Decentralized Beacons: Attesting the Ground Truth of Blockchain State for Constrained IoT Devices

Paavolainen, Santeri; Nikander, Pekka

doi:10.1109/giots.2019.8766432

Cited by 3 publications

(6 citation statements)

References 8 publications

(16 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…any off-site or industrial applications in particular. If interaction with public blockchains is required, we would recommend to look into ledger-to-ledger bridging approaches [39], or employ a trusted third party to attest and pin down the blockchain state [34]. For other light clients we see at ≥ 12 the time for 1-inject success under somewhat "reasonable but powerful adversary" assumptions is several hundred block intervals or more.…”

Section: Discussionmentioning

confidence: 99%

“…For example, Marcus et al describe countermeasures an Ethereum light client can take to protect itself against adversary attempting to eclipse it from the honest network [24]. Paavolainen and Nikander [34] propose a mechanism where the owner of an IoT device sends periodic decentralized beacons to the device attesting the owner's view of the canonical blockchain, allowing the device to determine a trusted blockchain state independently of the light protocol servers' intent.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Security Properties of Light Clients on the Ethereum Blockchain

Paavolainen

Carr

2020

IEEE Access

Self Cite

View full text Add to dashboard Cite

Ethereum is a decentralized blockchain, known as being the second most popular public blockchain after Bitcoin. Since Ethereum is decentralised the canonical state is determined by the Ethereum network participants via a consensus mechanism without a centralized coordinator. The network participants are required to evaluate every transaction starting from the genesis block, which requires a large amount of network, computing, and storage resources. This is impractical for many devices with either limited computing resources or intermittent network connectivity. To overcome this drawback Ethereum defines a light client protocol where the light client fetches the blockchain state from a node operating as a light protocol server. Light clients are unable to maintain blockchain state internally, and as a consequence can only perform partial validation on blocks. Thus they rely on the light server for full block validation and to provide the updated blockchain state. Light clients connect to multiple light servers to mitigate the risk of relying on a single potentially dishonest server. Ethereum light clients are known to suffer from a probabilistic security model, but they are widely assumed to be secure under normal operating conditions. In fact, the implicit security assumptions of light clients have not been formally characterised in the literature. We present and analyse the probabilistic security guarantees under three different adversarial scenarios. The results show that for any adversary that is able to manipulate the network, the security assurances provided by the light protocol are severely impacted, and in some cases entirely lost. These results clearly demonstrate that the assumption of normal operating conditions is insufficient to justify the security assumptions of light clients. Our work also provides insight to the security of light clients under different security parameters, allowing light client implementers to more accurately understand the potential security trade-offs.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Security Properties of Light Clients on the Ethereum Blockchain

Paavolainen

Carr

2020

IEEE Access

Self Cite

View full text Add to dashboard Cite

show abstract

“…A more advanced solution to protect against malicious forks was proposed in [12]. The client is no longer limited to request proofs only from trusted nodes, instead it can identify when the received information comes from a forked chain.…”

Section: Related Workmentioning

confidence: 99%

A Novel Approach for Providing Client-Verifiable and Efficient Access to Private Smart Contracts

Koberl

Bock

Steger

2022

2022 IEEE Conference on Dependable and Secure Computing (DSC)

View full text Add to dashboard Cite

Distributed Ledger Technology is a powerful tool to support direct collaboration between organisations, without requiring full trust into a centralised infrastructure. By defining a program logic and access policies with smart contracts, all interactions are verified in the distributed network and the history of the data is recorded on the ledger. Blockchain implementations targeting enterprise use cases also provide means for private transactions, where the content of the transaction is only readable by authorized participants. Direct access to the ledger requires a node with reliable connection to the network and sufficient computational resources, which usually cannot be fulfilled with lightweight Internet of Things devices and mobile applications.We present an advanced system for accessing an enterprise Blockchain through dedicated gateway nodes, while preserving the functionality of private transactions. A hybrid approach is used to allow computation-and storage restricted clients to send private transactions through a central gateway, and use Light Ethereum Subprotocol to verify the data integrity based on proofs from distributed nodes.To increase the client-side security level, we introduce a dedicated Hardware Security Module for key management and efficient execution of the cryptographic primitives. A proof-ofconcept implementation, using the Quorum Blockchain client and an extension for the Tessera transaction manager, validates the feasibility of the approach and can be used for further research in this field.

show abstract

“…One approach is to leverage Trusted Execution Enclaves (TEE) such as Intel's SGX technology, where the TEE executed code is attested as authentic, and is used to provide secure updates on the ledger state to a light client [34]- [36]. There are other mechanisms as well that can increase the security of light clients albeit at the cost of relying on a trusted party [10]. It has been pointed out that the default Ethereum light protocol model provides no incentives for the servers to be honest, which has been addressed for example by Lu et al who devise a model which incentivizes light servers to provide honest answers [37].…”

Section: Related Workmentioning

confidence: 99%

“…There are several proposals to increase light client security that would mitigate the identified vulnerability, but these either require: Partial connectivity with the honest network [7]; a decentralized reputation system [8]; replacement of the entire blockchain [9]; or introduction of a remote trusted party [10]. In short, they do not comprehensively address the issue within the context of the current Ethereum blockchain.…”

Section: Introductionmentioning

confidence: 99%

Adventures of a Light Blockchain Protocol in a Forest of Transactions: A Subset of a Story

2021

Self Cite

View full text Add to dashboard Cite

The Ethereum blockchain is one of the most popular permissionless blockchains. A consequence of its popularity has been the growth of processing and data storage requirements for any node participating in the Ethereum blockchain network. For constrained devices such requirements are often infeasible to meet. To cater for such nodes, a so-called light protocol has been proposed for Ethereum where the responsibility of maintaining a correct state representation is delegated to light protocol servers. Previous research has identified dependence on external state management as a potential security vulnerability that exclusively impacts light nodes. Although a simple mitigation strategy is available, it comes at the expense of increased latency. In this work, we propose a new Ethereum node type, which we call a subset node, as an extension of the light protocol. Our proposal allows subset nodes to gain a lower latency than a pure light node with comparable or even higher security assurances by tracking and evaluating only a subset of all of the transactions issued on the blockchain. We provide a formal proof on the correctness of the blockchain state used by the subset node under the proposed model. To evaluate the practical feasibility of the subset node model, we analyze one year of historical transaction data from Ethereum, and demonstrate that a subset node tracking the state of a single account can achieve a significant reduction in storage and computational requirements when compared to a full node.

show abstract

Decentralized Beacons: Attesting the Ground Truth of Blockchain State for Constrained IoT Devices

Cited by 3 publications

References 8 publications

Security Properties of Light Clients on the Ethereum Blockchain

Security Properties of Light Clients on the Ethereum Blockchain

A Novel Approach for Providing Client-Verifiable and Efficient Access to Private Smart Contracts

Adventures of a Light Blockchain Protocol in a Forest of Transactions: A Subset of a Story

Contact Info

Product

Resources

About