News

We are thrilled to announce the addition of Anh-Tu Hoang as a new Postdoc researcher. Please join us in extending a warm welcome to Tu.

He earned his Bachelor's degree in Information Technology and Master's in Information Systems from the University of Science, Vietnam National University in Ho Chi Minh City. Subsequently, in 2020, he successfully completed his PhD at the University of Insubria in Varese, Italy. With a background in privacy, security, machine learning, and decentralized systems, Tu is set to make significant contributions to CDL-BOT.

We are confident that Tu's joining represents a fantastic chance for our team to acquire new knowledge, develop, and work collectively towards our common goals. We extend our best wishes to him for a fruitful future at TUHH and CDL-BOT.

We are thrilled to announce that our paper, "Horizontal Scaling of Transaction-Creating Machines for Blockchains," has been awarded the Best Paper Award at the 10th European Conference on Service-Oriented and Cloud Computing (ESOCC 2023). This achievement highlights the importance and impact of our research in blockchain and cloud computing.

Our paper delves into the scalability of the off-chain creation of transactions and proposes four mechanisms for horizontally scaling transaction creation in Ethereum. We want to thank everyone involved in the project and our supporters for their continuous encouragement. This award motivates us to further our research and contribute valuable insights to the community.

To learn more about our paper and its findings, look here.

In an exciting session at the 9th CD-Forum at Schlosshotel Schönbrunn, Prof. Stefan Schulte gave the audience insights into the CD-Laboratory's pioneering work on Blockchain Technologies for the IoT. Prof. Schulte brought attention to the potential of blockchain not only in securing data transactions for IoT devices but also in facilitating interoperability among different blockchain networks. With an emphasis on blockchain interoperability, Prof. Schulte underscored the lab’s efforts to ensure seamless communication and transactions across diverse blockchain platforms, enhancing the functionality and reach of IoT applications. The CD-Forum continues to serve as a beacon for professionals and enthusiasts of the CDG community, fostering learning, collaboration, and discussion on the technological advancements and challenges in these pivotal sectors.

We are excited to announce that a new member has joined our ranks today. Please join us in extending a warm welcome to Elmira Ebrahimi.

Elmira comes to us as a research associate, and her wealth of experience and dedication to the privacy and security of blockchain technology will undoubtedly be an asset to our team. With a background characterized by being a top student at the highest-ranked university in Iran, we are confident she will significantly contribute to our ongoing projects. Elmira will work closely with IOTA and our team.

We believe Elmira’s arrival is an excellent opportunity for our team to learn, grow, and strive toward our shared objectives. We wish her a successful journey at the TUHH and CDL-BOT.

We are delighted to announce our research paper, "Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFi," has been accepted by the USENIX Security Symposium. This achievement underscores the dedication and hard work of our team.

The paper explores an on-demand light client solution for achieving blockchain interoperability while only requiring constant on-chain storage, cost, and computational power.

Many thanks to all contributors for their hard work. We look forward to sharing and discussing our findings with the wider community in the weeks to come.

We are absolutely thrilled to announce that our paper "Distributed Key Generation with Smart Contracts using zk-SNARKs" has been awarded the best paper award at the 38th ACM/SIGAPP Symposium On Applied Computing.

Our paper explores the application of blockchain technology in distributed key generation protocols, presenting innovative ideas and solutions to show the potential of combining blockchain technology with threshold cryptosystems. We are honored to have our efforts recognized by the distinguished panel of experts at SAC2023.

We want to express our gratitude to the conference organizers, reviewers, fellow researchers, and our industry partners, Pantos and IOTA. Cheers to continued success and innovation!

Our paper "Towards faster settlement in HTLC-based Cross-Chain Atomic Swaps" (Author: Subhra Mazumdar) has been accepted for publication at the 4th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS).

The paper is available as a preprint.

Abstract: Hashed Timelock (HTLC)-based atomic swap protocols enable the exchange of coins between two or more parties without relying on a trusted entity. This protocol is like the American call option without premium. It allows the finalization of a deal within a certain period. This puts the swap initiator at liberty to delay before deciding to proceed with the deal. If she finds the deal unprofitable, she just waits for the timeperiod of the contract to elapse. However, the counterparty is at a loss since his assets remain locked in the contract. The best he can do is to predict the initiator’s behavior based on the asset’s price fluctuation in the future. But it is difficult to predict as cryptocurrencies are quite volatile, and their price fluctuates abruptly. We perform a game theoretic analysis of HTLC-based atomic cross-chain swap to predict whether a swap will succeed or not. From the strategic behavior of the players, we infer that this model lacks fairness. We propose Quick Swap, a two-party protocol based on hashlock and timelock that fosters faster settlement of the swap. The parties are required to lock griefing-premium along with the principal amount. If the party griefs, he ends up paying the griefing-premium. If a party finds a deal unfavorable, he has the provision to cancel the swap. We prove that Quick Swap is more participant-friendly than HTLCbased atomic swap. Our work is the first to propose a protocol to ensure fairness of atomic-swap in a cyclic multi-party setting.

Our paper "LightSwap: An Atomic Swap does not Require Timeouts at Both Blockchains" (Authors: Philipp Hoenisch, Subhra Mazumdar, Pedro Moreno-Sanchez, and Sushmita Ruj) has been accepted for publication at the 6th International Workshop on Cryptocurrencies and Blockchain Technology (CBT).

The paper is available as a preprint.

Abstract: Security and privacy issues with centralized exchange services have motivated the design of atomic swap protocols for decentralized trading across currencies. These protocols follow a standard blueprint similar to the 2-phase commit in databases: (i) both users first lock their coins under a certain (cryptographic) condition and a timeout; (ii-a) the coins are swapped if the condition is fulfilled; or (ii-b) coins are released after the timeout. The quest for these protocols is to minimize the requirements from the scripting language supported by the swapped coins, thereby supporting a larger range of cryptocurrencies. The recently proposed universal atomic swap protocol [IEEE S&P’22] demonstrates how to swap coins whose scripting language only supports the verification of a digital signature on a transaction. However, the timeout functionality is cryptographically simulated with verifiable timelock puzzles, a computationally expensive primitive that hinders its use in battery-constrained devices such as mobile phones. In this state of affairs, we question whether the 2-phase commit paradigm is necessary for atomic swaps in the first place. In other words, is it possible to design a secure atomic swap protocol where the timeout is not used by (at least one of the two) users?

In this work, we present LightSwap, the first secure atomic swap protocol that does not require the timeout functionality (not even in the form of a cryptographic puzzle) by one of the two users. LightSwap is thus better suited for scenarios where a user, running an instance of LightSwap on her mobile phone, wants to exchange coins with an online exchange service running an instance of LightSwap on a computer. We show how LightSwap can be used to swap Bitcoin and Monero, an interesting use case since Monero does not provide any scripting functionality support other than linkable ring signature verification.

We are very happy to inform you today that the Christian Doppler Research Association approved the extension of CDL-BOT for the next three years. In the last two years, our team has put a lot of effort into providing excellent research results for distributed ledger technologies and the Internet of Things. During this time, we were able to publish a number of papers at top blockchain venues. Together with our industry partners, we will continue to work on open problems that hinder the widespread adoption of blockchain technology in the real world to unlock its true potential.

We would like to thank the Christian Doppler Research Association for the support and acknowledgment of our hard work. We also want to thank our industrial partners Pantos and IOTA for the great cooperation, and look forward to collaborating in the next three years.

Our paper "Thora: Atomic And Privacy-Preserving Multi-Channel Updates" (Authors: Lukas Aumayr, Kasra Abbaszadeh, and Matteo Maffei) has been accepted for publication at the 29th ACM Conference on Computer and Communications Security (CCS).

The paper is available as a preprint.

Abstract: Most blockchain-based cryptocurrencies suffer from a heavily limited transaction throughput, which is a barrier to their growing adoption. Payment channel networks (PCNs) are one of the most promising solutions to this problem. PCNs reduce the on-chain load of transactions and increase the throughput by processing many payments off-chain. In fact, any two users connected via a path of payment channels (i.e., joint addresses between the two channel end-points) can perform payments and the underlying blockchain is used only when there is a dispute between users. Unfortunately, payments in PCNs can only be conducted securely along a path, which prevents the design of many interesting applications. Moreover, the most widely used implementation, the Lightning Network in Bitcoin, suffers from a collateral lock time linear in the path length, it is affected by security issues, and it relies on specific scripting features called Hash Timelock Contracts that restricts its applicability.

In this work, we present Thora, the first Bitcoin-compatible off-chain protocol that enables atomic multi-channel updates across generic topologies beyond paths. Thora allows payments through distinct PCNs sharing the same blockchain and enables new applications such as secure and trustless crowdfunding, mass payments, and channel rebalancing in off-chain ways. Our construction requires only constant collateral and no specific scripting functionalities other than digital signatures and timelocks, thereby being applicable to a wider range of blockchains. We formally define security and privacy in the Universal Composability framework and show that our cryptographic protocol is a realization thereof. In our performance evaluation we show that our construction requires constant collateral, is independent of the number of channels, and has only a moderate off-chain communication as well as computation overhead.

Our paper "Sleepy Channels: Bitcoin-Compatible Bi-directional Payment Channels without Watchtowers" (Authors: Lukas Aumayr, Sri AravindaKrishnan Thyagarajan, Giulio Malavolta, Pedro Moreno-Sanchez, and Matteo Maffei) has been accepted for publication at the 29th ACM Conference on Computer and Communications Security (CCS).

The paper is available as a preprint.

Abstract: Payment channels (PC) are a promising solution to the scalability issue of cryptocurrencies, allowing users to perform the bulk of the transactions off-chain without needing to post everything on the blockchain. Many PC proposals however, suffer from a severe limitation: Both parties need to constantly monitor the blockchain to ensure that the other party did not post an outdated transaction. If this event happens, the honest party needs to react promptly and engage in a punishment procedure. This means that prolonged absence periods (e.g., due to a power outage) may be exploited by malicious users. As a mitigation, the community has introduced watchtowers, a third-party monitoring the blockchain on behalf of off-line users. Unfortunately, watchtowers are either trusted, which is critical from a security perspective, or they have to lock a certain amount of coins, called collateral, for each monitored PC in order to be held accountable, which is financially infeasible for a large network.

We present Sleepy Channels, the first bi-directional PC protocol without watchtowers (or any other third party) that supports an unbounded number of payments and does not require parties to be persistently online. The key idea is to confine the period in which PC updates can be validated on-chain to a short, pre-determined time window, which is where the PC parties have to be online. This behavior is incentivized by letting the parties lock a collateral in the PC, which can be adjusted depending on their mutual trust and which they get back much sooner if they are online during this time window.
Our protocol is compatible with any blockchain that is capable of verifying digital signatures (e.g., Bitcoin), as shown by our proof of concept. Moreover, Sleepy Channels impose a communication and computation overhead similar to state-of-the-art PC protocols while removing watchtower's collateral and fees for the monitoring service.

Our paper "Foundations of Coin Mixing Services" (Authors: Noemi Glaeser, Matteo Maffei, Giulio Malavolta, Pedro Moreno-Sanchez, Erkan Tairi, Sri AravindaKrishnan Thyagaraja) has been accepted for publication at the 29th ACM Conference on Computer and Communications Security (CCS).

The paper is available as a preprint.

Abstract: Coin mixing services allow users to mix their cryptocurrency coins and thus enable unlinkable payments in a way that prevents tracking of honest users’ coins by both the service provider and the users themselves. The easy bootstrapping of new users and backwards compatibility with cryptocurrencies (such as Bitcoin) with limited support for scripts are attractive features of this architecture, which has recently gained considerable attention in both academia and industry. A recent work of Tairi et al. [IEEE S&P 2021] formalizes the notion of a coin mixing service and proposes A2L, a new cryptographic protocol that simultaneously achieves high efficiency and interoperability. In this work, we identify a gap in their formal model and substantiate the issue by showing two concrete counterexamples: we show how to construct two encryption schemes that satisfy their definitions but lead to a completely insecure system. To amend this situation, we investigate secure constructions of coin mixing services. First, we develop the notion of blind conditional signatures (BCS), which acts as the cryptographic core for coin mixing services. We propose game-based security definitions for BCS and propose A2L+, a modified version of the protocol by Tairi et al. that satisfies our security definitions. Our analysis is in an idealized model (akin to the algebraic group model) and assumes the hardness of the one-more discrete logarithm problem. Finally, we propose A2LUC, another construction of BCS that achieves the stronger notion of UC-security (in the standard model), albeit with a significant increase in computation cost. This suggests that constructing a coin mixing service protocol secure under composition requires more complex cryptographic machinery than initially thought.

Our paper "Towards a Game-Theoretic Security Analysis of Off-Chain Protocols" (Authors: Sophie Rain, Georgia Avarikioti, Laura Kovács, Matteo Maffei) has been accepted for publication at the 36th IEEE Computer Security Foundations Symposium (CSF 2023).

The paper is available as a preprint.

Abstract: Off-chain protocols constitute one of the most promising approaches to solve the inherent scalability issue of blockchain technologies. The core idea is to let parties transact on-chain only once to establish a channel between them, leveraging later on the resulting channel paths to perform arbitrarily many peer-to-peer transactions off-chain. While significant progress has been made in terms of proof techniques for off-chain protocols, existing approaches do not capture the game-theoretic incentives at the core of their design, which led to overlooking significant attack vectors like the Wormhole attack in the past. In this work we take a first step towards a principled game-theoretic security analysis of off-chain protocols by introducing the first game-theoretic model that is expressive enough to reason about their security. We advocate the use of Extensive Form Games (EFGs) and introduce two instances of EFGs to capture security properties of the closing and the routing of the Lightning Network. Specifically, we model the closing protocol, which relies on punishment mechanisms to disincentivize parties to upload old channel states on-chain. Moreover, we model the routing protocol, thereby formally characterizing the Wormhole attack, a vulnerability that undermines the fee-based incentive mechanism underlying the Lightning Network.

Our paper "Advancing Blockchain-based Federated Learning through Verifiable Off-chain Computations" (Authors: Jonathan Heiss, Elias Grünewald, Nikolas Haimerl, Stefan Schulte, Stefan Tai) has been accepted for publication at the 5th IEEE International Conference on Blockchain (Blockchain 2022).

The paper is available as a preprint.

Abstract: Federated learning may be subject to both global aggregation attacks and distributed poisoning attacks. Blockchain technology along with incentive and penalty mechanisms have been suggested to counter these. In this paper, we explore verifiable off-chain computations using zero-knowledge proofs as an alternative to incentive and penalty mechanisms in blockchain-based federated learning. In our solution, learning nodes, in addition to their computational duties, act as off-chain provers submitting proofs to attest computational correctness of parameters that can be verified on the blockchain. We demonstrate and evaluate our solution through a health monitoring use case and proof-of-concept implementation leveraging the ZoKrates language and tools for smart contract-based on-chain model management. Our research introduces verifiability of correctness of learning processes, thus advancing blockchain-based federated learning.

Our paper "Cohort-based federated learning services for industrial collaboration on the edge" (Authors: Thomas Hiessl, Safoura Rezapour Lakani, Jana Kemnitz, Daniel Schall, Stefan Schulte) has been accepted for publication at the Journal of Parallel and Distributed Computing.

The paper is available as a preprint.

Abstract: Machine Learning (ML) is increasingly applied in industrial manufacturing, but often performance is limited due to insufficient training data. While ML models can benefit from collaboration, due to privacy concerns, individual manufacturers often cannot share data directly. Federated Learning (FL) enables collaborative training of ML models without revealing raw data. However, current FL approaches fail to take the characteristics and requirements of industrial clients into account.

In this work, we propose an FL system consisting of a process description and a software architecture to provide FL as a Service (FLaaS) to industrial clients deployed to edge devices. Our approach deals with skewed data by organizing clients into cohorts with similar data distributions. We evaluated the system on two industrial datasets. We show how the FLaaS approach provides FL to client processes by considering their requests submitted to the Industrial Federated Learning (IFL) Services API. Experiments on both industrial datasets and different FL algorithms show that the proposed cohort building can increase the ML model performance notably.

The head of CDL-BOT, Prof. Stefan Schulte, has been interviewed for an article about blockchain interoperability in IEEE Spectrum. IEEE Spectrum is the official magazine of the Institute of Electrical and Electronics Engineers and is provided in more than 350,000 copies to the IEEE members each month.

In the article, written by science writer Edd Gent, a broader audience is provided with fundamental information why blockchain interoperability is a hot topic and what technical approaches exist to solve this issue.

We are pleased to announce that our paper "A Voting-Based Blockchain Interoperability Oracle" by Michael Sober, Giulia Scaffino, Christof Spanning, and Stefan Schulte has been accepted as a "Regular Paper" at the 4th IEEE International Conference on Blockchain (Blockchain 2021). In this work, the authors present a blockchain oracle that enables cross-blockchain communication.
The paper is available as a preprint.
Abstract: Today's blockchain landscape is severely fragmented as more and more heterogeneous blockchain platforms have been developed in recent years. These blockchain platforms are not able to interact with each other or with the outside world since only little emphasis is placed on the interoperability between them. Already proposed solutions for blockchain interoperability such as naive relay or oracle solutions are usually not broadly applicable since they are either too expensive to operate or very resource-intensive.

For that reason, we propose a blockchain interoperability oracle that follows a voting-based approach based on threshold signatures. The oracle nodes generate a distributed private key to execute an off-chain aggregation mechanism to collectively respond to requests. Compared to state-of-the-art relay schemes, our approach does not incur any ongoing costs and since the on-chain component only needs to verify a single signature, we can achieve remarkable cost savings compared to conventional oracle solutions.

We congratulate Stefan Schulte on his new position as full professor at TU Hamburg. In the course of this, the CD-Laboratory was transferred to TU Hamburg and an additional external module was set up at TU Wien.

The Cross-Blockchain Transactions module, which is based at TU Hamburg, is headed by Dr.-Ing. Stefan Schulte and focuses on cross-blockchain aspects, such as cross-blockchain communication. Fundamental research is also done in the area of ​​developer support.

The Lightweight Blockchain Protocols module is located at TU Wien and led by Dr. Matteo Maffei. The focus here is on investigating lightweight interoperability solutions, verification of smart contracts, and sharding of DLTs.

While the structure of CDL-Bot has changed, the underlying research questions remain unchanged, but the new structure allows us to consider other aspects of the research. We look forward to the new possibilities and the future steps that can be taken through them.

We are happy to announce that the paper "Towards Cross-Blockchain Smart Contracts" by Markus Nissl, Emanuel Sallinger, Stefan Schulte, and Michael Borkowski has been accepted as a full paper at the 3rd IEEE International Conference on Decentralized Applications and Infrastructures. Within this paper, we present a first approach to provide interoperability between smart contracts running in different Ethereum Virtual Machines.

The paper is available as a preprint.

Abstract:

In recent years, manifold blockchain protocols have been proposed by researchers and industrial companies alike. This has led to a very heterogeneous blockchain landscape. Accordingly, it would be desirable if blockchains could interact with each other. However, current blockchain technologies offer only limited support for interoperability, thus preventing tokens or smart contracts from leaving the scope of a particular blockchain.

As a first step towards a solution for cross-chain smart contract interactions, we introduce a framework which allows to invoke a smart contract from another blockchain. We offer support for continuing a smart contract after receiving a result from a different blockchain, and for calling smart contracts recursively across blockchains. We provide a reference implementation for Ethereum-based blockchains using Solidity and evaluate the performance regarding time and cost overheads.

Talk at the Austrian Blockchain Center

On 29.04.2021, Stefan Schulte (CDL-BOT), Christof Spanring, and Philip Gahler (both from Pantos GmbH) gave a presentation at the Austrian Blockchain Center Talk series to an audience of roundabout 300 listeners. Within the presentation, a general overview of interoperability issues and solution approaches in the realm of Distributed Ledger Technologies were presented. Also, the application of interoperability solutions was discussed. A video from the talk can be found at Youtube.

Inauguration of the Christian Doppler Laboratory

The Christian Doppler Laboratory Blockchain Technologies for the Internet of Things has been inaugurated today. Because of the ongoing Corona pandemic, the opening had to take place online. An audience of more than 650 people watched speeches by Austria's Minister of Digital and Economic Affairs, Dr. Margarete Schramböck, the rector of TU Wien, Dr. Sabine Seidler, the head of the Christian Doppler Laboratory, Dr.-Ing. Stefan Schulte, as well as Dominik Schiener (Co-Founder IOTA) and Eric Demuth (CEO Bitpanda and Pantos).

Best Paper Award at IEEE Blockchain 2020

Congratulations to Tamara Brandstätter, Stefan Schulte, Jürgen Cito and Michael Borkowski for winning the Best Paper Award for their paper "Characterizing Efficiency Optimizations in Solidity Smart Contracts" at the 3rd IEEE International Conference on Blockchain.

Presentation of 2 Research Papers at IEEE Blockchain 2020

The papers "Characterizing Efficiency Optimizations in Solidity Smart Contracts" and "ETH Relay: A Cost-Efficient Relay for Ethereum-Based Blockchains" have been presented by Dr.-Ing. Stefan Schulte at the 3rd IEEE International Conference on Blockchain. This conference is the top conference in the blockchain research field, with an acceptance rate of 16% in 2020.

Official start of CDL-BOT

We are very happy to announce that today, the Christian Doppler Laboratory Blockchain Technologies for the Internet of Things (CDL-BOT) has started. We want to thank our partners Pantos and IOTA as well as the Christian Doppler Research Association for their support. We are looking forward to do groundbreaking research in the field of blockchains and other Distributed Ledger Technologies (DLTs) for the IoT.