Workshop IWBOSE 2019 – Author Index |
Contents -
Abstracts -
Authors
|
A B D G H J L M N O P R S T W Y Z
Amoordon, Andy |
IWBOSE '19: "Presenting Tendermint: Idiosyncrasies, ..."
Presenting Tendermint: Idiosyncrasies, Weaknesses, and Good Practices
Andy Amoordon and Henrique Rocha (Inria, France; University of Antwerp, Belgium) In this paper, we present Tendermint: a Byzantine Fault Tolerant (BFT) application-based blockchain. We show that Tendermint promotes another perception of blockchain programming. Unlike Ethereum which is a blockchain holding many applications, Tendermint proposes to have one application per blockchain. We discuss the idiosyncrasies of Tendermint and how it could, potentially, ease blockchain programming and improve performance. We finish by showing weaknesses of Tendermint, good practices to adopt to hinder security attacks when handling Tendermint nodes, and some potential adjustments in the IBC protocol — an interoperability protocol designed for Tendermint. Our goal is to introduce Tendermint by showing its main characteristics over traditional blockchain platforms such as Bitcoin or Ethereum. @InProceedings{IWBOSE19p44, author = {Andy Amoordon and Henrique Rocha}, title = {Presenting Tendermint: Idiosyncrasies, Weaknesses, and Good Practices}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {44--49}, doi = {}, year = {2019}, } |
|
Bae, Minhyo |
IWBOSE '19: "Formal Modeling and Verification ..."
Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms
Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. @InProceedings{IWBOSE19p11, author = {Junghun Yoo and Youlim Jung and Donghwan Shin and Minhyo Bae and Eunkyoung Jee}, title = {Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {11--21}, doi = {}, year = {2019}, } |
|
Destefanis, Giuseppe |
IWBOSE '19: "On Comparing Software Quality ..."
On Comparing Software Quality Metrics of Traditional vs Blockchain-Oriented Software: An Empirical Study
Marco Ortu, Matteo Orrù, and Giuseppe Destefanis (University of Cagliari, Italy; University of Milano-Bicocca, Italy; Brunel University London, UK) Driven by the surge of interest generated around blockchain technologies over the last years, a new category of systems, called Blockchain-Oriented Software (BOS), which are strictly tied to Blockchain distributed environment, has become increasingly popular. Yet, there is not a thorough understanding of their structure and behaviour and if and to which extent they differ from traditional software systems. The present work provide a first statistical characterisation of BOS. We analysed and compared 5 C++ open source Blockchain-Oriented and 5 Traditional Java software systems, aiming at detecting potential differences between the two categories of projects, and specifically in the statistical distribution of 10 software metrics. Although, in general, the statistical distributions for Traditional software and Blockchain software show similarities, the distribution of Average Cyclomatic and Ration Comment To Code metrics reveal significant differences in their queue, whereas the Number of Statements metric shows meaningful differences on the double Pareto distribution. @InProceedings{IWBOSE19p32, author = {Marco Ortu and Matteo Orrù and Giuseppe Destefanis}, title = {On Comparing Software Quality Metrics of Traditional vs Blockchain-Oriented Software: An Empirical Study}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {32--37}, doi = {}, year = {2019}, } |
|
Gao, Lang |
IWBOSE '19: "A Privacy-Preserving E-Commerce ..."
A Privacy-Preserving E-Commerce System Based on the Blockchain Technology
Yiming Jiang, Chenxu Wang, Yawei Wang, and Lang Gao (Xi'an Jiaotong University, China) With the increasing popularity of online shopping, privacy concerns in E-commerce are attracting more and more attention. Existing E-commerce models are trapped in a dilemma between the proof of ownership and privacy protection. To address this issue, in this paper we design a privacy-preserving business protocol by employing private smart contracts in the negotiation phase. The protocol allows counterparties make deals without the disclosure of private information such as identities, addresses, and phone numbers. Moreover, we employ the zero-knowledge proof to guarantee the ownership. To understand the feasibility for implementing the proposed model, we also conduct extensive experiments to evaluate the performance of existing blockchain development platforms, Ethereum Quorum and SERO. @InProceedings{IWBOSE19p50, author = {Yiming Jiang and Chenxu Wang and Yawei Wang and Lang Gao}, title = {A Privacy-Preserving E-Commerce System Based on the Blockchain Technology}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {50--55}, doi = {}, year = {2019}, } |
|
Grottolo, Gloria |
IWBOSE '19: "Alternative Fundraising: Success ..."
Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding
Felix Hartmann, Gloria Grottolo, Xiaofeng Wang, and Maria Ilaria Lunesu (Free University of Bolzano, Italy; University of Cagliari, Italy) Blockchain-based crowdfunding is an emerging economic phenomenon and a state-of-the-art strategy to financeventures. It bears similarity to conventional crowdfunding, buthas its own unique characteristics. Therefore the success factorsthat affect the outcome of traditional crowdfunding may have adifferent impact on blockchain-based crowdfunding campaigns. Despite that the number of blockchain-based crowdfundingcampaigns has increased drastically in the past few years, there is a lack of good understanding of what are the success factors for them in comparison to conventional crowdfunding ones. Such understanding is crucial for new ventures or entrepreneurs to design their blockchain-based fundraising initiatives properly and facilitate potential investors to seek main signals and driver sof outstanding projects. Furthermore it could help regulators and market participants to understand how the existing crowdfunding regulatory framework applies to blockchain-based crowdfunding. Due to specific characteristics of blockchain-based crowdfunding, regulatory frameworks may require potential interpretation or re-consideration of requirements to allow an effective application of regulations. To fill this knowledge gaps, we have reviewed a set of relevant literature on success factors for conventional and blockchain-based crowdfunding. The result of this literature review sheds light on the directions for future research and development. The contribution of our work is a better understanding of the distinctions and similarities of blockchain-based crowdfunding compared to traditional crowdfunding. @InProceedings{IWBOSE19p38, author = {Felix Hartmann and Gloria Grottolo and Xiaofeng Wang and Maria Ilaria Lunesu}, title = {Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {38--43}, doi = {}, year = {2019}, } |
|
Hartmann, Felix |
IWBOSE '19: "Alternative Fundraising: Success ..."
Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding
Felix Hartmann, Gloria Grottolo, Xiaofeng Wang, and Maria Ilaria Lunesu (Free University of Bolzano, Italy; University of Cagliari, Italy) Blockchain-based crowdfunding is an emerging economic phenomenon and a state-of-the-art strategy to financeventures. It bears similarity to conventional crowdfunding, buthas its own unique characteristics. Therefore the success factorsthat affect the outcome of traditional crowdfunding may have adifferent impact on blockchain-based crowdfunding campaigns. Despite that the number of blockchain-based crowdfundingcampaigns has increased drastically in the past few years, there is a lack of good understanding of what are the success factors for them in comparison to conventional crowdfunding ones. Such understanding is crucial for new ventures or entrepreneurs to design their blockchain-based fundraising initiatives properly and facilitate potential investors to seek main signals and driver sof outstanding projects. Furthermore it could help regulators and market participants to understand how the existing crowdfunding regulatory framework applies to blockchain-based crowdfunding. Due to specific characteristics of blockchain-based crowdfunding, regulatory frameworks may require potential interpretation or re-consideration of requirements to allow an effective application of regulations. To fill this knowledge gaps, we have reviewed a set of relevant literature on success factors for conventional and blockchain-based crowdfunding. The result of this literature review sheds light on the directions for future research and development. The contribution of our work is a better understanding of the distinctions and similarities of blockchain-based crowdfunding compared to traditional crowdfunding. @InProceedings{IWBOSE19p38, author = {Felix Hartmann and Gloria Grottolo and Xiaofeng Wang and Maria Ilaria Lunesu}, title = {Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {38--43}, doi = {}, year = {2019}, } |
|
Jee, Eunkyoung |
IWBOSE '19: "Formal Modeling and Verification ..."
Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms
Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. @InProceedings{IWBOSE19p11, author = {Junghun Yoo and Youlim Jung and Donghwan Shin and Minhyo Bae and Eunkyoung Jee}, title = {Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {11--21}, doi = {}, year = {2019}, } |
|
Jiang, Yiming |
IWBOSE '19: "A Privacy-Preserving E-Commerce ..."
A Privacy-Preserving E-Commerce System Based on the Blockchain Technology
Yiming Jiang, Chenxu Wang, Yawei Wang, and Lang Gao (Xi'an Jiaotong University, China) With the increasing popularity of online shopping, privacy concerns in E-commerce are attracting more and more attention. Existing E-commerce models are trapped in a dilemma between the proof of ownership and privacy protection. To address this issue, in this paper we design a privacy-preserving business protocol by employing private smart contracts in the negotiation phase. The protocol allows counterparties make deals without the disclosure of private information such as identities, addresses, and phone numbers. Moreover, we employ the zero-knowledge proof to guarantee the ownership. To understand the feasibility for implementing the proposed model, we also conduct extensive experiments to evaluate the performance of existing blockchain development platforms, Ethereum Quorum and SERO. @InProceedings{IWBOSE19p50, author = {Yiming Jiang and Chenxu Wang and Yawei Wang and Lang Gao}, title = {A Privacy-Preserving E-Commerce System Based on the Blockchain Technology}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {50--55}, doi = {}, year = {2019}, } |
|
Jung, Youlim |
IWBOSE '19: "Formal Modeling and Verification ..."
Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms
Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. @InProceedings{IWBOSE19p11, author = {Junghun Yoo and Youlim Jung and Donghwan Shin and Minhyo Bae and Eunkyoung Jee}, title = {Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {11--21}, doi = {}, year = {2019}, } |
|
Lunesu, Maria Ilaria |
IWBOSE '19: "Implementing a Microservices ..."
Implementing a Microservices System with Blockchain Smart Contracts
Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable @InProceedings{IWBOSE19p22, author = {Roberto Tonelli and Maria Ilaria Lunesu and Andrea Pinna and Davide Taibi and Michele Marchesi}, title = {Implementing a Microservices System with Blockchain Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {22--31}, doi = {}, year = {2019}, } IWBOSE '19: "Alternative Fundraising: Success ..." Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding Felix Hartmann, Gloria Grottolo, Xiaofeng Wang, and Maria Ilaria Lunesu (Free University of Bolzano, Italy; University of Cagliari, Italy) Blockchain-based crowdfunding is an emerging economic phenomenon and a state-of-the-art strategy to financeventures. It bears similarity to conventional crowdfunding, buthas its own unique characteristics. Therefore the success factorsthat affect the outcome of traditional crowdfunding may have adifferent impact on blockchain-based crowdfunding campaigns. Despite that the number of blockchain-based crowdfundingcampaigns has increased drastically in the past few years, there is a lack of good understanding of what are the success factors for them in comparison to conventional crowdfunding ones. Such understanding is crucial for new ventures or entrepreneurs to design their blockchain-based fundraising initiatives properly and facilitate potential investors to seek main signals and driver sof outstanding projects. Furthermore it could help regulators and market participants to understand how the existing crowdfunding regulatory framework applies to blockchain-based crowdfunding. Due to specific characteristics of blockchain-based crowdfunding, regulatory frameworks may require potential interpretation or re-consideration of requirements to allow an effective application of regulations. To fill this knowledge gaps, we have reviewed a set of relevant literature on success factors for conventional and blockchain-based crowdfunding. The result of this literature review sheds light on the directions for future research and development. The contribution of our work is a better understanding of the distinctions and similarities of blockchain-based crowdfunding compared to traditional crowdfunding. @InProceedings{IWBOSE19p38, author = {Felix Hartmann and Gloria Grottolo and Xiaofeng Wang and Maria Ilaria Lunesu}, title = {Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {38--43}, doi = {}, year = {2019}, } |
|
Marchesi, Michele |
IWBOSE '19: "Implementing a Microservices ..."
Implementing a Microservices System with Blockchain Smart Contracts
Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable @InProceedings{IWBOSE19p22, author = {Roberto Tonelli and Maria Ilaria Lunesu and Andrea Pinna and Davide Taibi and Michele Marchesi}, title = {Implementing a Microservices System with Blockchain Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {22--31}, doi = {}, year = {2019}, } |
|
Nomura, Yoshihide |
IWBOSE '19: "Potential Risks of Hyperledger ..."
Potential Risks of Hyperledger Fabric Smart Contracts
Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. @InProceedings{IWBOSE19p1, author = {Kazuhiro Yamashita and Yoshihide Nomura and Ence Zhou and Bingfeng Pi and Jun Sun}, title = {Potential Risks of Hyperledger Fabric Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {1--10}, doi = {}, year = {2019}, } |
|
Orrù, Matteo |
IWBOSE '19: "On Comparing Software Quality ..."
On Comparing Software Quality Metrics of Traditional vs Blockchain-Oriented Software: An Empirical Study
Marco Ortu, Matteo Orrù, and Giuseppe Destefanis (University of Cagliari, Italy; University of Milano-Bicocca, Italy; Brunel University London, UK) Driven by the surge of interest generated around blockchain technologies over the last years, a new category of systems, called Blockchain-Oriented Software (BOS), which are strictly tied to Blockchain distributed environment, has become increasingly popular. Yet, there is not a thorough understanding of their structure and behaviour and if and to which extent they differ from traditional software systems. The present work provide a first statistical characterisation of BOS. We analysed and compared 5 C++ open source Blockchain-Oriented and 5 Traditional Java software systems, aiming at detecting potential differences between the two categories of projects, and specifically in the statistical distribution of 10 software metrics. Although, in general, the statistical distributions for Traditional software and Blockchain software show similarities, the distribution of Average Cyclomatic and Ration Comment To Code metrics reveal significant differences in their queue, whereas the Number of Statements metric shows meaningful differences on the double Pareto distribution. @InProceedings{IWBOSE19p32, author = {Marco Ortu and Matteo Orrù and Giuseppe Destefanis}, title = {On Comparing Software Quality Metrics of Traditional vs Blockchain-Oriented Software: An Empirical Study}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {32--37}, doi = {}, year = {2019}, } |
|
Ortu, Marco |
IWBOSE '19: "On Comparing Software Quality ..."
On Comparing Software Quality Metrics of Traditional vs Blockchain-Oriented Software: An Empirical Study
Marco Ortu, Matteo Orrù, and Giuseppe Destefanis (University of Cagliari, Italy; University of Milano-Bicocca, Italy; Brunel University London, UK) Driven by the surge of interest generated around blockchain technologies over the last years, a new category of systems, called Blockchain-Oriented Software (BOS), which are strictly tied to Blockchain distributed environment, has become increasingly popular. Yet, there is not a thorough understanding of their structure and behaviour and if and to which extent they differ from traditional software systems. The present work provide a first statistical characterisation of BOS. We analysed and compared 5 C++ open source Blockchain-Oriented and 5 Traditional Java software systems, aiming at detecting potential differences between the two categories of projects, and specifically in the statistical distribution of 10 software metrics. Although, in general, the statistical distributions for Traditional software and Blockchain software show similarities, the distribution of Average Cyclomatic and Ration Comment To Code metrics reveal significant differences in their queue, whereas the Number of Statements metric shows meaningful differences on the double Pareto distribution. @InProceedings{IWBOSE19p32, author = {Marco Ortu and Matteo Orrù and Giuseppe Destefanis}, title = {On Comparing Software Quality Metrics of Traditional vs Blockchain-Oriented Software: An Empirical Study}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {32--37}, doi = {}, year = {2019}, } |
|
Pi, Bingfeng |
IWBOSE '19: "Potential Risks of Hyperledger ..."
Potential Risks of Hyperledger Fabric Smart Contracts
Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. @InProceedings{IWBOSE19p1, author = {Kazuhiro Yamashita and Yoshihide Nomura and Ence Zhou and Bingfeng Pi and Jun Sun}, title = {Potential Risks of Hyperledger Fabric Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {1--10}, doi = {}, year = {2019}, } |
|
Pinna, Andrea |
IWBOSE '19: "Implementing a Microservices ..."
Implementing a Microservices System with Blockchain Smart Contracts
Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable @InProceedings{IWBOSE19p22, author = {Roberto Tonelli and Maria Ilaria Lunesu and Andrea Pinna and Davide Taibi and Michele Marchesi}, title = {Implementing a Microservices System with Blockchain Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {22--31}, doi = {}, year = {2019}, } |
|
Rocha, Henrique |
IWBOSE '19: "Presenting Tendermint: Idiosyncrasies, ..."
Presenting Tendermint: Idiosyncrasies, Weaknesses, and Good Practices
Andy Amoordon and Henrique Rocha (Inria, France; University of Antwerp, Belgium) In this paper, we present Tendermint: a Byzantine Fault Tolerant (BFT) application-based blockchain. We show that Tendermint promotes another perception of blockchain programming. Unlike Ethereum which is a blockchain holding many applications, Tendermint proposes to have one application per blockchain. We discuss the idiosyncrasies of Tendermint and how it could, potentially, ease blockchain programming and improve performance. We finish by showing weaknesses of Tendermint, good practices to adopt to hinder security attacks when handling Tendermint nodes, and some potential adjustments in the IBC protocol — an interoperability protocol designed for Tendermint. Our goal is to introduce Tendermint by showing its main characteristics over traditional blockchain platforms such as Bitcoin or Ethereum. @InProceedings{IWBOSE19p44, author = {Andy Amoordon and Henrique Rocha}, title = {Presenting Tendermint: Idiosyncrasies, Weaknesses, and Good Practices}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {44--49}, doi = {}, year = {2019}, } |
|
Shin, Donghwan |
IWBOSE '19: "Formal Modeling and Verification ..."
Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms
Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. @InProceedings{IWBOSE19p11, author = {Junghun Yoo and Youlim Jung and Donghwan Shin and Minhyo Bae and Eunkyoung Jee}, title = {Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {11--21}, doi = {}, year = {2019}, } |
|
Sun, Jun |
IWBOSE '19: "Potential Risks of Hyperledger ..."
Potential Risks of Hyperledger Fabric Smart Contracts
Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. @InProceedings{IWBOSE19p1, author = {Kazuhiro Yamashita and Yoshihide Nomura and Ence Zhou and Bingfeng Pi and Jun Sun}, title = {Potential Risks of Hyperledger Fabric Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {1--10}, doi = {}, year = {2019}, } |
|
Taibi, Davide |
IWBOSE '19: "Implementing a Microservices ..."
Implementing a Microservices System with Blockchain Smart Contracts
Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable @InProceedings{IWBOSE19p22, author = {Roberto Tonelli and Maria Ilaria Lunesu and Andrea Pinna and Davide Taibi and Michele Marchesi}, title = {Implementing a Microservices System with Blockchain Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {22--31}, doi = {}, year = {2019}, } |
|
Tonelli, Roberto |
IWBOSE '19: "Implementing a Microservices ..."
Implementing a Microservices System with Blockchain Smart Contracts
Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable @InProceedings{IWBOSE19p22, author = {Roberto Tonelli and Maria Ilaria Lunesu and Andrea Pinna and Davide Taibi and Michele Marchesi}, title = {Implementing a Microservices System with Blockchain Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {22--31}, doi = {}, year = {2019}, } |
|
Wang, Chenxu |
IWBOSE '19: "A Privacy-Preserving E-Commerce ..."
A Privacy-Preserving E-Commerce System Based on the Blockchain Technology
Yiming Jiang, Chenxu Wang, Yawei Wang, and Lang Gao (Xi'an Jiaotong University, China) With the increasing popularity of online shopping, privacy concerns in E-commerce are attracting more and more attention. Existing E-commerce models are trapped in a dilemma between the proof of ownership and privacy protection. To address this issue, in this paper we design a privacy-preserving business protocol by employing private smart contracts in the negotiation phase. The protocol allows counterparties make deals without the disclosure of private information such as identities, addresses, and phone numbers. Moreover, we employ the zero-knowledge proof to guarantee the ownership. To understand the feasibility for implementing the proposed model, we also conduct extensive experiments to evaluate the performance of existing blockchain development platforms, Ethereum Quorum and SERO. @InProceedings{IWBOSE19p50, author = {Yiming Jiang and Chenxu Wang and Yawei Wang and Lang Gao}, title = {A Privacy-Preserving E-Commerce System Based on the Blockchain Technology}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {50--55}, doi = {}, year = {2019}, } |
|
Wang, Xiaofeng |
IWBOSE '19: "Alternative Fundraising: Success ..."
Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding
Felix Hartmann, Gloria Grottolo, Xiaofeng Wang, and Maria Ilaria Lunesu (Free University of Bolzano, Italy; University of Cagliari, Italy) Blockchain-based crowdfunding is an emerging economic phenomenon and a state-of-the-art strategy to financeventures. It bears similarity to conventional crowdfunding, buthas its own unique characteristics. Therefore the success factorsthat affect the outcome of traditional crowdfunding may have adifferent impact on blockchain-based crowdfunding campaigns. Despite that the number of blockchain-based crowdfundingcampaigns has increased drastically in the past few years, there is a lack of good understanding of what are the success factors for them in comparison to conventional crowdfunding ones. Such understanding is crucial for new ventures or entrepreneurs to design their blockchain-based fundraising initiatives properly and facilitate potential investors to seek main signals and driver sof outstanding projects. Furthermore it could help regulators and market participants to understand how the existing crowdfunding regulatory framework applies to blockchain-based crowdfunding. Due to specific characteristics of blockchain-based crowdfunding, regulatory frameworks may require potential interpretation or re-consideration of requirements to allow an effective application of regulations. To fill this knowledge gaps, we have reviewed a set of relevant literature on success factors for conventional and blockchain-based crowdfunding. The result of this literature review sheds light on the directions for future research and development. The contribution of our work is a better understanding of the distinctions and similarities of blockchain-based crowdfunding compared to traditional crowdfunding. @InProceedings{IWBOSE19p38, author = {Felix Hartmann and Gloria Grottolo and Xiaofeng Wang and Maria Ilaria Lunesu}, title = {Alternative Fundraising: Success Factors for Blockchain-Based vs. Conventional Crowdfunding}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {38--43}, doi = {}, year = {2019}, } |
|
Wang, Yawei |
IWBOSE '19: "A Privacy-Preserving E-Commerce ..."
A Privacy-Preserving E-Commerce System Based on the Blockchain Technology
Yiming Jiang, Chenxu Wang, Yawei Wang, and Lang Gao (Xi'an Jiaotong University, China) With the increasing popularity of online shopping, privacy concerns in E-commerce are attracting more and more attention. Existing E-commerce models are trapped in a dilemma between the proof of ownership and privacy protection. To address this issue, in this paper we design a privacy-preserving business protocol by employing private smart contracts in the negotiation phase. The protocol allows counterparties make deals without the disclosure of private information such as identities, addresses, and phone numbers. Moreover, we employ the zero-knowledge proof to guarantee the ownership. To understand the feasibility for implementing the proposed model, we also conduct extensive experiments to evaluate the performance of existing blockchain development platforms, Ethereum Quorum and SERO. @InProceedings{IWBOSE19p50, author = {Yiming Jiang and Chenxu Wang and Yawei Wang and Lang Gao}, title = {A Privacy-Preserving E-Commerce System Based on the Blockchain Technology}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {50--55}, doi = {}, year = {2019}, } |
|
Yamashita, Kazuhiro |
IWBOSE '19: "Potential Risks of Hyperledger ..."
Potential Risks of Hyperledger Fabric Smart Contracts
Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. @InProceedings{IWBOSE19p1, author = {Kazuhiro Yamashita and Yoshihide Nomura and Ence Zhou and Bingfeng Pi and Jun Sun}, title = {Potential Risks of Hyperledger Fabric Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {1--10}, doi = {}, year = {2019}, } |
|
Yoo, Junghun |
IWBOSE '19: "Formal Modeling and Verification ..."
Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms
Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. @InProceedings{IWBOSE19p11, author = {Junghun Yoo and Youlim Jung and Donghwan Shin and Minhyo Bae and Eunkyoung Jee}, title = {Formal Modeling and Verification of a Federated Byzantine Agreement Algorithm for Blockchain Platforms}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {11--21}, doi = {}, year = {2019}, } |
|
Zhou, Ence |
IWBOSE '19: "Potential Risks of Hyperledger ..."
Potential Risks of Hyperledger Fabric Smart Contracts
Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. @InProceedings{IWBOSE19p1, author = {Kazuhiro Yamashita and Yoshihide Nomura and Ence Zhou and Bingfeng Pi and Jun Sun}, title = {Potential Risks of Hyperledger Fabric Smart Contracts}, booktitle = {Proc.\ IWBOSE}, publisher = {IEEE}, pages = {1--10}, doi = {}, year = {2019}, } |
27 authors
proc time: 0.29