Paper Publication Details:
1. Title: A Secure Sharding Protocol For Open Blockchains
Author: Loi Luu, Viswesh Narayanan, Chaodong Zheng, Kunal Baweja, Seth Gilbert, and Prateek Saxena
Conference Name: Conference on Computer and Communications Security (CCS)
2. Title: Securing Proof-of-Stake Blockchain Protocols
Author: Li, Wenting, Sébastien Andreina, Jens-Matthias Bohli and Ghassan Karame
Conference Name: European Symposium on Research in Computer Security (ESORICS)
3. Title: Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts
Author: A. Kosba and A. Miller and E. Shi and Z. Wen and C. Papamanthou
Conference Name: IEEE Symposium on Security and Privacy (SP)
The present form of Blockchain can be trusted for correctness and availability but not Privacy. Thus, a new framework called Hawk is built for privacy-preserving smart contracts. It is a decentralized smart contract system that doesn’t store the financial transactions on the blockchain, thus transactional privacy is retained by not making it publicly visible.
The major challenge that Hawk focuses on is the lack of transaction privacy in the present form of Blockchain and smart contracts, since the financial transactions are considered being highly secret by many individuals and organizations. Although there is an advancement in designing the privacy-preserving cryptocurrencies such as Zerocash11 and many others, these systems lacks in programmability and are unclear how to enable programmability without exploring the data and transactions.
Hawk is the first to simultaneously offer the transactional privacy and programmability in a decentralized cryptocurrency system.
Formal models for decentralized smart contracts: Hawk presented a formal Universal Composability (UC) model for the blockchain model of cryptography. This formal model has also been adopted in designing criminal smart contracts by the Gyges work 39. It relies on a notion called wrappers. Wrappers are used to handle a set of common details such as pseudonyms, timers, global ledgers in a centralized manner such that it need not be repeated in every protocol.
New cryptography suite: Hawk implement a new cryptography suite that binds private transactions with programmable logic. This protocol suite contains three essential primitives freeze, compute, and finalize.
Hawk security guarantees on two aspects:
On-Chain Privacy: It specifies that transactional privacy is provided against the public, unless the contractual party themselves disclose the information.
Contractual Security: While On-Chain Privacy protects the contractual party privacy against the public, contractual security protects parties in the same contractual agreement from each other.
Hawk protocols consists of two parts:
• The private cash Specification: It implements direct money transfers between users. It adopts the same terminologies form Zerocash for implementing private cash and private currency transfers. The spender computes a zero-knowledge proof to verify that the output coins are generated appropriately, and the correctness is checked in the following aspects:
a. Existence of coins being spent.
b. No double spending.
c. Money conservation.
• The Hawk Specification: It binds the transactional privacy with programmable logic. This uses the following operations:
a. Freeze: the party removes one coin from its private coin pool and freeze it in the blockchain.
b. Compute: when compute is called its private inputs and frozen coins are shown to the manager.
c. Finalize: it verifies the inputs submitted by the manager and then redistributes the frozen coin accordingly.
The evaluation of Hawk focus on the zk-SNARK performance. Some important observations are:
• On-chain computation is very small in all cases, ranging from 9 to 20 milliseconds
• On-chain public parameters: Hawk contract will additionally require 13-114 KB of verification key to be stored on-chain, for 10 to 100 users
• Manager computation: 100 participants requires under 6.5min proof time for the manager on a single core, and under 2.85min on 4 cores
• User computation: in the worst case, the peak memory usage of the user is less than 4 GB
Paper Publication Details: