58 research outputs found
Renegotiation and recursion in Bitcoin contracts
BitML is a process calculus to express smart contracts that can be run on
Bitcoin. One of its current limitations is that, once a contract has been
stipulated, the participants cannot renegotiate its terms: this prevents
expressing common financial contracts, where funds have to be added by
participants at run-time. In this paper, we extend BitML with a new primitive
for contract renegotiation. At the same time, the new primitive can be used to
write recursive contracts, which was not possible in the original BitML. We
show that, despite the increased expressiveness, it is still possible to
execute BitML on standard Bitcoin, preserving the security guarantees of BitML.Comment: Full version of the paper presented at COORDINATION 202
On Symbolic Verification of Bitcoin's script Language
Validation of Bitcoin transactions rely upon the successful execution of scripts written in a simple and effective, non-Turing-complete by design language, simply called SCRIPT. This makes the validation of closed scripts, i.e. those associated to actual transactions and bearing full information, straightforward. Here we address the problem of validating open scripts, i.e. we address the validation of redeeming scripts against the whole set of possible inputs, i.e. under which general conditions can Bitcoins be redeemed? Even if likely not one of the most complex languages and demanding verification problems, we advocate the merit of formal verification for the Bitcoin validation framework. We propose a symbolic verification theory for of open SCRIPT, a verifier tool-kit, and illustrate examples of use on Bitcoin transactions. Contributions include 1) a formalisation of (a fragment of) the language; 2) a novel symbolic approach to SCRIPT verification, suitable, e.g. for the verification of newly defined and non-standard payment schemas; and 3) building blocks for a larger verification theory for the developing area of Bitcoin smart contracts. The verification of smart contracts, i.e. agreements built as transaction-based protocols, is currently a difficult to formalise and computationally demanding problem
An empirical analysis of smart contracts: platforms, applications, and design patterns
Smart contracts are computer programs that can be consistently executed by a
network of mutually distrusting nodes, without the arbitration of a trusted
authority. Because of their resilience to tampering, smart contracts are
appealing in many scenarios, especially in those which require transfers of
money to respect certain agreed rules (like in financial services and in
games). Over the last few years many platforms for smart contracts have been
proposed, and some of them have been actually implemented and used. We study
how the notion of smart contract is interpreted in some of these platforms.
Focussing on the two most widespread ones, Bitcoin and Ethereum, we quantify
the usage of smart contracts in relation to their application domain. We also
analyse the most common programming patterns in Ethereum, where the source code
of smart contracts is available.Comment: WTSC 201
Account Management in Proof of Stake Ledgers
Blockchain protocols based on Proof-of-Stake (PoS) depend — by nature — on the active participation of stakeholders. If users are offline and abstain from the PoS consensus mechanism, the system’s security is at risk, so it is imperative to explore ways to both maximize the level of participation and minimize the effects of non-participation. One such option is stake representation, such that users can delegate their participation rights and, in the process, form stake pools . The core idea is that stake pool operators always participate on behalf of regular users, while the users retain the ownership of their assets. Our work provides a formal PoS wallet construction that enables delegation and stake pool formation. While investigating the construction of addresses in this setting, we distil and explore address malleability, a security property that captures the ability of an attacker to manipulate the delegation information associated with an address. Our analysis consists of identifying multiple levels of malleability, which are taken into account in our paper’s core result. We then introduce the first ideal functionality of a PoS wallet’s core which captures the PoS wallet’s capabilities and is realized as a secure protocol based on standard cryptographic primitives. Finally, we cover how to use the wallet core in conjunction with a PoS ledger, as well as investigate how delegation and stake pools affect a PoS system’s security
ROYALE: A Framework for Universally Composable Card Games with Financial Rewards and Penalties Enforcement
While many tailor made card game protocols are known, the vast majority of those suffer from three main issues: lack of mechanisms for distributing financial rewards and punishing cheaters, lack of composability guarantees and little flexibility, focusing on the specific game of poker. Even though folklore holds that poker protocols can be used to play any card game, this conjecture remains unproven and, in fact, does not hold for a number of protocols (including recent results). We both tackle the problem of constructing protocols for general card games and initiate a treatment of such protocols in the Universal Composability (UC) framework, introducing an ideal functionality that captures general card games constructed from a set of core card operations. Based on this formalism, we introduce Royale, the first UC-secure general card games which supports financial rewards/penalties enforcement. We remark that Royale also yields the first UC-secure poker protocol. Interestingly, Royale performs better than most previous works (that do not have composability guarantees), which we highlight through a detailed concrete complexity analysis and benchmarks from a prototype implementation
Efficient Zero-Knowledge Contingent Payments in Cryptocurrencies Without Scripts
One of the most promising innovations offered by the cryptographic currencies (like Bitcoin) are the so-called \emph{smart contracts}, which can be viewed as financial agreements between mutually distrusting participants. Their execution is enforced by the mechanics of the currency, and typically has monetary consequences for the parties. The rules of these contracts are written in the form of so-called ``scripts\u27\u27, which are pieces of code in some ``scripting language\u27\u27. Although smart contracts are believed to have a huge potential, for the moment they are not widely used in practice. In particular, most of Bitcoin miners allow only to post standard transactions (i.e.: those without the non-trivial scripts) on the blockchain. As a result, it is currently very hard to create non-trivial smart contracts in Bitcoin.
Motivated by this, we address the following question: ``is it possible to create non-trivial efficient smart contracts using the standard transactions only?\u27\u27 We answer this question affirmatively, by constructing efficient Zero-Knowledge Contingent Payment protocol for a large class of NP-relations. This includes the relations for which efficient sigma protocols exist. In particular, our protocol can be used to sell a factorization of an RSA modulus , which is an example that we implemented and tested its efficiency in practice.
As another example of the ``smart contract without scripts\u27\u27 we show how our techniques can be used to implement the contract called ``trading across chains\u27\u27
Short Paper: Blockcheck the Typechain
Recent efforts have sought to design new smart contract programming languages that make writing blockchain programs safer. But programs on the blockchain are beholden only to the safety properties enforced by the blockchain itself: even the strictest language-only properties can be rendered moot on a language-oblivious blockchain due to inter-contract interactions. Consequently, while safer languages are a necessity, fully realizing their benefits necessitates a language-aware redesign of the blockchain itself. To this end, we propose that the blockchain be viewed as a typechain: a chain of typed programs-not arbitrary blocks-that are included iff they typecheck against the existing chain. Reaching consensus, or blockchecking, validates typechecking in a byzantine fault-tolerant manner. Safety properties traditionally enforced by a runtime are instead enforced by a type system with the aim of statically capturing smart contract correctness. To provide a robust level of safety, we contend that a typechain must minimally guarantee (1) asset linearity and liveness, (2) physical resource availability, including CPU and memory, (3) exceptionless execution, or no early termination, (4) protocol conformance, or adherence to some state machine, and (5) inter-contract safety, including reentrancy safety. Despite their exacting nature, typechains are extensible, allowing for rich libraries that extend the set of verified properties. We expand on typechain properties and present examples of real-world bugs they prevent
Lyapunov-Based Reinforcement Learning for Decentralized Multi-Agent Control
Decentralized multi-agent control has broad applications, ranging from
multi-robot cooperation to distributed sensor networks. In decentralized
multi-agent control, systems are complex with unknown or highly uncertain
dynamics, where traditional model-based control methods can hardly be applied.
Compared with model-based control in control theory, deep reinforcement
learning (DRL) is promising to learn the controller/policy from data without
the knowing system dynamics. However, to directly apply DRL to decentralized
multi-agent control is challenging, as interactions among agents make the
learning environment non-stationary. More importantly, the existing multi-agent
reinforcement learning (MARL) algorithms cannot ensure the closed-loop
stability of a multi-agent system from a control-theoretic perspective, so the
learned control polices are highly possible to generate abnormal or dangerous
behaviors in real applications. Hence, without stability guarantee, the
application of the existing MARL algorithms to real multi-agent systems is of
great concern, e.g., UAVs, robots, and power systems, etc. In this paper, we
aim to propose a new MARL algorithm for decentralized multi-agent control with
a stability guarantee. The new MARL algorithm, termed as a multi-agent
soft-actor critic (MASAC), is proposed under the well-known framework of
"centralized-training-with-decentralized-execution". The closed-loop stability
is guaranteed by the introduction of a stability constraint during the policy
improvement in our MASAC algorithm. The stability constraint is designed based
on Lyapunov's method in control theory. To demonstrate the effectiveness, we
present a multi-agent navigation example to show the efficiency of the proposed
MASAC algorithm.Comment: Accepted to The 2nd International Conference on Distributed
Artificial Intelligenc
- …