Spring 2021

(Assigned) Columbus IV – Implementation of an intuitive and insightful blockchain explorer (cont.)

1–2 semester students

Abstract

Using a blockchain often comes with a claim that everything is suddenly transparent and verifiable forever. While this statement remains true, it is in practice rare for users to verify the content of a blockchain and assert that a claimed statement is true. It is also hard to see how the intrinseque mechanism of the blockchain works, ie. what is the content of each cryptographically linked block and how they participate in evolving the state of the blockchain. We think that part of this problem can be solved by offering an adequate tool, which comes as a “blockchain explorer”.

This project started 1 year ago and your mission will be to take over its development by adding new core functionalities to it. The blockchain explorer, once matured enough, will be of great help for some of our ongoing projects that use the DEDIS blockchain.

We are looking for students with high interest for front-end development, a creative and self-motivated mind, and interest in conducting user experience (UX) studies.

Contact: Noémien Kocher

(Assigned) E-voting on DELA

1–2 semester project students (bachelor/master)

Abstract

E-Voting is a very interesting, actual, fancy, and useful use case to demonstrate the utility of a distributed ledger technology. The DEDIS lab has already shown in the past a successful application of E-Voting on its own blockchain with the EPFL elections. The aim of this project is to implement a new E-Voting system based in Dela, the latest blockchain-based distributed ledger from the DEDIS lab.
This project can be suited to multiple students, as it requires back- and front-end development.

Contact: Noémien Kocher

(Assigned) Constant-Time Big Numbers for Crypto

2–5 semester project students (bachelor/master) SC-IN

Abstract

Cryptography depends on large integer (“bignum”) arithmetic pervasively, but the standard bignum libraries for most languages cannot guarantee constant-time operation, rendering cryptographic uses of these libraries potentially vulnerable to timing attacks. This project will develop a clean cross-language API for constant-time big-number arithmetic for crypto, together with prototype libraries implementing that API. The target implementation languages will likely be some subset of Go, Rust, Java, Scala, and/or Swift. Implementations are likely to reuse but adapt existing non-constant-time big-number libraries already available for the expected languages, not to build new libraries from scratch..

Contact: Pierluca Borsò

Supervisor: Bryan Ford

(Assigned) Smart contracts on WASM: implement a new execution environment for Dela

1 semester project student (bachelor/master) SC-IN

Abstract

A smart contract is a program that lives on a blockchain. As any program, it needs an execution environment to be run. A natural solution is to use the native environment available from the smart contract, which requires the smart contract to be pre-compiled for that environment. Another solution is to run the smart contract within a virtual machine, which offers more flexibility because it removes the need for smart contracts to be pre-compiled for a specific environment. This is what Euthereum uses, by providing their own Ethereum Virtual Machine (EVM).

The aim of this project is to implement a new smart contract execution environment that uses the WebAssembly virtual machine. This environment will be implemented in Dela, the latest blockchain-based distributed ledger from the DEDIS lab.

A particular aspect that a smart contract environment must fulfill is determinism. Indeed, in a distributed ledger, a group of nodes must use consensus to agree on each smart contract’s exact correct output for a given input. As such, once the new environment is implemented, a study on the determinism properties of this environment must be conducted. If the time allows, a series of measures will be proposed to guarantee it.

Contact: Noémien Kocher

(Assigned) Anonymous Proof-of-Presence Groups for Messaging and Voting

1–2 semester project students (bachelor/master/master thesis) SC-IN

Abstract

Popular communication tools today use either require semi-strong but privacy-invasive identities such as phone numbers to achieve some level of accountability and Sybil attack protection (e.g., WhatsApp or Signal), while other tools use weak identities such as E-mail addresses or pseudonymous public keys (e.g., Bitcoin) but lose any fair, “person-centric” form of accountability or Sybil attack protection. The DEDIS lab is developing a new, human-centric “proof-of-personhood“ (PoP) solution to this problem leveraging physical presence at real-world events to provide privacy-preserving but accountable, Sybil-protected identities.

This project will build upon and extend a prototype built in a previous student project to provide a usable proof-of-presence group communication app for mobile devices. The app will enable anyone to organize an in-person event, and take a secure “roll-call” at that event to connect with attendees and give each a one-per-person digital membership token. With these tokens, attendees can text message each other privately within the ad-hoc group without needing any strong identities (phone numbers etc), but with the ability to block abusive or spamming members reliably to ensure accountability. In addition, attendees can call votes within the group, and obtain the assurance that only real people who were actually at the event will be able to vote, and that each real person will have exactly one vote.

Contact: Pierluca Borsò

Supervisor: Bryan Ford

(Assigned) Security Analysis of Proof-of-Personhood algorithms

1 Master in Cybersecurity student

Abstract

Often on the internet there is a trade-off between anonymity and accountability. For privacy and security reasons, a lot of users want to stay anonymous. But this contradicts the need of services to hold their users accountable. Proof-of-Personhood is one solution to this problem: if we can create one token for one person, then we can use that token to prove to the service that we are a human being.

Several Proof-of-Personhood algorithms have been proposed to achieve such an objective, but they may fall short of their claims. If successful, this project will identify weaknesses in published algorithms, demonstrate their shortcomings, suggest improvements and/or contribute fixes. This work can also result in a publication.

Contact: Louis-Henri Merino