IC3: Advancing the science and applications of blockchains

Latest on Blog

by Orestis Alpos (University of Bern), Ignacio Amores-Sesar (University of Bern, IC3), Christian Cachin (University of Bern, IC3), Michelle Yeo (National University of Singapore) on May 10, 2024
The problems of maximal-extractable value (MEV) and front-running attacks have plagued decentralized finance (DeFi) in the recent years. We tackle the problem of sandwich attacks in general and introduce a protocol to transform any blockchain consensus algorithm into a new one that has the same security, but in which sandwich attacks are no longer profitable. Our protocol is fully decentralized with no trusted third parties or heavy cryptographic primitives. It makes existing blockchains resilient to such attacks in exchange for increased latency until consensus becomes final and by adding a small computational overhead.
by James Austgen, Andrés Fábrega, Sarah Allen, Kushal Babel, Mahimna Kelkar, and Ari Juels on January 16, 2024
Decentralized Autonomous Organizations (DAOs) are increasingly popular, and already managing many billions of dollars in treasuries. Their decentralized governance is a transformative new way of organizing communities. But as they grow, DAOs will face a new and potent threat to their decentralization - Dark DAOs. A Dark DAO is a private smart contract that targets a legitimate DAO, attacking its voting integrity by enabling vote-buying among its users. First considered in 2018, Dark DAOs haven’t yet appeared in the wild — but only because DAOs are not very decentralized today. As DAOs continue on a path to higher decentralization, Dark DAOs will inevitably surface. Vote-buying may be illegal in political elections, but in DAOs it’s probably legal. It’s legal in shareholder voting and there’s even a marketplace to facilitate it. Vote-buying in DAOs would follow the trend in Web3 of monetizing everything from people’s friends to maximal-extractable value (MEV).
by James Austgen, Andrés Fábrega, Sarah Allen, Kushal Babel, Mahimna Kelkar, and Ari Juels on December 04, 2023
Decentralized Autonomous Organizations, or DAOs, promise to revolutionize the ways that communities collaborate. The ‘D’ in DAO — the decentralization — is the critical ingredient. But the way most people in the Web3 community reason about DAO decentralization today is flawed. It fails to point the way toward sound DAO governance. Today, people commonly view decentralization in DAOs — and other Web3 projects — entirely in terms of how tokens are distributed among addresses. The Gini coefficient and similar measures of wealth inequality — such as entropy of token holdings — are popular metrics for this purpose. A high Gini coefficient over addresses in a DAO is “bad” - it means high concentration — dominant control by whales and other large holders. A low Gini coefficient, on the other hand, is “good,” indicating even distribution of tokens. Our new research shows that there are gaping blind spots in this view of DAO decentralization. Happily, we also show that it’s possible to do better.
by Haoqian Zhang on October 03, 2023
The name “front-running” came from when a broker needs to deliver the clients’ orders to the trading desk physically. The term vividly describes how it works - an attacker who knows a large order could run ahead to execute a trade before the client’s order goes through. What is the incentive for someone to do that? Here is an example that explains why. Suppose a broker receives a large order from a client, say, buy 500,000 shares of a company’s stock. The order is big enough to drive up the share’s price. Knowing this information, an attacker can place his small order, say 10,000 shares of the same stock, before the large order. The attacker can sell his shares at a higher price when the price goes up after the large order went through. The formal definition of front-running is a practice of benefiting from the advanced knowledge of pending transactions. Although benefiting some entities involved, this practice puts others at a significant financial disadvantage, making this behavior illegal in traditional markets with established securities regulations.
by Andrew Miller, Nerla Jean-Louis, Yunqi Li, and James Austgen on August 25, 2023
Enhancing smart contract privacy is a critical stride towards the development of more useful blockchain applications. Trusted execution environments (TEEs) or secure enclaves are being used in multiple networks (Secret Network, Oasis Network, Obscuro, etc) to enable privacy without significantly increasing computational costs. However, the utilization of TEEs also brings forth challenges, specifically in designing secure network architectures that fully capitalize on the strengths of TEEs while mitigating potential risks. Our recent paper detailing several attacks on these TEE based blockchain networks that broke user privacy guarantees without doing the hard work of breaking into the TEE hardware.
by Kushal Babel, Nerla Jean-Louis, Mahimna Kelkar, Yunqi Li, Carolina Ortega Perez, Aditya Asgoankar, Sylvain Bellemare, Ari Juels, and Andrew Miller on June 12, 2023
TLDR - The Sting Framework (SF) is a new idea for bolstering the security of systems at risk of information leakage. SF addresses the case where a corrupt service (called a Subversion Service) arises that enables adversaries to exploit such leakage. SF presumes a player, called an informer, that wishes to alert the community to the presence of the corrupt service — either as a public service or to claim a bounty. SF enables the informer to generate a publicly verifiable proof that the corrupt service exists.
Older blogs...

Events

August 7-9, 2024
The conference focuses on technical innovations in the blockchain ecosystem, and brings together researchers and practioners working in the space. We are interested in the application of cryptography, decentralized protocols, formal methods, and empirical analysis, to improving the security and scalability of blockchain deployments. We aim to foster collaboration among practitioners and researchers working on blockchain protocol development, cryptography, distributed systems, secure computing, crypto-economics, and economic risk analysis.
June 10-16, 2024
Join us for the 9th Annual IC3 Blockchain Camp! This 7-day experience will be hosted once again at the Cornell Tech Campus on Roosevelt Island, New York City. Our camp technical committee of Surya Bakshi, Haaroon Yousaf, Lorenz Breidenbach, and Patrick McCorry is preparing another immersive coding and learning experience!
January 8-11, 2024
Thank you to all who joined us for the IC3 Winter Retreat 2024 at the Eurotel Victoria in Les Diablerets, Switzerland!
August 28-30, 2023
This conference focuses on technical innovations in the blockchain ecosystem, and brings together researchers and practioners working in the space. We are interested in the application of cryptography, decentralized protocols, formal methods, and empirical analysis, to improving the security and scalability of blockchain deployments. We aim to foster collaboration among practitioners and researchers working on blockchain protocol development, cryptography, distributed systems, secure computing, crypto-economics, and economic risk analysis.
Tuesday August 29, 2023
Thank you to all who joined us for the IC3 Members & Friends Reception at SBC(Science of Blockchain Conference) 2023!Held at the President's Terrace, an iconic rooftop bar in Palo Alto, the event boasted breathtaking views of Stanford, the Santa Cruz Mountains, and a California sunset. This event provided an opportunity for IC3 academic researchers, industry partners and invited guests to mingle and discuss the latest in blockchain research.
More events

News

Featured Projects

ZeroAuction: Zero-Deposit Sealed-bid Auction via Delayed Execution

Auctions, a long-standing method of trading goods and services, are a promising use case for decentralized finance. However, due to the inherent transparency property of blockchains, current sealed-bid auction implementations on smart contracts requires a bidder to send at least two transactions to the underlying blockchain - a bidder must first commit their bid in the first transaction during the bidding period and reveal their bid in the second transaction once the revealing period starts. In addition, the smart contract often requires a deposit to incentivize bidders to reveal their bids, rendering unnecessary financial burdens and risks to bidders. We address these drawbacks by enforcing delayed execution in the blockchain execution layer to all transactions. In short, the blockchain only accepts encrypted transactions, and when the blockchain has finalized an encrypted transaction, the consensus group decrypts and executes it. This architecture enables ZeroAuction, a sealed-bid auction smart contract with zero deposit requirement. ZeroAuction relies on the blockchain enhanced with delayed execution to hide and bind the bids within the encrypted transactions and, after a delay period, reveals them automatically by decrypting and executing the transactions. Because a bidder only needs to interact with the blockchain once instead of two times to participate in the auction, ZeroAuction significantly reduces the latency overhead along with eliminating the deposit requirement. For further details, please check out our Projects Page.

Keywords:
Transparency
Smart contracts
Encrypted transactions
Blockchains

More projects:

  • TFM: Collusion-Resilience in Transaction Fee Mechanism Design
  • Secure Distributed Systems: Secure Synthesis of Distributed Cryptographic Applications
  • Analysis: An Analysis of Avalanche Consensus
  • ZKP: Proof of Compliance for Anonymous, Unlinkable Messages
  • DeFi: Uniswap Daily Transaction Indices by Network
Even more projects...

Opportunities

Follow Us

Sign up here to join our mailing list and stay up to date on all things IC3!