[toc] ###### tags: `Reading sessions` # 2024 https://fc24.ifca.ai/program.html ## [Scan, Shuffle, Rescan: Two-Prover Election Audits With Untrusted Scanners](https://fc24.ifca.ai/preproceedings/188.pdf) * [LH] The paper proposes a new paradigm and protocols for risk-limiting audits where the margin of victory for the election is small. The paradigm is called "rescan audit" and is based on the idea of a "multi-prover proof". Two scanners separately scan a random sample of ballots and the scans are checked for consistency. This is combined with a smaller manual check to provide assurance on the election result. To prevent collusion between the scanners, the ballot list is shuffled. * The protocols are empirically evaluated against the conventional ballot polling audit and ballot comparison audit. For margins less than $1\%$, the rescan audits perform better in time and monetary cost, whereas the ballot comparison audit performs better for margins greater than $1\%$. * The security proof assumes that all ballots for one candidate are indistinguishable from one another, which is difficult to enforce in some settings. Additionally, the paper only covers plurality voting and not other voting methods, e.g., ranked-choice. ## [SAVER: SNARK-compatible Verifiable Encryption](https://fc24.ifca.ai/preproceedings/61.pdf) * [MD] In applications involving zero-knowledge succinct non-interactive arguments of knowledge (zk-SNARK), there is often a need to combine the proof system with encryption. For example, a user might want to encrypt their identity while proving that it satisfies a given authorized function (e.g., credit checks). A naive solution would be to extend the zk-SNARK circuit to include the encryption code. In other words, the entire encryption process becomes part of the SNARK circuit. However, this approach has practical limitations: * Circuit Size: Including complex cryptographic operations (like encryption) in the SNARK circuit increases its size significantly. * Proving Time: Larger circuits lead to impractically long proving times. * Common Reference String (CRS) Size: The CRS (used in zk-SNARKs) also becomes unwieldy due to the added encryption components * [MD] SAVER detaches encryption from the SNARK circuit. Instead of including encryption operations directly in the circuit, SAVER allows the encryptor to prove predefined properties while encrypting the message separately from the SNARK. It is also Additively-Homomorphic. SAVER allows anyone to verify arbitrary properties of encrypted messages by connecting them with the SNARK system. Even without the secret key, one can verify that the decrypted message corresponds to the given ciphertext.Both the proof and the ciphertext can be independently rerandomized, preventing the encryptor (or prover) from identifying their origin. * [MD] Representative Application: SAVER can be used in scenarios like voting systems. For instance, the Vote-SAVER ensures receipt-freeness, individual verifiability, vote verifiability, tally uniqueness, and voter anonymity ## [The Costs of Swapping on Decentralized Exchanges](https://fc24.ifca.ai/preproceedings/206.pdf) * ## [The Power of Default: Measuring the Effect of Slippage Tolerance in Decentralized Exchanges](https://fc24.ifca.ai/preproceedings/155.pdf) ## [ZeroSwap: Data-driven Optimal Market Making in Decentralized Finance](https://fc24.ifca.ai/preproceedings/40.pdf) ## [Blockchain Price vs. Quantity Controls](https://fc24.ifca.ai/preproceedings/139.pdf) * By Abdoulaye Ndiaye (NYU) [Economist] * [MN] Address demand fluctuations in blockchain in a transaction fee mechanism. * [MN] Models the blockchain designer’s choice between price control (eg. base fee) and quantity control (block size limit). * [MN] Analytical expression for the relative advantage of price controls over quantity controls under demand uncertainty and uncertain marginal costs. * [MN] Study optimal mechanisms that are resistant to complete value extraction by validators. # 2023 <https://fc23.ifca.ai/program.html> ## [Short Paper: DeFi Deception – Uncovering the prevalence of rugpulls in cryptocurrency projects](https://fc23.ifca.ai/preproceedings/76.pdf) * By Sharad Agarwal, Gilberto Atondo-Siu, Marilyne Ordekian, Alice Hutchings, Enrico Mariconti, and Marie Vasek. * The paper gives an empirical analysis of rugpulls in DeFi based on data gathered from forums. * **Exit scams**: project developers abandon the project and run away with investors' funds. * **Rugpulls** are exit scams in DeFi. ###### tags: `` `` ## [Byzantine Generals in the Permissionless Setting](https://fc23.ifca.ai/preproceedings/49.pdf) * By Andrew Lewis-Pye and Tim Roughgarden * Describe a formal framework for the analysis of both permissioned and permissionless systems * first capable of modelling all significant features of PoW and PoS protocols simultaneously, as well as other approaches like proof-of-space * Prove general impossibility results for permissionless protocols. * Facilitates the application of a rich history of proofs and techniques for permissioned systems to problems in blockchain and the study of permissionless systems. * establish a framework capable of dealing with permissionless protocols, but which is as similar as possible to the standard frameworks in distributed computing for dealing with permissioned protocols. * produce a framework which is as accessible as possible for researchers in blockchain without a strong background in security # 2020 <https://fc20.ifca.ai/program.html> ## [Decentralized Privacy-Preserving Netting Protocol on Blockchain for Payment Systems](https://link.springer.com/chapter/10.1007/978-3-030-51280-4_9) * By Shengjiao Cao, Yuan Yuan, Angelo De Caro, Karthik Nandakumar, Kaoutar Elkhiyaoui & Yanyan Hu * [MN] Proposes a decentralized netting protocol decentralized netting protocol that does not require any central party but still guarantees correctness and fairness * [MN] An enhanced privacy-preserving extension that protects the confidentiality of the payment amounts using homomorphic Pedersen commitments and zero-knowledge proofs * [BB] Short rview by BB ###### tags: `` ``