Confidential Transactions Research Articles

ÜSTÜN MƏXFİLİYİN QORUNMASI TEXNİKALARI İLƏ AĞILLI MÜQAVİLƏLƏRDƏ MƏLUMAT MƏXFİLİYİNİN TƏKMİLLƏŞDİRİLMƏSİ

This research paper delves into the imperative domain of bolstering data confidentiality within smart contracts through the integration of advanced privacy-preserving methodologies. Smart contracts, pivotal components of blockchain technology, execute self-executing contracts with predefined conditions and are increasingly utilized across various sectors, necessitating stringent data protection measures. The paper addresses the pressing need for fortified data privacy within smart contracts and investigates cutting-edge approaches to mitigate privacy challenges. Two focal techniques under scrutiny are zero-knowledge proofs (SBÇs) and homomorphic encryption. SBÇs facilitate the validation of computations without revealing sensitive data, enabling parties to verify transaction authenticity without disclosing the underlying information. Meanwhile, homomorphic encryption permits computations on encrypted data, preserving confidentiality by allowing operations on encrypted information without the need for decryption. By analyzing these advanced privacy-preserving techniques, this study aims to address the vulnerabilities in data confidentiality present in smart contracts. Its findings hold significant promise in fortifying the security and confidentiality of transactions, thus contributing substantially to the evolution of secure blockchain technology. This research underscores the pivotal role of innovative privacy-enhancing mechanisms in safeguarding sensitive data within smart contracts, ensuring the trust and integrity essential for their widespread adoption.

ВИЯВЛЕННЯ ШАХРАЙСТВА З КРЕДИТНИМИ КАРТКАМИ МЕТОДАМИ МАШИННОГО НАВЧАННЯ

In the work, a study of large volumes of transactions was conducted. The problem of fraud detection is unique because it is necessary to take into account: data imbalance (ie, fraudulent transactions are usually less than 1% compared to normal ones); fraud scenarios change over time and need to be detected quickly; transactions usually contain numerous categorical characteristics; as a result of the confidentiality of transactions, there are no publicly available datasets. All this creates problems with the development of classification methods and with the selection of performance evaluation metrics. Threshold indicators for evaluating the effectiveness of classifiers were studied and the expediency of using thresholdless metrics was substantiated. There is currently no consensus on which set of performance indicators should be used. The primary analysis of research data was carried out and two techniques for eliminating class imbalance were applied: random undersampling, SMOTE technique. Removal of outliers was shown to improve the accuracy of the classification methods by more than 3%. A number of classifiers were built to determine fraudulent operations, statistical processing of the obtained results was carried out, which allowed to assess the adequacy of the built classifiers, to determine their optimal parameters, at which the classifiers work with maximum efficiency. It should be noted that all classifiers were tested on real data. Determined: The logistic regression classifier performs best on both the training and cross-validation sets. The Precision-Recall indicator was used to assess the effectiveness of the logistic regression model. For undersampling and oversampling, fully connected neural networks with one hidden layer were constructed and their accuracy was compared. It should be noted that the neural network on the oversampled data set predicts fewer correct fraud transactions than the model using the undersampled data set.

Efficient and secure confidential transaction scheme based on commitment and aggregated zero-knowledge proofs

ABSTRACT As a distributed ledger technology, blockchain has broad applications in many areas such as finance, agriculture, and contract signing due to its advantages of being tamperproof and difficult to forge. However, the open nature of blockchain also introduces severe privacy issues, currently cryptocurrency privacy protection solutions under account-based models cannot balance the internal verification time and confidentiality of transactions. In order to improve the confidentiality and efficiency of transactions under the account-based model, this paper proposes an access control anonymous payment scheme based on homomorphic commitment and aggregated zero-knowledge proofs, focusing on the realization of a one-to-many anonymous transfer function, one-to-one transfer function, deposit function and withdraw function, to ensure the privacy of a transaction data while reducing verification time and Gas costs. We evaluated our approach on a proof-of-concept implementation by generating Solidity contracts and implemented some interesting contracts. The experimental results show that this scheme not only consumes lower gas, but also reduces the internal time during transaction generation. In addition, our solution has established a one to many transfer transaction scheme, and the proof verification time after aggregation is constant. Thus the efficiency of this scheme is particularly well suited for the digital finance scenarios.

An efficient quantum non-interactive zero knowledge proof for confidential transaction and quantum range proof

An efficient quantum non-interactive zero knowledge proof for confidential transaction and quantum range proof

ЕФЕКТИВНІСТЬ КРИПТОВАЛЮТ ЯК ЗАСОБУ МІЖНАРОДНИХ ПЛАТЕЖІВ: АНАЛІЗ ВАРТОСТІ, ШВИДКОСТІ ТА БЕЗПЕКИ ТРАНЗАКЦІЙ

This article focuses on the effectiveness of using cryptocurrencies as a means for international payments, with an emphasis on the analysis of cost, speed, and security of transactions. The aim of the study is to explore the potential of blockchain technologies to optimize international financial operations. This research considers the performance of cryptocurrencies in international payments, focusing on an analysis of cost, speed, and security of transactions, utilizing data from various sources and case studies. Blockchain technologiessuch as Ripple and Solana demonstrate high throughput, capable of processing up to 65,000 transactions per second (TPS).In comparison, traditional banking systems offer significantly lower processing speeds, withBitcoin handling around 7 TPS and Ethereum up to 15 TPS. The anticipated Ethereum 2.0 network upgrade projects an increase to 100,000 TPS, significantly enhancing their potential in international payments. Traditional banking transactions can incur fees of up to $50 USD, whereas blockchain networks can reduce costs to less than $0.01 per transaction. The implementation of distributed ledger technology could save up to $27 billion by 2030 on international transactions. According to research, the average cost of an international remittance is 6.4% of a $200 transaction, indicating the potential for significantsavingsthrough the adoption of cryptocurrencies. Cryptocurrency payments are protected using cryptographic methods and decentralization, reducing the risks of fraud and attacks. By adhering to "privacy by default" principles, transaction confidentiality can be further enhanced, including generating new addresses for each transaction. Regular security audits and multi-factor authentication provide an additional layer of protection. It can be asserted that blockchain technology offers significant advantages in speed, cost, and security of transactions, which could radically transform the landscape of international trade and financial transfers. The practical significance of the research lies in identifying the potential of cryptocurrencies as a reliable, cost-effective, and secure tool for international payments, which may alter the global money transfer system.

Online privacy literacy and users' information privacy empowerment: the case of GDPR in Europe

PurposeResearch on online user privacy shows that empirical evidence on how privacy literacy relates to users' information privacy empowerment is missing. To fill this gap, this paper investigated the respective influence of two primary dimensions of online privacy literacy – namely declarative and procedural knowledge – on online users' information privacy empowerment.Design/methodology/approachAn empirical analysis is conducted using a dataset collected in Europe. This survey was conducted in 2019 among 27,524 representative respondents of the European population.FindingsThe main results show that users' procedural knowledge is positively linked to users' privacy empowerment. The relationship between users' declarative knowledge and users' privacy empowerment is partially supported. While greater awareness about firms and organizations practices in terms of data collections and further uses conditions was found to be significantly associated with increased users' privacy empowerment, unpredictably, results revealed that the awareness about the GDPR and user’s privacy empowerment are negatively associated. The empirical findings reveal also that greater online privacy literacy is associated with heightened users' information privacy empowerment.Originality/valueWhile few advanced studies made systematic efforts to measure changes occurred on websites since the GDPR enforcement, it remains unclear, however, how individuals perceive, understand and apply the GDPR rights/guarantees and their likelihood to strengthen users' information privacy control. Therefore, this paper contributes empirically to understanding how online users' privacy literacy shaped by both users' declarative and procedural knowledge is likely to affect users' information privacy empowerment. The study empirically investigates the effectiveness of the GDPR in raising users' information privacy empowerment from user-based perspective. Results stress the importance of greater transparency of data tracking and processing decisions made by online businesses and services to strengthen users' control over information privacy. Study findings also put emphasis on the crucial need for more educational efforts to raise users' awareness about the GDPR rights/guarantees related to data protection. Empirical findings also show that users who are more likely to adopt self-protective approaches to reinforce personal data privacy are more likely to perceive greater control over personal data. A broad implication of this finding for practitioners and E-businesses stresses the need for empowering users with adequate privacy protection tools to ensure more confidential transactions.

LEGAL AND PROCEDURAL ASPECTS OF NOTARIAL PROTECTION IN UKRAINE AND IN FOREIGN COUNTRIES

The study is relevant due to the constant need to improve the legal system and its significant component, notaries. First of all, this is due to the need to take into account constant changes in society and technological breakthroughs in order to adapt notarial activities to new realities. In addition, the analysis of the theoretical foundations and regulatory framework of notaries in Ukraine in comparison with other countries helps to identify the advantages and disadvantages in national legislation and contributes to the improvement of legal norms. Therefore, the purpose of this study is to provide a theoretical and legal analysis of notarial protection in Ukraine and in certain foreign countries. This paper analyses the theoretical foundations and legal framework regulating notarial activity and defining the legal status of a notary in Ukraine and in some foreign countries of different legal systems. The article examines the role of the notary as a component of the legal order system, its tasks and peculiarities of organisation. The author identifies the main elements that constitute the legal status of a notary in Ukraine and in foreign countries. The author makes a comparative legal characterisation of the peculiarities of the legal status of a notary in the Latin and Anglo-Saxon notaries. Particular attention is paid to the legality, objectivity, independence and competence of notaries, who play a key role in ensuring the legal accuracy and legality of transactions. The article also discusses the support of notarial protection in Ukraine through the electronic document management system and electronic digital signature, which ensures the security and confidentiality of transactions. The article examines the role of notarial activity as a form of protection of subjective civil rights which complements other methods of legal protection. In particular, the author emphasises that notarial protection is a complement to other forms of protection, such as judicial and administrative protection, and identifies the need to analyse the legal status of notaries in other countries in order to improve national notarial legislation. It is proposed to take into account the experience of foreign legislators in rulemaking with a view to theoretical and legislative improvement of the legal status of notaries in Ukraine. Keywords: notary, notary, legal status of a notary, protection, form of protection, notarial protection, liability, contract, transaction.

Monero With Multi-Grained Redaction

Monero is a privacy-centric cryptocurrency that allows users to obscure their transactions with multiple input and output addresses. Current research on Monero mainly focuses on identifying design vulnerabilities or optimizing towards stronger privacy, security, etc. For example, improving the design of ring confidential transaction (RingCT) protocol proposed by Noether et al. As revealed by Ali et al. in USENIX 2016, new blockchains have inadequate nodes and network computing resources to resist powerful attack (e.g. 51% attack). Obviously, Monero blockchain is not an exception. Ateniese et al. proposed the notion of redactable blockchain in EuroS&P 2017, which begins the trend of formalizing blockchain with extra cryptographic primitives. The motivation is to turn an immutable blockchain into a mutable ledger by adapting the blockchain design and integrating with new cryptographic schemes. In such a setting, users could use their private keys to perform the secure multi-party computation to reverse blockchain history. The idea of redactable blockchain has attracted many researchers to pursuit this topic. However, few works have considered the privacy-preserving setting. Even fewer have practised their designs in an actual cryptocurrency. In this paper, we seek to adapt the RingCT protocol with several building blocks. Our proposal achieves most of the desired properties for blockchain redaction. It allows multiple tracing authorities to collaboratively trace users' identities, and a system manager to perform multi-grained (including block-level, transaction-level, accumulator-level and commitment-level) redaction on block contents. Our proposal can be seen as an extension of RingCT protocol. We give rigorous security requirements and comprehensive analysis of our scheme. The performance evaluation suggested that our scheme suffers from some unscalabilities in large-scale implementations. A more elegant design to achieve stronger security and ideal scalability is deemed as a challenging and interesting future work.

Confidential Transaction Balance Verification by the Net Using Non-Interactive Zero-Knowledge Proofs

One of the main trends for the monitoring and control of business processes is to implement these processes via private blockchain systems. These systems must ensure data privacy and verifiability for the entire network here denoted by ‘Net’. In addition, every business activity should be declared to a trusted third party (TTP), such as an Audit Authority (AA), for tax declaration and collection purposes. We present a solution for a confidential and verifiable realization of transactions based on the Unspent Transaction Output (UTxO) paradigm. This means that the total sum of transaction inputs (incomes) $In$ must be equal to the total sum of transaction outputs (expenses) $Ex$, satisfying the balance equation $In=Ex$. Privacy in a private blockchain must be achieved through the encryption of actual transaction values. However, it is crucial that all participants in the network be able to verify the validity of the transaction balance equation. This poses a challenge with probabilistically encrypted data. Moreover, the inputs and outputs are encrypted with different public keys. With the introduction of the AA, the number of different public keys for encryption can be reduced to two. Incomes are encrypted with the Receiver’s public key and expenses with the AA’s public key. The novelty of our realization lies in taking additively-multiplicative, homomorphic ElGamal encryption and integrating it with a proposed paradigm of modified Schnorr identification providing a non-interactive zero-knowledge proof (NIZKP) using a cryptographically secure h-function. Introducing the AA as a structural element in a blockchain system based on the UTxO enables effective verification of encrypted transaction data for the Net. This is possible because the proposed NIZKP is able to prove the equivalency of two ciphertexts encrypted with two different public keys and different actors. This integration allows all users on the Net to check the UTxO-based transaction balance equation on encrypted data. The security considerations of the proposed solution are presented.

A Postquantum Linkable Ring Signature Scheme from Coding Theory

Linkable ring signatures (LRSs) are ring signatures with the extended property that a verifier can detect whether two messages were signed by the same ring member. LRSs play an important role in many application scenarios such as cryptocurrency and confidential transactions. The first code-based LRS scheme was put forward in 2018. However, this scheme was pointed out to be insecure. In this paper, we put forward a code-based LRS scheme by constructing a new Stern-like interactive protocol and prove that it meets the security requirements of LRSs. We also give the specific parameters and the performance on the platform of our scheme.

Block Chain Technology and Internet of Things to Protect Financial Transactions in Crypto Currency Market

The integration of block chain and Internet of Things aims to address security concerns through a multifaceted approach. Block chain's inherent characteristics, such as decentralization and cryptographic hashing, contribute to the prevention of fraud and unauthorized access. Internet of Things devices, ranging from sensors to smart devices, play a pivotal role by providing real-time data that can be securely recorded on the block chain. This enables stakeholders to access timely and accurate information, enhancing decision-making processes. This article explores the synergies between block chain technology and the Internet of Things to bolster the security of financial transactions within the crypto currency market. With the growing prominence of digital assets, ensuring the integrity and confidentiality of transactions has become paramount. Block chain’s decentralized and immutable ledger capabilities provide a robust foundation, while IoT's real-time data generation adds a layer of transparency and efficiency. However, this integration is not without its challenges. The article delves into scalability issues, interoperability challenges, and the need for standardized protocols. Privacy concerns surrounding sensitive financial data and the intricacies of identity management in a decentralized environment are also addressed.

LACT+: Practical Post-Quantum Scalable Confidential Transactions

A “confidential monetary value” carries information about the real monetary value but does not disclose it. Post-quantum private blockchains with confidential monetary values—large-sized blockchains with large verification times—have the least scalability because they need to save and verify more information than those with “plain-text monetary values”. High scalability is an essential security requirement for decentralized blockchain payment systems because the more honest peers who can afford to verify the blockchain copies are, the higher the security. We propose a quantum-safe transaction protocol for confidential monetary blockchains, LACT+ (Lattice-based Aggregable Confidential Transactions), which is more scalable than previous post-quantum confidential blockchains, i.e., many input/output transactions with logarithmic sized complexity.

SymmeProof: Compact Zero-Knowledge Argument for Blockchain Confidential Transactions

To reduce the transmission cost of blockchain confidential transactions, we propose SymmeProof, a novel communication efficient non-interactive zero-knowledge range proof protocol without a trusted setup. We design and integrate two new techniques in SymmeProof, namely vector compression and inner-product range proof. The proposed vector compression is able to reduce the communication cost to log(n) for n-size vectors. The proposed inner-product range proof converts a range proof relation into an inner-product form, which can further reduce the range proof size with the vector compression technique. Based on these two techniques, SymmeProof can eventually achieve a log(n)-size range proof. The proposed SymmeProof can be used in many important applications such as blockchain confidential transactions as well as arguments for arithmetic circuits satisfiability. We evaluate the performance of SymmeProof. The results show that SymmeProof substantially outperforms representative methods such as Bulletproofs in the proof size without a trusted setup.

The Advance of Ring Confidential Transactions

Ring Confidential Transactions (RingCT) is a protocol associated with the privacy-focused cryptocurrency Monero and is used to hide the transaction amount from the third party while still providing the confidentiality of the hide transaction. With the Pederson commitment scheme, ring signature, and other cryptographic constructions, RingCT plays a major role in making the transactions of Monero private. As a privacy coin, Monero has the unique property of fungibility in the cryptocurrency market from the protocols implemented. These protocols provided opportunities and challenges for its future. In this paper, the version of the protocol implemented in Monero is first inspected, including the commitment to zero and the range proof. Then, two critical cryptographic constructions used by RingCT 2.0, the accumulator and the signature of knowledge, are introduced. Finally, the influence of RingCT and other privacy features and the current situation of privacy coin is discussed.

A two-layer consortium blockchain with transaction privacy protection based on sharding technology

In the traditional consortium blockchain system, all nodes jointly participate in the process of transaction consensus, so that the confidentiality of transaction data within and between organizations in the consortium cannot be protected; and the throughput of the existing consortium blockchain system is still low. In response to the above problems, we propose a two-layer consortium blockchain with transaction privacy protection based on sharding technology. The blockchain consists of a sharding layer and a root consensus layer, which supports internal transactions of distributed interactive organizations, confidential transactions across shards, and public transactions across shards. At the sharding layer, we shard the nodes and their corresponding UTXOs, and ensure the confidentiality of transaction data by authorizing nodes in different shards to access different transaction data. And through the root consensus layer, the processing reliability, tamper-proof and traceability of confidential transactions across shards and internal transactions are guaranteed. The system throughput is improved by parallel processing of transactions using sharding technology, and the blockchain system with an improved Byteball architecture inside the shard, which further improves the transaction throughput of the system. And through analysis, it shows that the consortium blockchain proposed in this scheme is reasonable and feasible.

ЦИФРОВАЯ ВАЛЮТА ЦЕНТРАЛЬНОГО БАНКА СИНГАПУРА: ОСОБЕННОСТИ ВНЕДРЕНИЯ И СРАВНЕНИЕ С ЦИФРОВЫМ РУБЛЕМ

The article discusses the features of the introduction of the digital currency of the central bank of Singapore as one of the leaders in the Asian region in the development of digital payment technologies. The main characteristics of the developed models for the introduction of the digital ruble and the Singapore dollar are compared. The main differences between the digital currencies of the analyzed countries are revealed: the different legal nature of the Central Bank’s digital currency, the opposite view of the monetary authorities on the level of confidentiality of transactions and openness of the payment infrastructure, different expectations of the monetary authorities from the introduction of the central bank’s digital currency. The main results of the development of financial mechanisms for the introduction of the digital Singapore dollar are determined.

A blockchain-based privacy-preserving transaction scheme with public verification and reliable audit

<abstract><p>With the continuous development of Internet of Things, finance, big data and many other fields, blockchain has been widely used in these areas for transactions, data sharing, product traceability and so on. Numerous assets have appeared in the blockchain, and there are some levels of conflicts among privacy protection of these assets, transaction transparency and auditability in blockchain; so how to provide privacy preserving, make public verifications and audit the encrypted assets are challenging problems. In this paper, we propose a privacy-preserving transaction scheme with public verification and reliable audit in blockchain. First, we provide privacy preserving of transaction contents based on homomorphic encryption. It is flexible, as we decouple user identity and transaction contents. Then, we propose and design a multiplicative zero-knowledge proof with formal security analysis. Furthermore, several verification rules are defined by us in the scheme, such as balance verification and multiplicative verification based on the proposed multiplicative zero-knowledge proof. Our scheme enables reliable and offline auditing for each transaction, and we aggregate the zero-knowledge proofs to save the ledger space. Finally, we make a security analysis of our proposal in terms of transaction confidentiality, public verification and audit reliability, and we give a performance analysis of the proposed scheme.</p></abstract>

Optimized CPU–GPU collaborative acceleration of zero-knowledge proof for confidential transactions

The potential application scope of blockchain is much broader than its origin of digital currencies, which may include managing smart contract, copyrighted works, and digitization of commercial or organizational registries. Not surprisingly, the confidentiality of transaction information is desired in these various blockchain applications, and is unfortunately not well supported yet. Zero-knowledge proofs such as bulletproofs are good candidate solutions to provide transaction confidentiality in blockchain, due to the ability to verify the truth of information without revealing the information directly. However, zero-knowledge proofs still suffer from high computation overhead and low throughput, and Bulletproofs are still computationally inefficient to be applied in blockchain applications. Edge computing meets confidential transactions’ strong need for high performing by providing powerful GPUs and can be a helpful option. In this paper, we first present a CPU–GPU collaborative framework to accelerate the inner-product arguments of Bulletproofs. The experiments show that our implementation achieves an average speedup ratio of 3.7x. On this basis, this paper also proposes to build a high efficient bulletproofs based transaction processing system that supports both confidential and transparent transactions at GPU-enabled edge. Compared with the original bulletproofs version, a GPU accelerated implementation can obtain a speedup ratio up to 4.7x. When multiple bulletproofs are required to execute in bundle, the work focuses on memory optimization and data segmentation, which further increases the speed by 30%. Finally, the overall transaction processing system achieves a 1.5x speedup when both confidential and transparent transactions are parallelized at the edge.

L2chain

With the rapid development of blockchain, the concept of decentralized applications (DApps), built upon smart contracts, has attracted much attention in academia and industry. However, significant issues w.r.t. system throughput, transaction confidentiality, and the security guarantee of the DApp transaction execution and order correctness hinder the border adoption of blockchain DApps. To address these issues, we propose L2chain, a novel blockchain framework aiming to scale the system through a layer-2 network where DApps process transactions in the layer-2 network and only the system state digest, acting as the state integrity proof, is maintained on-chain. To achieve high performance, we introduce the split-execute-merge (SEM) transaction processing workflow with the help of the RSA accumulator, allowing DApps to lock and update a part of the state digest in parallel. We also design a witness cache mechanism for DApp executors to reduce the transaction processing latency. To fulfill confidentiality, we leverage the trusted execution environment (TEE) for DApps to execute encrypted transactions off-chain. To ensure transaction execution and order correctness, we propose a two-step execution process for DApps to prevent attacks ( i.e. , rollback attacks) from subverting the state transition. Extensive experiments have demonstrated that L2chain can achieve 1.5X to 42.2X and 7.1X to 8.9X throughput improvements in permissioned and permissionless settings respectively.

Zero‐knowledge‐based distributed auditing protocol

AbstractBlockchain‐based data outsourcing has attracted a huge deal of attention in recent years. However, key management and reliance on pre‐defined or randomly‐selected third‐party auditors (TPAs) are still challenging owing to refusing to collaborate or break auditing policies. Additionally, it is impossible to store secrets in smart contracts (SCs) for signing or auditing. Thus, in the present study, a zero‐knowledge (ZK)‐based distributed auditing protocol (DAP) is provided. In this protocol, a user‐based key generation mechanism offers users security against curious authorities based on no TPA causing them to reveal no knowledge about under‐auditing data. Based on Pointcheval's and Sanders's signature scheme, as a ZK‐based randomizable signature applied in an SC to handle the auditing process, the proposed DAP provides confidential transactions and user accountability. Evaluation indicates that the proposed ZK‐based DAP is efficient for the user side and it is the fastest DAP in the blockchain.