IET Blockchain最新文献

Over the past few years, blockchain platforms supporting WebAssembly (Wasm) smart contracts are gaining popularity. However, Wasm smart contracts are often compiled from memory-unsafe languages (e.g. C and C++). And there is a lack of effective defense against integer overflow and stack overflow at the compiler and virtual machine (VM) layers, making Wasm smart contracts even more exploitable than native C and C++ programs. In this paper, the authors propose wasm overflow detector (WASMOD) to address the integer overflow and stack overflow vulnerabilities. The authors’ approach combines bytecode instrumentation, run-time validation, and grey-box fuzzing to detect these vulnerabilities. The authors applied their approach to the popular EOSIO blockchain and evaluated it on 4616 deployed Wasm smart contracts. The authors’ approach detected 13 real-world vulnerable smart contracts.

The Byzantine Fault Tolerant (BFT) consensus algorithms have been widely applied in the blockchain systems because of their fault tolerance capability to determine system consistency in the presence of malicious nodes. However, the BFT consensus algorithms are confronted with low efficiency and scalability problems caused by multiple rounds of handshake communication. In this paper, a pipeline-based Fast Pipeline Byzantine Fault Tolerance consensus algorithm (FP-BFT) is proposed, which adopts a non-leader pipeline framework to process different rounds of transactions in parallel. By means of randomly selecting 2f+1 nodes to form a committee for one round of transactions, consensus agreement can be reached within the committee via nodes broadcasting and voting. Committee nodes participating in the consensus are chosen by chance to avoid the monopoly of which becomes the block producer. Consensus efficiency and the system throughput can be significantly improved with the pipeline framework. Comparison experiments are conducted to verify the superiority of the FP-BFT algorithm, and the theoretical proof is given to guarantee the Byzantine fault-tolerant security. Experimental results show that FP-BFT has improved the consensus efficiency by decreasing communication overhead to make it better applied both in public blockchain and consortium blockchain systems.

Cyber security in the banking sector is of high importance nowadays. The rate of cyberattacks is spiking every year, and the implementation of strong cybersecurity models is required to ensure the confidentiality and integrity of data. Since protecting a bank requires a wide range of security practices, this paper focuses on protecting the bank resources from malicious actors and securing the transactions using a blockchain consensus mechanism that uses a zero-trust security approach among the participants in the transaction. In addition to the framework, an algorithm for blockchain-based online transactions was designed to make use of practical implementation in the future. The ideas formulated during the research and literature review were integrated to design the framework and the algorithm. The proposed framework ensures that the security of the banking sector can be enhanced by adopting the zero-trust concept and blockchain technology. The consensus algorithms used for the transaction make it immutable and decentralized. Zero-trust principles adopted in the model ensure the confidentiality and integrity of the banking system.

Go is a relatively new programming language and has become one of the most important programming languages used widely in blockchain. A formal semantics plays an important role in program synthesis, analysis and verification. The existed formal semantics of Go are not executable and do not cover the core features, hence, this paper presents an executable formal semantics for Go, called K-Go, using rewriting logic in $�K$ framework to make sure the semantics is both executable and applicable. K-Go includes syntax, configuration and rules and covers the declaration and definition of basic types, basic expression, concurrency, main statement data reading and writing based on channel. K-Go is validated by test set with 100% semantic coverage based on the official test suite. The evaluation experiment shows that K-Go is correct. Using formal semantics of Go language, building Go program synthesis, analysis and verification tools is easy for analyzing more characteristics of Go programs.

The indiscriminate distribution of a large number of unlicensed images through the Internet seriously harms the benefits of image owners, which prompts the study of image copyright protection solutions. Existing blockchain-free solutions are limited to using centralized servers to store copyright information, leaving data vulnerable to being lost or tampered with by external attacks. Although the blockchain-based image copyright protection solutions are capable of addressing the above problem, improvements are needed in choosing a suitable blockchain platform and supporting integrated copyright life cycle management. To this end, this paper designs a blockchain-based reliable image copyright protection system named BB-RICP using Hyperledger Fabric. For one thing, the adoption of Fabric mitigates the limitations of other blockchain platforms represented by Ethereum in terms of efficiency, economy, and availability. For another, BB-RICP successes in achieving integrated copyright lifecycle management. In addition, BB-RICP achieves enhanced applicability performance by firstly introducing GM algorithms recommended by Chinese national standard and adapting the more consortium blockchain-oriented practical byzantine fault tolerance algorithm. Moreover, the adoption of spread spectrum watermarking brings convenience to users. Finally, Kubernetes is used to assist in the simulation of BB-RICP to verify that users can operate reliably in the blockchain network.

The threshold proxy re-encryption (tPRE) algorithm not only ensures the separation of data ownership and use right, but also prevents a single data proxy from doing evil. In order to avoid collusion of multiple data proxies, this paper constructs a decentralized crypto network (DCN) based on blockchain technology and tPRE. DCN is more than a key management system, while expanding the data storage capacity of blockchain network. Combined with existing distributed storage schemes, it can store massive data. Due to Byzantine failure in distributed networks, the data proxy nodes can join or leave at will. In order to ensure that the number of data proxy nodes in the DCN network meets the requirements of the re-encryption threshold, and the data authorization operation can be carried out smoothly, this paper presents a dynamic refresh method of tPRE fragments. When there are fragments that meet the threshold number in the network, the allocation of encrypted fragments can be adjusted non-interactivity and self-adaptively. Non-interactivity means that each data proxy node independently refreshes its old fragments into new fragments without collecting old fragments from other nodes in the DCN, and then distributes the new fragments to other data proxy nodes in the DCN. Self-adaptability refers to monitoring the changes of data proxy node sets in the DCN, and automatically refreshing fragments. Finally, the performance of critical algorithms is calculated in the proposal.

In this article, the authors proposed a novel blockchain-oriented location privacy-preserving (BoLPP) for the Cooperative Spectrum Sensing (CSS) in 6G networks. In order to attain the sustainability of privacy and security for 6G wireless networks, it is a great challenge in this sensing as it faces various malicious attacks while the secondary user (SU) is active. To tackle these issues, the authors proposed a novel framework for blockchain-oriented Cognitive Radio Networks (CRNs) for CSS using an energy detection technique. Moreover, the authors implemented another novel paradigm BoLPP, to attain the privacy of SUs location for CSS in 6G networks. This approach preserves the SUs’ location and makes the BoLPP framework immune to all malicious attackers. The simulation results have been undergone based on the performance metrics such as response time, consistency, probability of false alarm, frame loss (%), average network throughput, energy efficiency, and security. The outcomes reveal that the proposed scheme achieves high security, privacy, energy efficiency, average network throughput, and low probability of false alarm and frame loss (%) when compared with the existing frameworks such as Friend or Foe (FoF) and Tidal Trust Algorithm (TTA) mechanisms. It is observed that the proposed BoLPP mechanism provides better security and privacy in 6G wireless networks.

A consensus protocol is a crucial mechanism of distributed networks by which nodes can coordinate their actions and the current state of data. This article describes a BlockDAG consensus algorithm based on the Proof of Stake approach. The protocol provides network participants with cross-voting for the order of blocks, which, in the case of a fair vote, guarantees a quick consensus. Under conditions of dishonest behavior, cross-voting ensures that violations will be quickly detected. In addition, the protocol assumes the existence of a Coordinating network containing information about the approved ordering, which qualitatively increases security and also serves to improve network synchronization.

With the rapid increment of the demand for data sharing among parties, data is considered a cornerstone component to provide value in the big data environment. Concerns regarding sharing data security have impeded the development of cross-domain data interaction. Therefore, an access control model for data security sharing cross-domain is proposed, Fabric-ABAC, that is based on Hyperledger Fabric and Attribute-based Access Control (ABAC). In order to solve the data security challenges caused by a trusted central organization implementation, a distributed environment is constructed that consists of stakeholders among parties. The unified attribute model is designed for multi-environment combined with smart contracts. Fabric-ABAC realizes multi-level, fine-grained, and auditable access control, enabling data security through automatic permission verification. Considering the ledger is visible to all participants in consortium blockchain, it is necessary to protect the confidentiality of sensitive data. Thus, Proxy Re-Encryption (PRE), which is implemented by smart contracts, is adopted in the scheme to realize the ciphertext interaction without the third party. The security of PRE and the access control model used in Fabric-ABAC is discussed to show that a secure environment for data sharing is provided. Moreover, the completeness of the implementation and effectiveness of the system performance in the multi-domain environment is demonstrated in the experimental results.

Traditional voting procedures are non-remote, time-consuming, and less secure. While the voter believes their vote was submitted successfully, the authority does not provide evidence that the vote was counted and tallied. In most cases, the anonymity of a voter is also not sure, as the voter's details are included in the ballot papers. Many voters consider this voting system untrustworthy and manipulative, discouraging them from voting, and consequently, an election loses a significant number of participants. Although the inclusion of electronic voting systems (EVS) has increased efficiency; however, it has raised concerns over security, legitimacy, and transparency. To mitigate these problems, blockchain technology has been leveraged and smart contract facilities with a combination of artificial intelligence (AI) to propose a remote voting system that makes the overall voting procedure transparent, semi-decentralized, and secure. In addition, a system that aids in boosting the number of turnouts in an election through an incentivization policy for the voters have also developed. Through the proposed virtual campaigning feature, the authority can generate a decent amount of revenue, which downsizes the overall cost of an election. To reduce the associated cost of transactions using smart contracts, this system implements a hybrid storage system where only a few cardinal data are stored in the blockchain network.