Workshop IWBOSE 2019 – Author Index |
Contents -
Abstracts -
Authors
|
A B D G H J L M N O P R S T W Y Z
Amoordon, Andy |
![]() Andy Amoordon and Henrique Rocha (Inria, France; University of Antwerp, Belgium) In this paper, we present Tendermint: a Byzantine Fault Tolerant (BFT) application-based blockchain. We show that Tendermint promotes another perception of blockchain programming. Unlike Ethereum which is a blockchain holding many applications, Tendermint proposes to have one application per blockchain. We discuss the idiosyncrasies of Tendermint and how it could, potentially, ease blockchain programming and improve performance. We finish by showing weaknesses of Tendermint, good practices to adopt to hinder security attacks when handling Tendermint nodes, and some potential adjustments in the IBC protocol — an interoperability protocol designed for Tendermint. Our goal is to introduce Tendermint by showing its main characteristics over traditional blockchain platforms such as Bitcoin or Ethereum. ![]() |
|
Bae, Minhyo |
![]() Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. ![]() |
|
Destefanis, Giuseppe |
![]() Marco Ortu, Matteo Orrù, and Giuseppe Destefanis (University of Cagliari, Italy; University of Milano-Bicocca, Italy; Brunel University London, UK) Driven by the surge of interest generated around blockchain technologies over the last years, a new category of systems, called Blockchain-Oriented Software (BOS), which are strictly tied to Blockchain distributed environment, has become increasingly popular. Yet, there is not a thorough understanding of their structure and behaviour and if and to which extent they differ from traditional software systems. The present work provide a first statistical characterisation of BOS. We analysed and compared 5 C++ open source Blockchain-Oriented and 5 Traditional Java software systems, aiming at detecting potential differences between the two categories of projects, and specifically in the statistical distribution of 10 software metrics. Although, in general, the statistical distributions for Traditional software and Blockchain software show similarities, the distribution of Average Cyclomatic and Ration Comment To Code metrics reveal significant differences in their queue, whereas the Number of Statements metric shows meaningful differences on the double Pareto distribution. ![]() |
|
Gao, Lang |
![]() Yiming Jiang, Chenxu Wang, Yawei Wang, and Lang Gao (Xi'an Jiaotong University, China) With the increasing popularity of online shopping, privacy concerns in E-commerce are attracting more and more attention. Existing E-commerce models are trapped in a dilemma between the proof of ownership and privacy protection. To address this issue, in this paper we design a privacy-preserving business protocol by employing private smart contracts in the negotiation phase. The protocol allows counterparties make deals without the disclosure of private information such as identities, addresses, and phone numbers. Moreover, we employ the zero-knowledge proof to guarantee the ownership. To understand the feasibility for implementing the proposed model, we also conduct extensive experiments to evaluate the performance of existing blockchain development platforms, Ethereum Quorum and SERO. ![]() |
|
Grottolo, Gloria |
![]() Felix Hartmann, Gloria Grottolo, Xiaofeng Wang, and Maria Ilaria Lunesu (Free University of Bolzano, Italy; University of Cagliari, Italy) Blockchain-based crowdfunding is an emerging economic phenomenon and a state-of-the-art strategy to financeventures. It bears similarity to conventional crowdfunding, buthas its own unique characteristics. Therefore the success factorsthat affect the outcome of traditional crowdfunding may have adifferent impact on blockchain-based crowdfunding campaigns. Despite that the number of blockchain-based crowdfundingcampaigns has increased drastically in the past few years, there is a lack of good understanding of what are the success factors for them in comparison to conventional crowdfunding ones. Such understanding is crucial for new ventures or entrepreneurs to design their blockchain-based fundraising initiatives properly and facilitate potential investors to seek main signals and driver sof outstanding projects. Furthermore it could help regulators and market participants to understand how the existing crowdfunding regulatory framework applies to blockchain-based crowdfunding. Due to specific characteristics of blockchain-based crowdfunding, regulatory frameworks may require potential interpretation or re-consideration of requirements to allow an effective application of regulations. To fill this knowledge gaps, we have reviewed a set of relevant literature on success factors for conventional and blockchain-based crowdfunding. The result of this literature review sheds light on the directions for future research and development. The contribution of our work is a better understanding of the distinctions and similarities of blockchain-based crowdfunding compared to traditional crowdfunding. ![]() |
|
Hartmann, Felix |
![]() Felix Hartmann, Gloria Grottolo, Xiaofeng Wang, and Maria Ilaria Lunesu (Free University of Bolzano, Italy; University of Cagliari, Italy) Blockchain-based crowdfunding is an emerging economic phenomenon and a state-of-the-art strategy to financeventures. It bears similarity to conventional crowdfunding, buthas its own unique characteristics. Therefore the success factorsthat affect the outcome of traditional crowdfunding may have adifferent impact on blockchain-based crowdfunding campaigns. Despite that the number of blockchain-based crowdfundingcampaigns has increased drastically in the past few years, there is a lack of good understanding of what are the success factors for them in comparison to conventional crowdfunding ones. Such understanding is crucial for new ventures or entrepreneurs to design their blockchain-based fundraising initiatives properly and facilitate potential investors to seek main signals and driver sof outstanding projects. Furthermore it could help regulators and market participants to understand how the existing crowdfunding regulatory framework applies to blockchain-based crowdfunding. Due to specific characteristics of blockchain-based crowdfunding, regulatory frameworks may require potential interpretation or re-consideration of requirements to allow an effective application of regulations. To fill this knowledge gaps, we have reviewed a set of relevant literature on success factors for conventional and blockchain-based crowdfunding. The result of this literature review sheds light on the directions for future research and development. The contribution of our work is a better understanding of the distinctions and similarities of blockchain-based crowdfunding compared to traditional crowdfunding. ![]() |
|
Jee, Eunkyoung |
![]() Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. ![]() |
|
Jiang, Yiming |
![]() Yiming Jiang, Chenxu Wang, Yawei Wang, and Lang Gao (Xi'an Jiaotong University, China) With the increasing popularity of online shopping, privacy concerns in E-commerce are attracting more and more attention. Existing E-commerce models are trapped in a dilemma between the proof of ownership and privacy protection. To address this issue, in this paper we design a privacy-preserving business protocol by employing private smart contracts in the negotiation phase. The protocol allows counterparties make deals without the disclosure of private information such as identities, addresses, and phone numbers. Moreover, we employ the zero-knowledge proof to guarantee the ownership. To understand the feasibility for implementing the proposed model, we also conduct extensive experiments to evaluate the performance of existing blockchain development platforms, Ethereum Quorum and SERO. ![]() |
|
Jung, Youlim |
![]() Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. ![]() |
|
Lunesu, Maria Ilaria |
![]() Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable ![]() ![]() Felix Hartmann, Gloria Grottolo, Xiaofeng Wang, and Maria Ilaria Lunesu (Free University of Bolzano, Italy; University of Cagliari, Italy) Blockchain-based crowdfunding is an emerging economic phenomenon and a state-of-the-art strategy to financeventures. It bears similarity to conventional crowdfunding, buthas its own unique characteristics. Therefore the success factorsthat affect the outcome of traditional crowdfunding may have adifferent impact on blockchain-based crowdfunding campaigns. Despite that the number of blockchain-based crowdfundingcampaigns has increased drastically in the past few years, there is a lack of good understanding of what are the success factors for them in comparison to conventional crowdfunding ones. Such understanding is crucial for new ventures or entrepreneurs to design their blockchain-based fundraising initiatives properly and facilitate potential investors to seek main signals and driver sof outstanding projects. Furthermore it could help regulators and market participants to understand how the existing crowdfunding regulatory framework applies to blockchain-based crowdfunding. Due to specific characteristics of blockchain-based crowdfunding, regulatory frameworks may require potential interpretation or re-consideration of requirements to allow an effective application of regulations. To fill this knowledge gaps, we have reviewed a set of relevant literature on success factors for conventional and blockchain-based crowdfunding. The result of this literature review sheds light on the directions for future research and development. The contribution of our work is a better understanding of the distinctions and similarities of blockchain-based crowdfunding compared to traditional crowdfunding. ![]() |
|
Marchesi, Michele |
![]() Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable ![]() |
|
Nomura, Yoshihide |
![]() Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. ![]() |
|
Orrù, Matteo |
![]() Marco Ortu, Matteo Orrù, and Giuseppe Destefanis (University of Cagliari, Italy; University of Milano-Bicocca, Italy; Brunel University London, UK) Driven by the surge of interest generated around blockchain technologies over the last years, a new category of systems, called Blockchain-Oriented Software (BOS), which are strictly tied to Blockchain distributed environment, has become increasingly popular. Yet, there is not a thorough understanding of their structure and behaviour and if and to which extent they differ from traditional software systems. The present work provide a first statistical characterisation of BOS. We analysed and compared 5 C++ open source Blockchain-Oriented and 5 Traditional Java software systems, aiming at detecting potential differences between the two categories of projects, and specifically in the statistical distribution of 10 software metrics. Although, in general, the statistical distributions for Traditional software and Blockchain software show similarities, the distribution of Average Cyclomatic and Ration Comment To Code metrics reveal significant differences in their queue, whereas the Number of Statements metric shows meaningful differences on the double Pareto distribution. ![]() |
|
Ortu, Marco |
![]() Marco Ortu, Matteo Orrù, and Giuseppe Destefanis (University of Cagliari, Italy; University of Milano-Bicocca, Italy; Brunel University London, UK) Driven by the surge of interest generated around blockchain technologies over the last years, a new category of systems, called Blockchain-Oriented Software (BOS), which are strictly tied to Blockchain distributed environment, has become increasingly popular. Yet, there is not a thorough understanding of their structure and behaviour and if and to which extent they differ from traditional software systems. The present work provide a first statistical characterisation of BOS. We analysed and compared 5 C++ open source Blockchain-Oriented and 5 Traditional Java software systems, aiming at detecting potential differences between the two categories of projects, and specifically in the statistical distribution of 10 software metrics. Although, in general, the statistical distributions for Traditional software and Blockchain software show similarities, the distribution of Average Cyclomatic and Ration Comment To Code metrics reveal significant differences in their queue, whereas the Number of Statements metric shows meaningful differences on the double Pareto distribution. ![]() |
|
Pi, Bingfeng |
![]() Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. ![]() |
|
Pinna, Andrea |
![]() Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable ![]() |
|
Rocha, Henrique |
![]() Andy Amoordon and Henrique Rocha (Inria, France; University of Antwerp, Belgium) In this paper, we present Tendermint: a Byzantine Fault Tolerant (BFT) application-based blockchain. We show that Tendermint promotes another perception of blockchain programming. Unlike Ethereum which is a blockchain holding many applications, Tendermint proposes to have one application per blockchain. We discuss the idiosyncrasies of Tendermint and how it could, potentially, ease blockchain programming and improve performance. We finish by showing weaknesses of Tendermint, good practices to adopt to hinder security attacks when handling Tendermint nodes, and some potential adjustments in the IBC protocol — an interoperability protocol designed for Tendermint. Our goal is to introduce Tendermint by showing its main characteristics over traditional blockchain platforms such as Bitcoin or Ethereum. ![]() |
|
Shin, Donghwan |
![]() Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. ![]() |
|
Sun, Jun |
![]() Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. ![]() |
|
Taibi, Davide |
![]() Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable ![]() |
|
Tonelli, Roberto |
![]() Roberto Tonelli, Maria Ilaria Lunesu, Andrea Pinna, Davide Taibi, and Michele Marchesi (University of Cagliari, Italy; Tampere University of Technology, Finland) Blockchain technologies and smart contracts are becoming mainstream research fields in computer science and researchers are continuously investigating new frontiers for new applications. Likewise, microservices are getting more and more popular in the latest years thanks to their properties, that allow teams to slice existing information systems into small and independent services that can be developed independently by different teams. A symmetric paradigm applies to smart contracts as well, which represent well defined, usually isolated, executable programs, typically implementing simple and autonomous tasks with a well defined purpose, which can be assumed as services provided by the Contract. In this work we analyze a concrete case study where the microservices architecture environment is replicated and implemented through an equivalent set of smart contracts, showing for the first time the feasibility of implementing a microservices-based system with smart contracts and how the two innovative paradigms match together. Results show that it is possible to implement a simple microservices-based system with smart contracts maintaining the same set of functionalities and results. The result could be highly beneficial in contexts such as smart voting, where not only the data integrity is fundamental but also the source code executed must be trustable ![]() |
|
Wang, Chenxu |
![]() Yiming Jiang, Chenxu Wang, Yawei Wang, and Lang Gao (Xi'an Jiaotong University, China) With the increasing popularity of online shopping, privacy concerns in E-commerce are attracting more and more attention. Existing E-commerce models are trapped in a dilemma between the proof of ownership and privacy protection. To address this issue, in this paper we design a privacy-preserving business protocol by employing private smart contracts in the negotiation phase. The protocol allows counterparties make deals without the disclosure of private information such as identities, addresses, and phone numbers. Moreover, we employ the zero-knowledge proof to guarantee the ownership. To understand the feasibility for implementing the proposed model, we also conduct extensive experiments to evaluate the performance of existing blockchain development platforms, Ethereum Quorum and SERO. ![]() |
|
Wang, Xiaofeng |
![]() Felix Hartmann, Gloria Grottolo, Xiaofeng Wang, and Maria Ilaria Lunesu (Free University of Bolzano, Italy; University of Cagliari, Italy) Blockchain-based crowdfunding is an emerging economic phenomenon and a state-of-the-art strategy to financeventures. It bears similarity to conventional crowdfunding, buthas its own unique characteristics. Therefore the success factorsthat affect the outcome of traditional crowdfunding may have adifferent impact on blockchain-based crowdfunding campaigns. Despite that the number of blockchain-based crowdfundingcampaigns has increased drastically in the past few years, there is a lack of good understanding of what are the success factors for them in comparison to conventional crowdfunding ones. Such understanding is crucial for new ventures or entrepreneurs to design their blockchain-based fundraising initiatives properly and facilitate potential investors to seek main signals and driver sof outstanding projects. Furthermore it could help regulators and market participants to understand how the existing crowdfunding regulatory framework applies to blockchain-based crowdfunding. Due to specific characteristics of blockchain-based crowdfunding, regulatory frameworks may require potential interpretation or re-consideration of requirements to allow an effective application of regulations. To fill this knowledge gaps, we have reviewed a set of relevant literature on success factors for conventional and blockchain-based crowdfunding. The result of this literature review sheds light on the directions for future research and development. The contribution of our work is a better understanding of the distinctions and similarities of blockchain-based crowdfunding compared to traditional crowdfunding. ![]() |
|
Wang, Yawei |
![]() Yiming Jiang, Chenxu Wang, Yawei Wang, and Lang Gao (Xi'an Jiaotong University, China) With the increasing popularity of online shopping, privacy concerns in E-commerce are attracting more and more attention. Existing E-commerce models are trapped in a dilemma between the proof of ownership and privacy protection. To address this issue, in this paper we design a privacy-preserving business protocol by employing private smart contracts in the negotiation phase. The protocol allows counterparties make deals without the disclosure of private information such as identities, addresses, and phone numbers. Moreover, we employ the zero-knowledge proof to guarantee the ownership. To understand the feasibility for implementing the proposed model, we also conduct extensive experiments to evaluate the performance of existing blockchain development platforms, Ethereum Quorum and SERO. ![]() |
|
Yamashita, Kazuhiro |
![]() Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. ![]() |
|
Yoo, Junghun |
![]() Junghun Yoo, Youlim Jung, Donghwan Shin, Minhyo Bae, and Eunkyoung Jee (University of Oxford, UK; KAIST, South Korea; University of Luxembourg, Luxembourg; BlockchainOS, South Korea) A blockchain is a type of distributed ledger that can record transactions between parties in a verifiable and permanent manner. Each node contains its ledger, and the contents of each ledger are maintained to be the same by a consensus algorithm. It is essential to ensure the safety and liveness of the consensus algorithms in blockchain platforms. The Stellar Consensus Protocol (SCP), which is a consensus algorithm for the Stellar cryptocurrency using the blockchain, is utilized for the federated Byzantine agreement. The quorum configuration is one of the essential factors for ensuring the safety and liveness of the SCP; however, it has been rarely studied. In this study, we model the SCP with timed automata and verify the model using a model checking technique, with the purpose of investigating and evaluating the SCP. Through the modeling and verification of the SCP, we could check whether a certain quorum configuration ensures consensus or not, before execution on an actual network. We present several abstraction techniques that help in coping with the extremely large state space of the SCP model in formal verification. The proposed modeling and verification techniques can be utilized for other consensus protocols of various blockchain platforms using the Byzantine agreement. ![]() |
|
Zhou, Ence |
![]() Kazuhiro Yamashita, Yoshihide Nomura, Ence Zhou, Bingfeng Pi, and Jun Sun (Fujitsu Labs, Japan; Fujitsu, China) Blockchain is a decentralized ledger technology, and it is the technology underlying Bitcoin and Ethereum. The interest in blockchain has been increasing since its emergence. Hyperledger Fabric is one of the permissioned blockchain frameworks. One of the characteristics of Hyperledger Fabric is it utilizes general-purpose programming languages, e.g., Go, Node.js, and Java, to implement smart contracts (called chaincode in Hyperledger Fabric). The advantages of utilizing these languages are already known to potential developers, and development tools might already exist. However, one of the disadvantages is that these languages were not originally designed for writing smart contracts. Hence, there may be risks that developers do not need to consider when using specific languages such as Solidity of Ethereum. Furthermore, even though development tools exist, how many risks are covered by the tools is an open question. In this paper, we focus on Go language and the tools. First, we surveyed what kind of risks are associated with chaincodes are developed using Go language and observed there are 14 potential risks. Then, we investigated how many risks can be covered by Go tools, e.g., golint and gosec, and a vulnerability detection tool for chaincodes called Chaincode Scanner. From our results, we observed that some risks are not covered by the existing tools. Hence, we develop a detection tool to cover risks by static analysis. Finally, in this paper, we describe how to find the risks with our tool and evaluate the usefulness. ![]() |
28 authors
proc time: 0.27