研究生: |
王俊傑 Jiun-Jie Wang |
---|---|
論文名稱: |
一個可避免交易順序依賴問題的智慧合約框架 A transaction-ordering dependence prevention framework for smart contract |
指導教授: |
查士朝
Shi-Cho Cha |
口試委員: |
羅乃維
Nai-Wei Lo 葉國暉 KUO-HUI YEH |
學位類別: |
碩士 Master |
系所名稱: |
管理學院 - 資訊管理系 Department of Information Management |
論文出版年: | 2021 |
畢業學年度: | 109 |
語文別: | 中文 |
論文頁數: | 57 |
中文關鍵詞: | 智慧合約 、Transaction Ordering Dependency 、Timestamp Ordering Protocol |
外文關鍵詞: | Smart Contract, Transaction Ordering Dependency, Timestamp Ordering Protocol |
相關次數: | 點閱:266 下載:65 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
區塊鏈技術透過多個節點共同參與,並對於發生的交易產生證明,而確保不可否認性;智慧合約則將程式執行的過程以資料的方式保存,讓所有區塊鏈的參與節點對程式執行結果進行驗算,而確保程式的正確性。然而以太坊區塊鏈的智慧合約執行並無強調順序,交易者可使用相對較高的交易手續費 (Gas price),使得要求被區塊開採者 (Miner) 優先進行運算。因此在其環境中部署基於商業流程運作的智慧合約,便會產生交易順序依賴問題 (Transaction-Ordering Dependency, TOD),且前述使用較高手續費之方法,搭配以監聽網路封包、透過較高速網路的優勢環境條件,或是節點中運算的競爭條件 (Race condition) 等方式可以更容易執行攻擊,因而使得原先提出交易的參與者權益受損。
基於前述問題情境,本研究提出一個可避免交易順序依賴問題的智慧合約框架,透過可信賴時間戳記伺服器賦予交易時間證據,並透過其中代理閘道器代理協助轉發交易至本框架部署至以太坊區塊鏈中的智慧合約,並存儲請求、監聽其執行結果來作為定義後續行為的依據,再由智慧合約以時間證據進行時間戳記排序演算法 (Timestamp Ordering Protocol) 進行檢核,近一步阻止受交易順序依賴問題所影響的交易執行,使得該交易發起者不會因此執行非預期、錯誤的結果,而避免 TOD 問題。
A blockchain network is composed of a set of participating nodes. The nodes ensure transaction data integrity collaboratively. The smart contract mechanism in a blockchain network stores execution results of smart contracts in the blockchain network. Participating nodes can verify the execution results of a smart contract and ensure the integrity of execution results. However, the smart contract execution of the Ethereum blockchain does not ensure transaction order. People can pay higher transaction fee to attract participating nodes to execute their transactions earlier. Thus the Transaction Ordering Dependency (TOD) problem exists when deploying smart contracts based on the business process in the Ethereum blockchain network. As the problem can be easily performed via network monitoring, for instance by leveraging the backbone network or system race condition, any blockchain account could use this method before the block is mined.
To address the issue, we propose a smart contract framework that avoids such transaction ordering dependency. A trusted timestamp server is used to provide transaction timestamps, and the proxy gateway agent assists in forwarding transactions to the framework and then sends them to Ethereum. The smart contract in the blockchain stores the request and monitors its execution result as the basis for defining subsequent behaviors. Furthermore, the smart contract uses the Timestamp Ordering Protocol to identify further transactions in which transaction execution is affected by the problem. Thus the transaction initiator does not execute unexpected and erroneous results. Consequently, the proposed scheme can hopefully overcome the problem of TOD in the Ethereum blockchain network.
[1] S. Nakamoto, (2009). “Bitcoin: A Peer-to-Peer Electronic Cash System,” [Online]. Available:http://bitcoin.org/bitcoin.pdf
[2] Wubing Chen, Zhiying Xu, Shuyu Shi, Yang Zhao, and Jun Zhao. (2018). “A Survey of Blockchain Applications in Different Domains”. In Proceedings of the 2018 International Conference on Blockchain Technology and Application (ICBTA 2018). Association for Computing Machinery, New York, NY, USA, 17–21. [Online]. Available:https://doi.org/10.1145/3301403.3301407
[3] Damiano Di Francesco Maesa, Paolo Mori. (2020). “Blockchain 3.0 applications survey”, Journal of Parallel and Distributed Computing, Volume 138, 2020, Pages 99-114, ISSN 0743-7315. [Online]. Available:https://doi.org/10.1016/j.jpdc.2019.12.019.
[4] Vitalik Buterin. (2013). “Ethereum Whitepaper”. [Online]. Available:https://ethereum.org/en/whitepaper/
[5] ConsenSys Inc. “Smart Contract Best Practices – Known Attacks” [Online]. Available:https://consensys.github.io/smart-contract-best-practices/known_attacks/
[6] “Ethereum: The Ultimate Smart Contract and Decentralized Application Platform” [Online (Archive history)]. Available:https://web.archive.org/web/20131228111141/https://vbuterin.com/ethereum.html
[7] Gavin Wood. (2015). “Ethereum Yellowpaper”. Ch9. [Online]. Available:https://ethereum.github.io/yellowpaper/paper.pdf
[8] Nick Szabo. (1996). “Smart Contracts: Building Blocks for Digital Markets”. [Online]. Available:https://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart_contracts_2.html
[9] Nick Szabo, N. (1997). “Formalizing and Securing Relationships on Public Networks. First Monday”, 2(9). [Online]. Available:https://doi.org/10.5210/fm.v2i9.548
[10] Praitheeshan, P., Pan, L., Yu, J., Liu, J.K., & Doss, R. (2019). “Security Analysis Methods on Ethereum Smart Contract Vulnerabilities: A Survey”. ArXiv, abs/1908.08605v3. [Online]. Available:https://arxiv.org/abs/1908.08605v3
[11] SECBIT. (2018). “How the winner got Fomo3D prize”. [Online]. Available:https://medium.com/coinmonks/how-the-winner-got-fomo3d-prize-a-detailed-explanation-b30a69b7813f
[12] S. Sayeed, H. Marco-Gisbert and T. Caira. (2020). "Smart Contract: Attacks and Protections," in IEEE Access, vol. 8, pp. 24416-24427, 2020. [Online]. Available:https://ieeexplore.ieee.org/document/8976179
[13] A. Dika and M. Nowostawski. (2018). "Security Vulnerabilities in Ethereum Smart Contracts," 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), 2018, pp. 955-962. [Online]. Available:https://ieeexplore.ieee.org/document/8726833
[14] “Timestamp-based concurrency_control”. [Online]. Available:https://en.wikipedia.org/wiki/Timestamp-based_concurrency_control
[15] Truffle Suite. “CASE STUDY: STARBUCKS”. [Online]. Available:https://www.trufflesuite.com/case-studies/case-study-starbucks
[16] Truffle Suite. “CASE STUDY: MICROSOFT & THE WORLD BANK”. [Online]. Available:https://www.trufflesuite.com/case-studies/case-study-microsoft-and-the-world-bank
[17] “Ethereum Average Block Time Chart”. [Online]. Available:https://etherscan.io/chart/blocktime
[18] “Ethereum Blocks history”. [Online]. Available:https://etherscan.io/blocks?p=1