enter hydra
play

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari - PowerPoint PPT Presentation

Sep 22, 2022 •656 likes •960 views

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] . Lorenz Breidenbach ETH Zurich, Cornell [Tech] . Florian Tramer . Stanford . Smart Contract Security - The Prongs Formal Verification (+Specification)

  1. Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] . Lorenz Breidenbach ETH Zurich, Cornell [Tech] . Florian Tramer . Stanford .

  2. Smart Contract Security - The Prongs Formal Verification (+Specification) what are we building and how can we check it? Escape Hatches how can we react to the unforeseen? Bug Bounties how can we address perverse incentives?

  3. Why bug bounties?

  4. Why bug bounties? The rational attacker’s game

  5. Why bug bounties? The Exploit!! rational attacker’s game Attack Disclose $A $0

  6. Why bug bounties? The Exploit!! rational attacker’s game Attack if $A > $0 Attack Disclose Always attack $A $0

  7. “Good enough” isn’t good enough The Exploit!! rational attacker’s game Attack Disclose $A $??

  8. “Good enough” isn’t good enough The Exploit!! rational attacker’s Attack if $A > $?? game Attack Disclose $A $??

  9. Towards a better game The Exploit!! rational attacker’s game Attack Disclose $A $B

  10. Towards a better game The Exploit!! rational attacker’s Attack if $A > $B game Attack Disclose Classic bounty $A $B

  11. The ideal game The Exploit!! rational attacker’s game Attack Disclose Hydra bounty Known payout $A -$C $B

  12. The ideal game The Exploit!! rational attacker’s Attack if $A-$C > $B game Attack Disclose Hydra bounty Known payout Gap to exploit $A -$C $B

  13. The ideal game The Exploit!! rational attacker’s Attack if $A-$C > $B game Attack Disclose Hydra bounty So, raise $C … . Known payout $A -$C $B

  14. … mind the gap! We call this Exploit!! barrier ($C) an “exploit gap” Attack Disclose $A -$C $B

  15. Design Goals - The Perfect Bounty ● Attack or disclose, not both (atomic) ● Predetermined payout (verifiable) ● Trustless payout (censorship resistant + verifiable)

  16. Exploit Gap through Hydra Contracts Chen & Avizienis, ‘78

  17. … Houston we have a gap (only one contract has bug) [assuming independence, composability of exploits, and many others] [in the event of any disagreement, fault manager invoked]

  18. … Houston we have a gap (contracts have different bugs) [assuming independence, composability of exploits, and many others] [in the event of any disagreement, fault manager invoked]

  19. … Houston we have no gap! Hydra fails! (all contracts have same bug, empirically rare?)

  20. … let’s bring back the 80’s!

  21. N-Version Programming Criticism ● Analysis assumes full independence of faults (correlations are annoying!) ● Knight-Leveson (‘86): « We reject the null hypothesis of full independence at a p-level of 5% » ● Eckhardt et al. (’91): « We tried it at NASA and it wasn’t cost effective » Worst-case: 3 versions = 4x fewer errors

  22. Cost, Availability & Reliability ● «Classical» N-Version Programming: Availability >> Reliability - Majority Voting : Always available, but may fail often ● Smart contracts: do we really car if it’s down for a while? - N-out-of-N agreement: better no answer than the wrong one - Empirically, there seem to be few « harmless » bugs ● Numbers from Eckhardt et al. look much better: - For 3 versions, 30 − 5087 times fewer failures (but some loss in availability … )

  23. In practice as well as theory - preventable bugs https://blog.ethereum.org/2016/06/19/thinking-smart-contract-security/ The DAO (obviously) [language] The “payout index without the underscore” ponzi (“FirePonzi”) [scam] The casino with a public RNG seed [spec] Governmental (1100 ETH stuck because payout exceeds gas limit) [programmer] 5800 ETH swiped (by whitehats) from an ETH-backed ERC20 token [language] The King of the Ether game [language] Rubixi : Fees stolen because the constructor function had an incorrect name [prg] Rock paper scissors trivially cheatable because the first to move shows their hand [spec] Various instances of funds lost because a recipient contained a fallback function that consumed more than 2300 gas, causing sends to them to fail. [spec/pltfrm] Various instances of call stack limit exceptions. [programmer]

  24. In practice as well as theory - preventable bugs https://blog.ethereum.org/2016/06/19/thinking-smart-contract-security/ The DAO (obviously) [language] The “payout index without the underscore” ponzi (“FirePonzi”) [scam] The casino with a public RNG seed [spec] Governmental (1100 ETH stuck because payout exceeds gas limit) [programmer] 6-8/10 ain’t bad 5800 ETH swiped (by whitehats) from an ETH-backed ERC20 token [language] The King of the Ether game [language] Rubixi : Fees stolen because the constructor function had an incorrect name [prg] (the rest are specification bugs or intentional backdoors) . Rock paper scissors trivially cheatable because the first to move shows their hand [spec] Various instances of funds lost because a recipient contained a fallback function that consumed more than 2300 gas, causing sends to them to fail. [spec/pltfrm] Various instances of call stack limit exceptions. [programmer]

  25. … so, the project ● Creation of trustless, decentralized bug bounty ● Increased security for mainnet contracts ○ Economic security through bounty program ○ Deployment with Hydra for exploit gap ● First rigorous, trustless incentive scheme for preventing smart contract attacks ● First decentralized incentives for defenders

  26. Main Challenges for on-chain deployment ● Coordinating multiple smart contracts: - The coordinator should (hopefully) be bug free - Maintain consistent blockchain state - How to recover from a discovered bug => escape hatches ● Frontrunning (as always … ) - Attacker can break the exploit gap by witholding bugs - Search for full exploit until someone tries to claim a bounty - Solution: Submarine sends! http://hackingdistributed.com/2017/08/28/submarine-sends/

  27. Bug Withholding and Commit-Reveal Sol 1: To claim bounty at time T, must commit to bug at time T- 1 Problem: Attacker commits in every round and only reveals if someone else does Sol 2: To commit, you must pay $$ (in a verifiable way) Problem: Attacker commits if someone else also commits Sol 3: Hide commitments (e.g., proof of burn to random address) Problem: Wasteful

  28. Submarine Sends (post-metropolis version) Goals: (1) only allow committed users to send a transaction to C (2) being eternally committed is expensive (3) attacker can’t know if someone has committed (4) money isn’t wasted addr: { addr: { BAL: $$ BAL: $$ CODE: code CODE: ø send $$ to C Submarine sends: } } Phase 1: compute addr = H(C || nonce || code) and send $$ to addr Phase 2: reveal addr to C . C verifies that addr got $$ in Phase 1 C creates a contract with the specified nonce and code C collects $$ and allows transaction

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Enter the Hydra: T oward Principled Bug Bounties and Exploit-Resistant Smart Contracts Summer

Enter the Hydra: T oward Principled Bug Bounties and Exploit-Resistant Smart Contracts Summer

Ari Juels Phil Daian, Florian Tramer Cornell Tech, Jacobs, IC3 Stanford Lorenz Breidenbach Cornell Tech, ETH, IC3 Enter the Hydra: T oward Principled Bug Bounties and Exploit-Resistant Smart Contracts Summer School on Real-World Crypto

1.16k views • 72 slides
Enter the Hydra: T oward Principled Bug Bounties and Exploit-Resistant Smart Contracts EPFL

Enter the Hydra: T oward Principled Bug Bounties and Exploit-Resistant Smart Contracts EPFL

Ari Juels Phil Daian, Florian Tramer Cornell Tech, Jacobs, IC3 Stanford Lorenz Breidenbach Cornell Tech, ETH, IC3 Enter the Hydra: T oward Principled Bug Bounties and Exploit-Resistant Smart Contracts EPFL SuRI 18 June 2018 Whats

1.07k views • 71 slides
Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] .

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] .

Enter Hydra towards (more) secure smart contracts Philip Daian, Ari Juels Cornell [Tech] . Lorenz Breidenbach ETH Zurich, Cornell [Tech] . Florian Tramer . Stanford . Bug bounties Problems with Bug bounties Unaligned incentives (exploit $$$

582 views • 31 slides
Introducing the Hydra Software Hydra is professional Internet management software that manages

Introducing the Hydra Software Hydra is professional Internet management software that manages

Introducing the Hydra Software Hydra is professional Internet management software that manages users based on the radius protocol as well as provides a variety of reports for connecting users to the network . In a general definition, Hydra can

234 views • 11 slides
Hydra: : a Python Framework a Python Framework Hydra for Parallel Computing for Parallel

Hydra: : a Python Framework a Python Framework Hydra for Parallel Computing for Parallel

Hydra: : a Python Framework a Python Framework Hydra for Parallel Computing for Parallel Computing Waide Tristram Karen Bradshaw 3 rd November 2009 Hydra in hour hour Hydra in An Opportunity Why Python and CSP? Aim

491 views • 22 slides
Migrating from Fedora 3 to 4 Now With More Hydra Goals for the Session Understand the basic

Migrating from Fedora 3 to 4 Now With More Hydra Goals for the Session Understand the basic

Migrating from Fedora 3 to 4 Now With More Hydra Goals for the Session Understand the basic conceptual models underlying Fedora 3/CMA, Fedora 4, and PCDM Work through a rudimentary migration exercise with Hydra/Fedora-Migrate Explore

906 views • 63 slides
Members: Jason Johnson Ryan Johnson John Locklear Specialized

Members: Jason Johnson Ryan Johnson John Locklear Specialized

Members: Jason Johnson Ryan Johnson John Locklear Specialized in hydraulic equipment for Skid Steers and Tractors. Product Line: Hydra- Clip (16 Treeshear) Hydra- Snip (12 Treeshear) Hydra- Rake

423 views • 39 slides
Hydra An Open Source Wireless Testbed Hyrum K. Wright, Robert D. Grant Wireless Communication

Hydra An Open Source Wireless Testbed Hyrum K. Wright, Robert D. Grant Wireless Communication

Wireless Networking Research Hydra Demonstration Hydra An Open Source Wireless Testbed Hyrum K. Wright, Robert D. Grant Wireless Communication and Networking Group Department of Electrical and Computer Engineering The University of Texas at

551 views • 27 slides
Welcome to the Public Hearing for the improvement of US 30 from IL 47 to IL 31. [Enter] 1 The

Welcome to the Public Hearing for the improvement of US 30 from IL 47 to IL 31. [Enter] 1 The

Welcome to the Public Hearing for the improvement of US 30 from IL 47 to IL 31. [Enter] 1 The main goal of todays public hearing is to [enter] Provide a brief overview of the study [enter] Present the Preferred Alternative [enter] Answer

719 views • 24 slides
Hydra-Models A way to assess the influence of climate change and river programs on future dike

Hydra-Models A way to assess the influence of climate change and river programs on future dike

Hydra-Models A way to assess the influence of climate change and river programs on future dike heights and the probability of dike failure. Robert Slomp 18 april 2005 Robert Slomp 2 18 april 2005 Contents Hydra-models Flood defense

295 views • 17 slides
Godzilla, Hydra, and Tribbles Evolving a late 90's Java App to Cloud-based

Godzilla, Hydra, and Tribbles Evolving a late 90's Java App to Cloud-based

Godzilla, Hydra, and Tribbles Evolving a late 90's Java App to Cloud-based Microservices Josh Graham Atlassian SaaS Architect @delitescere Meta Understand the code Why the code exists You can't just walk into

922 views • 36 slides
Siddhi Slides Private Limited https://www.indiamart.com/parmar-marketing/ Tech-Hydra is the

Siddhi Slides Private Limited https://www.indiamart.com/parmar-marketing/ Tech-Hydra is the

+91-8048029753 Siddhi Slides Private Limited https://www.indiamart.com/parmar-marketing/ Tech-Hydra is the single source company reliable for Quality rubber products. We are specialized in Hydraulic High pressure Hoses & Retreading of

230 views • 8 slides
1.0 Introduction The HYDRA (High-Yield Dihydrogen-monoxide Retrieval Assembly) system was designed

1.0 Introduction The HYDRA (High-Yield Dihydrogen-monoxide Retrieval Assembly) system was designed

1.0 Introduction The HYDRA (High-Yield Dihydrogen-monoxide Retrieval Assembly) system was designed with the objective of maximizing the rate of filtered water production from a source of subsurface ice on Mars. In the decision making process, the

415 views • 28 slides
Hydra A library for data analysis in massively parallel platforms A. Augusto Alves Jr and Michael

Hydra A library for data analysis in massively parallel platforms A. Augusto Alves Jr and Michael

Hydra A library for data analysis in massively parallel platforms A. Augusto Alves Jr and Michael D. Sokoloff University of Cincinnati aalvesju@cern.ch Presented at NVIDIAs GPU Technology Conference, May 8-11, 2017 - Silicon Valley, US A.

810 views • 23 slides
Linking Hydra with other systems Neil Stewart, Digital Library Manager, London School of

Linking Hydra with other systems Neil Stewart, Digital Library Manager, London School of

Linking Hydra with other systems Neil Stewart, Digital Library Manager, London School of Economics and Political Science Presentation for RDMF12, University of Leicester, 19 November 2014 All content, unless otherwise stated, available

294 views • 13 slides
Managing the Hydra: Successfully Running Multiple Projects in a Videogame Studio Dr. Greg Zeschuk

Managing the Hydra: Successfully Running Multiple Projects in a Videogame Studio Dr. Greg Zeschuk

Managing the Hydra: Successfully Running Multiple Projects in a Videogame Studio Dr. Greg Zeschuk and Dr. Ray Muzyka Joint CEOs and Co-Executive Producers, BioWare Corp. This talk examines some of the different options available in forming a

73 views • 6 slides
Tcl Bounties November 16, 2016 Tcl Bounties FlightAware is offering a number of bounties for

Tcl Bounties November 16, 2016 Tcl Bounties FlightAware is offering a number of bounties for

Tcl Bounties November 16, 2016 Tcl Bounties FlightAware is offering a number of bounties for various enhancements, fixes, etc, for Tcl and/or Tcl extensions Donal referred to this as a series of Grand Challenges. Recognizing a golden

394 views • 27 slides
1 For the love of money is a root of all kinds of evils. It is through this craving that some

1 For the love of money is a root of all kinds of evils. It is through this craving that some

COUNTING IT ALL GARBAGE Part 5: Spending - 05.16.10 PLAY Count It All Play: Count It All Garbage Video Clip [2:00] Garbage {2:00] Intro: We re now into part 5 of this sermon series. Garbage is anything that comes between us and

659 views • 4 slides
Ramping up Security at an open-source startup Lukas Reschke whois lukas@cloud.wtf owncloud.org

Ramping up Security at an open-source startup Lukas Reschke whois lukas@cloud.wtf owncloud.org

Ramping up Security at an open-source startup Lukas Reschke whois lukas@cloud.wtf owncloud.org 2 whois lukas@owncloud.com 1/31/16 3 Not much other hobbies Fixed a lot of stuff Employed since 2014 Contributor since 2012 1/31/16 4 The

606 views • 56 slides
Contracting Tensor Network on a Noisy Quantum Computer Isaac H. Kim Stanford Institute for

Contracting Tensor Network on a Noisy Quantum Computer Isaac H. Kim Stanford Institute for

Contracting Tensor Network on a Noisy Quantum Computer Isaac H. Kim Stanford Institute for Theoretical Physics September 13th, 2018 arXiv:1703.02093, arXiv:1703.00032, arXiv:1711.07500(w. Brian Swingle(UMD)) + some unpublished tidbits Before

644 views • 33 slides
Running a Bug Bounty Program What you need to know Shpend TU - Master in Software Engineering

Running a Bug Bounty Program What you need to know Shpend TU - Master in Software Engineering

Running a Bug Bounty Program What you need to know Shpend TU - Master in Software Engineering Senior AppSec Engineer & Team Lead @ Bugcrowd Bug bounty Hunter Video Games Bsides Vienna 2016 Agenda What & Why

365 views • 34 slides
Part 3 Customer Relationship Management (CRM) Resource Person MATHISHA HEWAVITHARANA MBA

Part 3 Customer Relationship Management (CRM) Resource Person MATHISHA HEWAVITHARANA MBA

Part 3 Customer Relationship Management (CRM) Resource Person MATHISHA HEWAVITHARANA MBA (Col),BBA Sp.Mktng (Col), PPG DIP. In Mktng (UK), MCIM (UK), Chartered Marketer (UK), Practicing Marketer (SL), ACMA, CGMA CIMA (UK), DBF (IBSL),

512 views • 30 slides
Kotler Keller Marketing Management 14e Creating Long-term Loyalty Relationships

Kotler Keller Marketing Management 14e Creating Long-term Loyalty Relationships

Phillip Kevin Lane Kotler Keller Marketing Management 14e Creating Long-term Loyalty Relationships Discussion Questions 1. What are customer value, satisfaction, and loyalty, and how can companies deliver them? 2. What is the lifetime

2.16k views • 43 slides
Chapter 1 Overview of marketing Core aspects of Marketing Marketing is about creating value for

Chapter 1 Overview of marketing Core aspects of Marketing Marketing is about creating value for

Chapter 1 Overview of marketing Core aspects of Marketing Marketing is about creating value for consumers Is about Affects satisfying many consumer needs entities Marketing Performed both by Entails an individuals and exchange

456 views • 23 slides

More recommend