SoK: A Stratified Approach to Blockchain Decentralization

Decentralization has been touted as the principal security advantage which propelled blockchain systems at the forefront of developments in the financial technology space. Its exact semantics nevertheless remain highly contested and ambiguous, with proponents and critics disagreeing widely on the level of decentralization offered. To address this, we put forth a systematization of the current landscape with respect to decentralization and we derive a methodology that can help direct future research towards defining and measuring decentralization. Our approach dissects blockchain systems into multiple layers, or strata, each possibly encapsulating multiple categories, and enables a unified method for measuring decentralization in each one. Our layers are (1) hardware, (2) software, (3) network, (4) consensus, (5) economics ("tokenomics"), (6) API, (7) governance, and (8) geography. Armed with this stratification, we examine for each layer which pertinent properties of distributed ledgers (safety, liveness, privacy, stability) can be at risk due to centralization and in what way. Our work highlights the challenges in measuring and achieving decentralization, points to the degree of (de)centralization of various existing systems, where such assessment can be made from presently available public information, and suggests potential metrics and directions where future research is needed. We also introduce the "Minimum Decentralization Test", as a way to assess the decentralization state of a blockchain system and, as an exemplary case, we showcase how it can be applied to Bitcoin

KAIME : Central Bank Digital Currency with Realistic and Modular Privacy

Recently, with the increasing interest in Central Bank Digital Currency (CBDC), many countries have been working on researching and developing digital currency. The most important reasons for this interest are that CBDC eliminates the disadvantages of traditional currencies and provides a safer, faster, and more efficient payment system. These benefits also come with challenges, such as safeguarding individuals’ privacy and ensuring regulatory mechanisms. While most researches address the privacy conflict between users and regulatory agencies, they miss an important detail. Important parts of a financial system are banks and financial institutions. Some studies ignore the need for privacy and include these institutions in the CBDC system, no system currently offers a solution to the privacy conflict between banks, financial institutions, and users. In this study, while we offer a solution to the privacy conflict between the user and the regulatory agencies, we also provide a solution to the privacy conflict between the user and the banks. Our solution, KAIME has also a modular structure. The privacy of the sender and receiver can be hidden if desired. Compared to previous related research, security analysis and implementation of KAIME is substantially simpler because simple and well-known cryptographic methods are used

How not to VoteAgain: Pitfalls of Scalable Coercion-Resistant E-Voting

Secure electronic voting is a relatively trivial exercise if a single authority can be completely trusted. In contrast, the construction of efficient and usable schemes which provide strong security without strong trust assumptions is still an open problem, particularly in the remote setting. Coercion-resistance is one of, if not the hardest property to add to a verifiable e-voting system. Numerous secure e-voting systems have been designed to provide coercion-resistance. One of these systems is VoteAgain (Usenix Security 2020) whose security we revisit in this work. We discovered several pitfalls that break the security properties of VoteAgain in threat scenarios for which it was claimed secure. The most critical consequence of our findings is that there exists a voting authority in VoteAgain which needs to be trusted for all security properties. This means that VoteAgain is as (in)secure as a trivial voting system with a single and completely trusted voting authority. We argue that this problem is intrinsic to VoteAgain\u27s design and could thus only be resolved, if possible, by fundamental modifications. We hope that our work will ensure that VoteAgain is not employed for real elections in its current form. Further, we highlight subtle security pitfalls to avoid on the path towards more efficient, usable, and reasonably secure coercion-resistant e-voting. To this end, we conclude the paper by describing the open problems which need to be solved to make VoteAgain\u27s approach secure

Understanding and Hardening Blockchain Network Security Against Denial of Service Attacks

This thesis aims to examine the security of a blockchain\u27s communication network. A blockchain relies on a communication network to deliver transactions. Understanding and hardening the security of the communication network against Denial-of-Service (DoS) attacks are thus critical to the well-being of blockchain participants. Existing research has examined blockchain system security in various system components, including mining incentives, consensus protocols, and applications such as smart contracts. However, the security of a blockchain\u27s communication network remains understudied. In practice, a blockchain\u27s communication network typically consists of three services: RPC service, P2P network, and mempool. This thesis examines each service\u27s designs and implementations, discovers vulnerabilities that lead to DoS attacks, and uncovers the P2P network topology. Through systematic evaluations and measurements, the thesis confirms that real-world network services in Ethereum are vulnerable to DoS attacks, leading to a potential collapse of the Ethereum ecosystem. Besides, the uncovered P2P network topology in Ethereum mainnet suggests that critical nodes adopt a biased neighbor selection strategy in the mainnet. Finally, to fix the discovered vulnerabilities, practical mitigation solutions are proposed in this thesis to harden the security of Ethereum\u27s communication network

Minerva: The curse of ECDSA nonces

We present our discovery of a group of side-channel vulnerabilities in implementations of the ECDSA signature algorithm in a widely used Atmel AT90SC FIPS 140-2 certified smartcard chip and five cryptographic libraries (libgcrypt, wolfSSL, MatrixSSL, SunEC/OpenJDK/Oracle JDK, Crypto++). Vulnerable implementations leak the bit-length of the scalar used in scalar multiplication via timing. Using leaked bit-length, we mount a lattice attack on a 256-bit curve, after observing enough signing operations. We propose two new methods to recover the full private key requiring just 500 signatures for simulated leakage data, 1200 for real cryptographic library data, and 2100 for smartcard data. The number of signatures needed for a successful attack depends on the chosen method and its parameters as well as on the noise profile, influenced by the type of leakage and used computation platform. We use the set of vulnerabilities reported in this paper, together with the recently published TPM-FAIL vulnerability as a basis for real-world benchmark datasets to systematically compare our newly proposed methods and all previously published applicable lattice-based key recovery methods. The resulting exhaustive comparison highlights the methods\u27 sensitivity to its proper parametrization and demonstrates that our methods are more efficient in most cases. For the TPM-FAIL dataset, we decreased the number of required signatures from approximately 40 000 to mere 900

Smart Contract: Attacks and Protections

Smart contracts are programs that reside within decentralized blockchains and are executed pursuant to triggered instructions. A smart contract acts in a similar way to a traditional agreement but negates the necessity for the involvement of a third party. Smart contracts are capable of initiating their commands automatically, thus eliminating the involvement of a regulatory body. As a consequence of blockchain's immutable feature, smart contracts are developed in a manner that is distinct from traditional software. Once deployed to the blockchain, a smart contract cannot be modified or updated for security patches, thus encouraging developers to implement strong security strategies before deployment in order to avoid potential exploitation at a later time. However, the most recent dreadful attacks and the multifarious existing vulnerabilities which result as a consequence of the absence of security patches have challenged the sustainability of this technology. Attacks such as the Decentralized Autonomous Organization (DAO) attack and the Parity Wallet hack have cost millions of dollars simply as a consequence of naïve bugs in the smart contract code. In this paper, we classify blockchain exploitation techniques into 4 categories based on the attack rationale; attacking consensus protocols, bugs in the smart contract, malware running in the operating system, and fraudulent users. We then focus on smart contract vulnerabilities, analyzing the 7 most important attack techniques to determine the real impact on smart contract technology. We reveal that even adopting the 10 most widely used tools to detect smart contract vulnerabilities, these still contain known vulnerabilities, providing a dangerously false sense of security. We conclude the paper with a discussion about recommendations and future research lines to progress towards a secure smart contract solution

Non Atomic Payment Splitting in Channel Networks

Off-chain channel networks} are one of the most promising technologies for dealing with blockchain scalability and delayed finality issues. Parties connected within such networks can send coins to each other without interacting with the blockchain. Moreover, these payments can be ``routed\u27\u27 over the network. Thanks to this, even the parties that do not have a channel in common can perform payments between each other with the help of intermediaries. In this paper, we introduce a new notion that we call ``Non-Atomic Payment Splitting (NAPS)\u27\u27 protocols that allow the intermediaries in the network to split the payments recursively into several subpayments in such a way that the payment can be successful ``partially\u27\u27 (i.e.~not all the requested amount may be transferred). This contrasts with the existing splitting techniques that are ``atomic\u27\u27 in that they did not allow such partial payments (we compare the ``atomic\u27\u27 and ``non-atomic\u27\u27 approaches in the paper). We define NAPS formally and then present a protocol that we call ``EthNA\u27\u27, that satisfies this definition. EthNA is based on very simple and efficient cryptographic tools; in particular, it does not use expensive cryptographic primitives. We implement a simple variant of EthNA in Solidity and provide some benchmarks. We also report on some experiments with routing using EthNA

Towards Sustainable Blockchains:Cryptocurrency Treasury and General Decision-making Systems with Provably Secure Delegable Blockchain-based Voting

The blockchain technology and cryptocurrencies, its most prevalent application, continue to gain acceptance and wide traction in research and practice within academia and the industry because of its promise in decentralised and distributed computing. Notably, the meteoric rise in the value and number of cryptocurrencies since the creation of Bitcoin in 2009 have ushered in newer innovations and interventions that addressed some of the prominent issues that affect these platforms. Despite the increased privacy, security, scalability, and energy-saving capabilities of new consensus protocols in newer systems, the development and management of blockchains, mostly, do not reflect the decentralisation principle despite blockchains being decentralised and distributed in their architecture. The concept of treasury has been identified as a tool to address this problem. We explore the idea of blockchain treasury systems within literature and practice, especially with relation to funding and decision-making power towards blockchain development and maintenance. Consequently, we propose a taxonomy for treasury models within cryptocurrencies. Thereafter, we propose an efficient community-controlled and decentralised collaborative decision-making mechanism to support the development and management of blockchains. Our proposed system incentivises participants and is proven secure under the universally composable (UC) framework while also addressing gaps identified from our investigation of prior systems e.g. non-private ballots and insecure voting. Furthermore, we adapt our system and propose a privacy-preserving general decision making system for blockchain governance that supports privacy-centric cryptocurrencies. Besides, using a set of metrics, we introduce a consensus analysis mechanism to enhance the utility of decision-making of the systems by evaluating individual choices against collective (system-wide) decisions. Finally, we provide pilot system implementations with benchmark results confirming the efficiency and practicality of our constructions