226 research outputs found
Decentralized Privacy-preserving Timed Execution in Blockchain-based Smart Contract Platforms
Timed transaction execution is critical for various decentralized privacy-preserving applications powered by blockchain-based smart contract platforms. Such privacy-preserving smart contract applications need to be able to securely maintain users' sensitive inputs off the blockchain until a prescribed execution time and then automatically make the inputs available to enable on-chain execution of the target function at the execution time, even if the user goes offline. While straight-forward centralized approaches provide a basic solution to the problem, unfortunately they are limited to a single point of trust. This paper presents a new decentralized privacy-preserving transaction scheduling approach that allows users of Ethereum-based decentralized applications to schedule transactions without revealing sensitive inputs before an execution time window selected by the users. The proposed approach involves no centralized party and allows users to go offline at their discretion after scheduling a transaction. The sensitive inputs are privately maintained by a set of trustees randomly selected from the network enabling the inputs to be revealed only at the execution time. The proposed protocol employs secret key sharing and layered encryption techniques and economic deterrence models to securely protect the sensitive information against possible attacks including some trustees destroying the sensitive information or secretly releasing the sensitive information prior to the execution time. We demonstrate the attack-resilience of the proposed approach through rigorous analysis. Our implementation and experimental evaluation on the Ethereum official test network demonstrates that the proposed approach is effective and has a low gas cost and time overhead associated with it
Web3.0 Security: Privacy Enhancing and Anonym Auditing in Blockchain-based Structures
The advent of Web 3.0, underpinned by blockchain technologies, promises to
transform the internet's landscape by empowering individuals with decentralized
control over their data. However, this evolution brings unique security
challenges that need to be addressed. This paper explores these complexities,
focusing on enhancing privacy and anonymous auditing within blockchain
structures. We present the architecture of Web 3.0 based on the blockchain,
providing a clear perspective on its workflow and security mechanisms. A
security protocol for Web 3.0 systems, employing privacy-preserving techniques
and anonymous auditing during runtime, is proposed. Key components of our
solution include the integration of privacy-enhancing techniques and the
utilization of Tor for anonymous auditing. We discuss related work and propose
a framework that meets these new security requirements. Lastly, we offer an
evaluation and comparison of our model to existing methods. This research
contributes towards the foundational understanding of Web 3.0's secure
structure and offers a pathway towards secure and privacy-preserving digital
interactions in this novel internet landscape
Integration of Blockchain and Auction Models: A Survey, Some Applications, and Challenges
In recent years, blockchain has gained widespread attention as an emerging
technology for decentralization, transparency, and immutability in advancing
online activities over public networks. As an essential market process,
auctions have been well studied and applied in many business fields due to
their efficiency and contributions to fair trade. Complementary features
between blockchain and auction models trigger a great potential for research
and innovation. On the one hand, the decentralized nature of blockchain can
provide a trustworthy, secure, and cost-effective mechanism to manage the
auction process; on the other hand, auction models can be utilized to design
incentive and consensus protocols in blockchain architectures. These
opportunities have attracted enormous research and innovation activities in
both academia and industry; however, there is a lack of an in-depth review of
existing solutions and achievements. In this paper, we conduct a comprehensive
state-of-the-art survey of these two research topics. We review the existing
solutions for integrating blockchain and auction models, with some
application-oriented taxonomies generated. Additionally, we highlight some open
research challenges and future directions towards integrated blockchain-auction
models
Protecting data privacy with decentralized self-emerging data release systems
In the age of Big Data, releasing private data at a future point in time is critical for various applications. Such self-emerging data release requires the data to be protected until a prescribed data release time and be automatically released to the target recipient at the release time. While straight-forward centralized approaches such as cloud storage services may provide a simple way to implement self-emerging data release, unfortunately, they are limited to a single point of trust and involves a single point of control.
This dissertation proposes new decentralized designs of self-emerging data release systems using large-scale peer-to-peer (P2P) networks as the underlying infrastructure to eliminate a single point of trust or control. The first part of the dissertation presents the design of decentralized self-emerging data release systems using two different P2P network infrastructures, namely Distributed Hash Table (DHT) and blockchain. The second part of this dissertation proposes new mechanisms for supporting two key functionalities of self-emerging data release, namely (i) enabling the release of self-emerging data to blockchain-based smart contracts for facilitating a wide range of decentralized applications and (ii) supporting a cost-effective gradual release of self-emerging data in the decentralized infrastructure. We believe that the outcome of this dissertation would contribute to the development of decentralized security primitives and protocols in the context of timed release of private data
Scalable and Privacy-preserving Design of On/Off-chain Smart Contracts
The rise of smart contract systems such as Ethereum has resulted in a
proliferation of blockchain-based decentralized applications including
applications that store and manage a wide range of data. Current smart
contracts are designed to be executed solely by miners and are revealed
entirely on-chain, resulting in reduced scalability and privacy. In this paper,
we discuss that scalability and privacy of smart contracts can be enhanced by
splitting a given contract into an off-chain contract and an on-chain contract.
Specifically, functions of the contract that involve high-cost computation or
sensitive information can be split and included as the off-chain contract, that
is signed and executed by only the interested participants. The proposed
approach allows the participants to reach unanimous agreement off-chain when
all of them are honest, allowing computing resources of miners to be saved and
content of the off-chain contract to be hidden from the public. In case of a
dispute caused by any dishonest participants, a signed copy of the off-chain
contract can be revealed so that a verified instance can be created to make
miners enforce the true execution result. Thus, honest participants have the
ability to redress and penalize any fraudulent or dishonest behavior, which
incentivizes all participants to honestly follow the agreed off-chain contract.
We discuss techniques for splitting a contract into a pair of on/off-chain
contracts and propose a mechanism to address the challenges of handling
dishonest participants in the system. Our implementation and evaluation of the
proposed approach using an example smart contract demonstrate the effectiveness
of the proposed approach in Ethereum
- …