After testing the performance of Ethereum using PoA, we tested the usability of the CardContact SmartCard-HSM USB token on an ethereum Proof of Authority network. The HSM allows to store and use multiple encryption keys, both RSA and Elliptic Curves (including secp256k1), for applications like issuing certificates as a CA, and with any application that […]
Following our Smart Contract Auditing: Human vs. Machine article, we now analyze Slither, which is another static analysis tool from Trail of Bits. It includes aids for contract summaries, which can be helpful for making a mental model of the contract and rechecking assumptions. Considering the ease of use, it’s a good idea to try […]
In this blog post, we present a high-level overview of the paper describing the Ouroboros Proof of Stake protocol implemented in Cardano´s blockchain. After the overview follow some comments about theoretical aspects of the protocol.
In general, Proof of Stake (PoS) consensus protocols elect the network nodes responsible to send the next block to the blockchain on the basis of the nodes’ amount of stake.
In this article we are benchmarking several auditing tools. The smart contract security audit is a critical phase in the development of smart contracts. The DAO hack was just one trip in the odyssey to secure Ethereum smart contracts and compatible blockchains like RSK and Cardano. It is important to highlight that back in 2016 […]
The second stage of the Dogethereum bridge was presented on September 5, 2018 at 10 am (PT) and live streamed. The bridge uses “superblocks” to move coins from Dogecoin to Ethereum and collateralization to move coins from Ethereum to Dogecoin. We are excited because this innovation can also be used to bridge other blockchain pairs. […]
At CoinFabrik we are organizing internal presentations in response to interesting work we are doing. As we have grown, scheduling time to share our projects and ideas has become essential. Recent presentations have included: Decentralized Blockchain Bridges Last year Oscar Guindzberg, TrueBit, and CoinFabrik partnered to create a decentralized trustless bridge between Dogecoin and Ethereum […]
We are compiling a list of recent technologies developments in the blockchain sector. Our focus is mostly on projects which promise scalability, but includes also proposals which aim to overcome some deficiencies in Bitcoin´s PoW based blockchain, e.g. which aim to improve fairness, usefulness, or privacy. You can find the current state of our work […]
Overview Our smart contract audit team found that Short Address Attack mitigations can cause several problems with smart contracts. A Short Address Attack is when a contract receives less data than it was expecting, and Solidity fills the missing bytes with zeros. The deployed smart contract cannot prevent this and will interpret those extra zeros as […]
Solidity semantics are confusing for smart contract developers with experience in traditional programming languages. This semantics can lead to security issues like the one we found in a recent smart contract security audit we did. The following code caught our attention: In the above code, the create method stores the same information in two different […]
AppeCoin, Sergio D. Lerner‘s proposal for an e-cash scheme, is designed for a peer-to-peer network which does not rely on a Trusted Third Party. Like the cryptocurrencies Monero or Zcash, AppeCoin is a protocol which aims to guarantee to its users full privacy. Lerner’s e-cash scheme leverages coin shuffling. Unlike ZeroCoin, where the monetary units […]
The full technical article is available here. Introduction Payment confidentiality is a property for cryptocurrencies which allows the user to hide the sender and receiver, as well as the amount of a transaction in the blockchain. Monero Research Lab invented Ring Confidential Transactions, while Zcash uses a different approach based on recent scientific progress in the field […]
The challenge of modern cryptography is to find efficient but secure encryption schemes. The Elliptic Curve Integrated Encryption Scheme (ECIES) is a widely used encryption scheme which is specified in many standards. It is used for example in Ethereum’s Whisper. While Bitcoin Core does not implement ECIES, it can be employed to send secure messages […]