Académique Documents
Professionnel Documents
Culture Documents
*fanz@cs.cornell.edu
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
What’s a (decentralized) smart
contract?
• Executable object on blockchain
• Programed in Turing-complete
languages Contract
Abstraction: Smart contract
• Code can define arbitrarily rich
is virtual
trusted third party with *public* state.
functionalities
• Decentralized ➜ autonomous:
Execution enforced by network
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Running example:
Self-enforcing flight delay insurance
$100
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Virtual Trusted Third Party
$100
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Smart contracts are data-
hungry, but…
Gimme a policy for
Flight #1234 on
Flight 17 May for a
policy price $1.
Insurance
x $100
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Interesting smart contracts
need trustworthy data
Webpage
Stock quotes contents
Smart
Contract
Commodity Current
prices events
Weather
Sports
data
results
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Town Crier
Flight
Insurance
Town
Crier
Flight
Insurance
Town
Crier
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Intel SGX: Isolation
Integrity Confidentiality
SGX
Program X
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Intel SGX: Remote
attestation
SGX HW
Secret Flight
Key Insurance
SGX
attestation att =
𝚺intel[ X || User data]
Program X Program
Image
SGX
attestation att =
𝚺intel[ X || User data]
Program X Program
Image
Blockchain
Trusted Website
XYZ.com
Flight
Insurance
Town
Crier
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Tripartite trust model
• Smart contract • TC enclave • Trusted website
• Trustworthy execution Trustworthy
• • Source
Compound Program
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Blockchain
Trusted Website
XYZ.com
Flight
Insurance
Town
Crier
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Blockchain
Trusted Website
XYZ.com
Flight
Insurance
Town
Crier
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Blockchain
Trusted Website
XYZ.com
Flight
Insurance
Town
Crier
SGX
Flight
Insurance
Town
Crier
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Blockchain
Flight A'
TC Contract A'
Insurance
Town
Q' Crier
Q
Flight A'
TC Contract A' ,Q'
Insurance Q'
Town
Q' Crier
Q
Flight
Insurance
Town
Crier
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Blockchain Trusted Website
XYZ.com
Flight
Insurance
Town TLS ?
Crier TCP
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Another problem:
Gas depletion
• Recall: Ethereum uses currency called "gas"
• Prevents DoS
• Charges fairly for computation costs
Blockchain
Smart Smart
TC msg, Contract msg' Contract'
Account $gas $gas'
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Another problem:
Gas depletion
• TC service needs to initiate call to return data A
• TC must pay gas cost for this return call… yet avoid
malicious gas-depletion calls from other contracts
Blockchai
n
Flight TC
Insurance Contract
Town
Crier
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Gas sustainability
• Informally: service never runs out of gas
• Formal definition in paper
• TC requires up-front deposit of gas (ether) from relying contract
• Formal proof of gas sustainability for TC in paper
Blockchain
Flight TC
Insurance Contract
Town
Crier
SG
X
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Challenge of Confidentiality
Blockchain
Smart
contract
$100
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Idea: Leverage enclave
Flight delayed /
confidentiality not delayed
Blockchain
Flight TC
Insurance Contract
Town
$$$ Crier
SGX
• Private datagram!
• Additional steps needed
• E.g., delay response / payment to noise timing side-channel
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Applications: TC for sale of
online goods
• Steam Community Marketplace (SCM): buy and sell
items with community members
• Alice wants to sell a game for Ether, but SCM doesn’t
support.
Community
Marketplace
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Smart contract for fair exchange
Blockchain
Town
Steam Crier
Trader
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Smart contract for fair exchange
Blockchain
Town
Steam Crier
Trader
SGX
as a gift ($0)
through
Community market
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Smart contract for fair exchange
Has Alice
delivered the
game?
Blockchain
Delivered!
Town
Steam Crier
Trader
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Challenges
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Again, we can leverage SGX
HTML
Blockchain
Steam Town
D
Trader Crier
=Extract(HTML)
SGX
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Again, we can leverage enclave
confidentiality
✓ A game has
been delivered Alice’s
toTC
Bob.enables
Abstraction: confidential Account
smart contracts
Smart contract for
simulates
Blockchain
nearly any digitally represented asset
✓
trusted third party with public Astate.
game has
Steam Town been delivered to
($, cryptocurrency,
Trader online accounts,
Bob.
etc.)
Crier
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
What if node or source is
compromised?
✘ Town
Crier ✔︎
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
We can have
redundant sources
✔︎
✔︎ Town
Crier
✔︎
Majority vote!
Majority vote!
Town
Crier
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts
Town Crier
TC provides authenticated data
feeds for smart contracts:
• Has strong security & weak trust
assumption
• Preserves confidentiality
• Supports customized data feed
Free version in Ethereum will be launched on Jan 1,
2017!
October 25, 2016 CCS’16, Vienna Town Crier: An Authenticated Data Feed for Smart Contracts