SoK: Security of Cross-chain Bridges: Attack Surfaces, Defenses, and Open Problems

Cross-chain bridges are used to facilitate token and data exchanges across blockchains. Although bridges are becoming increasingly popular, they are still in their infancy and have been attacked multiple times recently, causing significant financial loss. Although there are numerous reports online explaining each of the incidents on cross-chain bridges, they are scattered over the Internet, and there is no work that analyzes the security landscape of cross-chain bridges in a holistic manner. To fill the gap, in this paper, we performed a systematic study of cross-chain bridge security issues. First, we summarize the characteristics of existing cross-chain bridges, including their usages, verification mechanisms, communication models, and three categorizations. Based on these characteristics, we identify 12 potential attack vectors that attackers may exploit. Next, we introduce a taxonomy that categorizes cross-chain attacks in the past two years into 10 distinct types, and then provide explanations for each vulnerability type, accompanied by Solidity code examples. We also discuss existing and potential defenses, as well as open questions and future research directions on cross-chain bridges. We believe that this systematization can shed light on designing and implementing cross-chain bridges with higher security and, more importantly, facilitating future research on building a better cross-chain bridge ecosystem

Stacco: Differentially Analyzing Side-Channel Traces for Detecting SSL/TLS Vulnerabilities in Secure Enclaves

Intel Software Guard Extension (SGX) offers software applications enclave to protect their confidentiality and integrity from malicious operating systems. The SSL/TLS protocol, which is the de facto standard for protecting transport-layer network communications, has been broadly deployed for a secure communication channel. However, in this paper, we show that the marriage between SGX and SSL may not be smooth sailing. Particularly, we consider a category of side-channel attacks against SSL/TLS implementations in secure enclaves, which we call the control-flow inference attacks. In these attacks, the malicious operating system kernel may perform a powerful man-in-the-kernel attack to collect execution traces of the enclave programs at page, cacheline, or branch level, while positioning itself in the middle of the two communicating parties. At the center of our work is a differential analysis framework, dubbed Stacco, to dynamically analyze the SSL/TLS implementations and detect vulnerabilities that can be exploited as decryption oracles. Surprisingly, we found exploitable vulnerabilities in the latest versions of all the SSL/TLS libraries we have examined. To validate the detected vulnerabilities, we developed a man-in-the-kernel adversary to demonstrate Bleichenbacher attacks against the latest OpenSSL library running in the SGX enclave (with the help of Graphene) and completely broke the PreMasterSecret encrypted by a 4096-bit RSA public key with only 57286 queries. We also conducted CBC padding oracle attacks against the latest GnuTLS running in Graphene-SGX and an open-source SGX-implementation of mbedTLS (i.e., mbedTLS-SGX) that runs directly inside the enclave, and showed that it only needs 48388 and 25717 queries, respectively, to break one block of AES ciphertext. Empirical evaluation suggests these man-in-the-kernel attacks can be completed within 1 or 2 hours.Comment: CCS 17, October 30-November 3, 2017, Dallas, TX, US

Influence of Copper Foam on the Thermal Characteristics of Phase Change Materials

The phase change material is a hot research topic in solar thermal storage systems. However, the thermal conductivity of pure phase change materials is usually low, which hinders its application in facilities. In this study, copper foam is used to increase the thermal characteristics of the paraffin. Simulations are conducted to compare the melting characteristics of the pure paraffin and the paraffin/copper foam composite phase change material. A visualized experimental device was designed and built, and the copper foam composite phase change material, with a volume fraction of 15%, was prepared by filling part of the copper foam in the phase change material. The simulation results agree well with the experimental results. The root mean square errors of the temperature for the pure paraffin and the composite phase change material are 0.0223 and 0.0179, respectively. The experimental results show that the copper foam can enhance thermal conductivity and decrease melting time. It takes 870 s for the composite phase change material to melt, which is 3.44% less than that of the pure paraffin. This study deepens the understanding of the composite phase change material and provides a reference for the design of thermal energy storage devices

Environmental F actors coordinate circadian clock function and rhythm to regulate plant development

Changes in the external environment necessitate plant growth plasticity, with environmental signals such as light, temperature, and humidity regulating growth and development. The plant circadian clock is a biological time keeper that can be “reset” to adjust internal time to changes in the external environment. Exploring the regulatory mechanisms behind plant acclimation to environmental factors is important for understanding how plant growth and development are shaped and for boosting agricultural production. In this review, we summarize recent insights into the coordinated regulation of plant growth and development by environmental signals and the circadian clock, further discussing the potential of this knowledge

The pressure relief protection effect of different strip widths, dip angles and pillar widths of an underside protective seam.

To design underside protective seam strip layout. Similarity model experiments, numerical simulations and theoretical calculations are used to quantitatively study the pressure relief protection effect of different strip widths, dip angles and coal pillar widths of a thin underside protective seam under deeply buried conditions. The optimal strip width range is obtained according to the change law of strain during the mining process of the underside protective seam in a similar model experiment. The change law of the expansion of the protected coal seam is obtained and the fitting surfaces among the dip angle and strip width of the coal seam with the protection distance and pressure relief angle along the strike and dip of the protected coal seam are established according to the numerical simulation results of underside protective seam mining. It is concluded that the best pressure relief effect can be achieved when the dip angle is 16.7° and the strip width is 70 m. According to the stability threshold of coal pillars considered in strip mining theory, the coal pillar width is calculated to be 50 m. Similarity model experiments and numerical simulations of protected coal seam mining verify the pressure relief effect of the designed protective seam strip width and pillar width. A calculation method of the protective seam strip width, position and pillar width required by the specific width of the protected seam is proposed

Research on the Web-based On-line Monitoring Technology of the Smart Substation Primary Equipments

Smart substation primary equipment on-line monitoring technology is an important part of the realization of substation intelligentizes monitoring. In order to meet the requirements of smart substation on high-speed, efficient, steady on-line monitoring system, the sharing of online monitoring data of the power station and to improve interoperability of on-line monitoring device, the primary equipment on-line monitoring technology of smart substation based on the network is proposed by this paper. Based on the analysis of the substation primary equipment monitoring parameters, according to the three levels and two network structure, the author designed primary equipment monitoring terminal (process level), primary equipment on-line monitoring IED (bay level), the monitoring center (station level)respectively, and between each level there are communication network structures. The scene practical operation analysis shows that, on-line monitoring system for substation which based on the network is stable and reliable, and the change of the equipment running status can be monitored accurately and timely

Association between DIAPH1 variant and posterior circulation involvement with Moyamoya disease

Abstract Moyamoya disease (MMD) is a chronic and progressive cerebrovascular stenosis or occlusive disease that occurs near Willis blood vessels. The aim of this study was to investigate the mutation of DIAPH1 in Asian population, and to compare the angiographic features of MMD patients with and without the mutation of the DIAPH1 gene. Blood samples of 50 patients with MMD were collected, and DIAPH1 gene mutation was detected. The angiographic involvement of the posterior cerebral artery was compared between the mutant group and the non-mutant group. The independent risk factors of posterior cerebral artery involvement were determined by multivariate logistic regression analysis. DIAPH1 gene mutation was detected in 9 (18%) of 50 patients, including 7 synonymous mutations and 2 missense mutations. However, the incidence of posterior cerebral artery involvement in mutation positive group was very higher than that in mutation negative group (77.8% versus 12%; p = 0.001). There is an association between DIAPH1 mutation and PCA involvement (odds ratio 29.483, 95% confidence interval 3.920–221.736; p = 0.001). DIAPH1 gene mutation is not a major genetic risk gene for Asian patients with moyamoya disease but may play an important role in the involvement of posterior cerebral artery

Clinical features and shared mechanisms of chronic gastritis and osteoporosis

Abstract Chronic gastritis (CG) and osteoporosis (OP) are common and occult diseases in the elderly and the relationship of these two diseases have been increasingly exposed. We aimed to explore the clinical characteristics and shared mechanisms of CG patients combined with OP. In the cross-sectional study, all participants were selected from BEYOND study. The CG patients were included and classified into two groups, namely OP group and non-OP group. Univariable and multivariable logistic regression methods were used to evaluate the influencing factors. Furthermore, CG and OP-related genes were obtained from Gene Expression Omnibus (GEO) database. Differentially expressed genes (DEGs) were identified using the GEO2R tool and the Venny platform. Protein–protein interaction information was obtained by inputting the intersection targets into the STRING database. The PPI network was constructed by Cytoscape v3.6.0 software again, and the key genes were screened out according to the degree value. Gene function enrichment of DEGs was performed by Webgestalt online tool. One hundred and thirty CG patients were finally included in this study. Univariate correlation analysis showed that age, gender, BMI and coffee were the potential influencing factors for the comorbidity (P < 0.05). Multivariate Logistic regression model found that smoking history, serum PTH and serum β-CTX were positively correlated with OP in CG patients, while serum P1NP and eating fruit had an negative relationship with OP in CG patients. In studies of the shared mechanisms, a total of 76 intersection genes were identified between CG and OP, including CD163, CD14, CCR1, CYBB, CXCL10, SIGLEC1, LILRB2, IGSF6, MS4A6A and CCL8 as the core genes. The biological processes closely related to the occurrence and development of CG and OP mainly involved Ferroptosis, Toll-like receptor signaling pathway, Legionellosis and Chemokine signaling pathway. Our study firstly identified the possible associated factors with OP in the patients with CG, and mined the core genes and related pathways that could be used as biomarkers or potential therapeutic targets to reveal the shared mechanisms

Deterministic Approach to Achieve Full-Polarization Cloak

Achieving full-polarization (σ) invisibility on an arbitrary three-dimensional (3D) platform is a long-held knotty issue yet extremely promising in real-world stealth applications. However, state-of-the-art invisibility cloaks typically work under a specific polarization because the anisotropy and orientation-selective resonant nature of artificial materials made the σ-immune operation elusive and terribly challenging. Here, we report a deterministic approach to engineer a metasurface skin cloak working under an arbitrary polarization state by theoretically synergizing two cloaking phase patterns required, respectively, at spin-up (σ+) and spin-down (σ−) states. Therein, the wavefront of any light impinging on the cloak can be well preserved since it is a superposition of σ+ and σ− wave. To demonstrate the effectiveness and applicability, several proof-of-concept metasurface cloaks are designed to wrap over a 3D triangle platform at microwave frequency. Results show that our cloaks are essentially capable of restoring the amplitude and phase of reflected beams as if light was incident on a flat mirror or an arbitrarily predesigned shape under full polarization states with a desirable bandwidth of ~17.9%, conceiving or deceiving an arbitrary object placed inside. Our approach, deterministic and robust in terms of accurate theoretical design, reconciles the milestone dilemma in stealth discipline and opens up an avenue for the extreme capability of ultrathin 3D cloaking of an arbitrary shape, paving up the road for real-world applications