34 research outputs found
Transaction Propagation on Permissionless Blockchains: Incentive and Routing Mechanisms
Existing permissionless blockchain solutions rely on peer-to-peer propagation
mechanisms, where nodes in a network transfer transaction they received to
their neighbors. Unfortunately, there is no explicit incentive for such
transaction propagation. Therefore, existing propagation mechanisms will not be
sustainable in a fully decentralized blockchain with rational nodes. In this
work, we formally define the problem of incentivizing nodes for transaction
propagation. We propose an incentive mechanism where each node involved in the
propagation of a transaction receives a share of the transaction fee. We also
show that our proposal is Sybil-proof. Furthermore, we combine the incentive
mechanism with smart routing to reduce the communication and storage costs at
the same time. The proposed routing mechanism reduces the redundant transaction
propagation from the size of the network to a factor of average shortest path
length. The routing mechanism is built upon a specific type of consensus
protocol where the round leader who creates the transaction block is known in
advance. Note that our routing mechanism is a generic one and can be adopted
independently from the incentive mechanism.Comment: 2018 Crypto Valley Conference on Blockchain Technolog
How not to VoteAgain: Pitfalls of Scalable Coercion-Resistant E-Voting
Secure electronic voting is a relatively trivial exercise if a single authority can be completely trusted. In contrast, the construction of efficient and usable schemes which provide strong security without strong trust assumptions is still an open problem, particularly in the remote setting. Coercion-resistance is one of, if not the hardest property to add to a verifiable e-voting system. Numerous secure e-voting systems have been designed to provide coercion-resistance. One of these systems is VoteAgain (Usenix Security 2020) whose security we revisit in this work.
We discovered several pitfalls that break the security properties of VoteAgain in threat scenarios for which it was claimed secure. The most critical consequence of our findings is that there exists a voting authority in VoteAgain which needs to be trusted for all security properties. This means that VoteAgain is as (in)secure as a trivial voting system with a single and completely trusted voting authority. We argue that this problem is intrinsic to VoteAgain\u27s design and could thus only be resolved, if possible, by fundamental modifications.
We hope that our work will ensure that VoteAgain is not employed for real elections in its current form. Further, we highlight subtle security pitfalls to avoid on the path towards more efficient, usable, and reasonably secure coercion-resistant e-voting. To this end, we conclude the paper by describing the open problems which need to be solved to make VoteAgain\u27s approach secure
Understanding and Hardening Blockchain Network Security Against Denial of Service Attacks
This thesis aims to examine the security of a blockchain\u27s communication network. A blockchain relies on a communication network to deliver transactions. Understanding and hardening the security of the communication network against Denial-of-Service (DoS) attacks are thus critical to the well-being of blockchain participants. Existing research has examined blockchain system security in various system components, including mining incentives, consensus protocols, and applications such as smart contracts. However, the security of a blockchain\u27s communication network remains understudied.
In practice, a blockchain\u27s communication network typically consists of three services: RPC service, P2P network, and mempool. This thesis examines each service\u27s designs and implementations, discovers vulnerabilities that lead to DoS attacks, and uncovers the P2P network topology. Through systematic evaluations and measurements, the thesis confirms that real-world network services in Ethereum are vulnerable to DoS attacks, leading to a potential collapse of the Ethereum ecosystem. Besides, the uncovered P2P network topology in Ethereum mainnet suggests that critical nodes adopt a biased neighbor selection strategy in the mainnet. Finally, to fix the discovered vulnerabilities, practical mitigation solutions are proposed in this thesis to harden the security of Ethereum\u27s communication network
A Decentralized Dynamic PKI based on Blockchain
The central role of the certificate authority (CA) in traditional public key infrastructure (PKI) makes it fragile and prone to compromises and operational failures. Maintaining CAs and revocation lists is demanding especially in loosely-connected and large systems. Log-based PKIs have been proposed as a remedy but they do not solve the problem effectively. We provide a general model and a solution for decentralized and dynamic PKI based on a blockchain and web of trust model where the traditional CA and digital certificates are removed and instead, everything is registered on the blockchain. Registration, revocation, and update of public keys are based on a consensus mechanism between a certain number of entities that are already part of the system. Any node which is part of the system can be an auditor and initiate the revocation procedure once it finds out malicious activities. Revocation lists are no longer required as any node can efficiently verify the public keys through witnesses
SoK: A Stratified Approach to Blockchain Decentralization
Decentralization has been touted as the principal security advantage which
propelled blockchain systems at the forefront of developments in the financial
technology space. Its exact semantics nevertheless remain highly contested and
ambiguous, with proponents and critics disagreeing widely on the level of
decentralization offered. To address this, we put forth a systematization of
the current landscape with respect to decentralization and we derive a
methodology that can help direct future research towards defining and measuring
decentralization. Our approach dissects blockchain systems into multiple
layers, or strata, each possibly encapsulating multiple categories, and enables
a unified method for measuring decentralization in each one. Our layers are (1)
hardware, (2) software, (3) network, (4) consensus, (5) economics
("tokenomics"), (6) API, (7) governance, and (8) geography. Armed with this
stratification, we examine for each layer which pertinent properties of
distributed ledgers (safety, liveness, privacy, stability) can be at risk due
to centralization and in what way. Our work highlights the challenges in
measuring and achieving decentralization, points to the degree of
(de)centralization of various existing systems, where such assessment can be
made from presently available public information, and suggests potential
metrics and directions where future research is needed. We also introduce the
"Minimum Decentralization Test", as a way to assess the decentralization state
of a blockchain system and, as an exemplary case, we showcase how it can be
applied to Bitcoin
GradientCoin: A Peer-to-Peer Decentralized Large Language Models
Since 2008, after the proposal of a Bitcoin electronic cash system, Bitcoin
has fundamentally changed the economic system over the last decade. Since 2022,
large language models (LLMs) such as GPT have outperformed humans in many
real-life tasks. However, these large language models have several practical
issues. For example, the model is centralized and controlled by a specific
unit. One weakness is that if that unit decides to shut down the model, it
cannot be used anymore. The second weakness is the lack of guaranteed
discrepancy behind this model, as certain dishonest units may design their own
models and feed them unhealthy training data.
In this work, we propose a purely theoretical design of a decentralized LLM
that operates similarly to a Bitcoin cash system. However, implementing such a
system might encounter various practical difficulties. Furthermore, this new
system is unlikely to perform better than the standard Bitcoin system in
economics. Therefore, the motivation for designing such a system is limited. It
is likely that only two types of people would be interested in setting up a
practical system for it:
Those who prefer to use a decentralized ChatGPT-like software.
Those who believe that the purpose of carbon-based life is to
create silicon-based life, such as Optimus Prime in Transformers.
The reason the second type of people may be interested is that it is possible
that one day an AI system like this will awaken and become the next level of
intelligence on this planet