Lingling Lu,Zhenyu Wen,Ye Yuan,Binru Dai,Peng Qian,Changting Lin,Qinming He,Zhenguang Liu,Jianhai Chen,Rajiv Ranjan

DOI: https://doi.org/10.1109/tdsc.2022.3228908

2023-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Blockchain, a distributed and shared ledger, provides a credible and transparent solution to increase application auditability by querying the immutable records written in the ledger. Unfortunately, existing query APIs offered by the blockchain are inflexible and unscalable. Some studies propose off-chain solutions to provide more flexible and scalable query services. However, the query service providers (SPs) may deliver fake results without executing the real computation tasks and collude to cheat users. In this article, we propose a novel intelligent blockchain analytics platform termed iQuery , in which we design a game theory based smart contract to ensure the trustworthiness of the query results at a reasonable monetary cost. Furthermore, the contract introduces the second opinion game that employs a randomized SP selection approach coupled with non-ordered asynchronous querying primitive to prevent collusion. We achieve a fixed price equilibrium, destroy the economic foundation of collusion, and can incentivize all rational SPs to act diligently with proper financial rewards. In particular, iQuery can flexibly support semantic and analytical queries for generic consortium or public blockchains, achieving query scalability to massive blockchain data. Extensive experimental evaluations show that iQuery is significantly faster than state-of-the-art systems. Specifically, in terms of the conditional, analytical, and multi-origin query semantics, iQuery is 2 ×, 7 ×, and 1.5 × faster than advanced blockchain and blockchain databases. Meanwhile, to guarantee 100% trustworthiness, only two copies of query results need to be verified in iQuery , while iQuery 's latency is $2 \sim 134$ × smaller than the state-of-the-art systems.

Zhe Ye,Ujval Misra,Jiajun Cheng,Wenyang Zhou,Dawn Song

2024-01-04

Abstract:An optimistic rollup (ORU) scales a blockchain's throughput by delegating computation to an untrusted remote chain (L2), refereeing any state claim disagreements between mutually distrusting L2 operators via an interactive dispute resolution protocol. State-of-the-art ORUs employ a monolithic dispute resolution protocol that tightly couples an L1 referee with a specific L2 client binary--oblivious to the system's higher-level semantics. We argue that this approach (1) magnifies monoculture failure risk, by precluding trust-minimized and permissionless participation using operator-chosen client software; (2) leads to an unnecessarily large and difficult-to-audit TCB; and, (3) suffers from a frequently-triggered, yet opaque upgrade process--both further increasing auditing overhead, and broadening the governance attack surface. To address these concerns, we outline a methodology for designing a secure and resilient ORU with a minimal TCB, by facilitating opportunistic 1-of-N-version programming. Due to its unique challenges and opportunities, we ground this work concretely in the context of the Ethereum ecosystem--where ORUs have gained significant traction. Specifically, we design a semantically-aware proof system, natively targeting the EVM and its instruction set. We present an implementation in a new ORU, Specular, that opportunistically leverages Ethereum's existing client diversity with minimal source modification, demonstrating our approach's feasibility.

Cryptography and Security

John Adler,Ryan Berryhill,Andreas Veneris,Zissis Poulos,Neil Veira,Anastasia Kastania

DOI: https://doi.org/10.48550/arXiv.1808.00528

2018-08-02

Abstract:The public blockchain was originally conceived to process monetary transactions in a peer-to-peer network while preventing double-spending. It has since been extended to numerous other applications including execution of programs that exist on the blockchain called "smart contracts." Smart contracts have a major limitation, namely they only operate on data that is on the blockchain. Trusted entities called oracles attest to external data in order to bring it onto the blockchain but they do so without the robust security guarantees that blockchains generally provide. This has the potential to turn oracles into centralized points-of-failure. To address this concern, this paper introduces Astraea, a decentralized oracle based on a voting game that decides the truth or falsity of propositions. Players fall into two roles: voters and certifiers. Voters play a low-risk/low-reward role that is resistant to adversarial manipulation while certifiers play a high-risk/high-reward role so they are required to play with a high degree of accuracy. This paper also presents a formal analysis of the parameters behind the system to measure the probability of an adversary with bounded funds being able to successfully manipulate the oracle's decision, that shows that the same parameters can be set to make manipulation arbitrarily difficult---a desirable feature for the system. Further, this analysis demonstrates that under those conditions a Nash equilibrium exists where all rational players are forced to behave honestly.

Cryptography and Security

Fahad Rahman,Chafiq Titouna,Farid Nait-Abdesselam

2023-12-30

Abstract:Distributed Computing in Blockchain Technology (BCT) hinges on a trust assumption among independent nodes. Without a third-party interface or what is known as a Blockchain Oracle, it can not interact with the external world. This Oracle plays a crucial role by feeding extrinsic data into the Blockchain, ensuring that Smart Contracts operate accurately in real time. The Oracle problem arises from the inherent difficulty in verifying the truthfulness of the data sourced by these Oracles. The genuineness of a Blockchain Oracle is paramount, as it directly influences the Blockchain's reliability, credibility, and scalability. To tackle these challenges, a strategy rooted in Byzantine fault tolerance {\phi} is introduced. Furthermore, an autonomous system for sustainability and audibility, built on heuristic detection, is put forth. The effectiveness and precision of the proposed strategy outperformed existing methods using two real-world datasets, aimed to meet the authenticity standards for Blockchain Oracles.

Cryptography and Security

Hanlin Chen,Yan Chen,Bing Lin,Xing Chen,Yun Ma,Gang Huang

DOI: https://doi.org/10.1109/icws62655.2024.00065

2024-01-01

Abstract:In the traditional Service-Oriented Architecture (SOA), Web service providers register their service descriptions in the registry for service clients to perform service discovery and invocation. Although this architecture provides loose service invocation, it lacks a dispute resolution mechanism to guarantee the trusted service invocation between untrustworthy service providers and clients. Blockchain technology has unparalleled advantages in decentralization and tamper-resistance, and can be employed in the SOA to solve the untrustworthiness of service invocation. Combining the SOA architecture and blockchain technology, this paper proposes a blockchain-based trust framework for SOA, where the blockchain is used as an evidence recorder and a service registration proxy. To ensure the service traceability, each service invocation is signed by both the service provider and client involved as a trusted credential on the blockchain. The trusted credentials on the blockchain will be retrieved for verification when a service dispute occurs. Moreover, the input parameters and results of a service are encrypted during constructing trusted credentials to ensure the privacy of service data. The experimental results show that the proposed framework can correctly handle the service disputes between service providers and clients in the case of all independent malicious behaviors and most of the combined malicious behaviors, compared with traditional methods. It also could realize the automatic conversion from Web services to trusted services, and complete the trusted service invocation within 2.Ss.

Zhiyuan Wang,Mingan Gao,Gehao Lu

DOI: https://doi.org/10.3390/s24020502

IF: 3.9

2024-01-14

Sensors

Abstract:In the realm of IoT sensor data security, particularly in areas like agricultural product traceability, the challenges of ensuring product origin and quality are paramount. This research presents a novel blockchain oracle solution integrating an enhanced MTAS signature algorithm derived from the Schnorr signature algorithm. The key improvement lies in the automatic adaptation of flexible threshold values based on the current scenario, catering to diverse security and efficiency requirements. Utilizing the continuously increasing block height of the blockchain as a pivotal blinding parameter, our approach strengthens signature verifiability and security. By combining the block height with signature parameters, we devise a distinctive signing scheme reliant on a globally immutable timestamp. Additionally, this study introduces a reliable oracle reputation mechanism for monitoring and assessing oracle node performance, maintaining both local and global reputations. This mechanism leverages smart contracts to evaluate each oracle's historical service, penalizing or removing nodes engaged in inappropriate behaviors. Experimental results highlight the innovative contributions of our approach to enhancing on-chain efficiency and fortifying security during the on-chain process, offering promising advancements for secure and efficient IoT sensor data transmission.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Zishuo Zhao,Xi Chen,Yuan Zhou

2024-07-12

Abstract:The security of blockchain systems is fundamentally based on the decentralized consensus in which the majority of parties behave honestly, and the process of content verification is essential to keep the robustness of blockchain systems. However, the phenomenon that a secure blockchain system with few or no cheaters could not provide sufficient incentive for verifiers to honestly perform the costly verification, referred to as the Verifier's Dilemma, could severely undermine the fundamental security of blockchain systems. While existing works have attempted to insert deliberate errors to disincentivize lazy verification, the decentralized environment makes it impossible to judge the correctness of verification or detect malicious verifiers directly. In this paper, we initiate the research that leverages the peer prediction approach towards the design of Bayesian truthful mechanisms for the decentralized verification game among multiple verifiers, incentivizing all verifiers to perform honest verification without access to the ground truth even in the presence of noisy observations in the verification process. With theoretically guaranteed truthfulness of our mechanism for the verification game, our work provides a framework of verification mechanisms that enhances the security and robustness of the blockchain and potentially other decentralized systems.

Cryptography and Security,Computer Science and Game Theory

Shantanu Pal,Ambrose Hill,Tahiry Rabehaja,Michael Hitchens

DOI: https://doi.org/10.48550/arXiv.2206.05676

2022-06-12

Abstract:There has been considerable advancement in the use of blockchain for trust management in large-scale dynamic systems. In such systems, blockchain is mainly used to store the trust score or trust-related information of interactions among the various entities. However, present trust management architectures using blockchain lack verifiable interactions among the entities on which the trust score is calculated. In this paper, we propose a blockchain-based trust management framework that allows independent trust providers to implement different trust metrics on a common set of trust evidence and provide individual trust value. We employ geo-location as proof of interaction. Some of the existing proposals rely upon geo-location data, but they do not support trust calculation by multiple trust providers. Instead, they can only support a centralised system. Our proposed architecture does not depend upon a single centralised third-party entity to ensure trusted interactions. Our architecture is supported by provable interactions that can easily be verified using blockchain. Therefore, it allows a high degree of confidence in trust management by ensuring the actual interactions between the entities. We provide a detailed design and development of the architecture using real-world use case examples. The proof of prototype was implemented on the Ethereum blockchain platform. Experimental results demonstrate that the employment of independent trust providers adequately provides a high degree of trust scores and that the proposed architecture can be used in a real-world environment.

Distributed, Parallel, and Cluster Computing

Dian Chen,Haobo Yuan,Shengshan Hu,Qian Wang,Cong Wang

DOI: https://doi.org/10.1109/tpds.2020.3030063

IF: 5.3

2021-04-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Proofs of retrievability and proofs of replication are two cryptographic tools that enable a remote server to prove that the users' data has been correctly stored. Nevertheless, the literature either requires the users themselves to perform expensive verification jobs, or relies on a "fully trustworthy" third party auditor (TPA) to execute the public verification. In addition, none of existing solutions consider the underlying incentive issues behind a rational server who is motivated to collect users' data but tries to evade the replication checking in order to save storage resources. In this article, we propose the first decentralized system for proofs of data retrievability and replication—${sf BOSSA}$<math>BOSSA</math>, which is incentive-compatible for each party and realizes automated auditing atop off-the-shelf blockchain platforms. We deal with issues such as proof enforcements to catch malicious behaviors, new metrics to measure the contributions, and reward distributions to create a fair reciprocal environment. ${sf BOSSA}$<math>BOSSA</math> also incorporates privacy-enhancing techniques to prevent decentralized peers (including blockchain nodes) from inferring private information about the outsourced data. Security analysis is presented in the context of integrity, privacy, and reliability. We implement a prototype based on ${sf BOSSA}$<math>BOSSA</math> leveraging the smart contracts of Ethereum blockchain. Our extensive experimental evaluations demonstrate the practicality of our proposal.

computer science, theory & methods,engineering, electrical & electronic

Yuanliang Chen,Fuchen Ma,Yuanhang Zhou,Yu Jiang,Ting Chen,Jiaguang Sun

DOI: https://doi.org/10.1109/sp46215.2023.10179386

2023-01-01

Abstract:Blockchain is a decentralized distributed system on which a large number of financial applications have been deployed. The consensus process in it plays an important role, which guarantees that legal transactions on the chain can be executed and recorded fairly and consistently. However, because of Consensus Failure Bugs (CFBs), many blockchain systems do not provide even this basic guarantee. The validity and consistency of blockchain systems rely on the soundness of complex consensus logic implementation. Any bugs which cause the blockchain consensus failure can be crucial. In this work, we introduce Tyr, an open-source tool for detecting CFBs in blockchain systems with a large number of abnormal divergent consensus behaviors. First, we design four oracle detectors to monitor the behaviors of nodes and analyze the violation of consensus properties. To trigger these oracles effectively, Tyr harnesses a behavior divergent model to constantly generate consensus messages and make nodes behave as differently as possible. We implemented and evaluated Tyr on six widely used commercial blockchain consensus systems, including IBM Fabric, WeBank FISCO-BCOS, ConsenSys Quorum, Facebook Diem, Go-Ethereum, and EOS. Compared with the state-of-the-art tools Peach, Fluffy, and Twins, Tyr covers 27.3%, 228.2%, and 297.1% more branches, respectively. Furthermore, Tyr has detected 20 serious previously unknown vulnerabilities, all of which have been repaired by the corresponding maintainers.

Luca Olivieri,Fausto Spoto

DOI: https://doi.org/10.1007/s10009-024-00758-x

2024-07-13

International Journal on Software Tools for Technology Transfer

Abstract:Blockchain technology has created a new software development context, with its own peculiarities, mainly due to the guarantees that the technology must satisfy, that is, immutability , distributability , and decentralization of data. Its rapid evolution over the last decade implied a lack of adequate verification tools, exposing developers and users to critical vulnerabilities and bugs. This paper clarifies the extent of block chain-oriented software (BoS), that goes well beyond smart contracts. Moreover, it provides an overview of the challenges related to software verification in the blockchain context, encompassing smart contracts, blockchain layers, cross-chain applications, and, more generally, BoS. This study aims to highlight the shortcomings of the state-of-art and of the state-of-practice of software verification in that context and identify, at the same time, new research directions.

computer science, software engineering

Prasanth Chakka,Saurabh Joshi,Aniket Kate,Joshua Tobkin,David Yang

DOI: https://doi.org/10.48550/arXiv.2305.03903

2023-05-12

Abstract:Oracle networks feeding off-chain information to a blockchain are required to solve a distributed agreement problem since these networks receive information from multiple sources and at different times. We make a key observation that in most cases, the value obtained by oracle network nodes from multiple information sources are in close proximity. We define a notion of agreement distance and leverage the availability of a state machine replication (SMR) service to solve this distributed agreement problem with an honest simple majority of nodes instead of the conventional requirement of an honest super majority of nodes. Values from multiple nodes being in close proximity, therefore, forming a coherent cluster, is one of the keys to its efficiency. Our asynchronous protocol also embeds a fallback mechanism if the coherent cluster formation fails. Through simulations using real-world exchange data from seven prominent exchanges, we show that even for very small agreement distance values, the protocol would be able to form coherent clusters and therefore, can safely tolerate up to $1/2$ fraction of Byzantine nodes. We also show that, for a small statistical error, it is possible to choose the size of the oracle network to be significantly smaller than the entire system tolerating up to a $1/3$ fraction of Byzantine failures. This allows the oracle network to operate much more efficiently and horizontally scale much better.

Distributed, Parallel, and Cluster Computing

Nikolaj S. Bjørner,Ashley J. Chen,Shuo Chen,Yang Chen,Zhongxin Guo,Tzu-Han Hsu,Peng Liu,Nanqing Luo

2024-08-13

Abstract:Security bugs and trapdoors in smart contracts have been impacting the Ethereum community since its inception. Conceptually, the 1.45-million Ethereum's contracts form a single "gigantic program" whose behaviors are determined by the complex reference-topology between the contracts. Can the Ethereum community be assured that this gigantic program conforms to its design-level safety properties, despite unforeseeable code-level intricacies? Static code verification is inadequate due to the program's gigantic scale and high polymorphism. In this paper, we present a viable technological roadmap for the community toward this ambitious goal. Our technology, called Theorem-Carrying-Transaction (TCT), combines the benefits of concrete execution and symbolic proofs. Under the TCT protocol, every transaction carries a theorem that proves its adherence to the specified properties in the invoked contracts, and the runtime system checks the theorem before executing the transaction. Once a property is specified in a contract, it can be treated confidently as an unconditional guarantee made by the contract. As case studies, we demonstrate that TCT secures token contracts without foreseeing code-level intricacies like integer overflow and reentrancy. TCT is also successfully applied to a Uniswap codebase, showcasing a complex decentralized finance (DeFi) scenario. Our prototype incurs a negligible runtime overhead, two orders of magnitude lower than a state-of-the-art approach.

Cryptography and Security,Programming Languages

Naman Goel,Cyril van Schreven,Aris Filos-Ratsikas,Boi Faltings

DOI: https://doi.org/10.48550/arXiv.1908.10258

2020-07-26

Abstract:Blockchain based systems allow various kinds of financial transactions to be executed in a decentralized manner. However, these systems often rely on a trusted third party (oracle) to get correct information about the real-world events, which trigger the financial transactions. In this paper, we identify two biggest challenges in building decentralized, trustless and transparent oracles. The first challenge is acquiring correct information about the real-world events without relying on a trusted information provider. We show how a peer-consistency incentive mechanism can be used to acquire truthful information from an untrusted and self-interested crowd, even when the crowd has outside incentives to provide wrong information. The second is a system design and implementation challenge. For the first time, we show how to implement a trustless and transparent oracle in Ethereum. We discuss various non-trivial issues that arise in implementing peer-consistency mechanisms in Ethereum, suggest several optimizations to reduce gas cost and provide empirical analysis.

Artificial Intelligence,Cryptography and Security,Computer Science and Game Theory

Andreas Lindner,Roberto Guanciale,Roberto Metere

DOI: https://doi.org/10.1016/j.scico.2019.01.001

2019-01-17

Abstract:Verification of microkernels, device drivers, and crypto routines requires analyses at the binary level. In order to automate these analyses, in the last years several binary analysis platforms have been introduced. These platforms share a common design: the adoption of hardware-independent intermediate representations, a mechanism to translate architecture dependent code to this representation, and a set of architecture independent analyses that process the intermediate representation. The usage of these platforms to verify software introduces the need for trusting both the correctness of the translation from binary code to intermediate language (called transpilation) and the correctness of the analyses. Achieving a high degree of trust is challenging since the transpilation must handle (i) all the side effects of the instructions, (ii) multiple instruction encodings (e.g. ARM Thumb), and (iii) variable instruction length (e.g. Intel). Similarly, analyses can use complex transformations (e.g. loop unrolling) and simplifications (e.g. partial evaluation) of the artifacts, whose bugs can jeopardize correctness of the results. We overcome these problems by developing a binary analysis platform on top of the interactive theorem prover HOL4. First, we formally model a binary intermediate language and we prove correctness of several supporting tools (i.e. a type checker). Then, we implement two proof-producing transpilers, which respectively translate ARMv8 and CortexM0 programs to the intermediate language and generate a certificate. This certificate is a HOL4 proof demonstrating correctness of the translation. As demonstrating analysis, we implement a proof-producing weakest precondition generator, which can be used to verify that a given loop-free program fragment satisfies a contract. Finally, we use an AES encryption implementation to benchmark our platform.

Programming Languages,Cryptography and Security,Logic in Computer Science

Lili Chen,Rui Yuan,Yubin Xia

DOI: https://doi.org/10.1109/jcc53141.2021.00016

2021-01-01

Abstract:Smart Contracts cannot get external data directly due to the closure and determinacy of blockchain itself, limiting the extensibility of blockchain applications. Oracle is proposed to serve as a data feed to offer authenticated and deterministic external data to smart contracts. However, existing centralized oracles are efficient but vulnerable to targeted attacks and suffering from a single point of failure, while existing decentralized oracles are inefficient. The paper presents a trusted blockchain oracle based on a decentralized Trusted Execution Environment (TEE) network called Tora, which embraces both efficiency and availability. The key of Tora is a hybrid consensus mechanism with the confidential available group selection based on Proof-of-Availability (PoA). We have implemented a prototype of Tora on Ethereum with Intel Software Guard eXtensions (SGX) and evaluated it with a data-fetch use case on different measurements, including gas costs, off-chain execution time, group selection results and throughput. The results show that Tora provides considerable efficiency and scalability.

Shayan Eskandari,Mehdi Salehi,Wanyun Catherine Gu,Jeremy Clark

DOI: https://doi.org/10.1145/3479722.3480994

2021-09-03

Abstract:One fundamental limitation of blockchain-based smart contracts is that they execute in a closed environment. Thus, they only have access to data and functionality that is already on the blockchain, or is fed into the blockchain. Any interactions with the real world need to be mediated by a bridge service, which is called an oracle. As decentralized applications mature, oracles are playing an increasingly prominent role. With their evolution comes more attacks, necessitating greater attention to their trust model. In this systemization of knowledge paper (SoK), we dissect the design alternatives for oracles, showcase attacks, and discuss attack mitigation strategies.

Cryptography and Security,Systems and Control

Runhua Xu,Chao Li,James Joshi

DOI: https://doi.org/10.1109/tdsc.2022.3179698

2022-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Increasingly, information systems rely on computational, storage, and network resources deployed in third-party facilities such as cloud centers and edge nodes. Such an approach further exacerbates cybersecurity concerns constantly raised by numerous incidents of security and privacy attacks resulting in data leakage and identity theft, among others. These have, in turn, forced the creation of stricter security and privacy-related regulations and have eroded the trust in cyberspace. In particular, security-related services and infrastructures, such as Certificate Authorities (CAs) that provide digital certificate services and Third-Party Authorities (TPAs) that provide cryptographic key services, are critical components for establishing trust in crypto-based privacy-preserving applications and services. To address such trust issues, various transparency frameworks and approaches have been recently proposed in the literature. This article proposes TAB framework that provides transparency and trustworthiness of third-party authority and third-party facilities using blockchain techniques for emerging crypto-based privacy-preserving applications. TAB employs the Ethereum blockchain as the underlying public ledger and also includes a novel smart contract to automate accountability with an incentive mechanism that motivates users to participate in auditing, and punishes unintentional or malicious behaviors. We implement TAB and show through experimental evaluation in the Ethereum official test network, Rinkeby, that the framework is efficient. We also formally show the security guarantee provided by TAB, and analyze the privacy guarantee and trustworthiness it provides.

computer science, information systems, software engineering, hardware & architecture

Jingya Dong,Chunhe Song,Yong Sun,Tao Zhang

DOI: https://doi.org/10.1109/tifs.2023.3318961

IF: 7.231

2023-10-10

IEEE Transactions on Information Forensics and Security

Abstract:Blockchain, which originated with the Bitcoin system, has drawn intense attention because of its decentralization, persistence, and anonymity. The execution environment of blockchain is isolated from the external world and requires "blockchain oracles": agents that fetch information from the outside world. However, there is always the risk of oracles providing corrupt, malicious, or inaccurate data. To overcome this issue, this paper analyses the existing oracle working patterns, then introduces a decentralized autonomous oracle network (DAON) and its consensus protocol and noninteractive reputation maintenance and payment scheme. Meanwhile, the reputation and security monitoring services of DAON are designed to ensure the DAON provide trustworthy data services in a complex byzantine environment. The proposed method is verified by experiments on three applications. Using the proposed network, smart contracts on future blockchains could have reliable, tamper-proof inputs and outputs.

computer science, theory & methods,engineering, electrical & electronic

Xueying Zeng,Youquan Xian,Chunpei Li,Zhengdong Hu,Aoxiang Zhou,Peng Liu

2024-11-18

Abstract:Blockchain technology ensures secure and trustworthy data flow between multiple participants on the chain, but interoperability of on-chain and off-chain data has always been a difficult problem that needs to be solved. To solve the problem that blockchain systems cannot access off-chain data, oracle is introduced. However, existing research mainly focuses on the consistency and integrity of data, but ignores the problem that oracle nodes may be externally attacked or provide false data for selfish motives, resulting in the unresolved problem of data accuracy. In this paper, we introduce a new Decentralized Testing architecture (DecTest) that aims to improve data accuracy. A blockchain oracle random secret testing mechanism is first proposed to enhance the monitoring and verification of nodes by introducing a dynamic anonymized question-verification committee. Based on this, a comprehensive evaluation incentive mechanism is designed to incentivize honest work performance by evaluating nodes based on their reputation scores. The simulation results show that we successfully reduced the discrete entropy value of the acquired data and the real value of the data by 61.4%.

Cryptography and Security,Distributed, Parallel, and Cluster Computing