Abstract:
The temporal nature of graphs modeling blockchain accounts as nodes and transactions as directed edges – enables us to understand the behavior (malicious or benign) of the accounts. Predictive classification of accounts as malicious or benign could help users of the permissionless blockchain platforms to operate securely. Motivated by this, we introduce temporal features such as burst and attractiveness on top of several already used graph properties such as the node degree and clustering coefficient. Using identified features, we train various Machine Learning (ML) algorithms and identify the algorithm that performs the best in characterizing the accounts as malicious. We then study the behavior of the accounts over different temporal granularities of the dataset before assigning them malicious tags. For Ethereum blockchain, we identify that for the entire dataset the ExtraTreesClassifier performs the best among supervised ML algorithms. On the other hand, using cosine similarity on top of the results provided by unsupervised ML algorithms such as K-Means on the entire dataset, we were able to detect 554 more suspicious accounts. Further, using behavior change analysis for accounts, we identify 814 unique suspicious accounts across different temporal granularities.

Shikhar Barve

Abstract:
Financial Regulation is a kind of compliance system that restricts the financial bodies to adhere to certain ules and guidelines. An example of this is the investment compliance system where government institutions like SEBI protect the interest of investors by imposing some rules on Alternative Investment Funds(AIF). AIF are the funds managed privately and operate distinctively to other traditional funds like mutual and equity funds. These are expected to produce higher returns and manage the portfolio privately so that they can exploit higher arbitrage opportunities. Investors, on the other hand, may also seek a risk guarantee in addition to high returns.In this thesis, we try to solve this problem of protecting the investors while ensuring the privacy of portfolio used by the financial body using zero-knowledge proofs. Zokrates framework has been used in our protocol to encode the constraints and exporting the verifier. Finally, the objective of this thesis is to evaluate the performance of the system on Ethereum Testnet.

Komal Kalra

Abstract:
Ethereum is the second most valuable cryptocurrency after bitcoin. The applications that can be built on Ethereum are ountless. This was possible because of the introduction of the concept of smart contracts on ethereum. These smart ontracts are immutable because they are stored on blockchain. The immutable property is of great use for eradicating the trust issue when two parties agree to communicate using a smart contract. Smart contracts can work along with other smart contracts for example finishing one smart contract can trigger the execution of another smart contract etc. Despite so many attractive promises made by smart contracts, they can also be prone to problems. The immutability property which is great use also poses issues in case a smart contract contains some bugs. The code of smart contract logic must be accurate and bug free. Otherwise, it can be exploited for the wrongdoings by the scammers. For example, the DAO hack is an example of such wrongdoings. The other major issue that arises because of such exploitation is that people will lose interest in the blockchain concept. Since this is a fairly new technology a good number of bugs are exposed by the community. Tools reporting various vulnerabilities are build in recent times to aid developers in developing bug-free and accurate unctionality of smart contracts.This thesis aims to build a tool that will flag DoS Vulnerable smart contracts. The tool uses symbolic execution to traverse all the possible paths in the smart contract. The tool test smart contracts for a different number of invocations and variable path length that is traversed by symbolic execution. The symbolic executions and the path length are flexible parameters provided as input along with the smart contract to the tool. To test, the tool is run on a collected sample of 35 smart contracts with invocations 1 and 2 and path length 10, 20, and 40 respectively for both the number of invocations.

Deepak Yadav (18111014)

Abstract:
We are living in a blockchain era where both academic and industry people are interested in blockchain technology. It all started with the introduction of bitcoin by Satoshi Nakamoto; the world’s first decentralized cryptocurrency, it can be termed as the first phase of blockchain technology. In the second phase, Ethereum got the success more people got interested in blockchain technology. Now we are in the third phase of the blockchain revolution that is the blockchain for enterprise. Now, every business is trying to take advantage of blockchain technology for their use case, and in this phase, Hyperledger Fabric is the most promising modular enterprise blockchain. It is proven to be very useful, but we noticed that official hyperledger fabric implementation still does not support any BFT protocol for consensus (or ordering service) and above all, there is no practical implementation of a Byzantine fault tolerant consensus protocol that can perform in network settings, such as the Internet where the user of the blockchain can not provide network guarantees. In this thesis, We present an alternative, HoneyBadgerBFT as a consensus option in Hyperledger Fabric’s Ordering service, the first practical asynchronous BFT protocol, which guarantees liveness without making any timing assumptions about the network. HoneyBadgerBFT can handle up to one-third malicious nodes in the network. We present an implementation and experimental results to show that our protocol can achieve throughput comparable to Raft (a CFT protocol) in standard scenarios and makes progress even when the underlying network is not stable.

Deepak Yadav (18111015)

Abstract:
For consensus in a permissioned blockchain, state machine replication is a prevalent technique. However, there are a lot of efficient solutions available which support only crash faults and not byzantine faults. SBFT addresses the challenge of scalability, decentralization and world-scale geo-replication in the present state of BFT consensus algorithms. This project creates a standalone implementation of SBFT, which can be integrated as the ordering service of any permissioned Blockchain. SBFT is optimized for distribution and can easily handle a large number of clients. It provides almost 1.5x improved latency and 2x improved throughput compared to the most optimized PBFT based systems using a few optimizations like linear message passing pattern instead of quadratic, dual-mode of execution and reduced computation and communication at the client.

Kuldeep Sahu

Abstract:
Today, to enter a bar or apply for a bank loan, an individual has to prove specific attributes about his identity to the service provider to get access to these services. For this, people use state-issued identity documents and credentials. They need to carry these documents physically at every point where verification of their identity is needed. They are often asked to submit a scanned copy or a photocopy of these documents, which ends up revealing more information about the individual than the verifier needs to know. It results in identity theft and misuse, giving rise to fraudulent and criminal activities. With the rise of internet service providers and smartphone advancements, individuals' online activities have also increased. It allows the large tech giants to mine data generated by these individuals' activities since these companies are the primary internet identity provider for these individuals. How the data of a user is shared (and with whom) is hardly controlled by the user. In this work, we present a Self-Sovereign Identity ecosystem that solves the challenges mentioned above by bringing the complete control over the identity attributes of an individual to himself. The individual gets to choose with whom he wants to share his identity details and how much information he wants to reveal with other verifying parties. We also demonstrate how the presented ecosystem helps in issuing verifiable medical certificates to individuals in a post-COVID world, which makes it easier for them to prove their health to verifying authorities before granting them access to their services.

Nilesh Vasita

Abstract:
The birth of Blockchain technology in the form of Bitcoin, has triggered a wide interest by demonstrating the possibility of eliminating the need of need of an intermediary and revolutionized the interactions between people and machines by increasing trust. Initially restricted to the domain of cryptocurrencies, people started realizing the potential of technology to go beyond just cryptocurrencies which led to the adoption of blockchain technology to solve real-world scenarios.One such scenario is the problems in e-governance systems among the public domain sectors. For the scope of this thesis we mainly focused on the problems inLand record and revenue sectors.In this thesis, we analyze the integration of blockchain technology to the existing business processes and in doing so, we address problems such as data integrity,privacy, and more importantly the lack of common platform between the organizations involved. The evolution of blockchain technology led to the introduction of permissioned blockchain platforms, Hyperledger Fabric is a leading permissioned blockchain platform which is used in the development of our project.Finally the objective of this thesis is to evaluate the performance of blockchain based implementation of a land revenue & recording automation system.

Gunda Abhishek

Abstract:
Privacy is a fundamental right for every human, but in today’s world, this is not ensured in every sector. The health sector is such an example where patients privacy is not respected, and sensitive data like prescription dosages, medical bill amounts and their entire medical history are leaked online without any encryption. We designed, implemented and deployed an architecture in this research where we tried to use PKI infrastructure and Hyperledger fabric and simulated workflow of healthcare sector while ensuring that patients’ medical records are in complete control of patient only. Hyperledger fabric, which is a blockchain framework, provides integrity to the medical records, which can be verified at any later point of time. Proxy re-encryption has been used to provide medical records access to others but only with permission from the patient. Besides patients and hospitals, this architecture also involves other institutions like insurance companies and pharmacies to provide various services to the patients. Lastly, we performed some performance experiments on the architecture to check the throughput and latencies.

Devendra K Meena

Abstract:
Since the introduction of the Bitcoin, the world’s first decentralized currency bySatoshi Nakamoto , both academic and industrial interest in blockchain technology has exploded. Blockchains can be categorized into two broad classes: permissionless and permissioned blockchain systems.Hyperledger Fabric is a permissioned blockchain system for running distributed applications. Fabric has a modular architecture and provides support for pluggable consensus. Currently, it has two consensus mechanisms namely Solo and Kafka ordering services which are not byzantine fault tolerant.In this thesis, we present the secure sharding blockchain agreement protocol namely Elastico in Hyperledger Fabric v1.4. We implement a new consensus mechanism in Fabric which prevents the system from byzantine failures.Based on our implementation of Elastico in Fabric v1.4, we observe that it is not better than Kafka in terms of throughput. Despite lower throughput, the implementation of Elastico is byzantine fault tolerant.

Ayushi Agarwal

Abstract:
Ethereum is a platform where users can build and deploy decentralized applications and smart contracts. The participants in the Ethereum network are ’pseudo-anonymous’ which makes it almost impossible to detect anomalous behaviour in the system. Thus, it serves as a noteworthy place to perform some malicious activity and then go undetected. With the sudden hype of blockchain technology, anomaly detection also received much attention in the past decade. Anomalies in the network are the ones who execute fraudulent trans-actions or whose behavior is abnormal. The abnormalities must be detected and removed as early as possible to ensure the faith of participants on the largest blockchain platform.There exists lots of work on the Bitcoin cryptocurrency in which they performed well, but this thesis presents work on anomaly detection in the Ethereum for the first time to the best of our knowledge.In this thesis, we considered anomaly detection for Ethereum network using machine learning techniques. Our goal is to detect which users are most suspicious. To this end,we have used various machine learning classifiers on Ethereum transaction data. We evaluated the accuracy and precision of each method and backed them with experimental results. Next, we have done some graph-based analysis on Ethereum data. We also tried to deduce the similarity index for smart contracts based on user interaction. We can use these methods for any setting which has an internal graph structure. We have chosenEthereum due to its availability and popularity of the dataset. This work provides a good starting point for anomaly detection on Ethereum Network.

Ajay Singh

Abstract:
Ethereum is the second most valuable cryptocurrency, just after Bitcoin. The biggest difference between Bitcoin and Ethereum is the ability to write smart contracts - small programs that sit on the blockchain. As the contracts are on the blockchain, they become immutable making them attractive for various decentralised applications (or dApps) like e-governance, healthcare manage-ment and data provenance.However, the biggest advantage of smart contracts - their immutability also poses the biggest threat from a security standpoint. This is because any bug found in the smart contract after deployment cannot be patched. Recent attacks like the DAO attack and the Parity attack have caused massive monetary losses. In such a scenario it becomes imperative to develop and interact with smart contracts that are secure.In this thesis we analyze the Ethereum Smart Contracts from a security viewpoint. We present a study of the security vulnerabilities observed in Ethereum smart contracts and develop a novel taxonomy for the same. We then analyse the different security tools available. For this, we create vulnerability benchmark – a set of 180 vulnerable contracts across different categories identified in the taxonomy. The results of the tools on this benchmark are analysed to help developers and end-users make an informed decision about which tool to use depending on their use-cases.We further collect byte-codes for 1.9M smart contracts from the main Ethereum blockchain and analyse them on various parameters like duplicity, total ether balance, etc. We observe that a small fraction of contracts dominate the others on every parameter we analysed. These 2900 contracts are identified as ‘Contracts of Importance’ and are further analysed using the tools available to gain valuable insights into the insecurity patterns and trends in Ethereum smart contracts.

Bishwas C Gupta