Ethereum is a decentralized blockchain, known as being the second most popular public blockchain after Bitcoin. Since Ethereum is decentralised the canonical state is determined by the Ethereum network participants via a consensus mechanism without a centralized coordinator. The network participants are required to evaluate every transaction starting from the genesis block, which requires a large amount of network, computing, and storage resources. This is impractical for many devices with either limited computing resources or intermittent network connectivity. To overcome this drawback Ethereum defines a light client protocol where the light client fetches the blockchain state from a node operating as a light protocol server. Light clients are unable to maintain blockchain state internally, and as a consequence can only perform partial validation on blocks. Thus they rely on the light server for full block validation and to provide the updated blockchain state. Light clients connect to multiple light servers to mitigate the risk of relying on a single potentially dishonest server. Ethereum light clients are known to suffer from a probabilistic security model, but they are widely assumed to be secure under normal operating conditions. In fact, the implicit security assumptions of light clients have not been formally characterised in the literature. We present and analyse the probabilistic security guarantees under three different adversarial scenarios. The results show that for any adversary that is able to manipulate the network, the security assurances provided by the light protocol are severely impacted, and in some cases entirely lost. These results clearly demonstrate that the assumption of normal operating conditions is insufficient to justify the security assumptions of light clients. Our work also provides insight to the security of light clients under different security parameters, allowing light client implementers to more accurately understand the potential security trade-offs.
The upsurge of Industrial Internet of Things is forcing industrial information systems to enable less hierarchical information flow. The connections between humans, devices, and their digital twins are growing in numbers, creating a need for new kind of security and trust solutions. To address these needs, industries are applying distributed ledger technologies, aka blockchains. A significant number of use cases have been studied in the sectors of logistics, energy markets, smart grid security, and food safety, with frequently reported benefits in transparency, reduced costs, and disintermediation. However, distributed ledger technologies have challenges with transaction throughput, latency, and resource requirements, which render the technology unusable in many cases, particularly with constrained Internet of Things devices.To overcome these challenges within the Industrial Internet of Things, we suggest a set of interledger approaches that enable trusted information exchange across different ledgers and constrained devices. With these approaches, the technically most suitable ledger technology can be selected for each use case while simultaneously enjoying the benefits of the most widespread ledger implementations. We present state of the art for distributed ledger technologies to support the use of interledger approaches in industrial settings.
Internet of Thing devices (IoT devices) are often constrained in terms of computing, memory, storage, power, and network resources. This makes them ill-suited to operate as firstclass citizens on a blockchain, such as Ethereum, preventing the IoT devices from attaining the security guarantees that are available to better resourced nodes that are able to operate as full, validating nodes on the blockchain. IoT devices may use so-called light protocols to interact with the blockchain with minimal resource requirements, but these protocols provide only probabilistic security guarantees. In this position paper, we propose a new mechanism where an operator of IoT devices is able to send a "ground truth state" to the devices via a new mechanism, which we call "decentralized beacons", enabling them to gain full security guarantees of the blockchain state.
There has been increased interest in the use of blockchains to control Internet of Things devices either directly, or through smart contracts. Many blockchains, such as Ethereum and Fabric, have support for smart contracts. The use of public blockchains while attractive due to their decentralization and availability, do pose challenges, such as unpredictable transaction latencies and cryptocurrency price fluctuations. Transactions in the Ethereum network, such as invokations of smart contracts used to control an IoT device, have no fairness or eventuality guarantees. In this work we describe a "spam attack" method available to parties with sufficient cryptocurrency reserves to delay a statistically significant portion of transactions submitted to the Ethereum network. This paper derives estimations on the costs and effects of such an attack, and is based on an analysis of historical transactions.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.