuristics from the literature with our graph notation and review a good portion of research on blockchain privacy