Fun

Dark DAOs: Vitalik Buterin explores ways to mitigate bribery threats

News Feed - 2024-08-17 06:08:37

Ana Paula Pereira2 hours agoDark DAOs: Vitalik Buterin explores ways to mitigate bribery threatsProof of Complete Knowledge (PoCK) aims to prevent bribery attacks by ensuring real control over voting keys.482 Total viewsListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTCOINTELEGRAPH IN YOUR SOCIAL FEEDFollow ourSubscribe onA group of researchers from Cornell University is investigating potential threats that could turn into “dark” voting systems in decentralized autonomous organizations (DAOs). 


This group is formed by Ethereum co-founder Vitalik Buterin and PhD students Mahimna Kelkar, Kushal Babel, Philip Daian and James Austgen. Their work revolves around how to mitigate an imminent threat to decentralization as DAOs go mainstream: unified attacks against protocols through smart contracts bribery.


During the Science of Blockchain Conference held at Columbia University in early August, Cointelegraph spoke with Mahimna Kelkar about the group’s research on proofs of complete knowledge (CK) — a new cryptographic notion they introduced in 2023.


Proof of knowledge is a cryptography concept that allows one party (the prover) to convince another party (the verifier) that they possess some secret information, like a secret key, without actually revealing that information.


The concept has been widely used in the crypto industry to improve privacy on transactions, but a “subtle gap” still allows scenarios where this secret information could be held by some external mechanism, like trusted hardware, rather than directly by the prover. According to Kelkar:“When the secret key is held inside a trusted hardware, in what we call encumbrance of the secret key, you can still complete this proof of knowledge without actually having knowledge of the underlying secret key.”Bribery attacks


This limitation in the way standard proofs of knowledge are defined could turn voting protocols vulnerable to bribery attacks, Kelkar explained. 


The lack of a central authority is a key concept behind DAOs’ governance. Members of a DAO are usually tokenholders with voting power on rules and decisions. In a bribery attack, however, a malicious actor could offer tokenholders financial incentives through smart contracts, bribing participants to vote for a particular proposal or outcome.


“[..] A voting platform may be vulnerable to bribery attacks [...], where users can sort of sell their votes to bribers in a dark marketplace,” explained Kelkar. “What our work tries to do is establish an individual, real person kind of ownership of data.”Source: The Initiative for CryptoCurrencies and Contracts (IC3)Proof of Complete Knowledge


An attacker could use a trusted execution environment (TEE) to ensure that tokenholders who accepted a bribe can’t vote freely. In this environment, the attacker controls when and how the keys can be used. 


The researchers identified two ways of enforcing proof of complete knowledge. One includes using TEE to prove that a voter owns a key and can use it. The tokenholder can also remove the key of this environment to use it freely whenever they want.


In this way, tokenholders still keep complete control over their key. Even if an attacker wants to lock the key away to control the voter, the key is already managed by the voting system’s own TEE.


A second approach involves restricting keys using application-specific integrated circuits (ASICS), which are usually machines used in Bitcoin mining. By sending a key to the ASIC — which lacks a TEE environment — the key remains accessible to the user, ensuring they have complete control over it, while still demonstrating that the key was used by the ASIC and preventing its use in a TEE.


The research is still in the prototype stage, according to Kelkar. “We show that this is a realistic threat to DAOs, and we show this by demonstrating a practically deployable dark DAO, which can facilitate vote buying in existing DAOs. It’s not something that you can deploy tomorrow, but it’s like practically instantiable as a research prototype today," Kelkar added.


Magazine: DeFi and Ethereum are the ‘new narrative’: Michaël van de Poppe, X Hall of Flame# Blockchain# Smart Contracts# Decentralization# Vitalik Buterin# DAOAdd reaction

News Feed

Mango Markets DAO mulls offering settlement with SEC
Martin Young2 hours agoMango Markets DAO mulls offering settlement with SECThe proposed settlement involves Mango DAO neither admitting nor denying wrongdoing and paying a $223,228 fine. 936 Total viewsListen to article
Bitcoin Core devs set up new policy aimed at handling ‘critical bugs’
Brayden Lindrea4 hours agoBitcoin Core devs set up new policy aimed at handling ‘critical bugs’Bitcoin Core developer Antoine Poinsot said there is a dangerous perception that Bitcoin Core is free of bugs, noting it
Origin Defi Protocol Suffers Massive Flash Loan Attack- OUSD Stablecoin Value Plunges 85%
Origin Defi Protocol Suffers Massive Flash Loan Attack- OUSD Stablecoin Value Plunges 85% The OUSD stablecoin issuer, Origin Protocol is the latest Defi protocol
Onyx to shutdown Ethereum-based lending market, relaunch Onyx Core
Arijit Sarkar13 hours agoOnyx to shutdown Ethereum-based lending market, relaunch Onyx CoreAfter a $3.8 million hack on a long-known security vulnerability, Onyx plans to relaunch its governance-focused financial network
Bitcoin, Ethereum Technical Analysis: BTC Below $19,000 as Sentiment in Crypto Remains Bearish
Bitcoin, Ethereum Technical Analysis: BTC Below $19,000 as Sentiment in Crypto Remains Bearish Bitcoin started the week trading below $19,000, as recent economic pressures continue
Standard Chartered Report Structurally Values Ethereum at ‘$26K to $35K’
Standard Chartered Report Structurally Values Ethereum at "$26K to $35K" A report published by the British bank Standard Chartered indicates the company’s analysts are bulli
Prashant Jha4 hours agoCoinbase CEO stands up for DeFi, Polygon says $1B ZK-rollup paying off: Finance RedefinedCoinbase’s CEO has become the latest ally of the DeFi space, calling for apt regulations of the ecosystem
Supply of Tokenized Bitcoin Dropped Significantly Since the Start of the Year
Supply of Tokenized Bitcoin Dropped Significantly Since the Start of the Year This year, the number of tokenized bitcoins hosted on alternative blockchains like Ethereum, has dropp
Ethereum Breaks Massive Downtrend Price Structure – Momentum Shift?
Reason to trust Strict editorial policy that focuses on accuracy, relevance, and impartiality Created by industry experts and meticulously reviewed The highest standards in reporting and pu
Leading Colombian bank launches crypto exchange and peso stablecoin
Prashant Jha12 hours agoLeading Colombian bank launches crypto exchange and peso stablecoinThe Colombian bank behind the crypto exchange claimed the platform was created after nearly a decade of study and research.1842 T
JPMorgan Says Cryptocurrency Markets Are ‘Looking Frothy’
JPMorgan Says Cryptocurrency Markets Are "Looking Frothy" Global investment bank JPMorgan says cryptocurrency markets are “looking frothy” as retail investors spill o
Dogecoin Poised For $0.1491 Breakout As RSI Reveals Bullish Potential
Este artículo también está disponible en español. Dogecoin is showing strong signs of a potential breakout, with technical indicators aligning for a possible move toward