Blockchain-Research and Applications最新文献

Sustainable business decision modelling with blockchain and digital twins: a survey 区块链和数字孪生的可持续商业决策建模：一项调查

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-06-04 DOI: 10.1016/j.bcra.2025.100312

Gyan Wickremasinghe, Siofra Frost, Karen Rafferty, Vishal Sharma

Industry 4.0 and beyond will rely heavily on sustainable business decision modelling (BDM) that can be accelerated by blockchain and digital twin (DT) solutions. BDM is built on models and frameworks refined by key identification factors, data analysis, and mathematical or computational aspects applicable to complex business scenarios. Gaining actionable intelligence from collected data for BDM requires a carefully considered infrastructure to ensure data transparency, security, accessibility, and sustainability. Such an infrastructure must also be aligned with the social, economic, and environmental factors. A notable direct impact on BDM concerning resource optimisation, stakeholder engagement, regulatory compliance, and environmental impacts has been identified in this space. Taxonomies are defined in this paper to further understand these segments and evaluate blockchain and DT sustainability features based on an in-depth review of the current state of the art. Based on a rigorous selection procedure, 250 papers were used to evaluate the context of this study using a range of text available from scientific databases, including ACM Digital Library, IEEE Xplore, Web of Science, ScienceDirect, and Scopus. Detailed comparative evaluations provide insight into the reachability of the sustainable solution in terms of ideologies, accessibility, and performance overheads. In the context of blockchain, it is understandable that further research is required to attain practically sustainable solutions. Several questions are put forward to motivate further research that significantly impacts BDM. Finally, a case study based on an exemplary supply chain management system (SCMS) is presented to show blockchain and DT's interoperability with BDM.

工业4.0及以后将严重依赖可持续商业决策模型（BDM），而区块链和数字孪生（DT）解决方案可以加速BDM的实现。BDM建立在模型和框架之上，这些模型和框架经过关键识别因素、数据分析以及适用于复杂业务场景的数学或计算方面的改进。从BDM收集的数据中获取可操作的情报需要一个经过仔细考虑的基础设施，以确保数据的透明性、安全性、可访问性和可持续性。这样的基础设施还必须与社会、经济和环境因素保持一致。在这一领域，已经确定了对BDM在资源优化、利益相关者参与、法规遵从和环境影响方面的显著直接影响。本文定义了分类，以进一步了解这些部分，并基于对当前技术状况的深入回顾来评估区块链和DT的可持续性特征。基于严格的选择程序，250篇论文被用于评估本研究的背景，使用了一系列可从科学数据库获得的文本，包括ACM数字图书馆，IEEE Xplore, Web of Science， ScienceDirect和Scopus。详细的比较评估提供了对可持续解决方案在意识形态、可访问性和性能开销方面的可达性的洞察。在b区块链的背景下，可以理解的是，需要进一步研究以获得切实可持续的解决方案。提出了几个问题，以激励进一步的研究显著影响BDM。最后，以一个典型的供应链管理系统（SCMS）为例，展示了区块链和DT与BDM的互操作性。

{"title":"Sustainable business decision modelling with blockchain and digital twins: a survey","authors":"Gyan Wickremasinghe, Siofra Frost, Karen Rafferty, Vishal Sharma","doi":"10.1016/j.bcra.2025.100312","DOIUrl":"10.1016/j.bcra.2025.100312","url":null,"abstract":"<div><div>Industry 4.0 and beyond will rely heavily on sustainable business decision modelling (BDM) that can be accelerated by blockchain and digital twin (DT) solutions. BDM is built on models and frameworks refined by key identification factors, data analysis, and mathematical or computational aspects applicable to complex business scenarios. Gaining actionable intelligence from collected data for BDM requires a carefully considered infrastructure to ensure data transparency, security, accessibility, and sustainability. Such an infrastructure must also be aligned with the social, economic, and environmental factors. A notable direct impact on BDM concerning resource optimisation, stakeholder engagement, regulatory compliance, and environmental impacts has been identified in this space. Taxonomies are defined in this paper to further understand these segments and evaluate blockchain and DT sustainability features based on an in-depth review of the current state of the art. Based on a rigorous selection procedure, 250 papers were used to evaluate the context of this study using a range of text available from scientific databases, including ACM Digital Library, IEEE Xplore, Web of Science, ScienceDirect, and Scopus. Detailed comparative evaluations provide insight into the reachability of the sustainable solution in terms of ideologies, accessibility, and performance overheads. In the context of blockchain, it is understandable that further research is required to attain practically sustainable solutions. Several questions are put forward to motivate further research that significantly impacts BDM. Finally, a case study based on an exemplary supply chain management system (SCMS) is presented to show blockchain and DT's interoperability with BDM.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"7 1","pages":"Article 100312"},"PeriodicalIF":5.6,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"147398037","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Unlocking the potential of data: Toward a secure and privacy-preserving blockchain-based health data governance framework 释放数据的潜力：建立一个安全和隐私保护的基于区块链的健康数据治理框架

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-06-18 DOI: 10.1016/j.bcra.2025.100318

Rita Azzi , Rima Kilany Chamoun , Ahmed Serhrouchni , Maria Sokhn

Data have always been at the heart of organizations, fueling decision-making, service delivery, and influencing people's way of life. Organizations work to improve the visibility, reliability, security, and scalability of data. Yet, these attempts are not without challenges. One of the biggest challenges faced by organizations is data confidentiality, since a data breach can affect a person's dignity with severe consequences for the organization itself. Data governance is necessary to mitigate these risks, especially when dealing with sensitive information such as health data. This research paper presents a novel approach to data governance through the development of a blockchain-based framework that aims to unlock the potential of data while minimizing the risk of data breaches and unauthorized access. It involves three critical components: data classification, data segregation, and data access control to ensure proper management, protection, and utilization of data within an organization. While this paper discusses the implementation of our framework within the healthcare ecosystem, it also offers a clear roadmap to facilitate its adoption across any data-driven domain. Our approach demonstrates how data accessibility can be enhanced while safeguarding data privacy and upholding its availability, integrity, and confidentiality.

数据一直是组织的核心，推动决策、提供服务并影响人们的生活方式。组织致力于提高数据的可见性、可靠性、安全性和可伸缩性。然而，这些尝试并非没有挑战。组织面临的最大挑战之一是数据保密，因为数据泄露可能会影响个人的尊严，并对组织本身造成严重后果。数据治理对于减轻这些风险是必要的，特别是在处理健康数据等敏感信息时。本研究报告通过开发基于区块链的框架，提出了一种新的数据治理方法，旨在释放数据的潜力，同时最大限度地降低数据泄露和未经授权访问的风险。它包括三个关键组件：数据分类、数据隔离和数据访问控制，以确保对组织内的数据进行适当的管理、保护和利用。虽然本文讨论了我们的框架在医疗保健生态系统中的实现，但它还提供了一个清晰的路线图，以促进其在任何数据驱动领域的采用。我们的方法展示了如何在保护数据隐私和维护其可用性、完整性和机密性的同时增强数据可访问性。

{"title":"Unlocking the potential of data: Toward a secure and privacy-preserving blockchain-based health data governance framework","authors":"Rita Azzi , Rima Kilany Chamoun , Ahmed Serhrouchni , Maria Sokhn","doi":"10.1016/j.bcra.2025.100318","DOIUrl":"10.1016/j.bcra.2025.100318","url":null,"abstract":"<div><div>Data have always been at the heart of organizations, fueling decision-making, service delivery, and influencing people's way of life. Organizations work to improve the visibility, reliability, security, and scalability of data. Yet, these attempts are not without challenges. One of the biggest challenges faced by organizations is data confidentiality, since a data breach can affect a person's dignity with severe consequences for the organization itself. Data governance is necessary to mitigate these risks, especially when dealing with sensitive information such as health data. This research paper presents a novel approach to data governance through the development of a blockchain-based framework that aims to unlock the potential of data while minimizing the risk of data breaches and unauthorized access. It involves three critical components: data classification, data segregation, and data access control to ensure proper management, protection, and utilization of data within an organization. While this paper discusses the implementation of our framework within the healthcare ecosystem, it also offers a clear roadmap to facilitate its adoption across any data-driven domain. Our approach demonstrates how data accessibility can be enhanced while safeguarding data privacy and upholding its availability, integrity, and confidentiality.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"7 1","pages":"Article 100318"},"PeriodicalIF":5.6,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"147398033","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

FAME: Federated authority management for attribute-based encryption scheme in blockchain-assisted data marketing FAME：区块链辅助数据营销中基于属性的加密方案的联邦权限管理

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-06-18 DOI: 10.1016/j.bcra.2025.100317

Pujie Jing , Xia Feng , Liangmin Wang , Xiangmei Song

Data marketing serves as a centralized third party, aggregating data owners and trading their data with buyers to promote data circulation. However, the security and privacy of marketing rely on a trusted central authority, single points of failure and rights abuse can easily cause untrusted marketing and data leakage. In this paper, we propose a federated authority management for an attribute-based encryption (ABE) scheme in blockchain-assisted data marketing. First, we design an authority blockchain with a threshold issuance protocol to replace the trusted authority in ABE, which achieves trusted authorization for marketing and eliminates the single points of failure. Second, we design an on/off-chain phased right revocation method, which efficiently revokes a buyer's access rights by invoking smart contracts to update the on-chain rights status, and without requiring off-chain re-authorization. Thus, this method prevents insecure marketing due to the abuse of rights. Theoretical analysis shows that our scheme could protect marketing security and data privacy. Experimental results confirm that it reduces the access and revocation cost to a constant level and decreases the storage overhead of marketing by n times compared to existing schemes.

数据营销作为一个集中的第三方，将数据所有者聚集起来，与买家进行数据交易，促进数据流通。然而，营销的安全性和隐私性依赖于可信的中央权威，单点故障和权利滥用很容易导致不可信的营销和数据泄露。在本文中，我们为区块链辅助数据营销中的基于属性的加密（ABE）方案提出了一种联邦权限管理。首先，我们设计了一个带阈值发布协议的授权区块链来替代ABE中的可信授权，实现了营销可信授权，消除了单点故障。其次，我们设计了一种链上/链下分阶段的权利撤销方法，该方法通过调用智能合约来更新链上权利状态，有效地撤销买方的访问权利，而不需要链下重新授权。因此，这种方法可以防止由于滥用权利而导致的不安全营销。理论分析表明，该方案能够有效保护营销安全和数据隐私。实验结果表明，与现有方案相比，该方案将访问和撤销成本降低到一个恒定的水平，并将营销存储开销降低了n倍。

{"title":"FAME: Federated authority management for attribute-based encryption scheme in blockchain-assisted data marketing","authors":"Pujie Jing , Xia Feng , Liangmin Wang , Xiangmei Song","doi":"10.1016/j.bcra.2025.100317","DOIUrl":"10.1016/j.bcra.2025.100317","url":null,"abstract":"<div><div>Data marketing serves as a centralized third party, aggregating data owners and trading their data with buyers to promote data circulation. However, the security and privacy of marketing rely on a trusted central authority, single points of failure and rights abuse can easily cause untrusted marketing and data leakage. In this paper, we propose a federated authority management for an attribute-based encryption (ABE) scheme in blockchain-assisted data marketing. First, we design an authority blockchain with a threshold issuance protocol to replace the trusted authority in ABE, which achieves trusted authorization for marketing and eliminates the single points of failure. Second, we design an on/off-chain phased right revocation method, which efficiently revokes a buyer's access rights by invoking smart contracts to update the on-chain rights status, and without requiring off-chain re-authorization. Thus, this method prevents insecure marketing due to the abuse of rights. Theoretical analysis shows that our scheme could protect marketing security and data privacy. Experimental results confirm that it reduces the access and revocation cost to a constant level and decreases the storage overhead of marketing by <em>n</em> times compared to existing schemes.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"7 1","pages":"Article 100317"},"PeriodicalIF":5.6,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146174012","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Implementation study of cost-effective verification for Pietrzak's VDF in Ethereum smart contract 以太坊智能合约中Pietrzak VDF的成本效益验证实现研究

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-06-04 DOI: 10.1016/j.bcra.2025.100313

Suhyeon Lee , Euisin Gee , Junghee Lee

Verifiable delay function (VDF) is a cryptographic concept that ensures a minimum delay before output through sequential processing, which is resistant to parallel computing. One of the significant VDF protocols academically reviewed is the VDF protocol proposed by Pietrzak. However, for the blockchain environment, the Pietrzak VDF has drawbacks, including a large proof size and recursive protocol computation. In this paper, we present an implementation study of Pietrzak's VDF verification on the Ethereum virtual machine (EVM). We found that the discussion in Pietrzak's original paper can help with a clear optimization in EVM, where the costs of computation are predefined as specific amounts of gas. In our results, the cost of VDF verification can be reduced from 4 M to 2 M gas, and the proof size can be generated under 8 KB with a 2048-bit RSA key length, which is much smaller than the previous expectation.

可验证延迟函数（VDF）是一种密码学概念，它通过顺序处理确保输出前的最小延迟，从而抵抗并行计算。学术上评述的重要VDF协议之一是由Pietrzak提出的VDF协议。然而，对于区块链环境，Pietrzak VDF有缺点，包括大的证明大小和递归协议计算。在本文中，我们提出了Pietrzak的VDF验证在以太坊虚拟机（EVM）上的实现研究。我们发现，Pietrzak原始论文中的讨论有助于EVM的明确优化，其中计算成本被预定义为特定数量的气体。在我们的结果中，VDF验证的成本可以从4 M gas减少到2 M gas，并且证明大小可以在8 KB以下生成，RSA密钥长度为2048位，这比之前的预期要小得多。

引用次数: 0

Zero trust-driven access control delegation using blockchain 零信任驱动访问控制委托使用区块链

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-06-20 DOI: 10.1016/j.bcra.2025.100319

Rahma Mukta , Shantanu Pal , Kowshik Chowdhury , Michael Hitchens , Hye-young Paik , Salil S. Kanhere

As digital ecosystems become more complex with decentralized technologies like the Internet of Things (IoT) and blockchain, traditional access control models fail to meet the security needs of dynamic, high-risk environments. The need for dynamic, fine-grained access control mechanisms has become critical, particularly in environments where trust must be continuously evaluated, and access decisions must adapt to real-time conditions. Traditional models often rely on static identity management and centralized trust assumptions, which are inadequate for modern, decentralized, and highly dynamic environments such as IoT ecosystems. Consequently, existing solutions lack fine-grained identity management, flexible delegation, and continuous trust evaluation, highlighting the need for a more robust, adaptive, and decentralized access control architecture. To address these gaps, this paper presents a novel access control architecture that integrates self-sovereign identity (SSI) and decentralized identifier (DID)-based access control with zero trust principles, enhanced by a flexible capability-based access control (CapBAC) approach. Leveraging SSI and DID allows entities to manage their identities without relying on a central authority, aligning with zero-trust principles. The integration of CapBAC ensures flexible, context-aware, and attribute-based access control, where access rights are dynamically granted based on the requester's capabilities. This enables fine-grained delegation of access rights, allowing trusted entities to delegate specific privileges to others without compromising overall security. Continuous trust evaluation is employed to assess the authenticity of access requests, mitigating the risks posed by compromised devices or users. The proposed architecture also incorporates blockchain technology to ensure transparent, immutable, and secure management of access logs, providing traceability and accountability for all access events. We demonstrate the feasibility and effectiveness of this solution through performance evaluations and comparisons with existing access control schemes, showing its superior security, scalability, and adaptability in real-world scenarios. Our work demonstrates a comprehensive, decentralized, and scalable solution for secure access control delegation using zero trust-driven principles.

随着物联网（IoT）和区块链等分散技术的发展，数字生态系统变得更加复杂，传统的访问控制模型已无法满足动态、高风险环境的安全需求。对动态、细粒度访问控制机制的需求已经变得至关重要，特别是在必须持续评估信任和访问决策必须适应实时条件的环境中。传统模型通常依赖于静态身份管理和集中式信任假设，这对于现代、分散和高度动态的环境（如物联网生态系统）是不够的。因此，现有的解决方案缺乏细粒度的身份管理、灵活的委托和持续的信任评估，这突出了对更健壮、自适应和分散的访问控制体系结构的需求。为了解决这些差距，本文提出了一种新的访问控制体系结构，该体系结构集成了基于零信任原则的自主身份（SSI）和基于分散标识符（DID）的访问控制，并通过灵活的基于能力的访问控制（CapBAC）方法进行了增强。利用SSI和DID允许实体在不依赖中央权威的情况下管理其身份，符合零信任原则。CapBAC的集成确保了灵活、上下文感知和基于属性的访问控制，其中访问权限是根据请求者的能力动态授予的。这支持细粒度的访问权限委托，允许受信任实体将特定特权委托给其他实体，而不会损害整体安全性。通过持续信任评估来评估访问请求的真实性，降低设备或用户被入侵带来的风险。所建议的体系结构还集成了区块链技术，以确保访问日志的透明、不可变和安全管理，为所有访问事件提供可跟踪性和责任。我们通过性能评估和与现有访问控制方案的比较，证明了该解决方案的可行性和有效性，展示了其在现实场景中优越的安全性、可扩展性和适应性。我们的工作展示了一个全面的、分散的、可扩展的解决方案，用于使用零信任驱动原则的安全访问控制委托。

{"title":"Zero trust-driven access control delegation using blockchain","authors":"Rahma Mukta , Shantanu Pal , Kowshik Chowdhury , Michael Hitchens , Hye-young Paik , Salil S. Kanhere","doi":"10.1016/j.bcra.2025.100319","DOIUrl":"10.1016/j.bcra.2025.100319","url":null,"abstract":"<div><div>As digital ecosystems become more complex with decentralized technologies like the Internet of Things (IoT) and blockchain, traditional access control models fail to meet the security needs of dynamic, high-risk environments. The need for dynamic, fine-grained access control mechanisms has become critical, particularly in environments where trust must be continuously evaluated, and access decisions must adapt to real-time conditions. Traditional models often rely on static identity management and centralized trust assumptions, which are inadequate for modern, decentralized, and highly dynamic environments such as IoT ecosystems. Consequently, existing solutions lack fine-grained identity management, flexible delegation, and continuous trust evaluation, highlighting the need for a more robust, adaptive, and decentralized access control architecture. To address these gaps, this paper presents a novel access control architecture that integrates self-sovereign identity (SSI) and decentralized identifier (DID)-based access control with zero trust principles, enhanced by a flexible capability-based access control (CapBAC) approach. Leveraging SSI and DID allows entities to manage their identities without relying on a central authority, aligning with zero-trust principles. The integration of CapBAC ensures flexible, context-aware, and attribute-based access control, where access rights are dynamically granted based on the requester's capabilities. This enables fine-grained delegation of access rights, allowing trusted entities to delegate specific privileges to others without compromising overall security. Continuous trust evaluation is employed to assess the authenticity of access requests, mitigating the risks posed by compromised devices or users. The proposed architecture also incorporates blockchain technology to ensure transparent, immutable, and secure management of access logs, providing traceability and accountability for all access events. We demonstrate the feasibility and effectiveness of this solution through performance evaluations and comparisons with existing access control schemes, showing its superior security, scalability, and adaptability in real-world scenarios. Our work demonstrates a comprehensive, decentralized, and scalable solution for secure access control delegation using zero trust-driven principles.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"7 1","pages":"Article 100319"},"PeriodicalIF":5.6,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146024719","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

SoK: cross-chain bridging architectural design flaws and mitigations SoK：跨链桥接架构设计缺陷和缓解措施

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-06-09 DOI: 10.1016/j.bcra.2025.100315

Jakob Svennevik Notland , Jingyue Li , Mariusz Nowostawski , Peter Halland Haro

Cross-chain bridges are solutions that enable interoperability between heterogeneous blockchains. In contrast to the underlying blockchains, the bridges often provide inferior security guarantees and have been targets of hacks, causing damage in the range of 1.5 to 2 billion USD in 2022. The current state of bridge architectures is that they are ambiguous, and the relation between overarching architectures, underlying components, and exploits is shallow. We address this gap through a multivocal literature review covering 64 different bridges, including 31 exploits and four known bugs over three years (2021–2023). Our analysis identifies 13 architectural components of blockchain bridges. We link the components to eight types of vulnerabilities, also called design flaws. Furthermore, we identified prevention measures and proposed 11 impact reduction measures based on existing and possible countermeasures to address the imminent exploitation of design flaws. The results present an overview of the state of the art in bridge security, future research directions, and guidelines for designing and implementing secure cross-chain bridge architectures.

跨链桥是实现异构区块链之间互操作性的解决方案。与底层区块链相比，桥梁通常提供较差的安全保障，并成为黑客攻击的目标，在2022年造成15亿至20亿美元的损失。桥接体系结构的当前状态是它们是模糊的，总体体系结构、底层组件和漏洞之间的关系是肤浅的。我们通过对64个不同桥梁的多语种文献综述来解决这一差距，其中包括三年内（2021-2023）的31个漏洞和4个已知漏洞。我们的分析确定了区块链桥梁的13个建筑组成部分。我们将这些组件与八种类型的漏洞联系起来，这些漏洞也被称为设计缺陷。此外，我们确定了预防措施，并根据现有和可能的对策提出了11项减少影响的措施，以解决即将出现的设计缺陷。研究结果概述了桥梁安全技术的现状，未来的研究方向，以及设计和实现安全跨链桥梁体系结构的指导方针。

{"title":"SoK: cross-chain bridging architectural design flaws and mitigations","authors":"Jakob Svennevik Notland , Jingyue Li , Mariusz Nowostawski , Peter Halland Haro","doi":"10.1016/j.bcra.2025.100315","DOIUrl":"10.1016/j.bcra.2025.100315","url":null,"abstract":"<div><div>Cross-chain bridges are solutions that enable interoperability between heterogeneous blockchains. In contrast to the underlying blockchains, the bridges often provide inferior security guarantees and have been targets of hacks, causing damage in the range of 1.5 to 2 billion USD in 2022. The current state of bridge architectures is that they are ambiguous, and the relation between overarching architectures, underlying components, and exploits is shallow. We address this gap through a multivocal literature review covering 64 different bridges, including 31 exploits and four known bugs over three years (2021–2023). Our analysis identifies 13 architectural components of blockchain bridges. We link the components to eight types of vulnerabilities, also called design flaws. Furthermore, we identified prevention measures and proposed 11 impact reduction measures based on existing and possible countermeasures to address the imminent exploitation of design flaws. The results present an overview of the state of the art in bridge security, future research directions, and guidelines for designing and implementing secure cross-chain bridge architectures.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"7 1","pages":"Article 100315"},"PeriodicalIF":5.6,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"147398032","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A global trust-based blockchain lightweight consensus mechanism 基于全局信任的区块链轻量级共识机制

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-07-01 DOI: 10.1016/j.bcra.2025.100322

Jinwen Xi , Guosheng Xu , Shihong Zou , Yinliang Yue , Binsi Cai , Guoqiang Li

Blockchain technology, renowned for its decentralized and secure nature, has gained substantial attention. Central to its functionality are consensus mechanisms, which are essential for validating transactions and upholding the integrity of the distributed ledger. However, the efficiency and scalability of blockchain are currently impeded by the resource limitations and excessive communication demands of existing consensus mechanisms. To address these challenges, we propose GT-BFT, a streamlined and lightweight blockchain consensus mechanism grounded in a global trust model. This model capitalizes on node behavior to form consensus groups and facilitate consensus achievement. GT-BFT integrates a novel approach of selective broadcasting along with a Byzantine threshold determination algorithm, significantly boosting both the efficiency and security of the network. Our extensive analysis and performance evaluation reveal that GT-BFT surpasses existing mechanisms in key areas such as security, system throughput, and transaction confirmation speed, marking a significant advancement in blockchain consensus technology.

区块链技术以其去中心化和安全性而闻名，已经获得了大量的关注。其功能的核心是共识机制，这对于验证交易和维护分布式账本的完整性至关重要。然而，区块链的效率和可扩展性目前受到现有共识机制的资源限制和过多的通信需求的阻碍。为了应对这些挑战，我们提出了GT-BFT，这是一种基于全球信任模型的精简轻量级区块链共识机制。该模型利用节点行为来形成共识组并促进共识的实现。GT-BFT集成了一种新的选择性广播方法以及拜占庭阈值确定算法，显着提高了网络的效率和安全性。我们广泛的分析和性能评估表明，GT-BFT在安全性、系统吞吐量和交易确认速度等关键领域超越了现有机制，标志着区块链共识技术的重大进步。

{"title":"A global trust-based blockchain lightweight consensus mechanism","authors":"Jinwen Xi , Guosheng Xu , Shihong Zou , Yinliang Yue , Binsi Cai , Guoqiang Li","doi":"10.1016/j.bcra.2025.100322","DOIUrl":"10.1016/j.bcra.2025.100322","url":null,"abstract":"<div><div>Blockchain technology, renowned for its decentralized and secure nature, has gained substantial attention. Central to its functionality are consensus mechanisms, which are essential for validating transactions and upholding the integrity of the distributed ledger. However, the efficiency and scalability of blockchain are currently impeded by the resource limitations and excessive communication demands of existing consensus mechanisms. To address these challenges, we propose GT-BFT, a streamlined and lightweight blockchain consensus mechanism grounded in a global trust model. This model capitalizes on node behavior to form consensus groups and facilitate consensus achievement. GT-BFT integrates a novel approach of selective broadcasting along with a Byzantine threshold determination algorithm, significantly boosting both the efficiency and security of the network. Our extensive analysis and performance evaluation reveal that GT-BFT surpasses existing mechanisms in key areas such as security, system throughput, and transaction confirmation speed, marking a significant advancement in blockchain consensus technology.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"7 1","pages":"Article 100322"},"PeriodicalIF":5.6,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"147398035","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Semantic interoperability on blockchain by generating smart contracts based on knowledge graphs 区块链上基于知识图生成智能合约的语义互操作性

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-07-01 DOI: 10.1016/j.bcra.2025.100320

W. Van Woensel , O. Seneviratne

Health 3.0 enables decision-making to be based on longitudinal data from multiple institutions spanning the patient’s healthcare journey. Blockchain smart contracts can act as neutral and trustworthy intermediaries to implement such decision-making. In this distributed healthcare setting, transmitted data are structured using standards, such as Health Level Seven Fast Healthcare Interoperability Resources (HL7 FHIR), for semantic interoperability. Hence, the smart contract will require interoperability with the domain standard. However, it will also have to implement a complex communication setup to work in a distributed environment (e.g., using oracles), and be developed using special-purpose blockchain languages (e.g., Solidity). To support these requirements, we propose the encoding of smart contract logic using a high-level semantic Knowledge Graph (KG), which uses concepts and relations from a domain standard and additionally lists distributed data requirements. We subsequently deploy this semantic KG on blockchain via a hybrid on-/off-chain code-generation approach. We applied our approach to generate smart contracts for three health insurance cases from Medicare. We evaluated the generated contracts in terms of correctness and execution cost (i.e., gas) on blockchain. Finally, we discuss the suitability of blockchain—and by extension, our approach—for a number of healthcare use cases.

Health 3.0使决策能够基于跨越患者医疗保健旅程的多个机构的纵向数据。区块链智能合约可以作为中立和可信的中介来实现这种决策。在这种分布式医疗保健设置中，传输的数据使用诸如健康级别7快速医疗保健互操作性资源（HL7 FHIR）等标准进行结构化，以实现语义互操作性。因此，智能合约将需要与领域标准的互操作性。然而，它还必须实现一个复杂的通信设置，以便在分布式环境中工作（例如，使用oracle），并使用特殊用途的区块链语言（例如，Solidity）进行开发。为了支持这些需求，我们提出使用高级语义知识图（KG）对智能合约逻辑进行编码，该知识图使用领域标准中的概念和关系，并额外列出分布式数据需求。随后，我们通过混合链上/链下代码生成方法在区块链上部署这个语义KG。我们应用我们的方法为医疗保险中的三个健康保险案例生成智能合约。我们根据区块链上的正确性和执行成本（即gas）来评估生成的合同。最后，我们讨论了区块链的适用性，并扩展了我们的方法，用于许多医疗保健用例。

{"title":"Semantic interoperability on blockchain by generating smart contracts based on knowledge graphs","authors":"W. Van Woensel , O. Seneviratne","doi":"10.1016/j.bcra.2025.100320","DOIUrl":"10.1016/j.bcra.2025.100320","url":null,"abstract":"<div><div>Health 3.0 enables decision-making to be based on longitudinal data from multiple institutions spanning the patient’s healthcare journey. Blockchain smart contracts can act as neutral and trustworthy intermediaries to implement such decision-making. In this distributed healthcare setting, transmitted data are structured using standards, such as Health Level Seven Fast Healthcare Interoperability Resources (HL7 FHIR), for semantic interoperability. Hence, the smart contract will require interoperability with the domain standard. However, it will also have to implement a complex communication setup to work in a distributed environment (e.g., using oracles), and be developed using special-purpose blockchain languages (e.g., Solidity). To support these requirements, we propose the encoding of smart contract logic using a high-level semantic Knowledge Graph (KG), which uses concepts and relations from a domain standard and additionally lists distributed data requirements. We subsequently deploy this semantic KG on blockchain via a hybrid on-/off-chain code-generation approach. We applied our approach to generate smart contracts for three health insurance cases from Medicare. We evaluated the generated contracts in terms of correctness and execution cost (i.e., gas) on blockchain. Finally, we discuss the suitability of blockchain—and by extension, our approach—for a number of healthcare use cases.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"7 1","pages":"Article 100320"},"PeriodicalIF":5.6,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146174011","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A blockchain-based collusion-resistant and traceable broadcast encryption scheme 一种基于区块链的抗合谋和可追踪的广播加密方案

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-05-21 DOI: 10.1016/j.bcra.2025.100311

Tianqi Zhou , Kai Zhao , Wenying Zheng

Blockchain, as a rapidly developing technology nowadays, involves multi-party collaboration scenarios. However, as the number of users grows, security issues in blockchain systems also increase, driving the need for features such as collusion resistance and traceability. To meet the needs of multi-party collaboration on the blockchain, we propose a blockchain-based collusion-resistant and a traceable broadcast encryption scheme. On the one hand, the traitor tracing scheme is adopted to effectively enable accountability for malicious users. On the other hand, the SM2 public key encryption algorithm is deployed to satisfy high security requirements with relatively low computational costs. Security analysis demonstrates that the proposed scheme has the same level of security as the SM2 algorithm. Performance evaluation shows that the proposed scheme is superior to the relevant schemes and maintains functionalities such as collusion-resistant and traitor tracing.

区块链作为当今发展迅速的技术，涉及到多方协作场景。然而，随着用户数量的增长，区块链系统中的安全问题也在增加，从而推动了对抗串通和可追溯性等特性的需求。为了满足区块链上多方协作的需求，我们提出了一种基于区块链的抗合谋和可追踪广播加密方案。一方面，采用叛逆者追踪方案，有效实现对恶意用户的问责。另一方面，采用SM2公钥加密算法，以较低的计算成本满足较高的安全性要求。安全性分析表明，该方案具有与SM2算法相同的安全性。性能评估表明，该方案优于现有方案，并保持了抗合谋和叛逆者跟踪等功能。

引用次数: 0

Decentralized Trust: NFT and blockchain-enabled evidence system using fog computing 分散式信任：使用雾计算的NFT和区块链支持的证据系统

IF 5.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications

Pub Date : 2026-02-01 Epub Date: 2025-06-30 DOI: 10.1016/j.bcra.2025.100321

Mritunjay Shall Peelam , Vinay Chamola , Aditya Kumar Sharma , Brijesh Kumar Chaurasia

Evidence plays a crucial role in judicial systems, and managing it securely and efficiently ensures justice. This paper introduces Decentralized Trust, a framework that combines blockchain technology, non-fungible tokens (NFTs), and fog computing to address common issues like tampering, delays, and reliance on centralized systems. Traditional methods that depend on cloud computing often face high latency and slow processing, especially in remote areas. This research also builds upon the challenges identified in previous studies, such as tampering vulnerabilities, inefficiencies in evidence processing, and accessibility issues in underserved regions, providing a novel and comprehensive solution through Decentralized Trust. Fog computing handles tasks closer to where data is created, reducing delays and improving response times. Blockchain ensures that evidence records cannot be altered, while NFTs make each piece of evidence unique and tamper-proof. The framework is organized into layers: edge nodes at police stations capture evidence, fog nodes process the data and create NFTs, and cloud storage, supported by the Interplanetary File System, provides secure long-term storage. Results demonstrate that the framework achieves average transaction delays of 24.5 seconds on low-performance devices (Node A) and 168.9 seconds on high-performance devices (Node B), with margins of error showing efficient scalability even under significant processing loads. The observed transaction delays are due to differences in system architecture and processing priorities. High-performance devices (Node B) have more complex validation processes, increased security checks, or resource contention, contributing to longer transaction times. By combining these technologies, Decentralized Trust offers a reliable, fast, and secure way to manage judicial evidence, building trust in the framework while addressing the needs of remote and underserved areas.

证据在司法系统中发挥着至关重要的作用，安全有效地管理证据可确保司法公正。本文介绍了去中心化信任，这是一个结合区块链技术、不可替代令牌（nft）和雾计算的框架，以解决诸如篡改、延迟和对集中式系统的依赖等常见问题。依赖云计算的传统方法往往面临高延迟和缓慢的处理，特别是在偏远地区。本研究还建立在先前研究中确定的挑战的基础上，例如篡改漏洞，证据处理效率低下以及服务不足地区的可访问性问题，通过分散信任提供了一种新颖而全面的解决方案。雾计算处理的任务更接近数据创建的位置，减少了延迟，提高了响应时间。区块链确保证据记录不能被更改，而nft使每个证据都是唯一的和防篡改的。该框架被组织成多层：警察局的边缘节点捕获证据，雾节点处理数据并创建nft，由星际文件系统支持的云存储提供安全的长期存储。结果表明，该框架在低性能设备（节点A）上实现的平均事务延迟为24.5秒，在高性能设备（节点B）上实现的平均事务延迟为168.9秒，即使在显著的处理负载下，其误差范围也显示出高效的可扩展性。观察到的事务延迟是由于系统架构和处理优先级的差异造成的。高性能设备（节点B）具有更复杂的验证过程、更多的安全检查或资源争用，从而导致更长的事务时间。通过结合这些技术，去中心化信任提供了一种可靠、快速和安全的方式来管理司法证据，在框架内建立信任，同时解决偏远和服务不足地区的需求。

{"title":"Decentralized Trust: NFT and blockchain-enabled evidence system using fog computing","authors":"Mritunjay Shall Peelam , Vinay Chamola , Aditya Kumar Sharma , Brijesh Kumar Chaurasia","doi":"10.1016/j.bcra.2025.100321","DOIUrl":"10.1016/j.bcra.2025.100321","url":null,"abstract":"<div><div>Evidence plays a crucial role in judicial systems, and managing it securely and efficiently ensures justice. This paper introduces Decentralized Trust, a framework that combines blockchain technology, non-fungible tokens (NFTs), and fog computing to address common issues like tampering, delays, and reliance on centralized systems. Traditional methods that depend on cloud computing often face high latency and slow processing, especially in remote areas. This research also builds upon the challenges identified in previous studies, such as tampering vulnerabilities, inefficiencies in evidence processing, and accessibility issues in underserved regions, providing a novel and comprehensive solution through Decentralized Trust. Fog computing handles tasks closer to where data is created, reducing delays and improving response times. Blockchain ensures that evidence records cannot be altered, while NFTs make each piece of evidence unique and tamper-proof. The framework is organized into layers: edge nodes at police stations capture evidence, fog nodes process the data and create NFTs, and cloud storage, supported by the Interplanetary File System, provides secure long-term storage. Results demonstrate that the framework achieves average transaction delays of 24.5 seconds on low-performance devices (Node A) and 168.9 seconds on high-performance devices (Node B), with margins of error showing efficient scalability even under significant processing loads. The observed transaction delays are due to differences in system architecture and processing priorities. High-performance devices (Node B) have more complex validation processes, increased security checks, or resource contention, contributing to longer transaction times. By combining these technologies, Decentralized Trust offers a reliable, fast, and secure way to manage judicial evidence, building trust in the framework while addressing the needs of remote and underserved areas.</div></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"7 1","pages":"Article 100321"},"PeriodicalIF":5.6,"publicationDate":"2026-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"147398034","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0