ROYALE: A Framework for Universally Composable Card Games with Financial Rewards and Penalties Enforcement

While many tailor made card game protocols are known, the vast majority of those suffer from three main issues: lack of mechanisms for distributing financial rewards and punishing cheaters, lack of composability guarantees and little flexibility, focusing on the specific game of poker. Even though folklore holds that poker protocols can be used to play any card game, this conjecture remains unproven and, in fact, does not hold for a number of protocols (including recent results). We both tackle the problem of constructing protocols for general card games and initiate a treatment of such protocols in the Universal Composability (UC) framework, introducing an ideal functionality that captures general card games constructed from a set of core card operations. Based on this formalism, we introduce Royale, the first UC-secure general card games which supports financial rewards/penalties enforcement. We remark that Royale also yields the first UC-secure poker protocol. Interestingly, Royale performs better than most previous works (that do not have composability guarantees), which we highlight through a detailed concrete complexity analysis and benchmarks from a prototype implementation

An empirical analysis of smart contracts: platforms, applications, and design patterns

Smart contracts are computer programs that can be consistently executed by a network of mutually distrusting nodes, without the arbitration of a trusted authority. Because of their resilience to tampering, smart contracts are appealing in many scenarios, especially in those which require transfers of money to respect certain agreed rules (like in financial services and in games). Over the last few years many platforms for smart contracts have been proposed, and some of them have been actually implemented and used. We study how the notion of smart contract is interpreted in some of these platforms. Focussing on the two most widespread ones, Bitcoin and Ethereum, we quantify the usage of smart contracts in relation to their application domain. We also analyse the most common programming patterns in Ethereum, where the source code of smart contracts is available.Comment: WTSC 201

Efficient UC Commitment Extension with Homomorphism for Free (and Applications)

Homomorphic universally composable (UC) commitments allow for the sender to reveal the result of additions and multiplications of values contained in commitments without revealing the values themselves while assuring the receiver of the correctness of such computation on committed values. In this work, we construct essentially optimal additively homomorphic UC commitments from any (not necessarily UC or homomorphic) extractable commitment. We obtain amortized linear computational complexity in the length of the input messages and rate 1. Next, we show how to extend our scheme to also obtain multiplicative homomorphism at the cost of asymptotic optimality but retaining low concrete complexity for practical parameters. While the previously best constructions use UC oblivious transfer as the main building block, our constructions only require extractable commitments and PRGs, achieving better concrete efficiency and offering new insights into the sufficient conditions for obtaining homomorphic UC commitments. Moreover, our techniques yield public coin protocols, which are compatible with the Fiat-Shamir heuristic. These results come at the cost of realizing a restricted version of the homomorphic commitment functionality where the sender is allowed to perform any number of commitments and operations on committed messages but is only allowed to perform a single batch opening of a number of commitments. Although this functionality seems restrictive, we show that it can be used as a building block for more efficient instantiations of recent protocols for secure multiparty computation and zero knowledge non-interactive arguments of knowledge

Instantaneous Decentralized Poker

We present efficient protocols for amortized secure multiparty computation with penalties and secure cash distribution, of which poker is a prime example. Our protocols have an initial phase where the parties interact with a cryptocurrency network, that then enables them to interact only among themselves over the course of playing many poker games in which money changes hands. The high efficiency of our protocols is achieved by harnessing the power of stateful contracts. Compared to the limited expressive power of Bitcoin scripts, stateful contracts enable richer forms of interaction between standard secure computation and a cryptocurrency. We formalize the stateful contract model and the security notions that our protocols accomplish, and provide proofs using the simulation paradigm. Moreover, we provide a reference implementation in Ethereum/Solidity for the stateful contracts that our protocols are based on. We also adopt our off-chain cash distribution protocols to the special case of stateful duplex micropayment channels, which are of independent interest. In comparison to Bitcoin based payment channels, our duplex channel implementation is more efficient and has additional features

Renegotiation and recursion in Bitcoin contracts

BitML is a process calculus to express smart contracts that can be run on Bitcoin. One of its current limitations is that, once a contract has been stipulated, the participants cannot renegotiate its terms: this prevents expressing common financial contracts, where funds have to be added by participants at run-time. In this paper, we extend BitML with a new primitive for contract renegotiation. At the same time, the new primitive can be used to write recursive contracts, which was not possible in the original BitML. We show that, despite the increased expressiveness, it is still possible to execute BitML on standard Bitcoin, preserving the security guarantees of BitML.Comment: Full version of the paper presented at COORDINATION 202

Insured MPC: Efficient Secure Computation with Financial Penalties

Fairness in Secure Multiparty Computation (MPC) is known to be impossible to achieve in the presence of a dishonest majority. Previous works have proposed combining MPC protocols with Cryptocurrencies in order to financially punish aborting adversaries, providing an incentive for parties to honestly follow the protocol. This approach also yields privacy-preserving Smart Contracts, where private inputs can be processed with MPC in order to determine the distribution of funds given to the contract. The focus of existing work is on proving that this approach is possible and unfortunately they present monolithic and mostly inefficient constructions. In this work, we put forth the first modular construction of ``Insured MPC\u27\u27, where either the output of the private computation (which describes how to distribute funds) is fairly delivered or a proof that a set of parties has misbehaved is produced, allowing for financial punishments. Moreover, both the output and the proof of cheating are publicly verifiable, allowing third parties to independently validate an execution. We present a highly efficient compiler that uses any MPC protocol with certain properties together with a standard (non-private) Smart Contract and a publicly verifiable homomorphic commitment scheme to implement Insured MPC. As an intermediate step, we propose the first construction of a publicly verifiable homomorphic commitment scheme achieving composability guarantees and concrete efficiency. Our results are proven in the Global Universal Composability framework using a Global Random Oracle as the setup assumption. From a theoretical perspective, our general results provide the first characterization of sufficient properties that MPC protocols must achieve in order to be efficiently combined with Cryptocurrencies, as well as insights into publicly verifiable protocols. On the other hand, our constructions have highly efficient concrete instantiations, allowing for fast implementations

Finite flavour groups of fermions

We present an overview of the theory of finite groups, with regard to their application as flavour symmetries in particle physics. In a general part, we discuss useful theorems concerning group structure, conjugacy classes, representations and character tables. In a specialized part, we attempt to give a fairly comprehensive review of finite subgroups of SO(3) and SU(3), in which we apply and illustrate the general theory. Moreover, we also provide a concise description of the symmetric and alternating groups and comment on the relationship between finite subgroups of U(3) and finite subgroups of SU(3). Though in this review we give a detailed description of a wide range of finite groups, the main focus is on the methods which allow the exploration of their different aspects.Comment: 89 pages, 6 figures, some references added, rearrangement of part of the material, section on SU(3) subgroups substantially extended, some minor revisions. Version for publication in J. Phys. A. Table 12 corrected to match eq.(256), table 14 and eq.(314) corrected to match the 2-dimensional irreps defined on p.6

Basic and clinical significance of IGF-I-induced signatures in cancer

The insulin-like growth factor (IGF) system mediates growth, differentiation and developmental processes; it is also involved in various metabolic activities. Deregulation of IGF system expression and action is linked to diverse pathologies, ranging from growth deficits to cancer development. Targeting of the IGF axis emerged in recent years as a promising therapeutic approach in cancer and other medical conditions. Rational use of IGF-I-induced gene signatures may help to identify patients who might benefit from IGF axis-directed therapeutic modalities. In the accompanying research article in BMC Medicine, Rajski et al. show that IGF-I-induced gene expression in primary breast and lung fibroblasts accurately predict outcomes in breast and lung cancer patients

Combined carbonate carbon isotopic and cellular ultrastructural studies of individual benthic foraminifera : method description

Author Posting. © American Geophysical Union, 2010. This article is posted here by permission of American Geophysical Union for personal use, not for redistribution. The definitive version was published in Paleoceanography 25 (2010): PA2211, doi:10.1029/2009PA001846.Carbon isotopes of foraminiferal tests provide a widely used proxy for past oceanographic environmental conditions. This proxy can be calibrated using live specimens, which are reliably identified with observations of cell ultrastructure. Observations of ultrastructures can also be used for studies of biological characteristics such as diet and presence of symbionts. Combining biological and isotopic studies on individual foraminifera could provide novel information, but standard isotopic methods destroy ultrastructures by desiccating specimens and observations of ultrastructure require removal of carbonate tests, preventing isotope measurements. The approach described here preserves cellular ultrastructure during isotopic analyses by keeping the foraminifera in an aqueous buffer (Phosphate Buffered Saline (PBS)). The technique was developed and standardized with 36 aliquots of NBS-19 standard of similar weight to foraminiferal tests (5 to 123 μg). Standard errors ranged from ± 0.06 to ± 0.85‰ and were caused by CO2 contaminants dissolved in the PBS. The technique was used to measure δ13C values of 96 foraminifera, 10 of which do not precipitate carbonate tests. Calcareous foraminiferal tests had corrected carbon isotope ratios of −8.5 to +3.2‰. This new technique allows comparisons of isotopic compositions of tests made by foraminifera known to be alive at the time of collection with their biological characteristics such as prey composition and presence or absence of putative symbionts. The approach may be applied to additional biomineralizing organisms such as planktonic foraminifera, pteropods, corals, and coccolithophores to elucidate certain biological controls on their paleoceanographic proxy signatures.Support was provided by NSF grants OCE‐0550396 (to J.B.M.), OCE‐0551001 (to J.M.B.), and OCE‐ 0550401 (to A.E.R.)