Issue #26
Paper of the Week:
Paper Title: Broken Metre: Attacking Resource Metering in EVM.
TLDR:
The logic for matching costs and instructions in the Ethereum network not only appears somewhat disconnected to actual costs, but embeds fundamental limitations which have shown cracks with what is known as EIP-150, an update to the Ethereum gas fees in response to several DoS attacks.
This paper is the first attempt to explore the design of the EVM metering system in depth in order to understand both how valid this approach is and how it may be possible to take advantage of EVM design flaws.
Initially, this work identifies several important edge cases that highlight inherent flaws in EVM metering; specifically, i) EVM instructions for which the gas fee is too low compared to their resources consumption; and ii) cases of programs where the cache influences exe- cution time by an order of magnitude.
Next, the Ethereum main net is analyzed by exploring the history of executing 2.5 months worth of smart contracts and demonstrating that the gas usage is only marginally correlated with the usage of resources such as CPU and memory, and that the gas cost is dominated by the EVM storage.
Following that, a code generation strategy able to produce Resource Exhaustion Attacks (REA) attacks of arbitrary length is presented, followed with an approach which combines empirical data and genetic programming in order to generate contracts with low throughput.
Finally, by presenting some experiments, this work shows that the REA can abuse the imperfections in EVM’s metering approach and presents some interesting throughput and cost results.
Authors: Daniel Perez* and Benjamin Livshits*,
Affiliations: * Imperial College London.
Security:
1. Paper Title: Truthful and Faithful Monetary Policy for a Stablecoin Conducted by a Decentralised, Encrypted Artificial Intelligence.
Summary: This paper solves the decentralization of the monetary policy, achieving a fully decentralized cryptocurrency when combined with a public permissionless blockchain.
Authors: David Cerezo Sánchez*,
Affiliations: * Calctopia.
2. Paper Title: Oracle-Supported Dynamic Exploit Generation for Smart Contracts.
Summary: A grey-box fuzzing approach for finding exploitable vulnerabilities in smart contracts.
Authors: Haijun Wang*, Yi Li*, Shang-wei Lin*, Cyrille Artho†, Lei Ma‡, and Yang Liu*,
Affiliations: *Nanyang Technological University, † KTH Royal Institute of Technology, and ‡ Kyushu University.
Privacy:
1. Paper Title: Privacy-preserving auditable token payments in a permissioned blockchain system.
Summary: This paper introduces a token management system for permissioned networks that can provide private transactions, transaction authorization via certificates, and user auditability.
Authors: Elli Androulaki*, Jan Camenisch†, Angelo De Caro*, Maria Dubovitskaya†, Kaoutar Elkhiyaoui*, and Bjoern Tackmann†,
Affiliations: * IBM Research - Zurich and † DFINITY.
2. Paper Title: User-Controlled Privacy-Preserving User Profile Data Sharing based on Blockchain.
Summary: A decentralized data sharing architecture with MultiChain blockchain in the travel domain, which is also applicable to other similar domains including education, health, and sports.
Authors: Ajay Kumar Shrestha*, Ralph Deters*, and Julita Vassileva*,
Affiliations: * University of Saskatchewan.
3. Paper Title: Private and Atomic Exchange of Assets over Zero Knowledge Based Payment Ledger.
Summary: A unified framework to support both privacy enhanced payment transactions and a fair exchange of crypto assets without using centralized mixing services, escrow based or off-chain/site-chain approaches
Authors: Zhimin Gao*, Lei Xu†, Keshav Kasichainula‡, Lin Chen§, and Bogdan Carbunar✜, Weidong Shi‡,
Affiliations: * Auburn University, † University of Texas Rio Grande Valley, ‡ University of Houston, § Texas Tech, and ✜ Florida International University.
Scalability:
1. Paper Title: KRNC: New Foundations for Permissionless Byzantine Consensus and Global Monetary Stability.
Summary: This paper applies biomimetic engineering to the problem of permissionless Byzantine consensus and achieves results that surpass the prior state of the art by four orders of magnitude.
Authors: Clinton Ehrlich* and Anna Guzova†,
Affiliations: * MGIMO University and † AO UniCredit Bank.
Proofs:
No papers.
Consensus Protocols:
1. Paper Title: An Analysis of Blockchain Consistency in Asynchronous Networks: Deriving a Neat Bound.
Summary: A result for the consistency property of Nakamoto’s blockchain protocol that is stronger than all existing results in the literature.
Authors: Jun Zhao*,
Affiliations: * Nanyang Technological University.
Tokenomics:
1. Paper Title: Beyond Bitcoin: Leveraging Blockchain to Benefit Business and Society.
Summary: Blockchain will revolutionize banking, healthcare, politics, real estate, supply chain management, cybersecurity, infrastructure security, corporate governance, and the legal market.
Authors: Marcia Narine Weldon* and Rachel Epstein,
Affiliations: * University of Miami School of Law.
2. Paper Title: Market Reaction to Exchange Listings of Cryptocurrencies.
Summary: Evidence on the phenomenon of cryptocurrency cross- listings, especially on asset returns, their determinants and signs of informed trading.
Authors: Lennart Ante*,
Affiliations: * University of Hamburg.
Conferences:
Oct 05-06 Cryptoeconomic Systems Summitby MIT Media Lab(Cambridge, MA)
Oct 21-23 - Advances in Financial Technologies(Zurich) - Call for Papers
Oct 28-29 - CryptoEconomics Security Conference(Berkeley, CA) - Call for Papers
Nov 11-15 - ACM Conference on Computer and Communications Security(London) - Call for Papers
Jobs:
Postdoctoral Research Fellow in Security, Privacy, Blockchain, Machine Learning - Liquidity Network
Researcher, Security Modelling and Distributed Protocol Design - Dfinity
“Significant research in the blockchain space is constantly being achieved by academic researchers. Unfortunately, a lot of this research is overlooked due to the massive numbers of papers being generated and the way they are being promoted and published. We’ve put together a categorized list of academic papers that can guide our subscribers and keep them up to date.”
Thanks for reading! If we missed anything, shoot us an email so that we can feature it in our next newsletter!
This newsletter is for informational purposes only. This content does not in any way constitute an offer or solicitation of an offer to buy or sell any investment solution or recommendation to buy or sell a security; nor it is to be taken as legal, business, investment, or tax advice. In fact, none of the information in this or other content on zk Capital should be relied on in any manner as advice. None of the authors, contributors, or anyone else connected with zk Capital, in any way whatsoever, can be responsible for your use of the information contained in this newsletter.