Stanford Blockchain Conference Day1: New Attack Can Crack Anonymity of Zcash or Monero?

From February 20th to 22nd, Beijing time, the 2020 Stanford Blockchain Conference hosted by Findora was held at Stanford University. This meeting focused on security engineering and risk management methods in blockchain systems, and explored the application of encryption technology. , Decentralized protocols, formal methods, and empirical analysis to improve the security of blockchain systems.

The first day of the conference can be divided into four major topics: scalability, attacks, zero-knowledge proof SNARKs, and new blockchains.

ERLXLKlUcAIePkC

Scalability Topic: Limitations of Plasma Technology and Proof of Work (PoNW)

On the topic of scalability, Stefan Dziembowski from the University of Warsaw delivered a speech entitled "The Boundaries of the Off-Chain Protocol: Exploring the Limitations of Plasma Technology", according to which they investigated the inherent limitations of Plasma's system, and It shows that malicious parties can always launch attacks, forcing honest parties to transfer large amounts of data to the blockchain. This research shows that every plasma system (such as Plasma Cash) must have a large exit, otherwise it will inevitably suffer from a large number of exit problems caused by data unavailability, which cannot be circumvented by introducing additional cryptographic assumptions.

Stefan Dziembowski stated in his speech:

"I think at this stage, Plasma needs more formalization and expansion."

Paper link: https://eprint.iacr.org/2020/175

Assimakis Kattis, a PhD student from New York University, presented the results of his "Proof of Necessary Work (PoNW): Concise State Verification and Fair Guarantee". It is reported that this research enables stateless light clients Effectively verify the entire blockchain history in milliseconds. In his speech, he mentioned:

"Our contribution is that the concise client can accept about 1 kilobyte of initialization data. In the trust model in this model, you only need to access a proof of the longest chain, and then it is OK. This prototype is a bit A simplified version of the coin, which is based on the account model. It has no fancy scripts and no UTXO. The certificate in the system is very small, only about 373 bytes. The size of the certificate is the same regardless of the total number of transactions. "

Paper link: https://eprint.iacr.org/2020/190

Ed Felten from Off-chain Labs gave a talk entitled "Arbitrum 2.0: Fast Off-Chain Contract with On-Chain Security", which introduced an expansion product called Arbitrum Rollup.

Attack topic: Cracking the anonymity of Zcash or Monero through a remote side channel attack

In addition to the topic of scalability, the topic of blockchain security has also received much attention.

In this regard, Florian Tramer from Stanford University gave a lecture entitled "Anonymous Transactions Linked via Remote Side Channel Attacks", which described a common type of time side channel and traffic analysis attack method that allows remote adversaries to bypass anonymous currencies Cryptographic protection provided.

These attacks enable active remote attackers to identify the (secret) payee of any transaction in Zcash or Monero. Studies have found that in the implementation of Zcash, the time to generate a zero-knowledge proof depends on the secret transaction data, especially the transaction funds. Quantity. Therefore, although the proof system has zero-knowledge attributes, an attacker who can measure the proof generation time may undermine the confidentiality of the transaction.

It is reported that this research was done jointly by Florian Tramer and Dan Boneh and Professor Kenny Paterson.

Florian Tramer said in his speech:

"We responsibly disclosed the problem to the affected Zcash and Monero project parties, and they have now patched the vulnerability."

Paper link: https://crypto.stanford.edu/timings/paper.pdf

In addition, Daniel Perez, a researcher from Imperial College London, introduced a new type of DoS attack called a resource exhaustion attack, which uses defects in blockchain systems such as Ethereum to generate low-throughput contracts. These contracts are available In order to prevent nodes with lower hardware capacity from participating in the network, the degree of decentralization of the network is artificially reduced.

Paper link: https://arxiv.org/abs/1909.07220

Zero-knowledge proof topic: Stackexchange can achieve 9000-18000 tps

In recent years, research on zero-knowledge proofs has become increasingly hot, and this Stanford blockchain conference also focused on the research progress in this area.

For example, the chief scientist from Starkware, Israel Institute of Technology, gave a lecture on computer science professor Eli Ben-Sasson about STARK technology.

"STARKs and StarkWare are known for achieving high scalability. Today, with the StarkExchange smart contract system, we can already achieve approximately 9,000 transactions / second on Ethereum, and for payments, we can achieve 18,000 transactions / second. This system will soon be launched on the Ethereum mainnet, and we are expanding these features to serve non-homogeneous tokens. "

Nick Spooner from the University of California, Berkeley, presented "Fractal: Holography-Based Post-Quantum and Transparent Recursive Proof" at the conference. He stated:

"One of the most powerful features of SNARK is the so-called recursive proof in which you can actually prove that another SNARK is correct, and Fractal is a show that shows how to actually do this and how to use post-quantum security to get Recursive SNARK system. "

Paper link: https://eprint.iacr.org/2019/1076.pdf

Summary: During the first day of the conference, the topics of scalability and privacy remained the main concerns of researchers. In addition, some project parties also demonstrated their own technical characteristics. The Libra blockchain and their Move programming language were introduced at the conference, while Marek Olszewski from the Celo protocol focused on their ultralight client.

ERKZWljUwAAuGTZ

Trailer: In tomorrow ’s conference, Ethereum co-founder Vitalik Buterin will give a speech on the topic of 51% attacks, and Lei Yang from MIT will introduce a new consensus mechanism called Prism, which can achieve 10,000 times Bitcoin Expansion, everyone can look forward to it.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!

Share:

Was this article helpful?

93 out of 132 found this helpful

Discover more

Blockchain

A major Brazilian bank announces closure of accounts on cryptocurrency exchanges

As a large commercial bank refuses to comply with the "Prevention of Cryptocurrency Exchange Account Closure&quo...

Blockchain

Research Report | Blockchain Economics Panorama and Future: Exchange Compliance

Author: BlockVC industry research team Source: BlockVC Editor's Note: The original title is "Postal Chain E...

Market

Three days after listing, trading volume is lackluster. The first-ever leveraged BTC ETF in the US did not have a good start.

First leveraged cryptocurrency ETF in the US underperforms expectations three days after listing.

Blockchain

In those years, the traditional financial sponsorship system practiced on the trading platform

This article is probably: 6900 words Reading needs: about 13 minutes (Deep long text, it is recommended that the coll...

Market

The short-lived boom is hard to sustain, the second major crash after FTX is on its way.

Macro recession, will it make crypto become a safe haven asset, or will it collapse the entire crypto world? Original...

Blockchain

The real life of the owner of the exchange: the horror of the thief, the night can not linger

Xu Mingxing once dreamed that someone had kidnapped him and asked him to hand over Bitcoin. Awakened in his dream, he...