SurferMonkey A Decentralized Anonymous Blockchain Intercommunication System via Zero Knowledge Proofs
2025-05-02
0
0
1.21MB
52 页
10玖币
侵权投诉
SurferMonkey: A Decentralized Anonymous Blockchain
Intercommunication System via Zero Knowledge Proofs
MIGUEL DÍAZ MONTIEL,
École Polytechnique Fédérale de Lausanne (EPFL), Switzerland and Uni-
versitat Politècnica de Catalunya (UPC), Spain
RACHID GUERRAOUI, École Polytechnique Fédérale de Lausanne (EPFL), Switzerland
PIERRE-LOUIS ROMAN, École Polytechnique Fédérale de Lausanne (EPFL), Switzerland
Blockchain intercommunication systems enable the exchanges of messages between blockchains. This interoperability
promotes innovation, unlocks liquidity and access to assets. As of March 2022, the total value locked (TVL) in these
systems was of $21.8 billion [
22
]. However, blockchains are isolated systems that originally were not designed for
interoperability. This makes cross-chain communication, or bridges for short, insecure by nature. More precisely,
cross-chain systems face security challenges in terms of selsh rational players such as maximal extractable value
(MEV) and censorship. As of July 2022, the top 3 bridge hacks account for more than $1.5 billion in losses [
20
] and the
aggregated value extracted from the users using MEV techniques is $663 million [12].
We propose to solve these challenges using zero knowledge proofs (ZKPs) for cross-chain communication. Securing
cross-chain communication is remarkably more complex than securing single-chain events as such a system must
preserve user security against both on- and o-chain analysis.
To achieve this goal, we propose the following pair of contributions: the DACT protocol and the SurferMonkey
infrastructure that supports the DACT protocol. The decentralized anonymous agnostic cross-chain transfer (DACT)
protocol is a global solution for the anonymity and security challenges of agnostic blockchain intercommunication.
DACT breaks on- and o-chain analysis thanks to the use of ZKPs. SurferMonkey is a decentralized infrastructure
that implements DACT in practice. Since SurferMonkey works at the blockchain application layer, any decentralized
application (dApp) can use SurferMonkey to send any type of message to a dApp on another blockchain. With
SurferMonkey, users can neither be censored nor be exposed to MEV. By applying decentralized proactive security, we
obtain resilience against selsh rational players, and raise the security bar against cyberattacks. We have implemented
a proof of concept (PoC) of SurferMonkey by reverse engineering Tornado Cash and by applying IDEN3 ZKP circuits.
SurferMonkey enables new usecases, ranging from anonymous voting and gaming, to a new phase of anonymous
decentralized nance (aDeFi).
This report is based on the Master’s thesis of Miguel Díaz Montiel defended on July 13, 2022 at EPFL.
Authors’ addresses: Miguel Díaz Montiel, miguel.diaz.montiel@estudiantat.upc.edu; Rachid Guerraoui, rachid.guerraoui@ep.ch;
Pierre-Louis Roman, pierre-louis.roman@ep.ch.
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that
copies are not made or distributed for prot or commercial advantage and that copies bear this notice and the full citation on the rst
page. Copyrights for third-party components of this work must be honored. For all other uses, contact the owner/author(s).
©2022 Copyright held by the owner/author(s).
1
arXiv:2210.13242v1 [cs.CR] 24 Oct 2022
Miguel Díaz Montiel, Rachid Guerraoui, and Pierre-Louis Roman
Abstract 1
2
1 Introduction 4
1.1 Cross-Chain Ecosystem Drawbacks 4
1.2 Solution: DACT and SurferMonkey 6
2 Previous Work: Blockchain Intercommunication Protocols 10
2.1 Types of Intercommunication Security Designs 10
2.2 Multiplexer Blockchains 12
3 Previous Work: ZKPs Applied to Single-chain Blockchain Privacy 12
3.1 Zerocoin 12
3.2 Zerocash 13
3.3 Tornado Cash 14
4 Background: Zero Knowledge Proofs 14
4.1 Dierent Types of ZKPs 15
4.2 Choosing Zk-SNARKs 16
4.3 SNARKs Arithmetic Circuit 16
4.4 Pedersen Hash with 4-bit Windows 17
4.5 Applied zk-SNARKs with Circom 17
5 The DACT Protocol 19
5.1 DACT Data Structures 19
5.2 DACT Proof of Membership 21
5.3 DACT ZKP Circuits 21
5.4 DACT Security 22
5.5 DACT Creation and Settlement 25
5.6 DACT Unlinked Finality and Atomicity 26
6 The SurferMonkey Infrastructure 26
6.1 System Requirements and Design Principles 28
6.2 System Architecture 29
6.3 Settlement Transaction Flow 32
6.4 Revert Transaction Flow 34
6.5 Actors Authentication 35
7 System Resilience and Analysis 37
7.1 O-chain Attacks and Denial of Service 37
7.2 Oracle Attacks 37
7.3 dApp Attacks 38
2
SurferMonkey: A Decentralized Anonymous Blockchain Intercommunication System via Zero Knowledge Proofs
7.4 User Attacks 39
7.5 MEV Background 40
7.6 SurferMonkey MEV Resilience 41
7.7 Privacy 41
7.8 System Constraints 41
8 Proof of Concept Implementation 42
8.1 Reverse engineering Tornado Cash 43
8.2 Complications and Learnings 43
9 Evaluation 44
9.1 Unit Tests 45
9.2 System Tests 45
9.3 Gas Execution Cost 45
10 Design Decisions 47
11 Future Research and Development 49
11.1 Accumulators 49
11.2 Distributed Key Generation 49
11.3 Blockchain Reorganisations 49
11.4 Compromised Intercommunication Blockchain Transactions due to Heuristics 50
11.5 Minimize Gas Transaction 50
12 Conclusion 50
References 51
Contents
3
Miguel Díaz Montiel, Rachid Guerraoui, and Pierre-Louis Roman
1 INTRODUCTION
The industry has developed multiple blockchain systems to tackle dierent problems. As more blockchains
systems began to appear on the market, the need for a cross-blockchain communication system became
evident. This led to the development of the so called blockchain bridges.
1
A blockchain bridge is just a
message passing system between dierent blockchains. As more blockchains communicate with each other,
more value can be accessed. This improves the liquidity from the assets and it brings new projects into the
table, ranging from data services, gaming, to decentralized nance (DeFi).
A typical cross-chain communication system is depicted in Fig. 1. First, the user submits a transaction
request into the source blockchain where it calls the dApp. Second, oracle nodes listen in to the events
from the dApp and locally transform the source blockchain event into a destination blockchain transaction.
Third, the oracles submit the transaction into the destination blockchain.
Fig. 1. Traditional cross-chain communication protocol.
1.1 Cross-Chain Ecosystem Drawbacks
The interconnection of dierent blockchain systems brings new problems into the industry (game theory
and censorship), inherits the drawbacks from a single blockchain ecosystem (privacy), and maximizes
pitfalls from the isolated blockchain environments (maximal extractable value (MEV)).
Through game theory standards, the actors of a system are seen as rational players that always look for
their best interests. Censorship is the ability that an entity has to silence a user voice or transaction. MEV
is a rational permissionless move where the players extract as much as possible value from their rivals
without requiring their consent. Finally, in a blockchain system, users cannot have privacy nor anonymity,
therefore this data can be used as an attack vector.
1.1.1 First problem: game theory. The new problem that arises with cross-blockchain communication
systems is: How to obtain cross-chain message replication on environments that weren’t designed to be
interconnected? To solve this, the industry created a set of actors called oracles. The oracles hold the
cryptography keys to input data on the destination blockchains. The oracles are machines run by persons
1
In the industry, a blockchain bridge is commonly reserved for applications that solely make value transfers from one chain to another
and that have their own liquidity pools. However, the nomenclature of cross-chain messaging system is reserved for protocols that
decentralized applications (dApps) use to transfer any type of message. For simplicity, we are addressing “blockchain bridges” as equal
as “cross-chain messaging systems”.
4
SurferMonkey: A Decentralized Anonymous Blockchain Intercommunication System via Zero Knowledge Proofs
or entities that, simply put, listen to the events that happened on blockchain A, and submit those events
into blockchain B. The solution brings a new variable into the equation: How can we trust the oracles?
All together, the oracles are the new entities that store the keys to secure the cross-chain messaging
system. However, oracles are subject to bribery, rational thinking, and cyberattacks.
1.1.2 Second problem: MEV. The maximal extractable value (MEV) gaming vector is performed by having
nodes change the order of transactions executed. For example, an MEV player can frontrun or sandwich
other transactions [
30
]. An MEV player relies on knowing the negotiation parameters from a rival, to extract
as much value from the rival as possible, before the rival transaction settles. This is possible, because the
MEV players know beforehand how much more a specic rival is willing to pay for a certain asset. The
MEV players can be the blockchain miners, oracles or another user.
In an isolated blockchain scenario we have a single MEV point: the blockchain mempool (Fig. 2). While
on a cross-chain communication system we have three MEV opportunities: the source chain mempool, the
source red event, and the destination chain mempool (Fig. 3). In a cross-chain system, the MEV players
have more time to orchestrate a move prior to the rival transaction settlement. The MEV players can go even
further and, if the business logic allows it, they can potentially extract value on each step of the cross-chain
system.
1.1.3 Third problem: privacy. By default blockchains have a public register (ledger) of all the actions
that happened, as well as the deeds that are about to happen (mempool). Both ledger and mempool are
transparent. Therefore the whole user history can be traced. This has an impact on the privacy of the users
as this data can be exploited as an attack vector and can negatively impact an individual. For example,
maybe a user does not want to be publicly exposed while casting a vote within a Decentralized Autonomous
Organization (DAO).
Furthermore, in a cross-chain ecosystem, we can also trace not only the on-chain data, but also the
o-chain ow. Which means that we can know that Alice transferred a message from blockchain A to
blockchain B, and performed certain computational steps on blockchain B. We are able to trace the o-chain
data from the cross-communication system because the user intent is transparent on the source chain. Even
if that intent is obfuscated in the source chain, the oracles can still trace the o-chain footprint as they
know which specic package to push from blockchain A to blockchain B which breaks the users privacy.
All in all, transparent data on and o chain can be mined. This data can be used to train specic machine
learning models in order to weaponize articial intelligence.
1.1.4 Fourth problem: censorship. As we move from single blockchain environments into the multi-chain
ecosystems, we nd ourselves with censorship problems by the oracles against the users, dApps, and
blockchains. The oracles can see a specic user request and destiny to perform a cross-chain transfer; the
oracles have the power to silence this specic user by rejecting its cross-chain transfer requests. The oracles
5
摘要:
展开>>
收起<<
SurferMonkey:ADecentralizedAnonymousBlockchainIntercommunicationSystemviaZeroKnowledgeProofsMIGUELDÍAZMONTIEL,ÉcolePolytechniqueFédéraledeLausanne(EPFL),SwitzerlandandUni-versitatPolitècnicadeCatalunya(UPC),SpainRACHIDGUERRAOUI,ÉcolePolytechniqueFédéraledeLausanne(EPFL),SwitzerlandPIERRE-LOUISROMAN,...
声明:本站为文档C2C交易模式,即用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。玖贝云文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知玖贝云文库,我们立即给予删除!
相关推荐
-
架构演进:小米的经验分享VIP免费
2025-03-31 5 -
Massive particle interferometry with lattice solitons Piero Naldesi1Juan Polo2Peter D Drummond3Vanja Dunjko4Luigi Amico2Anna Minguzzi5and Maxim Olshanii4 1Université Grenoble-Alpes LPMMC F-38000 Grenoble
2025-05-02 0 -
Averaged Solar Torque Rotational Dynamics for Defunct Satellites Conor J. Bensonand Daniel J. Scheeres
2025-05-02 0 -
Preprint MASS M ULTI -ATTRIBUTE SELECTIVE SUPPRESSION Chun-Fu Richard Chen1 Shaohan Hu1 Zhonghao Shi12 Prateek Gulati13
2025-05-02 0 -
Preprint IN-CONTEXT REINFORCEMENT LEARNING WITH ALGORITHM DISTILLATION
2025-05-02 0 -
Portfolio optimization with discrete simulated annealing Álvaro Rubio-García1Juan José García-Ripoll1and Diego Porras1 1Instituto de Física Fundamental IFF-CSIC Serrano 113 28006 Madrid Spain
2025-05-02 1 -
Polynomial Equations Theory and Practice Simon Telen Abstract Solvingpolynomialequationsisasubtaskofpolynomialoptimization.This
2025-05-02 0 -
Polarization Spectroscopy of High-Order Harmonic Generation in Gallium Arsenide SHATHA KAASSAMANI1 THIERRY AUGUSTE1 NICOLAS
2025-05-02 0 -
Phase diagrams of lattice models on Cayley tree and chandelier network a review
2025-05-02 3 -
Performance of Quantum Preprocessing under Phase Noise Zuhra Amiri Boulat A. Bashy Janis N otzel
2025-05-02 1
分类:图书资源
价格:10玖币
属性:52 页
大小:1.21MB
格式:PDF
时间:2025-05-02
作者详情
相关内容
-
Portfolio optimization with discrete simulated annealing Álvaro Rubio-García1Juan José García-Ripoll1and Diego Porras1 1Instituto de Física Fundamental IFF-CSIC Serrano 113 28006 Madrid Spain
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
Polynomial Equations Theory and Practice Simon Telen Abstract Solvingpolynomialequationsisasubtaskofpolynomialoptimization.This
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
Polarization Spectroscopy of High-Order Harmonic Generation in Gallium Arsenide SHATHA KAASSAMANI1 THIERRY AUGUSTE1 NICOLAS
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
Phase diagrams of lattice models on Cayley tree and chandelier network a review
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
-
Performance of Quantum Preprocessing under Phase Noise Zuhra Amiri Boulat A. Bashy Janis N otzel
分类:图书资源
时间:2025-05-02
标签:无
格式:PDF
价格:10 玖币
渝公网安备50010702506394
