迈向区块链中安全的去中心化应用与共识协议（关于自私挖矿、削价攻击、基于有向无环图的区块链、电子投票、加密货币钱包、安全日志与央行数字货币） (Towards Secure Decentralized Applications and Consensus Protocols in Blockchains (on Selfish Mining, Undercutting Attacks, DAG-Based Blockchains, E-Voting, Cryptocurrency Wallets, Secure-Logging, and CBDC))

Towards Secure Decentralized Applications and Consensus Protocols in Blockchains (on Selfish Mining, Undercutting Attacks, DAG-Based Blockchains, E-Voting, Cryptocurrency Wallets, Secure-Logging, and CBDC)

翻译：迈向区块链中安全的去中心化应用与共识协议（关于自私挖矿、削价攻击、基于有向无环图的区块链、电子投票、加密货币钱包、安全日志与央行数字货币）

Ivan Homoliak

With the rise of cryptocurrencies, many new applications built on decentralized blockchains have emerged. Blockchains are full-stack distributed systems where multiple sub-systems interact. While many deployed blockchains and decentralized applications need better scalability and performance, security is also critical. Due to their complexity, assessing blockchain and DAPP security requires a more holistic view than for traditional distributed or centralized systems. In this thesis, we summarize our contributions to blockchain and decentralized application security. We propose a security reference architecture to support standardized vulnerability and threat analysis. We study consensus security in single-chain Proof-of-Work blockchains, including resistance to selfish mining, undercutting, and greedy transaction selection, as well as related issues in DAG-based systems. We contribute to wallet security with a new classification of authentication schemes and a two-factor method based on One-Time Passwords. We advance e-voting with a practical boardroom voting protocol, extend it to a scalable version for millions of participants while preserving security and privacy, and introduce a repetitive voting framework that enables vote changes between elections while avoiding peak-end effects. Finally, we improve secure logging using blockchains and trusted computing through a centralized ledger that guarantees non-equivocation, integrity, and censorship evidence, then build on it to propose an interoperability protocol for central bank digital currencies that ensures atomic transfers.

翻译：随着加密货币的兴起，许多基于去中心化区块链的新应用应运而生。区块链是全栈分布式系统，其中多个子系统相互作用。尽管许多已部署的区块链和去中心化应用需要更好的可扩展性和性能，但安全性同样至关重要。由于其复杂性，评估区块链和去中心化应用的安全性需要比传统分布式或中心化系统更全面的视角。在本论文中，我们总结了在区块链和去中心化应用安全方面的贡献。我们提出了一个安全参考架构，以支持标准化的漏洞与威胁分析。我们研究了单链工作量证明区块链中的共识安全性，包括对自私挖矿、削价攻击和贪婪交易选择的抵抗能力，以及基于有向无环图系统中的相关问题。我们在钱包安全方面贡献了新的认证方案分类和基于一次性密码的双因素认证方法。我们通过实用的会议室投票协议推进电子投票，将其扩展为适用于数百万参与者的可扩展版本，同时保持安全性和隐私性，并引入了一个重复投票框架，允许在选举间更改投票，同时避免峰终效应。最后，我们利用区块链和可信计算改进安全日志，通过一个中心化账本保证无歧义性、完整性和审查证据，并在此基础上提出一个确保原子转移的央行数字货币互操作性协议。