Saving gas with a packaging framework for Ethereum transactions

Cryptocurrencies record transactions in a decentralized data structure called a blockchain. Two of the most popular cryptocurrencies, Bitcoin and Ethereum, support the feature to encode rules or scripts for processing transactions. This feature has evolved to give practical shape to the ideas of smart contracts, or full-fledged programs that are run on blockchains. Recently, Ethereum's smart contract system has seen steady adoption, supporting tens of thousands of contracts, holding millions dollars worth of virtual coins. In this paper, we investigate the security of running smart contracts based on Ethereum in an open distributed network like those of cryptocurrencies. We introduce several new security problems in which an adversary can manipulate smart contract execution to gain profit. These bugs suggest subtle gaps in the understanding of the distributed semantics of the underlying platform. As a refinement, we propose ways to enhance the operational semantics of Ethereum to make contracts less vulnerable. For developers writing contracts for the existing Ethereum system, we build a symbolic execution tool called Oyente to find potential security bugs. Among 19, 366 existing Ethereum contracts, Oyente flags 8, 833 of them as vulnerable, including the TheDAO bug which led to a 60 million US dollar loss in June 2016. We also discuss the severity of other attacks for several case studies which have source code available and confirm the attacks (which target only our accounts) in the main Ethereum network.

2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC)

Modern centralized online marketplaces such as eBay offer an alternative option for consumers to both sell and purchase goods with relative ease. However, drawbacks to these marketplaces include the platform's ability to block merchants at their own whim, the fees paid to the platform when listing a product and when selling a product, and the lack of privacy of users' data. In this paper, we propose an application that remedies all three of these drawbacks through use of the Ethereum blockchain platform. The application was developed using the Truffle development framework. The application's functions were contained within an Ethereum smart contract, which was then migrated to the Ethereum network. The user's input was read through a web interface and sent to the Ethereum network via the web3.js API. Statistics about the application were gathered on the Rinkeby test network. The application was shown to have an average transaction runtime of 3.8 seconds, and an average gas consumption of 4.6 wei. Contract creation times for the application were shown to be less than a second. A cost analysis of the application was then conducted. The gas consumption of the transactions needed to both buy and sell a product was converted into US dollars, and the gas cost of the application was then compared to the cost to use an online auction marketplace such as eBay as well as an in-person auction house such as Sotheby's. The results showed that selling on the application is cheaper than existing online options as well as existing in-person options. These tests showed that our application was successful in addressing the drawbacks of current auction marketplaces.

IEEE Access

In this work we perform a comprehensive empirical study of Smart Contracts deployed on the Ethereum blockchain. The objective of the analysis is to provide empirical results on Smart Contracts features, on smart contract transactions within the blockchain, on the role of the development community, and on the source code characteristics. We collected a set of more than ten thousand Smart Contracts source codes, and a dataset of meta-data regarding their interaction with the blockchain from Etherscan.io. We examined the collected data computing different statistics on naming policies, Smart Contract ether balance, number of Smart Contract transactions, functions and other quantities characterizing use and purpose of Smart Contracts. We found that the number of transactions and the balances follow power-law distributions and that software code metrics display, on average, values lower than corresponding metrics in standard software but have high variances. Focusing the attention on the twenty Smart Contracts with the topmost number of transactions, we found that most of them represent financial Smart Contracts and that some of them have peculiar software development stories behind them. Results show that Blockchain software is rapidly changing and evolving and that it is no longer devoted only to cryptovalues applications but to general purpose computation.

International Journal of Computer Networks and Applications (IJCNA) , 2025

While offering transparency and decentralization, Open blockchain networks inadvertently expose user identities and sensitive transaction details. Existing privacy solutions often focus on simple token transfers (e.g., mixers) but fail to protect more complex operations such as smart contract executions. This paper tackles these challenges by introducing a novel application-layer framework anonymizing token transactions and smart contract calls. Building on the principles of Tornado Cash, the approach pools user transactions off-chain, obscuring the link between senders, recipients, and contract interactions. Zero-knowledge proofs were integrated to ensure verifiability without revealing underlying data, all without altering network or consensus mechanisms. Further, a sustainable incentive model is proposed that compensates relayers and executors for gas fees and computational effort, maintaining economic viability. The results indicate that the framework is scalable and platformagnostic and significantly improves privacy for decentralized applications, mitigating identity exposure and transaction traceability in modern blockchain ecosystems.

2017 IEEE International Conference on Big Data (Big Data), 2017

This chapter contributes to evolving the versatility and complexity of blockchain-enabled services through extending the functionality of blockchain-enforced smart contracts. The contributions include: (i) a method for automated management of contracts with hierarchical conditionality structures through an hierarchy of intelligent agents and the use of hierarchical cryptographic key-pairs; (ii) a method for efficient and secure matching and transfer of smartcontract underlyings (entities) among disparate smart contracts/subcontracts; (iii) a method for producing an hierarchy of common secrets to facilitate hierarchical communication channels of increased security in the context of smart contracts/subcontracts/underlyings; and (iv) a method for building secure and optimized repositories through distributed hash tables in the context of contracts/ subcontracts/underlyings. These methods help providing services that allow both narrower and worldwide reach and distribution of resources. The longevity of the blockchain technology is achieved through continuous innovation. Blockchain-enabled services are potentially an efficient, secure, automated, and cost-effective alternative or complement to current service infrastructures in a range of domains (legal, medical, financial, government, IoT). Keywords-hierarchical smart-contract conditionality, hierarchical cryptographic/encription keys, transferring smartcontract underlyings, sustainable blockchain-enabled services. I. INTRODUCTION The acceleration of blockchain functionality aims at enabling complex services in a secure, efficient, and creatively automated manner. For a range of domains, blockchainenabled services can provide viable alternatives or complements to existing service infrastructures, particularly to those currently underperforming or of unreliable security. The emerging research area of smart contracts plays a critical role in building the alternative and complementary infrastructures. The methods proposed in this paper are associated with smart contracts, and include innovative elements that have not been considered in the literature. We can relate the proposed methods to existing open questions, as reviewed next: ▫ Challenges in validating and verifying smart contracts (SM) are recognized in [1], considering that SM may encode legal contracts written in natural language. The current paper addresses these challenges in Section II, and proposes a contract codification model along with a method for automated SM management, validation, and verification, enforced through the blockchain.

2020

The Smart Distributed Ledger (aka blockchain) has attracted much attention in recent years. According to the European Parliament, this technology has the potential to change the lives of many people. The blockchain is a data structure built upon a hashed function in a distributed network, enabled by an incentive mechanism to discourage malicious nodes from participation. The consensus is at the core of the blockchain technology, and is driven by information embedded into a data structure that takes many forms such as linear, tree, and graph chains. The found related information will be subject to various validation incentives among the miners, such as proof of stake and proof of work. However, all the existing solutions suffer from a heavy state transition before dealing with the problem of a validation mechanism which suffers from resource consumption, monopoly or attacks. This work raises the following question: "Why is there a need for consensus where all participants can ma...

2021 IEEE International Conference on Smart Data Services (SMDS), 2021

Smart contracts provide computation facilities to blockchains, enabling many application scenarios where automatic analysis and complex transactions can be performed. However, in situations where the flow of information is variable and there are time, quality, and/or cost constraints imposed, smart contracts do not usually offer enough performance. In this article, we describe an elasticity framework that enables dynamic adaptation of smart contracts with respect to used resources, analytics quality, and incurred costs in a transparent manner for both smart contract developers and users. We validate our framework in an Internet of Things and Smart City scenario where several analytics are computed using Elastic Smart Contracts that dynamically adapt the appropriate elasticity variables.

arXiv (Cornell University), 2023

With the rapid development of cloud computing, vast amounts of duplicated data are being uploaded to the cloud, wasting storage resources. Deduplication (dedup) is an efficient solution to save storage costs of cloud storage providers (CSPs) by storing only one copy of the uploaded data. However, cloud users do not benefit directly from dedup and may be reluctant to dedup their data. To motivate the cloud users towards dedup, CSPs offer incentives on storage fees. The problems with the existing dedup schemes are that they do not consider: (1) correctness-the incentive offered to a cloud user should be computed correctly without any prejudice. (2) fairness-the cloud user receives the file link and access rights of the uploaded data if and only if the CSP receives the storage fee. Meeting these requirements without a trusted party is non-trivial, and most of the existing dedup schemes do not apply. Another drawback is that most of the existing schemes emphasize incentives to cloud users but failed to provide a reliable incentive mechanism. As public Blockchain networks emulate the properties of trusted parties, in this paper, we propose a new Blockchain-based dedup scheme to meet the above requirements. In our scheme, a smart contract computes the incentives on storage fee, and the fairness rules are encoded into the smart contract for facilitating fair payments between the CSPs and cloud users. We prove the correctness and fairness of the proposed scheme. We also design a new incentive mechanism and show that the scheme is individually rational and incentive compatible. Furthermore, we conduct experiments by implementing the designed smart contract on Ethereum local Blockchain network and list the transactional and financial costs of interacting with the designed smart contract.

[Preprint] EASE2020, 2020

Corruption is a major global financial problem with billions of dollars rendered lost or unaccountable annually. Corruption through contract fraud is often conducted by withholding and/or altering financial information. When such scandals are investigated by authorities, financial and legal documents are usually altered to conceal the paper trail. Smart contracts have emerged in recent years and appear promising for applications such as legal contracts where transparency is critical and of public interest. Transparency and auditability are inherent because smart contracts execute operations on the blockchain, a distributed public ledger. In this paper, we propose the Minimum Hybrid Contract (MHC), with the aim of introducing 1) auditability, 2) transparency, and 3) immutabil-ity to the contract's financial transactions. The MHC comprises an online smart contract and an o✏ine traditional legal contract. where the two are immutably linked. Secure peer-to-peer financial transactions, transparency, and cost accounting are automated by the smart contract, and legal issues or disputes are carried out by civil courts. The reliance on established legal processes facilitates an appropriate adoption of smart contracts in traditional contracts .

Future Generation Computer Systems

h i g h l i g h t s • An elastic and cost-effective data carrier architecture for smart contracts is proposed. • Three components are designed to monitor contract event without subscribing any filter at Ethereum node. • The proposed system does not require a predefined standard on data format in blockchain-enabled IoT environment. • The proposed system could efficiently decrease the deployment cost of every smart contract.

Journal of Logical and Algebraic Methods in Programming, 2022

The concept of smart contract represents one of the most attractive uses of blockchain technology and has the advantage of being transparent, immutable, and corruption-free. However, blockchain is a highly resource demanding technology. The ambition of this paper is to propose a new approach for defining lightweight smart contracts, offering a high level of trust even without blockchain, when the underlying operating system can be trusted. Blockchain can be used for a higher degree of trust, for instance when the runtime system cannot be trusted. The approach gives transparency and immutability, and gives protection against corrupted or incorrect smart contract implementations. This is achieved by letting smart contract requirement specifications be separated from the smart contract implementations, provided by special objects, so-called history objects, recording all transactions of the associated contract. The history objects are generated by the runtime system as specially protected objects. Contract partners may interact with the history objects through predefined interfaces. We present a framework which includes an executable, imperative language for writing smart contracts, a functional language for contract specifications by means of invariants over the transaction history of a contract, as well as a verification system. The framework allows compositional and classwise verification. A history object can provide runtime checking of specified behavioral properties of the contract, and can provide safety, security, and privacy control, as well as trusted transfer of assets. We demonstrate the approach on an auction system.

Future Generation Computer Systems, 2019

Smart contract technology is reshaping conventional industry and business processes. Being embedded in blockchains, smart contracts enable the contractual terms of an agreement to be enforced automatically without the intervention of a trusted third party. As a result, smart contracts can cut down administration and save services costs, improve the efficiency of business processes and reduce the risks. Although smart contracts are promising to drive the new wave of innovation in business processes, there are a number of challenges to be tackled. This paper presents a survey on smart contracts. We first introduce blockchains and smart contracts. We then present the challenges in smart contracts as well as recent technical advances. We also compare typical smart contract platforms and give a categorization of smart contract applications along with some representative examples.

2021 IEEE International Conference on Big Data (Big Data)

This paper presents a parallel mining architecture model intended to be used in blockchain systems to improve transaction speed and network scalability while maintaining decentralization. Typical blockchain validation times are significantly slower than traditional digital transaction systems. The model proposed is intended to allow devices with limited computational power to make meaningful contributions to the blockchain system by introducing parallel proof of work, managed by automated manager nodes. This will allow blockchain systems to be integrated into cloud environments and the internet of things. The proposed model is also intended to address and reduce power consumption problems current blockchain systems face, by allowing the network to validate transactions without the need of high-powered specialty mining machines. Automation and virtualization of network nodes is intended to utilize hardware already online to preform parallel proof of work together in contrast to nodes all competing against each other and ultimately wasting electrical power.

Financial Cryptography and Data Security, 2020

Blockchain-based smart contract platforms like Ethereum have become quite popular as a way to remove trust and add transparency to distributed applications. While different types of important applications can be easily built on such platforms, there does not seem to be an easy way to add a meaningful level of privacy to them. In this paper, we propose Zether, a fully-decentralized, confidential payment mechanism that is compatible with Ethereum and other smart contract platforms. We take an account-based approach similar to Ethereum for efficiency and usability. We design a new smart contract that keeps the account balances encrypted and exposes methods to deposit, transfer and withdraw funds to/from accounts through cryptographic proofs. We describe techniques to protect Zether against replay attacks and front-running situations. We also develop a mechanism to enable interoperability with arbitrary smart contracts. This helps to make several popular applications like auctions, payment channels, voting, etc. confidential. As a part of our protocol, we propose Σ-Bullets, an improvement of the existing zero-knowledge proof system, Bulletproofs. Σ-Bullets make Bulletproofs more inter-operable with Sigma protocols, which is of general interest. We implement Zether as an Ethereum smart contract and show the practicality of our design by measuring the amount of gas used by the Zether contract. A Zether confidential transaction costs about 0.014 ETH or approximately $1.51 (as of early Feb, 2019). We discuss how small changes to Ethereum, which are already being discussed independently of Zether, would drastically reduce this cost. on the users. Some powerful general-purpose cryptographic solutions have also been proposed to run arbitrary smart contracts in a privacy-preserving way [53, 25], but they are not fully decentralized and/or too expensive for simple contracts. Indeed, the quest for confidentiality is not limited to auctions. Payment channels are widely seen as a central technology to increase the throughput of crypto-currencies. On a powerful platform like Ethereum, payment channels can be easily set up too [44, 6]-but, could we make such channels confidential just as easily? Confidential transfers. If there was a way to send ether confidentially on Ethereum, perhaps we could leverage it to add confidentiality to important applications like auctions and payment channels. Unfortunately, almost all known ways to transfer confidentially [59, 67, 64, 30, 3] are in the unspenttransaction-output (UTXO) model (popularized by Bitcoin), where the inputs to a new transaction are the unspent outputs of previous transactions. UTXOs are not well-suited for applications that need to maintain some state [19], so smart-contract platforms like Ethereum operate in the account-based model. Another drawback of UTXO-based mechanisms is that though they have been proposed to fix privacy issues with Bitcoin, they actually require major changes to Bitcoin's design and have spun off into separate crypto-currencies. An important benefit of powerful platforms like Ethereum is that the platform's core capability itself can be enhanced by deploying new applications. Payment channels, for instance, can be deployed to improve throughput. So perhaps we can deploy a new payment application to improve confidentiality of not just payments but potentially other applications too. It is still conceivable that one of the UTXO-based mechanisms could be implemented over a contract. However, this approach suffers from multiple issues including storage cost, lower confidentiality, interoperability with other contracts, and adoption. We discuss the issues in depth in Appendix A. common part of the EVM state is changed by two or more transactions [56]. The low computational power, along with the asynchronous transactional nature of the Ethereum network make programming complicated smart contracts a delicate endeavor. 3 Overview of Zether In this section, we provide an overview of the Zether payment mechanism, its use in other applications, and the new ZK-proof system. Commitment vs encryption. Several proposals for making transactions confidential use homomorphic commitments, such as Pedersen commitments [69]. Though they are simple and efficient, the opening of these commitments must be transferred to the receiver, say Bob, so that he can spend the money later. This randomness could be stored on-chain in some encrypted manner or sent directly to Bob through a separate channel. In the UTXO model, if Bob is unable to recover the randomness (an incorrect value was encrypted/sent, nothing sent at all, etc.), then it cannot spend the UTXO later. However, other UTXOs controlled by Bob are not affected at all and could still be spent. On the other hand, with an account-based model, since all the incoming transfers go into the same account, failure to recover the randomness for even a single transfer could render the whole account unusable. One could require senders to encrypt the randomness under receivers' public key, and prove that the commitment indeed uses the randomness encrypted. We take a more direct and simpler approach here using ElGamal encryption with messages in the exponent [27]. The encryption scheme has linear encoding properties, i.e., it is homomorphic, which we utilize to create efficient ZK-proofs of correct encryption. We describe the encryption scheme in Section 4. 3.1 Building Zether Zether strives not just to make transfers confidential but also to prevent accidental loss of funds. We first discuss a simplistic version of Zether with the core functionality. We then describe some shortcomings and how to overcome them. A simplistic Zether. The Zether smart contract (ZSC) works with Zether tokens (ZTH). Zether accounts are identified with ElGamal public keys, which are stored in ZSC's internal state. To fund an account with public key y with b ZTH, one can send b ETH to the smart contract. ZSC generates an ElGamal encryption of b with randomness 0 (since b is anyway part of the transaction) and adds it to the encrypted balance associated with y. 1 One can convert ZTH back to ETH by revealing the current balance b and providing a ZK-proof that y's ciphertext (i.e., the ciphertext associated with y on the smart contract) indeed encrypts b. In order to transfer some b amount of ZTH to a public key y without revealing b itself, one can encrypt b under both y and y. A ZK-proof is provided to show that the two ciphertexts are well-formed, they encrypt the same positive value, and the remaining balance associated with y is positive. In our implementation, we use a new ZK-proof system, called Σ-Bullets to efficiently prove the statements over the encrypted transfer balance and the new sender balance. Front-running. The very first problem with the simplistic version of Zether is that the ZK-proofs are generated w.r.t. a certain state of the contract. For example, the ZK-proof in a transfer transaction needs to show that the remaining balance is positive. A user Alice generates this proof w.r.t. to her current account balance, stored in an encrypted form on the contract. However, if another user Bob transfers some ZTH to Alice, and Bob's transaction gets processed first, then Alice's transaction will be rejected because the proof will not be valid anymore. Note that Bob may be a totally benign user yet Alice loses the fees she paid to process her transaction. We refer to this situation as the front-running problem. Burn transactions have a similar problem too: a proof that a ciphertext encrypts a certain value becomes invalid if the ciphertext changes.

IEEE/CAA Journal of Automatica Sinica, 2021

In this paper, we deal with questions related to blockchains in complex Internet of Things (IoT)-based ecosystems. Such ecosystems are typically composed of IoT devices, edge devices, cloud computing software services, as well as people, who are decision makers in scenarios such as smart cities. Many decisions related to analytics can be based on data coming from IoT sensors, software services, and people. However, they are typically based on different levels of abstraction and granularity. This poses a number of challenges when multiple blockchains are used together with smart contracts. This work proposes to apply our concept of elasticity to smart contracts and thereby enabling analytics in and between multiple blockchains in the context of IoT. We propose a reference architecture for Elastic Smart Contracts and evaluate the approach in a smart city scenario, discussing the benefits in terms of performance and self-adaptability of our solution.