A Semantic Framework for the Security Analysis of Ethereum Smart Contracts

Application-Level Interoperability for Blockchain Networks

10.36227/techrxiv.13903010.v1 ◽

2021 ◽

Author(s):

Mohammad Madine ◽

Khaled Salah ◽

Raja Jayaraman ◽

Yousof Al-Hammadi ◽

Junaid Arshad ◽

...

Keyword(s):

Medical Record ◽

Security Analysis ◽

Data Provenance ◽

Smart Contracts ◽

Shared Data ◽

The Core ◽

Blockchain Technology ◽

Detailed Explanation ◽

Share Data ◽

Inter Communication

Blockchain technology has the potential to revolutionize industries by offering decentralized, transparent, data provenance, auditable, reliable, and trustworthy features. However, cross-chain interoperability is one of the crucial challenges preventing widespread adoption of blockchain applications. Cross-chain interoperability represents the ability for one blockchain network to interact and share data with another blockchain network. Contemporary cross-chain interoperability solutions are centralized and require re-engineering of the core blockchain stack to enable inter-communication and data sharing among heterogeneous blockchain networks. In this paper, we propose an application-based cross-chain interoperability solution that allows blockchain networks of any architecture type and industrial focus to inter-communicate, share data, and make requests. Our solution utilizes the decentralized applications as a distributed translation layer that is capable of communicating and understanding multiple blockchain networks, thereby delegating requests and parameters among them. The architecture uses incentivized verifier nodes that maintain the integrity of shared data facilitating them to be readable by the entities of their network. We define and describe the roles and requirements of major entities of inter-operating blockchain networks in the context of healthcare. We present a detailed explanation of the sequence of interactions needed to share an Electronic Medical Record (EMR) document from one blockchain network to another along with the required algorithms. We implement the proposed solution with Ethereum-based smart contracts for two hospitals and also present cost and security analysis for the cross-chain interoperability solution. We make our smart contracts code and testing scripts publicly available.

Download Full-text

Blockchain-based Solution for COVID-19 Digital Medical Passports and Immunity Certificates

10.36227/techrxiv.12800360.v2 ◽

2021 ◽

Author(s):

Haya R. Hasan ◽

Khaled Salah ◽

Raja Jayaraman ◽

Junaid Arshad ◽

Ibrar Yaqoob ◽

...

Keyword(s):

Security Analysis ◽

File Systems ◽

Smart Contracts ◽

Design Development ◽

False Information ◽

Effective Response ◽

Smart Contract ◽

Medical Facilities ◽

The World ◽

The Cost

COVID-19 has emerged as a highly contagious disease which has caused a devastating impact across the world with a very large number of infections and deaths. Timely and accurate testing is paramount to an effective response to this pandemic as it helps identify infections and therefore mitigate (isolate/cure) them. In this paper, we investigate this challenge and contribute by presenting a blockchain-based solution that incorporates self-sovereign identity, re-encryption proxies, and decentralized storage, such as the interplanetary file systems (IPFS). Our solution implements digital medical passports (DMP) and immunity certificates for COVID-19 test-takers. We present smart contracts based on the Ethereum blockchain written and tested successfully to maintain a digital medical identity for test-takers that help in a prompt trusted response directly by the relevant medical authorities. We reduce the response time of the medical facilities, alleviate the spread of false information by using immutable trusted blockchain, and curb the spread of the disease through DMP. We present a detailed description of the system design, development, and evaluation (cost and security analysis) for the proposed solution. Since our code leverages the use of the on-chain events, the cost of our design is almost negligible. We have made our smart contract codes publicly available on Github.

Download Full-text

A Generalized Formal Semantic Framework for Smart Contracts

Fundamental Approaches to Software Engineering - Lecture Notes in Computer Science ◽

10.1007/978-3-030-45234-6_4 ◽

2020 ◽

pp. 75-96 ◽

Cited By ~ 1

Author(s):

Jiao Jiao ◽

Shang-Wei Lin ◽

Jun Sun

Keyword(s):

Formal Semantic ◽

Smart Contracts ◽

Semantic Framework

Download Full-text

Application-Level Interoperability for Blockchain Networks

10.36227/techrxiv.13903010 ◽

2021 ◽

Author(s):

Mohammad Madine ◽

Khaled Salah ◽

Raja Jayaraman ◽

Yousof Al-Hammadi ◽

Junaid Arshad ◽

...

Keyword(s):

Medical Record ◽

Security Analysis ◽

Data Provenance ◽

Smart Contracts ◽

Shared Data ◽

The Core ◽

Blockchain Technology ◽

Detailed Explanation ◽

Share Data ◽

Inter Communication

Blockchain technology has the potential to revolutionize industries by offering decentralized, transparent, data provenance, auditable, reliable, and trustworthy features. However, cross-chain interoperability is one of the crucial challenges preventing widespread adoption of blockchain applications. Cross-chain interoperability represents the ability for one blockchain network to interact and share data with another blockchain network. Contemporary cross-chain interoperability solutions are centralized and require re-engineering of the core blockchain stack to enable inter-communication and data sharing among heterogeneous blockchain networks. In this paper, we propose an application-based cross-chain interoperability solution that allows blockchain networks of any architecture type and industrial focus to inter-communicate, share data, and make requests. Our solution utilizes the decentralized applications as a distributed translation layer that is capable of communicating and understanding multiple blockchain networks, thereby delegating requests and parameters among them. The architecture uses incentivized verifier nodes that maintain the integrity of shared data facilitating them to be readable by the entities of their network. We define and describe the roles and requirements of major entities of inter-operating blockchain networks in the context of healthcare. We present a detailed explanation of the sequence of interactions needed to share an Electronic Medical Record (EMR) document from one blockchain network to another along with the required algorithms. We implement the proposed solution with Ethereum-based smart contracts for two hospitals and also present cost and security analysis for the cross-chain interoperability solution. We make our smart contracts code and testing scripts publicly available.

Download Full-text

Blockchain-based Supply Chain Traceability for COVID-19 PPE

10.36227/techrxiv.13227623 ◽

2020 ◽

Author(s):

Ilhaam Omar ◽

Mazin Debe ◽

Raja Jayaraman ◽

Khaled Salah ◽

Mohammed Omar ◽

...

Keyword(s):

Supply Chain ◽

Emergency Preparedness ◽

Information Exchange ◽

Risk Mitigation ◽

Security Analysis ◽

Healthcare Sector ◽

Smart Contracts ◽

Frontline Workers ◽

Blockchain Technology ◽

Lack Of Information

<div>The COVID-19 pandemic has severely impacted many industries, in particular the healthcare sector exposing systemic vulnerabilities in emergency preparedness, risk mitigation, and supply chain management. A major challenge during the pandemic was related to the increased demand of Personal Protective Equipment (PPE) resulting in critical shortages for healthcare and frontline workers. The lack of information visibility combined with the inability to precisely track product movement within the supply chain requires an robust traceability solution. Blockchain technology is a distributed ledger that ensures a transparent,</div><div>safe, and secure exchange of data among supply chain stakeholders. The advantages of adopting blockchain technology to manage and track PPE products in the supply chain include decentralized control, security, traceability,</div><div>and auditable time-stamped transactions. In this paper, we present a blockchain-based approach using smart contracts to transform PPE supply chain operations. We propose a generic framework using Ethereum smart contracts and</div><div>decentralized storage systems to automate the processes and information exchange and present detailed algorithms that capture the interactions among supply chain stakeholders. The smart contract code was developed and tested in Remix environment, and the code is made publicly available on Github. We present detailed cost and security analysis incurred by the stakeholders in the supply chain. Adopting a blockchain-based solution for PPE supply chains is economically viable and provides a streamlined, secure, trusted, and transparent mode of communication among various stakeholders.</div>

Download Full-text

Machine Learning Model for Smart Contracts Security Analysis

2019 17th International Conference on Privacy, Security and Trust (PST) ◽

10.1109/pst47121.2019.8949045 ◽

2019 ◽

Author(s):

Pouyan Momeni ◽

Yu Wang ◽

Reza Samavi

Keyword(s):

Machine Learning ◽

Security Analysis ◽

Learning Model ◽

Smart Contracts ◽

Machine Learning Model

Download Full-text

Blockchain-based Solution for COVID-19 Digital Medical Passports and Immunity Certificates

10.36227/techrxiv.12800360 ◽

2020 ◽

Author(s):

Haya R. Hasan ◽

Khaled Salah ◽

Raja Jayaraman ◽

Junaid Arshad ◽

Ibrar Yaqoob ◽

...

Keyword(s):

Security Analysis ◽

File Systems ◽

Smart Contracts ◽

Design Development ◽

False Information ◽

Effective Response ◽

Smart Contract ◽

Medical Facilities ◽

The World ◽

The Cost

COVID-19 has emerged as a highly contagious disease which has caused a devastating impact across the world with a very large number of infections and deaths. Timely and accurate testing is paramount to an effective response to this pandemic as it helps identify infections and therefore mitigate (isolate/cure) them. In this paper, we investigate this challenge and contribute by presenting a blockchain-based solution that incorporates self-sovereign identity, re-encryption proxies, and decentralized storage, such as the interplanetary file systems (IPFS). Our solution implements digital medical passports (DMP) and immunity certificates for COVID-19 test-takers. We present smart contracts based on the Ethereum blockchain written and tested successfully to maintain a digital medical identity for test-takers that help in a prompt trusted response directly by the relevant medical authorities. We reduce the response time of the medical facilities, alleviate the spread of false information by using immutable trusted blockchain, and curb the spread of the disease through DMP. We present a detailed description of the system design, development, and evaluation (cost and security analysis) for the proposed solution. Since our code leverages the use of the on-chain events, the cost of our design is almost negligible. We have made our smart contract codes publicly available on Github.

Download Full-text

An Extensive Security Analysis on Ethereum Smart Contracts

10.1007/978-3-030-90019-9_8 ◽

2021 ◽

pp. 144-163

Author(s):

Mohammadreza Ashouri

Keyword(s):

Security Analysis ◽

Smart Contracts

Download Full-text

Validation of Architecture Effectiveness for the Continuous Monitoring of File Integrity Stored in the Cloud Using Blockchain and Smart Contracts

Sensors ◽

10.3390/s21134440 ◽

2021 ◽

Vol 21 (13) ◽

pp. 4440

Author(s):

Alexandre Pinheiro ◽

Edna Dias Canedo ◽

Robson de Oliveira Albuquerque ◽

Rafael Timóteo de Sousa Júnior

Keyword(s):

Defense Mechanism ◽

Security Analysis ◽

Smart Contracts ◽

Mechanism Analysis ◽

Electronic Documents ◽

Computational Trust ◽

Periodic Monitoring ◽

And Storage ◽

Cloud Storage Services ◽

Validation Experiments

The management practicality and economy offered by the various technological solutions based on cloud computing have attracted many organizations, which have chosen to migrate services to the cloud, despite the numerous challenges arising from this migration. Cloud storage services are emerging as a relevant solution to meet the legal requirements of maintaining custody of electronic documents for long periods. However, the possibility of losses and the consequent financial damage require the permanent monitoring of this information. In a previous work named “Monitoring File Integrity Using Blockchain and Smart Contracts”, the authors proposed an architecture based on blockchain, smart contract, and computational trust technologies that allows the periodic monitoring of the integrity of files stored in the cloud. However, the experiments carried out in the initial studies that validated the architecture included only small- and medium-sized files. As such, this paper presents a validation of the architecture to determine its effectiveness and efficiency when storing large files for long periods. The article provides an improved and detailed description of the proposed processes, followed by a security analysis of the architecture. The results of both the validation experiments and the implemented defense mechanism analysis confirm the security and the efficiency of the architecture in identifying corrupted files, regardless of file size and storage time.

Download Full-text

Blockchain for Giving Patients Control over their Medical Records

10.36227/techrxiv.12906518.v1 ◽

2020 ◽

Author(s):

Mohammad Madine ◽

Ammar Battah ◽

Ibrar Yaqoob ◽

Khaled Salah ◽

Raja Jayaraman ◽

...

Keyword(s):

Performance Metrics ◽

Single Point ◽

Security Analysis ◽

File Systems ◽

Medical Data ◽

Personal Health ◽

Smart Contracts ◽

Health Records ◽

Information Giving ◽

Smart Contract

Personal health records (PHRs) are valuable assets to individuals because they enable them to integrate and manage their medical data. A PHR is an electronic application through which patients can manage their health information. Giving patients control over their medical data offers an advantageous realignment of the doctor-patient dynamic. However, today's PHR management systems fall short of giving reliable, traceable, trustful, and secure patients control over their medical data, which poses serious threats to their authenticity and accuracy. Moreover, most of the current approaches and systems leveraged for managing PHR are centralized that not only make medical data sharing difficult but also poses a risk of single point of failure problem. In this paper, we propose Ethereum blockchain-based smart contracts to give patients control over their data in a manner that is decentralized, immutable, transparent, traceable, trustful, and secure. The proposed system employs decentralized storage of interplanetary file systems (IPFS), proxy re-encryption, and trusted reputation-based oracles to securely fetch, store, and share patients' medical data. We present algorithms along with their full implementation details. We evaluate the proposed smart contracts using two important performance metrics, such as cost and correctness. Furthermore, we provide security analysis and discuss the generalization aspects of our solution. We outline the limitations of the proposed approach. We make the smart contract source code publicly available on Github.

Download Full-text