Transaction Propagation on Permissionless Blockchains: Incentive and Routing Mechanisms

Existing permissionless blockchain solutions rely on peer-to-peer propagation mechanisms, where nodes in a network transfer transaction they received to their neighbors. Unfortunately, there is no explicit incentive for such transaction propagation. Therefore, existing propagation mechanisms will not be sustainable in a fully decentralized blockchain with rational nodes. In this work, we formally define the problem of incentivizing nodes for transaction propagation. We propose an incentive mechanism where each node involved in the propagation of a transaction receives a share of the transaction fee. We also show that our proposal is Sybil-proof. Furthermore, we combine the incentive mechanism with smart routing to reduce the communication and storage costs at the same time. The proposed routing mechanism reduces the redundant transaction propagation from the size of the network to a factor of average shortest path length. The routing mechanism is built upon a specific type of consensus protocol where the round leader who creates the transaction block is known in advance. Note that our routing mechanism is a generic one and can be adopted independently from the incentive mechanism.Comment: 2018 Crypto Valley Conference on Blockchain Technolog

How not to VoteAgain: Pitfalls of Scalable Coercion-Resistant E-Voting

Secure electronic voting is a relatively trivial exercise if a single authority can be completely trusted. In contrast, the construction of efficient and usable schemes which provide strong security without strong trust assumptions is still an open problem, particularly in the remote setting. Coercion-resistance is one of, if not the hardest property to add to a verifiable e-voting system. Numerous secure e-voting systems have been designed to provide coercion-resistance. One of these systems is VoteAgain (Usenix Security 2020) whose security we revisit in this work. We discovered several pitfalls that break the security properties of VoteAgain in threat scenarios for which it was claimed secure. The most critical consequence of our findings is that there exists a voting authority in VoteAgain which needs to be trusted for all security properties. This means that VoteAgain is as (in)secure as a trivial voting system with a single and completely trusted voting authority. We argue that this problem is intrinsic to VoteAgain\u27s design and could thus only be resolved, if possible, by fundamental modifications. We hope that our work will ensure that VoteAgain is not employed for real elections in its current form. Further, we highlight subtle security pitfalls to avoid on the path towards more efficient, usable, and reasonably secure coercion-resistant e-voting. To this end, we conclude the paper by describing the open problems which need to be solved to make VoteAgain\u27s approach secure

Understanding and Hardening Blockchain Network Security Against Denial of Service Attacks

This thesis aims to examine the security of a blockchain\u27s communication network. A blockchain relies on a communication network to deliver transactions. Understanding and hardening the security of the communication network against Denial-of-Service (DoS) attacks are thus critical to the well-being of blockchain participants. Existing research has examined blockchain system security in various system components, including mining incentives, consensus protocols, and applications such as smart contracts. However, the security of a blockchain\u27s communication network remains understudied. In practice, a blockchain\u27s communication network typically consists of three services: RPC service, P2P network, and mempool. This thesis examines each service\u27s designs and implementations, discovers vulnerabilities that lead to DoS attacks, and uncovers the P2P network topology. Through systematic evaluations and measurements, the thesis confirms that real-world network services in Ethereum are vulnerable to DoS attacks, leading to a potential collapse of the Ethereum ecosystem. Besides, the uncovered P2P network topology in Ethereum mainnet suggests that critical nodes adopt a biased neighbor selection strategy in the mainnet. Finally, to fix the discovered vulnerabilities, practical mitigation solutions are proposed in this thesis to harden the security of Ethereum\u27s communication network

A Decentralized Dynamic PKI based on Blockchain

The central role of the certificate authority (CA) in traditional public key infrastructure (PKI) makes it fragile and prone to compromises and operational failures. Maintaining CAs and revocation lists is demanding especially in loosely-connected and large systems. Log-based PKIs have been proposed as a remedy but they do not solve the problem effectively. We provide a general model and a solution for decentralized and dynamic PKI based on a blockchain and web of trust model where the traditional CA and digital certificates are removed and instead, everything is registered on the blockchain. Registration, revocation, and update of public keys are based on a consensus mechanism between a certain number of entities that are already part of the system. Any node which is part of the system can be an auditor and initiate the revocation procedure once it finds out malicious activities. Revocation lists are no longer required as any node can efficiently verify the public keys through witnesses

SoK: A Stratified Approach to Blockchain Decentralization

Decentralization has been touted as the principal security advantage which propelled blockchain systems at the forefront of developments in the financial technology space. Its exact semantics nevertheless remain highly contested and ambiguous, with proponents and critics disagreeing widely on the level of decentralization offered. To address this, we put forth a systematization of the current landscape with respect to decentralization and we derive a methodology that can help direct future research towards defining and measuring decentralization. Our approach dissects blockchain systems into multiple layers, or strata, each possibly encapsulating multiple categories, and enables a unified method for measuring decentralization in each one. Our layers are (1) hardware, (2) software, (3) network, (4) consensus, (5) economics ("tokenomics"), (6) API, (7) governance, and (8) geography. Armed with this stratification, we examine for each layer which pertinent properties of distributed ledgers (safety, liveness, privacy, stability) can be at risk due to centralization and in what way. Our work highlights the challenges in measuring and achieving decentralization, points to the degree of (de)centralization of various existing systems, where such assessment can be made from presently available public information, and suggests potential metrics and directions where future research is needed. We also introduce the "Minimum Decentralization Test", as a way to assess the decentralization state of a blockchain system and, as an exemplary case, we showcase how it can be applied to Bitcoin

GradientCoin: A Peer-to-Peer Decentralized Large Language Models

Since 2008, after the proposal of a Bitcoin electronic cash system, Bitcoin has fundamentally changed the economic system over the last decade. Since 2022, large language models (LLMs) such as GPT have outperformed humans in many real-life tasks. However, these large language models have several practical issues. For example, the model is centralized and controlled by a specific unit. One weakness is that if that unit decides to shut down the model, it cannot be used anymore. The second weakness is the lack of guaranteed discrepancy behind this model, as certain dishonest units may design their own models and feed them unhealthy training data. In this work, we propose a purely theoretical design of a decentralized LLM that operates similarly to a Bitcoin cash system. However, implementing such a system might encounter various practical difficulties. Furthermore, this new system is unlikely to perform better than the standard Bitcoin system in economics. Therefore, the motivation for designing such a system is limited. It is likely that only two types of people would be interested in setting up a practical system for it: $\bullet$ Those who prefer to use a decentralized ChatGPT-like software. $\bullet$ Those who believe that the purpose of carbon-based life is to create silicon-based life, such as Optimus Prime in Transformers. The reason the second type of people may be interested is that it is possible that one day an AI system like this will awaken and become the next level of intelligence on this planet