The development of blockchain technology, starting with Bitcoin in 2008, has received considerable attention and sparked an incredible amount of innovation. While the main contribution of Bitcoin was the creation of a peer-to-peer digital currency system without the need for a central trusted party, newer developments have focused on smart contracts and privacy enhancing technology.
One of the defining aspects of blockchain systems is their decentralization. This decentralization can help to reduce the required trust assumptions, but it also comes with a price: Decentralized systems, like blockchains, tend to be less efficient and less scalable than more centralized solutions and they often put heavy requirements on clients. They can also make some properties, such as privacy, harder to achieve, since all information is disseminated to all participants.
While blockchains, in particular permissionless blockchains, are often presented as trustless, this is not actually the case. They do not require trust in one single central party, but they still come with explicit and implicit trust assumptions, for example, the assumption that a majority of the mining power is in the hands of honest miners in proof-of-work blockchains.
In this thesis, we explore how small changes in the explicit trust assumptions can be used in digital currency and smart contract systems to gain new properties or improve performance. In particular, we consider three topics -- privacy for lightweight clients, smart contract scalability, and central bank digital currencies (CBDCs) -- and show how each of them can be improved in terms of the achievable performance or properties, by either introducing trusted hardware, trusted committees, or a central party trusted for some aspects of the system.
First, we develop two systems, called Bite and ZLiTE that use trusted execution environments to improve the privacy of lightweight clients in systems like Bitcoin and that enable privacy-preserving lightweight clients for anonymous cryptocurrencies like Zcash. We show how these systems can be protected against adversaries with full control over a node running these systems by eliminating leakage through network traffic, disk accesses and digital side-channels.
Second, we design two systems, ACE and Bitcontracts, that improve the scalability of smart contracts. ACE enable the execution of computationally complex smart contracts and Bitcontracts enables the execution of expressive smart contracts on top of legacy cryptocurrencies, like Bitcoin, that do not natively support such contracts. Both systems execute contracts in committees that are chosen in a contract-specific trust model and thus provide hybrids between permissionless and permissioned systems. ACE is the first system that securely enables cross-contract calls given this trust model and allows for execution of contracts with a computational complexity several orders of magnitude higher than existing systems. Bitcontracts combines ACE' trust model with a new execution model and is the first to securely allow the execution of Ethereum-style contracts on top of legacy blockchains.
Finally, we show for central bank digital currencies, how privacy, regulation, and performance can be achieved simultaneously in a permissioned blockchain setting, with PRCash, or in a setting that explicitly trusts the central bank for the integrity of the currency, with Platypus. PRCash adds a privacy preserving regulation mechanism on top of commitment-based transactions for blockchain systems that hide the identities of the transaction parties and the transaction value. We then show with Platypus how the centralized setting that exists for CBDCs in practice can be leveraged to achieve even stronger privacy properties and massive scalability
