Centralizovaná směnárna kryptoměn s důvěryhodnými hardwarem
Loading...
Date
Authors
Sasák, Tomáš
ORCID
Advisor
Referee
Mark
B
Journal Title
Journal ISSN
Volume Title
Publisher
Vysoké učení technické v Brně. Fakulta informačních technologií
Abstract
Táto práca sa zaoberá návrhom, implementáciou a analýzou centralizovanej zmenárne kryptomien, ktorá pracuje na platforme trusted computing. Aktuálne centralizované zmenárne fungujú na základe plnej dôvery používateľa v operátorov zmenárne. Na opačnej strane, decentralizované zmenárne využívajú jeden blockchain a tým sú limitované iba na mince na danom blockchaine. Použitím trusted computing platformy Intel SGX je možné kód zverejniť (open source) a zákazník si dokáže overiť pomocou SGX atestácie (remote attestation) že tento kód beží na platforme zmenárne. Kombináciou so smart contract platformou na verejnom blockchaine zmenáreň dosahuje odolnosť voči nejednoznačnosti a vytvára lepšiu vrstvu bezpečnosti a transparentnosti pre používateľa. Zmenáreň bola implementovaná ako proof-of-concept pomocou programovacieho jazyka Go, za použitím frameworku EGo pre tvorbu SGX enkláv. Pre ukladanie dát bola použitá databáza PebbleDB a relačná databáza PostgreSQL. Smart contract zmenárne bol implementovaný v jazyku Solidity a nasadený na Ethereum. Implementácia je schopná vyhodnotiť približne 35 vkladov mincí za sekundu a 23 ponúk na výmenu mincí za sekundu. Aktualizácia poslednej verzie ledgeru na kontrakte stojí približne 0.00255 ETH, pri tendencií aktualizácie každú minútu deň behu zmenárne stojí približne 3.6742 ETH.
In this thesis, we propose, design, implement, and analyze a centralized cryptocurrency exchange using trusted computing. Most popular exchanges work in a way that requires the customer to fully rely on the exchange operators. Decentralized exchanges work on top of existing blockchains, which limits the number of tradable coins. Using a trusted computing platform, Intel SGX, it is possible for operators to make code open source, and the customer can attest that the exchange platform is running the published exchange code. Also, exchange private keys are encrypted in memory and safely stored on disk using SGX sealing. Combining this approach with a smart contract platform on a public blockchain, we can achieve non-equivocation of the exchange and create a better layer of security and transparency between the customer and the exchange. The exchange was implemented as a proof-of-concept using the programming language Go, using the EGo framework to build SGX enclave applications. For data storage, we combine key-value storage PebbleDB with relation database PostgreSQL, and exchange attempts to secure the integrity of these data. The exchange smart contract was implemented in Solidity and deployed on the Ethereum development environment. Our concept implementation is able to handle around 35 deposits per second and around 23 bids matched per second. We performed a security analysis on this model from outside, but also from inside. The single ledger update from the exchange in the smart contract costs 0.00255 ETH, which in total costs 3.6742 ETH per day.
In this thesis, we propose, design, implement, and analyze a centralized cryptocurrency exchange using trusted computing. Most popular exchanges work in a way that requires the customer to fully rely on the exchange operators. Decentralized exchanges work on top of existing blockchains, which limits the number of tradable coins. Using a trusted computing platform, Intel SGX, it is possible for operators to make code open source, and the customer can attest that the exchange platform is running the published exchange code. Also, exchange private keys are encrypted in memory and safely stored on disk using SGX sealing. Combining this approach with a smart contract platform on a public blockchain, we can achieve non-equivocation of the exchange and create a better layer of security and transparency between the customer and the exchange. The exchange was implemented as a proof-of-concept using the programming language Go, using the EGo framework to build SGX enclave applications. For data storage, we combine key-value storage PebbleDB with relation database PostgreSQL, and exchange attempts to secure the integrity of these data. The exchange smart contract was implemented in Solidity and deployed on the Ethereum development environment. Our concept implementation is able to handle around 35 deposits per second and around 23 bids matched per second. We performed a security analysis on this model from outside, but also from inside. The single ledger update from the exchange in the smart contract costs 0.00255 ETH, which in total costs 3.6742 ETH per day.
Description
Keywords
kryptomena, zmenáreň, Intel SGX, kryptografia, blockchain, trusted computing, enkrypcia, konsensus, atestácia, smart contract, decentralizovaná identita, verifiable credentials, cryptocurrency, exchange, Intel SGX, cryptography, blockchain, trusted computing, encryption, consensus, attestation, smart contract, decentralized identity, verifiable credentials
Citation
SASÁK, T. Centralizovaná směnárna kryptoměn s důvěryhodnými hardwarem [online]. Brno: Vysoké učení technické v Brně. Fakulta informačních technologií. 2023.
Document type
Document version
Date of access to the full text
Language of document
en
Study field
Vývoj aplikací
Comittee
doc. Ing. František Zbořil, Ph.D. (předseda)
doc. Mgr. Adam Rogalewicz, Ph.D. (člen)
RNDr. Marek Rychlý, Ph.D. (člen)
Ing. Libor Polčák, Ph.D. (člen)
Ing. Jiří Hynek, Ph.D. (člen)
Ing. Vladimír Bartík, Ph.D. (člen)
Date of acceptance
2023-06-16
Defence
Student nejprve prezentoval výsledky, kterých dosáhl v rámci své práce. Komise se poté seznámila s hodnocením vedoucího a posudkem oponenta práce. Student následně odpověděl na otázky oponenta a na další otázky přítomných. Komise se na základě posudku oponenta, hodnocení vedoucího, přednesené prezentace a odpovědí studenta na položené otázky rozhodla práci hodnotit stupněm B.
Result of defence
práce byla úspěšně obhájena
Document licence
Standardní licenční smlouva - přístup k plnému textu bez omezení