ABSTRACT
We propose Tesseract, a secure real-time cryptocurrency exchange service. Existing centralized exchange designs are vulnerable to theft of funds, while decentralized exchanges cannot offer real-time cross-chain trades. All currently deployed exchanges are also vulnerable to frontrunning attacks. Tesseract overcomes these flaws and achieves a best-of-both-worlds design by using a trusted execution environment. The task of committing the recent trade data to independent cryptocurrency systems presents an all-or-nothing fairness problem, to which we present ideal theoretical solutions, as well as practical solutions. Tesseract supports not only real-time cross-chain cryptocurrency trades, but also secure tokenization of assets pegged to cryptocurrencies. For instance, Tesseract-tokenized bitcoins can circulate on the Ethereum blockchain for use in smart contracts. We provide a demo implementation of Tesseract that supports Bitcoin, Ethereum, and similar cryptocurrencies.
Supplemental Material
- Hamza Abusalah, Joël Alwen, Bram Cohen, Danylo Khilko, Krzysztof Pietrzak, and Leonid Reyzin. 2017. Beyond Hellman's Time-Memory Trade-Offs with Applications to Proofs of Space. In 23rd ASIACRYPT.Google Scholar
- Alexey Akhunov. [n.d.]. https://github.com/ledgerwatch/eth_state/.Google Scholar
- Ittai Anati, Shay Gueron, Simon Johnson, and Vincent Scarlata. 2013. Innovative Technology for CPU Based Attestation and Sealing. In HASP'13. 1--7. https://doi.org/10.1.1.405.8266Google Scholar
- Gavin Andresen. [n.d.]. P2SH. https://github.com/bitcoin/bips/blob/master/bip-0016.mediawiki.Google Scholar
- M. Andrychowicz, S. Dziembowski, D. Malinowski, and L. Mazurek. 2014a. Fair Two-Party Computations via Bitcoin Deposits. In FC.Google Scholar
- M. Andrychowicz, S. Dziembowski, D. Malinowski, and L. Mazurek. 2014b. Secure Multiparty Computations on Bitcoin. In IEEE S&P.Google Scholar
- Sarah Azouvi, Patrick McCorry, and Sarah Meiklejohn. [n.d.]. Betting on Blockchain Consensus with Fantomette. https://arxiv.org/abs/1805.06786.Google Scholar
- Moshe Babaioff, Shahar Dobzinski, Sigal Oren, and Aviv Zohar. 2012. On Bitcoin and red balloons. In ACM Conference on Electronic Commerce. 56--73.Google ScholarDigital Library
- Adam Back. 2013. $O(2^80)$ theoretical attack on P2SH. https://bitcointalk.org/index.php?topic=323443.0.Google Scholar
- Clare Baldwin. [n.d.]. http://www.reuters.com/article/us-bitfinex-hacked-hongkong-idUSKCN10E0KP.Google Scholar
- Andrew Barisser. 2015. https://medium.com/on-banking/high-frequency-trading-on-the-coinbase-exchange-f804c80f507b.Google Scholar
- Massimo Bartoletti and Livio Pompianu. 2017. An analysis of Bitcoin OP_RETURN metadata. In FC. https://arxiv.org/abs/1702.01024.Google Scholar
- Jethro Beekman. 2014. A Denial of Service Attack against Fair Computations using Bitcoin Deposits. https://eprint.iacr.org/2014/911.Google Scholar
- Juan Benet. [n.d.]. https://ipfs.io/.Google Scholar
- Iddo Bentov, Ariel Gabizon, and Alex Mizrahi. 2016. Cryptocurrencies without Proof of Work. In Financial Cryptography Bitcoin Workshop.Google ScholarCross Ref
- Iddo Bentov, Yan Ji, Fan Zhang, Lorenz Breidenbach, Philip Daian, and Ari Juels. 2017a. Full Technical Report, Tesseract: Real-Time Cryptocurrency Exchange Using Trusted Hardware. https://eprint.iacr.org/2017/1153.Google Scholar
- Iddo Bentov, Ranjit Kumaresan, and Andrew Miller. [n.d.] a. Instantaneous Decentralized Poker. In Asiacrypt 2017.Google ScholarCross Ref
- Iddo Bentov, Charles Lee, Alex Mizrahi, and Meni Rosenfeld. [n.d.] b. Proof of activity: extending Bitcoin's proof of work via proof of stake. In NetEcon 2014.Google Scholar
- Iddo Bentov, Alex Mizrahi, and Meni Rosenfeld. 2017b. Decentralized Prediction Market without Arbiters. In Financial Cryptography 4th Bitcoin Workshop.Google ScholarCross Ref
- Iddo Bentov, TierNolan, et al. 2013. Atomic transfers. https://bitcointalk.org/index.php?topic=193281.msg2224949#msg2224949.Google Scholar
- Daniel J. Bernstein, Tanja Lange, and Peter Schwabe. [n.d.]. The Security Impact of a New Cryptographic Library. In LATINCRYPT 2012.Google ScholarDigital Library
- Bitcoin developers. 2019. Segregated Witness. https://en.bitcoin.it/wiki/Segregated_Witness.Google Scholar
- Daniel G Brown. 2011. How I wasted too long finding a concentration inequality for sums of geometric variables. https://cs. uwaterloo. ca/browndg/negbin. pdf.Google Scholar
- Benedikt Bünz, Lucianna Kiffer, Loi Luu, and Mahdi Zamani. [n.d.]. Flyclient: Super-Light Clients for Cryptocurrencies. https://eprint.iacr.org/2019/226.Google Scholar
- CryptoAsset Market Capitalizations. [n.d.]. https://coinmarketcap.com/assets/.Google Scholar
- Clark, Bonneau, Felten, Kroll, Andrew Miller, and Narayanan. 2014. On Decentralizing Prediction Markets and Order Books. In WEIS.Google Scholar
- K. Croman, C. Decker, I. Eyal, A. Gencer, A. Juels, A. Kosba, A. Miller, P. Saxena, E. Shi, E. Sirer, D. Song, and R. Wattenhofer. 2016. On Scaling Decentralized Blockchains. In FC Bitcoin Workshop.Google Scholar
- Leslie Culbertson. [n.d.]. https://newsroom.intel.com/editorials/protecting-our-customers-through-lifecycle-security-threats.Google Scholar
- Philip Daian, Steven Goldfeder, Tyler Kell, Yunqi Li, Xueyuan Zhao, Iddo Bentov, Lorenz Breidenbach, and Ari Juels. [n.d.]. Flash Boys 2.0: Frontrunning, Transaction Reordering, and Consensus Instability in Decentralized Exchanges.Google Scholar
- Phil Daian, Rafael Pass, and Elaine Shi. 2019. Snow White: Robustly Reconfigurable Consensus and Applications to Provably Secure Proofs of Stake. FC.Google Scholar
- Allen Day and Colin Bookman. 2018. Bitcoin in BigQuery: blockchain analytics on public data. https://cloud.google.com/blog/products/gcp/bitcoin-in-bigquery-blockchain-analytics-on-public-data.Google Scholar
- Christian Decker and Roger Wattenhofer. 2015. A Fast and Scalable Payment Network with Bitcoin Duplex Micropayment Channels. In 17th SSS.Google Scholar
- Desmedt and Frankel. 1989. Threshold Cryptosystems. In CRYPTO.Google Scholar
- Roger Dingledine, Nick Mathewson, and Paul F. Syverson. 2004. Tor: The Second-Generation Onion Router. In 13th Usenix Security.Google Scholar
- dree12 (pseudonym). [n.d.]. List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses. https://bitcointalk.org/index.php?topic=576337.Google Scholar
- Devdatt P. Dubhashi and Alessandro Panconesi. 2009. Concentration of Measure for the Analysis of Randomized Algorithms. Cambridge Uni. Press.Google Scholar
- Tuyet Duong, Lei Fan, Thomas Veale, and Hong-Sheng Zhou. [n.d.]. Securing Bitcoin-like Backbone Protocols against a Malicious Majority of Computing Power., Vol. 2016 ( [n.,d.]). http://eprint.iacr.org/2016/716Google Scholar
- Stefan Dziembowski, Sebastian Faust, Vladimir Kolmogorov, and Krzysztof Pietrzak. 2015. Proofs of Space. In CRYPTO.Google Scholar
- Ben A. Fisch, Dhinakaran Vinayagamurthy, Dan Boneh, and Sergey Gorbunov. 2017. Iron: Functional Encryption using Intel SGX.Google Scholar
- Juan Garay, Aggelos Kiayias, and Nikos Leonardos. 2015. The Bitcoin Backbone Protocol: Analysis and Applications. In Eurocrypt.Google Scholar
- Rosario Gennaro, Steven Goldfeder, and Arvind Narayanan. 2016. Threshold-Optimal DSA/ECDSA Signatures. In 14th ACNS.Google Scholar
- Arthur Gervais and Rami Khalil. 2018. The Liquidity Network. https://liquidity.network/whitepaper_Liquidity_Network.pdf.Google Scholar
- Yossi Gilad, Rotem Hemo, Silvio Micali, Georgios Vlachos, and Nickolai Zeldovich. 2017. Algorand: Scaling Byzantine Agreements for Cryptocurrencies. In 26th Symposium on Operating Systems Principles.Google ScholarDigital Library
- Sharon Goldberg, Ethan Heilman, and other. 2018. Arwen. https://www.arwen.io/.Google Scholar
- BitFury Group. 2015. http://bitfury.com/content/5-white-papers-research/pos-vs-pow-1.0.2.pdf.Google Scholar
- Ethan Heilman, Leen Alshenibr, Foteini Baldimtsi, Alessandra Scafuro, and Sharon Goldberg. 2017. TumbleBit. In NDSS. https://eprint.iacr.org/2016/575.Google Scholar
- Ethan Heilman, Alison Kendler, Aviv Zohar, and Sharon Goldberg. 2015. Eclipse Attacks on Bitcoin's Peer-to-Peer Network. In 24th Usenix Security.Google Scholar
- Maurice Herlihy. 2018. Atomic Cross-Chain Swaps. In PODC.Google Scholar
- Matthew Hoekstra, Reshma Lal, Pradeep Pappachan, Vinay Phegade, and Juan Del Cuvillo. 2013. Hasp, http://dl.acm.org/citation.cfm?doid=2487726.2488370.Google Scholar
- SP Johnson, VR Scarlata, C Rozas, E Brickell, and F Mckeen. 2016. https://software.intel.com/en-us/blogs/2016/03/09/intel-sgx-epid-provisioning-and-attestation-services.Google Scholar
- Keystone. [n.d.]. https://keystone-enclave.org/.Google Scholar
- Rami Khalil, Arthur Gervais, and Guillaume Felley. [n.d.]. TEX - A Securely Scalable Trustless Exchange. https://eprint.iacr.org/2019/265.Google Scholar
- Aggelos Kiayias, Ioannis Konstantinou, Alexander Russell, Bernardo David, and Roman Oliynykov. 2017a. Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol. In CRYPTO.Google Scholar
- Aggelos Kiayias, Andrew Miller, and Dionysis Zindros. 2017b. Non-interactive proofs of proof-of-work. https://eprint.iacr.org/2017/963.Google Scholar
- Aggelos Kiayias, Hong-Sheng Zhou, and Vassilis Zikas. 2015. Fair and Robust Multi-Party Computation using a Global Transaction Ledger. In Eurocrypt.Google Scholar
- Sophie Knight. [n.d.]. http://www.reuters.com/article/us-bitcoin-mtgox-wallet-idUSBREA2K05N20140321.Google Scholar
- Johnson Lau. [n.d.]. https://github.com/jl2012/bips/blob/vault/bip-0VVV.mediawiki.Google Scholar
- Joshua Lind, Ittay Eyal, Florian Kelbert, Oded Naor, Peter R. Pietzuch, and Emin Gü n Sirer. 2018. Teechain. In 11th SYSTOR.Google Scholar
- Loi Luu and Yaron Velner. 2017. KyberNetwork White Paper. https://kyber.network/assets/KyberNetworkWhitepaper.pdf.Google Scholar
- mappum (pseudonym). 2015. Mercury -- Fully trustless cryptocurrency exchange. https://bitcointalk.org/index.php?topic=946174.0.Google Scholar
- Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, and Srdjan Capkun. 2017. ROTE. http://eprint.iacr.org/2017/048.Google Scholar
- McCorry, Heilman, and Miller. [n.d.]. Atomically Trading with Roger: Gambling on the success of a hardfork. http://eprint.iacr.org/2017/694.Google Scholar
- Patrick McCorry, Malte Möser, Siamak Fayyaz Shahandashti, and Feng Hao. 2016. Towards Bitcoin Payment Networks. In ACISP.Google Scholar
- McKeen, Alexandrovich, Berenzon, Rozas, Shafi, Shanbhogue, and Savagaonkar. 2013. Innovative instructions and software model for isolated execution. In HASP.Google Scholar
- Robert McMillan. 2013. $1.2M Hack Shows Why You Should Never Store Bitcoins on the Internet. https://www.wired.com/2013/11/inputs/.Google Scholar
- Danielle Meegan. [n.d.]. https://www.ethnews.com/relay-attack-leads-to-etc-loss-on-ethereum-exchange.Google Scholar
- Andrew Miller. 2016. Provable Security for Cryptocurrencies. Ph.D. Dissertation. University of Maryland, College Park.Google Scholar
- Tal Moran and Ilan Orlov. 2019. Rational Proofs of Space-Time. Crypto (2019).Google Scholar
- Sebastian Muller, Franziska Brecht, Benjamin Fabian, Steffen Kunz, and Dominik Kunze. 2012. Distributed performance measurement and usability assessment of the tor anonymization network. In Future Internet, Vol. 4(2). 488--513.Google ScholarCross Ref
- Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. (2008).Google Scholar
- Satoshi Nakamoto. 2010. https://bitcointalk.org/index.php?topic=1786.msg22119#msg22119.Google Scholar
- Chia Network. 2018. https://chia.network/.Google Scholar
- NIST. 2018. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800--90B.pdf.Google Scholar
- Sunoo Park, Krzysztof Pietrzak, Albert Kwon, Joël Alwen, Georg Fuchsbauer, and Peter Gazi. 2015. Spacemint: A Cryptocurrency Based on Proofs of Space. IACR Cryptology ePrint Archive, Vol. 2015 (2015), 528. http://eprint.iacr.org/2015/528Google Scholar
- Rafael Pass, Lior Seeman, and abhi shelat. 2017a. Analysis of the Blockchain Protocol in Asynchronous Networks. In Eurocrypt.Google Scholar
- Rafael Pass, Elaine Shi, and Florian Tramer. 2017b. Formal Abstractions for Attested Execution Secure Processors. In Eurocrypt.Google Scholar
- Andrew Poelstra, Adam Back, Mark Friedenbach, Gregory Maxwell, and Pieter Wuille. 2017. Confidential Assets. In FC Bitcoin Workshop.Google Scholar
- Poon and Dryja. [n.d.]. https://lightning.network/lightning-network-paper.pdf.Google Scholar
- Portela, Barbosa, Scerri, Warinschi, Bahmani, Brasser, and Sadeghi. 2017. Secure Multiparty Computation from SGX. In FC.Google Scholar
- Portnoy and Eckersley. [n.d.]. https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it.Google Scholar
- profitgenerator. 2017. EtherDelta. https://steemit.com/ethereum/@profitgenerator/etherdelta-decentralized-token-exchange.Google Scholar
- Meni Rosenfeld. 2012. Colored Coins. https://bitcoil.co.il/files/Colored%20Coins.pdf and https://bitcoil.co.il/BitcoinX.pdf.Google Scholar
- Meni Rosenfeld. 2014. http://arxiv.org/abs/1402.2009.Google Scholar
- Tim Ruffing, Pedro Moreno-Sanchez, and Aniket Kate. 2017. P2P Mixing and Unlinkable Bitcoin Transactions. In NDSS 2017.Google ScholarCross Ref
- Fabian Schuh and Daniel Larimer. [n.d.]. BitShares. https://bravenewcoin.com/assets/Whitepapers/bitshares-financial-platform.pdf.Google Scholar
- Felix Schuster, Manuel Costa, Cédric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz, and Mark Russinovich. 2015. VC3. In IEEE S&P.Google Scholar
- ShapeShift. [n.d.]. https://shapeshift.io/.Google Scholar
- Spacemesh. [n.d.]. https://spacemesh.io/.Google Scholar
- Tony Spilotro. 2018. Only 4 Crypto Exchanges Have 100,000Google Scholar
- Active Users. https://www.newsbtc.com/2018/12/12/crypto-exchanges-active-users/.Google Scholar
- Raoul Strackx and Frank Piessens. 2016. Ariadne: A Minimal Approach to State Continuity. In 25th USENIX Security.Google Scholar
- Paul Sztorc. 2015. http://www.truthcoin.info/blog/bitusd/.Google Scholar
- Todd. [n.d.]. https://github.com/bitcoin/bips/blob/master/bip-0065.mediawiki.Google Scholar
- Florian Tramer, Fan Zhang, Huang Lin, Jean-Pierre Hubaux, Ari Juels, and Elaine Shi. 2017. Sealed-Glass Proofs. In Euro S&P.Google Scholar
- Muoi Tran, Loi Luu, Min Suk Kang, Iddo Bentov, and Prateek Saxena. 2018. Obscuro: A Secure and Anonymous Bitcoin Mixer using SGX. In ACSAC.Google Scholar
- Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-order Execution. In USENIX.Google Scholar
- Warren and Bandeali. [n.d.]. https://0xproject.com/pdfs/0x_white_paper.pdf.Google Scholar
- Pieter Wuille et al. [n.d.] a. https://bitcoincore.org/en/2017/03/23/schnorr-signature-aggregation/.Google Scholar
- Pieter Wuille, Gregory Maxwell, et al. [n.d.] b. https://github.com/bitcoin-core/secp256k1.Google Scholar
- Xu, Cui, and Peinado. 2015. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In IEEE S&P.Google Scholar
- Joseph Young. [n.d.]. https://www.newsbtc.com/2017/11/10/54991/.Google Scholar
- Joseph Young. 2016. https://cointelegraph.com/news/china-imposes-new-capital-controls-bitcoin-price-optimistic.Google Scholar
- Alexei Zamyatin, Dominik Harz, Joshua Lind, Panayiotis Panayiotou, Arthur Gervais, and William J. Knottenbelt. [n.d.]. XCLAIM: Trustless, Interoperable Cryptocurrency-Backed Assets. https://eprint.iacr.org/2018/643.Google Scholar
- Fan Zhang, Ethan Cecchetti, Kyle Croman, Ari Juels, and Elaine Shi. 2016. Town Crier: An Authenticated Data Feed for Smart Contracts. In CCS.Google ScholarDigital Library
- Fengwei Zhang and Hongwei Zhang. 2016. SoK: A Study of Using Hardware-assisted Isolated Execution Environments for Security (HASP).Google Scholar
- ZIP143. [n.d.]. https://github.com/zcash/zips/blob/master/zip-0143.rst.Google Scholar
Index Terms
- Tesseract: Real-Time Cryptocurrency Exchange Using Trusted Hardware
Recommendations
Town Crier: An Authenticated Data Feed for Smart Contracts
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecuritySmart contracts are programs that execute autonomously on blockchains. Their key envisioned uses (e.g. financial instruments) require them to consume data from outside the blockchain (e.g. stock quotes). Trustworthy data feeds that support a broad range ...
Determinants of Cryptocurrency Exchange Adoption: A Conceptual Model
Cryptocurrencies have become a global phenomenon, and the number of registered users of cryptocurrency exchange platforms has grown worldwide. However, only a small number of the registered users are active users that engage in actual transactions. In ...
Adapting Tesseract for Complex Scripts: An Example for Urdu Nastalique
SBES '13: Proceedings of the 2013 27th Brazilian Symposium on Software EngineeringTesseract engine supports multilingual text recognition. However, the recognition of cursive scripts using Tesseract is a challenging task. In this paper, Tesseract engine is analyzed and modified for the recognition of Nastalique writing style for Urdu ...
Comments