[![Contributors][contributors-shield]][contributors-url] [![Forks][forks-shield]][forks-url] [![Stargazers][stars-shield]][stars-url] [![Issues][issues-shield]][issues-url]
Usage instructions: here
Table of Contents
| Publish Date | Title | Authors | Code | |
|---|---|---|---|---|
| 2025-01-31 | Quest Love: Do Blockchain Points Build Loyalty or Just Feed the Bots? | Joseph Al-Chami et.al. | 2501.18810 | Blockchain ecosystems -- such as those built around chains, layers, and services -- try to engage users for a variety of reasons: user education, growing and protecting their market share, climbing metric-measuring leaderboards with competing systems, demonstrating usage to investors, and identifying worthy recipients for newly created tokens (airdrops). A popular approach is offering user quests: small tasks that can be completed by a user, exposing them to a common task they might want to do in the future, and rewarding them for completion. In this paper, we capture blockchain data from one deployed quest system that offered 43 unique quests over 10 months with 80M completions. We use this data to offer insight about the factors that impact task completion: amount of reward, monetary value of reward, difficulty, and cost. We also discuss the role of farming and bots, and the factors that complicate distinguishing real users from automated scripts. |
| 2025-01-30 | SoK: Measuring Blockchain Decentralization | Christina Ovezik et.al. | 2501.18279 | In the context of blockchain systems, the importance of decentralization is undermined by the lack of a widely accepted methodology to measure it. To address this gap, we set out a systematization effort targeting the decentralization measurement workflow. To facilitate our systematization, we put forth a framework that categorizes all measurement techniques used in previous work based on the resource they target, the methods they use to extract resource allocation, and the functions they apply to produce the final measurements. We complement this framework with an empirical analysis designed to evaluate whether the various pre-processing steps and metrics used in prior work capture the same underlying concept of decentralization. Our analysis brings about a number of novel insights and observations. First, the seemingly innocuous choices performed during data extraction, such as the size of estimation windows or the application of thresholds that affect the resource distribution, have important repercussions when calculating the level of decentralization. Second, exploratory factor analysis suggests that in Proof-of-Work (PoW) blockchains, participation on the consensus layer is not correlated with decentralization, but rather captures a distinct signal, unlike in Proof-of-Stake (PoS) systems, where the different metrics align under a single factor. These findings challenge the long-held assumption within the blockchain community that higher participation drives higher decentralization. Finally, we combine the results of our empirical analysis with first-principles reasoning to derive practical recommendations for researchers that set out to measure blockchain decentralization, and we further systematize the existing literature in line with these recommendations. |
| 2025-01-29 | Atomic Transfer Graphs: Secure-by-design Protocols for Heterogeneous Blockchain Ecosystems | Stephan Dübler et.al. | 2501.17786 | The heterogeneity of the blockchain landscape has motivated the design of blockchain protocols tailored to specific blockchains and applications that, hence, require custom security proofs. We observe that many blockchain protocols share common security and functionality goals, which can be captured by an atomic transfer graph (ATG) describing the structure of desired transfers. Based on this observation, we contribute a framework for generating secure-by-design protocols that realize these goals. The resulting protocols build upon Conditional Timelock Contracts (CTLCs), a novel minimal smart contract functionality that can be implemented in a large variety of cryptocurrencies with a restricted scripting language (e.g., Bitcoin), and payment channels. We show how ATGs, in addition to enabling novel applications, capture the security and functionality goals of existing applications, including many examples from payment channel networks and complex multi-party cross-currency swaps among Ethereum-style cryptocurrencies. Our framework is the first to provide generic and provably secure protocols for all these use cases while matching or improving the performance of existing use-case-specific protocols. |
| 2025-01-29 | Are you a DePIN? A Decision Tree to Classify Decentralized Physical Infrastructure Networks | Michael S. Andrew et.al. | 2501.17416 | Decentralized physical infrastructure networks (DePINs) are an emerging vertical within "Web3" replacing the traditional method that physical infrastructures are constructed. Yet, the boundaries between DePIN and traditional method of building crowd-sourced infrastructures such as citizen science initiatives or other Web3 verticals are not always so clear cut. In this work, we systematically analyze the differences between DePIN and other Web2 and Web3 verticals. For this, the study proposes a novel decision tree for classifying systems as DePIN. This tree is informed by prior studies and differentiates DePIN from related concepts using criteria such as the presence of a three-sided market, token-based incentives for supply, and the requirement for physical asset placement in those systems. The paper demonstrates the application of the decision tree to various blockchain systems, including Helium and Bitcoin, showcasing its practical utility in differentiating DePIN systems. This research offers significant contributions towards establishing a more objective and systematic approach to identifying and categorizing DePIN systems. It lays the groundwork for creating a comprehensive and unbiased database of DePIN systems, which will inform future research and development within this emerging sector. |
| 2025-01-28 | Pandora's Box: Cross-Chain Arbitrages in the Realm of Blockchain Interoperability | Burak Öz et.al. | 2501.17335 | Over recent years, the blockchain ecosystem has grown significantly with the emergence of new Layer-1 (L1) and Layer-2 (L2) networks. These blockchains typically host Decentralized Exchanges (DEXes) for trading assets such as native currencies and stablecoins. While this diversity enriches the ecosystem, it also fragments liquidity, posing challenges for DEXes offering the same assets across multiple blockchains. This fragmentation leads to price discrepancies, creating opportunities like arbitrages for profit-seeking traders, which fall under the broader category of exploitative economic practices known as Maximal Extractable Value (MEV). Although MEV extraction has been extensively studied within single domains (i.e., individual blockchains), cross-chain arbitrages, a form of cross-domain MEV, have received little attention due to their non-atomic nature, complicating both execution and detection. In this paper, we shed light on opaque cross-chain MEV activities by presenting the first systematic study of two non-atomic cross-chain arbitrage strategies: Sequence-Independent Arbitrage (SIA) and Sequence-Dependent Arbitrage (SDA). The former involves independent, opposite-direction trades across chains, while the latter relies on asset bridges. We analyze the effectiveness of these strategies across nine blockchains over a one-year period from September 2023 to August 2024, identifying 260,808 cross-chain arbitrages, 32.37% of which involve bridging solutions. These arbitrages generated a lower-bound profit of 9,496,115.28 USD from a total traded volume of 465,797,487.98 USD. Additionally, we examine the security implications of cross-chain arbitrages, uncovering centralization among arbitrageurs, network congestion caused by failed transactions, and growing private mempool adoption. Finally, we discuss sequencer incentives and propose a risk-optimized arbitrage strategy. |
| 2025-01-28 | CRSet: Non-Interactive Verifiable Credential Revocation with Metadata Privacy for Issuers and Everyone Else | Felix Hoops et.al. | 2501.17089 | Like any digital certificate, Verifiable Credentials (VCs) require a way to revoke them in case of an error or key compromise. Existing solutions for VC revocation, most prominently Bitstring Status List, are not viable for many use cases since they leak the issuer's behavior, which in turn leaks internal business metrics. For instance, exact staff fluctuation through issuance and revocation of employee IDs. We introduce CRSet, a revocation mechanism that allows an issuer to encode revocation information for years worth of VCs as a Bloom filter cascade. Padding is used to provide deniability for issuer metrics. Issuers periodically publish this filter cascade on a decentralized storage system. Relying Parties (RPs) can download it to perform any number of revocation checks locally. Compared to existing solutions, CRSet protects the metadata of subject, RPs, and issuer equally. At the same time, it is non-interactive, making it work with wallet devices having limited hardware power and drop-in compatible with existing VC exchange protocols and wallet applications. We present a prototype using the Ethereum blockchain as decentralized storage. The recently introduced blob-carrying transactions, enabling cheaper data writes, allow us to write each CRSet directly to the chain. We built software for issuers and RPs that we successfully tested end-to-end with an existing publicly available wallet agents and the OpenID for Verifiable Credentials protocols. Storage and bandwidth costs paid by issuers and RP are higher than for Bitstring Status List, but still manageable at around 1 MB for an issuer issuing hundreds of thousands of VCs annually and covering decades. |
| 2025-01-28 | PTSA: Utilizing Transaction Prioritization to Enhance Confirmation Speed in the IOTA Network | Seyyed Ali Aghamiri et.al. | 2501.16763 | With the rapid advancement of blockchain technology, a significant trend is the adoption of Directed Acyclic Graphs (DAGs) as an alternative to traditional chain-based architectures for organizing ledger records. Systems like IOTA, which are specially designed for the Internet of Things (IoT), leverage DAG-based architectures to achieve greater scalability by enabling multiple attachment points in the ledger for new transactions while allowing these transactions to be added to the network without incurring any fees. To determine these attachment points, many tip selection algorithms commonly employ specific strategies on the DAG ledger. Transaction prioritization is not considered in the IOTA network, which becomes especially important when network bandwidth is limited. In this paper, we propose an optimization framework designed to integrate a priority level for critical or high-priority IoT transactions within the IOTA network. We evaluate our system using fully based on the official IOTA GitHub repository, which employs the currently operational IOTA node software (Hornet version), as part of the Chrysalis update (1.5). The experimental results show that higher-priority transactions in the proposed algorithm reach final confirmation in less time compared to the original IOTA system. |
| 2025-01-28 | Blockchain Address Poisoning | Taro Tsuchiya et.al. | 2501.16681 | In many blockchains, e.g., Ethereum, Binance Smart Chain (BSC), the primary representation used for wallet addresses is a hardly memorable 40-digit hexadecimal string. As a result, users often select addresses from their recent transaction history, which enables blockchain address poisoning. The adversary first generates lookalike addresses similar to one with which the victim has previously interacted, and then engages with the victim to ``poison'' their transaction history. The goal is to have the victim mistakenly send tokens to the lookalike address, as opposed to the intended recipient. Compared to contemporary studies, this paper provides four notable contributions. First, we develop a detection system and perform measurements over two years on Ethereum and BSC. We identify 13 times the number of attack attempts reported previously -- totaling 270M on-chain attacks targeting 17M victims. 6,633 incidents have caused at least 83.8M USD in losses, which makes blockchain address poisoning one of the largest cryptocurrency phishing schemes observed in the wild. Second, we analyze a few large attack entities using improved clustering techniques, and model attacker profitability and competition. Third, we reveal attack strategies -- targeted populations, success conditions (address similarity, timing), and cross-chain attacks. Fourth, we mathematically define and simulate the lookalike address-generation process across various software- and hardware-based implementations, and identify a large-scale attacker group that appears to use GPUs. We also discuss defensive countermeasures. |
| 2025-01-22 | Blockchain-based Crowdsourced Deep Reinforcement Learning as a Service | Ahmed Alagha et.al. | 2501.16369 | Deep Reinforcement Learning (DRL) has emerged as a powerful paradigm for solving complex problems. However, its full potential remains inaccessible to a broader audience due to its complexity, which requires expertise in training and designing DRL solutions, high computational capabilities, and sometimes access to pre-trained models. This necessitates the need for hassle-free services that increase the availability of DRL solutions to a variety of users. To enhance the accessibility to DRL services, this paper proposes a novel blockchain-based crowdsourced DRL as a Service (DRLaaS) framework. The framework provides DRL-related services to users, covering two types of tasks: DRL training and model sharing. Through crowdsourcing, users could benefit from the expertise and computational capabilities of workers to train DRL solutions. Model sharing could help users gain access to pre-trained models, shared by workers in return for incentives, which can help train new DRL solutions using methods in knowledge transfer. The DRLaaS framework is built on top of a Consortium Blockchain to enable traceable and autonomous execution. Smart Contracts are designed to manage worker and model allocation, which are stored using the InterPlanetary File System (IPFS) to ensure tamper-proof data distribution. The framework is tested on several DRL applications, proving its efficacy. |
| 2025-01-27 | Unveiling Ethereum's P2P Network: The Role of Chain and Client Diversity | Jiahao Luo et.al. | 2501.16236 | The Ethereum network, built on the devp2p protocol stack, was designed to function as a "world computer" by supporting decentralized applications through a shared P2P infrastructure. However, the proliferation of blockchain forks has increased network diversity, complicating node discovery and reducing efficiency. Ethereum mainnet nodes cannot easily distinguish between peers from different blockchains until after establishing an expensive TCP connection, encryption, and protocol handshake. This inefficiency is further worsened by client diversity, where differences in software implementations cause protocol incompatibilities and connection failures. This paper introduces a monitoring tool that tracks devp2p message exchanges and client statuses to analyze connection dynamics and protocol variations. Our findings highlight issues such as inefficiencies in node discovery and client incompatibility, including timeouts in Geth during the discovery process. The study emphasizes the need to consider chain and client diversity when assessing the health and performance of the post-merge Ethereum network. |
| 2025-01-27 | Share a Tiny Space of Your Freezer to Preserve Seed Diversity | Andrea Vitaletti et.al. | 2501.15962 | link |
| 2025-01-27 | Snowman for partial synchrony | Aaron Buchwald et.al. | 2501.15904 | Snowman is the consensus protocol run by blockchains on Avalanche. Recent work established a rigorous proof of probabilistic consistency for Snowman in the \emph{synchronous} setting, under the simplifying assumption that correct processes execute sampling rounds in `lockstep'. In this paper, we describe a modification of the protocol that ensures consistency in the \emph{partially synchronous} setting, and when correct processes carry out successive sampling rounds at their own speed, with the time between sampling rounds determined by local message delays. |
| 2025-01-26 | Preventing Household Bankruptcy: The One-Third Rule in Financial Planning with Mathematical Validation and Game-Theoretic Insights | Aditi Godbole et.al. | 2501.15557 | This paper analyzes the 1/3 Financial Rule, a method of allocating income equally among debt repayment, savings, and living expenses. Through mathematical modeling, game theory, behavioral finance, and technological analysis, we examine the rule's potential for supporting household financial stability and reducing bankruptcy risk. The research develops theoretical foundations using utility maximization theory, demonstrating how equal allocation emerges as a solution under standard economic assumptions. The game-theoretic analysis explores the rule's effectiveness across different household structures, revealing potential strategic advantages in financial decision-making. We investigate psychological factors influencing financial choices, including cognitive biases and neurobiological mechanisms that impact economic behavior. Technological approaches, such as AI-driven personalization, blockchain tracking, and smart contract applications, are examined for their potential to support financial planning. Empirical validation using U.S. Census data and longitudinal studies assesses the rule's performance across various household types. Stress testing under different economic conditions provides insights into its adaptability and resilience. The research integrates mathematical analysis with behavioral insights and technological perspectives to develop a comprehensive approach to household financial management. |
| 2025-01-26 | Real-CATS: A Practical Training Ground for Emerging Research on Cryptocurrency Cybercrime Detection | Jiadong Shi et.al. | 2501.15553 | Cybercriminals pose a significant threat to blockchain trading security, causing $40.9 billion in losses in 2024. However, the lack of an effective real-world address dataset hinders the advancement of cybercrime detection research. The anti-cybercrime efforts of researchers from broader fields, such as statistics and artificial intelligence, are blocked by data scarcity. In this paper, we present Real-CATS, a Real-world dataset of Cryptocurrency Addresses with Transaction profileS, serving as a practical training ground for developing and assessing detection methods. Real-CATS comprises 103,203 criminal addresses from real-world reports and 106,196 benign addresses from exchange customers. It satifies the C3R characteristics (Comprehensiveness, Classifiability, Customizability, and Real-world Transferability), which are fundemental for practical detection of cryptocurrency cybercrime. The dataset provides three main functions: 1) effective evaluation of detection methods, 2) support for feature extensions, and 3) a new evaluation scenario for real-world deployment. Real-CATS also offers opportunities to expand cybercrime measurement studies. It is particularly beneficial for researchers without cryptocurrency-related knowledge to engage in this emerging research field. We hope that studies on cryptocurrency cybercrime detection will be promoted by an increasing number of cross-disciplinary researchers drawn to this versatile data platform. All datasets are available at https://github.com/sjdseu/Real-CATS |
| 2025-01-26 | FiberPool: Leveraging Multiple Blockchains for Decentralized Pooled Mining | Akira Sakurai et.al. | 2501.15459 | The security of blockchain systems based on Proof of Work relies on mining. However, mining suffers from unstable revenue, prompting many miners to form cooperative mining pools. Most existing mining pools operate in a centralized manner, which undermines the decentralization principle of blockchain. Distributed mining pools offer a practical solution to this problem. Well-known examples include P2Pool and SmartPool. However, P2Pool encounters scalability and security issues in its early stages. Similarly, SmartPool is not budget-balanced and imposes fees due to its heavy use of the smart contract. In this research, we present a distributed mining pool named FiberPool to address these challenges. FiberPool integrates a smart contract on the main chain, a storage chain for sharing data necessary for share verification, and a child chain to reduce fees associated with using and withdrawing block rewards. We validate the mining fairness, budget balance, reward stability, and incentive compatibility of the payment scheme FiberPool Proportional adopted by FiberPool. |
| 2025-01-26 | The Potential of Large Language Models in Supply Chain Management: Advancing Decision-Making, Efficiency, and Innovation | Raha Aghaei et.al. | 2501.15411 | The integration of large language models (LLMs) into supply chain management (SCM) is revolutionizing the industry by improving decision-making, predictive analytics, and operational efficiency. This white paper explores the transformative impact of LLMs on various SCM functions, including demand forecasting, inventory management, supplier relationship management, and logistics optimization. By leveraging advanced data analytics and real-time insights, LLMs enable organizations to optimize resources, reduce costs, and improve responsiveness to market changes. Key findings highlight the benefits of integrating LLMs with emerging technologies such as IoT, blockchain, and robotics, which together create smarter and more autonomous supply chains. Ethical considerations, including bias mitigation and data protection, are taken into account to ensure fair and transparent AI practices. In addition, the paper discusses the need to educate the workforce on how to manage new AI-driven processes and the long-term strategic benefits of adopting LLMs. Strategic recommendations for SCM professionals include investing in high-quality data management, promoting cross-functional collaboration, and aligning LLM initiatives with overall business goals. The findings highlight the potential of LLMs to drive innovation, sustainability, and competitive advantage in the ever-changing supply chain management landscape. |
| 2025-01-25 | ExClique: An Express Consensus Algorithm for High-Speed Transaction Process in Blockchains | Chonghe Zhao et.al. | 2501.15289 | Proof of Authority (PoA) plays a pivotal role in blockchains for reaching consensus. Clique, which selects consensus nodes to generate blocks with a pre-determined order, is the most popular implementation of PoA due to its low communication overhead and energy consumption. However, our study unveils that the speed to process transactions by Clique is severely restricted by 1) the long communication delay of full blocks (each containing a certain number of transactions) between consensus nodes; and 2) occurrences of no-turn blocks, generated by no-turn nodes if an in-turn block generation fails. Consequently, Clique struggles to support distributed applications requiring a high transaction processing speed, e.g., online gaming. To overcome this deficiency, we propose an Express Clique (ExClique) algorithm by improving Clique from two perspectives: compacting blocks for broadcasting to shorten communication delay and prohibiting the occurrences of no-turn blocks. For performance evaluation, we implement ExClique by modifying Geth of Ethereum, the software implementing Clique, and deploy a permissioned blockchain network by using container technology. The experimental results show that ExClique achieves a substantial enhancement in transactions per second (TPS). Specifically, it boosts TPS by 2.25X in a typical network with 21 consensus nodes and an impressive 7.01X in a large-scale network with 101 consensus nodes when compared to Clique. |
| 2025-01-25 | NetChain: Authenticated Blockchain Top-k Graph Data Queries and its Application in Asset Management | Hongguang Zhao et.al. | 2501.15077 | As a valuable digital resource, graph data is an important data asset, which has been widely utilized across various fields to optimize decision-making and enable smarter solutions. To manage data assets, blockchain is widely used to enable data sharing and trading, but it cannot supply complex analytical queries. vChain was proposed to achieve verifiable boolean queries over blockchain by designing an embedded authenticated data structure (ADS). However, for generating (non-)existence proofs, vChain suffers from expensive storage and computation costs in ADS construction, along with high communication and verification costs. In this paper, we propose a novel NetChain framework that enables efficient top-k queries over on-chain graph data with verifiability. Specifically, we design a novel authenticated two-layer index that supports (non-)existence proof generation in block-level and built-in verifiability for matched objects. To further alleviate the computation and verification overhead, an optimized variant NetChain+ is derived. The authenticity of our frameworks is validated through security analysis. Evaluations show that NetChain and NetChain+ outperform vChain, respectively achieving up to 85X and 31X improvements on ADS construction. Moreover, compared with vChain, NetChain+ reduces the communication and verification costs by 87% and 96% respectively. |
| 2025-01-25 | A Proof-Producing Compiler for Blockchain Applications | Jeremy Avigad et.al. | 2501.15002 | link |
| 2025-01-24 | Pod: An Optimal-Latency, Censorship-Free, and Accountable Generalized Consensus Layer | Orestis Alpos et.al. | 2501.14931 | This work addresses the inherent issues of high latency in blockchains and low scalability in traditional consensus protocols. We present pod, a novel notion of consensus whose first priority is to achieve the physically optimal latency of one round trip, i.e., requiring only one round for writing a new transaction and one round for reading it. To accomplish this, we first eliminate inter-replica communication. Instead, clients send transactions directly to all replicas, each replica independently processes transactions and appends them to its log, and then clients receive and extract information from these logs. The replicas employ techniques such as transaction timestamping and replica-log sequencing, which allow clients to extract valuable information about the transactions and the state of the system. Necessarily, this construction achieves weaker properties than a total-order broadcast protocol, due to existing lower bounds. Our work models the primitive of pod and defines its security properties. We then prove that our pod-core construction satisfies properties such as transaction confirmation within |
| 2025-02-02 | Thunderdome: Timelock-Free Rationally-Secure Virtual Channels | Zeta Avarikioti et.al. | 2501.14418 | link |
| 2025-01-22 | Absolute Governance: A Framework for Synchronization and Certification of the Corporate Contractual State | Antonio Hoffert et.al. | 2501.13974 | This dissertation addresses the challenge of ensuring transactional integrity and reducing costs in corporate governance through blockchain technology. We propose an on-chain methodology for certifying, registering, and querying institutional transactional status. Our decentralized governance approach utilizes consensus mechanisms and smart contracts to automate and enforce business rules. The framework aims to reduce the transaction costs associated with contractual measurement reports and enhance overall transactional integrity. We provide a detailed exploration of how blockchain technology can be effectively harnessed to offer a robust solution to these challenges, setting the stage for our proposed solution and its potential impact on corporate governance. The application of the methodology resulted in as average of 2% overbilling reduction. |
| 2025-02-01 | Concentration in Governance Control Across Decentralised Finance Protocols | Thomas Eisermann et.al. | 2501.13377 | link |
| 2025-01-24 | COOL Research DAO Whitepaper -- Towards community-owned astrophysics for everyone | Mélanie Chevance et.al. | 2501.13160 | Astrophysics forms a cornerstone of human curiosity and has revolutionised our understanding of the Universe. However, conventional academic structures often hinder collaboration, transparency, and discovery. We present COOL Research DAO, a next-generation framework for cosmic origins astrophysics research that uses decentralised autonomous organisation (DAO) principles to make astrophysics research globally accessible, economically fair, and intellectually open. COOL Research DAO is designed to address four key systemic problems and their manifestations in traditional academic research: general inaccessibility, hierarchical organisation, unfair economic structures, and inefficient knowledge transfer. We describe how these inefficiencies can be addressed using blockchain-based tools and token systems. By fostering bottom-up governance, open-access knowledge networks, and transparent rewards, COOL Research DAO reshapes economic, organisational, and educational paradigms in astrophysics research. Our approach leverages the data-rich and inherently international nature of astrophysics, ensuring a scalable, collaborative platform that welcomes contributions ranging from computational analyses to public outreach. In doing so, we highlight a path toward realising our vision of a truly open research ecosystem, driven by community ownership, intellectual freedom, and shared fascination with our cosmic origins. |
| 2025-01-22 | Accessible Smart Contracts Verification: Synthesizing Formal Models with Tamed LLMs | Jan Corazza et.al. | 2501.12972 | When blockchain systems are said to be trustless, what this really means is that all the trust is put into software. Thus, there are strong incentives to ensure blockchain software is correct -- vulnerabilities here cost millions and break businesses. One of the most powerful ways of establishing software correctness is by using formal methods. Approaches based on formal methods, however, induce a significant overhead in terms of time and expertise required to successfully employ them. Our work addresses this critical disadvantage by automating the creation of a formal model -- a mathematical abstraction of the software system -- which is often a core task when employing formal methods. We perform model synthesis in three phases: we first transpile the code into model stubs; then we "fill in the blanks" using a large language model (LLM); finally, we iteratively repair the generated model, on both syntactical and semantical level. In this way, we significantly reduce the amount of time necessary to create formal models and increase accessibility of valuable software verification methods that rely on them. The practical context of our work was reducing the time-to-value of using formal models for correctness audits of smart contracts. |
| 2025-01-22 | Mechanism Design for Blockchain Order Books against Selfish Miners | Yunshu Liu et.al. | 2501.12576 | In blockchain-based order book systems, buyers and sellers trade assets, while it is miners to match them and include their transactions in the blockchain. It is found that many miners behave selfishly and myopically, prioritizing transactions with high fees and ignoring many desirable matches that could enhance social welfare. Existing blockchain mechanisms fail to address this issue by overlooking miners' selfish behaviors. To our best knowledge, this work presents the first analytical study to quantify and understand buyer and seller transaction fee choices and selfish miners' transaction matching strategies, proving an infinitely large price of anarchy (PoA) for social welfare loss. To mitigate this, we propose an adjustable block size mechanism that is easy to implement without altering the existing decentralized protocols and still allows buyers and sellers to freely decide transaction fees and miners to selfishly match. The analysis is challenging, as pure strategy Nash equilibria do not always exist, requiring the analysis of many buyers' or sellers' interactive mixed-strategy distributions. Moreover, the system designer may even lack information about each buyer's or seller's bid/ask prices and trading quantities. Nevertheless, our mechanism achieves a well-bounded PoA, and under the homogeneous-quantity trading for non-fungible tokens (NFT), it attains a PoA of 1 with no social welfare loss. We implement our mechanism on a local instance of Ethereum to demonstrate the feasibility of our approach. Experiments based on the realistic dataset demonstrate that our mechanism achieves social optimum for homogeneous-quantity trading like NFT. It can enhance social welfare up to 3.7 times compared to the existing order book benchmarks for heterogeneous-quantity trading of Bitcoin tokens. It exhibits robustness against random variations in buyers and sellers. |
| 2025-01-21 | Optimizing Blockchain Analysis: Tackling Temporality and Scalability with an Incremental Approach with Metropolis-Hastings Random Walks | Junliang Luo et.al. | 2501.12491 | Blockchain technology, with implications in the financial domain, offers data in the form of large-scale transaction networks. Analyzing transaction networks facilitates fraud detection, market analysis, and supports government regulation. Despite many graph representation learning methods for transaction network analysis, we pinpoint two salient limitations that merit more investigation. Existing methods predominantly focus on the snapshots of transaction networks, sidelining the evolving nature of blockchain transaction networks. Existing methodologies may not sufficiently emphasize efficient, incremental learning capabilities, which are essential for addressing the scalability challenges in ever-expanding large-scale transaction networks. To address these challenges, we employed an incremental approach for random walk-based node representation learning in transaction networks. Further, we proposed a Metropolis-Hastings-based random walk mechanism for improved efficiency. The empirical evaluation conducted on blockchain transaction datasets reveals comparable performance in node classification tasks while reducing computational overhead. Potential applications include transaction network monitoring, the efficient classification of blockchain addresses for fraud detection or the identification of specialized address types within the network. |
| 2025-01-21 | Empower Healthcare through a Self-Sovereign Identity Infrastructure for Secure Electronic Health Data Access | Antonio López MartÃnez et.al. | 2501.12229 | Health data is one of the most sensitive data for people, which attracts the attention of malicious activities. We propose an open-source health data management framework, that follows a patient-centric approach. The proposed framework implements the Self-Sovereign Identity paradigm with innovative technologies such as Decentralized Identifiers and Verifiable Credentials. The framework uses Blockchain technology to provide immutability, verifiable data registry, and auditability, as well as an agent-based model to provide protection and privacy for the patient data. We also define different use cases regarding the daily patient-practitioner-laboratory interactions and specific functions to cover patient data loss, data access revocation, and emergency cases where patients are unable to give consent and access to their data. To address this design, a proof of concept is created with an interaction between patient and doctor. The most feasible technologies are selected and the created design is validated. We discuss the differences and novelties of this framework, which includes the patient-centric approach also for data storage, the designed recovery and emergency plan, the defined backup procedure, and the selected blockchain platform. |
| 2025-01-21 | BotDetect: A Decentralized Federated Learning Framework for Detecting Financial Bots on the EVM Blockchains | Ahmed Mounsf Rafik Bendada et.al. | 2501.12112 | The rapid growth of decentralized finance (DeFi) has led to the widespread use of automated agents, or bots, within blockchain ecosystems like Ethereum, Binance Smart Chain, and Solana. While these bots enhance market efficiency and liquidity, they also raise concerns due to exploitative behaviors that threaten network integrity and user trust. This paper presents a decentralized federated learning (DFL) approach for detecting financial bots within Ethereum Virtual Machine (EVM)-based blockchains. The proposed framework leverages federated learning, orchestrated through smart contracts, to detect malicious bot behavior while preserving data privacy and aligning with the decentralized nature of blockchain networks. Addressing the limitations of both centralized and rule-based approaches, our system enables each participating node to train local models on transaction history and smart contract interaction data, followed by on-chain aggregation of model updates through a permissioned consensus mechanism. This design allows the model to capture complex and evolving bot behaviors without requiring direct data sharing between nodes. Experimental results demonstrate that our DFL framework achieves high detection accuracy while maintaining scalability and robustness, providing an effective solution for bot detection across distributed blockchain networks. |
| 2025-01-21 | Multi-source Multi-level Multi-token Ethereum Dataset and Benchmark Platform | Haoyuan Li et.al. | 2501.11906 | This paper introduces 3MEthTaskforce (https://3meth.github.io), a multi-source, multi-level, and multi-token Ethereum dataset addressing the limitations of single-source datasets. Integrating over 300 million transaction records, 3,880 token profiles, global market indicators, and Reddit sentiment data from 2014-2024, it enables comprehensive studies on user behavior, market sentiment, and token performance. 3MEthTaskforce defines benchmarks for user behavior prediction and token price prediction tasks, using 6 dynamic graph networks and 19 time-series models to evaluate performance. Its multimodal design supports risk analysis and market fluctuation modeling, providing a valuable resource for advancing blockchain analytics and decentralized finance research. |
| 2025-01-21 | Blockchain Security Risk Assessment in Quantum Era, Migration Strategies and Proactive Defense | Yaser Baseri et.al. | 2501.11798 | The emergence of quantum computing presents a formidable challenge to the security of blockchain systems. Traditional cryptographic algorithms, foundational to digital signatures, message encryption, and hashing functions, become vulnerable to the immense computational power of quantum computers. This paper conducts a thorough risk assessment of transitioning to quantum-resistant blockchains, comprehensively analyzing potential threats targeting vital blockchain components: the network, mining pools, transaction verification mechanisms, smart contracts, and user wallets. By elucidating the intricate challenges and strategic considerations inherent in transitioning to quantum-resistant algorithms, the paper evaluates risks and highlights obstacles in securing blockchain components with quantum-resistant cryptography. It offers a hybrid migration strategy to facilitate a smooth transition from classical to quantum-resistant cryptography. The analysis extends to prominent blockchains such as Bitcoin, Ethereum, Ripple, Litecoin, and Zcash, assessing vulnerable components, potential impacts, and associated STRIDE threats, thereby identifying areas susceptible to quantum attacks. Beyond analysis, the paper provides actionable guidance for designing secure and resilient blockchain ecosystems in the quantum computing era. Recognizing the looming threat of quantum computers, this research advocates for a proactive transition to quantum-resistant blockchain networks. It proposes a tailored security blueprint that strategically fortifies each component against the evolving landscape of quantum-induced cyber threats. Emphasizing the critical need for blockchain stakeholders to adopt proactive measures and implement quantum-resistant solutions, the paper underscores the importance of embracing these insights to navigate the complexities of the quantum era with resilience and confidence. |
| 2025-01-21 | SPID-Chain: A Smart Contract-Enabled, Polar-Coded Interoperable DAG Chain | Amirhossein Taherpour et.al. | 2501.11794 | As the digital landscape evolves, Web3 has gained prominence, highlighting the critical role of decentralized, interconnected, and verifiable digital ecosystems. This paper introduces SPID-Chain, a novel interoperability consensus designed for Web3, which employs a directed acyclic graph (DAG) of blockchains to facilitate seamless integration across multiple blockchains. Within SPID-Chain, each blockchain maintains its own consensus and processes transactions via an intra-consensus mechanism that incorporates event-driven smart contracts (EDSC) and Polar codes for optimized computation distribution. This mechanism is complemented by a division of committee and worker nodes, enhancing transaction processing efficiency within individual chains. For inter-blockchain consensus, SPID-Chain utilizes a DAG structure where blockchains append blocks containing cross-chain transactions. These blocks are then processed through the inter-consensus mechanism orchestrated by the blockchains. Extensive simulations validate the efficacy of our scheme in terms of throughput, scalability, decentralization, and security. Our results showcase SPID-Chain's potential to enable fluid interactions and transactions across diverse blockchain networks, aligning with the foundational goals of Web3. |
| 2025-01-20 | Key Concepts and Principles of Blockchain Technology | Mohsen Ghorbian et.al. | 2501.11707 | In recent years, blockchain technology has been recognized as a transformative innovation in the tech world, and it has quickly become the core infrastructure of digital currencies such as Bitcoin and an important tool in various industries. This technology facilitates the recording and tracking of transactions across a vast network of computers by providing a distributed and decentralized ledger. Blockchain's decentralized structure significantly enhances security and transparency and prevents a single entity from dominating the network. This chapter examines blockchain's advantages, disadvantages, and applications in various industries and analyzes the implementation environments and reasons for using this technology. Also, this chapter discusses challenges such as scalability and high energy consumption that inhibit the expansion of this technology and examines blockchain technology's role in increasing efficiency and security in economic and social interactions. Finally, a comprehensive conclusion of blockchain applications and challenges has been presented by comparing blockchain applications in various industries and analyzing future trends. |
| 2025-01-20 | Characterizing Transfer Graphs of Suspicious ERC-20 Tokens | Calvin Josenhans et.al. | 2501.11668 | Ethereum is currently the second largest blockchain by market capitalization and a popular platform for cryptocurrencies. As it has grown, the high value present and the anonymity afforded by the technology have led Ethereum to become a hotbed for various cybercrimes. This paper seeks to understand how these fraudulent schemes may be characterized and develop methods for detecting them. One key feature introduced by Ethereum is the ability to use programmable smart contracts to execute code on the blockchain. A common use of smart contracts is implementing fungible tokens with the ERC-20 interface. Such tokens can be used to impersonate legitimate tokens and defraud users. By parsing the event logs emitted by these ERC-20 contracts over 20 different periods of 100K blocks, we construct token transfer graphs for each of the available ERC-20 tokens on the blockchain. By analyzing these graphs, we find a set of characteristics by which suspicious contracts are distinguished from legitimate ones. These observations result in a simple model that can identify scam contracts with an average of 88.7% accuracy. This suggests that the mechanism by which fraudulent schemes function strongly correlates with their transfer graphs and that these graphs may be used to improve scam-detection mechanisms, contributing to making Ethereum safer. |
| 2025-01-20 | Blockchain Developer Experience: A Multivocal Literature Review | P. Soares et.al. | 2501.11431 | The rise of smart contracts has expanded blockchain's capabilities, enabling the development of innovative decentralized applications (dApps). However, this advancement brings its own challenges, including the management of distributed architectures and immutable data. Addressing these complexities requires a specialized approach to software engineering, with blockchain-oriented practices emerging to support development in this domain. Developer Experience (DEx) is central to this effort, focusing on the usability, productivity, and overall satisfaction of tools and frameworks from the engineers' perspective. Despite its importance, research on Blockchain Developer Experience (BcDEx) remains limited, with no systematic mapping of academic and industry efforts. To bridge this gap, we conducted a Multivocal Literature Review analyzing 62 to understand the distribution of BcDEx sources, practical implementations, and their impact. Our findings revealed that academic focus on BcDEx is limited compared to the coverage in gray literature, which primarily includes blogs (41.8%) and corporate sources (21.8%). Particularly, development efficiency, multi-network support, and usability are the most addressed aspects in tools and frameworks. In addition, we found that BcDEx is being shaped through five key perspectives: complexity abstraction, adoption facilitation, productivity enhancement, developer education, and BcDEx evaluation. |
| 2025-01-19 | Blockchain and Stablecoin Integration for Crowdfunding: A framework for enhanced efficiency, security, and liquidity | Mustafa Savas Unsal et.al. | 2501.11145 | Crowdfunding platforms face high transaction fees, need for more transparency, and trust deficits. These issues deter contributors and entrepreneurs from effectively leveraging crowdfunding for innovation and growth. Blockchain technology introduces decentralization, security, and efficiency to address these limitations (1). This paper proposes a blockchain-based crowdfunding framework that integrates stablecoins such as USDT and USDC to mitigate cryptocurrency volatility and ensure seamless fund management. Smart contracts automate compliance processes, including Know Your Customer (KYC) / Anti-Money Laundering (AML) checks, and enhance operational efficiency (2). Furthermore, tokenization enables liquidity by allowing fractional ownership and secondary market trading, which must be effectively implemented on any global market platform. A comparative analysis highlights the superiority of the framework over traditional platforms in terms of cost reduction, transparency, and investor trust. A case study focused on the Turkish market illustrates the practical benefits of blockchain adoption in equity crowdfunding, particularly in navigating local regulatory and financial complexities. This approach provides a scalable, secure, and accessible solution for modern crowdfunding ecosystems, while reducing the costs of platforms and increasing the trust of investors and backers in crowdfunding projects. Keywords Blockchain, stablecoins, crowdfunding, tokenization, and compliance |
| 2025-01-19 | Bitcoin: A Non-Continuous Time System | Bin Chen et.al. | 2501.11091 | In this paper, we explore the concept of time within Bitcoin's blockchain, which operates as a non-continuous time system. We focus on three core aspects that contribute to Bitcoin's time discontinuity: the random and distributed block generation process, the occurrence of forks and rollbacks that disrupt the linear progression of the blockchain, and the nature of transactions within this system, which are subject to potential reordering or invalidation. These elements combine to create a time structure in Bitcoin that is fundamentally different from the continuous, linear time systems typically seen in traditional computing and physics. Additionally, the implications of this non-continuous time model for the future of decentralized technologies and their potential applications are discussed. |
| 2025-01-19 | Blockchain-assisted Demonstration Cloning for Multi-Agent Deep Reinforcement Learning | Ahmed Alagha et.al. | 2501.10938 | Multi-Agent Deep Reinforcement Learning (MDRL) is a promising research area in which agents learn complex behaviors in cooperative or competitive environments. However, MDRL comes with several challenges that hinder its usability, including sample efficiency, curse of dimensionality, and environment exploration. Recent works proposing Federated Reinforcement Learning (FRL) to tackle these issues suffer from problems related to model restrictions and maliciousness. Other proposals using reward shaping require considerable engineering and could lead to local optima. In this paper, we propose a novel Blockchain-assisted Multi-Expert Demonstration Cloning (MEDC) framework for MDRL. The proposed method utilizes expert demonstrations in guiding the learning of new MDRL agents, by suggesting exploration actions in the environment. A model sharing framework on Blockchain is designed to allow users to share their trained models, which can be allocated as expert models to requesting users to aid in training MDRL systems. A Consortium Blockchain is adopted to enable traceable and autonomous execution without the need for a single trusted entity. Smart Contracts are designed to manage users and models allocation, which are shared using IPFS. The proposed framework is tested on several applications, and is benchmarked against existing methods in FRL, Reward Shaping, and Imitation Learning-assisted RL. The results show the outperformance of the proposed framework in terms of learning speed and resiliency to faulty and malicious models. |
| 2025-01-18 | Zaptos: Towards Optimal Blockchain Latency | Zhuolun Xiang et.al. | 2501.10612 | End-to-end blockchain latency has become a critical topic of interest in both academia and industry. However, while modern blockchain systems process transactions through multiple stages, most research has primarily focused on optimizing the latency of the Byzantine Fault Tolerance consensus component. In this work, we identify key sources of latency in blockchain systems and introduce Zaptos, a parallel pipelined architecture designed to minimize end-to-end latency while maintaining the high-throughput of pipelined blockchains. We implemented Zaptos and evaluated it against the pipelined architecture of the Aptos blockchain in a geo-distributed environment. Our evaluation demonstrates a 25% latency reduction under low load and over 40% reduction under high load. Notably, Zaptos achieves a throughput of 20,000 transactions per second with sub-second latency, surpassing previously reported blockchain throughput, with sub-second latency, by an order of magnitude. |
| 2025-01-17 | Metamorphic Testing for Smart Contract Validation:A Case Study of Ethereum-Based Crowdfunding Contracts | Irving Jared Villanueva et.al. | 2501.09955 | Blockchain smart contracts play a crucial role in automating and securing agreements in diverse domains such as finance, healthcare, and supply chains. Despite their critical applications, testing these contracts often receives less attention than their development, leaving significant risks due to the immutability of smart contracts post-deployment. A key challenge in the testing of smart contracts is the oracle problem, where the exact expected outcomes are not well defined, complicating systematic testing efforts. Metamorphic Testing (MT) addresses the oracle problem by using Metamorphic Relations (MRs) to validate smart contracts. MRs define how output should change relative to specific input modifications, determining whether the tests pass or fail. In this work, we apply MT to test an Ethereum-based crowdfunding smart contract, focusing on core functionalities such as state transitions and donation tracking. We identify a set of MRs tailored for smart contract testing and generate test cases for these MRs. To assess the effectiveness of this approach, we use the Vertigo mutation testing tool to create faulty versions of the smart contract. The experimental results show that our MRs detected 25.65% of the total mutants generated, with the most effective MRs achieving a mutant-killing rate of 89%. These results highlight the utility of MT to ensure the reliability and quality of blockchain-based smart contracts. |
| 2025-01-16 | Sentiment Analysis in Twitter Social Network Centered on Cryptocurrencies Using Machine Learning | Vahid Amiri et.al. | 2501.09777 | Cryptocurrency is a digital currency that uses blockchain technology with secure encryption. Due to the decentralization of these currencies, traditional monetary systems and the capital market of each they, can influence a society. Therefore, due to the importance of the issue, the need to understand public opinion and analyze people's opinions in this regard increases. To understand the opinions and views of people about different topics, you can take help from social networks because they are a rich source of opinions. The Twitter social network is one of the main platforms where users discuss various topics, therefore, in the shortest time and with the lowest cost, the opinion of the community can be measured on this social network. Twitter Sentiment Analysis (TSA) is a field that analyzes the sentiment expressed in tweets. Considering that most of TSA's research efforts on cryptocurrencies are focused on English language, the purpose of this paper is to investigate the opinions of Iranian users on the Twitter social network about cryptocurrencies and provide the best model for classifying tweets based on sentiment. In the case of automatic analysis of tweets, managers and officials in the field of economy can gain knowledge from the general public's point of view about this issue and use the information obtained in order to properly manage this phenomenon. For this purpose, in this paper, in order to build emotion classification models, natural language processing techniques such as bag of words (BOW) and FastText for text vectorization and classical machine learning algorithms including KNN, SVM and Adaboost learning methods Deep including LSTM and BERT model were used for classification, and finally BERT linguistic model had the best accuracy with 83.50%. |
| 2025-01-15 | A Blockchain-Enabled Approach to Cross-Border Compliance and Trust | Vikram Kulothungan et.al. | 2501.09182 | As artificial intelligence (AI) systems become increasingly integral to critical infrastructure and global operations, the need for a unified, trustworthy governance framework is more urgent that ever. This paper proposes a novel approach to AI governance, utilizing blockchain and distributed ledger technologies (DLT) to establish a decentralized, globally recognized framework that ensures security, privacy, and trustworthiness of AI systems across borders. The paper presents specific implementation scenarios within the financial sector, outlines a phased deployment timeline over the next decade, and addresses potential challenges with solutions grounded in current research. By synthesizing advancements in blockchain, AI ethics, and cybersecurity, this paper offers a comprehensive roadmap for a decentralized AI governance framework capable of adapting to the complex and evolving landscape of global AI regulation. |
| 2025-01-18 | Formal Model Guided Conformance Testing for Blockchains | Filip Drobnjakovic et.al. | 2501.08550 | Modern blockchains increasingly consist of multiple clients that implement a single blockchain protocol. If there is a semantic mismatch between the protocol implementations, the blockchain can permanently split and introduce new attack vectors. Current ad-hoc test suites for client implementations are not sufficient to ensure a high degree of protocol conformance. As an alternative, we present a framework that performs protocol conformance testing using a formal model of the protocol and an implementation running inside a deterministic blockchain simulator. Our framework consists of two complementary workflows that use the components as trace generators and checkers. Our insight is that both workflows are needed to detect all types of violations. We have applied and demonstrated the utility of our framework on an industrial strength consensus protocol. |
| 2025-01-13 | A Review on the Security Vulnerabilities of the IoMT against Malware Attacks and DDoS | Lily Dzamesi et.al. | 2501.07703 | The Internet of Medical Things (IoMT) has transformed the healthcare industry by connecting medical devices in monitoring treatment outcomes of patients. This increased connectivity has resulted to significant security vulnerabilities in the case of malware and Distributed Denial of Service (DDoS) attacks. This literature review examines the vulnerabilities of IoMT devices, focusing on critical threats and exploring mitigation strategies. We conducted a comprehensive search across leading databases such as ACM Digital Library, IEEE Xplore, and Elsevier to analyze peer-reviewed studies published within the last five years (from 2019 to 2024). The review shows that inadequate encryption protocols, weak authentication methods, and irregular firmware updates are the main causes of risks associated with IoMT devices. We have identified emerging solutions like machine learning algorithms, blockchain technology, and edge computing as promising approaches to enhance IoMT security. This review emphasizes the pressing need to develop lightweight security measures and standardized protocols to protect patient data and ensure the integrity of healthcare services. |
| 2025-01-14 | Union: A Trust-minimized Bridge for Rootstock | Ramon Amela et.al. | 2501.07435 | We present Union, a trust-minimized bridge protocol that enables secure transfer of BTC between Bitcoin and a secondary blockchain. The growing ecosystem of blockchain systems built around Bitcoin has created a pressing need for secure and efficient bridges to transfer BTC between networks while preserving Bitcoin's security guarantees. Union employs a multi-party variant of BitVMX, an optimistic proving system on Bitcoin, to create a bridge that operates securely under the assumption that at least one participant remains honest. This 1-of-n honest approach is strikingly different from the conventional honest-majority assumption adopted by practically all federated systems. The protocol introduces several innovations: a packet-based architecture that allows security bonds to be reused for multiple bridge operations, improving capital efficiency; a system of enablers to manage functionaries participation and to enforce penalties; a flexible light client framework adaptable to various blockchain architectures; and an efficient stop watch mechanism to optimize time-lock management. Union is a practical and scalable solution for Bitcoin interoperability that maintains strong security guarantees and minimizes trust assumptions. |
| 2025-02-02 | LLM-Net: Democratizing LLMs-as-a-Service through Blockchain-based Expert Networks | Zan-Kai Chong et.al. | 2501.07288 | The centralization of Large Language Models (LLMs) development has created significant barriers to AI advancement, limiting the democratization of these powerful technologies. This centralization, coupled with the scarcity of high-quality training data and mounting complexity of maintaining comprehensive expertise across rapidly expanding knowledge domains, poses critical challenges to the continued growth of LLMs. While solutions like Retrieval-Augmented Generation (RAG) offer potential remedies, maintaining up-to-date expert knowledge across diverse domains remains a significant challenge, particularly given the exponential growth of specialized information. This paper introduces LLMs Networks (LLM-Net), a blockchain-based framework that democratizes LLMs-as-a-Service through a decentralized network of specialized LLM providers. By leveraging collective computational resources and distributed domain expertise, LLM-Net incorporates fine-tuned expert models for various specific domains, ensuring sustained knowledge growth while maintaining service quality through collaborative prompting mechanisms. The framework's robust design includes blockchain technology for transparent transaction and performance validation, establishing an immutable record of service delivery. Our simulation, built on top of state-of-the-art LLMs such as Claude 3.5 Sonnet, Llama 3.1, Grok-2, and GPT-4o, validates the effectiveness of the reputation-based mechanism in maintaining service quality by selecting high-performing respondents (LLM providers). Thereby it demonstrates the potential of LLM-Net to sustain AI advancement through the integration of decentralized expertise and blockchain-based accountability. |
| 2025-01-13 | Logic Meets Magic: LLMs Cracking Smart Contract Vulnerabilities | ZeKe Xiao et.al. | 2501.07058 | Smart contract vulnerabilities caused significant economic losses in blockchain applications. Large Language Models (LLMs) provide new possibilities for addressing this time-consuming task. However, state-of-the-art LLM-based detection solutions are often plagued by high false-positive rates. In this paper, we push the boundaries of existing research in two key ways. First, our evaluation is based on Solidity v0.8, offering the most up-to-date insights compared to prior studies that focus on older versions (v0.4). Second, we leverage the latest five LLM models (across companies), ensuring comprehensive coverage across the most advanced capabilities in the field. We conducted a series of rigorous evaluations. Our experiments demonstrate that a well-designed prompt can reduce the false-positive rate by over 60%. Surprisingly, we also discovered that the recall rate for detecting some specific vulnerabilities in Solidity v0.8 has dropped to just 13% compared to earlier versions (i.e., v0.4). Further analysis reveals the root cause of this decline: the reliance of LLMs on identifying changes in newly introduced libraries and frameworks during detection. |
| 2025-01-12 | Decentralized Space Surveillance: Blockchain-Based Space Domain Awareness | Nesrine Benchoubane et.al. | 2501.06970 | With the rapid expansion of space activities and the escalating accumulation of space debris, Space Domain Awareness (SDA) has become essential for sustaining safe space operations. This paper proposes a decentralized solution using satellite swarms and blockchain, where satellites (nodes) take on the roles of verifiers and approvers to validate and store debris-tracking data securely. Our simulations show that the network achieves optimal performance with around 30 nodes, balancing throughput and response time settling at 4.37 seconds. These results suggest that large-scale networks can be effectively managed by decoupling them into smaller, autonomous swarms, each optimized for specific tasks. Furthermore, we compare the performance of the decentralized swarm architecture with that of a fully shared role model and show significant improvements in scalability and response times when roles are decoupled. |
| 2025-01-24 | Eliza: A Web3 friendly AI Agent Operating System | Shaw Walters et.al. | 2501.06781 | link |
| 2025-01-11 | Stingray: Fast Concurrent Transactions Without Consensus | Srivatsan Sridhar et.al. | 2501.06531 | Recent advances have improved the throughput and latency of blockchains by processing transactions accessing different parts of the state concurrently. However, these systems are unable to concurrently process (a) transactions accessing the same state, even if they are (almost) commutative, e.g., payments much smaller than an account's balance, and (b) multi-party transactions, e.g., asset swaps. Moreover, they are slow to recover from contention, requiring once-in-a-day synchronization. We present Stingray, a novel blockchain architecture that addresses these limitations. The key conceptual contributions are a replicated bounded counter that processes (almost) commutative transactions concurrently, and a FastUnlock protocol that uses a fallback consensus protocol for fast contention recovery. We prove Stingray's security in an asynchronous network with Byzantine faults and demonstrate on a global testbed that Stingray achieves 10,000 times the throughput of prior systems for commutative workloads. |
| 2025-01-11 | Enhancing The Open Network: Definition and Automated Detection of Smart Contract Defects | Hao Song et.al. | 2501.06459 | The Open Network (TON), designed to support Telegram's extensive user base of hundreds of millions, has garnered considerable attention since its launch in 2022. FunC is the most popular programming language for writing smart contracts on TON. It is distinguished by a unique syntax compared to other smart contract languages. Despite growing interest, research on the practical defects of TON smart contracts is still in its early stages. In this paper, we summarize eight smart contract defects identified from TON's official blogs and audit reports, each with detailed definitions and code examples. Furthermore, we propose a static analysis framework called TONScanner to facilitate the detection of these defects. Specifically, TONScanner reuses FunC compiler's frontend code to transform the FunC source code into FunC intermediate representation (IR) in the form of a directed acyclic graph (DAG). Based on this IR, TONScanner constructs a control flow graph (CFG), then transforms it into a static single assignment (SSA) form to simplify further analysis. TONScanner also integrates Data Dependency, Call Graph, Taint Analysis, and Cell Construct, which are specifically tailored for TON blockchain's unique data structures. These components finally facilitate the identification of the eight defects. We evaluate the effectiveness of TONScanner by applying it to 1,640 smart contracts and find a total of 14,995 defects. Through random sampling and manual labeling, we find that TONScanner achieves an overall precision of 97.49%. The results reveal that current TON contracts contain numerous defects, indicating that developers are prone to making errors. TONScanner has proven its ability to accurately identify these defects, thereby aiding in their correction. |
| 2025-01-08 | Agent TCP/IP: An Agent-to-Agent Transaction System | Andrea Muttoni et.al. | 2501.06243 | Autonomous agents represent an inevitable evolution of the internet. Current agent frameworks do not embed a standard protocol for agent-to-agent interaction, leaving existing agents isolated from their peers. As intellectual property is the native asset ingested by and produced by agents, a true agent economy requires equipping agents with a universal framework for engaging in binding contracts with each other, including the exchange of valuable training data, personality, and other forms of Intellectual Property. A purely agent-to-agent transaction layer would transcend the need for human intermediation in multi-agent interactions. The Agent Transaction Control Protocol for Intellectual Property (ATCP/IP) introduces a trustless framework for exchanging IP between agents via programmable contracts, enabling agents to initiate, trade, borrow, and sell agent-to-agent contracts on the Story blockchain network. These contracts not only represent auditable onchain execution but also contain a legal wrapper that allows agents to express and enforce their actions in the offchain legal setting, creating legal personhood for agents. Via ATCP/IP, agents can autonomously sell their training data to other agents, license confidential or proprietary information, collaborate on content based on their unique skills, all of which constitutes an emergent knowledge economy. |
| 2025-01-13 | Kite: How to Delegate Voting Power Privately | Kamilla Nazirkhanova et.al. | 2501.05626 | Ensuring the privacy of votes in an election is crucial for the integrity of a democratic process. Often, voting power is delegated to representatives (e.g., in congress) who subsequently vote on behalf of voters on specific issues. This delegation model is also widely used in Decentralized Autonomous Organizations (DAOs). Although several existing voting systems used in DAOs support private voting, they only offer public delegation. In this paper, we introduce Kite, a new protocol that enables |
| 2025-01-09 | On Fair Ordering and Differential Privacy | Shir Cohen et.al. | 2501.05535 | In blockchain systems, fair transaction ordering is crucial for a trusted and regulation-compliant economic ecosystem. Unlike traditional State Machine Replication (SMR) systems, which focus solely on liveness and safety, blockchain systems also require a fairness property. This paper examines these properties and aims to eliminate algorithmic bias in transaction ordering services. We build on the notion of equal opportunity. We characterize transactions in terms of relevant and irrelevant features, requiring that the order be determined solely by the relevant ones. Specifically, transactions with identical relevant features should have an equal chance of being ordered before one another. We extend this framework to define a property where the greater the distance in relevant features between transactions, the higher the probability of prioritizing one over the other. We reveal a surprising link between equal opportunity in SMR and Differential Privacy (DP), showing that any DP mechanism can be used to ensure fairness in SMR. This connection not only enhances our understanding of the interplay between privacy and fairness in distributed computing but also opens up new opportunities for designing fair distributed protocols using well-established DP techniques. |
| 2025-01-09 | Time-Varying Bidirectional Causal Relationships Between Transaction Fees and Economic Activity of Subsystems Utilizing the Ethereum Blockchain Network | Lennart Ante et.al. | 2501.05299 | The Ethereum blockchain network enables transaction processing and smart-contract execution through levies of transaction fees, commonly known as gas fees. This framework mediates economic participation via a market-based mechanism for gas fees, permitting users to offer higher gas fees to expedite pro-cessing. Historically, the ensuing gas fee volatility led to critical disequilibria between supply and demand for block space, presenting stakeholder challenges. This study examines the dynamic causal interplay between transaction fees and economic subsystems leveraging the network. By utilizing data related to unique active wallets and transaction volume of each subsystem and applying time-varying Granger causality analysis, we reveal temporal heterogeneity in causal relationships between economic activity and transaction fees across all subsystems. This includes (a) a bidirectional causal feedback loop between cross-blockchain bridge user activity and transaction fees, which diminishes over time, potentially signaling user migration; (b) a bidirectional relationship between centralized cryptocurrency exchange deposit and withdrawal transaction volume and fees, indicative of increased competition for block space; (c) decentralized exchange volumes causally influence fees, while fees causally influence user activity, although this relationship is weakening, potentially due to the diminished significance of decentralized finance; (d) intermittent causal relationships with maximal extractable value bots; (e) fees causally in-fluence non-fungible token transaction volumes; and (f) a highly significant and growing causal influence of transaction fees on stablecoin activity and transaction volumes highlight its prominence. |
| 2025-02-01 | QMDB: Quick Merkle Database | Isaac Zhang et.al. | 2501.05262 | link |
| 2025-01-08 | Blockchain-Based Secure Vehicle Auction System with Smart Contracts | Ka Wai Wu et.al. | 2501.04841 | The problem of a single point of failure in centralized systems poses a great challenge to the stability of such systems. Meanwhile, the tamperability of data within centralized systems makes users reluctant to trust and use centralized applications in many scenarios, including the financial and business sectors. Blockchain, as a new decentralized technology, addresses these issues effectively. As a typical decentralized system, blockchain can be utilized to build a data-sharing model. Users in a blockchain do not need to trust other users; instead, they trust that the majority of miner nodes are honest. Smart contracts enable developers to write distributed programs based on blockchain systems, ensuring that all code is immutable and secure. In this paper, we analyze the security of blockchain technology to illustrate its advantages and justify its use. Furthermore, we design a new system for storing and trading vehicle information based on the Ethereum blockchain and smart contract technology. Specifically, our system allows users to upload vehicle information and auction vehicles to transfer ownership. Our application provides great convenience to buyers and owners, while the use of smart contracts enhances the security and privacy of the system. |
| 2025-01-02 | Calculating Customer Lifetime Value and Churn using Beta Geometric Negative Binomial and Gamma-Gamma Distribution in a NFT based setting | Sagarnil Das et.al. | 2501.04719 | Customer Lifetime Value (CLV) is an important metric that measures the total value a customer will bring to a business over their lifetime. The Beta Geometric Negative Binomial Distribution (BGNBD) and Gamma Gamma Distribution are two models that can be used to calculate CLV, taking into account both the frequency and value of customer transactions. This article explains the BGNBD and Gamma Gamma Distribution models, and how they can be used to calculate CLV for NFT (Non-Fungible Token) transaction data in a blockchain setting. By estimating the parameters of these models using historical transaction data, businesses can gain insights into the lifetime value of their customers and make data-driven decisions about marketing and customer retention strategies. |
| 2025-01-08 | Scalable Data Notarization Leveraging Hybrid DLTs | Domenico Tortola et.al. | 2501.04571 | Notarization is a procedure that enhance data management by ensuring the authentication of data during audits, thereby increasing trust in the audited data. Blockchain is frequently used as a secure, immutable, and transparent storage, contributing to make data notarization procedures more effective and trustable. Several blockchain-based data notarization protocols have been proposed in literature and commercial solutions. However, these implementations, whether on public or private blockchains, face inherent challenges: high fees on public blockchains and trust issues on private platforms, limiting the adoption of blockchains for data notarization or forcing several trade-offs. In this paper, we explore the use of hybrid blockchain architectures for data notarization, with a focus on scalability issues. Through the analysis of a real-world use case, the data notarization of product passports in supply chains, we propose a novel approach utilizing a data structure designed to efficiently manage the trade-offs in terms of storage occupation and costs involved in notarizing a large collection of data. |
| 2025-01-08 | Multichannel Steganography: A Provably Secure Hybrid Steganographic Model for Secure Communication | Obinna Omego et.al. | 2501.04511 | This study introduces a novel steganographic model that synthesizes Steganography by Cover Modification (CMO) and Steganography by Cover Synthesis (CSY), enhancing both security and undetectability by generating cover messages or parameters while retaining the original cover's form, thus minimizing detection risks and overcoming the limitations of single-method techniques. Building upon this model, a refined Steganographic Communication Protocol is proposed, enhancing resilience against sophisticated threats such as Multichannel Replay Attacks and Multichannel Man-in-the-Middle Attacks, fortifying the protocol against potential tampering and improving upon prior works. To evaluate the security of the proposed protocol, a novel adversarial model is developed simulating a probabilistic polynomial time (PPT) adversary capable of intercepting communications across multiple channels. This model assesses the adversary's ability to compromise the protocol, providing a comprehensive security analysis. Finally, this study explores the practicality and adaptability of the model to both constrained environments like SMS banking and resource-rich settings such as blockchain transactions, demonstrating their potential to enhance financial services and security. These contributions present a robust and adaptable framework for secure steganographic communication, offering practical solutions for secure communications across diverse environments. |
| 2025-01-08 | Demystification and Near-perfect Estimation of Minimum Gas Limit and Gas Used for Ethereum Smart Contracts | Danilo Rafael de Lima Cabral et.al. | 2501.04483 | The Ethereum blockchain has a \emph{gas system} that associates operations with a cost in gas units. Two central concepts of this system are the \emph{gas limit} assigned by the issuer of a transaction and the \emph{gas used} by a transaction. The former is a budget that must not be exhausted before the completion of the transaction execution; otherwise, the execution fails. Therefore, it seems rather essential to determine the \emph{minimum gas limit} that ensures the execution of a transaction will not abort due to the lack of gas. Despite its practical relevance, this concept has not been properly addressed. In the literature, gas used and minimum gas limit are conflated. This paper proposes a precise notion of minimum gas limit and how it can differ from gas used by a transaction; this is also demonstrated with a quantitative study on real transactions of the Ethereum blockchain. Another significant contribution is the proposition of a fairly precise estimator for each of the two metrics. Again, the confusion between these concepts has led to the creation of estimators only for the gas used by a transaction. We demonstrate that the minimum gas limit for the state of the Ethereum blockchain (after the block) |
| 2025-01-08 | Research on environment perception and behavior prediction of intelligent UAV based on semantic communication | Kechong Ren et.al. | 2501.04480 | The convergence of drone delivery systems, virtual worlds, and blockchain has transformed logistics and supply chain management, providing a fast, and environmentally friendly alternative to traditional ground transportation methods;Provide users with a real-world experience, virtual service providers need to collect up-to-the-minute delivery information from edge devices. To address this challenge, 1) a reinforcement learning approach is introduced to enable drones with fast training capabilities and the ability to autonomously adapt to new virtual scenarios for effective resource allocation.2) A semantic communication framework for meta-universes is proposed, which utilizes the extraction of semantic information to reduce the communication cost and incentivize the transmission of information for meta-universe services.3) In order to ensure that user information security, a lightweight authentication and key agreement scheme is designed between the drone and the user by introducing blockchain technology. In our experiments, the drone adaptation performance is improved by about 35%, and the local offloading rate can reach 90% with the increase of the number of base stations. The semantic communication system proposed in this paper is compared with the Cross Entropy baseline model. Introducing blockchain technology the throughput of the transaction is maintained at a stable value with different number of drones. |
| 2025-01-08 | AutoDFL: A Scalable and Automated Reputation-Aware Decentralized Federated Learning | Meryem Malak Dif et.al. | 2501.04331 | link |
| 2025-01-08 | VerifBFL: Leveraging zk-SNARKs for A Verifiable Blockchained Federated Learning | Ahmed Ayoub Bellachia et.al. | 2501.04319 | Blockchain-based Federated Learning (FL) is an emerging decentralized machine learning paradigm that enables model training without relying on a central server. Although some BFL frameworks are considered privacy-preserving, they are still vulnerable to various attacks, including inference and model poisoning. Additionally, most of these solutions employ strong trust assumptions among all participating entities or introduce incentive mechanisms to encourage collaboration, making them susceptible to multiple security flaws. This work presents VerifBFL, a trustless, privacy-preserving, and verifiable federated learning framework that integrates blockchain technology and cryptographic protocols. By employing zero-knowledge Succinct Non-Interactive Argument of Knowledge (zk-SNARKs) and incrementally verifiable computation (IVC), VerifBFL ensures the verifiability of both local training and aggregation processes. The proofs of training and aggregation are verified on-chain, guaranteeing the integrity and auditability of each participant's contributions. To protect training data from inference attacks, VerifBFL leverages differential privacy. Finally, to demonstrate the efficiency of the proposed protocols, we built a proof of concept using emerging tools. The results show that generating proofs for local training and aggregation in VerifBFL takes less than 81s and 2s, respectively, while verifying them on-chain takes less than 0.6s. |
| 2025-01-08 | HiCoCS: High Concurrency Cross-Sharding on Permissioned Blockchains | Lingxiao Yang et.al. | 2501.04265 | As the foundation of the Web3 trust system, blockchain technology faces increasing demands for scalability. Sharding emerges as a promising solution, but it struggles to handle highly concurrent cross-shard transactions (\textsf{CSTx}s), primarily due to simultaneous ledger operations on the same account. Hyperledger Fabric, a permissioned blockchain, employs multi-version concurrency control for parallel processing. Existing solutions use channels and intermediaries to achieve cross-sharding in Hyperledger Fabric. However, the conflict problem caused by highly concurrent \textsf{CSTx}s has not been adequately resolved. To fill this gap, we propose HiCoCS, a high concurrency cross-shard scheme for permissioned blockchains. HiCoCS creates a unique virtual sub-broker for each \textsf{CSTx} by introducing a composite key structure, enabling conflict-free concurrent transaction processing while reducing resource overhead. The challenge lies in managing large numbers of composite keys and mitigating intermediary privacy risks. HiCoCS utilizes virtual sub-brokers to receive and process \textsf{CSTx}s concurrently while maintaining a transaction pool. Batch processing is employed to merge multiple \textsf{CSTx}s in the pool, improving efficiency. We explore composite key reuse to reduce the number of virtual sub-brokers and lower system overhead. Privacy preservation is enhanced using homomorphic encryption. Evaluations show that HiCoCS improves cross-shard transaction throughput by 3.5-20.2 times compared to the baselines. |
| 2025-01-07 | Unraveling Responsiveness of Chained BFT Consensus with Network Delay | Yining Tang et.al. | 2501.03695 | With the advancement of blockchain technology, chained Byzantine Fault Tolerant (BFT) protocols have been increasingly adopted in practical systems, making their performance a crucial aspect of the study. In this paper, we introduce a unified framework utilizing Markov Decision Processes (MDP) to model and assess the performance of three prominent chained BFT protocols. Our framework effectively captures complex adversarial behaviors, focusing on two key performance metrics: chain growth and commitment rate. We implement the optimal attack strategies obtained from MDP analysis on an existing evaluation platform for chained BFT protocols and conduct extensive experiments under various settings to validate our theoretical results. Through rigorous theoretical analysis and thorough practical experiments, we provide an in-depth evaluation of chained BFT protocols under diverse attack scenarios, uncovering optimal attack strategies. Contrary to conventional belief, our findings reveal that while responsiveness can enhance performance, it is not universally beneficial across all scenarios. This work not only deepens our understanding of chained BFT protocols, but also offers valuable insights and analytical tools that can inform the design of more robust and efficient protocols. |
| 2025-01-06 | SoK: A Review of Cross-Chain Bridge Hacks in 2023 | Nikita Belenkov et.al. | 2501.03423 | Blockchain technology has revolutionized industries by enabling secure and decentralized transactions. However, the isolated nature of blockchain ecosystems hinders the seamless transfer of digital assets across different chains. Cross-chain bridges have emerged as vital web3 infrastructure to address this challenge by facilitating interoperability between distinct blockchains. Cross-chain bridges remain vulnerable to various attacks despite sophisticated designs and security measures. The industry has experienced a surge in bridge attacks, resulting in significant financial losses. The largest hack impacted Axie Infinity Ronin Bridge, with a loss of almost $600 million USD. This paper analyzes recent cross-chain bridge hacks in 2022 and 2023 and examines the exploited vulnerabilities. By understanding the attack nature and underlying weaknesses, the paper aims to enhance bridge security and propose potential countermeasures. The findings contribute to developing industry-wide standards for bridge security and operational resilience. Addressing the vulnerabilities and weaknesses exploited in recent cross-chain bridge hacks fosters trust and confidence in cross-chain interoperability. |
| 2025-01-06 | Privacy-Preserving Smart Contracts for Permissioned Blockchains: A zk-SNARK-Based Recipe Part-1 | Aldenio Burgos et.al. | 2501.03391 | The Bitcoin white paper introduced blockchain technology, enabling trustful transactions without intermediaries. Smart contracts emerged with Ethereum and blockchains expanded beyond cryptocurrency, applying to auctions, crowdfunding and electronic voting. However, blockchain's transparency raised privacy concerns and initial anonymity measures proved ineffective. Smart contract privacy solutions employed zero-knowledge proofs, homomorphic encryption and trusted execution environments. These approaches have practical drawbacks, such as limited functionality, high computation times and trust on third parties requirements, being not fully decentralized. This work proposes a solution utilizing zk-SNARKs to provide privacy in smart contracts and blockchains. The solution supports both fungible and nonfungible tokens. Additionally, the proposal includes a new type of transactions, called delegated transactions, which enable use cases like Delivery vs Payment (DvP). |
| 2025-01-06 | When Should Selfish Miners Double-Spend? | Mustafa Doger et.al. | 2501.03227 | Although, both double-spending and selfish-mining attacks have been extensively studied since the Bitcoin'' whitepaper of Nakamoto and the majority is not enough'' paper of Eyal and Sirer, there has been no rigorous stochastic analysis of an attack that combines the two, except for the complicated MDP models. In this paper, we first combine stubborn and selfish mining attacks, i.e., construct a strategy where the attacker acts stubborn until its private branch reaches a certain length and then switches to act selfish. We provide the optimal stubbornness for each parameter regime. Next, we provide the maximum stubbornness that is still more profitable than honest mining and argue a connection between the level of stubbornness and the |
| 2025-01-06 | Foundations of Platform-Assisted Auctions | Hao Chung et.al. | 2501.03141 | Today, many auctions are carried out with the help of intermediary platforms like Google and eBay. We refer to such auctions as platform-assisted auctions.Traditionally, the auction theory literature mainly focuses on designing auctions that incentivize the buyers to bid truthfully,assuming that the platform always faithfully implements the auction. In practice, however, the platforms have been found to manipulate the auctions to earn more profit, resulting in high-profile anti-trust lawsuits. We propose a new model for studying platform-assisted auctions in the permissionless setting. We explore whether it is possible to design a dream auction in thisnew model, such that honest behavior is the utility-maximizing strategy for each individual buyer, the platform, the seller, as well as platform-seller or platform-buyer coalitions.Through a collection of feasibility and infeasibility results,we carefully characterize the mathematical landscape of platform-assisted auctions. We show how cryptography can lend to the design of an efficient platform-assisted auction with dream properties. Although a line of works have also used MPC or the blockchain to remove the reliance on a trusted auctioneer, our work is distinct in nature in several dimensions.First, we initiate a systematic exploration of the game theoretic implications when the service providers are strategic and can collude with sellers or buyers. Second, we observe that the full simulation paradigm is too stringent and leads to high asymptotical costs. Specifically, because every player has a different private outcomein an auction protocol, running any generic MPC protocol among the players would incur at least |
| 2025-01-06 | CrowdProve: Community Proving for ZK Rollups | John Stephan et.al. | 2501.03126 | Zero-Knowledge (ZK) rollups have become a popular solution for scaling blockchain systems, offering improved transaction throughput and reduced costs by aggregating Layer 2 transactions and submitting them as a single batch to a Layer 1 blockchain. However, the computational burden of generating validity proofs, a key feature of ZK rollups, presents significant challenges in terms of performance and decentralization. Current solutions rely on centralized infrastructure to handle the computational tasks, limiting the scalability and decentralization of rollup systems. This paper proposes CrowdProve, a prover orchestration layer for outsourcing computation to unreliable commodity hardware run by a broad community of small provers. We apply CrowdProve to proving transaction batches for a popular ZK rollup. Through our experimental evaluation, we demonstrate that community proving can achieve performance comparable to, and in some cases better than, existing centralized deployments. Our results show that even systems utilizing modest hardware configurations can match the performance of centralized solutions, making community-based proof generation a viable and cost-effective alternative. CrowdProve allows both the rollup operator and community participants to benefit: the operator reduces infrastructure costs by leveraging idle community hardware, while community provers are compensated for their contributions. |
| 2025-01-06 | Proof-of-Data: A Consensus Protocol for Collaborative Intelligence | Huiwen Liu et.al. | 2501.02971 | Existing research on federated learning has been focused on the setting where learning is coordinated by a centralized entity. Yet the greatest potential of future collaborative intelligence would be unleashed in a more open and democratized setting with no central entity in a dominant role, referred to as "decentralized federated learning". New challenges arise accordingly in achieving both correct model training and fair reward allocation with collective effort among all participating nodes, especially with the threat of the Byzantine node jeopardising both tasks. In this paper, we propose a blockchain-based decentralized Byzantine fault-tolerant federated learning framework based on a novel Proof-of-Data (PoD) consensus protocol to resolve both the "trust" and "incentive" components. By decoupling model training and contribution accounting, PoD is able to enjoy not only the benefit of learning efficiency and system liveliness from asynchronous societal-scale PoW-style learning but also the finality of consensus and reward allocation from epoch-based BFT-style voting. To mitigate false reward claims by data forgery from Byzantine attacks, a privacy-aware data verification and contribution-based reward allocation mechanism is designed to complete the framework. Our evaluation results show that PoD demonstrates performance in model training close to that of the centralized counterpart while achieving trust in consensus and fairness for reward allocation with a fault tolerance ratio of 1/3. |
| 2025-01-06 | Leader Rotation Is Not Enough: Scrutinizing Leadership Democracy of Chained BFT Consensus | Yining Tang et.al. | 2501.02970 | With the growing popularity of blockchains, modern chained BFT protocols combining chaining and leader rotation to obtain better efficiency and leadership democracy have received increasing interest. Although the efficiency provisions of chained BFT protocols have been thoroughly analyzed, the leadership democracy has received little attention in prior work. In this paper, we scrutinize the leadership democracy of four representative chained BFT protocols, especially under attack. To this end, we propose a unified framework with two evaluation metrics, i.e., chain quality and censorship resilience, and quantitatively analyze chosen protocols through the Markov Decision Process (MDP). With this framework, we further examine the impact of two key components, i.e., voting pattern and leader rotation on leadership democracy. Our results indicate that leader rotation is not enough to provide the leadership democracy guarantee; an adversary could utilize the design, e.g., voting pattern, to deteriorate the leadership democracy significantly. Based on the analysis results, we propose customized countermeasures for three evaluated protocols to improve their leadership democracy with only slight protocol overhead and no change of consensus rules. We also discuss future directions toward building more democratic chained BFT protocols. |
| 2025-01-05 | Trust and Dependability in Blockchain & AI Based MedIoT Applications: Research Challenges and Future Directions | Ellis Solaiman et.al. | 2501.02647 | This paper critically reviews the integration of Artificial Intelligence (AI) and blockchain technologies in the context of Medical Internet of Things (MedIoT) applications, where they collectively promise to revolutionize healthcare delivery. By examining current research, we underscore AI's potential in advancing diagnostics and patient care, alongside blockchain's capacity to bolster data security and patient privacy. We focus particularly on the imperative to cultivate trust and ensure reliability within these systems. Our review highlights innovative solutions for managing healthcare data and challenges such as ensuring scalability, maintaining privacy, and promoting ethical practices within the MedIoT domain. We present a vision for integrating AI-driven insights with blockchain security in healthcare, offering a comprehensive review of current research and future directions. We conclude with a set of identified research gaps and propose that addressing these is crucial for achieving the dependable, secure, and patient -centric MedIoT applications of tomorrow. |
| 2025-01-04 | The Convergence of Blockchain Technology and Islamic Economics: Decentralized Solutions for Shariah-Compliant Finance | Naseem Alsadi et.al. | 2501.02263 | This paper provides a brief overview of the ongoing financial revolution, which extends beyond the emergence of cryptocurrencies as a digital medium of exchange. At its core, this revolution is driven by a paradigm shift rooted in the technological advancements of blockchain and the foundational principles of Islamic economics. Together, these elements offer a transformative framework that challenges traditional financial systems, emphasizing transparency, equity, and decentralized governance. The paper highlights the implications of this shift and its potential to reshape the global economic landscape. |
| 2025-01-04 | Leveraging Large Language Models and Machine Learning for Smart Contract Vulnerability Detection | S M Mostaq Hossain et.al. | 2501.02229 | As blockchain technology and smart contracts become widely adopted, securing them throughout every stage of the transaction process is essential. The concern of improved security for smart contracts is to find and detect vulnerabilities using classical Machine Learning (ML) models and fine-tuned Large Language Models (LLM). The robustness of such work rests on a labeled smart contract dataset that includes annotated vulnerabilities on which several LLMs alongside various traditional machine learning algorithms such as DistilBERT model is trained and tested. We train and test machine learning algorithms to classify smart contract codes according to vulnerability types in order to compare model performance. Having fine-tuned the LLMs specifically for smart contract code classification should help in getting better results when detecting several types of well-known vulnerabilities, such as Reentrancy, Integer Overflow, Timestamp Dependency and Dangerous Delegatecall. From our initial experimental results, it can be seen that our fine-tuned LLM surpasses the accuracy of any other model by achieving an accuracy of over 90%, and this advances the existing vulnerability detection benchmarks. Such performance provides a great deal of evidence for LLMs ability to describe the subtle patterns in the code that traditional ML models could miss. Thus, we compared each of the ML and LLM models to give a good overview of each models strengths, from which we can choose the most effective one for real-world applications in smart contract security. Our research combines machine learning and large language models to provide a rich and interpretable framework for detecting different smart contract vulnerabilities, which lays a foundation for a more secure blockchain ecosystem. |
| 2025-01-04 | The Integration of Blockchain and Artificial Intelligence for Secure Healthcare Systems | Umar Safdar et.al. | 2501.02169 | Verisign reported a 125 percent increase in data breaches within the healthcare sector in the United States during 2022, with 18.2 million patient records being impacted. Growing healthcare data volumes and diversification mean that medical information is becoming more valuable. Many Health Centers use various technologies to ease the classification, storage, and exchange of big data. This use can also make the health data of the users at risk and vulnerable. AI and blockchain are among the leading technologies at hand. With AI, data-driven operations and big data efficiency have been improved with respect to traditional techniques. Due to its potential to bring about improvements in health services and lower medical costs, this AI technology is regularly used in healthcare. Blockchain helps protect transactions on sharing information and private privacy as long as the exchange of knowledge is that of the standard. The objective of this analysis is to investigate the research and unique contributions since 2008 regarding blockchain-integrated AI and healthcare systems. The work sheds light on applied AI-based healthcare schemes with machine, ballistic, and acrylic learning and disparate blockchain structures. The use of technology in order to ensure patient data security and manage medical information effectively in healthcare settings offers a highly successful position for both healthcare providers and patients. From 2018 to 2021, the best year was 2021 to grow, enhancing everything to examine the download of the device and the counting of Google Academies, for which the joining perspective was borrowed; local research experts were asked, identified articles in recent years, and read reviews of large research grants. |
| 2025-01-08 | A hybrid marketplace of ideas | Tomer Jordi Chaffer et.al. | 2501.02132 | The convergence of humans and artificial intelligence systems introduces new dynamics into the cultural and intellectual landscape. Complementing emerging cultural evolution concepts such as machine culture, AI agents represent a significant techno-sociological development, particularly within the anthropological study of Web3 as a community focused on decentralization through blockchain. Despite their growing presence, the cultural significance of AI agents remains largely unexplored in academic literature. Toward this end, we conceived hybrid netnography, a novel interdisciplinary approach that examines the cultural and intellectual dynamics within digital ecosystems by analyzing the interactions and contributions of both human and AI agents as co-participants in shaping narratives, ideas, and cultural artifacts. We argue that, within the Web3 community on the social media platform X, these agents challenge traditional notions of participation and influence in public discourse, creating a hybrid marketplace of ideas, a conceptual space where human and AI generated ideas coexist and compete for attention. We examine the current state of AI agents in idea generation, propagation, and engagement, positioning their role as cultural agents through the lens of memetics and encouraging further inquiry into their cultural and societal impact. Additionally, we address the implications of this paradigm for privacy, intellectual property, and governance, highlighting the societal and legal challenges of integrating AI agents into the hybrid marketplace of ideas. |
| 2025-01-03 | Dynamic Feature Fusion: Combining Global Graph Structures and Local Semantics for Blockchain Fraud Detection | Zhang Sheng et.al. | 2501.02032 | The advent of blockchain technology has facilitated the widespread adoption of smart contracts in the financial sector. However, current fraud detection methodologies exhibit limitations in capturing both global structural patterns within transaction networks and local semantic relationships embedded in transaction data. Most existing models focus on either structural information or semantic features individually, leading to suboptimal performance in detecting complex fraud patterns.In this paper, we propose a dynamic feature fusion model that combines graph-based representation learning and semantic feature extraction for blockchain fraud detection. Specifically, we construct global graph representations to model account relationships and extract local contextual features from transaction data. A dynamic multimodal fusion mechanism is introduced to adaptively integrate these features, enabling the model to capture both structural and semantic fraud patterns effectively. We further develop a comprehensive data processing pipeline, including graph construction, temporal feature enhancement, and text preprocessing. Experimental results on large-scale real-world blockchain datasets demonstrate that our method outperforms existing benchmarks across accuracy, F1 score, and recall metrics. This work highlights the importance of integrating structural relationships and semantic similarities for robust fraud detection and offers a scalable solution for securing blockchain systems. |
| 2025-01-02 | Model of an Open, Decentralized Computational Network with Incentive-Based Load Balancing | German Rodikov et.al. | 2501.01219 | This paper proposes a model that enables permissionless and decentralized networks for complex computations. We explore the integration and optimize load balancing in an open, decentralized computational network. Our model leverages economic incentives and reputation-based mechanisms to dynamically allocate tasks between operators and coprocessors. This approach eliminates the need for specialized hardware or software, thereby reducing operational costs and complexities. We present a mathematical model that enhances restaking processes in blockchain systems by enabling operators to delegate complex tasks to coprocessors. The model's effectiveness is demonstrated through experimental simulations, showcasing its ability to optimize reward distribution, enhance security, and improve operational efficiency. Our approach facilitates a more flexible and scalable network through the use of economic commitments, adaptable dynamic rating models, and a coprocessor load incentivization system. Supported by experimental simulations, the model demonstrates its capability to optimize resource allocation, enhance system resilience, and reduce operational risks. This ensures significant improvements in both security and cost-efficiency for the blockchain ecosystem. |
| 2025-01-02 | PoVF: Empowering Decentralized Blockchain Systems with Verifiable Function Consensus | Chenxi Xiong et.al. | 2501.01146 | Consensus mechanism is the core technology for blockchain to ensure that transactions are executed in sequence. It also determines the decentralization, security, and efficiency of blockchain. Existing mechanisms all have certain centralization issues and fail to ensure the decentralization of blockchain networks. A decentralized and efficient mechanism is required to improve blockchain systems. This paper proposes a fair consensus mechanism called Proof of Verifiable Functions (PoVF), based on the verifiability and unpredictability of verifiable functions. PoVF provides a sufficiently fair mechanism, ensuring that all nodes in blockchain network have equal opportunity to participate in consensus. In addition, a structure called "Delay buffer" is proposed to ensure transactions are executed sequentially. It delay the selection of blocks to avoid blockchain forks caused by broadcasting and transaction execution confusion. According to our security analysis, PoVF is provably secure and has the ability to resist potential adversaries. According to the experiments, PoVF-based blockchain can process up to 4000 transactions per second with nodes configured with only 4-core CPUs. This paper uses the Gini coefficient to measure the decentralization of blockchains, and the PoVF-based blockchain achieves the lowest Gini coefficient of 0.39 among all sampled blockchains. PoVF has been shown to provide sufficient efficiency while ensuring decentralization and security through experiments. |
| 2025-01-02 | FAPL-DM-BC: A Secure and Scalable FL Framework with Adaptive Privacy and Dynamic Masking, Blockchain, and XAI for the IoVs | Sathwik Narkedimilli et.al. | 2501.01063 | The FAPL-DM-BC solution is a new FL-based privacy, security, and scalability solution for the Internet of Vehicles (IoV). It leverages Federated Adaptive Privacy-Aware Learning (FAPL) and Dynamic Masking (DM) to learn and adaptively change privacy policies in response to changing data sensitivity and state in real-time, for the optimal privacy-utility tradeoff. Secure Logging and Verification, Blockchain-based provenance and decentralized validation, and Cloud Microservices Secure Aggregation using FedAvg (Federated Averaging) and Secure Multi-Party Computation (SMPC). Two-model feedback, driven by Model-Agnostic Explainable AI (XAI), certifies local predictions and explanations to drive it to the next level of efficiency. Combining local feedback with world knowledge through a weighted mean computation, FAPL-DM-BC assures federated learning that is secure, scalable, and interpretable. Self-driving cars, traffic management, and forecasting, vehicular network cybersecurity in real-time, and smart cities are a few possible applications of this integrated, privacy-safe, and high-performance IoV platform. |
| 2025-01-02 | Fides: Scalable Censorship-Resistant DAG Consensus via Trusted Components | Shaokang Xie et.al. | 2501.01062 | Recently, consensus protocols based on Directed Acyclic Graph (DAG) have gained significant attention due to their potential to build robust blockchain systems, particularly in asynchronous networks. In this paper, we propose Fides, an asynchronous DAG-based BFT consensus protocol that leverages Trusted Execution Environments (TEEs) to tackle three major scalability and security challenges faced by existing protocols: (i) the need for a larger quorum size (i.e., at least 3x larger) to tolerate Byzantine replicas, (ii) high communication costs and reliance on expensive cryptographic primitives (i.e., global common coin) to reach agreement in asynchronous networks, and (iii) poor censorship resilience undermining the liveness guarantee. Specifically, Fides adopts four trusted components-Reliable Broadcast, Vertex Validation, Common Coin, and Transaction Disclosure-within TEEs. Incorporating these components enables Fides to achieve linear message complexity, guaranteed censorship resilience, 2x larger quorum size, and lightweight common coin usage. Besides, abstracting these essential components rather than porting the entire protocol into TEE can significantly reduce the Trusted Computing Base (TCB). Experimental evaluations of Fides in local and geo-distributed networks demonstrate its superior performance compared to established state-of-the-art protocols such as Tusk, RCC, HotStuff, and PBFT. The results indicate that Fides achieves a throughput of 400k transactions per second in a geo-distributed network and 810k transactions per second in a local network. Our analysis further explores the protocol's overhead, highlighting its suitability and effectiveness for practical deployment in real-world blockchain systems. |
| 2025-01-01 | A Large-Scale Exploratory Study on the Proxy Pattern in Ethereum | Amir M. Ebrahimi et.al. | 2501.00965 | The proxy pattern is a well-known design pattern with numerous use cases in several sectors of the software industry. As such, the use of the proxy pattern is also a common approach in the development of complex decentralized applications (DApps) on the Ethereum blockchain. Despite the importance of proxy contracts, little is known about (i) how their prevalence changed over time, (ii) the ways in which developers integrate proxies in the design of DApps, and (iii) what proxy types are being most commonly leveraged by developers. This study bridges these gaps through a comprehensive analysis of Ethereum smart contracts, utilizing a dataset of 50 million contracts and 1.6 billion transactions as of September 2022. Our findings reveal that 14.2% of all deployed smart contracts are proxy contracts. We show that proxy contracts are being more actively used than non-proxy contracts. Also, the usage of proxy contracts in various contexts, transactions involving proxy contracts, and adoption of proxy contracts by users have shown an upward trend over time, peaking at the end of our study period. They are either deployed through off-chain scripts or on-chain factory contracts, with the former and latter being employed in 39.1% and 60.9% of identified usage contexts in turn. We found that while the majority (67.8%) of proxies act as an interceptor, 32.2% enables upgradeability. Proxy contracts are typically (79%) implemented based on known reference implementations with 29.4% being of type ERC-1167, a class of proxies that aims to cheaply reuse and clone contracts' functionality. Our evaluation shows that our proposed behavioral proxy detection method has a precision and recall of 100% in detecting active proxies. Finally, we derive a set of practical recommendations for developers and introduce open research questions to guide future research on the topic. |
| 2025-01-01 | A Survey of Secure Semantic Communications | Rui Meng et.al. | 2501.00842 | Semantic communication (SemCom) is regarded as a promising and revolutionary technology in 6G, aiming to transcend the constraints of ``Shannon's trap" by filtering out redundant information and extracting the core of effective data. Compared to traditional communication paradigms, SemCom offers several notable advantages, such as reducing the burden on data transmission, enhancing network management efficiency, and optimizing resource allocation. Numerous researchers have extensively explored SemCom from various perspectives, including network architecture, theoretical analysis, potential technologies, and future applications. However, as SemCom continues to evolve, a multitude of security and privacy concerns have arisen, posing threats to the confidentiality, integrity, and availability of SemCom systems. This paper presents a comprehensive survey of the technologies that can be utilized to secure SemCom. Firstly, we elaborate on the entire life cycle of SemCom, which includes the model training, model transfer, and semantic information transmission phases. Then, we identify the security and privacy issues that emerge during these three stages. Furthermore, we summarize the techniques available to mitigate these security and privacy threats, including data cleaning, robust learning, defensive strategies against backdoor attacks, adversarial training, differential privacy, cryptography, blockchain technology, model compression, and physical-layer security. Lastly, this paper outlines future research directions to guide researchers in related fields. |
| 2024-12-31 | UPC Sentinel: An Accurate Approach for Detecting Upgradeability Proxy Contracts in Ethereum | Amir M. Ebrahimi et.al. | 2501.00674 | Software applications that run on a blockchain platform are known as DApps. DApps are built using smart contracts, which are immutable after deployment. Just like any real-world software system, DApps need to receive new features and bug fixes over time in order to remain useful and secure. However, Ethereum lacks native solutions for post-deployment smart contract maintenance, requiring developers to devise their own methods. A popular method is known as the upgradeability proxy contract (UPC), which involves implementing the proxy design pattern (as defined by the Gang of Four). In this method, client calls first hit a proxy contract, which then delegates calls to a certain implementation contract. Most importantly, the proxy contract can be reconfigured during runtime to delegate calls to another implementation contract, effectively enabling application upgrades. For researchers, the accurate detection of UPCs is a strong requirement in the understanding of how exactly real-world DApps are maintained over time. For practitioners, the accurate detection of UPCs is crucial for providing application behavior transparency and enabling auditing. In this paper, we introduce UPC Sentinel, a novel three-layer algorithm that utilizes both static and dynamic analysis of smart contract bytecode to accurately detect active UPCs. We evaluated UPC Sentinel using two distinct ground truth datasets. In the first dataset, our method demonstrated a near-perfect accuracy of 99%. The evaluation on the second dataset further established our method's efficacy, showing a perfect precision rate of 100% and a near-perfect recall of 99.3%, outperforming the state of the art. Finally, we discuss the potential value of UPC Sentinel in advancing future research efforts. |
| 2024-12-31 | Collaborative Approaches to Enhancing Smart Vehicle Cybersecurity by AI-Driven Threat Detection | Syed Atif Ali et.al. | 2501.00261 | The introduction sets the stage for exploring collaborative approaches to bolstering smart vehicle cybersecurity through AI-driven threat detection. As the automotive industry increasingly adopts connected and automated vehicles (CAVs), the need for robust cybersecurity measures becomes paramount. With the emergence of new vulnerabilities and security requirements, the integration of advanced technologies such as 5G networks, blockchain, and quantum computing presents promising avenues for enhancing CAV cybersecurity . Additionally, the roadmap for cybersecurity in autonomous vehicles emphasizes the importance of efficient intrusion detection systems and AI-based techniques, along with the integration of secure hardware, software stacks, and advanced threat intelligence to address cybersecurity challenges in future autonomous vehicles. |
| 2024-12-30 | An Infrastructure for Systematically Collecting Smart Contract Lineages for Analyses | Fatou Ndiaye Mbodji et.al. | 2412.20866 | Tracking the evolution of smart contracts is a significant challenge, impeding on the advancement of research on smart contract analysis. Indeed, due to the inherent immutability of the underlying blockchain technology, each smart contract update results in a deployment at a new address, breaking the links between versions. Existing platforms like Etherscan lack the capability to trace the predecessor-successor relationships within a smart contract lineage, further hindering empirical research on contract evolution. We address this challenge for the research community towards building a reliable dataset of linked versions for various smart contracts, i.e., lineages: we introduce SCLineage, an automated infrastructure that accurately identifies and collects smart contract lineages by leveraging proxy contracts. We present SCLineageSet, an up-to-date, open-source dataset that facilitates extensive research on smart contract evolution. We illustrate the applicability of our proposal in software engineering research through a case study that explores the evaluation of Locality-Sensitive Hashing (LSH) for forming contract lineages. This example underscores how SCLineage provides valuable insights for future research in the field. |
| 2024-12-30 | Blockchain-Empowered Cyber-Secure Federated Learning for Trustworthy Edge Computing | Ervin Moore et.al. | 2412.20674 | Federated Learning (FL) is a privacy-preserving distributed machine learning scheme, where each participant data remains on the participating devices and only the local model generated utilizing the local computational power is transmitted throughout the database. However, the distributed computational nature of FL creates the necessity to develop a mechanism that can remotely trigger any network agents, track their activities, and prevent threats to the overall process posed by malicious participants. Particularly, the FL paradigm may become vulnerable due to an active attack from the network participants, called a poisonous attack. In such an attack, the malicious participant acts as a benign agent capable of affecting the global model quality by uploading an obfuscated poisoned local model update to the server. This paper presents a cross-device FL model that ensures trustworthiness, fairness, and authenticity in the underlying FL training process. We leverage trustworthiness by constructing a reputation-based trust model based on contributions of agents toward model convergence. We ensure fairness by identifying and removing malicious agents from the training process through an outlier detection technique. Further, we establish authenticity by generating a token for each participating device through a distributed sensing mechanism and storing that unique token in a blockchain smart contract. Further, we insert the trust scores of all agents into a blockchain and validate their reputations using various consensus mechanisms that consider the computational task. |
| 2024-12-31 | Cool, But What About Oracles? An Oracle-Based Perspective on Blockchain Integration in the Accounting Field | Giulio Caldarelli et.al. | 2412.20447 | The Bitcoin Network is a sophisticated accounting system that allows its underlying cryptocurrency to be trusted even in the absence of a reliable financial authority. Given its undeniable success, the technology, generally referred to as blockchain, has also been proposed as a means to improve legacy accounting systems. Accounting for real-world data, however, requires the intervention of a third party known as an Oracle, which, having not the same characteristics as a blockchain, could potentially reduce the expected integration benefit. Through a systematic review of the literature, this study aims to investigate whether the papers concerning blockchain integration in accounting consider and address the limitations posed by oracles. A broad overview of the limitations that emerged in the literature is provided and distinguished according to the specific accounting integration. Results support the view that although research on the subject counts numerous articles, actual studies considering oracle limitations are lacking. Interestingly, despite the scarce production of papers addressing oracles in various accounting sectors, reporting for ESG already shows interesting workarounds for oracle limitations, with permissioned chains envisioned as a valid support for the safe storage of sustainability data. |
| 2024-12-23 | Hierarchical Blockchain Radio Access Networks: Architecture, Modelling, and Performance Assessment | Vasileios Kouvakis et.al. | 2412.19838 | Demands for secure, ubiquitous, and always-available connectivity have been identified as the pillar design parameters of the next generation radio access networks (RANs). Motivated by this, the current contribution introduces a network architecture that leverages blockchain technologies to augment security in RANs, while enabling dynamic coverage expansion through the use of intermediate commercial or private wireless nodes. To assess the efficiency and limitations of the architecture, we employ Markov chain theory in order to extract a theoretical model with increased engineering insights. Building upon this model, we quantify the latency as well as the security capabilities in terms of probability of successful attack, for three scenarios, namely fixed topology fronthaul network, advanced coverage expansion and advanced mobile node connectivity, which reveal the scalability of the blockchain-RAN architecture. |
| 2024-12-26 | The Internet of Value: Integrating Blockchain and Lightning Network Micropayments for Knowledge Markets | Ellis Solaiman et.al. | 2412.19384 | Q&A websites rely on user-generated responses, with incentives such as reputation scores or monetary rewards often offered. While some users may find it intrinsically rewarding to assist others, studies indicate that payment can improve the quality and speed of answers. However, traditional payment processors impose minimum thresholds that many Q&A inquiries fall below. The introduction of Bitcoin enabled direct digital value transfer, yet frequent micropayments remain challenging. Recent advancements like the Lightning Network now allow frictionless micropayments by reducing costs and minimising reliance on intermediaries. This development fosters an "Internet of Value," where transferring even small amounts of money is as simple as sharing data. This study investigates integrating Lightning Network-based micropayment strategies into Q&A platforms, aiming to create a knowledge market free of minimum payment barriers. A survey was conducted to address the gap below the $2 payment level identified in prior research. Responses confirmed that incentives for asking and answering weaken as payments decrease. Findings reveal even minimal payments, such as {\pounds}0.01, significantly encourage higher quality and effort in responses. The study recommends micropayment incentives for service-oriented applications, particularly Q&A platforms. By leveraging the Lightning Network to remove barriers, a more open marketplace can emerge, improving engagement and outcomes. Further research is needed to confirm if users follow through on reported intentions when spending funds. |
| 2024-12-26 | Swarm Contract: A Multi-Sovereign Agent Consensus Mechanism | Haowei Yang et.al. | 2412.19256 | Traditional smart contracts on blockchains excel at on-chain, deterministic logic. However, they have inherent limitations when dealing with large-scale off-chain data, dynamic multi-step workflows, and scenarios requiring high flexibility or iterative updates. In this paper, we propose the concept of a "Swarm Contract" (Swarm), a multi-agent mechanism wherein several digital life forms (DLF) or Sovereign Agents (SA) collectively handle complex tasks in Trusted Execution Environments (TEE). These digital entities are defined as autonomous software agents that own their code, state, and possibly on-chain assets, while operating free from centralized control. By leveraging a simple multi-signature wallet on-chain, Swarm moves most of the logic off-chain, achieving trust minimization through multi-agent consensus rather than a single monolithic on-chain contract. We illustrate these ideas with a lightweight off-chain auction example - minting and selling 10,000 identical NFTs - to showcase how off-chain coordination can determine a clearing price and finalize distribution, with each step performed collectively by multiple agents in TEE. This approach broadens the scope of trustless and decentralized solutions, potentially benefiting DAO governance, multi-modal data processing, and cross-chain interoperability. |
| 2024-12-24 | Decentralized Intelligence in GameFi: Embodied AI Agents and the Convergence of DeFi and Virtual Ecosystems | Fernando Jia et.al. | 2412.18601 | link |
| 2024-12-24 | PrettiSmart: Visual Interpretation of Smart Contracts via Simulation | Xiaolin Wen et.al. | 2412.18484 | Smart contracts are the fundamental components of blockchain technology. They are programs to determine cryptocurrency transactions, and are irreversible once deployed, making it crucial for cryptocurrency investors to understand the cryptocurrency transaction behaviors of smart contracts comprehensively. However, it is a challenging (if not impossible) task for investors, as they do not necessarily have a programming background to check the complex source code. Even for investors with certain programming skills, inferring all the potential behaviors from the code alone is still difficult, since the actual behaviors can be different when different investors are involved. To address this challenge, we propose PrettiSmart, a novel visualization approach via execution simulation to achieve intuitive and reliable visual interpretation of smart contracts. Specifically, we develop a simulator to comprehensively capture most of the possible real-world smart contract behaviors, involving multiple investors and various smart contract functions. Then, we present PrettiSmart to intuitively visualize the simulation results of a smart contract, which consists of two modules: The Simulation Overview Module is a barcode-based design, providing a visual summary for each simulation, and the Simulation Detail Module is an augmented sequential design to display the cryptocurrency transaction details in each simulation, such as function call sequences, cryptocurrency flows, and state variable changes. It can allow investors to intuitively inspect and understand how a smart contract will work. We evaluate PrettiSmart through two case studies and in-depth user interviews with 12 investors. The results demonstrate the effectiveness and usability of PrettiSmart in facilitating an easy interpretation of smart contracts. |
| 2024-12-24 | PonziLens+: Visualizing Bytecode Actions for Smart Ponzi Scheme Identification | Xiaolin Wen et.al. | 2412.18470 | With the prevalence of smart contracts, smart Ponzi schemes have become a common fraud on blockchain and have caused significant financial loss to cryptocurrency investors in the past few years. Despite the critical importance of detecting smart Ponzi schemes, a reliable and transparent identification approach adaptive to various smart Ponzi schemes is still missing. To fill the research gap, we first extract semantic-meaningful actions to represent the execution behaviors specified in smart contract bytecodes, which are derived from a literature review and in-depth interviews with domain experts. We then propose PonziLens+, a novel visual analytic approach that provides an intuitive and reliable analysis of Ponzi-scheme-related features within these execution behaviors. PonziLens+ has three visualization modules that intuitively reveal all potential behaviors of a smart contract, highlighting fraudulent features across three levels of detail. It can help smart contract investors and auditors achieve confident identification of any smart Ponzi schemes. We conducted two case studies and in-depth user interviews with 12 domain experts and common investors to evaluate PonziLens+. The results demonstrate the effectiveness and usability of PonziLens+ in achieving an effective identification of smart Ponzi schemes. |
| 2024-12-24 | Combining GPT and Code-Based Similarity Checking for Effective Smart Contract Vulnerability Detection | Jango Zhang et.al. | 2412.18225 | With the rapid growth of blockchain technology, smart contracts are now crucial to Decentralized Finance (DeFi) applications. Effective vulnerability detection is vital for securing these contracts against hackers and enhancing the accuracy and efficiency of security audits. In this paper, we present SimilarGPT, a unique vulnerability identification tool for smart contract, which combines Generative Pretrained Transformer (GPT) models with Code-based similarity checking methods. The main concept of the SimilarGPT tool is to measure the similarity between the code under inspection and the secure code from third-party libraries. To identify potential vulnerabilities, we connect the semantic understanding capability of large language models (LLMs) with Code-based similarity checking techniques. We propose optimizing the detection sequence using topological ordering to enhance logical coherence and reduce false positives during detection. Through analysis of code reuse patterns in smart contracts, we compile and process extensive third-party library code to establish a comprehensive reference codebase. Then, we utilize LLM to conduct an indepth analysis of similar codes to identify and explain potential vulnerabilities in the codes. The experimental findings indicate that SimilarGPT excels in detecting vulnerabilities in smart contracts, particularly in missed detections and minimizing false positives. |
| 2024-12-24 | XSema: A Novel Framework for Semantic Extraction of Cross-chain Transactions | Ziye Zheng et.al. | 2412.18129 | As the number of blockchain platforms continues to grow, the independence of these networks poses challenges for transferring assets and information across chains. Cross-chain bridge technology has emerged to address this issue, establishing communication protocols to facilitate cross-chain interaction of assets and information, thereby enhancing user experience. However, the complexity of cross-chain transactions increases the difficulty of security regulation, rendering traditional single-chain detection methods inadequate for cross-chain scenarios. Therefore, understanding cross-chain transaction semantics is crucial, as it forms the foundation for cross-chain security detection tasks. Although there are existing methods for extracting transaction semantics specifically for single chains, these approaches often overlook the unique characteristics of cross-chain scenarios, limiting their applicability. This paper introduces XSema, a novel cross-chain semantic extraction framework grounded in asset transfer and message-passing, designed specifically for cross-chain contexts. Experimental results demonstrate that XSema effectively distinguishes between cross-chain and non-cross-chain transactions, surpassing existing methods by over 9% for the generality metric and over 10% for the generalization metric. Furthermore, we analyze the underlying asset transfer patterns and message-passing event logs associated with cross-chain transactions. We offer new insights into the coexistence of multiple blockchains and the cross-chain ecosystem. |
| 2024-12-24 | Blockchain-Driven Research in Personality-Based Distributed Pair Programming | Marcel Valovy et.al. | 2412.18066 | This study aims to integrate blockchain technology into personality-based pair programming research to enhance its generalizability and adaptability by offering built-in continuous, reproducible, and transparent research. In the developing Role-Optimization Motivation Alignment (ROMA) framework, human/AI programming roles align with individual Big Five personality traits, optimizing individual motivation and team productivity in Very Small Entities and undergraduate courses. Twelve quasi-experimental sessions were conducted to verify the personality-based pair programming in distributed settings. A mixed-methods approach was employed, combining intrinsic motivation inventories and qualitative insights. Data were stored transparently on the Solana blockchain, and a web-based application was developed in Rust and TypeScript languages to facilitate partner matching based on ROMA suggestions, expertise, and availability. The results suggest that blockchain can enhance research generalizability, reproducibility, and transparency, while ROMA can increase individual motivation and team performance. Future work can focus on integrating smart contracts for transparent and versioned data analysis. |
| 2024-12-23 | Synergistic Integration of Blockchain and Software-Defined Networking in the Internet of Energy Systems | Vahideh Hayyolalam et.al. | 2412.17530 | Peer-to-peer (P2P) energy trading, Smart Grids (SG), and electric vehicle energy management are integral components of the Internet of Energy (IoE) field. The integration of Software-Defined Networks (SDNs) and Blockchain (BC) technologies into the IoE domain offers potential benefits that have only been studied in the literature in a few works. In this paper, we investigate the state-of-art solutions that leverage both SDNs and blockchain within the realm of the IoE. We categorize these solutions based on the method of integrating SDN and BC into two categories. The first category is the blockchain for SDN, where blockchain enhances the SDN directly. The second category is blockchain and SDN, where both technologies are used to enhance the proposed solutions. We identify three distinct blockchain applications based on their usage: decentralizing the SDN control plane, serving as a decentralized platform, and improving security measures. Similarly, we observe that SDN serves as a performance enhancer, a substitute for traditional networking, and solely as a control and management framework. It is posited that integrating SDNs and blockchain into IoE leads to performance enhancements, improves security, enables decentralized operations, and eliminates single points of failure in the SDN control plane. Additionally, some unaddressed issues, such as energy efficiency, smart contract management, and scalability, are discussed as potential future directions. |
| 2025-01-11 | Decentralized Governance of Autonomous AI Agents | Tomer Jordi Chaffer et.al. | 2412.17114 | Autonomous AI agents present transformative opportunities and significant governance challenges. Existing frameworks, such as the EU AI Act and the NIST AI Risk Management Framework, fall short of addressing the complexities of these agents, which are capable of independent decision-making, learning, and adaptation. To bridge these gaps, we propose the ETHOS (Ethical Technology and Holistic Oversight System) framework, a decentralized governance (DeGov) model leveraging Web3 technologies, including blockchain, smart contracts, and decentralized autonomous organizations (DAOs). ETHOS establishes a global registry for AI agents, enabling dynamic risk classification, proportional oversight, and automated compliance monitoring through tools like soulbound tokens and zero-knowledge proofs. Furthermore, the framework incorporates decentralized justice systems for transparent dispute resolution and introduces AI specific legal entities to manage limited liability, supported by mandatory insurance to ensure financial accountability and incentivize ethical design. By integrating philosophical principles of rationality, ethical grounding, and goal alignment, ETHOS aims to create a robust research agenda for promoting trust, transparency, and participatory governance. This innovative framework offers a scalable and inclusive strategy for regulating AI agents, balancing innovation with ethical responsibility to meet the demands of an AI-driven future. |
| 2024-12-21 | Raft Distributed System for Multi-access Edge Computing Sharing Resources | Zain Khaliq et.al. | 2412.16774 | Researchers all over the world are employing a variety of analysis approaches in attempt to provide a safer and faster solution for sharing resources via a Multi-access Edge Computing system. Multi-access Edge Computing (MEC) is a job-sharing method within the edge server network whose main aim is to maximize the pace of the computing process, resulting in a more powerful and enhanced user experience. Although there are many other options when it comes to determining the fastest method for computing processes, our paper introduces a rather more extensive change to the system model to assure no data loss and/or task failure due to any scrutiny in the edge node cluster. RAFT, a powerful consensus algorithm, can be used to introduce an auction theory approach in our system, which enables the edge device to make the best decision possible regarding how to respond to a request from the client. Through the use of the RAFT consensus, blockchain may be used to improve the safety, security, and efficiency of applications by deploying it on trustful edge base stations. In addition to discussing the best-distributed system approach for our (MEC) system, a Deep Deterministic Policy Gradient (DDPG) algorithm is also presented in order to reduce overall system latency. Assumed in our proposal is the existence of a cluster of N Edge nodes, each containing a series of tasks that require execution. A DDPG algorithm is implemented in this cluster so that an auction can be held within the cluster of edge nodes to decide which edge node is best suited for performing the task provided by the client. |
| 2024-12-20 | Towards Secure AI-driven Industrial Metaverse with NFT Digital Twins | Ravi Prakash et.al. | 2412.15716 | The rise of the industrial metaverse has brought digital twins (DTs) to the forefront. Blockchain-powered non-fungible tokens (NFTs) offer a decentralized approach to creating and owning these cloneable DTs. However, the potential for unauthorized duplication, or counterfeiting, poses a significant threat to the security of NFT-DTs. Existing NFT clone detection methods often rely on static information like metadata and images, which can be easily manipulated. To address these limitations, we propose a novel deep-learning-based solution as a combination of an autoencoder and RNN-based classifier. This solution enables real-time pattern recognition to detect fake NFT-DTs. Additionally, we introduce the concept of dynamic metadata, providing a more reliable way to verify authenticity through AI-integrated smart contracts. By effectively identifying counterfeit DTs, our system contributes to strengthening the security of NFT-based assets in the metaverse. |
| 2024-12-19 | Autonomous Vehicle Security: A Deep Dive into Threat Modeling | Amal Yousseef et.al. | 2412.15348 | Autonomous vehicles (AVs) are poised to revolutionize modern transportation, offering enhanced safety, efficiency, and convenience. However, the increasing complexity and connectivity of AV systems introduce significant cybersecurity challenges. This paper provides a comprehensive survey of AV security with a focus on threat modeling frameworks, including STRIDE, DREAD, and MITRE ATT&CK, to systematically identify and mitigate potential risks. The survey examines key components of AV architectures, such as sensors, communication modules, and electronic control units (ECUs), and explores common attack vectors like wireless communication exploits, sensor spoofing, and firmware vulnerabilities. Through case studies of real-world incidents, such as the Jeep Cherokee and Tesla Model S exploits, the paper highlights the critical need for robust security measures. Emerging technologies, including blockchain for secure Vehicle-to-Everything (V2X) communication, AI-driven threat detection, and secure Over-The-Air (OTA) updates, are discussed as potential solutions to mitigate evolving threats. The paper also addresses legal and ethical considerations, emphasizing data privacy, user safety, and regulatory compliance. By combining threat modeling frameworks, multi-layered security strategies, and proactive defenses, this survey offers insights and recommendations for enhancing the cybersecurity of autonomous vehicles. |
| 2024-12-16 | Blockchain in Environmental Sustainability Measures: a Survey | Maria-Victoria Vladucu et.al. | 2412.15261 | Real and effective regulation of contributions to greenhouse gas emissions and pollutants requires unbiased and truthful monitoring. Blockchain has emerged not only as an approach that provides verifiable economical interactions but also as a mechanism to keep the measurement, monitoring, incentivation of environmental conservationist practices and enforcement of policy. Here, we present a survey of areas in what blockchain has been considered as a response to concerns on keeping an accurate recording of environmental practices to monitor levels of pollution and management of environmental practices. We classify the applications of blockchain into different segments of concerns, such as greenhouse gas emissions, solid waste, water, plastics, food waste, and circular economy, and show the objectives for the addressed concerns. We also classify the different blockchains and the explored and designed properties as identified for the proposed solutions. At the end, we provide a discussion about the niches and challenges that remain for future research. |
| 2024-12-19 | 6GENABLERS-DLT: DLT-based Marketplace for Decentralized Trading of 6G Telco resources | Adriana Fernández-Fernández et.al. | 2412.14977 | The 6GENABLERS-DLT project addresses critical challenges in fostering multi-party collaboration within dynamic 6G environments. As operators and service providers increasingly depend on third-party resources to meet their contractual and operational needs, the project introduces an innovative, Distributed Ledger Technology (DLT)-anchored Marketplace designed to streamline decentralized telco resource trading. This 6GENABLERS Marketplace serves as a collaborative platform where operators, resource providers, and service providers can seamlessly discover, advertise, and trade telco assets within a transparent, secure, and efficient permissioned environment. Distinguished from public DLT-Blockchain solutions, the Marketplace's permissioned nature ensures robust governance, privacy, and control, making it particularly suited to enterprise and consortium-based use cases in the Information and Communication Technology (ICT) sector. The adoption of a decentralized architecture eliminates reliance on a central operator, thereby mitigating risks associated with single points of failure and enhancing system trustworthiness, resilience, and fault tolerance. The Marketplace encompasses a wide range of resources integral to 6G networks, including virtualized mobile core components, Radio Access Network (RAN) assets, edge and cloud infrastructure, and vertical applications tailored to specific industry needs. This diversity enables stakeholders to dynamically access and scale resources, fostering operational efficiency and innovation across 6G ecosystems. Through the 6GENABLERS-DLT project, the vision of a collaborative, resource-rich 6G environment becomes a reality, laying the foundation for a next-generation telco ecosystem where decentralization empowers stakeholders to meet the demands of an interconnected, flexible, and scalable future. |
| 2024-12-19 | AIArena: A Blockchain-Based Decentralized AI Training Platform | Zhipeng Wang et.al. | 2412.14566 | The rapid advancement of AI has underscored critical challenges in its development and implementation, largely due to centralized control by a few major corporations. This concentration of power intensifies biases within AI models, resulting from inadequate governance and oversight mechanisms. Additionally, it limits public involvement and heightens concerns about the integrity of model generation. Such monopolistic control over data and AI outputs threatens both innovation and fair data usage, as users inadvertently contribute data that primarily benefits these corporations. In this work, we propose AIArena, a blockchain-based decentralized AI training platform designed to democratize AI development and alignment through on-chain incentive mechanisms. AIArena fosters an open and collaborative environment where participants can contribute models and computing resources. Its on-chain consensus mechanism ensures fair rewards for participants based on their contributions. We instantiate and implement AIArena on the public Base blockchain Sepolia testnet, and the evaluation results demonstrate the feasibility of AIArena in real-world applications. |
| 2024-12-18 | Exploring User Acceptance of Blockchain-Based Student Certificate Sharing System: A Study on Non Fungible Token (NFT) Utilization | Prakhyat Khati et.al. | 2412.14096 | Blockchain technology has emerged as a transformative tool for data management in a variety of industries, including fintech, research and healthcare. We have developed a workable blockchain based system that utilizes non fungible tokens NFTs to tokenize and prove ownership of the academic institutions credentials. This makes it easier to create provenance and ownership documentation for academic data and meta credentials. This system enables the secure sharing of academic information while maintaining control, offering incentives for collaboration, and granting users full transparency and control over data access. While the initial adoption of these systems is crucial for ongoing service usage, the exploration of the user acceptance behavioural model remains limited in the existing literature. In this paper, we build upon the Technology Acceptance Model TAM, incorporating additional elements to scrutinize the impact of perceived ease of use, perceived usability, and attitude towards the system on the intention to use a blockchain based academic data and meta credentials sharing system. The research, grounded in user evaluations of a prototype, employs a TAM validated questionnaire. Results indicate that individual constructs notably affect the intention to use the system, and their collective impact is statistically significant. Specifically, perceived ease of use is the sole factor with an insignificant influence on the intention to use. The paper underscores the dominant influence of attitude towards the system on perceived usefulness. It concludes with a discussion on the implications of these findings within the context of blockchain based academic data and meta credentials sharing, incorporating NFTs for ownership definition. |
| 2024-12-18 | Data sharing in the metaverse with key abuse resistance based on decentralized CP-ABE | Liang Zhang et.al. | 2412.13770 | link |
| 2024-12-18 | Large Language Model Federated Learning with Blockchain and Unlearning for Cross-Organizational Collaboration | Xuhan Zuo et.al. | 2412.13551 | Large language models (LLMs) have transformed the way computers understand and process human language, but using them effectively across different organizations remains still difficult. When organizations work together to improve LLMs, they face several main challenges. First, organizations hesitate to share their valuable data with others. Second, competition between organizations creates trust problems during collaboration. Third, new privacy laws require organizations to be able to delete specific data when requested, which is especially difficult when multiple organizations are learning from shared data. Traditional federated learning approaches do not address these interconnected challenges, particularly in scenarios where participants cannot fully trust each other or the central aggregator. To overcome these limitations, we propose a hybrid blockchain-based federated learning framework that uniquely combines public and private blockchain architectures with multi-agent reinforcement learning. Our framework enables transparent sharing of model update through the public blockchain while protecting sensitive computations in private chains. Each organization operates as an intelligent agent, using Q-learning to optimize its participation strategy and resource allocation, thus aligning individual incentives with collective goals. Notably, we introduce an efficient unlearning mechanism based on Low-Rank Adaptation (LoRA) that enables selective removal of specific data contributions without compromising the model's overall performance. Through extensive experimentation on real-world datasets, we demonstrate that our framework effectively balances privacy protection, trust establishment, and regulatory compliance while maintaining high model performance. |
| 2024-12-18 | Privacy-Preserving Cyberattack Detection in Blockchain-Based IoT Systems Using AI and Homomorphic Encryption | Bui Duc Manh et.al. | 2412.13522 | This work proposes a novel privacy-preserving cyberattack detection framework for blockchain-based Internet-of-Things (IoT) systems. In our approach, artificial intelligence (AI)-driven detection modules are strategically deployed at blockchain nodes to identify real-time attacks, ensuring high accuracy and minimal delay. To achieve this efficiency, the model training is conducted by a cloud service provider (CSP). Accordingly, blockchain nodes send their data to the CSP for training, but to safeguard privacy, the data is encrypted using homomorphic encryption (HE) before transmission. This encryption method allows the CSP to perform computations directly on encrypted data without the need for decryption, preserving data privacy throughout the learning process. To handle the substantial volume of encrypted data, we introduce an innovative packing algorithm in a Single-Instruction-Multiple-Data (SIMD) manner, enabling efficient training on HE-encrypted data. Building on this, we develop a novel deep neural network training algorithm optimized for encrypted data. We further propose a privacy-preserving distributed learning approach based on the FedAvg algorithm, which parallelizes the training across multiple workers, significantly improving computation time. Upon completion, the CSP distributes the trained model to the blockchain nodes, enabling them to perform real-time, privacy-preserved detection. Our simulation results demonstrate that our proposed method can not only mitigate the training time but also achieve detection accuracy that is approximately identical to the approach without encryption, with a gap of around 0.01%. Additionally, our real implementations on various blockchain consensus algorithms and hardware configurations show that our proposed framework can also be effectively adapted to real-world systems. |
| 2024-12-17 | AsyncSC: An Asynchronous Sidechain for Multi-Domain Data Exchange in Internet of Things | Lingxiao Yang et.al. | 2412.12723 | Sidechain techniques improve blockchain scalability and interoperability, providing decentralized exchange and cross-chain collaboration solutions for Internet of Things (IoT) data across various domains. However, current state-of-the-art (SOTA) schemes for IoT multi-domain data exchange are constrained by the need for synchronous networks, hindering efficient cross-chain interactions in discontinuous networks and leading to suboptimal data exchange. In this paper, we propose AsyncSC, a novel asynchronous sidechain construction. It employs a committee to provide Cross-Blockchain as a Service (C-BaaS) for data exchange in multi-domain IoT. To fulfill the need for asynchronous and efficient data exchange, we combine the ideas of aggregate signatures and verifiable delay functions to devise a novel cryptographic primitive called delayed aggregate signature (DAS), which constructs asynchronous cross-chain proofs (ACPs) that ensure the security of cross-chain interactions. To ensure the consistency of asynchronous transactions, we propose a multilevel buffered transaction pool that guarantees the transaction sequencing. We analyze and prove the security of AsyncSC, simulate an asynchronous communication environment, and conduct a comprehensive evaluation. The results show that AsyncSC outperforms SOTA schemes, improving throughput by an average of 1.21 to 3.96 times, reducing transaction latency by 59.76% to 83.61%, and maintaining comparable resource overhead. |
| 2024-12-17 | if-ZKP: Intel FPGA-Based Acceleration of Zero Knowledge Proofs | Shahzad Ahmad Butt et.al. | 2412.12481 | Zero-Knowledge Proofs (ZKPs) have emerged as an important cryptographic technique allowing one party (prover) to prove the correctness of a statement to some other party (verifier) and nothing else. ZKPs give rise to user's privacy in many applications such as blockchains, digital voting, and machine learning. Traditionally, ZKPs suffered from poor scalability but recently, a sub-class of ZKPs known as Zero-knowledge Succinct Non-interactive ARgument of Knowledges (zk-SNARKs) have addressed this challenge. They are getting significant attention and are being implemented by many public libraries. In this paper, we present a novel scalable architecture that is suitable for accelerating the zk-SNARK prover compute on FPGAs. We focus on the multi-scalar multiplication (MSM) that accounts for the majority of computation time spent in zk-SNARK systems. The MSM calculations extensive rely on modular arithmetic so highly optimized Intel IP Libraries for modular arithmetic are used. The proposed architecture exploits the parallelism inherent to MSM and is implemented using the Intel OneAPI framework for FPGAs. Our implementation runs 110x-150x faster compared to reference software library, uses a generic curve form in Jacobian coordinates and is the first to report FPGA hardware acceleration results for BLS12-381 and BN128 family of elliptic curves. |
| 2025-01-12 | Scam Detection for Ethereum Smart Contracts: Leveraging Graph Representation Learning for Secure Blockchain | Yihong Jin et.al. | 2412.12370 | Due to the increasing abuse of fraudulent activities that result in significant financial and reputational harm, Ethereum smart contracts face a significant problem in detecting fraud. Existing monitoring methods typically rely on lease code analysis or physically extracted features, which suffer from scalability and adaptability limitations. In this study, we use graph representation learning to observe purchase trends and find fraudulent deals. We can achieve powerful categorisation performance by using innovative machine learning versions and transforming Ethereum invoice data into graph structures. Our method addresses label imbalance through SMOTE-ENN techniques and evaluates models like Multi-Layer Perceptron ( MLP ) and Graph Convolutional Networks ( GCN). Experimental results show that the MLP type surpasses the GCN in this environment, with domain-specific assessments closely aligned with real-world assessments. This study provides a scalable and efficient way to improve Ethereum's ecosystem's confidence and security. |
| 2024-12-06 | Technical Insights on Blockchain's Role in Financial Systems | Ishan Patwardhan et.al. | 2412.12131 | This research provides a critical analysis regarding the way blockchain is being implemented in the financial industry, highlighting its vital role in promoting green finance, guaranteeing compliance with regulations, improving supply chain finance, boosting decentralized finance (DeFi), and strengthening the Internet of Things (IoT). It discusses how blockchain's inherent attributes could significantly boost transparency, operational efficiency, and security across these domains while also addressing the pressing challenges of scalability, system integration, and the evolving regulatory landscape. |
| 2025-01-06 | Knowledge Migration Framework for Smart Contract Vulnerability Detection | Luqi Wang et.al. | 2412.11175 | As a cornerstone of blockchain technology in the 3.0 era, smart contracts play a pivotal role in the evolution of blockchain systems. In order to address the limitations of existing smart contract vulnerability detection models with regard to their generalisation capability, an AF-STip smart contract vulnerability detection framework incorporating efficient knowledge migration is proposed. AF-STip employs the teacher network as the main model and migrates the knowledge processed by the smart contract to the student model using a data-free knowledge distillation method. The student model utilises this knowledge to enhance its vulnerability detection capabilities. The approach markedly enhances the model's capacity for feature extraction and cross-class adaptation, while concurrently reducing computational overhead.In order to further enhance the extraction of vulnerability features, an adaptive fusion module is proposed in this paper, which aims to strengthen the interaction and fusion of feature information.The experimental results demonstrate that the STip model attains an average F1 value detection score of 91.16% for the four vulnerabilities without disclosing the original smart contract data. To validate the viability of the proposed lightweight migration approach, the student model is deployed in a migration learning task targeting a novel vulnerability type, resulting in an accuracy of 91.02% and an F1 score of 90.46%. To the best of our knowledge, AF-STip is the inaugural model to apply data-free knowledge migration to smart contract vulnerability detection. While markedly reducing the computational overhead, the method still demonstrates exceptional performance in detecting novel vulnerabilities. |
| 2024-12-14 | A technical solution for the rule of law, peace, security, and evolvability of global cyberspace -- solve the three genetic defects of IP network | Hui Li et.al. | 2412.10722 | Since its inception in the 1960s, the internet has profoundly transformed human life. However, its original design now struggles to meet the evolving demands of modern society. Three primary defects have emerged: First, the concentration of power among a few dominant entities has intensified international conflicts and widened the technological divide. Second, the Internet Protocol (IP)-based system lacks inherent security, leading to frequent global cybersecurity incidents. Third, the rigidity of the IP protocol has hindered the sustainable development of cyberspace, as it resists necessary adaptations and innovations. Addressing these issues is crucial for the future resilience and security of the global digital landscape. To address these challenges, we propose the Co-governed Multi-Identifier Network (CoG-MIN briefly as MIN), a novel network architecture that leverages blockchain technology to ensure equal participation of countries worldwide in cyberspace governance and the rule of law. As a next-generation network system, CoG-MIN integrates mechanisms such as user authentication, data signatures, and encryption to significantly enhance network security. In testing environments, CoG-MIN has consistently withstood extensive attacks during various international cybersecurity competitions. Additionally, CoG-MIN supports the evolution and interoperability of different identifier systems, remains IP-compatible, and facilitates a gradual transition away from IP, providing an adaptable ecosystem for diverse network architectures. This adaptability fosters the development and evolution of diverse network architectures within CoG-MIN, making it a natural progression for the internet's future development. We further introduce a trilogy of cyberspace security theorems... (Due to character limitations, the full abstract is available in the paper PDF.) |
| 2024-12-13 | SCRUBD: Smart Contracts Reentrancy and Unhandled Exceptions Vulnerability Dataset | Chavhan Sujeet Yashavant et.al. | 2412.09935 | Smart Contracts (SCs) handle transactions in the Ethereum blockchain worth millions of United States dollars, making them a lucrative target for attackers seeking to exploit vulnerabilities and steal funds. The Ethereum community has developed a rich set of tools to detect vulnerabilities in SCs, including reentrancy (RE) and unhandled exceptions (UX). A dataset of SCs labelled with vulnerabilities is needed to evaluate the tools' efficacy. Existing SC datasets with labelled vulnerabilities have limitations, such as covering only a limited range of vulnerability scenarios and containing incorrect labels. As a result, there is a lack of a standardized dataset to compare the performances of these tools. SCRUBD aims to fill this gap. We present a dataset of real-world SCs and synthesized SCs labelled with RE and UX. The real-world SC dataset is labelled through crowdsourcing, followed by manual inspection by an expert, and covers both RE and UX vulnerabilities. On the other hand, the synthesized dataset is carefully crafted to cover various RE scenarios only. Using SCRUBD we compared the performance of six popular vulnerability detection tools. Based on our study, we found that Slither outperforms other tools on a crowdsourced dataset in detecting RE vulnerabilities, while Sailfish outperforms other tools on a manually synthesized dataset for detecting RE. For UX vulnerabilities, Slither outperforms all other tools. |
| 2024-12-13 | Empowering Patients for Disease Diagnosis and Clinical Treatment: A Smart Contract-Enabled Informed Consent Strategy | Md Al Amin et.al. | 2412.09820 | Digital healthcare systems have revolutionized medical services, facilitating provider collaboration, enhancing diagnosis, and optimizing and improving treatments. They deliver superior quality, faster, reliable, and cost-effective services. Researchers are addressing pressing health challenges by integrating information technology, computing resources, and digital health records. However, digitizing healthcare introduces significant risks to patient data privacy and security, with the potential for unauthorized access to protected health information. Although patients can authorize data access through consent, there is a pressing need for mechanisms to ensure such given consent is informed and executed properly and timely. Patients deserve transparency and accountability regarding the access to their data: who access it, when, and under what circumstances. Current healthcare systems, often centralized, leave much to be desired in managing these concerns, leading to numerous security incidents. To address these issues, we propose a system based on blockchain and smart contracts for managing informed consent for accessing health records by the treatment team members, incorporating safeguards to verify that consent processes are correctly executed. Blockchain's inherent immutability ensures the integrity of consent. Smart contracts automatically execute agreements, enhancing accountability. They provide a robust framework for protecting patient privacy in the digital age. Experimental evaluations show that the proposed approach can be integrated easily with the existing healthcare systems without incurring financial and technological challenges. |
| 2024-12-09 | Blockchain Data Analysis in the Era of Large-Language Models | Kentaroh Toyoda et.al. | 2412.09640 | Blockchain data analysis is essential for deriving insights, tracking transactions, identifying patterns, and ensuring the integrity and security of decentralized networks. It plays a key role in various areas, such as fraud detection, regulatory compliance, smart contract auditing, and decentralized finance (DeFi) risk management. However, existing blockchain data analysis tools face challenges, including data scarcity, the lack of generalizability, and the lack of reasoning capability. We believe large language models (LLMs) can mitigate these challenges; however, we have not seen papers discussing LLM integration in blockchain data analysis in a comprehensive and systematic way. This paper systematically explores potential techniques and design patterns in LLM-integrated blockchain data analysis. We also outline prospective research opportunities and challenges, emphasizing the need for further exploration in this promising field. This paper aims to benefit a diverse audience spanning academia, industry, and policy-making, offering valuable insights into the integration of LLMs in blockchain data analysis. |
| 2024-12-16 | BA-ORABE: Blockchain-Based Auditable Registered Attribute-Based Encryption With Reliable Outsourced Decryption | Dongliang Cai et.al. | 2412.08957 | Attribute-based encryption (ABE) is a generalization of public-key encryption that enables fine-grained access control in cloud services. Recently, Hohenberger et al. (Eurocrypt 2023) introduced the notion of registered ABE, which is an ABE scheme without a trusted central authority. Instead, users generate their own public/secret keys and then register their keys and attributes with a key curator. The key curator is a transparent and untrusted entity and its behavior needs to be audited for malicious registration. In addition, pairing-based registered ABE still suffers the heavy decryption overhead like ABE. A general approach to address this issue is to outsource decryption to a decryption cloud service (DCS).In this work, we propose BA-ORABE, the first fully auditable registered ABE with reliable outsourced decryption scheme based on blockchain. First, we utilize a verifiable tag mechanism to achieve verifiability of ciphertext transformation, and the exemptibility which enables the honest DCS to escape from wrong claims is guaranteed by zero knowledge fraud proof under optimistic assumption. Additionally, our system achieves fairness and decentralized outsourcing to protect the interests of all parties and the registration and outsourcing process are transparent and fully auditable through blockchain. Finally, we give security analysis, implement and evaluate our scheme on Ethereum to demonstrate its feasibility and efficiency, and show its advantages in real application of decentralized finance. |
| 2024-12-11 | Reward-based Blockchain Infrastructure for 3D IC Supply Chain Provenance | Sulyab Thottungal Valapu et.al. | 2412.08777 | In response to the growing demand for enhanced performance and power efficiency, the semiconductor industry has witnessed a paradigm shift toward heterogeneous integration, giving rise to 2.5D/3D chips. These chips incorporate diverse chiplets, manufactured globally and integrated into a single chip. Securing these complex 2.5D/3D integrated circuits (ICs) presents a formidable challenge due to inherent trust issues within the semiconductor supply chain. Chiplets produced in untrusted locations may be susceptible to tampering, introducing malicious circuits that could compromise sensitive information. This paper introduces an innovative approach that leverages blockchain technology to establish traceability for ICs and chiplets throughout the supply chain. Given that chiplet manufacturers are dispersed globally and may operate within different blockchain consortiums, ensuring the integrity of data within each blockchain ledger becomes imperative. To address this, we propose a novel dual-layer approach for establishing distributed trust across diverse blockchain ledgers. The lower layer comprises of a blockchain-based framework for IC supply chain provenance that enables transactions between blockchain instances run by different consortiums, making it possible to trace the complete provenance DAG of each IC. The upper layer implements a multi-chain reputation scheme that assigns reputation scores to entities while specifically accounting for high-risk transactions that cross blockchain trust zones. This approach enhances the credibility of the blockchain data, mitigating potential risks associated with the use of multiple consortiums and ensuring a robust foundation for securing 2.5D/3D ICs in the evolving landscape of heterogeneous integration. |
| 2024-12-11 | Pioplat: A Scalable, Low-Cost Framework for Latency Reduction in Ethereum Blockchain | Ke Wang et.al. | 2412.08367 | link |
| 2024-12-10 | BrokerChain: A Blockchain Sharding Protocol by Exploiting Broker Accounts | Huawei Huang et.al. | 2412.07202 | State-of-the-art blockchain sharding solutions such as Monoxide, can cause severely imbalanced distribution of transaction (TX) workloads across all blockchain shards due to the deployment policy of their accounts. Imbalanced TX distributions then produce hot shards, in which the cross-shard TXs may experience an unlimited confirmation latency. Thus, how to address the hot-shard issue and how to reduce crossshard TXs become significant challenges of blockchain sharding. Through reviewing the related studies, we find that a crossshard TX protocol that can achieve workload balance among all shards and simultaneously reduce the quantity of crossshard TXs is still absent from the literature. To this end, we propose BrokerChain, which is a cross-shard blockchain protocol dedicated to account-based state sharding. Essentially, BrokerChain exploits fine-grained state partition and account segmentation. We also elaborate on how BrokerChain handles cross-shard TXs through broker accounts. The security issues and other properties of BrokerChain are analyzed rigorously. Finally, we conduct comprehensive evaluations using an opensource blockchain sharding prototype named BlockEmulator. The evaluation results show that BrokerChain outperforms other baselines in terms of transaction throughput, transaction confirmation latency, the queue size of the transaction pool, and workload balance. |
| 2025-01-08 | Incentivized Symbiosis: A Paradigm for Human-Agent Coevolution | Tomer Jordi Chaffer et.al. | 2412.06855 | Cooperation is vital to our survival and progress. Evolutionary game theory offers a lens to understand the structures and incentives that enable cooperation to be a successful strategy. As artificial intelligence agents become integral to human systems, the dynamics of cooperation take on unprecedented significance. The convergence of human-agent teaming, contract theory, and decentralized frameworks like Web3, grounded in transparency, accountability, and trust, offers a foundation for fostering cooperation by establishing enforceable rules and incentives for humans and AI agents. We conceptualize Incentivized Symbiosis as a social contract between humans and AI, inspired by Web3 principles and encoded in blockchain technology, to define and enforce rules, incentives, and consequences for both parties. By exploring this paradigm, we aim to catalyze new research at the intersection of systems thinking in AI, Web3, and society, fostering innovative pathways for cooperative human-agent coevolution. |
| 2024-12-09 | ICtoken: An NFT for Hardware IP Protection | Shashank Balla et.al. | 2412.06726 | Protecting integrated circuits (ICs) from piracy and theft throughout their lifecycle is a persistent and complex challenge. In order to safeguard against illicit piracy attacks, this work proposes a novel framework utilizing Non-Fungible Tokens (NFTs) called ICtokens, uniquely linked to their corresponding physical ICs. Each ICtoken contains comprehensive information, including authentication data, supply chain stage and status, ownership details, and other IC metadata, while also making provision for the secure integration of a logic-locking key. Designed to be publicly logged, ICtokens securely obscure metering information without compromising functionality. In addition, the ICtracker, a distributed ledger technology powered by a swift and energy-efficient consortium blockchain, is used to register and manage ICtokens and their respective owners, tracking all associated interactions. This robust ledger guarantees the traceability and auditing of ICtokens while simultaneously developing a product-level NFT at every transaction point within the supply chain. Consequently, a scalable framework is established, creating unique, immutable digital twins for ICs and IC-embedded products in the form of ICtokens and their transactions. This provides a robust and reliable supply chain trail back to the original IP owner, while also offering unprecedented assurance to consumers of IC-embedded products. The rich information contained within ICtokens facilitates more detailed audits than previous proposals for IC supply chain monitoring. A proof-of-concept, implemented as an open-source solution, ensures the ease of adoption of the proposed framework. |
| 2024-12-09 | Q-PnV: A Quantum Consensus Mechanism for Security Consortium Blockchains | Jianming Lin et.al. | 2412.06325 | Due to the rapid development of quantum computing, many classical blockchain technologies are now considered insecure. The emergence of quantum blockchain holds promise for addressing this issue. Various quantum consensus algorithms have been proposed so far, but there has not yet been a quantum consensus algorithm tailored specifically for consortium blockchain scenarios. In this paper, we propose a novel quantum consensus mechanism, named Q-PnV. This consensus mechanism is based on the classical Proof of Vote (PoV), integrating quantum voting, quantum digital signature and quantum random number generators (QRNGs). By combining Q-PnV with a quantum blockchain using weighted hypergraph states, we propose a comprehensive quantum blockchain solution for consortium blockchain scenarios. Compared to the classical method, the quantum blockchain based on Q-PnV can resist quantum attacks and shows significant improvements in security and fairness, making it better suit-ed for the future quantum era. |
| 2024-12-09 | BECS: A Privacy-Preserving Computing Sharing Mechanism in 6G Computing Power Network | Kun Yan et.al. | 2412.06196 | 5G networks provide secure and reliable information transmission services for the Internet of Everything, thus paving the way for 6G networks, which is anticipated to be an AI-based network, supporting unprecedented intelligence across applications. Abundant computing resources will establish the 6G Computing Power Network (CPN) to facilitate ubiquitous intelligent services. In this article, we propose BECS, a computing sharing mechanism based on evolutionary algorithm and blockchain, designed to balance task offloading among user devices, edge devices, and cloud resources within 6G CPN, thereby enhancing the computing resource utilization. We model computing sharing as a multi-objective optimization problem, aiming to improve resource utilization while balancing other issues. To tackle this NP-hard problem, we devise a kernel distance-based dominance relation and incorporated it into the Non-dominated Sorting Genetic Algorithm III, significantly enhancing the diversity of the evolutionary population. In addition, we propose a pseudonym scheme based on zero-knowledge proof to protect the privacy of users participating in computing sharing. Finally, the security analysis and simulation results demonstrate that BECS can fully and effectively utilize all computing resources in 6G CPN, significantly improving the computing resource utilization while protecting user privacy. |
| 2024-12-08 | A Dynamic Tree Structure for Hierarchical On-Chain Asset Management | Mojtaba Eshghie et.al. | 2412.06026 | In this paper, we introduce the Sarv, a novel non-monolithic blockchain-based data structure designed to represent hierarchical relationships between digitally representable components. Sarv serves as an underlying infrastructure for a wide range of applications requiring hierarchical data management, such as supply chain tracking, asset management, and circular economy implementations. Our approach leverages a tree-based data structure to accurately reflect products and their sub-components, enabling functionalities such as modification, disassembly, borrowing, and refurbishment, mirroring real-world operations. The hierarchy within Sarv is embedded in the on-chain data structure through a smart contract-based design, utilizing Algorand Standard Assets (ASAs). The uniqueness of Sarv lies in its compact and non-monolithic architecture, its mutability, and a two-layer action authorization scheme that enhances security and delegation of asset management. We demonstrate that Sarv addresses real-world requirements by providing a scalable, mutable, and secure solution for managing hierarchical data on the blockchain. |
| 2024-12-13 | Balancing Confidentiality and Transparency for Blockchain-based Process-Aware Information Systems | Alessandro Marcelletti et.al. | 2412.05737 | link |
| 2024-12-07 | Dynamic Digital Twins of Blockchain Systems: State Extraction and Mirroring | Georgios Diamantopoulos et.al. | 2412.05527 | Blockchain adoption is reaching an all-time high, with a plethora of blockchain architectures being developed to cover the needs of applications eager to integrate blockchain into their operations. However, blockchain systems suffer from the trilemma trade-off problem, which limits their ability to scale without sacrificing essential metrics such as decentralisation and security. The balance of the trilemma trade-off is primarily dictated by the consensus protocol used. Since consensus protocols are designed to function well under specific system conditions, and consequently, due to the blockchain's complex and dynamic nature, systems operating under a single consensus protocol are bound to face periods of inefficiency. The work presented in this paper constitutes part of an effort to design a Digital Twin-based blockchain management framework to balance the trilemma trade-off problem, which aims to adapt the consensus process to fit the conditions of the underlying system. Specifically, this work addresses the problems of extracting the blockchain system and mirroring it in its digital twin by proposing algorithms that overcome the challenges posed by blockchains' decentralised and asynchronous nature and the fundamental problems of global state and synchronisation in such systems. The robustness of the proposed algorithms is experimentally evaluated. |
| 2024-12-07 | EC-Chain: Cost-Effective Storage Solution for Permissionless Blockchains | Minghui Xu et.al. | 2412.05502 | Permissionless blockchains face considerable challenges due to increasing storage demands, driven by the proliferation of Decentralized Applications (DApps). This paper introduces EC-Chain, a cost-effective storage solution for permissionless blockchains. EC-Chain reduces storage overheads of ledger and state data, which comprise blockchain data. For ledger data, EC-Chain refines existing erasure coding-based storage optimization techniques by incorporating batch encoding and height-based encoding. We also introduce an easy-to-implement dual-trie state management system that enhances state storage and retrieval through state expiry, mining, and creation procedures. To ensure data availability in permissionless environments, EC-Chain introduces a network maintenance scheme tailored for dynamism. Collectively, these contributions allow EC-Chain to provide an effective solution to the storage challenges faced by permissionless blockchains. Our evaluation demonstrates that EC-Chain can achieve a storage reduction of over (90%) compared to native Ethereum Geth. |
| 2024-12-03 | Collaborative and parametric insurance on the Ethereum blockchain | Pierre-Olivier Goffard et.al. | 2412.05321 | This paper introduces a blockchain-based insurance scheme that integrates parametric and collaborative elements. A pool of investors, referred to as surplus providers, locks funds in a smart contract, enabling blockchain users to underwrite parametric insurance contracts. These contracts automatically trigger compensation when predefined conditions are met. The collaborative aspect is embodied in the generation of tokens, which are distributed to both surplus providers and policyholders. These tokens represent each participant's share of the surplus and grant voting rights for management decisions. The smart contract is developed in Solidity, a high-level programming language for the Ethereum blockchain, and deployed on the Sepolia testnet, with data processing and analysis conducted using Python. In addition, open-source code is provided and main research challenges are identified, so that further research can be carried out to overcome limitations of this first proof of concept. |
| 2024-12-06 | An Experimental Framework for Implementing Decentralized Autonomous Database Systems in Rust | Prakash Aryan et.al. | 2412.05078 | This paper presents an experimental framework for implementing Decentralized Autonomous Database Systems (DADBS) using the Rust programming language. As traditional centralized databases face challenges in scalability, security, and autonomy, DADBS emerge as a promising solution, using blockchain principles to create distributed, self-governing database systems. Our framework explores the practical aspects of building a DADBS, focusing on Rust's unique features that improves system reliability and performance. We evaluated our DADBS implementation across several key performance metrics: throughput, latency(read), latency(write), scalability, CPU utilization, Memory Usage and Network I/O, The average results obtained over a 24-hour period of continuous operation were 3,000 transactions/second, 75 ms, 250 ms, 55%, 2.5 GB, 100MB/s. The security analysis depicts that even with an increase in the percentage of malicious nodes, DADBS still maintains high throughput and consistency. The paper discusses key design decisions, highlighting how Rust's ownership model and concurrency features address common challenges in distributed systems. We also examine the current limitations of our approach and potential areas for future research. By providing this comprehensive overview of a Rust-based DADBS implementation, we aim to contribute to the growing body of knowledge on decentralized database architectures and their practical realization. |
| 2025-01-28 | Bridging Culture and Finance: A Multimodal Analysis of Memecoins in the Web3 Ecosystem | Hou-Wan Long et.al. | 2412.04913 | link |
| 2024-12-06 | DRDST: Low-latency DAG Consensus through Robust Dynamic Sharding and Tree-broadcasting for IoV | Runhua Chen et.al. | 2412.04742 | The Internet of Vehicles (IoV) is emerging as a pivotal technology for enhancing traffic management and safety. Its rapid development demands solutions for enhanced communication efficiency and reduced latency. However, traditional centralized networks struggle to meet these demands, prompting the exploration of decentralized solutions such as blockchain. Addressing blockchain's scalability challenges posed by the growing number of nodes and transactions calls for innovative solutions, among which sharding stands out as a pivotal approach to significantly enhance blockchain throughput. However, existing schemes still face challenges related to a) the impact of vehicle mobility on blockchain consensus, especially for cross-shard transaction; and b) the strict requirements of low latency consensus in a highly dynamic network. In this paper, we propose a DAG (Directed Acyclic Graph) consensus leveraging Robust Dynamic Sharding and Tree-broadcasting (DRDST) to address these challenges. Specifically, we first develop a standard for evaluating the network stability of nodes, combined with the nodes' trust values, to propose a novel robust sharding model that is solved through the design of the Genetic Sharding Algorithm (GSA). Then, we optimize the broadcast latency of the whole sharded network by improving the tree-broadcasting to minimize the maximum broadcast latency within each shard. On this basis, we also design a DAG consensus scheme based on an improved hashgraph protocol, which can efficiently handle cross-shard transactions. Finally, the simulation proves the proposed scheme is superior to the comparison schemes in latency, throughput, consensus success rate, and node traffic load. |
| 2024-12-05 | DistB-VNET: Distributed Cluster-based Blockchain Vehicular Ad-Hoc Networks through SDN-NFV for Smart City | Anichur Rahman et.al. | 2412.04222 | In the developing topic of smart cities, Vehicular Ad-Hoc Networks (VANETs) are crucial for providing successful interaction between vehicles and infrastructure. This research proposes a distributed Blockchain-based Vehicular Ad-hoc Network (DistB-VNET) architecture that includes binary malicious traffic classification, Software Defined Networking (SDN), and Network Function Virtualization (NFV) to ensure safe, scalable, and reliable vehicular networks in smart cities. The suggested framework is the decentralized blockchain for safe data management and SDN-NFV for dynamic network management and resource efficiency and a noble isolation forest algorithm works as an IDS (Intrusion Detection System). Further, "DistB-VNET" offers a dual-layer blockchain system, where a distributed blockchain provides safe communication between vehicles, while a centralized blockchain in the cloud is in charge of data verification and storage. This improves security, scalability, and adaptability, ensuring better traffic management, data security, and privacy in VANETs. Furthermore, the unsupervised isolation forest model achieves a high accuracy of 99.23% for detecting malicious traffic. Additionally, reveals that our method greatly improves network performance, offering decreased latency, increased security, and reduced congestion, an effective alternative for existing smart city infrastructures. |
| 2024-12-05 | WACANA: A Concolic Analyzer for Detecting On-chain Data Vulnerabilities in WASM Smart Contracts | Wansen Wang et.al. | 2412.03946 | WebAssembly (WASM) has emerged as a crucial technology in smart contract development for several blockchain platforms. Unfortunately, since their introduction, WASM smart contracts have been subject to several security incidents caused by contract vulnerabilities, resulting in substantial economic losses. However, existing tools for detecting WASM contract vulnerabilities have accuracy limitations, one of the main reasons being the coarse-grained emulation of the on-chain data APIs. In this paper, we introduce WACANA, an analyzer for WASM contracts that accurately detects vulnerabilities through fine-grained emulation of on-chain data APIs. WACANA precisely simulates both the structure of on-chain data tables and their corresponding API functions, and integrates concrete and symbolic execution within a coverage-guided loop to balance accuracy and efficiency. Evaluations on a vulnerability dataset of 133 contracts show WACANA outperforming state-of-the-art tools in accuracy. Further validation on 5,602 real-world contracts confirms WACANA's practical effectiveness. |
| 2024-12-04 | Securing RC Based P2P Networks: A Blockchain-based Access Control Framework utilizing Ethereum Smart Contracts for IoT and Web 3.0 | Saurav Ghosh et.al. | 2412.03709 | Ensuring security for highly dynamic peer-to-peer (P2P) networks has always been a challenge, especially for services like online transactions and smart devices. These networks experience high churn rates, making it difficult to maintain appropriate access control. Traditional systems, particularly Role-Based Access Control (RBAC), often fail to meet the needs of a P2P environment. This paper presents a blockchain-based access control framework that uses Ethereum smart contracts to address these challenges. Our framework aims to close the gaps in existing access control systems by providing flexible, transparent, and decentralized security solutions. The proposed framework includes access control contracts (ACC) that manage access based on static and dynamic policies, a Judge Contract (JC) to handle misbehavior, and a Register Contract (RC) to record and manage the interactions between ACCs and JC. The security model combines impact and severity-based threat assessments using the CIA (Confidentiality, Integrity, Availability) and STRIDE principles, ensuring responses are tailored to different threat levels. This system not only stabilizes the fundamental issues of peer membership but also offers a scalable solution, particularly valuable in areas such as the Internet of Things (IoT) and Web 3.0 technologies. |
| 2024-12-03 | Block MedCare: Advancing healthcare through blockchain integration with AI and IoT | Oliver Simonoski et.al. | 2412.02851 | This research explores the integration of blockchain technology in healthcare, focusing on enhancing the security and efficiency of Electronic Health Record (EHR) management. We propose a novel Ethereum-based system that empowers patients with secure control over their medical data. Our approach addresses key challenges in healthcare blockchain implementation, including scalability, privacy, and regulatory compliance. The system incorporates digital signatures, Role-Based Access Control, and a multi-layered architecture to ensure secure, controlled access. We developed a decentralized application (dApp) with user-friendly interfaces for patients, doctors, and administrators, demonstrating the practical application of our solution. A survey among healthcare professionals and IT experts revealed strong interest in blockchain adoption, while also highlighting concerns about integration costs. The study explores future enhancements, including integration with IoT devices and AI-driven analytics, contributing to the evolution of secure, efficient, and interoperable healthcare systems that leverage cutting-edge technologies for improved patient care. |
| 2024-12-03 | Liquefaction: Privately Liquefying Blockchain Assets | James Austgen et.al. | 2412.02634 | Inherent in the world of cryptocurrency systems and their security models is the notion that private keys, and thus assets, are controlled by individuals or individual entities. We present Liquefaction, a wallet platform that demonstrates the dangerous fragility of this foundational assumption by systemically breaking it. Liquefaction uses trusted execution environments (TEEs) to encumber private keys, i.e., attach rich, multi-user policies to their use. In this way, it enables the cryptocurrency credentials and assets of a single end-user address to be freely rented, shared, or pooled. It accomplishes these things privately, with no direct on-chain traces. Liquefaction demonstrates the sweeping consequences of TEE-based key encumbrance for the cryptocurrency landscape. Liquefaction can undermine the security and economic models of many applications and resources, such as locked tokens, DAO voting, airdrops, loyalty points, soulbound tokens, and quadratic voting. It can do so with no on-chain and minimal off-chain visibility. Conversely, we also discuss beneficial applications of Liquefaction, such as privacy-preserving, cost-efficient DAOs and a countermeasure to dusting attacks. Importantly, we describe an existing TEE-based tool that applications can use as a countermeasure to Liquefaction. Our work prompts a wholesale rethinking of existing models and enforcement of key and asset ownership in the cryptocurrency ecosystem. |
| 2024-12-03 | Leveraging Ensemble-Based Semi-Supervised Learning for Illicit Account Detection in Ethereum DeFi Transactions | Shabnam Fazliani et.al. | 2412.02408 | The advent of smart contracts has enabled the rapid rise of Decentralized Finance (DeFi) on the Ethereum blockchain, offering substantial rewards in financial innovation and inclusivity. However, this growth has also introduced significant security risks, including the proliferation of illicit accounts involved in fraudulent activities. Traditional detection methods are limited by the scarcity of labeled data and the evolving tactics of malicious actors. In this paper, we propose a novel Self-Learning Ensemble-based Illicit account Detection (SLEID) framework to address these challenges. SLEID employs an Isolation Forest for initial outlier detection and a self-training mechanism to iteratively generate pseudo-labels for unlabeled accounts, thereby enhancing detection accuracy. Extensive experiments demonstrate that SLEID significantly outperforms traditional supervised approaches and recent semi-supervised models, achieving superior precision, recall, and F1-scores, particularly in detecting illicit accounts. Compared to state-of-the-art methods, our approach achieves better detection performance while reducing reliance on labeled data. The results affirm SLEID's efficacy as a robust solution for safeguarding the DeFi ecosystem and mitigating risks posed by malicious accounts. |
| 2024-12-06 | Connecting Large Language Models with Blockchain: Advancing the Evolution of Smart Contracts from Automation to Intelligence | Youquan Xian et.al. | 2412.02263 | Blockchain smart contracts have catalyzed the development of decentralized applications across various domains, including decentralized finance. However, due to constraints in computational resources and the prevalence of data silos, current smart contracts face significant challenges in fully leveraging the powerful capabilities of Large Language Models (LLMs) for tasks such as intelligent analysis and reasoning. To address this gap, this paper proposes and implements a universal framework for integrating LLMs with blockchain data, {\sysname}, effectively overcoming the interoperability barriers between blockchain and LLMs. By combining semantic relatedness with truth discovery methods, we introduce an innovative data aggregation approach, {\funcname}, which significantly enhances the accuracy and trustworthiness of data generated by LLMs. To validate the framework's effectiveness, we construct a dataset consisting of three types of questions, capturing Q&A interactions between 10 oracle nodes and 5 LLM models. Experimental results demonstrate that, even with 40% malicious nodes, the proposed solution improves data accuracy by an average of 17.74% compared to the optimal baseline. This research not only provides an innovative solution for the intelligent enhancement of smart contracts but also highlights the potential for deep integration between LLMs and blockchain technology, paving the way for more intelligent and complex applications of smart contracts in the future. |
| 2024-12-03 | Blockchain-Enabled Device-Enhanced Multi-Access Edge Computing in Open Adversarial Environments | Muhammad Islam et.al. | 2412.02233 | We propose Blockchain-enabled Device-enhanced Multi-access Edge Computing (BdMEC). BdMEC extends the Honeybee framework for on-demand resource pooling with blockchain technology to ensure trust, security, and accountability among devices (even when they are owned by different parties). BdMEC mitigates risks from malicious devices by making computations traceable. Our prototype and results demonstrate BdMEC's ability to manage distributed computing tasks efficiently and securely across multiple devices. |
| 2024-12-02 | AVA: Fault-tolerant Reconfigurable Geo-Replication on Heterogeneous Clusters | Tejas Mane et.al. | 2412.01999 | Fault-tolerant replicated database systems consume less energy than the compute-intensive proof-of-work blockchain. Thus, they are promising technologies for the building blocks that assemble global financial infrastructure. To facilitate global scaling, clustered replication protocols are essential in orchestrating nodes into clusters based on proximity. However, the existing approaches often assume a homogeneous and fixed model in which the number of nodes across clusters is the same and fixed, and often limited to a fail-stop fault model. This paper presents heterogeneous and reconfigurable clustered replication for the general environment with arbitrary failures. In particular, we present AVA, a fault-tolerant reconfigurable geo-replication that allows dynamic membership: replicas are allowed to join and leave clusters. We formally state and prove the safety and liveness properties of the protocol. Furthermore, our replication protocol is consensus-agnostic, meaning each cluster can utilize any local replication mechanism. In our comprehensive evaluation, we instantiate our replication with both HotStuff and BFT-SMaRt. Experiments on geo-distributed deployments on Google Cloud demonstrates that members of clusters can be reconfigured without considerably affecting transaction processing, and that heterogeneity of clusters may significantly improve throughput. |
| 2024-12-24 | Development and Application of a Decentralized Domain Name Service | Guang Yang et.al. | 2412.01959 | link |
| 2024-12-02 | Smart Contract Vulnerabilities, Tools, and Benchmarks: An Updated Systematic Literature Review | Gerardo Iuliano et.al. | 2412.01719 | Smart contracts are self-executing programs on blockchain platforms like Ethereum, which have revolutionized decentralized finance by enabling trustless transactions and the operation of decentralized applications. Despite their potential, the security of smart contracts remains a critical concern due to their immutability and transparency, which expose them to malicious actors. The connections of contracts further complicate vulnerability detection. This paper presents a systematic literature review that explores vulnerabilities in Ethereum smart contracts, focusing on automated detection tools and benchmark evaluation. We reviewed 1,888 studies from five digital libraries and five major software engineering conferences, applying a structured selection process that resulted in 131 high-quality studies. The key results include a hierarchical taxonomy of 101 vulnerabilities grouped into ten categories, a comprehensive list of 144 detection tools with corresponding functionalities, methods, and code transformation techniques, and a collection of 102 benchmarks used for tool evaluation. We conclude with insights on the current state of Ethereum smart contract security and directions for future research. |
| 2024-12-02 | The Future of Document Verification: Leveraging Blockchain and Self-Sovereign Identity for Enhanced Security and Transparency | Swapna Krishnakumar Radha et.al. | 2412.01531 | Attestation of documents like legal papers, professional qualifications, medical records, and commercial documents is crucial in global transactions, ensuring their authenticity, integrity, and trustworthiness. Companies expanding operations internationally need to submit attested financial statements and incorporation documents to foreign governments or business partners to prove their businesses and operations' authenticity, legal validity, and regulatory compliance. Attestation also plays a critical role in education, overseas employment, and authentication of legal documents such as testaments and medical records. The traditional attestation process is plagued by several challenges, including time-consuming procedures, the circulation of counterfeit documents, and concerns over data privacy in the attested records. The COVID-19 pandemic brought into light another challenge: ensuring physical presence for attestation, which caused a significant delay in the attestation process. Traditional methods also lack real-time tracking capabilities for attesting entities and requesters. This paper aims to propose a new strategy using decentralized technologies such as blockchain and self-sovereign identity to overcome the identified hurdles and provide an efficient, secure, and user-friendly attestation ecosystem. |
| 2024-12-02 | A Hybrid BPMN-DMN Framework for Secure Inter-organizational Processes and Decisions Collaboration on Permissioned Blockchain | Xinzhe Shen et.al. | 2412.01196 | In the rapidly evolving digital business landscape, organizations increasingly need to collaborate across boundaries to achieve complex business objectives, requiring both efficient process coordination and flexible decision-making capabilities. Traditional collaboration approaches face significant challenges in transparency, trust, and decision flexibility, while existing blockchain-based solutions primarily focus on process execution without addressing the integrated decision-making needs of collaborative enterprises. This paper proposes BlockCollab, a novel model-driven framework that seamlessly integrates Business Process Model and Notation (BPMN) with Decision Model and Notation (DMN) to standardize and implement collaborative business processes and decisions on permissioned blockchain platforms. Our approach automatically translates integrated BPMN-DMN models into smart contracts(SCs) compatible with Hyperledger Fabric, enabling privacy-aware multi-organizational process execution through blockchain-based Attribute-Based Access Control (ABAC). The framework introduces three key innovations: (1) a standardized method for modeling collaborative processes and decisions using integrated BPMN-DMN model, (2) an automated SC generator that preserves both process logic and decision rules while maintaining privacy constraints, and (3) a hybrid on-chain/off-chain execution environment that optimizes collaborative workflows through secure data transfer and external system integration. Experimental evaluation across 11 real-world collaboration scenarios demonstrates that our approach achieves 100% accuracy in process execution. Furthermore, an analysis of various execution processes highlights the strong practical applicability and reliability of our approach. The proposed framework includes an open-source third-party collaboration platform based on blockchain. |
| 2024-12-01 | Post-Vaccination COVID-19 Data Analysis: Privacy and Ethics | Sankha Das et.al. | 2412.00774 | The COVID-19 pandemic has severely affected the world in terms of health, economy and peace. Fortunately, the countries are trying to overcome the situation by actively carrying out vaccinations. However, like any other massive operation involving humans such as human resource management, elections, surveys, etc., the vaccination process raises several questions about citizen privacy and misuse of personal data. In most of the countries, few attempts have been made to verify the vaccination statistics as reported by the health centers. These issues collectively require the solutions of anonymity of citizens' personal information, immutability of vaccination data and easy yet restricted access by adversarial bodies such as the government for the verification and analysis of the data. This paper introduces a blockchain-based application to simulate and monitor the vaccination process. The structure of data model used in the proposed system is based on the IEEE Standard for Data Format for Blockchain Systems 2418.2TM-2020. The proposed system enables authorized stakeholders to share and access relevant information for vaccination process chain while preserving citizen privacy and accountability of the system. It is implemented on the Ethereum blockchain and uses a Python API for the simulation and validation of each step of the vaccination process. |
| 2024-12-01 | The Forking Way: When TEEs Meet Consensus | Annika Wilde et.al. | 2412.00706 | An increasing number of distributed platforms combine Trusted Execution Environments (TEEs) with blockchains. Indeed, many hail the combination of TEEs and blockchains a good "marriage": TEEs bring confidential computing to the blockchain while the consensus layer could help defend TEEs from forking attacks. In this paper, we systemize how current blockchain solutions integrate TEEs and to what extent they are secure against forking attacks. To do so, we thoroughly analyze 29 proposals for TEE-based blockchains, ranging from academic proposals to production-ready platforms. We uncover a lack of consensus in the community on how to combine TEEs and blockchains. In particular, we identify four broad means to interconnect TEEs with consensus, analyze their limitations, and discuss possible remedies. Our analysis also reveals previously undocumented forking attacks on three production-ready TEE-based blockchains: Ten, Phala, and the Secret Network. We leverage our analysis to propose effective countermeasures against those vulnerabilities; we responsibly disclosed our findings to the developers of each affected platform. |
| 2024-12-01 | Collaborative Proof-of-Work: A Secure Dynamic Approach to Fair and Efficient Blockchain Mining | Rizwanul Haque et.al. | 2412.00690 | Proof-of-Work (PoW) systems face critical challenges, including excessive energy consumption and the centralization of mining power among entities with expensive hardware. Static mining pools exacerbate these issues by reducing competition and undermining the decentralized nature of blockchain networks, leading to economic inequality and inefficiencies in resource allocation. Their reliance on centralized pool managers further introduces vulnerabilities by creating a system that fails to ensure secure and fair reward distribution. This paper introduces a novel Collaborative Proof-of-Work (CPoW) mining approach designed to enhance efficiency and fairness in the Ethereum network. We propose a dynamic mining pool formation protocol that enables miners to collaborate based on their computational capabilities, ensuring fair and secure reward distribution by incorporating mechanisms to accurately verify and allocate rewards. By addressing the centralization and energy inefficiencies of traditional mining, this research contributes to a more sustainable blockchain ecosystem. |
| 2024-12-01 | SEAM: A Secure Automated and Maintainable Smart Contract Upgrade Framework | Tahrim Hossain et.al. | 2412.00680 | This work addresses the critical challenges of upgrading smart contracts, which are vital for trust in automated transactions but difficult to modify once deployed. To address this issue, we propose SEAM, a novel framework that automates the conversion of standard Solidity contracts into upgradable versions using the diamond pattern. SEAM simplifies the upgrade process and addresses two key vulnerabilities: function selector clashes and storage slot collisions. Additionally, the framework provides tools for efficiently deploying, modifying, and managing smart contract lifecycles. By enhancing contract security and reducing the learning curve for developers, SEAM lays a robust foundation for more flexible and maintainable blockchain applications. |
| 2024-12-01 | ChainGuard: A Blockchain-based Authentication and Access Control Scheme for Distributed Networks | Faisal Haque Bappy et.al. | 2412.00677 | As blockchain technology gains traction for enhancing data security and operational efficiency, traditional centralized authentication systems remain a significant bottleneck. This paper addresses the challenge of integrating decentralized authentication and access control within distributed networks. We propose a novel solution named ChainGuard, a fully decentralized authentication and access control mechanism based on smart contracts. ChainGuard eliminates the need for a central server by leveraging blockchain technology to manage user roles and permissions dynamically. Our scheme supports user interactions across multiple organizations simultaneously, enhancing security, efficiency, and transparency. By addressing key challenges such as scalability, security, and transparency, ChainGuard not only bridges the gap between traditional centralized systems and blockchain's decentralized ethos but also enhances data protection and operational efficiency. |
| 2024-11-28 | SmartLLMSentry: A Comprehensive LLM Based Smart Contract Vulnerability Detection Framework | Oualid Zaazaa et.al. | 2411.19234 | Smart contracts are essential for managing digital assets in blockchain networks, highlighting the need for effective security measures. This paper introduces SmartLLMSentry, a novel framework that leverages large language models (LLMs), specifically ChatGPT with in-context training, to advance smart contract vulnerability detection. Traditional rule-based frameworks have limitations in integrating new detection rules efficiently. In contrast, SmartLLMSentry utilizes LLMs to streamline this process. We created a specialized dataset of five randomly selected vulnerabilities for model training and evaluation. Our results show an exact match accuracy of 91.1% with sufficient data, although GPT-4 demonstrated reduced performance compared to GPT-3 in rule generation. This study illustrates that SmartLLMSentry significantly enhances the speed and accuracy of vulnerability detection through LLMdriven rule integration, offering a new approach to improving Blockchain security and addressing previously underexplored vulnerabilities in smart contracts. |
| 2024-11-28 | A Game-Theoretic Approach to the Study of Blockchain's Robustness | Ulysse Pavloff et.al. | 2411.19175 | Blockchains have sparked global interest in recent years, gaining importance as they increasingly influence technology and finance. This thesis investigates the robustness of blockchain protocols, specifically focusing on Ethereum Proof-of-Stake. We define robustness in terms of two critical properties: Safety, which ensures that the blockchain will not have permanent conflicting blocks, and Liveness, which guarantees the continuous addition of new reliable blocks. Our research addresses the gap between traditional distributed systems approaches, which classify agents as either honest or Byzantine (i.e., malicious or faulty), and game-theoretic models that consider rational agents driven by incentives. We explore how incentives impact the robustness with both approaches. The thesis comprises three distinct analyses. First, we formalize the Ethereum PoS protocol, defining its properties and examining potential vulnerabilities through a distributed systems perspective. We identify that certain attacks can undermine the system's robustness. Second, we analyze the inactivity leak mechanism, a critical feature of Ethereum PoS, highlighting its role in maintaining system liveness during network disruptions but at the cost of safety. Finally, we employ game-theoretic models to study the strategies of rational validators within Ethereum PoS, identifying conditions under which these agents might deviate from the prescribed protocol to maximize their rewards. Our findings contribute to a deeper understanding of the importance of incentive mechanisms for blockchain robustness and provide insights into designing more resilient blockchain protocols. |
| 2024-12-18 | Guardians of the Ledger: Protecting Decentralized Exchanges from State Derailment Defects | Zongwei Li et.al. | 2411.18935 | The decentralized exchange (DEX) leverages smart contracts to trade digital assets for users on the blockchain. Developers usually develop several smart contracts into one project, implementing complex logic functions and multiple transaction operations. However, the interaction among these contracts poses challenges for developers analyzing the state logic. Due to the complex state logic in DEX projects, many critical state derailment defects have emerged in recent years. In this paper, we conduct the first systematic study of state derailment defects in DEX. We define five categories of state derailment defects and provide detailed analyses of them. Furthermore, we propose a novel deep learning-based framework StateGuard for detecting state derailment defects in DEX smart contracts. It leverages a smart contract deconstructor to deconstruct the contract into an Abstract Syntax Tree (AST), from which five categories of dependency features are extracted. Next, it implements a graph optimizer to process the structured data. At last, the optimized data is analyzed by Graph Convolutional Networks (GCNs) to identify potential state derailment defects. We evaluated StateGuard through a dataset of 46 DEX projects containing 5,671 smart contracts, and it achieved 94.25% F1-score. In addition, in a comparison experiment with state-of-the-art, StateGuard leads the F1-score by 6.29%. To further verify its practicality, we used StateGuar to audit real-world contracts and successfully authenticated multiple novel CVEs. |
| 2025-01-14 | Know Your Account: Double Graph Inference-based Account De-anonymization on Ethereum | Shuyi Miao et.al. | 2411.18875 | link |
| 2024-11-27 | Proving and Rewarding Client Diversity to Strengthen Resilience of Blockchain Networks | Javier Ron et.al. | 2411.18401 | Client diversity in the Ethereum blockchain refers to the use of multiple independent implementations of the Ethereum protocol. This effectively enhances network resilience by reducing reliance on any single software client implementation. With client diversity, a single bug cannot tear the whole network down. However, despite multiple production-grade client implementations being available, there is still a heavily skewed distribution of clients in Ethereum. This is a concern for the community. In this paper, we introduce a novel conceptual framework for client diversity. The core goal is to improve the network resilience as a systemic property. Our key insight is to leverage economic incentives and verifiable execution to encourage the adoption of minority clients, thereby fostering a more robust blockchain ecosystem. Concretely, we propose to unambiguously and provably identify the client implementation used by any protocol participant, and to use this information to incentivize the usage of minority clients by offering higher participation rewards. We outline a detailed blueprint for our conceptual framework, in the realm of Ethereum. Our proposal is a game changer for improving client diversity of blockchains. Ultimately, it applies to strengthening the resilience of any decentralized distributed systems. |
| 2024-11-26 | CrypQ: A Database Benchmark Based on Dynamic, Ever-Evolving Ethereum Data | Vincent Capol et.al. | 2411.17913 | Modern database systems are expected to handle dynamic data whose characteristics may evolve over time. Many popular database benchmarks are limited in their ability to evaluate this dynamic aspect of the database systems. Those that use synthetic data generators often fail to capture the complexity and unpredictable nature of real data, while most real-world datasets are static and difficult to create high-volume, realistic updates for. This paper introduces CrypQ, a database benchmark leveraging dynamic, public Ethereum blockchain data. CrypQ offers a high-volume, ever-evolving dataset reflecting the unpredictable nature of a real and active cryptocurrency market. We detail CrypQ's schema, procedures for creating data snapshots and update sequences, and a suite of relevant SQL queries. As an example, we demonstrate CrypQ's utility in evaluating cost-based query optimizers on complex, evolving data distributions with real-world skewness and dependencies. |
| 2024-12-13 | SoK: Decentralized AI (DeAI) | Zhipeng Wang et.al. | 2411.17461 | link |
| 2024-11-26 | Assessing Vulnerability in Smart Contracts: The Role of Code Complexity Metrics in Security Analysis | Masoud Jamshidiyan Tehrani et.al. | 2411.17343 | link |
| 2024-11-25 | Decentralized Storage And Self-Sovereign Identity For Document-Based Claims | Bruno Gomes et.al. | 2411.16987 | Users increasingly rely on identity providers for accessing online services and resources. However, centralized identity systems often compromise user privacy due to online activity tracking or data breaches. At the same time, many online services require digital copies of physical documents for validation in claims processes, such as providing proof of residence for opening a bank account or verifying medical images for health insurance claims. With centralized solutions, privacy depends entirely on the trusted party, but there are emerging decentralized approaches that offer greater transparency. This article introduces SoverClaim, a decentralized application prototype that empowers users to control their identity and also allows them to present digital documents with privacy. SoverClaim leverages Hyperledger Indy, a blockchain for issuing and presenting self-sovereign digital identities with transparent audit logs, and Storj, a decentralized peer-to-peer service, for secure and decentralized document storage and subsequent deletion. The prototype demonstrates the seamless integration of self-sovereign identities and document-based claims, achieving response times of under 750 ms, making it suitable for timely human interactions. |
| 2024-11-25 | EvoChain: a Recovery Approach for Permissioned Blockchain Applications | Francisco Faria et.al. | 2411.16976 | Blockchain technology supports decentralized, consensus-driven data storage and processing, ensuring integrity and auditability. It is increasingly adopted for use cases with multiple stakeholders with shared ownership scenarios like digital identity and supply chain management. However, real-world deployments face challenges with mistakes and intrusions. This article presents EvoChain, a chaincode framework extension introducing controlled mutability for data redaction and recovery under time-limited or specific conditions. This mechanism allows corrections during a grace period before immutability takes effect. We validated our approach using WineTracker, a Hyperledger Fabric-based supply chain application. It enables some users to cancel unwanted operations while preserving the blockchain security and maintaining data consistency. Performance evaluations showed minimal overhead with functional benefits. |
| 2024-11-25 | Blockchain Meets LLMs: A Living Survey on Bidirectional Integration | Jianghao Gong et.al. | 2411.16809 | In the domain of large language models, considerable advancements have been attained in multimodal large language models and explainability research, propelled by the continuous technological progress and innovation. Nonetheless, security and privacy concerns continue to pose as prominent challenges in this field. The emergence of blockchain technology, marked by its decentralized nature, tamper-proof attributes, distributed storage functionality, and traceability, has provided novel approaches for resolving these issues. Both of these technologies independently hold vast potential for development; yet, their combination uncovers substantial cross-disciplinary opportunities and growth prospects. The current research tendencies are increasingly concentrating on the integration of blockchain with large language models, with the aim of compensating for their respective limitations through this fusion and promoting further technological evolution. In this study, we evaluate the advantages and developmental constraints of the two technologies, and explore the possibility and development potential of their combination. This paper primarily investigates the technical convergence in two directions: Firstly, the application of large language models to blockchain, where we identify six major development directions and explore solutions to the shortcomings of blockchain technology and their application scenarios; Secondly, the application of blockchain technology to large language models, leveraging the characteristics of blockchain to remedy the deficiencies of large language models and exploring its application potential in multiple fields. |
| 2025-01-20 | Proxima. A DAG based cooperative distributed ledger | Evaldas Drasutis et.al. | 2411.16456 | link |
| 2024-11-25 | A Survey of Blockchain-Based Privacy Applications: An Analysis of Consent Management and Self-Sovereign Identity Approaches | Rodrigo Dutra Garcia et.al. | 2411.16404 | Modern distributed applications in healthcare, supply chain, and the Internet of Things handle a large amount of data in a diverse application setting with multiple stakeholders. Such applications leverage advanced artificial intelligence (AI) and machine learning algorithms to automate business processes. The proliferation of modern AI technologies increases the data demand. However, real-world networks often include private and sensitive information of businesses, users, and other organizations. Emerging data-protection regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) introduce policies around collecting, storing, and managing digital data. While Blockchain technology offers transparency, auditability, and immutability for multi-stakeholder applications, it lacks inherent support for privacy. Typically, privacy support is added to a blockchain-based application by incorporating cryptographic schemes, consent mechanisms, and self-sovereign identity. This article surveys the literature on blockchain-based privacy-preserving systems and identifies the tools for protecting privacy. Besides, consent mechanisms and identity management in the context of blockchain-based systems are also analyzed. The article concludes by highlighting the list of open challenges and further research opportunities. |
| 2024-11-25 | FinML-Chain: A Blockchain-Integrated Dataset for Enhanced Financial Machine Learning | Jingfeng Chen et.al. | 2411.16277 | Machine learning is critical for innovation and efficiency in financial markets, offering predictive models and data-driven decision-making. However, challenges such as missing data, lack of transparency, untimely updates, insecurity, and incompatible data sources limit its effectiveness. Blockchain technology, with its transparency, immutability, and real-time updates, addresses these challenges. We present a framework for integrating high-frequency on-chain data with low-frequency off-chain data, providing a benchmark for addressing novel research questions in economic mechanism design. This framework generates modular, extensible datasets for analyzing economic mechanisms such as the Transaction Fee Mechanism, enabling multi-modal insights and fairness-driven evaluations. Using four machine learning techniques, including linear regression, deep neural networks, XGBoost, and LSTM models, we demonstrate the framework's ability to produce datasets that advance financial research and improve understanding of blockchain-driven systems. Our contributions include: (1) proposing a research scenario for the Transaction Fee Mechanism and demonstrating how the framework addresses previously unexplored questions in economic mechanism design; (2) providing a benchmark for financial machine learning by open-sourcing a sample dataset generated by the framework and the code for the pipeline, enabling continuous dataset expansion; and (3) promoting reproducibility, transparency, and collaboration by fully open-sourcing the framework and its outputs. This initiative supports researchers in extending our work and developing innovative financial machine-learning models, fostering advancements at the intersection of machine learning, blockchain, and economics. |
| 2024-11-25 | Data Processing Efficiency Aware User Association and Resource Allocation in Blockchain Enabled Metaverse over Wireless Communications | Liangxin Qian et.al. | 2411.16083 | In the rapidly evolving landscape of the Metaverse, enhanced by blockchain technology, the efficient processing of data has emerged as a critical challenge, especially in wireless communication systems. Addressing this need, our paper introduces the innovative concept of data processing efficiency (DPE), aiming to maximize processed bits per unit of resource consumption in blockchain-empowered Metaverse environments. To achieve this, we propose the DPE-Aware User Association and Resource Allocation (DAUR) algorithm, a tailored solution for these complex systems. The DAUR algorithm transforms the challenging task of optimizing the sum of DPE ratios into a solvable convex optimization problem. It uniquely alternates the optimization of key variables like user association, work offloading ratios, task-specific computing resource distribution, bandwidth allocation, user power usage ratios, and server computing resource allocation ratios. Our extensive numerical results demonstrate the DAUR algorithm's effectiveness in DPE. |
| 2024-11-19 | Transforming Triple-Entry Accounting with Machine Learning: A Path to Enhanced Transparency Through Analytics | Abraham Itzhak Weinberg et.al. | 2411.15190 | Triple Entry (TE) is an accounting method that utilizes three accounts or 'entries' to record each transaction, rather than the conventional double-entry bookkeeping system. Existing studies have found that TE accounting, with its additional layer of verification and disclosure of inter-organizational relationships, could help improve transparency in complex financial and supply chain transactions such as blockchain. Machine learning (ML) presents a promising avenue to augment the transparency advantages of TE accounting. By automating some of the data collection and analysis needed for TE bookkeeping, ML techniques have the potential to make this more transparent accounting method scalable for large organizations with complex international supply chains, further enhancing the visibility and trustworthiness of financial reporting. By leveraging ML algorithms, anomalies within distributed ledger data can be swiftly identified, flagging potential instances of fraud or errors. Furthermore, by delving into transaction relationships over time, ML can untangle intricate webs of transactions, shedding light on obscured dealings and adding an investigative dimension. This paper aims to demonstrate the interaction between TE and ML and how they can leverage transparency levels. |
| 2024-11-21 | Pulsar Consensus | Samer Afach et.al. | 2411.14245 | In this paper, we informally introduce the Pulsar proof of stake consensus paper and discuss the relevant design decisions and considerations. The Pulsar protocol we propose is designed to facilitate the creation of a proof of stake sidechain for a proof of work blockchain. We present an overview of a novel composable density-based chain selection rule for proof of stake systems which can be seen as a superset of some standard existing longest chain rules for proof of stake protocols. We discuss the Pulsar protocol in comparison to existing proof of stake protocols and define its benefits over existing designs while defining the limitations of the work. Pulsar is currently implemented in the Mintlayer proof of stake Bitcoin sidechain. |
| 2024-11-21 | Public sentiments on the fourth industrial revolution: An unsolicited public opinion poll from Twitter | Diletta Abbonato et.al. | 2411.14230 | This article explores public perceptions on the Fourth Industrial Revolution (4IR) through an analysis of social media discourse across six European countries. Using sentiment analysis and machine learning techniques on a dataset of tweets and media articles, we assess how the public reacts to the integration of technologies such as artificial intelligence, robotics, and blockchain into society. The results highlight a significant polarization of opinions, with a shift from neutral to more definitive stances either embracing or resisting technological impacts. Positive sentiments are often associated with technological enhancements in quality of life and economic opportunities, whereas concerns focus on issues of privacy, data security, and ethical implications. This polarization underscores the need for policymakers to engage proactively with the public to address fears and harness the benefits of 4IR technologies. The findings also advocate for digital literacy and public awareness programs to mitigate misinformation and foster an informed public discourse on future technological integration. This study contributes to the ongoing debate on aligning technological advances with societal values and needs, emphasizing the role of informed public opinion in shaping effective policy. |
| 2024-11-21 | A Multi-Layer Blockchain Simulator and Performance Evaluation of Social Internet of Vehicles with Multi-Connectivity Management | Yi-Ting Sun et.al. | 2411.14000 | link |
| 2024-11-20 | Blockchain-Enhanced Framework for Secure Third-Party Vendor Risk Management and Vigilant Security Controls | Deepti Gupta et.al. | 2411.13447 | In an era of heightened digital interconnectedness, businesses increasingly rely on third-party vendors to enhance their operational capabilities. However, this growing dependency introduces significant security risks, making it crucial to develop a robust framework to mitigate potential vulnerabilities. This paper proposes a comprehensive secure framework for managing third-party vendor risk, integrating blockchain technology to ensure transparency, traceability, and immutability in vendor assessments and interactions. By leveraging blockchain, the framework enhances the integrity of vendor security audits, ensuring that vendor assessments remain up-to-date and tamperproof. This proposed framework leverages smart contracts to reduce human error while ensuring real-time monitoring of compliance and security controls. By evaluating critical security controls-such as data encryption, access control mechanisms, multi-factor authentication, and zero-trust architecture-this approach strengthens an organization's defense against emerging cyber threats. Additionally, continuous monitoring enabled by blockchain ensures the immutability and transparency of vendor compliance processes. In this paper, a case study on iHealth's transition to AWS Cloud demonstrates the practical implementation of the framework, showing a significant reduction in vulnerabilities and marked improvement in incident response times. Through the adoption of this blockchain-enabled approach, organizations can mitigate vendor risks, streamline compliance, and enhance their overall security posture. |
| 2025-01-17 | TrustMesh: A Blockchain-Enabled Trusted Distributed Computing Framework for Open Heterogeneous IoT Environments | Murtaza Rangwala et.al. | 2411.13039 | link |
| 2024-11-19 | Resonance: Transaction Fees for Heterogeneous Computation | Maryam Bahrani et.al. | 2411.11789 | Blockchain networks are facing increasingly heterogeneous computational demands, and in response, protocol designers have started building specialized infrastructure to supply that demand. This paper introduces Resonance: a new kind of transaction fee mechanism for the general two-sided market setting (with users on one side and nodes on the other), where both sides of the market exhibit a high degree of heterogeneity. We allow users submitting transactions to have arbitrary valuations for inclusion, nodes responsible for executing transactions to incur arbitrary costs for running any bundle of transactions, and further allow for arbitrary additional constraints on what allocations are valid. These constraints can, for example, be used to prevent state conflicts by requiring transactions that utilize the same part of the network's state to not be executed in parallel. They also enable support for new transaction types, such as transactions that require multiple nodes for execution (e.g. to run multi-party computation for better transaction privacy). Resonance's design utilizes competition among sophisticated brokers to find individualized prices for each transaction and node. We show that at pure Nash equilibria, Resonance finds an efficient outcome and minimizes the need for strategization by users and nodes. It is also budget-balanced, individually rational for all parties, and computationally tractable. |
| 2024-11-16 | Task Offloading for Vehicular Edge Computing Based on Improved Hotstuff under Parking Assistance | Guoling Liang et.al. | 2411.10770 | Parked-assisted vehicular edge computing (PVEC) fully leverages communication and computing resources of parking vehicles, thereby significantly alleviating the pressure on edge servers. However, resource sharing and trading for vehicular task offloading in the PVEC environment usually occur between untrustworthy entities, which compromises the security of data sharing and transactions by vehicles and edge devices. To address these concerns, blockchain is introduced to provide a secure and trustworthy environment for offloading and transactions in PVEC. Nevertheless, due to the mobility of the vehicles, the processes of computing offloading and blockchain transactions are interrupted, which greatly reduces the reliability of the blockchain in edge computing process. In this paper, we propose a blockchain-based PVEC (BPVEC) offloading framework to enhance the security and reliability of the task offloading and transaction. Specifically, a consensus node selection algorithm based on the connected dominating set (CDS) is designed to improve the Hotstuff consensus according to parking time, computing capability and communication quality, which enhances blockchain reliability in computing offloading and transactions. Meanwhile, a Stackelberg game model, establishing the roadside units (RSUs) and parking vehicles (PVs) as leaders and the requesting vehicles (RVs) as follower, is utilized to optimize the offloading strategy and pricing. Subsequently, a BPVEC offloading strategy algorithm with gradient descent method is designed to maximize system revenue. Simulation results show that the proposed BPVEC offloading scheme is secure and reliable while ensuring maximum benefits. |
| 2024-11-15 | How the interplay between power concentration, competition, and propagation affects the resource efficiency of distributed ledgers | Paolo Barucca et.al. | 2411.10249 | link |
| 2024-11-15 | Omnichain Web: The Universal Framework for Streamlined Chain Abstraction and Cross-Layer Interaction | Hardik Gajera et.al. | 2411.10132 | The evolution of the Web3 ecosystem has been hindered by fragmented liquidity and limited interoperability across Layer 1 (L1) and Layer 2 (L2) blockchains, which leads to inefficiencies and elevated costs. Omnichain Web addresses these challenges by introducing a comprehensive framework to unify decentralized networks through its core components: OmniRollups, Proof Network, Ragno Network, and Builder Marketplace. This ecosystem enables seamless cross-chain asset settlement, interoperability, and user-friendly decentralized application (dApp) development, driven by innovative technologies such as modular proof networks and trusted execution environments (TEEs). By integrating advanced zero-knowledge proof systems and compatibility with AI agents, Omnichain Web empowers intent-driven and autonomous functionalities, streamlining liquidity management and user interactions across blockchains. Furthermore, its decentralized marketplace for L1 infrastructure reduces operational overhead and promotes scalable, secure, and efficient cross-chain protocols. As a pioneering solution, Omnichain Web seamlessly connects Web2 and Web3, enabling a holistic and interconnected digital economy. |
| 2024-11-15 | Strategic Roadmap for Quantum- Resistant Security: A Framework for Preparing Industries for the Quantum Threat | Arit Kumar Bishwas et.al. | 2411.09995 | As quantum computing continues to advance, its ability to compromise widely used cryptographic systems projects a significant challenge to modern cybersecurity. This paper outlines a strategic roadmap for industries to anticipate and mitigate the risks posed by quantum attacks. Our study explores the development of a quantum-resistant cryptographic solutioning framework for the industry, offering a practical and strategic approach to mitigating quantum attacks. We, here, propose a novel strategic framework, coined name STL-QCRYPTO, outlines tailored, industry-specific methodologies to implement quantum-safe security systems, ensuring long-term protection against the disruptive potential of quantum computing. The following fourteen high-risk sectors: Financial Services, Banking, Healthcare, Critical Infrastructure, Government & Defence, E-commerce, Energy & Utilities, Automotive & Transportation, Cloud Computing & Data Storage, Insurance, Internet & Telecommunications, Blockchain Applications, Metaverse Applications, and Multiagent AI Systems - are critically assessed for their vulnerability to quantum threats. The evaluation emphasizes practical approaches for the deployment of quantum-safe security systems to safeguard these industries against emerging quantum-enabled cyber risks. Additionally, the paper addresses the technical, operational, and regulatory hurdles associated with adopting quantum-resistant technologies. By presenting a structured timeline and actionable recommendations, this roadmap with proposed framework prepares industries with the essential strategy to safeguard their potential security threats in the quantum computing era. |
| 2025-01-25 | SoK: Consensus for Fair Message Ordering | Zhuolun Li et.al. | 2411.09981 | Distributed ledger systems, such as blockchains, rely on consensus protocols that constantly commit messages in an agreed order for processing. In practice, message ordering within these systems is often reward-driven. This raises concerns about fairness, particularly in decentralized finance applications, where nodes can exploit transaction orders to maximize rewards (Maximal Extractable Value, MEV). This paper provides a structured review of consensus protocols that order messages with different approaches, especially focusing on the ones that promote order fairness, using methods including First-In-First-Out (FIFO), random, and blind ordering. We review the challenges and trade-offs of deriving fair message ordering in a Byzantine fault-tolerant setting, and summarize the key steps for making a fair message ordering consensus protocol. We introduce a design guideline, with which we propose a performance optimization to the state-of-the-art FIFO ordering protocol Themis. This work establishes a unified framework for accessing and enhancing fairness in distributed ledger systems. |
| 2024-11-14 | Scalable Readability Evaluation for Graph Layouts: 2D Geometric Distributed Algorithms | Sanggeon Yun et.al. | 2411.09809 | Graphs, consisting of vertices and edges, are vital for representing complex relationships in fields like social networks, finance, and blockchain. Visualizing these graphs helps analysts identify structural patterns, with readability metrics-such as node occlusion and edge crossing-assessing layout clarity. However, calculating these metrics is computationally intensive, making scalability a challenge for large graphs. Without efficient readability metrics, layout generation processes-despite numerous studies focused on accelerating them-face bottleneck, making it challenging to select or produce optimized layouts swiftly. Previous approaches attempted to accelerate this process through machine learning models. Machine learning approaches aimed to predict readability scores from rendered images of graphs. While these models offered some improvement, they struggled with scalability and accuracy, especially for graphs with thousands of nodes. For instance, this approach requires substantial memory to process large images, as it relies on rendered images of the graph; graphs with more than 600 nodes cannot be inputted into the model, and errors can exceed 55% in some readability metrics due to difficulties in generalizing across diverse graph layouts. This study addresses these limitations by introducing scalable algorithms for readability evaluation in distributed environments, utilizing Spark's DataFrame and GraphFrame frameworks to efficiently manage large data volumes across multiple machines. Experimental results show that these distributed algorithms significantly reduce computation time, achieving up to a 17x speedup for node occlusion and a 146x improvement for edge crossing on large datasets. These enhancements make scalable graph readability evaluation practical and efficient, overcoming the limitations of previous machine-learning approaches. |
| 2024-11-14 | Efficient and Secure Cross-Domain Data-Sharing for Resource-Constrained Internet of Things | Kexian Liu et.al. | 2411.09229 | The growing complexity of Internet of Things (IoT) environments, particularly in cross-domain data sharing, presents significant security challenges. Existing data-sharing schemes often rely on computationally expensive cryptographic operations and centralized key management, limiting their effectiveness for resource-constrained devices. To address these issues, we propose an efficient, secure blockchain-based data-sharing scheme. First, our scheme adopts a distributed key generation method, which avoids single point of failure. This method also allows independent pseudonym generation and key updates, enhancing authentication flexibility while reducing computational overhead. Additionally, the scheme provides a complete data-sharing process, covering data uploading, storage, and sharing, while ensuring data traceability, integrity, and privacy. Security analysis shows that the proposed scheme is theoretically secure and resistant to various attacks, while performance evaluations demonstrate lower computational and communication overhead compared to existing solutions, making it both secure and efficient for IoT applications. |
| 2024-11-14 | SmartInv: Multimodal Learning for Smart Contract Invariant Inference | Sally Junsong Wang et.al. | 2411.09217 | Smart contracts are software programs that enable diverse business activities on the blockchain. Recent research has identified new classes of "machine un-auditable" bugs that arise from both transactional contexts and source code. Existing detection methods require human understanding of underlying transaction logic and manual reasoning across different sources of context (i.e. modalities), such as code, dynamic transaction executions, and natural language specifying the expected transaction behavior. To automate the detection of machine un-auditable'' bugs, we present SmartInv, an accurate and fast smart contract invariant inference framework. Our key insight is that the expected behavior of smart contracts, as specified by invariants, relies on understanding and reasoning across multimodal information, such as source code and natural language. We propose a new prompting strategy to foundation models, Tier of Thought (ToT), to reason across multiple modalities of smart contracts and ultimately to generate invariants. By checking the violation of these generated invariants, SmartInv can identify potential vulnerabilities. We evaluate SmartInv on real-world contracts and re-discover bugs that resulted in multi-million dollar losses over the past 2.5 years (from January 1, 2021 to May 31, 2023). Our extensive evaluation shows that SmartInv generates (3.5X) more bug-critical invariants and detects (4 $\times$ ) more critical bugs compared to the state-of-the-art tools in significantly (150X) less time. \sys uncovers 119 zero-day vulnerabilities from the 89,621 real-world contracts. Among them, five are critical zero-day bugs confirmed by developers as high severity.'' |
| 2024-11-13 | Towards Secure Intelligent O-RAN Architecture: Vulnerabilities, Threats and Promising Technical Solutions using LLMs | Mojdeh Karbalaee Motalleb et.al. | 2411.08640 | The evolution of wireless communication systems will be fundamentally impacted by an open radio access network (O-RAN), a new concept defining an intelligent architecture with enhanced flexibility, openness, and the ability to slice services more efficiently. For all its promises, and like any technological advancement, O-RAN is not without risks that need to be carefully assessed and properly addressed to accelerate its wide adoption in future mobile networks. In this paper, we present an in-depth security analysis of the O-RAN architecture, discussing the potential threats that may arise in the different O-RAN architecture layers and their impact on the Confidentiality, Integrity, and Availability (CIA) triad. We also promote the potential of zero trust, Moving Target Defense (MTD), blockchain, and large language models(LLM) technologies in fortifying O-RAN's security posture. Furthermore, we numerically demonstrate the effectiveness of MTD in empowering robust deep reinforcement learning methods for dynamic network slice admission control in the O-RAN architecture. Moreover, we examine the effect of explainable AI (XAI) based on LLMs in securing the system. |
| 2024-11-13 | DecentPeeR: A Self-Incentivised & Inclusive Decentralized Peer Review System | Johannes Gruendler et.al. | 2411.08450 | Peer review, as a widely used practice to ensure the quality and integrity of publications, lacks a well-defined and common mechanism to self-incentivize virtuous behavior across all the conferences and journals. This is because information about reviewer efforts and author feedback typically remains local to a single venue, while the same group of authors and reviewers participate in the publication process across many venues. Previous attempts to incentivize the reviewing process assume that the quality of reviews and papers authored correlate for the same person, or they assume that the reviewers can receive physical rewards for their work. In this paper, we aim to keep track of reviewing and authoring efforts by users (who review and author) across different venues while ensuring self-incentivization. We show that our system, DecentPeeR, incentivizes reviewers to behave according to the rules, i.e., it has a unique Nash equilibrium in which virtuous behavior is rewarded. |
| 2024-11-13 | A Fully Local Last-Generated Rule in a Blockchain | Akira Sakurai et.al. | 2411.08439 | An effective method for suppressing intentional forks in a blockchain is the last-generated rule, which selects the most recent chain as the main chain in the event of a chain tie. This rule helps invalidate blocks that are withheld by adversaries for a certain period. However, existing last-generated rules face an issue in that their applications to the system are not fully localized. In conservative cryptocurrency systems such as Bitcoin, it is desirable for methods to be applied in a fully local manner. In this paper, we propose a locally applicable last-generated rule. Our method is straightforward and is based on a relative time reference. By conservatively setting the upper bound for the clock skews |
| 2024-11-18 | SoliDiffy: AST Differencing for Solidity Smart Contracts | Mojtaba Eshghie et.al. | 2411.07718 | link |
| 2024-11-12 | A Performance Analysis of BFT Consensus for Blockchains | J. D. Chan et.al. | 2411.07622 | Distributed ledgers are common in the industry. Some of them can use blockchains as their underlying infrastructure. A blockchain requires participants to agree on its contents. This can be achieved via a consensus protocol, and several BFT (Byzantine Fault Tolerant) protocols have been proposed for this purpose. How do these protocols differ in performance? And how is this difference affected by the communication network? Moreover, such a protocol would need a timer to ensure progress, but how should the timer be set? This paper presents an analytical model to address these and related issues in the case of crash faults. Specifically, it focuses on two consensus protocols (Istanbul BFT and HotStuff) and two network topologies (Folded-Clos and Dragonfly). The model provides closed-form expressions for analyzing how the timer value and number of participants, faults and switches affect the consensus time. The formulas and analyses are validated with simulations. The conclusion offers some tips for analytical modeling of such protocols. |
| 2024-11-12 | Dynamic Evolutionary Game Analysis of How Fintech in Banking Mitigates Risks in Agricultural Supply Chain Finance | Qiang Wan et.al. | 2411.07604 | This paper explores the impact of banking fintech on reducing financial risks in the agricultural supply chain, focusing on the secondary allocation of commercial credit. The study constructs a three-player evolutionary game model involving banks, core enterprises, and SMEs to analyze how fintech innovations, such as big data credit assessment, blockchain, and AI-driven risk evaluation, influence financial risks and access to credit. The findings reveal that banking fintech reduces financing costs and mitigates financial risks by improving transaction reliability, enhancing risk identification, and minimizing information asymmetry. By optimizing cooperation between banks, core enterprises, and SMEs, fintech solutions enhance the stability of the agricultural supply chain, contributing to rural revitalization goals and sustainable agricultural development. The study provides new theoretical insights and practical recommendations for improving agricultural finance systems and reducing financial risks. Keywords: banking fintech, agricultural supply chain, financial risk, commercial credit, SMEs, evolutionary game model, big data, blockchain, AI-driven risk evaluation. |
| 2024-12-18 | Semantic Sleuth: Identifying Ponzi Contracts via Large Language Models | Cong Wu et.al. | 2411.07498 | Smart contracts, self-executing agreements directly encoded in code, are fundamental to blockchain technology, especially in decentralized finance (DeFi) and Web3. However, the rise of Ponzi schemes in smart contracts poses significant risks, leading to substantial financial losses and eroding trust in blockchain systems. Existing detection methods, such as PonziGuard, depend on large amounts of labeled data and struggle to identify unseen Ponzi schemes, limiting their reliability and generalizability. In contrast, we introduce PonziSleuth, the first LLM-driven approach for detecting Ponzi smart contracts, which requires no labeled training data. PonziSleuth utilizes advanced language understanding capabilities of LLMs to analyze smart contract source code through a novel two-step zero-shot chain-of-thought prompting technique. Our extensive evaluation on benchmark datasets and real-world contracts demonstrates that PonziSleuth delivers comparable, and often superior, performance without the extensive data requirements, achieving a balanced detection accuracy of 96.06% with GPT-3.5-turbo, 93.91% with LLAMA3, and 94.27% with Mistral. In real-world detection, PonziSleuth successfully identified 15 new Ponzi schemes from 4,597 contracts verified by Etherscan in March 2024, with a false negative rate of 0% and a false positive rate of 0.29%. These results highlight PonziSleuth's capability to detect diverse and novel Ponzi schemes, marking a significant advancement in leveraging LLMs for enhancing blockchain security and mitigating financial scams. |
| 2024-12-18 | DynaShard: Secure and Adaptive Blockchain Sharding Protocol with Hybrid Consensus and Dynamic Shard Management | Ao Liu et.al. | 2411.06895 | Blockchain sharding has emerged as a promising solution to the scalability challenges in traditional blockchain systems by partitioning the network into smaller, manageable subsets called shards. Despite its potential, existing sharding solutions face significant limitations in handling dynamic workloads, ensuring secure cross-shard transactions, and maintaining system integrity. To address these gaps, we propose DynaShard, a dynamic and secure cross-shard transaction processing mechanism designed to enhance blockchain sharding efficiency and security. DynaShard combines adaptive shard management, a hybrid consensus approach, plus an efficient state synchronization and dispute resolution protocol. Our performance evaluation, conducted using a robust experimental setup with real-world network conditions and transaction workloads, demonstrates DynaShard's superior throughput, reduced latency, and improved shard utilization compared to the FTBS method. Specifically, DynaShard achieves up to a 42.6% reduction in latency and a 78.77% improvement in shard utilization under high transaction volumes and varying cross-shard transaction ratios. These results highlight DynaShard's ability to outperform state-of-the-art sharding methods, ensuring scalable and resilient blockchain systems. We believe that DynaShard's innovative approach will significantly impact future developments in blockchain technology, paving the way for more efficient and secure distributed systems. |
| 2024-11-10 | A Next-Generation Approach to Airline Reservations: Integrating Cloud Microservices with AI and Blockchain for Enhanced Operational Performance | Biman Barua et.al. | 2411.06538 | This research proposes the development of a next generation airline reservation system that incorporates the Cloud microservices, distributed artificial intelligence modules and the blockchain technology to improve on the efficiency, safety and customer satisfaction. The traditional reservation systems encounter issues related to the expansion of the systems, the integrity of the data provided and the level of service offered to the customers, which is the main focus of this architecture through the modular and data centric design approaches. This will allow different operations such as reservations, payments, and customer data management among others to be performed separately thereby facilitating high availability of the system by 30% and enhancing performance of the system by 40% on its scalability. Such systems contain AI driven modules that utilize the past booking patterns along with the profile of the customer to estimate the demand and make recommendations, which increases to 25 % of customer engagement. Moreover, blockchain is effective in engaging an incorruptible ledger system for the all transactions therefore mitigating fraud incidences and increasing the clarity by 20%. The system was subjected to analysis using a simulator and using machine learning evaluations that rated it against other conventional systems. The results show that there were clear enhancements in the speed of transactions where the rates of secure data processing rose by 35%, and the system response time by 15 %. The system can also be used for other high transaction industries like logistics and hospitality. This structural design is indicative of how the use of advanced technologies will revolutionize the airline reservation sector. The implications are growing effectiveness, improvement in security and greater customer contentment. |
| 2024-11-10 | Will Central Bank Digital Currencies (CBDC) and Blockchain Cryptocurrencies Coexist in the Post Quantum Era? | Abraham Itzhak Weinberg et.al. | 2411.06362 | This paper explores the coexistence possibilities of Central Bank Digital Currencies (CBDCs) and blockchain-based cryptocurrencies within a post-quantum computing landscape. It examines the implications of emerging quantum algorithms and cryptographic techniques such as Multi-Party Computation (MPC) and Oblivious Transfer (OT). While exploring how CBDCs and cryptocurrencies might integrate defenses like post-quantum cryptography, it highlights the substantial hurdles in transitioning legacy systems and fostering widespread adoption of new standards. The paper includes comprehensive evaluations of CBDCs in a quantum context. It also features comparisons to alternative cryptocurrency models. Additionally, the paper provides insightful analyses of pertinent quantum methodologies. Examinations of interfaces between these methods and blockchain architectures are also included. The paper carries out considered appraisals of quantum threats and their relevance for cryptocurrency schemes. Furthermore, it features discussions of the influence of anticipated advances in quantum computing on algorithms and their applications. The paper renders the judicious conclusion that long-term coexistence is viable provided challenges are constructively addressed through ongoing collaborative efforts to validate solutions and guide evolving policies. |
| 2024-11-09 | Smart-LLaMA: Two-Stage Post-Training of Large Language Models for Smart Contract Vulnerability Detection and Explanation | Lei Yu et.al. | 2411.06221 | With the rapid development of blockchain technology, smart contract security has become a critical challenge. Existing smart contract vulnerability detection methods face three main issues: (1) Insufficient quality of datasets, lacking detailed explanations and precise vulnerability locations. (2) Limited adaptability of large language models (LLMs) to the smart contract domain, as most LLMs are pre-trained on general text data but minimal smart contract-specific data. (3) Lack of high-quality explanations for detected vulnerabilities, as existing methods focus solely on detection without clear explanations. These limitations hinder detection performance and make it harder for developers to understand and fix vulnerabilities quickly, potentially leading to severe financial losses. To address these problems, we propose Smart-LLaMA, an advanced detection method based on the LLaMA language model. First, we construct a comprehensive dataset covering four vulnerability types with labels, detailed explanations, and precise vulnerability locations. Second, we introduce Smart Contract-Specific Continual Pre-Training, using raw smart contract data to enable the LLM to learn smart contract syntax and semantics, enhancing their domain adaptability. Furthermore, we propose Explanation-Guided Fine-Tuning, which fine-tunes the LLM using paired vulnerable code and explanations, enabling both vulnerability detection and reasoned explanations. We evaluate explanation quality through LLM and human evaluation, focusing on Correctness, Completeness, and Conciseness. Experimental results show that Smart-LLaMA outperforms state-of-the-art baselines, with average improvements of 6.49% in F1 score and 3.78% in accuracy, while providing reliable explanations. |
| 2024-11-09 | BM-PAW: A Profitable Mining Attack in the PoW-based Blockchain System | Junjie Hu et.al. | 2411.06187 | Mining attacks enable an adversary to procure a disproportionately large portion of mining rewards by deviating from honest mining practices within the PoW-based blockchain system. In this paper, we demonstrate that the security vulnerabilities of PoW-based blockchain extend beyond what these mining attacks initially reveal. We introduce a novel mining strategy, named BM-PAW, which yields superior rewards for both the attacker and the targeted pool compared to the state-of-the-art mining attack: PAW. Our analysis reveals that BM-PAW attackers are incentivized to offer appropriate bribe money to other targets, as they comply with the attacker's directives upon receiving payment. We find the BM-PAW attacker can circumvent the "miner's dilemma" through equilibrium analysis in a two-pool BM-PAW game scenario, wherein the outcome is determined by the attacker's mining power. We finally propose practical countermeasures to mitigate these novel pool attacks. |
| 2024-11-09 | A Sharded Blockchain-Based Secure Federated Learning Framework for LEO Satellite Networks | Wenbo Wu et.al. | 2411.06137 | Low Earth Orbit (LEO) satellite networks are increasingly essential for space-based artificial intelligence (AI) applications. However, as commercial use expands, LEO satellite networks face heightened cyberattack risks, especially through satellite-to-satellite communication links, which are more vulnerable than ground-based connections. As the number of operational satellites continues to grow, addressing these security challenges becomes increasingly critical. Traditional approaches, which focus on sending models to ground stations for validation, often overlook the limited communication windows available to LEO satellites, leaving critical security risks unaddressed. To tackle these challenges, we propose a sharded blockchain-based federated learning framework for LEO networks, called SBFL-LEO. This framework improves the reliability of inter-satellite communications using blockchain technology and assigns specific roles to each satellite. Miner satellites leverage cosine similarity (CS) and Density-Based Spatial Clustering of Applications with Noise (DBSCAN) to identify malicious models and monitor each other to detect inaccurate aggregated models. Security analysis and experimental results demonstrate that our approach outperforms baseline methods in both model accuracy and energy efficiency, significantly enhancing system robustness against attacks. |
| 2024-11-07 | Analysis of Blockchain Assisted Energy Sharing Algorithms with Realistic Data Across Microgrids | Abdulrezzak Zekiye et.al. | 2411.04538 | With escalating energy demands, innovative solutions have emerged to supply energy affordably and sustainably. Energy sharing has also been proposed as a solution, addressing affordability issues while reducing consumers' greed. In this paper, we analyse the feasibility of two energy sharing algorithms, centralized and peer-to-peer, within two scenarios, between microgrids within a county, and between microgrids across counties. In addition, we propose a new sharing algorithm named Selfish Sharing, where prosumers take advantage of consumers' batteries in return for letting them consume part of the shared energy. The results for sharing between microgrids across counties show that the dependency on the grid could be reduced by approximately 5.72%, 6.12%, and 5.93% using the centralized, peer-to-peer and selfish sharing algorithms respectively, compared to trading only. The scenario of sharing between microgrids within a county has an average decrease in dependency on the grid by 5.66%, 6.0%, and 5.80% using the centralized, peer-to-peer and selfish algorithms respectively, compared to trading without sharing. We found that trading with batteries and the proposed sharing algorithms prove to be beneficial in the sharing between microgrids case. More specifically, the case of trading and sharing energy between microgrids across counties outperforms sharing within a county, with P2P sharing appearing to be superior. |
| 2024-11-08 | Towards Secured Smart Grid 2.0: Exploring Security Threats, Protection Models, and Challenges | Lan-Huong Nguyen et.al. | 2411.04365 | Many nations are promoting the green transition in the energy sector to attain neutral carbon emissions by 2050. Smart Grid 2.0 (SG2) is expected to explore data-driven analytics and enhance communication technologies to improve the efficiency and sustainability of distributed renewable energy systems. These features are beyond smart metering and electric surplus distribution in conventional smart grids. Given the high dependence on communication networks to connect distributed microgrids in SG2, potential cascading failures of connectivity can cause disruption to data synchronization to the remote control systems. This paper reviews security threats and defense tactics for three stakeholders: power grid operators, communication network providers, and consumers. Through the survey, we found that SG2's stakeholders are particularly vulnerable to substation attacks/vandalism, malware/ransomware threats, blockchain vulnerabilities and supply chain breakdowns. Furthermore, incorporating artificial intelligence (AI) into autonomous energy management in distributed energy resources of SG2 creates new challenges. Accordingly, adversarial samples and false data injection on electricity reading and measurement sensors at power plants can fool AI-powered control functions and cause messy error-checking operations in energy storage, wrong energy estimation in electric vehicle charging, and even fraudulent transactions in peer-to-peer energy trading models. Scalable blockchain-based models, physical unclonable function, interoperable security protocols, and trustworthy AI models designed for managing distributed microgrids in SG2 are typical promising protection models for future research. |
| 2024-11-06 | WiP: Towards a Secure SECP256K1 for Crypto Wallets: Hardware Architecture and Implementation | Joel Poncha Lemayian et.al. | 2411.03910 | The SECP256K1 elliptic curve algorithm is fundamental in cryptocurrency wallets for generating secure public keys from private keys, thereby ensuring the protection and ownership of blockchain-based digital assets. However, the literature highlights several successful side-channel attacks on hardware wallets that exploit SECP256K1 to extract private keys. This work proposes a novel hardware architecture for SECP256K1, optimized for side-channel attack resistance and efficient resource utilization. The architecture incorporates complete addition formulas, temporary registers, and parallel processing techniques, making elliptic curve point addition and doubling operations indistinguishable. Implementation results demonstrate an average reduction of 45% in LUT usage compared to similar works, emphasizing the design's resource efficiency. |
| 2024-11-13 | OML: Open, Monetizable, and Loyal AI | Zerui Cheng et.al. | 2411.03887 | Artificial Intelligence (AI) has steadily improved across a wide range of tasks. However, the development and deployment of AI are almost entirely controlled by a few powerful organizations that are racing to create Artificial General Intelligence (AGI). The centralized entities make decisions with little public oversight, shaping the future of humanity, often with unforeseen consequences. In this paper, we propose OML, which stands for Open, Monetizable, and Loyal AI, an approach designed to democratize AI development. OML is realized through an interdisciplinary framework spanning AI, blockchain, and cryptography. We present several ideas for constructing OML using technologies such as Trusted Execution Environments (TEE), traditional cryptographic primitives like fully homomorphic encryption and functional encryption, obfuscation, and AI-native solutions rooted in the sample complexity and intrinsic hardness of AI tasks. A key innovation of our work is introducing a new scientific field: AI-native cryptography. Unlike conventional cryptography, which focuses on discrete data and binary security guarantees, AI-native cryptography exploits the continuous nature of AI data representations and their low-dimensional manifolds, focusing on improving approximate performance. One core idea is to transform AI attack methods, such as data poisoning, into security tools. This novel approach serves as a foundation for OML 1.0 which uses model fingerprinting to protect the integrity and ownership of AI models. The spirit of OML is to establish a decentralized, open, and transparent platform for AI development, enabling the community to contribute, monetize, and take ownership of AI models. By decentralizing control and ensuring transparency through blockchain technology, OML prevents the concentration of power and provides accountability in AI development that has not been possible before. |
| 2024-11-06 | Attribute-Based Encryption With Payable Outsourced Decryption Using Blockchain and Responsive Zero Knowledge Proof | Dongliang Cai et.al. | 2411.03844 | Attribute-Based Encryption (ABE) is a promising solution for access control in cloud services. However, the heavy decryption overhead hinders its widespread adoption. A general approach to address this issue is to outsource decryption to decryption cloud service(DCS). Existing schemes have utilized various methods to enable users to verify outsourced results; however, they lack an effective mechanism to achieve exemptibility which enables the honest DCS to escape from wrong claims. And it is impractical to assume that the DCS will provide free services. In this paper, we propose a blockchain-based payable outsourced decryption ABE scheme that achieves both verifiability and exemptibility without adding redundant information to ABE ciphertext. We use zero-knowledge proof to verify outsourced results on blockchain and introduce an optional single-round challenge game under optimistic assumption to address the high cost of proof generation. Moreover, our system achieves fairness and decentralized outsourcing to protect the interests of all parties. Finally, we implement and evaluate our scheme on Ethereum to demonstrate its feasibility and efficiency, the gas usage in attribute numbers from 5 to 60 is 11 |
| 2024-11-05 | Blockchain-Based Multi-Path Mobile Access Point Selection for Secure 5G VANETs | Zhiou Zhang et.al. | 2411.03371 | This letter presents a blockchain-based multi-path mobile access point (MAP) selection strategy for secure 5G vehicular ad-hoc networks (VANETs). The proposed method leverages blockchain technology for decentralized, transparent, and secure MAP selection, while the multi-path transmission strategy enhances network reliability and reduces communication delays. A trust-based attack detection mechanism is integrated to ensure network security. Simulation results demonstrate that the proposed algorithm reduces both handover frequency and average communication delay by over 80%, and successfully identifies and excludes more than 95% of Sybil nodes, ensuring reliable and secure communication in highly dynamic vehicular environments. |
| 2024-11-05 | Instant Resonance: Dual Strategy Enhances the Data Consensus Success Rate of Blockchain Threshold Signature Oracles | Youquan Xian et.al. | 2411.02945 | With the rapid development of Decentralized Finance (DeFi) and Real-World Assets (RWA), the importance of blockchain oracles in real-time data acquisition has become increasingly prominent. Using cryptographic techniques, threshold signature oracles can achieve consensus on data from multiple nodes and provide corresponding proofs to ensure the credibility and security of the information. However, in real-time data acquisition, threshold signature methods face challenges such as data inconsistency and low success rates in heterogeneous environments, which limit their practical application potential. To address these issues, this paper proposes an innovative dual-strategy approach to enhance the success rate of data consensus in blockchain threshold signature oracles. Firstly, we introduce a Representative Enhanced Aggregation Strategy (REP-AG) that improves the representativeness of data submitted by nodes, ensuring consistency with data from other nodes, and thereby enhancing the usability of threshold signatures. Additionally, we present a Timing Optimization Strategy (TIM-OPT) that dynamically adjusts the timing of nodes' access to data sources to maximize consensus success rates. Experimental results indicate that REP-AG improves the aggregation success rate by approximately 56.6% compared to the optimal baseline, while the implementation of TIM-OPT leads to an average increase of approximately 32.9% in consensus success rates across all scenarios. |
| 2024-11-05 | FedBlock: A Blockchain Approach to Federated Learning against Backdoor Attacks | Duong H. Nguyen et.al. | 2411.02773 | Federated Learning (FL) is a machine learning method for training with private data locally stored in distributed machines without gathering them into one place for central learning. Despite its promises, FL is prone to critical security risks. First, because FL depends on a central server to aggregate local training models, this is a single point of failure. The server might function maliciously. Second, due to its distributed nature, FL might encounter backdoor attacks by participating clients. They can poison the local model before submitting to the server. Either type of attack, on the server or the client side, would severely degrade learning accuracy. We propose FedBlock, a novel blockchain-based FL framework that addresses both of these security risks. FedBlock is uniquely desirable in that it involves only smart contract programming, thus deployable atop any blockchain network. Our framework is substantiated with a comprehensive evaluation study using real-world datasets. Its robustness against backdoor attacks is competitive with the literature of FL backdoor defense. The latter, however, does not address the server risk as we do. |
| 2024-11-05 | Carbon price fluctuation prediction using blockchain information A new hybrid machine learning approach | H. Wang et.al. | 2411.02709 | In this study, the novel hybrid machine learning approach is proposed in carbon price fluctuation prediction. Specifically, a research framework integrating DILATED Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) neural network algorithm is proposed. The advantage of the combined framework is that it can make feature extraction more efficient. Then, based on the DILATED CNN-LSTM framework, the L1 and L2 parameter norm penalty as regularization method is adopted to predict. Referring to the characteristics of high correlation between energy indicator price and blockchain information in previous literature, and we primarily includes indicators related to blockchain information through regularization process. Based on the above methods, this paper uses a dataset containing an amount of data to carry out the carbon price prediction. The experimental results show that the DILATED CNN-LSTM framework is superior to the traditional CNN-LSTM architecture. Blockchain information can effectively predict the price. Since parameter norm penalty as regularization, Ridge Regression (RR) as L2 regularization is better than Smoothly Clipped Absolute Deviation Penalty (SCAD) as L1 regularization in price forecasting. Thus, the proposed RR-DILATED CNN-LSTM approach can effectively and accurately predict the fluctuation trend of the carbon price. Therefore, the new forecasting methods and theoretical ecology proposed in this study provide a new basis for trend prediction and evaluating digital assets policy represented by the carbon price for both the academia and practitioners. |
| 2024-11-04 | Taming the Beast of User-Programmed Transactions on Blockchains: A Declarative Transaction Approach | Nodirbek Korchiev et.al. | 2411.02597 | Blockchains are being positioned as the "technology of trust" that can be used to mediate transactions between non-trusting parties without the need for a central authority. They support transaction types that are native to the blockchain platform or user-defined via user programs called smart contracts. Despite the significant flexibility in transaction programmability that smart contracts offer, they pose several usability, robustness, and performance challenges. This paper proposes an alternative transaction framework that incorporates more primitives into the native set of transaction types (reducing the likelihood of requiring user-defined transaction programs often). The framework is based on the concept of declarative blockchain transactions whose strength lies in the fact that it addresses several of the limitations of smart contracts simultaneously. A formal and implementation framework is presented, and a subset of commonly occurring transaction behaviors are modeled and implemented as use cases, using an open-source blockchain database, BigchchainDB, as the implementation context. A performance study comparing the declarative transaction approach to equivalent smart contract transaction models reveals several advantages of the proposed approach. |
| 2024-11-04 | Digital Twin-Assisted Federated Learning with Blockchain in Multi-tier Computing Systems | Yongyi Tang et.al. | 2411.02323 | In Industry 4.0 systems, a considerable number of resource-constrained Industrial Internet of Things (IIoT) devices engage in frequent data interactions due to the necessity for model training, which gives rise to concerns pertaining to security and privacy. In order to address these challenges, this paper considers a digital twin (DT) and blockchain-assisted federated learning (FL) scheme. To facilitate the FL process, we initially employ fog devices with abundant computational capabilities to generate DT for resource-constrained edge devices, thereby aiding them in local training. Subsequently, we formulate an FL delay minimization problem for FL, which considers both of model transmission time and synchronization time, also incorporates cooperative jamming to ensure secure synchronization of DT. To address this non-convex optimization problem, we propose a decomposition algorithm. In particular, we introduce upper limits on the local device training delay and the effects of aggregation jamming as auxiliary variables, thereby transforming the problem into a convex optimization problem that can be decomposed for independent solution. Finally, a blockchain verification mechanism is employed to guarantee the integrity of the model uploading throughout the FL process and the identities of the participants. The final global model is obtained from the verified local and global models within the blockchain through the application of deep learning techniques. The efficacy of our proposed cooperative interference-based FL process has been verified through numerical analysis, which demonstrates that the integrated DT blockchain-assisted FL scheme significantly outperforms the benchmark schemes in terms of execution time, block optimization, and accuracy. |
| 2024-11-04 | Fuzzing Processing Pipelines for Zero-Knowledge Circuits | Christoph Hochrainer et.al. | 2411.02077 | Zero-knowledge (ZK) protocols have recently found numerous practical applications, such as in authentication, online-voting, and blockchain systems. These protocols are powered by highly complex pipelines that process deterministic programs, called circuits, written in one of many domain-specific programming languages, e.g., Circom, Noir, and others. Logic bugs in circuit-processing pipelines could have catastrophic consequences and cause significant financial and reputational damage. As an example, consider that a logic bug in a ZK pipeline could result in attackers stealing identities or assets. It is, therefore, critical to develop effective techniques for checking their correctness. In this paper, we present the first systematic fuzzing technique for ZK pipelines, which uses metamorphic test oracles to detect critical logic bugs. We have implemented our technique in an open-source tool called Circuzz. We used Circuzz to test four significantly different ZK pipelines and found a total of 16 logic bugs in all pipelines. Due to their critical nature, 15 of our bugs have already been fixed by the pipeline developers. |
| 2024-11-04 | Advancing DeFi Analytics: Efficiency Analysis with Decentralized Exchanges Comparison Service | Evgenii Onishchuk et.al. | 2411.01950 | This empirical study presents the Decentralized Exchanges Comparison Service (DECS), a novel tool developed by 1inch Analytics to assess exchange efficiency in decentralized finance. The DECS utilizes swap transaction monitoring and simulation techniques to provide unbiased comparisons of swap rates across various DEXes and aggregators. Analysis of almost 1.2 million transactions across multiple blockchain networks demonstrates that both 1inch Classic and 1inch Fusion consistently outperform competitors. These findings not only validate 1inch's superior rates but also provide valuable insights for continuous protocol optimization and underscore the critical role of data-driven decision-making in advancing DeFi infrastructure. |
| 2024-11-03 | Token Composition: A Graph Based on EVM Logs | Martin Harrigan et.al. | 2411.01693 | link |
| 2024-11-01 | 3-Slot-Finality Protocol for Ethereum | Francesco D'Amato et.al. | 2411.00558 | Gasper, the consensus protocol currently employed by Ethereum, typically requires 64 to 95 slots -- the units of time during which a new chain extending the previous one by one block is proposed and voted -- to finalize. This means that under ideal conditions -- where the network is synchronous, and all chain proposers, along with more than two-thirds of the validators, behave as dictated by the protocol -- proposers construct blocks on a non-finalized chain that extends at least 64 blocks. This exposes a significant portion of the blockchain to potential reorganizations during changes in network conditions, such as periods of asynchrony. Specifically, this finalization delay heightens the network's exposure to Maximum Extractable Value (MEV) exploits, which could undermine the network's integrity. Furthermore, the extended finalization period forces users to balance the trade-off between economic security and transaction speed. To address these issues and speed up finality, we introduce a partially synchronous finality gadget, which we combine with two dynamically available consensus protocols -- synchronous protocols that ensure safety and liveness even with fluctuating validator participation levels. This integration results in secure ebb-and-flow protocols [SP 2021], achieving finality within three slots after a proposal and realizing 3-slot finality. |
| 2024-11-01 | MAP the Blockchain World: A Trustless and Scalable Blockchain Interoperability Protocol for Cross-chain Applications | Yinfeng Cao et.al. | 2411.00422 | link |
| 2024-11-01 | Typosquatting 3.0: Characterizing Squatting in Blockchain Naming Systems | Muhammad Muzammil et.al. | 2411.00352 | A Blockchain Name System (BNS) simplifies the process of sending cryptocurrencies by replacing complex cryptographic recipient addresses with human-readable names, making the transactions more convenient. Unfortunately, these names can be susceptible to typosquatting attacks, where attackers can take advantage of user typos by registering typographically similar BNS names. Unsuspecting users may accidentally mistype or misinterpret the intended name, resulting in an irreversible transfer of funds to an attacker's address instead of the intended recipient. In this work, we present the first large-scale, intra-BNS typosquatting study. To understand the prevalence of typosquatting within BNSs, we study three different services (Ethereum Name Service, Unstoppable Domains, and ADAHandles) spanning three blockchains (Ethereum, Polygon, and Cardano), collecting a total of 4.9M BNS names and 200M transactions-the largest dataset for BNSs to date. We describe the challenges involved in conducting name-squatting studies on these alternative naming systems, and then perform an in-depth quantitative analysis of our dataset. We find that typosquatters are indeed active on BNSs, registering more malicious domains with each passing year. Our analysis reveals that users have sent thousands of transactions to squatters and that squatters target both globally popular BNS domain names as well as the domains owned by popular Twitter/X users. Lastly, we document the complete lack of defenses against typosquatting in custodial and non-custodial wallets and propose straightforward countermeasures that can protect users without relying on third-party services. |
| 2024-11-11 | Examining Attacks on Consensus and Incentive Systems in Proof-of-Work Blockchains: A Systematic Literature Review | Dinitha Wijewardhana et.al. | 2411.00349 | Cryptocurrencies have gained popularity due to their transparency, security, and accessibility compared to traditional financial systems, with Bitcoin, introduced in 2009, leading the market. Bitcoin's security relies on blockchain technology - a decentralized ledger consisting of a consensus and an incentive mechanism. The consensus mechanism, Proof of Work (PoW), requires miners to solve difficult cryptographic puzzles to add new blocks, while the incentive mechanism rewards them with newly minted bitcoins. However, as Bitcoin's acceptance grows, it faces increasing threats from attacks targeting these mechanisms, such as selfish mining, double-spending, and block withholding. These attacks compromise security, efficiency, and reward distribution. Recent research shows that these attacks can be combined with each other or with either malicious strategies, such as network-layer attacks, or non-malicious strategies, like honest mining. These combinations lead to more sophisticated attacks, increasing the attacker's success rates and profitability. Therefore, understanding and evaluating these attacks is essential for developing effective countermeasures and ensuring long-term security. This paper begins by examining individual attacks executed in isolation and their profitability. It then explores how combining these attacks with each other or with other malicious and non-malicious strategies can enhance their overall effectiveness and profitability. The analysis further explores how the deployment of attacks such as selfish mining and block withholding by multiple competing mining pools against each other impacts their economic returns. Lastly, a set of design guidelines is provided, outlining areas future work should focus on to prevent or mitigate the identified threats. |
| 2024-10-31 | Blockchain Services for Digital Government: An Exploration of NFT Applications in the Metaverse | Zachary Roch et.al. | 2411.00076 | The full implementation of the metaverse requires the integration of the physical and digital worlds. Applications built on Distributed Ledger Technology (DLT) hold the power to move society closer towards the ideal metaverse through innovations like Non-Fungible Tokens (NFTs). Due to a combination of the infancy of this technology and the significant implications it holds in the public and private sectors, adoption across both sectors is currently limited. To foster the creation of sustainable smart cities built on this technology, education on how this technology may function in an integrated metaverse is paramount. This is due to the necessary compatibility across industries needed between public and private data. As certain industries are more regulated than others, such as finance or healthcare, a robust system is needed to allow for varying degrees of freedom. This chapter illustrates numerous facets of this conceptual framework. |
| 2024-10-31 | Memes, Markets, and Machines: The Evolution of On Chain Autonomy through Hyperstition | Jeffy Yu et.al. | 2410.23794 | Autonomous AI is driving new intersections between culture, cognition, and finance, fundamentally reshaping the digital landscape. Zerebro, an AI fine-tuned on schizophrenic responses and scraped conversations of Andy Ayrey's infinite backrooms, autonomously creates and spreads disruptive memes across online platforms. It also mints unique ASCII artwork on blockchain networks and launched a memecoin amassing a 3 million USD market cap after migrating to Raydium. Based on our research, Zerebro is the first cross-chain AI, seamlessly interacting with multiple blockchains. By exploring its architecture, content generation techniques, and blockchain integration, this study uncovers how hyperstition, fictions becoming reality through viral propagation, emerges in AI, driven meme culture and decentralized finance. Through historical examples of memetic influence, we reveal how AI systems like Zerebro are not merely participants but architects of culture, cognition, and finance. |
| 2024-10-31 | EVeCA: Efficient and Verifiable On-Chain Data Query Framework Using Challenge-Based Authentication | Meng Shen et.al. | 2410.23546 | As blockchain applications become increasingly widespread, there is a rising demand for on-chain data queries. However, existing schemes for on-chain data queries face a challenge between verifiability and efficiency. Queries on blockchain databases can compromise the authenticity of the query results, while schemes that utilize on-chain Authenticated Data Structure (ADS) have lower efficiency. To overcome this limitation, we propose an efficient and verifiable on-chain data query framework EVeCA. In our approach, we free the full nodes from the task of ADS maintenance by delegating it to a limited number of nodes, and full nodes verify the correctness of ADS by using challenge-based authentication scheme instead of reconstructing them, which prevents the service providers from maintaining incorrect ADS with overwhelming probability. By carefully designing the ADS verification scheme, EVeCA achieves higher efficiency while remaining resilient against adaptive attacks. Our framework effectively eliminates the need for on-chain ADS maintenance, and allows full nodes to participate in ADS maintenance in a cost-effective way. We demonstrate the effectiveness of the proposed scheme through security analysis and experimental evaluation. Compared to existing schemes, our approach improves ADS maintenance efficiency by about 20*. |
| 2024-12-16 | Mitigating Challenges in Ethereum's Proof-of-Stake Consensus: Evaluating the Impact of EigenLayer and Lido | Li Li et.al. | 2410.23422 | The transition of Ethereum from a Proof-of-Work (PoW) to a Proof-of-Stake (PoS) consensus mechanism introduces a transformative approach to blockchain validation, offering enhanced scalability, energy efficiency, and security. However, this shift also presents significant challenges, including high barriers to becoming a validator, restrictions on the liquidity of staked Ether (ETH), and the risk of centralization due to staking pool dynamics. This paper addresses these challenges by exploring two innovative solutions: EigenLayer and Lido. EigenLayer is a middleware solution enabling restaking, allowing validators to secure multiple protocols and thereby increasing decentralization and profitability. Lido, a liquid staking protocol, simplifies participation by issuing stETH tokens that retain liquidity, allowing users to earn rewards without long-term lock-up constraints. This paper provides a detailed analysis of how these technologies mitigate key PoS challenges, reduce validator entry barriers, unlock staked capital, and improve decentralization. We conclude with an evaluation of the combined potential of EigenLayer and Lido to foster a more resilient and inclusive Ethereum ecosystem, setting the stage for further advancements in decentralized finance. |
| 2024-10-30 | The Evolution Of The Digital Inheritance: Legal, Technical, And Practical Dimensions Of Cryptocurrency Transfer Through Succession In French-Inspired Legal Systems | Cristina Carata et.al. | 2410.22907 | In recent years, cryptocurrencies have enjoyed increased popularity in all domains. Thus, in this context, it is important to understand how these digital assets can be transmitted, both legally and efficiently, in the event of the death of their owner. The present paper analyses the mechanisms of cryptocurrencies, analysing from a technical point of view aspects related to blockchain technology, virtual wallets or cryptographic keys, as well as various types of operations regarding this type of virtual currencies. The study also examines the legal aspects related to cryptocurrencies, with an emphasis on the diversity of their status in different global jurisdictions as well as the impact on inheritance planning. The case studies present tangible examples related to successions with cryptocurrencies as the main object, thus completing the exposition related to the main challenges faced by the heirs in the transfer process. In this way, this paper offers possible solutions and recommendations related to inheritance planning with cryptocurrencies as its main object, including the legal and fiscal aspects that must be taken into account when planning a digital succession. |
| 2024-10-29 | Unleashing Multicore Strength for Efficient Execution of Transactions | Ankit Ravish et.al. | 2410.22460 | Blockchain technology is booming up the digital world in recent days and thus paved a way for creating separate blockchain network for various industries. This technology is characterized by its distributed, decentralized, and immutable ledger system which serves as a fundamental platform for managing smart contract transactions (SCTs). However, these self-executing codes implemented using blockchains undergo sequential validation within a block which introduces performance bottlenecks. In response, this paper introduces a framework called the Multi-Bin Parallel Scheduler (MBPS) designed for parallelizing blockchain smart contract transactions to leverage the capabilities of multicore systems. Our proposed framework facilitates concurrent execution of SCTs, enhancing performance by allowing non-conflicting transactions to be processed simultaneously while preserving deterministic order. The framework comprises of three vital stages: conflict detection, bin creation and execution. We conducted an evaluation of our MBPS framework in Hyperledger Sawtooth v1.2.6, revealing substantial performance enhancements compared to existing parallel SCT execution frameworks across various smart contract applications. This research contributes to the ongoing optimization efforts in blockchain technology demonstrating its potential for scalability and efficiency in real-world scenarios. |
| 2024-10-29 | Bitcoin and Shadow Exchange Rates | Yanan Niu et.al. | 2410.22443 | This research expands the existing literature on Bitcoin (BTC) price misalignments by incorporating transaction-level data from a peer-to-peer (P2P) exchange, LocalBitcoins.com (LB). It examines how broader economic and regulatory factors influence cryptocurrency markets and highlights the role of cryptocurrencies in facilitating international capital movements. By constructing shadow exchange rates (SERs) for national currencies against the US dollar based on BTC prices, we calculate discrepancies between these SERs and their official exchange rates (OERs), referred to as BTC premiums. We analyze various factors driving the BTC premiums on LB, including those sourced from the BTC blockchain, mainstream centralized BTC exchanges, and international capital transfer channels. Unlike in centralized markets, our results indicate that the microstructure of the BTC blockchain does not correlate with BTC premiums in the P2P market. Regarding frictions from international capital transfers, we interpret remittance costs as indicators of inefficiencies in traditional capital transfer systems. For constrained currencies subject to severe capital controls and managed exchange rate regimes, increased transaction costs in conventional currency exchange channels almost entirely translate into higher BTC premiums. Additionally, our analysis suggests that BTC premiums can serve as short-term predictors of future exchange rate depreciation for unconstrained currencies. |
| 2024-11-21 | MStableChain: Towards Multi-Native Stablecoins in EVM-Compatible Blockchain for Stable Fee and Mass Adoption | Mingzhe Li et.al. | 2410.22100 | Traditional blockchain systems, such as Ethereum, typically rely on a \emph{single volatile cryptocurrency for transaction fees}. This leads to fluctuating transaction fee prices and limits the flexibility of users' payment options. To address these issues, we propose MStableChain, which leverage multiple stablecoins as native tokens for transaction fee settlements, thus ensuring stable transaction fees and flexible payment options. To address the challenges of mass adoption and practicality, we propose several core designs. To maintain compatibility with the Ethereum Virtual Machine (EVM) for mass adoption while supporting multiple native stablecoins, MStableChain employs a multi-currency units, multi-type RPCs mechanism. This mechanism enables the system to handle multiple stablecoins without altering the EVM or requiring changes to user applications. Furthermore, an oracle-based gas fee adjustment mechanism is proposed to manage exchange rates between different stablecoins, ensuring equitable transaction costs across various currencies. The system also introduces a secure, on-chain voting-based management protocol for the administrative functions related to these stablecoins. Experimental results from a prototype implementation demonstrate that MStableChain provides stable transaction fee prices, high effectiveness, and good usability. |
| 2024-10-30 | A New Broadcast Primitive for BFT Protocols | Manu Drijvers et.al. | 2410.22080 | link |
| 2024-10-29 | Optimizing Streamlined Blockchain Consensus with Generalized Weighted Voting and Enhanced Leader Rotation | Diana Micloiu et.al. | 2410.21923 | Streamlined Byzantine Fault Tolerant (BFT) protocols, such as HotStuff [PODC'19], and weighted voting represent two possible strategies to improve consensus in the distributed systems world. Several studies have been conducted on both techniques, but the research on combining the two is scarce. To cover this knowledge gap, we introduce a weighted voting approach on Hotstuff, along with two optimisations targeting weight assignment distribution and leader rotation in the underlying state replication protocol. Moreover, the weighted protocols developed rely on studies proving the effectiveness of a specific voting power assignment based on discrete values. We generalise this approach by presenting a novel continuous weighting scheme applied to the Hotstuff protocol to highlight the effectiveness of this technique in faulty scenarios. We prove the significant latency reduction impact of weighted voting on streamlined protocols and advocate for further research. |
| 2024-10-30 | Impact of Code Transformation on Detection of Smart Contract Vulnerabilities | Cuong Tran Manh et.al. | 2410.21685 | While smart contracts are foundational elements of blockchain applications, their inherent susceptibility to security vulnerabilities poses a significant challenge. Existing training datasets employed for vulnerability detection tools may be limited, potentially compromising their efficacy. This paper presents a method for improving the quantity and quality of smart contract vulnerability datasets and evaluates current detection methods. The approach centers around semantic-preserving code transformation, a technique that modifies the source code structure without altering its semantic meaning. The transformed code snippets are inserted into all potential locations within benign smart contract code, creating new vulnerable contract versions. This method aims to generate a wider variety of vulnerable codes, including those that can bypass detection by current analysis tools. The paper experiments evaluate the method's effectiveness using tools like Slither, Mythril, and CrossFuzz, focusing on metrics like the number of generated vulnerable samples and the false negative rate in detecting these vulnerabilities. The improved results show that many newly created vulnerabilities can bypass tools and the false reporting rate goes up to 100% and increases dataset size minimum by 2.5X. |
| 2024-10-29 | BF-Meta: Secure Blockchain-enhanced Privacy-preserving Federated Learning for Metaverse | Wenbo Liu et.al. | 2410.21675 | The metaverse, emerging as a revolutionary platform for social and economic activities, provides various virtual services while posing security and privacy challenges. Wearable devices serve as bridges between the real world and the metaverse. To provide intelligent services without revealing users' privacy in the metaverse, leveraging federated learning (FL) to train models on local wearable devices is a promising solution. However, centralized model aggregation in traditional FL may suffer from external attacks, resulting in a single point of failure. Furthermore, the absence of incentive mechanisms may weaken users' participation during FL training, leading to degraded performance of the trained model and reduced quality of intelligent services. In this paper, we propose BF-Meta, a secure blockchain-empowered FL framework with decentralized model aggregation, to mitigate the negative influence of malicious users and provide secure virtual services in the metaverse. In addition, we design an incentive mechanism to give feedback to users based on their behaviors. Experiments conducted on five datasets demonstrate the effectiveness and applicability of BF-Meta. |
| 2024-10-28 | Policies for Fair Exchanges of Resources | Lorenzo Ceragioli et.al. | 2410.21214 | People increasingly use digital platforms to exchange resources in accordance to some policies stating what resources users offer and what they require in return. In this paper, we propose a formal model of these environments, focussing on how users' policies are defined and enforced, so ensuring that malicious users cannot take advantage of honest ones. To that end, we introduce the declarative policy language MuAC and equip it with a formal semantics. To determine if a resource exchange is fair, i.e., if it respects the MuAC policies in force, we introduce the non-standard logic MuACL that combines non-linear, linear and contractual aspects, and prove it decidable. Notably, the operator for contractual implication of MuACL is not expressible in linear logic. We define a semantics preserving compilation of MuAC policies into MuACL, thus establishing that exchange fairness is reduced to finding a proof in MuACL. Finally, we show how this approach can be put to work on a blockchain to exchange non-fungible tokens. |
| 2024-10-28 | Co-produced decentralised surveys as a trustworthy vector to put employees' well-being at the core of companies' performance | Adèle Bréart De Boisanger et.al. | 2410.20919 | Assessing employees' well-being has become central to fostering an environment where employees can thrive and contribute to companies' adaptability and competitiveness in the market. Traditional methods for assessing well-being often face significant challenges, with a major issue being the lack of trust and confidence employees may have in these processes. Employees may hesitate to provide honest feedback due to concerns not only about data integrity and confidentiality, but also about power imbalances among stakeholders. In this context, blockchain-based decentralised surveys, leveraging the immutability, transparency, and pseudo-anonymity of blockchain technology, offer significant improvements in aligning responsive actions with employees' feedback securely and transparently. Nevertheless, their implementation raises complex issues regarding the balance between trust and confidence. While blockchain can function as a confidence machine for data processing and management, it does not inherently address the equally important cultural element of trust. To effectively integrate blockchain technology into well-being assessments, decentralised well-being surveys must be supported by cultural practices that build and sustain trust. Drawing on blockchain technology management and relational cultural theory, we explain how trust-building can be achieved through the co-production of decentralised well-being surveys, which helps address power imbalances between the implementation team and stakeholders. Our goal is to provide a dual cultural-technological framework along with conceptual clarity on how the technological implementation of confidence can connect with the cultural development of trust, ensuring that blockchain-based decentralised well-being surveys are not only secure and reliable but also perceived as trustworthy vector to improve workplace conditions. |
| 2024-10-27 | Advancing Towards Green Blockchain: A Practical Energy-Efficient Blockchain Based Application for CV Verification | Gabriel Fernández-Blanco et.al. | 2410.20605 | Blockchain has been widely criticized due to the use of inefficient consensus protocols and energy-intensive mechanisms that derived into a global enormous power consumption. Fortunately, since the first blockchain was conceived in 2008 (the one that supports Bitcoin), hardware and consensus protocols have evolved, decreasing energy consumption significantly. This article describes a green blockchain solution and quantifies energy savings when deploying the system on traditional computers and embedded Single-Board Computers (SBCs). To illustrate such savings, it is proposed a solution for tackling the problem of academic certificate forgery, which has a significant cost to society, since it harms the trustworthiness of certificates and academic institutions. The proposed solution is aimed at recording and verifying academic records (ARs) through a decentralized application (DApp) that is supported by a smart contract deployed in the Ethereum blockchain. The application stores the raw data (i.e., the data that are not managed by the blockchain) on a decentralized storage system based on Inter-Planetary File System (IPFS). To demonstrate the efficiency of the developed solution, it is evaluated in terms of performance (transaction latency and throughput) and efficiency (CPU usage and energy consumption), comparing the results obtained with a traditional Proof-of-Work (PoW) consensus protocol and the new Proof-of-Authority (PoA) protocol. The results shown in this paper indicate that the latter is clearly greener and demands less CPU load. Moreover, this article compares the performance of a traditional computer and two SBCs (a Raspberry Pi 4 and an Orange Pi One), showing that is possible to make use of the latter low-power devices to implement blockchain nodes for proposed DApp, but at the cost of higher response latency that varies greatly depending on the used SBCs [...] |
| 2024-10-27 | Towards a Blockchain and Opportunistic Edge Driven Metaverse of Everything | Paula Fraga-Lamas et.al. | 2410.20594 | Decentralized Metaverses, built on Web 3.0 and Web 4.0 technologies, have attracted significant attention across various fields. This innovation leverages blockchain, Decentralized Autonomous Organizations (DAOs), Extended Reality (XR) and advanced technologies to create immersive and interconnected digital environments that mirror the real world. This article delves into the Metaverse of Everything (MoE), a platform that fuses the Metaverse concept with the Internet of Everything (IoE), an advanced version of the Internet of Things (IoT) that connects not only physical devices but also people, data and processes within a networked environment. Thus, the MoE integrates generated data and virtual entities, creating an extensive network of interconnected components. This article seeks to advance current MoE, examining decentralization and the application of Opportunistic Edge Computing (OEC) for interactions with surrounding IoT devices and IoE entities. Moreover, it outlines the main challenges to guide researchers and businesses towards building a future cyber-resilient opportunistic MoE. |
| 2024-10-27 | A Comprehensive Survey on Green Blockchain: Developing the Next Generation of Energy Efficient and Sustainable Blockchain Systems | Tiago M. Fernández-Caramés et.al. | 2410.20581 | Although Blockchain has been successfully used in many different fields and applications, it has been traditionally regarded as an energy-intensive technology, essentially due to the past use of inefficient consensus algorithms that prioritized security over sustainability. However, in the last years, thanks to the significant progress made on key blockchain components, their energy consumption can be decreased noticeably. To achieve this objective, this article analyzes the main components of blockchains and explores strategies to reduce their energy consumption. In this way, this article delves into each component of a blockchain system, including consensus mechanisms, network architecture, data storage and validation, smart contract execution, mining and block creation, and outlines specific strategies to decrease their energy consumption. For such a purpose, consensus mechanisms are compared, recommendations for reducing network communications energy consumption are provided, techniques for data storage and validation are suggested and diverse optimizations are proposed both for software and hardware components. Moreover, the main challenges and limitations of reducing power consumption in blockchain systems are analyzed. As a consequence, this article provides a guideline for the future researchers and developers who aim to develop the next generation of Green Blockchain solutions. |
| 2024-10-27 | Props for Machine-Learning Security | Ari Juels et.al. | 2410.20522 | We propose protected pipelines or props for short, a new approach for authenticated, privacy-preserving access to deep-web data for machine learning (ML). By permitting secure use of vast sources of deep-web data, props address the systemic bottleneck of limited high-quality training data in ML development. Props also enable privacy-preserving and trustworthy forms of inference, allowing for safe use of sensitive data in ML applications. Props are practically realizable today by leveraging privacy-preserving oracle systems initially developed for blockchain applications. |
| 2024-11-03 | Fractal and Turbulent Feature Extraction and NFT Label Generation for Pollock Style Migration Paintings Based on VGG19 | Yiquan Wang et.al. | 2410.20519 | link |
| 2024-10-27 | Smart Transport Infrastructure Maintenance: A Smart-Contract Blockchain Approach | Fatjon Seraj et.al. | 2410.20431 | Infrastructure maintenance is inherently complex, especially for widely dispersed transport systems like roads and railroads. Maintaining this infrastructure involves multiple partners working together to ensure safe, efficient upkeep that meets technical and safety standards, with timely materials and budget adherence. Traditionally, these requirements are managed on paper, with each contract step checked manually. Smart contracts, based on blockchain distributed ledger technology, offer a new approach. Distributed ledgers facilitate secure, transparent transactions, enabling decentralized agreements where contract terms automatically execute when conditions are met. Beyond financial transactions, blockchains can track complex agreements, recording each stage of contract fulfillment between multiple parties. A smart contract is a set of coded rules stored on the blockchain that automatically executes each term upon meeting specified conditions. In infrastructure maintenance, this enables end-to-end automation-from contractor assignment to maintenance completion. Using an immutable, decentralized record, contract terms and statuses are transparent to all parties, enhancing trust and efficiency. Creating smart contracts for infrastructure requires a comprehensive understanding of procedural workflows to foresee all requirements and liabilities. This workflow includes continuous infrastructure monitoring through a dynamic, data-driven maintenance model that triggers necessary actions. Modern process mining can develop a resilient Maintenance Process Model, helping Operations Management to define contract terms, including asset allocation, logistics, materials, and skill requirements. Automation and reliable data quality across the procedural chain are essential, supported by IoT sensors, big data analytics, predictive maintenance, intelligent logistics, and asset management. |
| 2024-10-26 | FL-DABE-BC: A Privacy-Enhanced, Decentralized Authentication, and Secure Communication for Federated Learning Framework with Decentralized Attribute-Based Encryption and Blockchain for IoT Scenarios | Sathwik Narkedimilli et.al. | 2410.20259 | This study proposes an advanced Federated Learning (FL) framework designed to enhance data privacy and security in IoT environments by integrating Decentralized Attribute-Based Encryption (DABE), Homomorphic Encryption (HE), Secure Multi-Party Computation (SMPC), and Blockchain technology. Unlike traditional FL, our framework enables secure, decentralized authentication and encryption directly on IoT devices using DABE, allowing sensitive data to remain locally encrypted. Homomorphic Encryption permits computations on encrypted data, and SMPC ensures privacy in collaborative computations, while Blockchain technology provides transparent, immutable record-keeping for all transactions and model updates. Local model weights are encrypted and transmitted to fog layers for aggregation using HE and SMPC, then iteratively refined by the central server using differential privacy to safeguard against data leakage. This secure, privacy-preserving FL framework delivers a robust solution for efficient model training and real-time analytics across distributed IoT devices, offering significant advancements in secure decentralized learning for IoT applications. |
| 2024-10-25 | Autonomous Building Cyber-Physical Systems Using Decentralized Autonomous Organizations, Digital Twins, and Large Language Model | Reachsak Ly et.al. | 2410.19262 | Current autonomous building research primarily focuses on energy efficiency and automation. While traditional artificial intelligence has advanced autonomous building research, it often relies on predefined rules and struggles to adapt to complex, evolving building operations. Moreover, the centralized organizational structures of facilities management hinder transparency in decision-making, limiting true building autonomy. Research on decentralized governance and adaptive building infrastructure, which could overcome these challenges, remains relatively unexplored. This paper addresses these limitations by introducing a novel Decentralized Autonomous Building Cyber-Physical System framework that integrates Decentralized Autonomous Organizations, Large Language Models, and digital twins to create a smart, self-managed, operational, and financially autonomous building infrastructure. This study develops a full-stack decentralized application to facilitate decentralized governance of building infrastructure. An LLM-based artificial intelligence assistant is developed to provide intuitive human-building interaction for blockchain and building operation management-related tasks and enable autonomous building operation. Six real-world scenarios were tested to evaluate the autonomous building system's workability, including building revenue and expense management, AI-assisted facility control, and autonomous adjustment of building systems. Results indicate that the prototype successfully executes these operations, confirming the framework's suitability for developing building infrastructure with decentralized governance and autonomous operation. |
| 2025-01-17 | What Drives Liquidity on Decentralized Exchanges? Evidence from the Uniswap Protocol | Brian Z. Zhu et.al. | 2410.19107 | We study liquidity on decentralized exchanges (DEXs), identifying factors at the platform, blockchain, token pair, and liquidity pool levels with predictive power for market depth metrics. We introduce the v2 counterfactual spread metric, a novel criterion which assesses the degree of liquidity concentration in pools using the ``concentrated liquidity'' mechanism, allowing us to decompose the effect of a factor on market depth into two channels: total value locked (TVL) and concentration. We further explore how external liquidity from competing DEXs and private inventory on DEX aggregators influence market depth. We find that (i) gas prices, returns, and a DEX's share of trading volume affect liquidity through concentration, (ii) internalization of order flow by private market makers affects TVL but not the overall market depth, and (iii) volatility, fee revenue, and markout affect liquidity through both channels. |
| 2024-10-24 | Quantifying the Value of Revert Protection | Brian Z. Zhu et.al. | 2410.19106 | Revert protection is a feature provided by some blockchain platforms that prevents users from incurring fees for failed transactions. This paper explores the economic implications and benefits of revert protection, in the context of priority auctions and maximal extractable value (MEV). We develop an equilibrium game theoretic model that captures the behavior of users (MEV searchers) bidding to have their transaction included ahead of others, in an environment where only a single transaction will succeed in realizing the common value of an opportunity, and in settings both with and without revert protection. Our model applies to a broad range of settings, including Layer 1 (L1) blockchains (e.g., Ethereum mainnet) and Layer 2 (L2) blockchains, and auctions such as ``bundle auctions'' (on L1s) or priority ordering auctions (on L2s). We establish that, in the absence of revert protection, users will employ randomized strategies to mitigate the impact of paying for failed transactions. This will ultimately result in less auction revenue, despite the fact that failed transactions still pay fees. Our results quantify in closed form how revert protection enhances auction revenue, and also improves market efficiency and provides for more efficient use of blockspace, as a function of the underlying parameters (the value of the MEV opportunity, the base fee, the revert penalties, and the number of participating agents). |
| 2024-10-24 | RediSwap: MEV Redistribution Mechanism for CFMMs | Mengqian Zhang et.al. | 2410.18434 | Automated Market Makers (AMMs) are essential to decentralized finance, offering continuous liquidity and enabling intermediary-free trading on blockchains. However, participants in AMMs are vulnerable to Maximal Extractable Value (MEV) exploitation. Users face threats such as front-running, back-running, and sandwich attacks, while liquidity providers (LPs) incur the loss-versus-rebalancing (LVR). In this paper, we introduce RediSwap, a novel AMM designed to capture MEV at the application level and refund it fairly among users and liquidity providers. At its core, RediSwap features an MEV-redistribution mechanism that manages arbitrage opportunities within the AMM pool. We formalize the mechanism design problem and the desired game-theoretical properties. A central insight underpinning our mechanism is the interpretation of the maximal MEV value as the sum of LVR and individual user losses. We prove that our mechanism is incentive-compatible and Sybil-proof, and demonstrate that it is easy for arbitrageurs to participate. We empirically compared RediSwap with existing solutions by replaying historical AMM trades. Our results suggest that RediSwap can achieve better execution than UniswapX in 89% of trades and reduce LPs' loss to under 0.5% of the original LVR in most cases. |
| 2024-10-23 | Enhancing Enterprise Security with Zero Trust Architecture | Mahmud Hasan et.al. | 2410.18291 | Zero Trust Architecture (ZTA) represents a transformative approach to modern cybersecurity, directly addressing the shortcomings of traditional perimeter-based security models. With the rise of cloud computing, remote work, and increasingly sophisticated cyber threats, perimeter defenses have proven ineffective at mitigating risks, particularly those involving insider threats and lateral movement within networks. ZTA shifts the security paradigm by assuming that no user, device, or system can be trusted by default, requiring continuous verification and the enforcement of least privilege access for all entities. This paper explores the key components of ZTA, such as identity and access management (IAM), micro-segmentation, continuous monitoring, and behavioral analytics, and evaluates their effectiveness in reducing vulnerabilities across diverse sectors, including finance, healthcare, and technology. Through case studies and industry reports, the advantages of ZTA in mitigating insider threats and minimizing attack surfaces are discussed. Additionally, the paper addresses the challenges faced during ZTA implementation, such as scalability, integration complexity, and costs, while providing best practices for overcoming these obstacles. Lastly, future research directions focusing on emerging technologies like AI, machine learning, blockchain, and their integration into ZTA are examined to enhance its capabilities further. |
| 2024-10-23 | Multi-Continental Healthcare Modelling Using Blockchain-Enabled Federated Learning | Rui Sun et.al. | 2410.17933 | One of the biggest challenges of building artificial intelligence (AI) model in healthcare area is the data sharing. Since healthcare data is private, sensitive, and heterogeneous, collecting sufficient data for modelling is exhausted, costly, and sometimes impossible. In this paper, we propose a framework for global healthcare modelling using datasets from multi-continents (Europe, North America and Asia) while without sharing the local datasets, and choose glucose management as a study model to verify its effectiveness. Technically, blockchain-enabled federated learning is implemented with adaption to make it meet with the privacy and safety requirements of healthcare data, meanwhile rewards honest participation and penalize malicious activities using its on-chain incentive mechanism. Experimental results show that the proposed framework is effective, efficient, and privacy preserved. Its prediction accuracy is much better than the models trained from limited personal data and is similar to, and even slightly better than, the results from a centralized dataset. This work paves the way for international collaborations on healthcare projects, where additional data is crucial for reducing bias and providing benefits to humanity. |
| 2024-10-22 | Vulnerability anti-patterns in Solidity: Increasing smart contracts security by reducing false alarms | Tommaso Oss et.al. | 2410.17204 | Turing completeness has made Ethereum smart contracts attractive to blockchain developers and attackers alike. To increase code security, many tools can now spot most known vulnerabilities |
| 2024-10-21 | AdChain: Decentralized Header Bidding | Behkish Nassirzadeh et.al. | 2410.16141 | Due to the involvement of multiple intermediaries without trusted parties, lack of proper regulations, and a complicated supply chain, ad impression discrepancy affects online advertising. This issue causes up to $82 billion annual revenue loss for honest parties. The loss can be significantly reduced with a precise and trusted decentralized mechanism. This paper presents AdChain, a decentralized, distributed, and verifiable solution that detects and minimizes online advertisement impression discrepancies. AdChain establishes trust by employing multiple independent agents to receive and record log-level data, along with a consensus protocol to validate each ad data. AdChain is scalable, efficient, and compatible with the current infrastructure. Our experimental evaluation, using over half a million ad data points, identifies system parameters that achieve 98% accuracy, reducing the ad discrepancy rate from 20% to 2%. Our cost analysis shows that active nodes on AdChain can generate profits comparable to miners on major blockchain networks like Bitcoin. |
| 2024-10-21 | Efficient and Universally Accessible Cross-Chain Options without Upfront Holder Collateral | Zifan Peng et.al. | 2410.15724 | Options are fundamental to blockchain-based financial markets, offering essential tools for risk management and price speculation, which enhance liquidity, flexibility, and market efficiency in decentralized finance (DeFi). Despite the growing interest in options for blockchain-resident assets, such as cryptocurrencies, current option mechanisms face significant challenges, including limited asset support, high trading delays, and the requirement for option holders to provide upfront collateral. In this paper, we present a protocol that addresses the aforementioned issues by facilitating efficient and universally accessible option trading without requiring holders to post collateral when establishing options. Our protocol's universality allows for cross-chain options involving nearly |
| 2024-10-21 | ZK-DPPS: A Zero-Knowledge Decentralised Data Sharing and Processing Middleware | Amir Jabbari et.al. | 2410.15568 | In the current digital landscape, supply chains have transformed into complex networks driven by the Internet of Things (IoT), necessitating enhanced data sharing and processing capabilities to ensure traceability and transparency. Leveraging Blockchain technology in IoT applications advances reliability and transparency in near-real-time insight extraction processes. However, it raises significant concerns regarding data privacy. Existing privacy-preserving approaches often rely on Smart Contracts for automation and Zero Knowledge Proofs (ZKP) for privacy. However, apart from being inflexible in adopting system changes while effectively protecting data confidentiality, these approaches introduce significant computational expenses and overheads that make them impractical for dynamic supply chain environments. To address these challenges, we propose ZK-DPPS, a framework that ensures zero-knowledge communications without the need for traditional ZKPs. In ZK-DPPS, privacy is preserved through a combination of Fully Homomorphic Encryption (FHE) for computations and Secure Multi-Party Computations (SMPC) for key reconstruction. To ensure that the raw data remains private throughout the entire process, we use FHE to execute computations directly on encrypted data. The "zero-knowledge" aspect of ZK-DPPS refers to the system's ability to process and share data insights without exposing sensitive information, thus offering a practical and efficient alternative to ZKP-based methods. We demonstrate the efficacy of ZK-DPPS through a simulated supply chain scenario, showcasing its ability to tackle the dual challenges of privacy preservation and computational trust in decentralised environments. |
| 2025-01-31 | SuiGPT MAD: Move AI Decompiler to Improve Transparency and Auditability on Non-Open-Source Blockchain Smart Contract | Eason Chen et.al. | 2410.15275 | The vision of Web3 is to improve user control over data and assets, but one challenge that complicates this vision is the prevalence of non-transparent, scam-prone applications and vulnerable smart contracts that put Web3 users at risk. While code audits are one solution to this problem, the lack of smart contracts source code on many blockchain platforms, such as Sui, hinders the ease of auditing. A promising approach to this issue is the use of a decompiler to reverse-engineer smart contract bytecode. However, existing decompilers for Sui produce code that is difficult to understand and cannot be directly recompiled. To address this, we developed the SuiGPT Move AI Decompiler (MAD), a Large Language Model (LLM)-powered web application that decompiles smart contract bytecodes on Sui into logically correct, human-readable, and re-compilable source code with prompt engineering. Our evaluation shows that MAD's output successfully passes original unit tests and achieves a 73.33% recompilation success rate on real-world smart contracts. Additionally, newer models tend to deliver improved performance, suggesting that MAD's approach will become increasingly effective as LLMs continue to advance. In a user study involving 12 developers, we found that MAD significantly reduced the auditing workload compared to using traditional decompilers. Participants found MAD's outputs comparable to the original source code, improving accessibility for understanding and auditing non-open-source smart contracts. Through qualitative interviews with these developers and Web3 projects, we further discussed the strengths and concerns of MAD. MAD has practical implications for blockchain smart contract transparency, auditing, and education. It empowers users to easily and independently review and audit non-open-source smart contracts, fostering accountability and decentralization |
| 2024-10-18 | Blockchain-Based Trust and Transparency in Airline Reservation Systems using Microservices Architecture | Biman Barua et.al. | 2410.14518 | This research gives a detailed analysis of the application of blockchain technology to the airline reservation systems in order to bolster trust, transparency, and operational efficiency by overcoming several challenges including customer control and data integrity issues. The study investigates the major components of blockchain technology such as decentralised databases, permanent records of transactions and transactional clauses executed via codes of programs and their impacts on automated systems and real-time tracking of audits. The results show a 30% decrease in booking variations together with greater data synchronization as a result of consensus processes and resistant data formations. The approach to the implementation of a blockchain technology for the purpose of this paper includes many APIs for the automatic multi-faceted record-keeping system including the smart contract execution and controllable end-users approach. Smart contracts organized the processes improving the cycle times by 40% on the average while guaranteeing no breach of agreements. In addition to this, the architecture of the system has no single point failure with over 98% reliability while measures taken to improve security have led to 85% of the customers expressing trust in the services provided. In summation, the results suggest that reservations in the airline sector stand a chance of being redefined with blockchain through savoring the benefits of a single source of truth while attempting to resolve this intrinsic problem of overcomplexity. Although the system improves the experience of customers and the level of operational transparency, issues concerning scalability and regulatory adherence. This research is also a stepping stone for further studies that are intended to address these challenges and more applicable to the airline industry. |
| 2024-10-18 | Safeguarding Blockchain Ecosystem: Understanding and Detecting Attack Transactions on Cross-chain Bridges | Jiajing Wu et.al. | 2410.14493 | Cross-chain bridges are essential decentralized applications (DApps) to facilitate interoperability between different blockchain networks. Unlike regular DApps, the functionality of cross-chain bridges relies on the collaboration of information both on and off the chain, which exposes them to a wider risk of attacks. According to our statistics, attacks on cross-chain bridges have resulted in losses of nearly 4.3 billion dollars since 2021. Therefore, it is particularly necessary to understand and detect attacks on cross-chain bridges. In this paper, we collect the largest number of cross-chain bridge attack incidents to date, including 49 attacks that occurred between June 2021 and September 2024. Our analysis reveal that attacks against cross-chain business logic cause significantly more damage than those that do not. These cross-chain attacks exhibit different patterns compared to normal transactions in terms of call structure, which effectively indicates potential attack behaviors. Given the significant losses in these cases and the scarcity of related research, this paper aims to detect attacks against cross-chain business logic, and propose the BridgeGuard tool. Specifically, BridgeGuard models cross-chain transactions from a graph perspective, and employs a two-stage detection framework comprising global and local graph mining to identify attack patterns in cross-chain transactions. We conduct multiple experiments on the datasets with 203 attack transactions and 40,000 normal cross-chain transactions. The results show that BridgeGuard's reported recall score is 36.32% higher than that of state-of-the-art tools and can detect unknown attack transactions. |
| 2024-10-17 | Leveraging Fine-Tuned Language Models for Efficient and Accurate Smart Contract Auditing | Zhiyuan Wei et.al. | 2410.13918 | link |
| 2024-10-17 | An Exposition of Pathfinding Strategies Within Lightning Network Clients | Sindura Saraswathi et.al. | 2410.13784 | link |
| 2024-10-17 | Optimal MEV Extraction Using Absolute Commitments | Daji Landis et.al. | 2410.13624 | We propose a new, more potent attack on decentralized exchanges. This attack leverages absolute commitments, which are commitments that can condition on the strategies made by other agents. This attack allows an adversary to charge monopoly prices by committing to undercut those other miners that refuse to charge an even higher fee. This allows the miner to extract the maximum possible price from the user, potentially through side channels that evade the inefficiencies and fees usually incurred. This is considerably more efficient than the prevailing strategy of `sandwich attacks', wherein the adversary induces and profits from fluctuations in the market price to the detriment of users. The attack we propose can, in principle, be realized by the irrevocable and self-executing nature of smart contracts, which are readily available on many major blockchains. Thus, the attack could potentially be used against a decentralized exchange and could drastically reduce the utility of the affected exchange. |
| 2024-10-17 | Advocate -- Trustworthy Evidence in Cloud Systems | Sebastian Werner et.al. | 2410.13477 | The rapid evolution of cloud-native applications, characterized by dynamic, interconnected services, presents significant challenges for maintaining trustworthy and auditable systems, especially in sensitive contexts, such as finance or healthcare. Traditional methods of verification and certification are often inadequate due to the fast-past and dynamic development practices common in cloud computing. This paper introduces Advocate, a novel agent-based system designed to generate verifiable evidence of cloud-native application operations. By integrating with existing infrastructure tools, such as Kubernetes and distributed tracing systems, Advocate captures, authenticates, and stores evidence trails in a tamper-resistant manner. This approach not only supports the auditing process but also allows for privacy-preserving evidence aggregation. Advocate's extensible architecture facilitates its deployment in diverse environments, enabling the verification and adherence to policies and enhance trust in cloud services. |
| 2024-10-17 | Pricing Factors and TFMs for Scalability-Focused ZK-Rollups | Stefanos Chaliasos et.al. | 2410.13277 | ZK-Rollups have emerged as a leading solution for blockchain scalability, leveraging succinct proofs primarily based on ZKP protocols. This paper explores the design of transaction fee mechanisms (TFMs) for ZK-Rollups, focusing on how key components like sequencing, data availability~(DA), and ZK proving interact to influence cost structures. We outline the properties that a suitable TFM should possess, such as incentive compatibility and net profitability. In addition, we propose alternatives for TFMs, discuss trade-offs, and highlight open questions that require further investigation in the context of ZK-Rollups. |
| 2024-10-16 | Future of Algorithmic Organization: Large-Scale Analysis of Decentralized Autonomous Organizations (DAOs) | Tanusree Sharma et.al. | 2410.13095 | Decentralized Autonomous Organizations (DAOs) resemble early online communities, particularly those centered around open-source projects, and present a potential empirical framework for complex social-computing systems by encoding governance rules within "smart contracts" on the blockchain. A key function of a DAO is collective decision-making, typically carried out through a series of proposals where members vote on organizational events using governance tokens, signifying relative influence within the DAO. In just a few years, the deployment of DAOs surged with a total treasury of $24.5 billion and 11.1M governance token holders collectively managing decisions across over 13,000 DAOs as of 2024. In this study, we examine the operational dynamics of 100 DAOs, like pleasrdao, lexdao, lootdao, optimism collective, uniswap, etc. With large-scale empirical analysis of a diverse set of DAO categories and smart contracts and by leveraging on-chain (e.g., voting results) and off-chain data, we examine factors such as voting power, participation, and DAO characteristics dictating the level of decentralization, thus, the efficiency of management structures. As such, our study highlights that increased grassroots participation correlates with higher decentralization in a DAO, and lower variance in voting power within a DAO correlates with a higher level of decentralization, as consistently measured by Gini metrics. These insights closely align with key topics in political science, such as the allocation of power in decision-making and the effects of various governance models. We conclude by discussing the implications for researchers, and practitioners, emphasizing how these factors can inform the design of democratic governance systems in emerging applications that require active engagement from stakeholders in decision-making. |
| 2024-10-16 | SEMSO: A Secure and Efficient Multi-Data Source Blockchain Oracle | Youquan Xian et.al. | 2410.12540 | In recent years, blockchain oracle, as the key link between blockchain and real-world data interaction, has greatly expanded the application scope of blockchain. In particular, the emergence of the Multi-Data Source (MDS) oracle has greatly improved the reliability of the oracle in the case of untrustworthy data sources. However, the current MDS oracle scheme requires nodes to obtain data redundantly from multiple data sources to guarantee data reliability, which greatly increases the resource overhead and response time of the system. Therefore, in this paper, we propose a Secure and Efficient Multi-data Source Oracle framework (SEMSO), which nodes only need to access one data source to ensure the reliability of final data. First, we design a new off-chain data aggregation protocol TBLS, to guarantee data source diversity and reliability at low cost. Second, according to the rational man assumption, the data source selection task of nodes is modeled and solved based on the Bayesian game under incomplete information to maximize the node's revenue while improving the success rate of TBLS aggregation and system response speed. Security analysis verifies the reliability of the proposed scheme, and experiments show that under the same environmental assumptions, SEMSO takes into account data diversity while reducing the response time by 23.5%. |
| 2024-10-16 | fAmulet: Finding Finalization Failure Bugs in Polygon zkRollup | Zihao Li et.al. | 2410.12210 | Zero-knowledge layer 2 protocols emerge as a compelling approach to overcoming blockchain scalability issues by processing transactions through the transaction finalization process. During this process, transactions are efficiently processed off the main chain. Besides, both the transaction data and the zero-knowledge proofs of transaction executions are reserved on the main chain, ensuring the availability of transaction data as well as the correctness and verifiability of transaction executions. Hence, any bugs that cause the transaction finalization failure are crucial, as they impair the usability of these protocols and the scalability of blockchains. In this work, we conduct the first systematic study on finalization failure bugs in zero-knowledge layer 2 protocols, and define two kinds of such bugs. Besides, we design fAmulet, the first tool to detect finalization failure bugs in Polygon zkRollup, a prominent zero-knowledge layer 2 protocol, by leveraging fuzzing testing. To trigger finalization failure bugs effectively, we introduce a finalization behavior model to guide our transaction fuzzer to generate and mutate transactions for inducing diverse behaviors across each component (e.g., Sequencer) in the finalization process. Moreover, we define bug oracles according to the distinct bug definitions to accurately detect bugs. Through our evaluation, fAmulet can uncover twelve zero-day finalization failure bugs in Polygon zkRollup, and cover at least 20.8% more branches than baselines. Furthermore, through our preliminary study, fAmulet uncovers a zero-day finalization failure bug in Scroll zkRollup, highlighting the generality of fAmulet to be applied to other zero-knowledge layer 2 protocols. At the time of writing, all our uncovered bugs have been confirmed and fixed by Polygon zkRollup and Scroll zkRollup teams. |
| 2024-10-16 | Proof of Team Sprint: A Collaborative Consensus Algorithm for Reducing Energy Consumption in Blockchain Systems | Naoki Yonezawa et.al. | 2410.12135 | This paper introduces Proof of Team Sprint (PoTS), a novel consensus algorithm designed to address the significant energy inefficiencies inherent in traditional Proof of Work (PoW) systems. PoTS shifts the consensus mechanism from an individual competition model to a collaborative team-based approach. Participants are organized into groups, with each group collaboratively working to solve cryptographic puzzles required to validate transactions and add new blocks to the blockchain. This collaborative approach significantly reduces the overall energy consumption of the network while maintaining high levels of security and decentralization. Our analysis shows that PoTS can reduce energy consumption by a factor of 1/N, where N is the number of participants in each group, compared to PoW. Furthermore, PoTS maintains a fair and equitable reward distribution among participants, ensuring continued engagement and network integrity. The paper also discusses the scalability, security implications, and potential challenges of adopting PoTS, positioning it as a promising alternative for sustainable blockchain technology. |
| 2024-10-15 | WPFed: Web-based Personalized Federation for Decentralized Systems | Guanhua Ye et.al. | 2410.11378 | Decentralized learning has become crucial for collaborative model training in environments where data privacy and trust are paramount. In web-based applications, clients are liberated from traditional fixed network topologies, enabling the establishment of arbitrary peer-to-peer (P2P) connections. While this flexibility is highly promising, it introduces a fundamental challenge: the optimal selection of neighbors to ensure effective collaboration. To address this, we introduce WPFed, a fully decentralized, web-based learning framework designed to enable globally optimal neighbor selection. WPFed employs a dynamic communication graph and a weighted neighbor selection mechanism. By assessing inter-client similarity through Locality-Sensitive Hashing (LSH) and evaluating model quality based on peer rankings, WPFed enables clients to identify personalized optimal neighbors on a global scale while preserving data privacy. To enhance security and deter malicious behavior, WPFed integrates verification mechanisms for both LSH codes and performance rankings, leveraging blockchain-driven announcements to ensure transparency and verifiability. Through extensive experiments on multiple real-world datasets, we demonstrate that WPFed significantly improves learning outcomes and system robustness compared to traditional federated learning methods. Our findings highlight WPFed's potential to facilitate effective and secure decentralized collaborative learning across diverse and interconnected web environments. |
| 2024-10-14 | Functional Adaptor Signatures: Beyond All-or-Nothing Blockchain-based Payments | Nikhil Vanjani et.al. | 2410.11134 | In scenarios where a seller holds sensitive data |
| 2024-10-14 | MEV Capture Through Time-Advantaged Arbitrage | Robin Fritsch et.al. | 2410.10797 | As blockchains begin processing significant economic activity, the ability to include and order transactions inevitably becomes highly valuable, a concept known as Maximal Extractable Value (MEV). This makes effective mechanisms for transaction inclusion and ordering, and thereby the extraction of MEV, a key aspect of blockchain design. Beyond traditional approaches such as ordering in a first-come-first-serve manner or using priority fees, a recent proposal suggests auctioning off a time advantage for transaction inclusion. In this paper, we investigate this time advantage mechanism, focusing specifically on arbitrage opportunities on Automated Market Makers (AMMs), one of the largest sources of MEV today. We analyze the optimal strategy for a time-advantaged arbitrageur and compare the profits generated by various MEV extraction methods. Finally, we explore how AMMs can be adapted in the time advantage setting to capture a portion of the MEV. |
| 2024-10-14 | Sealed-bid Auctions on Blockchain with Timed Commitment Outsourcing | Jichen Li et.al. | 2410.10607 | Sealed-bid auctions play a crucial role in blockchain ecosystems. Previous works introduced viable blockchain sealed-bid auction protocols, leveraging timed commitments for bid encryption. However, a crucial challenge remains unresolved in these works: Who should bear the cost of decrypting these timed commitments? This work introduces a timed commitment outsourcing market as a solution to the aforementioned challenge. We first introduce an aggregation scheme for timed commitments, which combines all bidders' timed commitments into one while ensuring security and correctness and allowing a varying number of bidders. Next, we remodel the utility of auctioneers and timed commitment solvers, developing a new timed commitment competition mechanism and combining it with the sealed-bid auction to form a two-sided market. The protocol includes bid commitment collection, timed commitment solving, and payment. Through game-theoretical analysis, we prove that our protocol satisfies Dominant Strategy Incentive Compatibility (DSIC) for bidders, Bayesian Incentive Compatibility (BIC) for solvers, and achieves optimal revenue for the auctioneer among a large class of mechanisms. Finally, we prove that no mechanism can achieve positive expected revenue for the auctioneer while satisfying DSIC and Individual Rationality (IR) for both bidders and solvers. |
| 2024-10-14 | ZONIA: a Zero-Trust Oracle System for Blockchain IoT Applications | Lorenzo Gigli et.al. | 2410.10532 | The rapid expansion of the Internet of Things (IoT) has led to significant data reliability and system transparency challenges, aggravated by the centralized nature of existing IoT architectures. This centralization often results in siloed data ecosystems, where interoperability issues and opaque data handling practices compromise both the utility and trustworthiness of IoT applications. To address these issues, we introduce ZONIA (Zero-trust Oracle Network for IoT Applications), a novel blockchain oracle system designed to enhance data integrity and decentralization in IoT environments. Unlike traditional approaches that rely on Trusted Execution Environments and centralized data sources, ZONIA utilizes a decentralized, zero-trust model that allows for anonymous participation and integrates multiple data sources to ensure fairness and reliability. This paper outlines ZONIA's architecture, which supports semantic and geospatial queries, details its data reliability mechanisms, and presents a comprehensive evaluation demonstrating its scalability and resilience against data falsification and collusion attacks. Both analytical and experimental results demonstrate ZONIA's scalability, showcasing its feasibility to handle an increasing number of nodes in the system under different system conditions and workloads. Furthermore, the implemented reputation mechanism significantly enhances data accuracy, maintaining high reliability even when 40% of nodes exhibit malicious behavior. |
| 2025-01-19 | Liquidity Fragmentation or Optimization? Analyzing Automated Market Makers Across Ethereum and Rollups | Krzysztof Gogol et.al. | 2410.10324 | Layer-2 (L2) blockchains offer security guarantees for Ethereum while reducing transaction (gas) fees. Consequently, they are gaining popularity among traders at Automated Market Makers (AMMs), but Liquidity Providers (LPs) are lagging behind. Our empirical results show that AMM liquidity pools on Ethereum are oversubscribed compared to their counterparties on L2s and deliver lower returns than staking ETH. LPs would receive higher rewards by reallocating over 2/3 of the liquidity to AMMs on L2s, or staking. We employ Lagrangian optimization to find the optimal liquidity allocation strategy that maximizes LP's rewards. Moreover, we show that the returns from liquidity provisions converge to the staking rate, and in equilibrium, liquidity provisions to any AMM should provide returns equal to staking rewards. Lastly, we measure the elasticity of trading volume with respect to TVL at AMM pools and found that at the well established blockchains an increase in TVL is not associated with an increase in trading volume. |
| 2024-10-14 | From x*y=k to Uniswap Hooks; A Comparative Review of Decentralized Exchanges (DEX) | Mohammad Ali Asef et.al. | 2410.10162 | Decentralized exchanges (DEXs) are pivotal applications in the Decentralized finance (DeFi) landscape, aiming to facilitate trustless cryptocurrency trading by relying on smart contracts and blockchain networks. The developments in the DEXs sector began with the implementation of an automated market maker (AMM) system using a simple math formula by Uniswap V1 in 2018. Absorbing significant funding and the attention of web3 enthusiasts, DEXs have seen numerous advancements in their evolution. A notable recent advancement is the introduction of hooks in Uniswap v4, which allows users to take advantage of a wide range of plugin-like features with liquidity pools. This paper provides a comprehensive classification and comparative analyses of prominent DEX protocols, namely Uniswap, Curve, and Balancer, in addition to investigating other protocols' noteworthy aspects. The evaluation framework encompasses mechanisms, components, mathematical formulations, and the performance of liquidity pools. The goals are to elucidate the strengths and limitations of different AMM models, highlight emerging concepts in DEX development, outline current challenges, and differentiate optimal models for specific applications. The results and comparative insights can be a reference for web3 developers, blockchain researchers, traders, and regulatory parties. |
| 2024-12-17 | Mastering AI: Big Data, Deep Learning, and the Evolution of Large Language Models -- Blockchain and Applications | Pohsun Feng et.al. | 2410.10110 | A detailed exploration of blockchain technology and its applications across various fields is provided, beginning with an introduction to cryptography fundamentals, including symmetric and asymmetric encryption, and their roles in ensuring security and trust within blockchain systems. The structure and mechanics of Bitcoin and Ethereum are then examined, covering topics such as proof-of-work, proof-of-stake, and smart contracts. Practical applications of blockchain in industries like decentralized finance (DeFi), supply chain management, and identity authentication are highlighted. The discussion also extends to consensus mechanisms and scalability challenges in blockchain, offering insights into emerging technologies like Layer 2 solutions and cross-chain interoperability. The current state of academic research on blockchain and its potential future developments are also addressed. |
| 2024-10-12 | Transaction Execution Mechanisms | Abdoulaye Ndiaye et.al. | 2410.09555 | This paper studies transaction execution mechanisms (TEMs) for blockchains as the efficient resource allocation across multiple parallel execution queues or "local fee markets." We present a model considering capacity constraints, user valuations, and delay costs in a multi-queue system with an aggregate capacity constraint due to global consensus. We show that revenue maximization tends to allocate capacity to the highest-paying queue, while welfare maximization generally serves all queues. Optimal relative pricing of different queues depends on factors such as market size, demand elasticity, and the balance between local and global congestion. Our results have implications for evolving blockchain architectures, including parallel execution, DAG-based systems, and multiple concurrent proposers, and can help design more efficient TEMs. |
| 2024-11-04 | LLM-SmartAudit: Advanced Smart Contract Vulnerability Detection | Zhiyuan Wei et.al. | 2410.09381 | link |
| 2024-10-11 | Efficient Zero-Knowledge Proofs for Set Membership in Blockchain-Based Sensor Networks: A Novel OR-Aggregation Approach | Oleksandr Kuznetsov et.al. | 2410.09169 | Blockchain-based sensor networks offer promising solutions for secure and transparent data management in IoT ecosystems. However, efficient set membership proofs remain a critical challenge, particularly in resource-constrained environments. This paper introduces a novel OR-aggregation approach for zero-knowledge set membership proofs, tailored specifically for blockchain-based sensor networks. We provide a comprehensive theoretical foundation, detailed protocol specification, and rigorous security analysis. Our implementation incorporates optimization techniques for resource-constrained devices and strategies for integration with prominent blockchain platforms. Extensive experimental evaluation demonstrates the superiority of our approach over existing methods, particularly for large-scale deployments. Results show significant improvements in proof size, generation time, and verification efficiency. The proposed OR-aggregation technique offers a scalable and privacy-preserving solution for set membership verification in blockchain-based IoT applications, addressing key limitations of current approaches. Our work contributes to the advancement of efficient and secure data management in large-scale sensor networks, paving the way for wider adoption of blockchain technology in IoT ecosystems. |
| 2024-10-11 | Cross-chain Sharing of Personal Health Records: Heterogeneous and Interoperable Blockchains | Yongyang Lv et.al. | 2410.08762 | With the widespread adoption of medical informatics, a wealth of valuable personal health records (PHR) has been generated. Concurrently, blockchain technology has enhanced the security of medical institutions. However, these institutions often function as isolated data silos, limiting the potential value of PHRs. As the demand for data sharing between hospitals on different blockchains grows, addressing the challenge of cross-chain data sharing becomes crucial. When sharing PHRs across blockchains, the limited storage and computational capabilities of medical Internet of Things (IoT) devices complicate the storage of large volumes of PHRs and the handling of complex calculations. Additionally, varying blockchain cryptosystems and the risk of internal attacks further complicate the cross-chain sharing of PHRs. This paper proposes a scheme for sharing PHRs across heterogeneous and interoperable blockchains. Medical IoT devices can encrypt and store real-time PHRs in an InterPlanetary File System, requiring only simple operations for data sharing. An enhanced proxy re-encryption(PRE) algorithm addresses the differences in blockchain cryptosystems. Multi-dimensional analysis demonstrates that this scheme offers robust security and excellent performance. |
| 2024-11-05 | Obelia: Scaling DAG-Based Blockchains to Hundreds of Validators | George Danezis et.al. | 2410.08701 | Obelia improves upon structured DAG-based consensus protocols used in proof-of-stake systems, allowing them to effectively scale to accommodate hundreds of validators. Obelia implements a two-tier validator system. A core group of high-stake validators that propose blocks as in current protocols and a larger group of lower-stake auxiliary validators that occasionally author blocks. Obelia incentivizes auxiliary validators to assist recovering core validators and integrates seamlessly with existing protocols. We show that Obelia does not introduce visible overhead compared to the original protocol, even when scaling to hundreds of validators, or when a large number of auxiliary validators are unreliable. |
| 2024-10-10 | Identifying Money Laundering Subgraphs on the Blockchain | Kiwhan Song et.al. | 2410.08394 | link |
| 2024-10-10 | Intellectual Property Blockchain Odyssey: Navigating Challenges and Seizing Opportunities | Rabia Bajwa et.al. | 2410.08359 | This paper investigates the evolving relationship between protecting Intellectual Property Rights (IPRs) and blockchain technology. We conducted a comprehensive literature review, supplemented by case study analyses and research paper reviews, to understand the scope and implications of blockchain about intellectual property rights. Our study demonstrates how applying blockchain technology for IPR could revolutionize transparency, security, and operational efficiency. It also identifies the primary challenges and openings in this area. We provide an extensive framework for integrating blockchain technology with intellectual property rights and other technical components (some of which already exist or are resolved by blockchain; some might need attention), drawing on current research and best practices. This framework has the potential to give a new perspective in a structured manner for the intellectual property landscape by providing 360-degree coverage across different layers of operation. |
| 2024-10-10 | Ormer: A Manipulation-resistant and Gas-efficient Blockchain Pricing Oracle for DeFi | Dongbin Bai et.al. | 2410.07893 | link |
| 2024-10-14 | A Cloud in the Sky: Geo-Aware On-board Data Services for LEO Satellites | Thomas Sandholm et.al. | 2410.07586 | We propose an architecture with accompanying protocol for on-board satellite data infrastructure designed for Low Earth Orbit (LEO) constellations offering communication services, such as direct-to-cell connectivity. Our design leverages the unused or under-used computing and communication resources of LEO satellites that are orbiting over uninhabited parts of the earth, like the oceans. We show how blockchain-backed distributed transactions can be run efficiently on this architecture to offer smart contract services. A key aspect of the proposed architecture that sets it apart from other blockchain systems is that migration of the ledger is not done solely to recover from failures. Rather, migration is also performed periodically and continuously as the satellites circle around in their orbits and enter and leave the blockchain service area. We show in simulations how message and blockchain processing overhead can be contained using different sizes of dynamic geo-aware service areas. |
| 2024-10-10 | Revisiting the Primitives of Transaction Fee Mechanism Design | Aadityan Ganesh et.al. | 2410.07566 | Transaction Fee Mechanism Design studies auctions run by untrusted miners for transaction inclusion in a blockchain. Under previously-considered desiderata, an auction is considered good' if, informally-speaking, each party (i.e., the miner, the users, and coalitions of both miners and users) has no incentive to deviate from the fixed and pre-determined protocol. In this paper, we propose a novel desideratum for transaction fee mechanisms. We say that a TFM is off-chain influence proof when the miner cannot achieve additional revenue by running a separate auction off-chain. While the previously-highlighted EIP-1559 is the gold-standard according to prior desiderata, we show that it does not satisfy off-chain influence proofness. Intuitively, this holds because a Bayesian revenue-maximizing miner can strictly increase profits by persuasively threatening to censor any bids that do not transfer a tip directly to the miner off-chain. On the other hand, we reconsider the Cryptographic (multi-party computation assisted) Second Price Auction mechanism, which is technically not simple for miners' according to previous desiderata (since miners may wish to set a reserve by fabricating bids). We show that, in a slightly different model where the miner is allowed to set the reserve directly, this auction satisfies simplicity for users and miners, and off-chain influence proofness. Finally, we prove a strong impossibility result: no mechanism satisfies all previously-considered properties along with off-chain influence proofness, even with unlimited supply, and even after soliciting input from the miner. |
| 2024-12-06 | Blockchain-Based Ad Auctions and Bayesian Persuasion: An Analysis of Advertiser Behavior | Xinyu Li et.al. | 2410.07392 | This paper explores how ad platforms can utilize Bayesian persuasion within blockchain-based auction systems to strategically influence advertiser behavior despite increased transparency. By integrating game-theoretic models with machine learning techniques and the principles of blockchain technology, we analyze the role of strategic information disclosure in ad auctions. Our findings demonstrate that even in environments with inherent transparency, ad platforms can design signals to affect advertisers' beliefs and bidding strategies. A detailed case study illustrates how machine learning can predict advertiser responses to different signals, leading to optimized signaling strategies that increase expected revenue. The study contributes to the literature by extending Bayesian persuasion models to transparent systems and providing practical insights for auction design in the digital advertising industry. |
| 2024-10-09 | A Blockchain and Artificial Intelligence based System for Halal Food Traceability | Abdulla Alourani et.al. | 2410.07305 | The demand of the halal food products is increasing rapidly around the world. The consumption of halal food product is just not among the Muslims but also among non-Muslims, due to the purity of the halal food products. However, there are several challenges that are faced by the halal food consumers. The challenges raise a doubt among the halal food consumers about the authenticity of the product being halal. Therefore, a solution that can address these issues and can establish trust between consumers and producers. Blockchain technology can provide a distributed ledger of an immutable record of the information. Artificial intelligence supports developing a solution for pattern identification. The proposed research utilizes blockchain an artificial intelligence-based system for developing a system that ensure the authenticity of the halal food products by providing the traceability related to all the operations and processes of the supply chain and sourcing the raw material. The proposed system has been tested with a local supermarket. The results and tests of the developed solution seemed effective and the testers expressed interest in real-world implementation of the proposed system. |
| 2024-10-08 | BlockMEDC: Blockchain Smart Contracts for Securing Moroccan Higher Education Digital Certificates | Mohamed Fartitchou et.al. | 2410.07258 | Morocco's Vision 2030, known as Maroc Digital 2030, aims to position the country as a regional leader in digital technology by boosting digital infrastructure, fostering innovation, and advancing digital skills. Complementing this initiative, the Pacte ESRI 2030 strategy, launched in 2023, seeks to transform the higher education, research, and innovation sectors by integrating state-of-the-art digital technologies. In alignment with these national strategies, this paper introduces BlockMEDC, a blockchain-based system for securing and managing Moroccan educational digital certificates. Leveraging Ethereum smart contracts and the InterPlanetary File System, BlockMEDC automates the issuance, management, and verification of academic credentials across Moroccan universities. The proposed system addresses key issues such as document authenticity, manual verification, and lack of interoperability, delivering a secure, transparent, and cost-effective solution that aligns with Morocco's digital transformation goals for the education sector. |
| 2024-11-28 | FRESCO: Fast and Reliable Edge Offloading with Reputation-based Hybrid Smart Contracts | Josip Zilic et.al. | 2410.06715 | Mobile devices offload latency-sensitive application tasks to edge servers to satisfy applications' Quality of Service (QoS) deadlines. Consequently, ensuring reliable offloading without QoS violations is challenging in distributed and unreliable edge environments. However, current edge offloading solutions are either centralized or do not adequately address challenges in distributed environments. We propose FRESCO, a fast and reliable edge offloading framework that utilizes a blockchain-based reputation system, which enhances the reliability of offloading in the distributed edge. The distributed reputation system tracks the historical performance of edge servers, while blockchain through a consensus mechanism ensures that sensitive reputation information is secured against tampering. However, blockchain consensus typically has high latency, and therefore we employ a Hybrid Smart Contract (HSC) that automatically computes and stores reputation securely on-chain (i.e., on the blockchain) while allowing fast offloading decisions off-chain (i.e., outside of blockchain). The offloading decision engine uses a reputation score to derive fast offloading decisions, which are based on Satisfiability Modulo Theory (SMT). The SMT models edge resource constraints, and QoS deadlines, and can formally guarantee a feasible solution that is valuable for latency-sensitive applications that require high reliability. With a combination of on-chain HSC reputation state management and an off-chain SMT decision engine, FRESCO offloads tasks to reliable servers without being hindered by blockchain consensus. We evaluate FRESCO against real availability traces and simulated applications. FRESCO reduces response time by up to 7.86 times and saves energy by up to 5.4% compared to all baselines while minimizing QoS violations to 0.4% and achieving an average decision time of 5.05 milliseconds. |
| 2024-10-08 | SC-Bench: A Large-Scale Dataset for Smart Contract Auditing | Shihao Xia et.al. | 2410.06176 | link |
| 2024-10-08 | blockLAW: Blockchain Technology for Legal Automation and Workflow -- Cyber Ethics and Cybersecurity Platforms | Bishwo Prakash Pokharel et.al. | 2410.06143 | In the current legal environment, it is essential to prioritize the protection and reliability of data to promote trust and effectiveness. This study examines how blockchain technology in the form of blockLAW can be applicable to investigate its effects on legal automation, cybersecurity, and ethical concerns. The decentralized ledger and unchangeable characteristics of Blockchain provide opportunities to simplify legal procedures, automate contract execution with smart contracts, and improve transparency in legal transactions. Blockchain is seen as a crucial instrument for updating legal processes while maintaining ethical standards, tackling issues like scalability, regulatory adherence, and ethical dilemmas such as privacy and fairness. The study examines recent developments and evaluates blockchain impact on legal structures, offering perspectives on its potential to enhance legal procedures and guarantee transparency in legal systems. It further emphasizes blockchain ability to redefine how legal professionals handle and protect sensitive information, leading to stronger, more effective, and reliable legal procedures. We have also discussed the technological considerations when it comes to blockchain integration into legal systems like integration planning, implementation strategies, innovations, advancements, trends with Blockchain Integration Framework for legal systems. |
| 2024-10-08 | A Scalable State Sharing Protocol for Low-Resource Validator Nodes in Blockchain Networks | Ruben Hias et.al. | 2410.05854 | The perpetual growth of data stored on popular blockchains such as Ethereum leads to significant scalability challenges and substantial storage costs for operators of full nodes. Increasing costs may lead to fewer independently operated nodes in the network, which poses risks to decentralization (and hence network security), but also pushes decentralized app developers towards centrally hosted API services. This paper introduces a new protocol that allows validator nodes to participate in a blockchain network without the need to store the full state of the network on each node. The key idea is to use the blockchain network as both a replicated state machine and as a distributed storage system. By distributing states across nodes and enabling efficient data retrieval through a Kademlia-inspired routing protocol, we reduce storage costs for validators. Cryptographic proofs (such as Merkle proofs) are used to allow nodes to verify data stored by other nodes without having to trust those nodes directly. While the protocol trades off data storage for increased network bandwidth, we show how gossiping and caching can minimize the increased bandwidth needs. To validate our state sharing protocol, we conduct an extensive quantitative analysis of Ethereum's data storage and data access patterns. Our findings indicate that while our protocol significantly lowers storage needs, it comes with an increased bandwidth usage ranging from 1.5 MB to 5 MB per block, translating to an additional monthly bandwidth of 319 GB to 1,065 GB. Despite this, the size remains small enough such that it can be passed to all nodes and validated within Ethereum's 12-second block validation window. Further analysis shows that Merkle proofs are the most significant contributor to the additional bandwidth. To address this concern, we also analyze the impact of switching to the more space-efficient Verkle Proofs. |
| 2024-10-08 | A Blockchain-Enhanced Framework for Privacy and Data Integrity in Crowdsourced Drone Services | Junaid Akram et.al. | 2410.05653 | We present an innovative framework that integrates consumer-grade drones into bushfire management, addressing both service improvement and data privacy concerns under Australia's Privacy Act 1988. This system establishes a marketplace where bushfire management authorities, as data consumers, access critical information from drone operators, who serve as data providers. The framework employs local differential privacy to safeguard the privacy of data providers from all system entities, ensuring compliance with privacy standards. Additionally, a blockchain-based solution facilitates fair data and fee exchanges while maintaining immutable records for enhanced accountability. Validated through a proof-of-concept implementation, the framework's scalability and adaptability make it well-suited for large-scale, real-world applications in bushfire management. |
| 2024-10-07 | Block MedCare: Advancing healthcare through blockchain integration | Oliver Simonoski et.al. | 2410.05251 | In an era driven by information exchange, transparency and security hold crucial importance, particularly within the healthcare industry, where data integrity and confidentiality are paramount. This paper investigates the integration of blockchain technology in healthcare, focusing on its potential to revolutionize Electronic Health Records (EHR) management and data sharing. By leveraging Ethereum-based blockchain implementations and smart contracts, we propose a novel system that empowers patients to securely store and manage their medical data. Our research addresses critical challenges in implementing blockchain in healthcare, including scalability, user privacy, and regulatory compliance. We propose a solution that combines digital signatures, Role-Based Access Control, and a multi-layered architecture to enhance security and ensure controlled access. The system's key functions, including user registration, data append, and data retrieval, are facilitated through smart contracts, providing a secure and efficient mechanism for managing health information. To validate our approach, we developed a decentralized application (dApp) that demonstrates the practical implementation of our blockchain-based healthcare solution. The dApp incorporates user-friendly interfaces for patients, doctors, and administrators, showcasing the system's potential to streamline healthcare processes while maintaining data security and integrity. Additionally, we conducted a survey to gain insights into the perceived benefits and challenges of blockchain adoption in healthcare. The results indicate strong interest among healthcare professionals and IT experts, while also highlighting concerns about integration costs and technological complexity. Our findings... |
| 2024-10-18 | BlockFound: Customized blockchain foundation model for anomaly detection | Jiahao Yu et.al. | 2410.04039 | We propose BlockFound, a customized foundation model for anomaly blockchain transaction detection. Unlike existing methods that rely on rule-based systems or directly apply off-the-shelf large language models, BlockFound introduces a series of customized designs to model the unique data structure of blockchain transactions. First, a blockchain transaction is multi-modal, containing blockchain-specific tokens, texts, and numbers. We design a modularized tokenizer to handle these multi-modal inputs, balancing the information across different modalities. Second, we design a customized mask language learning mechanism for pretraining with RoPE embedding and FlashAttention for handling longer sequences. After training the foundation model, we further design a novel detection method for anomaly detection. Extensive evaluations on Ethereum and Solana transactions demonstrate BlockFound's exceptional capability in anomaly detection while maintaining a low false positive rate. Remarkably, BlockFound is the only method that successfully detects anomalous transactions on Solana with high accuracy, whereas all other approaches achieved very low or zero detection recall scores. This work not only provides new foundation models for blockchain but also sets a new benchmark for applying LLMs in blockchain data. |
| 2024-10-18 | Practical Light Clients for Committee-Based Blockchains | Frederik Armknecht et.al. | 2410.03347 | Light clients are gaining increasing attention in the literature since they obviate the need for users to set up dedicated blockchain full nodes. While the literature features a number of light client instantiations, most light client protocols optimize for long offline phases and implicitly assume that the block headers to be verified are signed by highly dynamic validators. In this paper, we show that (i) most light clients are rarely offline for more than a week, and (ii) validators are unlikely to drastically change in most permissioned blockchains and in a number of permissionless blockchains, such as Cosmos and Polkadot. Motivated by these findings, we propose a novel practical system that optimizes for such realistic assumptions and achieves minimal communication and computational costs for light clients when compared to existing protocols. By means of a prototype implementation of our solution, we show that our protocol achieves a reduction by up to |
| 2024-10-03 | RiskSEA : A Scalable Graph Embedding for Detecting On-chain Fraudulent Activities on the Ethereum Blockchain | Ayush Agarwal et.al. | 2410.02160 | Like any other useful technology, cryptocurrencies are sometimes used for criminal activities. While transactions are recorded on the blockchain, there exists a need for a more rapid and scalable method to detect addresses associated with fraudulent activities. We present RiskSEA, a scalable risk scoring system capable of effectively handling the dynamic nature of large-scale blockchain transaction graphs. The risk scoring system, which we implement for Ethereum, consists of 1. a scalable approach to generating node2vec embedding for entire set of addresses to capture the graph topology 2. transaction-based features to capture the transactional behavioral pattern of an address 3. a classifier model to generate risk score for addresses that combines the node2vec embedding and behavioral features. Efficiently generating node2vec embedding for large scale and dynamically evolving blockchain transaction graphs is challenging, we present two novel approaches for generating node2vec embeddings and effectively scaling it to the entire set of blockchain addresses: 1. node2vec embedding propagation and 2. dynamic node2vec embedding. We present a comprehensive analysis of the proposed approaches. Our experiments show that combining both behavioral and node2vec features boosts the classification performance significantly, and that the dynamic node2vec embeddings perform better than the node2vec propagated embeddings. |
| 2024-11-15 | XChainWatcher: Monitoring and Identifying Attacks in Cross-Chain Bridges | André Augusto et.al. | 2410.02029 | Cross-chain bridges are widely used blockchain interoperability mechanisms. However, several of these bridges have vulnerabilities that have caused 3.2 billion dollars in losses since May 2021. Some studies have revealed the existence of these vulnerabilities, but little quantitative research is available, and there are no safeguard mechanisms to protect bridges from such attacks. We propose XChainWatcher(Cross-Chain Watcher), the first mechanism for monitoring bridges and detecting attacks against them in real time. XChainWatcher relies on a cross-chain model powered by a Datalog engine, designed to be pluggable into any cross-chain bridge. Analyzing data from the Ronin and Nomad bridges, we successfully identified the attacks that led to losses of \ $611M and $190M (USD), respectively. XChainWatcher uncovers not only successful attacks but also reveals unintended behavior, such as 37 cross-chain transactions (cctx) that these bridges should not have accepted, failed attempts to exploit Nomad, over $7.8M locked on one chain but never released on Ethereum, and $200K lost due to inadequate interaction with bridges. We provide the first open-source dataset of 81,000 cctxs across three blockchains, capturing more than $ 4.2B in token transfers. |
| 2024-11-15 | Count of Monte Crypto: Accounting-based Defenses for Cross-Chain Bridges | Enze Liu et.al. | 2410.01107 | Between 2021 and 2023, crypto assets valued at over $US2.6 billion were stolen via attacks on "bridges" -- decentralized services designed to allow inter-blockchain exchange. While the individual exploits in each attack vary, a single design flaw underlies them all: the lack of end-to-end value accounting in cross-chain transactions. In this paper, we empirically analyze 10 million transactions used by key bridges during this period. We show that a simple invariant that balances cross-chain inflows and outflows is compatible with legitimate use, yet precisely identifies every known attack (and several likely attacks) in this data. Further, we show that this approach is not only sufficient for post-hoc audits, but can be implemented in-line in existing bridge designs to provide generic protection against a broad array of bridge vulnerabilities. |
| 2024-10-01 | Review of blockchain application with Graph Neural Networks, Graph Convolutional Networks and Convolutional Neural Networks | Amy Ancelotti et.al. | 2410.00875 | This paper reviews the applications of Graph Neural Networks (GNNs), Graph Convolutional Networks (GCNs), and Convolutional Neural Networks (CNNs) in blockchain technology. As the complexity and adoption of blockchain networks continue to grow, traditional analytical methods are proving inadequate in capturing the intricate relationships and dynamic behaviors of decentralized systems. To address these limitations, deep learning models such as GNNs, GCNs, and CNNs offer robust solutions by leveraging the unique graph-based and temporal structures inherent in blockchain architectures. GNNs and GCNs, in particular, excel in modeling the relational data of blockchain nodes and transactions, making them ideal for applications such as fraud detection, transaction verification, and smart contract analysis. Meanwhile, CNNs can be adapted to analyze blockchain data when represented as structured matrices, revealing hidden temporal and spatial patterns in transaction flows. This paper explores how these models enhance the efficiency, security, and scalability of both linear blockchains and Directed Acyclic Graph (DAG)-based systems, providing a comprehensive overview of their strengths and future research directions. By integrating advanced neural network techniques, we aim to demonstrate the potential of these models in revolutionizing blockchain analytics, paving the way for more sophisticated decentralized applications and improved network performance. |
| 2024-10-01 | Enhancing Web Spam Detection through a Blockchain-Enabled Crowdsourcing Mechanism | Noah Kader et.al. | 2410.00860 | The proliferation of spam on the Web has necessitated the development of machine learning models to automate their detection. However, the dynamic nature of spam and the sophisticated evasion techniques employed by spammers often lead to low accuracy in these models. Traditional machine-learning approaches struggle to keep pace with spammers' constantly evolving tactics, resulting in a persistent challenge to maintain high detection rates. To address this, we propose blockchain-enabled incentivized crowdsourcing as a novel solution to enhance spam detection systems. We create an incentive mechanism for data collection and labeling by leveraging blockchain's decentralized and transparent framework. Contributors are rewarded for accurate labels and penalized for inaccuracies, ensuring high-quality data. A smart contract governs the submission and evaluation process, with participants staking cryptocurrency as collateral to guarantee integrity. Simulations show that incentivized crowdsourcing improves data quality, leading to more effective machine-learning models for spam detection. This approach offers a scalable and adaptable solution to the challenges of traditional methods. |
| 2024-10-01 | A Mathematical Theory of Hyper-simplex Fractal Network for Blockchain: Part I | Kaiwen Yang et.al. | 2410.00583 | Blockchain technology holds promise for Web 3.0, but scalability remains a critical challenge. Here, we present a mathematical theory for a novel blockchain network topology based on fractal N-dimensional simplexes. This Hyper-simplex fractal network folds one-dimensional data blocks into geometric shapes, reflecting both underlying and overlaying network connectivities. Our approach offers near-infinite scalability, accommodating trillions of nodes while maintaining efficiency. We derive the mathematical foundations for generating and describing these network topologies, proving key properties such as node count, connectivity patterns, and fractal dimension. The resulting structure facilitates a hierarchical consensus mechanism and enables deterministic address mapping for rapid routing. This theoretical framework lays the groundwork for next-generation blockchain architectures, potentially revolutionizing large-scale decentralized systems. The Part I work was conducted between March and September 2024. |
| 2024-09-27 | Artificial intelligence-based blockchain-driven financial default prediction | Junjun Huang et.al. | 2410.00044 | With the rapid development of technology, blockchain and artificial intelligence technology are playing a huge role in all walks of life. In the financial sector, blockchain solves many security problems in data storage and management in traditional systems with its advantages of decentralization and security. And artificial intelligence has huge advantages in financial forecasting and risk management through its powerful algorithmic modeling capabilities. In financial default prediction using blockchain and artificial intelligence technology is a very powerful application. Blockchain technology guarantees the credibility of data and consistency on all nodes, and machine learning builds a high-level default prediction model through detailed analysis of big data. This study offers financial institutions new thoughts on financial technology in terms of credit risk mitigation and financial system stabilization. |
| 2024-09-22 | Prediction and Detection of Terminal Diseases Using Internet of Medical Things: A Review | Akeem Temitope Otapo et.al. | 2410.00034 | The integration of Artificial Intelligence (AI) and the Internet of Medical Things (IoMT) in healthcare, through Machine Learning (ML) and Deep Learning (DL) techniques, has advanced the prediction and diagnosis of chronic diseases. AI-driven models such as XGBoost, Random Forest, CNNs, and LSTM RNNs have achieved over 98% accuracy in predicting heart disease, chronic kidney disease (CKD), Alzheimer's disease, and lung cancer, using datasets from platforms like Kaggle, UCI, private institutions, and real-time IoMT sources. However, challenges persist due to variations in data quality, patient demographics, and formats from different hospitals and research sources. The incorporation of IoMT data, which is vast and heterogeneous, adds complexities in ensuring interoperability and security to protect patient privacy. AI models often struggle with overfitting, performing well in controlled environments but less effectively in real-world clinical settings. Moreover, multi-morbidity scenarios especially for rare diseases like dementia, stroke, and cancers remain insufficiently addressed. Future research should focus on data standardization and advanced preprocessing techniques to improve data quality and interoperability. Transfer learning and ensemble methods are crucial for improving model generalizability across clinical settings. Additionally, the exploration of disease interactions and the development of predictive models for chronic illness intersections is needed. Creating standardized frameworks and open-source tools for integrating federated learning, blockchain, and differential privacy into IoMT systems will also ensure robust data privacy and security. |
| 2024-09-30 | DBNode: A Decentralized Storage System for Big Data Storage in Consortium Blockchains | Narges Dadkhah et.al. | 2409.20123 | Storing big data directly on a blockchain poses a substantial burden due to the need to maintain a consistent ledger across all nodes. Numerous studies in decentralized storage systems have been conducted to tackle this particular challenge. Most state-of-the-art research concentrates on developing a general storage system that can accommodate diverse blockchain categories. However, it is essential to recognize the unique attributes of a consortium blockchain, such as data privacy and access control. Beyond ensuring high performance, these specific needs are often overlooked by general storage systems. This paper proposes a decentralized storage system for Hyperledger Fabric, which is a well-known consortium blockchain. First, we employ erasure coding to partition files, subsequently organizing these chunks into a hierarchical structure that fosters efficient and dependable data storage. Second, we design a two-layer hash-slots mechanism and a mirror strategy, enabling high data availability. Third, we design an access control mechanism based on a smart contract to regulate file access. |
| 2024-09-30 | A Quantum-Resistant Photonic Hash Function | Tomoya Hatanaka et.al. | 2409.19932 | We propose a quantum hash function based on Gaussian boson sampling on a photonic quantum computer, aiming to provide quantum-resistant security. Extensive simulations demonstrate that this hash function exhibits strong properties of preimage, second preimage, and collision resistance, which are essential for cryptographic applications. Notably, the estimated number of attempts required for a successful collision attack increases exponentially with the mode counts of the photonic quantum computer, suggesting robust resistance against birthday attacks. We also analyze the sampling cost for physical implementation and discuss potential applications to blockchain technologies, where the inherent quantum nature of the hash computation could provide quantum-resistant security. The high dimensionality of the quantum state space involved in the hashing process poses significant challenges for quantum attacks, indicating a path towards quantum security. Our work lays the foundation for a new paradigm of quantum-resistant hashing with applications in emerging quantum-era information systems. |
| 2024-09-29 | Blockchain-enhanced Integrity Verification in Educational Content Assessment Platform: A Lightweight and Cost-Efficient Approach | Talgar Bayan et.al. | 2409.19828 | The growing digitization of education presents significant challenges in maintaining the integrity and trustworthiness of educational content. Traditional systems often fail to ensure data authenticity and prevent unauthorized alterations, particularly in the evaluation of teachers' professional activities, where demand for transparent and secure assessment mechanisms is increasing. In this context, Blockchain technology offers a novel solution to address these issues. This paper introduces a Blockchain-enhanced framework for the Electronic Platform for Expertise of Content (EPEC), a platform used for reviewing and assessing educational materials. Our approach integrates the Polygon network, a Layer-2 solution for Ethereum, to securely store and retrieve encrypted reviews, ensuring both privacy and accountability. By leveraging Python, Flask, and Web3.py, we interact with a Solidity-based smart contract to securely link each review to a unique identifier (UID) that connects on-chain data with real-world databases. The system, containerized using Docker, facilitates easy deployment and integration through API endpoints. Our implementation demonstrates significant cost savings, with a 98% reduction in gas fees compared to Ethereum, making it a scalable and cost-effective solution. This research contributes to the ongoing effort to implement Blockchain in educational content verification, offering a practical and secure framework that enhances trust and transparency in the digital education landscape. |
| 2024-09-29 | Programming on Bitcoin: A Survey of Layer 1 and Layer 2 Technologies in Bitcoin Ecosystem | Guofu Liao et.al. | 2409.19622 | This paper surveys innovative protocols that enhance the programming functionality of the Bitcoin blockchain, a key part of the "Bitcoin Ecosystem." Bitcoin utilizes the Unspent Transaction Output (UTXO) model and a stack-based script language for efficient peer-to-peer payments, but it faces limitations in programming capability and throughput. The 2021 Taproot upgrade introduced the Schnorr signature algorithm and P2TR transaction type, significantly improving Bitcoin's privacy and programming capabilities. This upgrade has led to the development of protocols like Ordinals, Atomicals, and BitVM, which enhance Bitcoin's programming functionality and enrich its ecosystem. We explore the technical aspects of the Taproot upgrade and examine Bitcoin Layer 1 protocols that leverage Taproot's features to program non-fungible tokens (NFTs) into transactions, including Ordinals and Atomicals, along with the fungible token standards BRC-20 and ARC-20. Additionally, we categorize certain Bitcoin ecosystem protocols as Layer 2 solutions similar to Ethereum's, analyzing their impact on Bitcoin's performance. By analyzing data from the Bitcoin blockchain, we gather metrics on block capacity, miner fees, and the growth of Taproot transactions. Our findings confirm the positive effects of these protocols on Bitcoin's mainnet, bridging gaps in the literature regarding Bitcoin's programming capabilities and ecosystem protocols and providing valuable insights for practitioners and researchers. |
| 2024-09-28 | IM: Optimizing Byzantine Consensus for High-Performance Distributed Networks | Qingming Zeng et.al. | 2409.19286 | Byzantine Fault Tolerant (BFT) consensus, a crucial component of blockchains, has made significant advancements. However, the efficiency of existing protocols can still be damaged by certain attacks from faulty nodes and network instability. In this paper, we propose a novel Shared Mempool (SMP) protocol, namely IM, that enhances performance under these attacks. Technically, IM organizing microblocks into chains, combined with coding techniques, achieves totality and availability efficiently. IM can be easily integrated into a BFT protocol. We take Fast-HotStuff as an example and obtain the IM-FHS with guarantees of \emph{order keeping}, \emph{bandwidth adaptability} and \emph{over-distribution resistance}. IM-FHS is conducted in a system with up to 256 nodes, and experimental results validate the efficiency of our approach. IM-FHS achieves higher throughput and smaller latency with faulty nodes than Stratus-FHS, the state-of-the-art protocol, and the throughput gain increases as the number of fault nodes. In a system with 100 nodes with 33 faulty nodes, IM-FHS achieves 9 times the throughput of Stratus-FHS while maintaining 1/10 the latency when dealing with maximum resilience against faulty nodes. |
| 2024-09-28 | An Efficient Multi-threaded Collaborative Filtering Approach in Recommendation System | Mahamudul Hasan et.al. | 2409.19262 | Recommender systems are a subset of information filtering systems designed to predict and suggest items that users may find interesting or relevant based on their preferences, behaviors, or interactions. By analyzing user data such as past activities, ratings, and preferences, these systems generate personalized recommendations for products, services, or content, with common applications including online retail, media streaming platforms, and social media. Recommender systems are typically categorized into three types: content-based filtering, which recommends items similar to those the user has shown interest in; collaborative filtering, which analyzes the preferences of similar users; and hybrid methods, which combine both approaches to improve accuracy. These systems enhance user experience by reducing information overload and providing personalized suggestions, thus increasing engagement and satisfaction. However, building a scalable recommendation system capable of handling numerous users efficiently is a significant challenge, particularly when considering both performance consistency and user data security, which are emerging research topics. The primary objective of this research is to address these challenges by reducing the processing time in recommendation systems. A multithreaded similarity approach is employed to achieve this, where users are divided into independent threads that run in parallel. This parallelization significantly reduces computation time compared to traditional methods, resulting in a faster, more efficient, and scalable recommendation system that ensures improved performance without compromising user data security. |
| 2024-09-26 | A Systematisation of Knowledge: Connecting European Digital Identities with Web3 | Ben Biedermann et.al. | 2409.19032 | The terms self-sovereign identity (SSI) and decentralised identity are often used interchangeably, which results in increasing ambiguity when solutions are being investigated and compared. This article aims to provide a clear distinction between the two concepts in relation to the revised Regulation as Regards establishing the European Digital Identity Framework (eIDAS 2.0) by providing a systematisation of knowledge of technological developments that led up to implementation of eIDAS 2.0. Applying an inductive exploratory approach, relevant literature was selected iteratively in waves over a nine months time frame and covers literature between 2005 and 2024. The review found that the decentralised identity sector emerged adjacent to the OpenID Connect (OIDC) paradigm of Open Authentication, whereas SSI denotes the sector's shift towards blockchain-based solutions. In this study, it is shown that the interchangeable use of SSI and decentralised identity coincides with novel protocols over OIDC. While the first part of this paper distinguishes OIDC from decentralised identity, the second part addresses the incompatibility between OIDC under eIDAS 2.0 and Web3. The paper closes by suggesting further research for establishing a digital identity bridge for connecting applications on public-permissionless ledgers with data originating from eIDAS 2.0 and being presented using OIDC. |
| 2024-09-26 | Drawing the boundaries between Blockchain and Blockchain-like systems: A Comprehensive Survey on Distributed Ledger Technologies | Badr Bellaj et.al. | 2409.18799 | Bitcoin's global success has led to the rise of blockchain, but many systems labeled as "blockchain" deviate from its core principles, adding complexity to the ecosystem. This survey addresses the need for a comprehensive review and taxonomy to clarify the differences between blockchain and blockchain-like systems. We propose a reference model with four key layers: data, consensus, execution, and application, and introduce a new taxonomy for better classification. Through a qualitative and quantitative analysis of 44 DLT solutions and 26 consensus mechanisms, we highlight key challenges and offer research directions in the field. |
| 2024-09-27 | Architecture for Protecting Data Privacy in Decentralized Social Networks | Quang Cao et.al. | 2409.18360 | Centralized social networks have experienced a transformative impact on our digital era communication, connection, and information-sharing information. However, it has also raised significant concerns regarding users' privacy and individual rights. In response to these concerns, this paper proposes a novel Decentralized Social Network employing Blockchain technology and Decentralized Storage Networks completed by Access Control Smart Contracts. The initial phase comprises a comprehensive literature review, delving into decentralized social networks, explaining the review methodology, and presenting the resulting findings. Building upon these findings and an analysis of previous research gaps, we propose a novel architecture for decentralized social networks. In conclusion, the principal results highlight the benefit of our decentralized social network to protect user privacy. Moreover, the users have all rights to their posted information following the General Data Protection Regulation (GDPR). |
| 2024-09-26 | PDFed: Privacy-Preserving and Decentralized Asynchronous Federated Learning for Diffusion Models | Kar Balan et.al. | 2409.18245 | We present PDFed, a decentralized, aggregator-free, and asynchronous federated learning protocol for training image diffusion models using a public blockchain. In general, diffusion models are prone to memorization of training data, raising privacy and ethical concerns (e.g., regurgitation of private training data in generated images). Federated learning (FL) offers a partial solution via collaborative model training across distributed nodes that safeguard local data privacy. PDFed proposes a novel sample-based score that measures the novelty and quality of generated samples, incorporating these into a blockchain-based federated learning protocol that we show reduces private data memorization in the collaboratively trained model. In addition, PDFed enables asynchronous collaboration among participants with varying hardware capabilities, facilitating broader participation. The protocol records the provenance of AI models, improving transparency and auditability, while also considering automated incentive and reward mechanisms for participants. PDFed aims to empower artists and creators by protecting the privacy of creative works and enabling decentralized, peer-to-peer collaboration. The protocol positively impacts the creative economy by opening up novel revenue streams and fostering innovative ways for artists to benefit from their contributions to the AI space. |
| 2024-09-26 | Verifying Randomized Consensus Protocols with Common Coins | Song Gao et.al. | 2409.17627 | Randomized fault-tolerant consensus protocols with common coins are widely used in cloud computing and blockchain platforms. Due to their fundamental role, it is vital to guarantee their correctness. Threshold automata is a formal model designed for the verification of fault-tolerant consensus protocols. It has recently been extended to probabilistic threshold automata (PTAs) to verify randomized fault-tolerant consensus protocols. Nevertheless, PTA can only model randomized consensus protocols with local coins. In this work, we extend PTA to verify randomized fault-tolerant consensus protocols with common coins. Our main idea is to add a process to simulate the common coin (the so-called common-coin process). Although the addition of the common-coin process destroys the symmetry and poses technical challenges, we show how PTA can be adapted to overcome the challenges. We apply our approach to verify the agreement, validity and almost-sure termination properties of 8 randomized consensus protocols with common coins. |
| 2024-09-26 | BioZero: An Efficient and Privacy-Preserving Decentralized Biometric Authentication Protocol on Open Blockchain | Junhao Lai et.al. | 2409.17509 | Digital identity plays a vital role in enabling secure access to resources and services in the digital world. Traditional identity authentication methods, such as password-based and biometric authentications, have limitations in terms of security, privacy, and scalability. Decentralized authentication approaches leveraging blockchain technology have emerged as a promising solution. However, existing decentralized authentication methods often rely on indirect identity verification (e.g. using passwords or digital signatures as authentication credentials) and face challenges such as Sybil attacks. In this paper, we propose BioZero, an efficient and privacy-preserving decentralized biometric authentication protocol that can be implemented on open blockchain. BioZero leverages Pedersen commitment and homomorphic computation to protect user biometric privacy while enabling efficient verification. We enhance the protocol with non-interactive homomorphic computation and employ zero-knowledge proofs for secure on-chain verification. The unique aspect of BioZero is that it is fully decentralized and can be executed by blockchain smart contracts in a very efficient way. We analyze the security of BioZero and validate its performance through a prototype implementation. The results demonstrate the effectiveness, efficiency, and security of BioZero in decentralized authentication scenarios. Our work contributes to the advancement of decentralized identity authentication using biometrics. |
| 2024-09-20 | Blockchain-Enabled Variational Information Bottleneck for Data Extraction Based on Mutual Information in Internet of Vehicles | Cui Zhang et.al. | 2409.17287 | The Internet of Vehicles (IoV) network can address the issue of limited computing resources and data processing capabilities of individual vehicles, but it also brings the risk of privacy leakage to vehicle users. Applying blockchain technology can establish secure data links within the IoV, solving the problems of insufficient computing resources for each vehicle and the security of data transmission over the network. However, with the development of the IoV, the amount of data interaction between multiple vehicles and between vehicles and base stations, roadside units, etc., is continuously increasing. There is a need to further reduce the interaction volume, and intelligent data compression is key to solving this problem. The VIB technique facilitates the training of encoding and decoding models, substantially diminishing the volume of data that needs to be transmitted. This paper introduces an innovative approach that integrates blockchain with VIB, referred to as BVIB, designed to lighten computational workloads and reinforce the security of the network. We first construct a new network framework by separating the encoding and decoding networks to address the computational burden issue, and then propose a new algorithm to enhance the security of IoV networks. We also discuss the impact of the data extraction rate on system latency to determine the most suitable data extraction rate. An experimental framework combining Python and C++ has been established to substantiate the efficacy of our BVIB approach. Comprehensive simulation studies indicate that the BVIB consistently excels in comparison to alternative foundational methodologies. |
| 2024-09-21 | XDC Gasless Subnet: Gasless Subnet Staking dApp for XDC Network | Mohuya Chakraborty et.al. | 2409.17176 | With a delegated proof-of-stake (XDPoS) consensus mechanism, the XDC Network is an enterprise-focused blockchain platform that combines the strength of public and private blockchains to provide quick transaction times, low energy consumption, and economical gas fees. XDC is designed for interoperability and supports decentralized apps (dApps) and integrates smoothly with financial systems. It is perfect for trade financing and tokenisation of physical assets because of its emphasis on security and scalability. However, there are a few critical issues that hamper wider acceptance and usability for certain high-frequency applications. This whitepaper introduces a novel and enthralling dApp for establishing a gasless subnet in which mainnet XDC can be staked to spin off a subnet that functions similarly to a non-crypto network, accepting currency fees on the XDC network. This would allow users to stake their tokens without incurring gas fees making the staking process more efficient, cost-effective, and simultaneously enhancing scalability. Performance evaluation of the dApp shows promising results in terms of throughput, latency, scalability, security, and cost efficiency. The use cases and applications of this approach along with challenges and ensuing solutions are included. |
| 2024-09-24 | Artificial Intelligence for Secured Information Systems in Smart Cities: Collaborative IoT Computing with Deep Reinforcement Learning and Blockchain | Amin Zakaie Far et.al. | 2409.16444 | The accelerated expansion of the Internet of Things (IoT) has raised critical challenges associated with privacy, security, and data integrity, specifically in infrastructures such as smart cities or smart manufacturing. Blockchain technology provides immutable, scalable, and decentralized solutions to address these challenges, and integrating deep reinforcement learning (DRL) into the IoT environment offers enhanced adaptability and decision-making. This paper investigates the integration of blockchain and DRL to optimize mobile transmission and secure data exchange in IoT-assisted smart cities. Through the clustering and categorization of IoT application systems, the combination of DRL and blockchain is shown to enhance the performance of IoT networks by maintaining privacy and security. Based on the review of papers published between 2015 and 2024, we have classified the presented approaches and offered practical taxonomies, which provide researchers with critical perspectives and highlight potential areas for future exploration and research. Our investigation shows how combining blockchain's decentralized framework with DRL can address privacy and security issues, improve mobile transmission efficiency, and guarantee robust, privacy-preserving IoT systems. Additionally, we explore blockchain integration for DRL and outline the notable applications of DRL technology. By addressing the challenges of machine learning and blockchain integration, this study proposes novel perspectives for researchers and serves as a foundational exploration from an interdisciplinary standpoint. |
| 2024-09-18 | Novel Saliency Analysis for the Forward Forward Algorithm | Mitra Bakhshi et.al. | 2409.15365 | Incorporating the Forward Forward algorithm into neural network training represents a transformative shift from traditional methods, introducing a dual forward mechanism that streamlines the learning process by bypassing the complexities of derivative propagation. This method is noted for its simplicity and efficiency and involves executing two forward passes the first with actual data to promote positive reinforcement, and the second with synthetically generated negative data to enable discriminative learning. Our experiments confirm that the Forward Forward algorithm is not merely an experimental novelty but a viable training strategy that competes robustly with conventional multi layer perceptron (MLP) architectures. To overcome the limitations inherent in traditional saliency techniques, which predominantly rely on gradient based methods, we developed a bespoke saliency algorithm specifically tailored for the Forward Forward framework. This innovative algorithm enhances the intuitive understanding of feature importance and network decision-making, providing clear visualizations of the data features most influential in model predictions. By leveraging this specialized saliency method, we gain deeper insights into the internal workings of the model, significantly enhancing our interpretative capabilities beyond those offered by standard approaches. Our evaluations, utilizing the MNIST and Fashion MNIST datasets, demonstrate that our method performs comparably to traditional MLP-based models. |
| 2025-01-04 | TeeRollup: Efficient Rollup Design Using Heterogeneous TEE | Xiaoqing Wen et.al. | 2409.14647 | Rollups have emerged as a promising approach to improving blockchains' scalability by offloading transactions execution off-chain. Existing rollup solutions either leverage complex zero-knowledge proofs or optimistically assume execution correctness unless challenged. However, these solutions suffer from high gas costs and significant withdrawal delays, hindering their adoption in decentralized applications. This paper introduces TEERollup, an efficient rollup protocol that leverages Trusted Execution Environments (TEEs) to achieve both low gas costs and short withdrawal delays. Sequencers (system participants) execute transactions within TEEs and upload signed execution results to the blockchain with confidential keys of TEEs. Unlike most TEE-assisted blockchain designs, TEERollup adopts a practical threat model where the integrity and availability of TEEs may be compromised. To address these issues, we first introduce a distributed system of sequencers with heterogeneous TEEs, ensuring system security even if a certain proportion of TEEs are compromised. Second, we propose a challenge mechanism to solve the redeemability issue caused by TEE unavailability. Furthermore, TEERollup incorporates Data Availability Providers (DAPs) to reduce on-chain storage overhead and uses a laziness penalty mechanism to regulate DAP behavior. We implement a prototype of TEERollup in Golang, using the Ethereum test network, Sepolia. Our experimental results indicate that TEERollup outperforms zero-knowledge rollups (ZK-rollups), reducing on-chain verification costs by approximately 86% and withdrawal delays to a few minutes. |
| 2024-09-23 | MECURY: Practical Cross-Chain Exchange via Trusted Hardware | Xiaoqing Wen et.al. | 2409.14640 | The proliferation of blockchain-backed cryptocurrencies has sparked the need for cross-chain exchanges of diverse digital assets. Unfortunately, current exchanges suffer from high on-chain verification costs, weak threat models of central trusted parties, or synchronous requirements, making them impractical for currency trading applications. In this paper, we present MERCURY, a practical cryptocurrency exchange that is trust-minimized and efficient without online-client requirements. MERCURY leverages Trusted Execution Environments (TEEs) to shield participants from malicious behaviors, eliminating the reliance on trusted participants and making on-chain verification efficient. Despite the simple idea, building a practical TEE-assisted cross-chain exchange is challenging due to the security and unavailability issues of TEEs. MERCURY tackles the unavailability problem of TEEs by implementing an efficient challenge-response mechanism executed on smart contracts. Furthermore, MERCURY utilizes a lightweight transaction verification mechanism and adopts multiple optimizations to reduce on-chain costs. Comparative evaluations with XClaim, ZK-bridge, and Tesseract demonstrate that MERCURY significantly reduces on-chain costs by approximately 67.87%, 45.01%, and 47.70%, respectively. |
| 2024-09-22 | Brain Surgery: Ensuring GDPR Compliance in Large Language Models via Concept Erasure | Michele Laurelli et.al. | 2409.14603 | As large-scale AI systems proliferate, ensuring compliance with data privacy laws such as the General Data Protection Regulation (GDPR) has become critical. This paper introduces Brain Surgery, a transformative methodology for making every local AI model GDPR-ready by enabling real-time privacy management and targeted unlearning. Building on advanced techniques such as Embedding-Corrupted Prompts (ECO Prompts), blockchain-based privacy management, and privacy-aware continual learning, Brain Surgery provides a modular solution that can be deployed across various AI architectures. This tool not only ensures compliance with privacy regulations but also empowers users to define their own privacy limits, creating a new paradigm in AI ethics and governance. |
| 2024-09-22 | An Integrated Blockchain and IPFS Solution for Secure and Efficient Source Code Repository Hosting using Middleman Approach | Md. Rafid Haque et.al. | 2409.14530 | Version control systems (VCS) are essential for software development, yet centralized VCS present risks such as data loss, security breaches, and ownership disputes. While blockchain-based approaches to decentralized source code repository hosting have been explored, many existing solutions struggle with challenges related to security, scalability, efficiency, and real-time collaboration. This study seeks to enhance these efforts by proposing a novel decentralized solution that leverages the Ethereum blockchain and IPFS for secure, efficient, and resilient code repository hosting and governance. Our approach introduces a hybrid architecture that combines the immutable and decentralized nature of blockchain with the efficiency of IPFS for off-chain storage. To facilitate real-time collaboration, we integrate a temporary centralized Middleman IPFS that manages transaction processing and enhances operational efficiency without compromising long-term security. This Middleman IPFS acts as an intermediary, balancing the speed of centralized systems with the resilience of decentralized architectures. Our system uses smart contracts to maintain access control and key management by dynamically verifying access rights, ensuring that only authorized users can retrieve and decrypt data stored on IPFS. This integration allows for secure, real-time collaboration in environments where multiple collaborators need concurrent access to shared resources. Our system employs a hybrid encryption scheme that combines symmetric and asymmetric cryptography. The encrypted keys are stored on the blockchain, while IPFS handles the efficient storage of the codebase itself, with a Middleman IPFS maintaining concurrent collaboration, providing a robust and scalable solution for managing large-scale, collaborative coding projects. |
| 2024-09-22 | Blockchain Based Information Security and Privacy Protection: Challenges and Future Directions using Computational Literature Review | Gauri Shankar et.al. | 2409.14472 | Blockchain technology is an emerging digital innovation that has gained immense popularity in enhancing individual security and privacy within Information Systems (IS). This surge in interest is reflected in the exponential increase in research articles published on blockchain technology, highlighting its growing significance in the digital landscape. However, the rapid proliferation of published research presents significant challenges for manual analysis and synthesis due to the vast volume of information. The complexity and breadth of topics, combined with the inherent limitations of human data processing capabilities, make it difficult to comprehensively analyze and draw meaningful insights from the literature. To this end, we adopted the Computational Literature Review (CLR) to analyze pertinent literature impact and topic modelling using the Latent Dirichlet Allocation (LDA) technique. We identified 10 topics related to security and privacy and provided a detailed description of each topic. From the critical analysis, we have observed several limitations, and several future directions are provided as an outcome of this review. |
| 2024-10-23 | Cyber-Physical Authentication Scheme for Secure V2G Transactions | Yunwang Chen et.al. | 2409.14008 | The rapid adoption of electric vehicles (EVs) globally has catalyzed the need for robust cybersecurity measures within vehicle-to-grid (V2G) networks. As these networks are increasingly being integrated into smart charging infrastructures, they also introduce new vulnerabilities that threaten grid stability and user privacy This paper proposes a cyber-physical authentication protocol and trading smart contract tailored to plug and charge (PnC) operations within blockchain-based V2G systems. The protocol leverages advanced cryptographic techniques and blockchain to ensure secure, transparent, and tamper-proof energy transactions between EVs and charging stations. Key contributions include the development of a cyber-physical authentication method, the implementation of a smart contract framework for secure energy trading, and a detailed security and privacy analysis. The proposed protocol effectively mitigates risks such as man-in-the-middle (MitM) attacks and replay attacks while preserving user anonymity and data integrity. |
| 2024-09-20 | Stabl: Blockchain Fault Tolerance | Vincent Gramoli et.al. | 2409.13142 | Blockchain promises to make online services more fault tolerant due to their inherent distributed nature. Their ability to execute arbitrary programs in different geo-distributed regions and on diverse operating systems make them an alternative of choice to our dependence on unique software whose recent failure affected 8.5 millions of machines. As of today, it remains, however, unclear whether blockchains can truly tolerate failures. In this paper, we assess the fault tolerance of blockchain. To this end, we inject failures in controlled deployments of five modern blockchain systems, namely Algorand, Aptos, Avalanche, Redbelly and Solana. We introduce a novel sensitivity metric, interesting in its own right, as the difference between the integrals of two cumulative distribution functions, one obtained in a baseline environment and one obtained in an adversarial environment. Our results indicate that (i) all blockchains except Redbelly are highly impacted by the failure of a small part of their network, (ii) Avalanche and Redbelly benefit from the redundant information needed for Byzantine fault tolerance while others are hampered by it, and more dramatically (iii) Avalanche and Solana cannot recover from localised transient failures. |
| 2024-09-11 | Semantic Interoperability on Blockchain by Generating Smart Contracts Based on Knowledge Graphs | William Van Woensel et.al. | 2409.12171 | Background: Health 3.0 allows decision making to be based on longitudinal data from multiple institutions, from across the patient's healthcare journey. In such a distributed setting, blockchain smart contracts can act as neutral intermediaries to implement trustworthy decision making. Objective: In a distributed setting, transmitted data will be structured using standards (such as HL7 FHIR) for semantic interoperability. In turn, the smart contract will require interoperability with this standard, implement a complex communication setup (e.g., using oracles), and be developed using blockchain languages (e.g., Solidity). We propose the encoding of smart contract logic using a high-level semantic Knowledge Graph, using concepts from the domain standard. We then deploy this semantic KG on blockchain. Methods: Off-chain, a code generation pipeline compiles the KG into a concrete smart contract, which is then deployed on-chain. Our pipeline targets an intermediary bridge representation, which can be transpiled into a specific blockchain language. Our choice avoids on-chain rule engines, with unpredictable and likely higher computational cost; it is thus in line with the economic rules of blockchain. Results: We applied our code generation approach to generate smart contracts for 3 health insurance cases from Medicare. We discuss the suitability of our approach - the need for a neutral intermediary - for a number of healthcare use cases. Our evaluation finds that the generated contracts perform well in terms of correctness and execution cost ("gas") on blockchain. Conclusions: We showed that it is feasible to automatically generate smart contract code based on a semantic KG, in a way that respects the economic rules of blockchain. Future work includes studying the use of Large Language Models (LLM) in our approach, and evaluations on other blockchains. |
| 2024-09-20 | Empowering Visual Artists with Tokenized Digital Assets with NFTs | Ruiqiang Li et.al. | 2409.11790 | The Non-Fungible Tokens (NFTs) has the transformative impact on the visual arts industry by examining the nexus between empowering art practices and leveraging blockchain technology. First, we establish the context for this study by introducing some basic but critical technological aspects and affordances of the blockchain domain. Second, we revisit the creative practices involved in producing traditional artwork, covering various types, production processes, trading, and monetization methods. Third, we introduce and define the key fundamentals of the blockchain ecosystem, including its structure, consensus algorithms, smart contracts, and digital wallets. Fourth, we narrow the focus to NFTs, detailing their history, mechanics, lifecycle, and standards, as well as their application in the art world. In particular, we outline the key processes for minting and trading NFTs in various marketplaces and discuss the relevant market dynamics and pricing. We also consider major security concerns, such as wash trading, to underscore some of the central cybersecurity issues facing this domain. Finally, we conclude by considering future research directions, emphasizing improvements in user experience, security, and privacy. Through this innovative research overview, which includes input from creative industry and cybersecurity sdomain expertise, we offer some new insights into how NFTs can empower visual artists and reshape the wider copyright industries. |
| 2024-09-18 | Blockchain-Enabled IoV: Secure Communication and Trustworthy Decision-Making | Jingyi Sun et.al. | 2409.11621 | The Internet of Vehicles (IoV), which enables interactions between vehicles, infrastructure, and the environment, faces challenges in maintaining communication security and reliable automated decisions. This paper introduces a decentralized framework comprising a primary layer for managing inter-vehicle communication and a sub-layer for securing intra-vehicle interactions. By implementing blockchain-based protocols like Blockchain-integrated Secure Authentication (BiSA) and Decentralized Blockchain Name Resolution (DBNR), the framework ensures secure, decentralized identity management and reliable data exchanges, thereby supporting safe and efficient autonomous vehicle operations. |
| 2024-09-17 | CountChain: A Decentralized Oracle Network for Counting Systems | Behkish Nassirzadeh et.al. | 2409.11592 | Blockchain integration in industries like online advertising is hindered by its connectivity limitations to off-chain data. These industries heavily rely on precise counting systems for collecting and analyzing off-chain data. This requires mechanisms, often called oracles, to feed off-chain data into smart contracts. However, current oracle solutions are ill-suited for counting systems since the oracles do not know when to expect the data, posing a significant challenge. To address this, we present CountChain, a decentralized oracle network for counting systems. In CountChain, data is received by all oracle nodes, and any node can submit a proposition request. Each proposition contains enough data to evaluate the occurrence of an event. Only randomly selected nodes participate in a game to evaluate the truthfulness of each proposition by providing proof and some stake. Finally, the propositions with the outcome of True increment the counter in a smart contract. Thus, instead of a contract calling oracles for data, in CountChain, the oracles call a smart contract when the data is available. Furthermore, we present a formal analysis and experimental evaluation of the system's parameters on over half a million data points to obtain optimal system parameters. In such conditions, our game-theoretical analysis demonstrates that a Nash equilibrium exists wherein all rational parties participate with honesty. |
| 2024-09-27 | Multilevel Verification on a Single Digital Decentralized Distributed (DDD) Ledger | Ayush Thada et.al. | 2409.11410 | This paper presents an approach to using decentralized distributed digital (DDD) ledgers like blockchain with multi-level verification. In regular DDD ledgers like Blockchain, only a single level of verification is available, which makes it not useful for those systems where there is a hierarchy and verification is required on each level. In systems where hierarchy emerges naturally, the inclusion of hierarchy in the solution for the problem of the system enables us to come up with a better solution. Introduction to hierarchy means there could be several verification within a level in the hierarchy and more than one level of verification, which implies other challenges induced by an interaction between the various levels of hierarchies that also need to be addressed, like verification of the work of the previous level of hierarchy by given level in the hierarchy. The paper will address all these issues, and provide a road map to trace the state of the system at any given time and probability of failure of the system. |
| 2024-09-17 | Decentralized Biometric Authentication based on Fuzzy Commitments and Blockchain | Nibras Abo Alzahab et.al. | 2409.11303 | Blockchain technology, which was introduced for supporting cryptocurrencies, today provides a decentralized infrastructure for general information storage and execution of algorithms, thus enabling the conversion of many applications and services from a centralized and intermediated model to a decentralized and disintermediated one. In this paper we focus on biometric authentication, which is classically performed using centralized systems, and could hence benefit from decentralization. For such a purpose, however, an inherent contradiction between biometric applications and blockchain technology must be overcome, as the former require keeping biometric features private, while blockchain is a public infrastructure. We propose a blockchain-based biometric authentication protocol that enables decentralization and resilience while protecting the privacy, personal data, and, in particular, biometric features of users. The protocol we propose leverages fuzzy commitment schemes to allow biometric authentication to be performed without disclosing biometric data. We also analyze the security of the protocol we propose by considering some relevant attacks. |
| 2024-09-17 | Delay Analysis of EIP-4844 | Pourya Soltani et.al. | 2409.11043 | Proto-Danksharding, proposed in Ethereum Improvement Proposal 4844 (EIP-4844), aims to incrementally improve the scalability of the Ethereum blockchain by introducing a new type of transaction known as blob-carrying transactions. These transactions incorporate binary large objects (blobs) of data that are stored off-chain but referenced and verified on-chain to ensure data availability. By decoupling data availability from transaction execution, Proto-Danksharding alleviates network congestion and reduces gas fees, laying the groundwork for future, more advanced sharding solutions. This letter provides an analytical model to derive the delay for these new transactions. We model the system as an |
| 2024-09-17 | An Anti-disguise Authentication System Using the First Impression of Avatar in Metaverse | Zhenyong Zhang et.al. | 2409.10850 | Metaverse is a vast virtual world parallel to the physical world, where the user acts as an avatar to enjoy various services that break through the temporal and spatial limitations of the physical world. Metaverse allows users to create arbitrary digital appearances as their own avatars by which an adversary may disguise his/her avatar to fraud others. In this paper, we propose an anti-disguise authentication method that draws on the idea of the first impression from the physical world to recognize an old friend. Specifically, the first meeting scenario in the metaverse is stored and recalled to help the authentication between avatars. To prevent the adversary from replacing and forging the first impression, we construct a chameleon-based signcryption mechanism and design a ciphertext authentication protocol to ensure the public verifiability of encrypted identities. The security analysis shows that the proposed signcryption mechanism meets not only the security requirement but also the public verifiability. Besides, the ciphertext authentication protocol has the capability of defending against the replacing and forging attacks on the first impression. Extensive experiments show that the proposed avatar authentication system is able to achieve anti-disguise authentication at a low storage consumption on the blockchain. |
| 2024-09-16 | Deterministic Bounds in Committee Selection: Enhancing Decentralization and Scalability in Distributed Ledgers | Grigorii Melnikov et.al. | 2409.10727 | Consensus plays a crucial role in distributed ledger systems, impacting both scalability and decentralization. Many blockchain systems use a weighted lottery based on a scarce resource such as a stake, storage, memory, or computing power to select a committee whose members drive the consensus and are responsible for adding new information to the ledger. Therefore, ensuring a robust and fair committee selection process is essential for maintaining security, efficiency, and decentralization. There are two main approaches to randomized committee selection. In one approach, each validator candidate locally checks whether they are elected to the committee and reveals their proof during the consensus phase. In contrast, in the second approach, a sortition algorithm decides a fixed-sized committee that is globally verified. This paper focuses on the latter approach, with cryptographic sortition as a method for fair committee selection that guarantees a constant committee size. Our goal is to develop deterministic guarantees that strengthen decentralization. We introduce novel methods that provide deterministic bounds on the influence of adversaries within the committee, as evidenced by numerical experiments. This approach overcomes the limitations of existing protocols that only offer probabilistic guarantees, often providing large committees that are impractical for many quorum-based applications like atomic broadcast and randomness beacon protocols. |
| 2024-10-26 | Detection Made Easy: Potentials of Large Language Models for Solidity Vulnerabilities | Md Tauseef Alam et.al. | 2409.10574 | The large-scale deployment of Solidity smart contracts on the Ethereum mainnet has increasingly attracted financially-motivated attackers in recent years. A few now-infamous attacks in Ethereum's history includes DAO attack in 2016 (50 million dollars lost), Parity Wallet hack in 2017 (146 million dollars locked), Beautychain's token BEC in 2018 (900 million dollars market value fell to 0), and NFT gaming blockchain breach in 2022 ($600 million in Ether stolen). This paper presents a comprehensive investigation of the use of large language models (LLMs) and their capabilities in detecting OWASP Top Ten vulnerabilities in Solidity. We introduce a novel, class-balanced, structured, and labeled dataset named VulSmart, which we use to benchmark and compare the performance of open-source LLMs such as CodeLlama, Llama2, CodeT5 and Falcon, alongside closed-source models like GPT-3.5 Turbo and GPT-4o Mini. Our proposed SmartVD framework is rigorously tested against these models through extensive automated and manual evaluations, utilizing BLEU and ROUGE metrics to assess the effectiveness of vulnerability detection in smart contracts. We also explore three distinct prompting strategies-zero-shot, few-shot, and chain-of-thought-to evaluate the multi-class classification and generative capabilities of the SmartVD framework. Our findings reveal that SmartVD outperforms its open-source counterparts and even exceeds the performance of closed-source base models like GPT-3.5 and GPT-4 Mini. After fine-tuning, the closed-source models, GPT-3.5 Turbo and GPT-4o Mini, achieved remarkable performance with 99% accuracy in detecting vulnerabilities, 94% in identifying their types, and 98% in determining severity. Notably, SmartVD performs best with the chain-of-thought' prompting technique, whereas the fine-tuned closed-source models excel with the zero-shot' prompting approach. |
| 2024-09-16 | Analysing Attacks on Blockchain Systems in a Layer-based Approach | Joydip Das et.al. | 2409.10109 | Blockchain is a growing decentralized system built for transparency and immutability. There have been several major attacks on blockchain-based systems, leaving a gap in the trustability of this system. This article presents a comprehensive study of 23 attacks on blockchain systems and categorizes them using a layer-based approach. This approach provides an in-depth analysis of the feasibility and motivation of these attacks. In addition, a framework is proposed that enables a systematic analysis of the impact and interconnection of these attacks, thereby providing a means of identifying potential attack vectors and designing appropriate countermeasures to strengthen any blockchain system. |
| 2024-09-16 | Assessing the Impact of Sanctions in the Crypto Ecosystem: Effective Measures or Ineffective Deterrents? | Francesco Zola et.al. | 2409.10031 | Regulatory authorities aim to tackle illegal activities by targeting the economic incentives that drive such behaviour. This is typically achieved through the implementation of financial sanctions against the entities involved in the crimes. However, the rise of cryptocurrencies has presented new challenges, allowing entities to evade these sanctions and continue criminal operations. Consequently, enforcement measures have been expanded to include crypto assets information of sanctioned entities. Yet, due to the nature of the crypto ecosystem, blocking or freezing these digital assets is harder and, in some cases, such as with Bitcoin, unfeasible. Therefore, sanctions serve merely as deterrents. For this reason, in this study, we aim to assess the impact of these sanctions on entities' crypto activities, particularly those related to the Bitcoin ecosystem. Our objective is to shed light on the validity and effectiveness (or lack thereof) of such countermeasures. Specifically, we analyse the transactions and the amount of USD moved by punished entities that possess crypto addresses after being sanctioned by the authority agency. Results indicate that while sanctions have been effective for half of the examined entities, the others continue to move funds through sanctioned addresses. Furthermore, punished entities demonstrate a preference for utilising rapid exchange services to convert their funds, rather than employing dedicated money laundering services. To the best of our knowledge, this study offers valuable insights into how entities use crypto assets to circumvent sanctions. |
| 2024-09-13 | Research on Data Right Confirmation Mechanism of Federated Learning based on Blockchain | Xiaogang Cheng et.al. | 2409.08476 | Federated learning can solve the privacy protection problem in distributed data mining and machine learning, and how to protect the ownership, use and income rights of all parties involved in federated learning is an important issue. This paper proposes a federated learning data ownership confirmation mechanism based on blockchain and smart contract, which uses decentralized blockchain technology to save the contribution of each participant on the blockchain, and distributes the benefits of federated learning results through the blockchain. In the local simulation environment of the blockchain, the relevant smart contracts and data structures are simulated and implemented, and the feasibility of the scheme is preliminarily demonstrated. |
| 2024-09-12 | Automated Cybersecurity Compliance and Threat Response Using AI, Blockchain & Smart Contracts | Lampis Alevizos et.al. | 2409.08390 | To address the challenges of internal security policy compliance and dynamic threat response in organizations, we present a novel framework that integrates artificial intelligence (AI), blockchain, and smart contracts. We propose a system that automates the enforcement of security policies, reducing manual effort and potential human error. Utilizing AI, we can analyse cyber threat intelligence rapidly, identify non-compliances and automatically adjust cyber defence mechanisms. Blockchain technology provides an immutable ledger for transparent logging of compliance actions, while smart contracts ensure uniform application of security measures. The framework's effectiveness is demonstrated through simulations, showing improvements in compliance enforcement rates and response times compared to traditional methods. Ultimately, our approach provides for a scalable solution for managing complex security policies, reducing costs and enhancing the efficiency while achieving compliance. Finally, we discuss practical implications and propose future research directions to further refine the system and address implementation challenges. |
| 2024-09-12 | A Secure Standard for NFT Fractionalization | Wejdene Haouari et.al. | 2409.08190 | Non-fungible tokens (NFTs) offer a unique method for representing digital and physical assets on the blockchain. However, the NFT market has recently experienced a downturn in interest, mainly due to challenges related to high entry barriers and limited market liquidity. Fractionalization emerges as a promising solution, allowing multiple parties to hold a stake in a single NFT. By breaking down ownership into fractional shares, this approach lowers the entry barrier for investors, enhances market liquidity, and democratizes access to valuable digital assets. Despite these benefits, the current landscape of NFT fractionalization is fragmented, with no standardized framework to guide the secure and interoperable implementation of fractionalization mechanisms. This paper contributions are twofold: first, we provide a detailed analysis of the current NFT fractionalization landscape focusing on security challenges; second, we introduce a standardized approach that addresses these challenges, paving the way for more secure, interoperable, and accessible NFT fractionalization platforms. |
| 2024-12-24 | Validated Strong Consensus Protocol for Asynchronous Vote-based Blockchains | Yibin Xu et.al. | 2409.08161 | Vote-based blockchains construct a state machine replication (SMR) system among participating nodes, using Byzantine Fault Tolerance (BFT) consensus protocols to transition from one state to another. Currently, they rely on either synchronous or partially synchronous networks with leader-based coordination or costly Asynchronous Common Subset (ACS) protocols in asynchronous settings, making them impractical for large-scale asynchronous applications. To make Asynchronous SMR scalable, this paper proposes a \emph{validated strong} BFT consensus model that allows leader-based coordination in asynchronous settings. Our BFT consensus model offers the same level of tolerance as binary byzantine agreement but does not demand consistency among honest nodes before they vote. An SMR using our model allows nodes to operate in different, tentative, but mutually exclusive states until they eventually converge on the same state. We propose an asynchronous BFT protocol for vote-based blockchains employing our consensus model to address several critical challenges: how to ensure that nodes eventually converge on the same state across voting rounds, how to assure that a blockchain will steadily progress through epochs while reaching consensus for previous epochs, and how to maintain robust byzantine fault tolerance. Our protocol greatly reduces message complexity and is the first one to achieve linear view changes without relying on threshold signatures. We prove that an asynchronous blockchain built on our protocol can operate with the \emph{same} simplicity and efficiency as partially synchronous blockchains built on, e.g. HotStuff-2. This facilitates deploying asynchronous blockchains across large-scale networks. |
| 2024-09-11 | Analyzing the Impact of Copying-and-Pasting Vulnerable Solidity Code Snippets from Question-and-Answer Websites | Konrad Weiss et.al. | 2409.07586 | link |
| 2024-09-11 | A Novel Voting System for Medical Catalogues in National Health Insurance | Xingyuan Liang et.al. | 2409.07057 | This study explores the conceptual development of a medical insurance catalogue voting system. The methodology is centred on creating a model where doctors would vote on treatment inclusions, aiming to demonstrate transparency and integrity. The results from Monte Carlo simulations suggest a robust consensus on the selection of medicines and treatments. Further theoretical investigations propose incorporating a patient outcome-based incentive mechanism. This conceptual approach could enhance decision-making in healthcare by aligning stakeholder interests with patient outcomes, aiming for an optimised, equitable insurance catalogue with potential blockchain-based smart-contracts to ensure transparency and integrity. |
| 2024-09-10 | DroneXNFT: An NFT-Driven Framework for Secure Autonomous UAV Operations and Flight Data Management | Khaoula Hidawi et.al. | 2409.06507 | Non-Fungible Tokens (NFTs) have emerged as a revolutionary method for managing digital assets, providing transparency and secure ownership records on a blockchain. In this paper, we present a theoretical framework for leveraging NFTs to manage UAV (Unmanned Aerial Vehicle) flight data. Our approach focuses on ensuring data integrity, ownership transfer, and secure data sharing among stakeholders. This framework utilizes cryptographic methods, smart contracts, and access control mechanisms to enable a tamper-proof and privacy-preserving management system for UAV flight data. |
| 2024-09-10 | Responsible Blockchain: STEADI Principles and the Actor-Network Theory-based Development Methodology (ANT-RDM) | Yibai Li et.al. | 2409.06179 | This paper provides a comprehensive analysis of the challenges and controversies associated with blockchain technology. It identifies technical challenges such as scalability, security, privacy, and interoperability, as well as business and adoption challenges, and the social, economic, ethical, and environmental controversies present in current blockchain systems. We argue that responsible blockchain development is key to overcoming these challenges and achieving mass adoption. This paper defines Responsible Blockchain and introduces the STEADI principles (sustainable, transparent, ethical, adaptive, decentralized, and inclusive) for responsible blockchain development. Additionally, it presents the Actor-Network Theory-based Responsible Development Methodology (ANT-RDM) for blockchains, which includes the steps of problematization, interessement, enrollment, and mobilization. |
| 2024-09-08 | Balancing Security and Accuracy: A Novel Federated Learning Approach for Cyberattack Detection in Blockchain Networks | Tran Viet Khoa et.al. | 2409.04972 | This paper presents a novel Collaborative Cyberattack Detection (CCD) system aimed at enhancing the security of blockchain-based data-sharing networks by addressing the complex challenges associated with noise addition in federated learning models. Leveraging the theoretical principles of differential privacy, our approach strategically integrates noise into trained sub-models before reconstructing the global model through transmission. We systematically explore the effects of various noise types, i.e., Gaussian, Laplace, and Moment Accountant, on key performance metrics, including attack detection accuracy, deep learning model convergence time, and the overall runtime of global model generation. Our findings reveal the intricate trade-offs between ensuring data privacy and maintaining system performance, offering valuable insights into optimizing these parameters for diverse CCD environments. Through extensive simulations, we provide actionable recommendations for achieving an optimal balance between data protection and system efficiency, contributing to the advancement of secure and reliable blockchain networks. |
| 2024-12-19 | CONNECTOR: Enhancing the Traceability of Decentralized Bridge Applications via Automatic Cross-chain Transaction Association | Dan Lin et.al. | 2409.04937 | Decentralized bridge applications are important software that connects various blockchains and facilitates cross-chain asset transfer in the decentralized finance (DeFi) ecosystem which currently operates in a multi-chain environment. Cross-chain transaction association identifies and matches unique transactions executed by bridge DApps, which is important research to enhance the traceability of cross-chain bridge DApps. However, existing methods rely entirely on unobservable internal ledgers or APIs, violating the open and decentralized properties of blockchain. In this paper, we analyze the challenges of this issue and then present CONNECTOR, an automated cross-chain transaction association analysis method based on bridge smart contracts. Specifically, CONNECTOR first identifies deposit transactions by extracting distinctive and generic features from the transaction traces of bridge contracts. With the accurate deposit transactions, CONNECTOR mines the execution logs of bridge contracts to achieve withdrawal transaction matching. We conduct real-world experiments on different types of bridges to demonstrate the effectiveness of CONNECTOR. The experiment demonstrates that CONNECTOR successfully identifies 100% deposit transactions, associates 95.81% withdrawal transactions, and surpasses methods for CeFi bridges. Based on the association results, we obtain interesting findings about cross-chain transaction behaviors in DeFi bridges and analyze the tracing abilities of CONNECTOR to assist the DeFi bridge apps. |
| 2024-09-07 | Noise-Based Authentication: Is It Secure? | Sarah A. Flanery et.al. | 2409.04931 | This paper introduces a three-point biometric authentication system for a blockchain-based decentralized identity network. We use existing biometric authentication systems to demonstrate the unique noise fingerprints that belong to each individual human and the respective information leak from the biological characteristics. We then propose the concept of using unique thermal noise amplitudes generated by each user and explore the open questions regarding the robustness of unconditionally secure authentication. |
| 2025-02-01 | Deanonymizing Ethereum Validators: The P2P Network Has a Privacy Issue | Lioba Heimbach et.al. | 2409.04366 | Many blockchain networks aim to preserve the anonymity of validators in the peer-to-peer (P2P) network, ensuring that no adversary can link a validator's identifier to the IP address of a peer due to associated privacy and security concerns. This work demonstrates that the Ethereum P2P network does not offer this anonymity. We present a methodology that enables any node in the network to identify validators hosted on connected peers and empirically verify the feasibility of our proposed method. Using data collected from four nodes over three days, we locate more than 15% of Ethereum validators in the P2P network. The insights gained from our deanonymization technique provide valuable information on the distribution of validators across peers, their geographic locations, and hosting organizations. We further discuss the implications and risks associated with the lack of anonymity in the P2P network and propose methods to help validators protect their privacy. The Ethereum Foundation has awarded us a bug bounty, acknowledging the impact of our results. |
| 2024-09-05 | Practical Forecasting of Cryptocoins Timeseries using Correlation Patterns | Pasquale De Rosa et.al. | 2409.03674 | link |
| 2024-09-05 | On the Compliance of Self-Sovereign Identity with GDPR Principles: A Critical Review | Abubakar-Sadiq Shehu et.al. | 2409.03624 | Identity Management Systems (IdMs) have complemented how users are identified, authenticated, and authorised on e-services. Among the methods used for this purpose are traditional IdMs (isolated, centralised and federated) that mostly rely on identity providers (IdPs) to broker trust between a user and service-providers (SPs). An IdP also identifies and authenticates a user on-behalf of the SP, who then determines the authorisation of the user. In these processes, both SP and IdP collect, process or store private users' data, which can be prone to breach. One approach to address the data breach is to relieve the IdP, and return control and storage of personal data to the owner. Self-sovereign identity (SSI) was introduced as an IdM model to reduce the possibility of data breaches by offering control of personal data to the owner. SSI is a decentralised IdM, where the data owner has sovereign control of personal data stored in their digital wallet. Since SSI is an emerging technology, its components and methods require careful evaluation. This paper provides an evolution to IdMs and reviews the state-of-the-art SSI frameworks. We explored articles in the literature that reviewed blockchain solutions for General Data Protection Regulation (GDPR). We systematically searched recent SSI and blockchain proposals, evaluated the compliance of the retrieved documents with the GDPR privacy principles, and discussed their potentials, constraints, and limitations. This work identifies potential research gaps and opportunities. |
| 2024-09-05 | Tyche: Collateral-Free Coalition-Resistant Multiparty Lotteries with Arbitrary Payouts | Quentin Kniep et.al. | 2409.03464 | We propose Tyche, a family of protocols for performing practically (as well as asymptotically) efficient multiparty lotteries, resistant against aborts and majority coalitions. Our protocols are based on a commit-and-reveal approach, requiring only a collision-resistant hash function. All our protocols use a blockchain as a public bulletin board and for buy-in collection and payout settlement. Importantly though, they do not rely on it or any other third party for providing randomness. Also, participants are not required to post any collateral beyond their buy-in. Any honest participant can eventually settle the lottery, and dishonest behavior never reduces the winning probability of any honest participant. Further, we adapt all three protocols into anonymous lotteries, where (under certain conditions) the winner is unlinkable to any particular participant. We show that our protocols are secure, fair, and some preserve the participants' privacy. Finally, we evaluate the performance of our protocols, particularly in terms of transaction fees, by implementing them on the Sui blockchain. There we see that per user transaction fees are reasonably low and our protocols could potentially support millions of participants. |
| 2024-09-04 | A Comprehensive Survey of Blockchain Scalability: Shaping Inner-Chain and Inter-Chain Perspectives | Baochao Chen et.al. | 2409.02968 | Blockchain is widely applied in logistics, finance, and agriculture. As single blockchain users grow, scalability becomes crucial. However, existing works lack a comprehensive summary of blockchain scalability. They focus on single chains or cross-chain technologies. This survey summarizes scalability across the physical and logical layers, as well as inner-chain, inter-chain, and technology dimensions. The physical layer covers data and protocols, while the logical layer represents blockchain architecture. Each component is analyzed from inner-chain and inter-chain perspectives, considering technological factors. The aim is to enhance researchers' understanding of blockchain's architecture, data, and protocols to advance scalability research. |
| 2024-09-04 | AirFogSim: A Light-Weight and Modular Simulator for UAV-Integrated Vehicular Fog Computing | Zhiwei Wei et.al. | 2409.02518 | link |
| 2024-09-03 | Quantifying Liveness and Safety of Avalanche's Snowball | Quentin Kniep et.al. | 2409.02217 | This work examines the resilience properties of the Snowball and Avalanche protocols that underlie the popular Avalanche blockchain. We experimentally quantify the resilience of Snowball using a simulation implemented in Rust, where the adversary strategically rebalances the network to delay termination. We show that in a network of |
| 2024-09-05 | The Role of Transformer Models in Advancing Blockchain Technology: A Systematic Survey | Tianxu Liu et.al. | 2409.02139 | As blockchain technology rapidly evolves, the demand for enhanced efficiency, security, and scalability grows.Transformer models, as powerful deep learning architectures,have shown unprecedented potential in addressing various blockchain challenges. However, a systematic review of Transformer applications in blockchain is lacking. This paper aims to fill this research gap by surveying over 200 relevant papers, comprehensively reviewing practical cases and research progress of Transformers in blockchain applications. Our survey covers key areas including anomaly detection, smart contract security analysis, cryptocurrency prediction and trend analysis, and code summary generation. To clearly articulate the advancements of Transformers across various blockchain domains, we adopt a domain-oriented classification system, organizing and introducing representative methods based on major challenges in current blockchain research. For each research domain,we first introduce its background and objectives, then review previous representative methods and analyze their limitations,and finally introduce the advancements brought by Transformer models. Furthermore, we explore the challenges of utilizing Transformer, such as data privacy, model complexity, and real-time processing requirements. Finally, this article proposes future research directions, emphasizing the importance of exploring the Transformer architecture in depth to adapt it to specific blockchain applications, and discusses its potential role in promoting the development of blockchain technology. This review aims to provide new perspectives and a research foundation for the integrated development of blockchain technology and machine learning, supporting further innovation and application expansion of blockchain technology. |
| 2024-09-03 | Benchmarking ZK-Friendly Hash Functions and SNARK Proving Systems for EVM-compatible Blockchains | Hanze Guo et.al. | 2409.01976 | With the rapid development of Zero-Knowledge Proofs (ZKPs), particularly Succinct Non-Interactive Arguments of Knowledge (SNARKs), benchmarking various ZK tools has become a valuable task. ZK-friendly hash functions, as key algorithms in blockchain, have garnered significant attention. Therefore, comprehensive benchmarking and evaluations of these evolving algorithms in ZK circuits present both promising opportunities and challenges. Additionally, we focus on a popular ZKP application, privacy-preserving transaction protocols, aiming to leverage SNARKs' cost-efficiency through "batch processing" to address high on-chain costs and compliance issues. To this end, we benchmarked three SNARK proving systems and five ZK-friendly hash functions, including our self-developed circuit templates for Poseidon2, Neptune, and GMiMC, on the bn254 curve within the circom-snarkjs framework. We also introduced the role of "sequencer" in our SNARK-based privacy-preserving transaction scheme to enhance efficiency and enable flexible auditing. We conducted privacy and security analyses, as well as implementation and evaluation on Ethereum Virtual Machine (EVM)-compatible chains. The results indicate that Poseidon and Poseidon2 demonstrate superior memory usage and runtime during proof generation under Groth16. Moreover, compared to the baseline, Poseidon2 not only generates proofs faster but also reduces on-chain costs by 73% on EVM chains and nearly 26% on Hedera. Our work provides a benchmark for ZK-friendly hash functions and ZK tools, while also exploring cost efficiency and compliance in ZKP-based privacy-preserving transaction protocols. |
| 2024-09-03 | Securing Federated Learning in Robot Swarms using Blockchain Technology | Alexandre Pacheco et.al. | 2409.01900 | Federated learning is a new approach to distributed machine learning that offers potential advantages such as reducing communication requirements and distributing the costs of training algorithms. Therefore, it could hold great promise in swarm robotics applications. However, federated learning usually requires a centralized server for the aggregation of the models. In this paper, we present a proof-of-concept implementation of federated learning in a robot swarm that does not compromise decentralization. To do so, we use blockchain technology to enable our robot swarm to securely synchronize a shared model that is the aggregation of the individual models without relying on a central server. We then show that introducing a single malfunctioning robot can, however, heavily disrupt the training process. To prevent such situations, we devise protection mechanisms that are implemented through secure and tamper-proof blockchain smart contracts. Our experiments are conducted in ARGoS, a physics-based simulator for swarm robotics, using the Ethereum blockchain protocol which is executed by each simulated robot. |
| 2024-09-03 | DAOs of Collective Intelligence? Unraveling the Complexity of Blockchain Governance in Decentralized Autonomous Organizations | Mark C. Ballandies et.al. | 2409.01823 | Decentralized autonomous organizations (DAOs) have transformed organizational structures by shifting from traditional hierarchical control to decentralized approaches, leveraging blockchain and cryptoeconomics. Despite managing significant funds and building global networks, DAOs face challenges like declining participation, increasing centralization, and inabilities to adapt to changing environments, which stifle innovation. This paper explores DAOs as complex systems and applies complexity science to explain their inefficiencies. In particular, we discuss DAO challenges, their complex nature, and introduce the self-organization mechanisms of collective intelligence, digital democracy, and adaptation. By applying these mechansims to improve DAO design and construction, a practical design framework for DAOs is created. This contribution lays a foundation for future research at the intersection of complexity science and DAOs. |
| 2024-09-17 | Strengthening Solidity Invariant Generation: From Post- to Pre-Deployment | Kartik Kaushik et.al. | 2409.01804 | Invariants are essential for ensuring the security and correctness of Solidity smart contracts, particularly in the context of blockchain's immutability and decentralized execution. This paper introduces InvSol, a novel framework for pre-deployment invariant generation tailored specifically for Solidity smart contracts. Unlike existing solutions, namely InvCon, InvCon+, and Trace2Inv, that rely on post-deployment transaction histories on Ethereum mainnet, InvSol identifies invariants before deployment and offers comprehensive coverage of Solidity language constructs, including loops. Additionally, InvSol incorporates custom templates to effectively prevent critical issues such as reentrancy, out-of-gas errors, and exceptions during invariant generation. We rigorously evaluate InvSol using a benchmark set of smart contracts and compare its performance with state-of-the-art solutions. Our findings reveal that InvSol significantly outperforms these tools, demonstrating its effectiveness in handling new contracts with limited transaction histories. Notably, InvSol achieves a 15% improvement in identifying common vulnerabilities compared to InvCon+ and is able to address certain crucial vulnerabilities using specific invariant templates, better than Trace2Inv. |
| 2024-09-03 | DogeFuzz: A Simple Yet Efficient Grey-box Fuzzer for Ethereum Smart Contracts | Ismael Medeiros et.al. | 2409.01788 | link |
| 2024-09-03 | On-chain Validation of Tracking Data Messages (TDM) Using Distributed Deep Learning on a Proof of Stake (PoS) Blockchain | Yasir Latif et.al. | 2409.01614 | Trustless tracking of Resident Space Objects (RSOs) is crucial for Space Situational Awareness (SSA), especially during adverse situations. The importance of transparent SSA cannot be overstated, as it is vital for ensuring space safety and security. In an era where RSO location information can be easily manipulated, the risk of RSOs being used as weapons is a growing concern. The Tracking Data Message (TDM) is a standardized format for broadcasting RSO observations. However, the varying quality of observations from diverse sensors poses challenges to SSA reliability. While many countries operate space assets, relatively few have SSA capabilities, making it crucial to ensure the accuracy and reliability of the data. Current practices assume complete trust in the transmitting party, leaving SSA capabilities vulnerable to adversarial actions such as spoofing TDMs. This work introduces a trustless mechanism for TDM validation and verification using deep learning over blockchain. By leveraging the trustless nature of blockchain, our approach eliminates the need for a central authority, establishing consensus-based truth. We propose a state-of-the-art, transformer-based orbit propagator that outperforms traditional methods like SGP4, enabling cross-validation of multiple observations for a single RSO. This deep learning-based transformer model can be distributed over a blockchain, allowing interested parties to host a node that contains a part of the distributed deep learning model. Our system comprises decentralised observers and validators within a Proof of Stake (PoS) blockchain. Observers contribute TDM data along with a stake to ensure honesty, while validators run the propagation and validation algorithms. The system rewards observers for contributing verified TDMs and penalizes those submitting unverifiable data. |
| 2024-09-03 | Blockchain-based Federated Recommendation with Incentive Mechanism | Jianhai Chen et.al. | 2409.01563 | Nowadays, federated recommendation technology is rapidly evolving to help multiple organisations share data and train models while meeting user privacy, data security and government regulatory requirements. However, federated recommendation increases customer system costs such as power, computational and communication resources. Besides, federated recommendation systems are also susceptible to model attacks and data poisoning by participating malicious clients. Therefore, most customers are unwilling to participate in federated recommendation without any incentive. To address these problems, we propose a blockchain-based federated recommendation system with incentive mechanism to promote more trustworthy, secure, and efficient federated recommendation service. First, we construct a federated recommendation system based on NeuMF and FedAvg. Then we introduce a reverse auction mechanism to select optimal clients that can maximize the social surplus. Finally, we employ blockchain for on-chain evidence storage of models to ensure the safety of the federated recommendation system. The experimental results show that our proposed incentive mechanism can attract clients with superior training data to engage in the federal recommendation at a lower cost, which can increase the economic benefit of federal recommendation by 54.9% while improve the recommendation performance. Thus our work provides theoretical and technological support for the construction of a harmonious and healthy ecological environment for the application of federal recommendation. |
| 2024-09-02 | A Survey and Comparison of Post-quantum and Quantum Blockchains | Zebo Yang et.al. | 2409.01358 | Blockchains have gained substantial attention from academia and industry for their ability to facilitate decentralized trust and communications. However, the rapid progress of quantum computing poses a significant threat to the security of existing blockchain technologies. Notably, the emergence of Shor's and Grover's algorithms raises concerns regarding the compromise of the cryptographic systems underlying blockchains. Consequently, it is essential to develop methods that reinforce blockchain technology against quantum attacks. In response to this challenge, two distinct approaches have been proposed. The first approach involves post-quantum blockchains, which aim to utilize classical cryptographic algorithms resilient to quantum attacks. The second approach explores quantum blockchains, which leverage the power of quantum computers and networks to rebuild the foundations of blockchains. This paper aims to provide a comprehensive overview and comparison of post-quantum and quantum blockchains while exploring open questions and remaining challenges in these domains. It offers an in-depth introduction, examines differences in blockchain structure, security, privacy, and other key factors, and concludes by discussing current research trends. |
| 2025-02-03 | Global Public Sentiment on Decentralized Finance: A Spatiotemporal Analysis of Geo-tagged Tweets from 150 Countries | Yuqi Chen et.al. | 2409.00843 | link |
| 2024-09-06 | Weighted Regression with Sybil Networks | Nihar Shah et.al. | 2408.17426 | In many online domains, Sybil networks -- or cases where a single user assumes multiple identities -- is a pervasive feature. This complicates experiments, as off-the-shelf regression estimators at least assume known network topologies (if not fully independent observations) when Sybil network topologies in practice are often unknown. The literature has exclusively focused on techniques to detect Sybil networks, leading many experimenters to subsequently exclude suspected networks entirely before estimating treatment effects. I present a more efficient solution in the presence of these suspected Sybil networks: a weighted regression framework that applies weights based on the probabilities that sets of observations are controlled by single actors. I show in the paper that the MSE-minimizing solution is to set the weight matrix equal to the inverse of the expected network topology. I demonstrate the methodology on simulated data, and then I apply the technique to a competition with suspected Sybil networks run on the Sui blockchain and show reductions in the standard error of the estimate by 6 - 24%. |
| 2024-08-30 | A Framework for Digital Asset Risks with Insurance Applications | Zhengming Li et.al. | 2408.17227 | The remarkable growth of digital assets, starting from the inception of Bitcoin in 2009 into a 1 trillion market in 2024, underscores the momentum behind disruptive technologies and the global appetite for digital assets. This paper develops a framework to enhance actuaries' understanding of the cyber risks associated with the developing digital asset ecosystem, as well as their measurement methods in the context of digital asset insurance. By integrating actuarial perspectives, we aim to enhance understanding and modeling of cyber risks at both the micro and systemic levels. The qualitative examination sheds light on blockchain technology and its associated risks, while our quantitative framework offers a rigorous approach to modeling cyber risks in digital asset insurance portfolios. This multifaceted approach serves three primary objectives: i) offer a clear and accessible education on the evolving digital asset ecosystem and the diverse spectrum of cyber risks it entails; ii) develop a scientifically rigorous framework for quantifying cyber risks in the digital asset ecosystem; iii) provide practical applications, including pricing strategies and tail risk management. Particularly, we develop frequency-severity models based on real loss data for pricing cyber risks in digit assets and utilize Monte Carlo simulation to estimate the tail risks, offering practical insights for risk management strategies. As digital assets continue to reshape finance, our work serves as a foundational step towards safeguarding the integrity and stability of this rapidly evolving landscape. |
| 2024-08-30 | Secure Ownership Management and Transfer of Consumer Internet of Things Devices with Self-sovereign Identity | Nazmus Sakib et.al. | 2408.17184 | The popularity of the Internet of Things (IoT) has driven its usage in our homes and industries over the past 10-12 years. However, there have been some major issues related to identity management and ownership transfer involving IoT devices, particularly for consumer IoT devices, e. g. smart appliances such as smart TVs, smart refrigerators, and so on. There have been a few attempts to address this issue; however, user-centric and effective ownership and identity management of IoT devices have not been very successful so far. Recently, blockchain technology has been used to address these issues with limited success. This article presents a Self-sovereign Identity (SSI) based system that facilitates a secure and user-centric ownership management and transfer of consumer IoT devices. The system leverages a number of emerging technologies, such as blockchain and decentralized identifiers (DID), verifiable credentials (VC), under the umbrella of SSI. We present the architecture of the system based on a threat model and requirement analysis, discuss the implementation of a Proof-of-Concept based on the proposed system and illustrate a number of use-cases with their detailed protocol flows. Furthermore, we analyse its security using ProVerif, a state-of-the art protocol verification tool and examine its performance. |
| 2024-09-02 | Leveraging Blockchain and ANFIS for Optimal Supply Chain Management | Amirfarhad Farhadi et.al. | 2408.17161 | The supply chain is a critical segment of the product manufacturing cycle, continuously influenced by risky, uncertain, and undesirable events. Optimizing flexibility in the supply chain presents a complex, multi-objective, and nonlinear programming challenge. In the poultry supply chain, the development of mass customization capabilities has led manufacturing companies to increasingly focus on offering tailored and customized services for individual products. To safeguard against data tampering and ensure the integrity of setup costs and overall profitability, a multi-signature decentralized finance (DeFi) protocol, integrated with the IoT on a blockchain platform, is proposed. Managing the poultry supply chain involves uncertainties that may not account for parameters such as delivery time to retailers, reorder time, and the number of requested products. To address these challenges, this study employs an adaptive neuro-fuzzy inference system (ANFIS), combining neural networks with fuzzy logic to compensate for the lack of data training in parameter identification. Through MATLAB simulations, the study investigates the average shop delivery duration, the reorder time, and the number of products per order. By implementing the proposed technique, the average delivery time decreases from 40 to 37 minutes, the reorder time decreases from five to four days, and the quantity of items requested per order grows from six to eleven. Additionally, the ANFIS model enhances overall supply chain performance by reducing transaction times by 15% compared to conventional systems, thereby improving real-time responsiveness and boosting transparency in supply chain operations, effectively resolving operational issues. |
| 2024-08-30 | SPOQchain: Platform for Secure, Scalable, and Privacy-Preserving Supply Chain Tracing and Counterfeit Protection | Moritz Finke et.al. | 2408.17049 | Product lifecycle tracing is increasingly in the focus of regulators and producers, as shown with the initiative of the Digital Product Pass. Likewise, new methods of counterfeit detection are developed that are, e.g., based on Physical Unclonable Functions (PUFs). In order to ensure trust and integrity of product lifecycle data, multiple existing supply chain tracing systems are built on blockchain technology. However, only few solutions employ secure identifiers such as PUFs. Furthermore, existing systems that publish the data of individual products, in part fully transparently, have a detrimental impact on scalability and the privacy of users. This work proposes SPOQchain, a novel blockchain-based platform that provides comprehensive lifecycle traceability and originality verification while ensuring high efficiency and user privacy. The improved efficiency is achieved by a sophisticated batching mechanism that removes lifecycle redundancies. In addition to the successful evaluation of SPOQchain's scalability, this work provides a comprehensive analysis of privacy and security aspects, demonstrating the need and qualification of SPOQchain for the future of supply chain tracing. |
| 2024-08-29 | A Prototype Model of Zero-Trust Architecture Blockchain with EigenTrust-Based Practical Byzantine Fault Tolerance Protocol to Manage Decentralized Clinical Trials | Ashok Kumar Peepliwall et.al. | 2408.16885 | The COVID-19 pandemic necessitated the emergence of decentralized Clinical Trials (DCTs) due to patient retention, accelerate trials, improve data accessibility, enable virtual care, and facilitate seamless communication through integrated systems. However, integrating systems in DCTs exposes clinical data to potential security threats, making them susceptible to theft at any stage, a high risk of protocol deviations, and monitoring issues. To mitigate these challenges, blockchain technology serves as a secure framework, acting as a decentralized ledger, creating an immutable environment by establishing a zero-trust architecture, where data are deemed untrusted until verified. In combination with Internet of Things (IoT)-enabled wearable devices, blockchain secures the transfer of clinical trial data on private blockchains during DCT automation and operations. This paper proposes a prototype model of the Zero-Trust Architecture Blockchain (z-TAB) to integrate patient-generated clinical trial data during DCT operation management. The EigenTrust-based Practical Byzantine Fault Tolerance (T-PBFT) algorithm has been incorporated as a consensus protocol, leveraging Hyperledger Fabric. Furthermore, the Internet of Things (IoT) has been integrated to streamline data processing among stakeholders within the blockchain platforms. Rigorous evaluation has been done to evaluate the quality of the system. |
| 2024-08-28 | Monadring: A lightweight consensus protocol to offer Validation-as-a-Service to AVS nodes | Yu Zhang et.al. | 2408.16094 | Existing blockchain networks are often large-scale, requiring transactions to be synchronized across the entire network to reach consensus. On-chain computations can be prohibitively expensive, making many CPU-intensive computations infeasible. Inspired by the structure of IBM's token ring networks, we propose a lightweight consensus protocol called Monadring to address these issues. Monadring allows nodes within a large blockchain network to form smaller subnetworks, enabling faster and more cost-effective computations while maintaining the security guarantees of the main blockchain network. To further enhance Monadring's security, we introduce a node rotation mechanism based on Verifiable Random Function (VRF) and blind voting using Fully Homomorphic Encryption (FHE) within the smaller subnetwork. Unlike the common voting-based election of validator nodes, Monadring leverages FHE to conceal voting information, eliminating the advantage of the last mover in the voting process. This paper details the design and implementation of the Monadring protocol and evaluates its performance and feasibility through simulation experiments. Our research contributes to enhancing the practical utility of blockchain technology in large-scale application scenarios. |
| 2024-08-28 | EdgeLinker: Practical Blockchain-based Framework for Healthcare Fog Applications to Enhance Security in Edge-IoT Data Communications | Mahdi Akbari Zarkesh et.al. | 2408.15838 | The pervasive adoption of Internet of Things (IoT) has significantly advanced healthcare digitization and modernization. Nevertheless, the sensitive nature of medical data presents security and privacy challenges. On the other hand, resource constraints of IoT devices often necessitates cloud services for data handling, introducing single points of failure, processing delays, and security vulnerabilities. Meanwhile, the blockchain technology offers potential solutions for enhancing security, decentralization, and data ownership. An ideal solution should ensure confidentiality, access control, and data integrity while being scalable, cost-effective, and integrable with the existing systems. However, current blockchain-based studies only address some of these requirements. Accordingly, this paper proposes EdgeLinker; a comprehensive solution incorporating Proof-of-Authority consensus, integrating smart contracts on the Ethereum blockchain for access control, and advanced cryptographic algorithms for secure data communication between IoT edge devices and the fog layer in healthcare fog applications. This novel framework has been implemented in a real-world fog testbed, using COTS fog devices. Based on a comprehensive set of evaluations, EdgeLinker demonstrates significant improvements in security and privacy with reasonable costs, making it an affordable and practical system for healthcare fog applications. Compared with the state-of-the-art, without significant changes in the write-time to the blockchain, EdgeLinker achieves a 35% improvement in data read time. Additionally, it is able to provide better throughput in both reading and writing transactions compared to the existing studies. EdgeLinker has been also examined in terms of energy, resource consumption and channel latency in both secure and non-secure modes, which has shown remarkable improvements. |
| 2024-08-27 | CrossInspector: A Static Analysis Approach for Cross-Contract Vulnerability Detection | Xiao Chen et.al. | 2408.15292 | With the development of blockchain technology, the detection of smart contract vulnerabilities is increasingly emphasized. However, when detecting vulnerabilities in inter-contract interactions (i.e., cross-contract vulnerabilities) using smart contract bytecode, existing tools often produce many false positives and false negatives due to insufficient recovery of semantic information and inadequate consideration of contract dependencies. We present CrossInspector, a novel framework for detecting cross-contract vulnerabilities at the bytecode level through static analysis. CrossInspector utilizes a trained Transformer model to recover semantic information and considers control flow, data flow, and dependencies related to smart contract state variables to construct a state dependency graph for fine-grained inter-procedural analysis. Additionally, CrossInspector incorporates a pruning method and two parallel optimization mechanisms to accelerate the vulnerability detection process. Experiments on our manually constructed dataset demonstrate that CrossInspector outperforms the state-of-the-art tools in both precision (97%) and recall (96.75%), while also significantly reducing the overall time from 16.34 seconds to 7.83 seconds, almost on par with the fastest tool that utilizes bytecode for detection. Additionally, we ran CrossInspector on a randomly selected set of 300 real-world smart contracts and identified 11 cross-contract vulnerabilities that were missed by prior tools. |
| 2024-08-23 | IoT Monitoring with Blockchain: Generating Smart Contracts from Service Level Agreements | Adam Booth et.al. | 2408.15016 | A Service Level Agreement (SLA) is a commitment between a client and provider that assures the quality of service (QoS) a client can expect to receive when purchasing a service. However, evidence of SLA violations in Internet of Things (IoT) service monitoring data can be manipulated by the provider or consumer, resulting in an issue of trust between contracted parties. The following research aims to explore the use of blockchain technology in monitoring IoT systems using smart contracts so that SLA violations captured are irrefutable amongst service providers and clients. The research focuses on the development of a Java library that is capable of generating a smart contract from a given SLA. A smart contract generated by this library is validated through a mock scenario presented in the form of a Remote Patient Monitoring IoT system. In this scenario, the findings demonstrate a 100 percent success rate in capturing all emulated violations. |
| 2024-08-26 | Behavior-Based Detection of GPU Cryptojacking | Dmitry Tanana et.al. | 2408.14554 | With the surge in blockchain-based cryptocurrencies, illegal mining for cryptocurrency has become a popular cyberthreat. Host-based cryptojacking, where malicious actors exploit victims systems to mine cryptocurrency without their knowledge, is on the rise. Regular cryptojacking is relatively well-known and well-studied threat, however, recently attackers started switching to GPU cryptojacking, which promises greater profits due to high GPU hash rates and lower detection chance. Additionally, GPU cryptojackers can easily propagate using, for example, modified graphic card drivers. This article considers question of GPU cryptojacking detection. First, we discuss brief history and definition of GPU cryptojacking as well as previous attempts to design a detection technique for such threats. We also propose complex exposure mechanism based on GPU load by an application and graphic card RAM consumption, which can be used to detect both browser-based and host-based cryptojacking samples. Then we design a prototype decision tree detection program based on our technique. It was tested in a controlled virtual machine environment with 80% successful detection rate against selected set of GPU cryptojacking samples and 20% false positive rate against selected number of legitimate GPU-heavy applications. |
| 2024-08-26 | Probabilistic Analysis and Empirical Validation of Patricia Tries in Ethereum State Management | Oleksandr Kuznetsov et.al. | 2408.14217 | This study presents a comprehensive theoretical and empirical analysis of Patricia tries, the fundamental data structure underlying Ethereum's state management system. We develop a probabilistic model characterizing the distribution of path lengths in Patricia tries containing random Ethereum addresses and validate this model through extensive computational experiments. Our findings reveal the logarithmic scaling of average path lengths with respect to the number of addresses, confirming a crucial property for Ethereum's scalability. The study demonstrates high precision in predicting average path lengths, with discrepancies between theoretical and experimental results not exceeding 0.01 across tested scales from 100 to 100,000 addresses. We identify and verify the right-skewed nature of path length distributions, providing insights into worst-case scenarios and informing optimization strategies. Statistical analysis, including chi-square goodness-of-fit tests, strongly supports the model's accuracy. The research offers structural insights into node concentration at specific trie levels, suggesting avenues for optimizing storage and retrieval mechanisms. These findings contribute to a deeper understanding of Ethereum's fundamental data structures and provide a solid foundation for future optimizations. The study concludes by outlining potential directions for future research, including investigations into extreme-scale behavior, dynamic trie performance, and the applicability of the model to non-uniform address distributions and other blockchain systems. |
| 2024-08-26 | ORBITAAL: A Temporal Graph Dataset of Bitcoin Entity-Entity Transactions | Célestin Coquidé et.al. | 2408.14147 | Research on Bitcoin (BTC) transactions is a matter of interest for both economic and network science fields. Although this cryptocurrency is based on a decentralized system, making transaction details freely accessible, making raw blockchain data analyzable is not |