BCC ’18- Proceedings of the 2nd ACM Workshop on Blockchains, Cryptocurrencies, and Contracts
SESSION: Paper Session 1
We design and implement TwinsCoin, the first cryptocurrency based on a provably secure and scalable public blockchain design using both proof-of-work and proof-of-stake mechanisms. Different from the proof-of-work based Bitcoin, our construction uses two types of resources, computing power and coins (i.e., stake). The blockchain in our system is more robust than that in a pure proof-of-work based system; even if the adversary controls the majority of mining power, we can still have the chance to secure the system by relying on honest stake. In contrast, Bitcoin blockchain will be insecure if the adversary controls more than 50% of mining power.
Our design follows a recent provably secure proof-of-work/proof-of-stake hybrid blockchain. In order to make our construction practical, we considerably enhance its design. In particular, we introduce a new strategy for difficulty adjustment in the hybrid blockchain and provide a theoretical analysis of it. We also show how to construct a light client for proof-of-stake cryptocurrencies and evaluate the proposal practically.
We implement our new design. Our implementation uses a recent modular development framework for blockchains, called Scorex. It allows us to change only certain parts of an application leaving other codebase intact. In addition to the blockchain implementation, a testnet is deployed. Source code is publicly available.
Bitcoin mixing services improve anonymity by breaking the connection between Bitcoin addresses. In the darkweb environment, many illegal trades, such as in drugs or child pornography, avoid their transactions being traced by exploiting mixing services. Therefore, de-mixing algorithms are needed to identify illegal financial flows and to reduce criminal activity. Unfortunately, to the best of our knowledge, few studies on analyzing mixing services and de-anonymizing transactions have been proposed. In this paper, we conduct an in-depth analysis of real-world mixing services, and propose a de-mixing algorithm for Helix, one of the most widely used Bitcoin mixing services. The proposed algorithm de-anonymizes the relationship between the input and output addresses of mixing services by exploiting the static and dynamic parameters of mixing services. Our experiment showed that, we could identify the relationships between the input and output addresses of the Helix mixing service with a 99.14% accuracy rate.
Blockchain-based replicated ledgers, pioneered in Bitcoin, are effective against double spending, but inherently attract centralised mining pools and incompressible transaction delays.
We propose a framework that forgoes blockchains, building a decentralised ledger as a self-scaling graph of cross-verifying transactions. New transactions validate prior ones, forming a thin graph secured by a cumulative proof-of-work mechanism giving fair and predictable rewards for each participant.
We exhibit rapid confirmation of new transactions, even across a large network affected by latency. We also show, both theoretically and experimentally, a strong convergence property: that any valid transaction entering the system quickly become enshrined in the ancestry of all future transactions.
SESSION: Paper Session 2
In the past years, the security of Bitcoin-like protocols has been intensively studied. However, previous investigations are mainly focused on the single-mode version of Bitcoin protocol, where the protocol is running among full nodes (miners). In this paper we initiate the study of multi-mode cryptocurrency protocols. We generalize the recent framework by Garay et al (Eurocrypt 2015) with new security de nitions that capture the security of realistic cryptocurrency systems. e.g. Bitcoin with full and lightweight nodes. As an immediate application of our new framework, we analyze the security of existing blockchain pruning proposals for Bitcoin and Ethereum aiming to improve the storage e ciency of network nodes by pruning unnecessary information from the ledger.
The blockchain is an emerging technology. Because of its efficiency and functionality, it is widely considered to have revolutionary application prospects. As a supporting part of the data structure, the hash function is important for ensuring the availability and security of the blockchain. To evaluate the security of blockchain technology it is important to analyze several security criteria of the hash functions used in the blockchain. This paper focuses on two security criteria-hiding and puzzle-friendliness-that the hash function should satisfy in the blockchain proposed by Narayanan et al. (Narayanan A, Bonneau J, Felten E, et al. Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction. Princeton University Press, 2016). Under the framework of Rogaway?Shrimpton’s theory, their definitions are mathematically described and their relation is proved. Also, comparisons between the two criteria and traditional ones in hash functions are made. The conclusions of this paper point out that for hash functions, it is harder to break hiding and puzzle-friendliness than to break preimage resistance, which shows that hash functions proven to be preimage-resistant or tested by preimage cryptanalysis like SHA256 tend to be enough to be used in the corresponding parts of the blockchain design. At the same time, from the attackers’ view the conclusions can provide a theoretical basis for studying the potential attacks on and defects that may exist in the structure of the hash functions applied in the blockchain.
SESSION: Paper Session 3
Termination of smart contracts is crucial for any blockchain system’s security and consistency, especially for those supporting Turing-complete smart contract languages. Resource-constrained blockchain systems, like Ethereum and Hyperledger Fabric, could prevent smart contracts from terminating properly when the pre-allocated resources are not sufficient. The Zen system utilizes the dependent type system of the programming language F* to prove the termination of smart contracts for all inputs during compilation time. Since the smart contract execution usually depends on the current blockchain state and user inputs, this approach is not always successful. In this work, we propose a lazy approach by statically proving conditional termination and non-termination of a smart contract to determine input conditions under which the contract terminates or not. Prior to the execution of the smart contract, the proof-carrying blockchain system will check that its current state and the contract’s input satisfy the termination conditions in order to determine if the contract is qualified (i.e., eventually terminating) to run on the chain.
Most cryptocurrency systems mint new coins according to a predetermined rate, which contributes to inflation instead of solely by the actual demand. On the other hand, the blockchain, or whatever distributed consensus protocol underlying the cryptocurrency, can only process a limited number of transactions in a given time interval. To address both of these two issues, we propose a methodology that connects the coin minting with the prosperity of a cryptocurrency. Specifically, when there are fewer transactions, any cryptocurrency adopting our methodology will introduce a greater inflation to motivate transactions. Moreover, this methodology provides deflations and turns the currency towards a reserve of value when the network burden is too heavy.