Ethereum conference 2017 may 22
Blockchain is the peer-to-peer technology behind major cryptocurrencies like bitcoin and ethereum eth. However, the distributed ledger concept is applicable to a diverse industries from gaming to healthcare to energy and beyond, even if it is most widely known for its applications in the FinTech niche. Because of its resilient nature, blockchain can create an environment that wards against fraud in terms of both money and information. One intriguing user of blockchain is in regards to copyright for photographers as well as other artists and creators. What are other uses there for blockchain?
We are searching data for your request:
Ethereum conference 2017 may 22
Upon completion, a link will appear to access the found materials.
Content:
Meeting with founder of Ethereum project Vitalik Buterin
By definition, blockchain platforms offer secure and reliable data exchange between stakeholders without a trusted third party. Private and consortium blockchains implement access restrictions, so that sensitive data is kept from the public. However, due to its distributed structure, only one node with faulty configuration can leak all blockchain data. For our study, we scanned the Internet for misconfigured private Ethereum nodes.
Overall, we found nodes belonging to blockchains that are not one of the large Ethereum-based networks. For our analysis, we chose a diverse sample of networks. Then, we analyzed in-depth 4 different networks with 10 to 20 nodes enabling to over 34 million transactions.
We used graph visualization tools to picture the networks transactions and to identify stakeholders and activities. With our research, we show how to reveal confidential information from blockchains, which should not be exposed to the public and could potentially include identities, contract data as well as legal data.
Thereby, we illustrate the legal and social implications of data leakage by this distributed and supposedly secure technology. In summary, we show that the large attack surface of private or consortium blockchains poses a threat to the security of those networks. The nodes used in this study were not configured according to the Ethereum guidelines and exposed information directly to the Internet.
However, even correctly configured nodes provide an excellent target for attackers as they allow them to gain information about a whole network while only breaching one weak point. Lastly, our study discusses whether private blockchain networks can reach a consensus without sharing all data between nodes and what data distribution strategies defend best against weak links in the chain.
Blockchain technology has sparked interest in a variety of industries. Even after the initial Bitcoin hype, blockchain as a technology is still regarded to have the potential to drive decentralization and disintermediation. The cryptographic primitives and consensus mechanisms make storing and transferring of data not only secure and resistant against manipulation but also not reliant on a trusted third party.
Most commercial blockchain applications rely on a private or a consortium blockchain. The purpose of this sort of blockchain is only to allow a select group of participants to read or write data from or to the ledger. Customer-focused solutions, such as the Diem [ 2 ] cryptocurrency, use this approach to keep customer transaction data private [ 3 ].
The distributed nature of blockchains makes them more failsafe and resistant to manipulation. However, with each additional node that joins the network, simultaneously its attack surface for data theft increases. This implies that, even for large networks, only one misconfigured node can leak the whole blockchain data to malicious actors. In business contexts, information about internal structures can be leaked to competitors. For private use-cases, information about the individual transaction structures can give deep insights into personal behavior and contain the most sensitive information.
To assess the severity of a data breach on one node of the network, we conducted a study to determine how information can be extracted and visualized to gain as many insights into a private blockchain as possible. Thus, our study reverse engineers parts of blockchain networks to gain the necessary information.
Reverse engineering a system is typically used to infer how an underlying mechanism works. The difficulty of reverse engineering systems is determined by the number of their components and the interdependence of their components as well as the number of their settings.
Inspired by the Internet Census [ 5 ] , our approach relies on data reverse-engineered from a security issue in a faulty configuration of Ethereum. Starting there, we conducted four small case studies on different implementations of the Ethereum platform to identify stakeholders and mechanisms of these networks.
Building on this, we want to address the following research questions RQ in this study:. RQ1: Which methods and tools are required to reverse engineer Ethereum networks? RQ2: How much information can be extracted from consortium blockchains with one misconfigured node?
Our paper addresses managers, lawmakers and scientists who are interested in a more technical evaluation of the security of private blockchains. In this paper, we contribute methods used in the process of reverse engineering, as well as the results of the evaluation. Additionally, we provide the insights we gained from the reverse engineering of blockchain networks and the implications they provide for the adoption of the technology.
The rest of the paper is structured as follows: In the next section, we lay the foundations by discussing relevant literature and previous work.
We then introduce the methodology as well as the data we used for the analysis. The following chapter contains our main research results, by first providing an overview of the technological side of the market and then a detailed analysis of four different blockchains and their use.
The final chapter summarizes and concludes the research. In its very basics, the blockchain is a distributed ledger of transactions autonomously managed by a consensus mechanism. Technically, it can be pictured as a growing chain of linked blocks, from where its name originates. The blocks of a blockchain are stored distributed by the participants, the so-called nodes. The blocks of a chain consist of a block header and a list of transactions.
In the Ethereum blockchain, each transaction has one sender and one recipient. Today, it is possible to not only store transactions in the blockchain, but also data objects and small programs, which is how smart contracts are implemented.
There are many smart contract-based tokens, often standardized by Ethereum Request for Comments ERC standards, which define their characteristics and interface. Given all transactions in a network, naturally, a graph can be built to model the interactions of the participants. The nodes of this graph do not necessarily have to correspond to the nodes of the blockchain network and must not be confused.
One physical node of the network could, for example, host multiple Ethereum accounts and therefore represent several nodes in the transaction graph. Additionally, the nodes of the transaction graph can be smart contracts as well. There has been a lot of prior research on the technical analysis of blockchains. This research strongly focuses on large public blockchains, analyzing the transaction structure of public blockchains and the usage patterns therein.
First analyses were used to deanonymize Bitcoin users. To consider all transactions, it would be necessary to include the additional network structure that is built by interacting with smart contracts. Studies researching transaction networks of ERC tokens partially deconstructed those structures. The limited existing research regarding the programming interface JSON-RPC of a network focuses mostly on the possible attack surface it provides, such as stealing mining reward and denial-of-service attacks, [ 13 ] or the use of blockchain-based applications.
In contrast to other security or software engineering related topics, we focus on extracting knowledge for a more research-driven goal. Several researchers used this as a foundation, regarding the provided knowledge as well as the used methods, to get insights in other technologies or security-related issues. To answer our research questions, we used a multiple case study approach. As units of analysis, we chose the block headers and transaction data, as well as the network node data for different blockchains.
To identify potential blockchains for a more in-depth analysis, we first created an overview of the Ethereum platform landscape. To do so, we used Shodan, a search engine for Internet-connected devices. Technically, this gives everyone the possibility to not only extract data from the whole blockchain but also to manipulate the node.
It should however be noted that each node in our dataset is for some reason not configured according to the official recommendations, as the RPC interface should never be exposed openly to the internet. Therefore, we only cover blockchains where at least one node was not configured properly. To build our overview dataset on the operation of nodes, we queried the RPC interface of each of the 3, nodes. We extracted the chain version, genesis block i. To determine the age of each blockchain, we additionally queried the second block of each chain.
We decided not to use the timestamp provided in the genesis block since it often provided a zero value in the timestamp. For nodes that are running on the Ethereum main network, we also queried block number 1,, at which the chain splits into Ethereum and Ethereum Classic. We used this as a mechanism to check how valid our data was and how representative our sample of blockchain nodes was. Our final overview dataset consists of 2, active Ethereum nodes, of which nodes are used in unique blockchain networks and nodes are connected to the Ethereum main network.
The network size of the entire Ethereum main network is at the time estimated at 6, nodes according to ethernodes. Additionally, we compared how many nodes of the mainnet [ 19 ] are operated in different countries and arrived at a very similar distribution, as shown in Figure 1. We did this estimation with other known networks, such as the various Ethereum test networks, which we extracted from an open-source repository for known networks.
We used the final overview dataset to provide high-level insights into the Ethereum landscape. Additionally, we used this data to identify potential candidates for our case studies. We chose the blockchains according to the number of active nodes, length, and age of the blockchain as well as the distribution of nodes.
The goal was to get a diverse set of blockchains to study and draw generalized conclusions. For the chosen blockchains, we extracted account holders for each node and the complete blockchain record of transactions. To identify usage patterns, we used social network analyses on the transaction networks to identify commonly used smart contracts.
We extracted and decompiled the smart contracts with the Panoramix decompiler [ 21 ] to find out what their role in the blockchain is. While this is a state-of-the-art approach, the decompilation of Ethereum contracts is still in an experimental stage and does not guarantee success. Therefore, we were not able to decompile and analyze all relevant smart contracts. We summarize the overall data extraction process in Figure 2.
The mix of source code analysis and social network analysis allowed us to reverse engineer use cases and interaction patterns with the blockchains, and hence provide a suitable way to investigate the proposition. Figure 2: Overall Data Collection Process. The primary analysis of this paper consists of two parts. First, we describe the overall landscape of the Ethereum protocol using the overview dataset.
From there, we can draw the first conclusions, before providing a more in-depth analysis of four case studies for Ethereum-based blockchains. To get an overall view of the Ethereum Landscape and map our findings, we analyzed the metadata from the collected dataset. For further analysis, we have chosen different dimensions, which contribute to our overall goal and give us first useful insights in the Ethereum universe to determine the potential case study candidates later.
As a first dimension, we analyzed the hosting of the different nodes. With over half of all nodes, the big cloud providers Amazon, Digital Ocean, Microsoft, Google, and Alibaba are claiming a large piece of the Ethereum hosting. This shows that the Ethereum technology shows great potential for business adoption since the cloud setup process is a fast solution to get started.
It is an advantage over other technologies, which currently rely on specialized mining hardware that is not widely available. We were surprised by the large share of cloud providers since one of the main advantages of blockchain applications is its distributed topology that affords the technology security and resilience advantages.
Investigation of Big Data Analytics for Forecasting Cryptocurrency Value Patterns
By definition, blockchain platforms offer secure and reliable data exchange between stakeholders without a trusted third party. Private and consortium blockchains implement access restrictions, so that sensitive data is kept from the public. However, due to its distributed structure, only one node with faulty configuration can leak all blockchain data. For our study, we scanned the Internet for misconfigured private Ethereum nodes. Overall, we found nodes belonging to blockchains that are not one of the large Ethereum-based networks. For our analysis, we chose a diverse sample of networks.
Upcoming Events
The Blockchain technology is gaining more and more popularity across the world. The latest trends in cryptocurrency space are emerging with the fast speed. A lot of events are organized for blockchain specialists as well as cryptocurrency enthusiasts for collaboration, education and exploring new opportunities and ideas in this sphere. They build a platform for blockchain decision makers, influencers, and leaders to meet up discussing new cases and trends, launch new projects, and find related sharp minds for further cooperation. With the blockchain ecosystem growing there are dozens of events to be attended. This was an absolutely exquisite experience for our Applicature team, and we gladly share our impressions and knowledge with you. Move on to know more. Most of them are going to be organized in the next year as well. From Devcon3 website This year, Devcon3 has reached out to more Ethereum community developers, students and university people than ever before. Devcon3 has two and a half times the number of attendees as last year.
Publications
Skip to Main Content. A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. Use of this web site signifies your agreement to the terms and conditions. CAs lack the incentives to invest in higher security, and the manual effort required to report a rogue certificate deters many from contributing to the security of the TLS PKI.
News and Events
Skip to Main Content. A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. Use of this web site signifies your agreement to the terms and conditions. Managing IoT devices using blockchain platform Abstract: Since the start of Bitcoin in [1], blockchain technology emerged as the next revolutionary technology. Though blockchain started off as a core technology of Bitcoin, its use cases are expanding to many other areas including finances, Internet of Things IoT , security and such[2]. Currently, many private and public sectors are diving into the technology[3].
Blockchain’s night out: the Coin Center Annual Dinner is back!
We use cookies in order to improve the quality and usability of the HSE website. More information about the use of cookies is available here , and the regulations on processing personal data can be found here. By continuing to use the site, you hereby confirm that you have been informed of the use of cookies by the HSE website and agree with our rules for processing personal data. You may disable cookies in your browser settings. Full text added May 22, Student Theses at HSE must be completed in accordance with the University Rules and regulations specified by each educational programme. Summaries of all theses must be published and made freely available on the HSE website. The full text of a thesis can be published in open access on the HSE website only if the authoring student copyright holder agrees, or, if the thesis was written by a team of students, if all the co-authors copyright holders agree.
Young and earning: Teen traders ride the bull market like pros. Are they missing the bear in sight? Choose your reason below and click on the Report button.
This edition is going to be hybrid: it takes place in Verona Italy and will also be accessible online! Our CFP will be open until Feb 2nd and the speaker line up will be announced soon after. Don't miss the opportunity to take part to this amazing event with international speakers from all over the world. Follow us on Twitter and Facebook.
Skip to search form Skip to main content Skip to account menu You are currently offline. Some features of the site may not work correctly. DOI: View via Publisher. Save to Library Save. Create Alert Alert. Share This Paper.
Victor S. Biosketch Google Scholar Profile. Graduate Students Facheng Guo. Jessica Freeze.
You are not right. I propose to discuss it. Email me at PM, we'll talk.
Thank you !!! You often have very interesting posts! You really lift my spirits.
Not an expert?
It not absolutely approaches me. Who else, what can prompt?
Wacker, which a necessary phrase ..., a brilliant thought