Trustee: Full Privacy Preserving Vickrey Auction on top of Ethereum

The wide deployment of tokens for digital assets on top of Ethereum implies the need for powerful trading platforms. Vickrey auctions have been known to determine the real market price of items as bidders are motivated to submit their own monetary valuations without leaking their information to the competitors. Recent constructions have utilized various cryptographic protocols such as ZKP and MPC, however, these approaches either are partially privacy-preserving or require complex computations with several rounds. In this paper, we overcome these limits by presenting Trustee as a Vickrey auction on Ethereum which fully preserves bids' privacy at relatively much lower fees. Trustee consists of three components: a front-end smart contract deployed on Ethereum, an Intel SGX enclave, and a relay to redirect messages between them. Initially, the enclave generates an Ethereum account and ECDH key-pair. Subsequently, the relay publishes the account's address and ECDH public key on the smart contract. As a prerequisite, bidders are encouraged to verify the authenticity and security of Trustee by using the SGX remote attestation service. To participate in the auction, bidders utilize the ECDH public key to encrypt their bids and submit them to the smart contract. Once the bidding interval is closed, the relay retrieves the encrypted bids and feeds them to the enclave that autonomously generates a signed transaction indicating the auction winner. Finally, the relay submits the transaction to the smart contract which verifies the transaction's authenticity and the parameters' consistency before accepting the claimed auction winner. As part of our contributions, we have made a prototype for Trustee available on Github for the community to review and inspect it. Additionally, we analyze the security features of Trustee and report on the transactions' gas cost incurred on Trustee smart contract.Comment: Presented at Financial Cryptography and Data Security 2019, 3rd Workshop on Trusted Smart Contract

Variance: Secure Two-Party Protocol for Solving Yao\u27s Millionaires\u27 Problem in Bitcoin

Secure multiparty protocols are useful tools for parties wishing to jointly compute a function while keeping their input data secret. The millionaires’ problem is the first secure two-party computation problem, where the goal is to securely compare two private numbers without a trusted third-party. There have been several solutions to the problem, including Yao’s protocol [Yao, 1982] and Mix and Match [Jakobsson and Juels, 2000]. However, Yao’s Protocol is not secure in the malicious model and Mix and Match unnecessarily releases theoretically breakable encryptions of information about the data that is not needed for the comparison. In addition, neither protocol has any verification of the validity of the inputs before they are used. In this thesis, we introduce Variance, a privacy-preserving two-party protocol for solving the Yao’s millionaires’ problem in a Bitcoin setting, in which each party controls several Bitcoin accounts (public Bitcoin addresses) and they want to find out who owns more bitcoins without revealing (1) how many accounts they own and the balance of each account, (2) the addresses associated with their accounts, and (3) their total wealth of bitcoins while assuring the other party that they are not claiming more bitcoin than they possess. We utilize commitments, encryptions, zero knowledge proofs, and homomorphisms as the major computational tools to provide a solution to the problem, and subsequently prove that the solution is secure against active adversaries in the malicious model

A Survey on Exotic Signatures for Post-quantum Blockchain: Challenges and Research Directions

Blockchain technology provides efficient and secure solutions to various online activities by utilizing a wide range of cryptographic tools. In this article, we survey the existing literature on post-quantum secure digital signatures that possess exotic advanced features and that are crucial cryptographic tools used in the blockchain ecosystem for (1) account management, (2) consensus efficiency, (3) empowering scriptless blockchain, and (4) privacy. The exotic signatures that we particularly focus on in this work are the following: multi-/aggregate, threshold, adaptor, blind, and ring signatures. Herein the term "exotic"refers to signatures with properties that are not just beyond the norm for signatures, e.g., unforgeability, but also imbue new forms of functionalities. Our treatment of such exotic signatures includes discussions on existing challenges and future research directions in the post-quantum space. We hope that this article will help to foster further research to make post-quantum cryptography more accessible so that blockchain systems can be made ready in advance of the approaching quantum threats

Λογοδοτούμενη επεξεργασία δεδομένων που διατηρεί την ιδιωτικότητα μέσω κατανεμημένων μητρώων

Ο όγκος των δεδομένων που συλλέγονται καθημερινά σημειώνει εκθετική αύξηση, ενώ η κατοχή τους θεωρείται πολύτιμη. Η ανάγκη για εκτένη ανάλυση έχει αναδειχθεί μέσα από το έργο διαφόρων ερευνητών και οργανισμών. Ωστόστο, τα δεδομένα αυτά μπορεί να είναι ευαίσθητα και να υπάγονται σε ρυθμιστικές νομοθεσίες απορρήτου κάνοντας την επεξεργασία από τρίτους αδύνατη. Προτείνουμε ένα πρωτόκολλο στο οποίο επεξεργαστές δεδομένων (data processors) έχουν την δυνατότητα να καταχωρήσουν σύνολα δεδομένων (datasets) για τα οποία μπορούν να γίνουν αιτήσεις επεξεργασίας οι οποίες διεκπαιρεώνονται από επεξεργαστές δεδομένων (data processors). Ένα κατανεμημένο μητρώo (distributed ledger) χρησιμοποιείται ως διαχειριστής του συστήματος λειτουργώντας ως ένα αμμετάβλητο ιστορικό όλων των ενεργειών των συμμετεχόντων. Το κατανεμημένο μητρώο παρέχει τις ιδιότητες της λογοδοσίας, του ελέγχου και της παρακολούθησης της προέλευσης των δεδομένων. Επίσης, χρησιμοποιείται ένα σχήμα Μηδενικής Γνώσης Ορθότητας Υπολογισμού (Zero Knowledge Verifiable Computation) μέσα από το οποίο οι επεξεργαστές δεδομένων υποχρεούνται να παράξουν μια απόδειξη ορθότητας υπολογισμού, χωρίς να αποκαλείψουν το ίδιο το σύνολο δεδομένων, την οποία ο αιτών (data requestor) και επαληθεύει. Κατά αυτό τον τρόπο πιστοποιείται το γεγονός ότι πραγματοποιήθηκε η σωστή επεξεργασία δεδομένων χωρίς να αποκαλυφθούν επιπλέον πληροφορίες σχετικά με αυτά.Data are gathered constantly, grow exponentially, and are considered a valuable asset. The need for extensive analysis has emerged by various organizations and researchers. However, they can be sensitive, private, and protected by privacy disclosure acts making data processing by third-parties almost impossible. We propose a protocol for data processing where data controllers can register their datasets and entities can request data processing operations by data processors. A distributed ledger is used as the controller of the system serving as an immutable history log of all actions taken by the participants. The blockchain-based distributed ledger provides data accountability, auditability and provenance tracking. We also use a Zero Knowledge Verifiable Computation scheme where a data processor is enforced to produce a proof of correctness of computation without revealing the dataset itself that the requestor verifies. This records the fact that correct processing has taken place without disclosing any information about the data

Trustless communication across distributed ledgers: impossibility and practical solutions

Since the advent of Bitcoin as the first decentralized digital currency in 2008, a plethora of distributed ledgers has been created, differing in design and purpose. Considering the heterogeneous nature of these systems, it is safe to say there shall not be ``one coin to rule them all". However, despite the growing and thriving ecosystem, blockchains continue to operate almost exclusively in complete isolation from one another: by design, blockchain protocols provide no means by which to communicate or exchange data with external systems. To this date, centralized providers hence remain the preferred route to exchange assets and information across blockchains~-- undermining the very nature of decentralized currencies. The contribution of this thesis is threefold. First, we critically evaluate the (im)possibilty, requirements, and challenges of cross-chain communication by contributing the first systematization of this field. We formalize the problem of Cross-Chain Communication (CCC) and show it is impossible without a trusted third party by relating CCC to the Fair Exchange problem. With this impossibility result in mind, we develop a framework to design new and evaluate existing CCC protocols, focusing on the inherent trust assumptions thereof, and derive a classification covering the field of cross-chain communication to date. We then present XCLAIM, the first generic framework for transferring assets and information across permissionless distributed ledgers without relying on a centralized third party. XCLAIM leverages so-called cryptocurrency-backed assets, blockchain-based assets one-to-one backed by other cryptocurrencies, such as Bitcoin-backed tokens on Ethereum. Through the secure issuance, transfer, and redemption of these assets, users can perform cross-chain exchanges in a financially trustless and non-interactive manner, overcoming the limitations of existing solutions. To ensure the security of user funds, XCLAIM relies on collateralization of intermediaries and a proof-or-punishment approach, enforced via smart contracts equipped with cross-chain light clients, so-called chain relays. XCLAIM has been adopted in practice, among others by the Polkadot blockchain, as a bridge to Bitcoin and other cryptocurrencies. Finally, we contribute to advancing the state of the art in cross-chain light clients. We develop TxChain, a novel mechanism to significantly reduce storage and bandwidth costs of modern blockchain light clients using contingent transaction aggregation, and apply our scheme to Bitcoin and Ethereum individually, as well as in the cross-chain setting.Open Acces

A Survey on Exotic Signatures for Post-Quantum Blockchain: Challenges & Research Directions

Blockchain technology provides efficient and secure solutions to various online activities by utilizing a wide range of cryptographic tools. In this paper, we survey the existing literature on post-quantum secure digital signatures that possess exotic advanced features and which are crucial cryptographic tools used in the blockchain ecosystem for (i) account management, (ii) consensus efficiency, (iii) empowering scriptless blockchain, and (iv) privacy. The exotic signatures that we particularly focus on in this work are the following: multi-/aggregate, threshold, adaptor, blind and ring signatures. Herein the term exotic refers to signatures with properties which are not just beyond the norm for signatures e.g. unforgeability, but also imbue new forms of functionalities. Our treatment of such exotic signatures includes discussions on existing challenges and future research directions in the post-quantum space. We hope that this article will help to foster further research to make post-quantum cryptography more accessible so that blockchain systems can be made ready in advance of the approaching quantum threats

Zexe: Enabling Decentralized Private Computation

Ledger-based systems that support rich applications often suffer from two limitations. First, validating a transaction requires re-executing the state transition that it attests to. Second, transactions not only reveal which application had a state transition but also reveal the application\u27s internal state. We design, implement, and evaluate ZEXE, a ledger-based system where users can execute offline computations and subsequently produce transactions, attesting to the correctness of these computations, that satisfy two main properties. First, transactions *hide all information* about the offline computations. Second, transactions can be *validated in constant time* by anyone, regardless of the offline computation. The core of ZEXE is a construction for a new cryptographic primitive that we introduce, *decentralized private computation* (DPC) schemes. In order to achieve an efficient implementation of our construction, we leverage tools in the area of cryptographic proofs, including succinct zero knowledge proofs and recursive proof composition. Overall, transactions in ZEXE are 968 bytes regardless of the offline computation, and generating them takes less than a minute plus a time that grows with the offline computation. We demonstrate how to use ZEXE to realize privacy-preserving analogues of popular applications: private decentralized exchanges for user-defined fungible assets and regulation-friendly private stablecoins

Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing

Cloud computing has become an irreversible trend. Together comes the pressing need for verifiability, to assure the client the correctness of computation outsourced to the cloud. Existing verifiable computation techniques all have a high overhead, thus if being deployed in the clouds, would render cloud computing more expensive than the on-premises counterpart. To achieve verifiability at a reasonable cost, we leverage game theory and propose a smart contract based solution. In a nutshell, a client lets two clouds compute the same task, and uses smart contracts to stimulate tension, betrayal and distrust between the clouds, so that rational clouds will not collude and cheat. In the absence of collusion, verification of correctness can be done easily by crosschecking the results from the two clouds. We provide a formal analysis of the games induced by the contracts, and prove that the contracts will be effective under certain reasonable assumptions. By resorting to game theory and smart contracts, we are able to avoid heavy cryptographic protocols. The client only needs to pay two clouds to compute in the clear, and a small transaction fee to use the smart contracts. We also conducted a feasibility study that involves implementing the contracts in Solidity and running them on the official Ethereum network.Comment: Published in ACM CCS 2017, this is the full version with all appendice