A smart contract system for decentralized borda count voting

In this article, we propose the first self-tallying decentralized e-voting protocol for a ranked-choice voting system based on Borda count. Our protocol does not need any trusted setup or tallying authority to compute the tally. The voters interact through a publicly accessible bulletin board for executing the protocol in a way that is publicly verifiable. Our main protocol consists of two rounds. In the first round, the voters publish their public keys, and in the second round they publish their randomized ballots. All voters provide Non-interactive Zero-Knowledge (NIZK) proofs to show that they have been following the protocol specification honestly without revealing their secret votes. At the end of the election, anyone including a third-party observer will be able to compute the tally without needing any tallying authority. We provide security proofs to show that our protocol guarantees the maximum privacy for each voter. We have implemented our protocol using Ethereum's blockchain as a public bulletin board to record voting operations as publicly verifiable transactions. The experimental data obtained from our tests show the protocol's potential for the real-world deployment

Efficient Concurrent Execution of Smart Contracts in Blockchains using Object-based Transactional Memory

This paper proposes an efficient framework to execute Smart Contract Transactions (SCTs) concurrently based on object semantics, using optimistic Single-Version Object-based Software Transactional Memory Systems (SVOSTMs) and Multi-Version OSTMs (MVOSTMs). In our framework, a multi-threaded miner constructs a Block Graph (BG), capturing the object-conflicts relations between SCTs, and stores it in the block. Later, validators re-execute the same SCTs concurrently and deterministically relying on this BG. A malicious miner can modify the BG to harm the blockchain, e.g., to cause double-spending. To identify malicious miners, we propose Smart Multi-threaded Validator (SMV). Experimental analysis shows that the proposed multi-threaded miner and validator achieve significant performance gains over state-of-the-art SCT execution framework.Comment: 49 pages, 26 figures, 11 table

Securing Smart Contract On The Fly

We present Solythesis, a source to source Solidity compiler which takes a smart contract code and a user specified invariant as the input and produces an instrumented contract that rejects all transactions that violate the invariant. The design of Solythesis is driven by our observation that the consensus protocol and the storage layer are the primary and the secondary performance bottlenecks of Ethereum, respectively. Solythesis operates with our novel delta update and delta check techniques to minimize the overhead caused by the instrumented storage access statements. Our experimental results validate our hypothesis that the overhead of runtime validation, which is often too expensive for other domains, is in fact negligible for smart contracts. The CPU overhead of Solythesis is only 0.12% on average for our 23 benchmark contracts

Cost Reduction With Guarantees: Formal Reasoning Applied To Blockchain Technologies

Blockchain technologies are moving fast and their distributed nature as well as their high-stake (financial) applications make it crucial to “get things right”. Moreover, blockchain technologies often come with a high cost for maintaining blockchain infrastructure and for running applications. In this thesis formal reasoning is used for guaranteeing correctness while reducing the cost of (i) maintaining the infrastructure by optimising blockchain protocols, and (ii) running applications by optimising blockchain programs—so called smart contracts. Both have a clear cost measure: for protocols the amount of exchanged messages, and for smart contracts the monetary cost of execution. In the first result for blockchain protocols starting from a proof of correctness for an abstract blockchain consensus protocol using infinitely many messages and infinite state, a refinement proof transfers correctness to a concrete implementation of the protocol reducing the cost to finite resources. In the second result I move from a blockchain to a block graph. This block graph embeds the run of a deterministic byzantine fault tolerant protocol, thereby getting parallelism “for free” and reducing the exchanged messages to the point of omission. For blockchain programs, I optimise programs executed on the Ethereum blockchain. As a first result, I use superoptimisation and encode the search for cheaper, but observationally equivalent, program as a search problem for an automated theorem prover. Since solving this search problem is in itself expensive, my second result is an efficient encoding of the search problem. Finally for reusing found optimisations, my third results gives a framework to generate peephole optimisation rules for a smart contract compiler

A Smart Contract for Boardroom Voting with Maximum Voter Privacy

We present the first implementation of a decentralised and self-tallying internet voting protocol with maximum voter privacy using the Blockchain. The Open Vote Network is suitable for boardroom elections and is written as a smart contract for Ethereum. Unlike previously proposed Blockchain e-voting protocols, this is the first implementation that does not rely on any trusted authority to compute the tally or to protect the voter’s privacy. Instead, the Open Vote Network is a self-tallying protocol, and each voter is in control of the privacy of their own vote such that it can only be breached by a full collusion involving all other voters. The execution of the protocol is enforced using the consensus mechanism that also secures the Ethereum blockchain. We tested the implementation on Ethereum’s official test network to demonstrate its feasibility. Also, we provide a financial and computational breakdown of its execution cost

An Ethereum-Based Real Estate Application with Tampering-Resilient Document Storage

Plokiahela ja nutilepingute tehnoloogia on võimelised muutma mitmeid tööstusharusid pakkudes hajutatud platvormi detsentraliseeritud rakenduste arendamiseks. Seejuures soovivad mitmed ettevõtted nutilepinguid kasutada äriprotsesside tõhustamiseks. Käesolevas töös me esitleme juhtumiuuringut Singapuris tegutseva kinnisvara rendiga tegeleva ettevõtte kohta, mis integreeris plokiahela ühte oma protsessidest, kuid soovib kogu protsessi nutilepingusse tõsta. Pärast ettevõtte äriprotsesside modelleerimist ning analüüsimist loome piloottarkvara, mille arhitektuur on hübriidne. Ethereumi nutileping integreeritakse traditsioonilisse tsentraliseeritud veebirakendusse. Peale selle tutvustame me võltsimiskindla dokumendihoidla põhimõtet ning lisame selle IPFS näitel pilootprojekti lahendusse. Viimaseks arutleme potentsiaalsete tüüpprobleemide üle, mis võivad plokiahela rakenduse arendamisel tekkida. Pakume võimalikke lahendusi ning kaalume nende tagajärgi.Blockchain and smart contracts technology enables changes in many industries providing a distributed platform for running decentralized applications. Many companies want to adopt smart contracts technology and use it in their business processes to boost the performance. In this work we present the case study of the real estate company in Singapore that partially integrated blockchain into one of its processes, but wants to move the whole process to the smart contract. After modelling and analyzing their business processes, we create a proof-of-concept of a hybrid system that integrates Ethereum smart contract and traditional web application. Also, we introduce the concept of tampering-resilient document storage and extend the baseline solution to add support for such storage that is based on IPFS. Finally, we summarize and discuss the potential problems that can be met during the development of a blockchain-based application. We provide potential solutions and describe their implications

Sophisticated Attacks on Decoy Ballots: The Devil's Menu and the Market for Lemons

Decoy ballots do not count in election outcomes, but otherwise they are indistinguishable from real ballots. By means of a game-theoretical model, we show that decoy ballots may not provide effective protection against a malevolent adversary trying to buy real ballots. If the citizenry is divided into subgroups (or districts), the adversary can construct a so-called "Devil's Menu" consisting of several prices. In equilibrium, the adversary can buy the real ballots of any strict subset of districts at a price corresponding to the willingness to sell on the part of the citizens holding such ballots. By contrast, decoy voters are trapped into selling their ballots at a low, or even negligible, price. Blowing up the adversary's budget by introducing decoy ballots may thus turn out to be futile. The Devil's Menu can also be applied to the well-known "Lemons Problem"