Jeffrey Burdges (Web3 Foundation)
Talk Title: Ethical Identity, Ring VRFs, and Zero-Knowledge Continuations
Abstract: Anonymized ring VRFs are ring signatures that prove correct evaluation of some authorized signer’s PRF while hiding the specific signer’s identity within some set of possible signers, known as the ring. We propose ring VRFs as a natural fulcrum around which a diverse array of zkSNARK circuits turn, making them an ideal target for optimization and eventually standards.
We explain how rerandomizable Groth16 zkSNARKs transform into reusable zero-knowledge continuations, and build a ring VRF that amortizes expensive ring membership proofs across many ring VRF signatures. In fact, our ring VRF needs only eight G_1 and two G_2 scalar multiplications, making it the only ring signature with performance competitive with constructions like group signatures.
Ring VRFs produce a unique identity for any give context but which remain unlinkable between different contexts. These unlinkable but unique pseudonyms provide a far better balance between user privacy and service provider or social interests than attribute based credentials like IRMA.
Ring VRFs support anonymously rationing or rate limiting resource consumption with major performance advantages over protocols for private monetary transactions.
| Short bio: Applied cryptographer doing work around distributed systems, anonymous credentials, and other topics like mix networks. Former pure mathematician. |
Daniel Hugenroth (University of Cambridge)
Talk Title: Building Decentralized Applications for Smartphones: Energy Measurements for Practical Protocol Design
Abstract: Smartphones have become the primary computing devices for many. As such we ask them to do more and more with the limited energy stored in their battery. In this talk we look at decentralized applications and discuss how mobile network transmissions and CPU usage affect battery life based on measurements with an open-source test setup. We will see that communication patterns matter and many cryptography operations are cheap. The talk provides practical advice for protocol design and shows how you can empirically evaluate your software on real devices.
| Short bio: Daniel Hugenroth is a computer security researcher and software engineer living in Cambridge, UK. His academic interests revolve around cryptographic protocols, anonymity, usable security, and mobile devices. At the moment, he is a post-doctoral researcher at the University of Cambridge. For more navigate to his website. |  |
Laura Ricci (University of Pisa)
Talk Title: Supporting Privacy with Zero Knowledge in SSI and Blockchain based Access Control
Abstract: Recent years have witnessed, especially in Europe, a shift aimed at bringing users back at the center of digital systems. This has driven innovation towards the affirmation of decentralized systems, in line with the Self Sovereign Identity paradigm. User control over the consumption and disclosure of their data is a key topic of such drive. This talk will discuss how it is possible to apply this increasingly popular concept to a traditionally centralized and opaque digital process: Access Control systems. In particular, we will show how to expand the XACML standard for Attribute Based Access Control systems with the novel concept of private attributes, i.e. attributes whose values should not be disclosed while still contributing to a policy evaluation result after user consent. The system is based on blockchain systems, and leverages smart contracts and zero knowledge proofs to allow for transparent policies evaluation without disclosing the value of such sensible attributes.
| Short bio: Laura Emilia Maria received the Ph.D. degree from the University of Pisa. She is currently a Full Professor Professor with the Department of Computer Science, University of Pisa. Her research interests include distributed systems, peer-to-peer networks, cryptocurrencies, blockchains, and social network analysis. She has been a member of the group for the definition of the Italian national strategy on blockchains. She has coauthored more than 200 articles published on international journals and conference/workshop proceedings in these fields. She has served as a program committee member and the chair for several conferences and is an editor of ACM DLT and of Elsevier Blockchain: Research and Applications journal. |  |
Ingo Weber (Technical University of Munich)
Talk Title: Business Process Execution and Process Mining on Blockchain
Abstract: How can blockchain shape future business processes? We explore two research directions at the intersection of blockchain and business process management: (i) the integration of business processes across different organizations to address the fundamental problem of trust, and (ii) the application of process mining techniques to analyze blockchain-based applications. We discuss a technique to integrate blockchain into the choreography of processes in such a way that no central authority is needed. Our studies on applying process mining to blockchain applications includes tooling and two case studies: one on Augur, a prediction and betting marketplace, where we were able to generate value-adding insights for application-redesign and security analysis; and one on Forsage, showcasing the analysis of interesting user behavior and insights into the veracity of marketing claims of a Ponzi scheme.
| Short bio: Prof. Dr. Ingo Weber is Full Professor in the Computer Science Department, TUM School of Computation, Information and Technology, at Technical University of Munich, Germany. Ingo Weber is also Director of Digital Transformation and ICT Infrastructure at the Fraunhofer-Gesellschaft. Before moving to Munich, he was Full Professor of Software and Business Engineering at Technische Universität Berlin from 2019 to 2022. Before that, he spent ten years in Sydney, Australia, where he worked for the research institutions CSIRO, NICTA and UNSW. In 2009, he received his PhD from the University of Karlsruhe (TH), now KIT, and worked in parallel for SAP Research. In his research, Ingo Weber focuses on various subfields of computer science, in particular business process management and process mining, software architecture and engineering, DevOps, blockchain, and applied artificial intelligence (AI). He is author of numerous publications and co-author of the textbooks “DevOps: A Software Architect’s Perspective” (2015) and “Architecture for Blockchain Applications” (2019). |  |
Louis Tremblay Thibault (Zama)
Talk Title: Privacy-Preserving Smart Contracts using FHE
Abstract: This talk outlines some of the cryptographic protocols and primitives which are needed to implement private smart contracts. The main challenges and open problems surrounding the use of FHE in blockchain systems are presented.
| Short bio: Louis is a research engineer at Zama working on privacy-preserving smart contracts and verifiable FHE. |
Josef Gattermayer (Ackee Blockchain Security)
Talk Title: Wake: Why we built an Open-Source Swiss Knife for Solidity Developers
Abstract: Solidity development and security tooling are still evolving, the first ecosystem has grown around tools such as Brownie, Slither, Echidna, or VS Studio Code extension Solidity Juan Blanco wrote in 2015 and has over 1,2 million installations. Thanks to those early adopters, the next waves of tooling could arrive, improving comfort, effectiveness, and security. Thanks to the openness and invocation drive of the Ethereum ecosystem, every major player is trying to contribute and push boundaries. But the take of Ackee Security wasn’t to replace any of those tools - but to replace them all. What was the motivation to combine the functionality into one tool? And how did it end? This talk reveals the insides.
| Short bio: Josef is a cybersecurity expert and a distributed systems enthusiast. He is the co-founder and CEO of Ackee Blockchain, a cybersecurity company that helps businesses secure their blockchain infrastructure. Josef received his doctorate in Distributed Systems from CTU in Prague, where he now serves as an assistant professor teaching Blockchain. |
Christof Ferreira Torres (ETH Zurich)
Talk Title: Rolling in the Shadows: A Closer Look at MEV Extraction Across Layer 2 Rollups
Abstract: In this talk we will dive into the technicalities of Layer 2 rollups and highlight it’s differences to Layer 1 Ethereum from a perspective of an MEV extractor. Moreover, we will compare MEV extraction on Ethereum with MEV extraction across optimistic and zero-knowledge based rollups, by highlighting volume, profits, costs, opportunities, and competition. To that end, we also present three novel strategies that attackers can use to perform cross-layer sandwich attacks on rollups, despite rollups not offering public mempools.
| Short bio: Christof Ferreira Torres is a postdoctoral researcher at ETH Zurich. He is part of the Secure & Trustworthy Systems Group lead by Prof. Dr. Shweta Shinde. His research focuses on analyzing the security and privacy of distributed ledgers. He obtained a joint Ph.D. in computer science from the University of Luxembourg and the Technical University of Munich. His Ph.D. thesis focuses on the automated security assessment of smart contracts. He received the Excellent Doctoral Thesis award from the University of Luxembourg and Ripple’s Impact award for his research on the security of smart contracts. Prior to his Ph.D., he has been working as a security researcher at the Fraunhofer Institute for Applied and Integrated Security (AISEC) near Munich, Germany. |  |
Bhargav Bhatt (Web3 Foundation)
Talk Title: Trust-less and Efficient Bridges between PoS Blockchains via Random Sampling
Abstract: We introduce “Random Sampling”, a novel technique for on-chain light-clients to efficiently follow the finality of a PoS blockchain. Essentially, our technique draws randomness (eg. RANDAO in Ethereum) from the target chain to verify signatures of only a small subset of validators subsampled from the source chain. We also analyse the security of the bridge from a crypto-economic perspective. This includes an overview of interesting concurrency issues in initial designs, and fixes which rely on dynamically increasing the security parameter only in case of an attack. Our work does not rely on fancy crypto and is comparable to SNARK based techniques in terms of gas costs (if the target chain is Ethereum). Our technique is already implemented in the Polkadot <> Ethereum bridge which is scheduled to go live soon.
| Short bio: Bhargav is a Research Engineer at the Web3 Foundation with a focus on Security and Verification. He has worked on security analysis of X-chain Bridges and Light-Clients, and also on tooling for verification and reliability of the Polkadot SDK. He also maintains the technical protocol specifications for Polkadot. He has a research background in Formal Verification and Static Analysis and previously spent time at ETH Zurich, USI Lugano, and Microsoft Research. |  |
Sheng-Nan Li (UZH Blockchain Center)
Talk Title: Trust Management of Decentralised Platforms
Abstract: In this presentation, we emphasise three foundational pillars—honesty, fairness, and sustainability—essential for maintaining and reinforcing trust in Blockchains and other Decentralised Platforms. Each pillar is exemplified through a dedicated project, which are focus on monitoring, analysis, and modelling of user behaviour and protocol functioning within reward mechanisms. To effectively manage both inherent internal trust challenges (embedded within protocol design) and external trust issues (arising from strategic behaviour), we uncover anomalies such as selfish and cartel mining in real-world Proof of Work (PoW) systems. We then analyse the fairness of Proof of Stake (PoS) reward distribution mechanisms, finding unexpected relationships between their inclusiveness and the emergent inequality. Furthermore, we introduce a comprehensive framework for PoS staking modelling, poised to bring potential enhancements to the design and evolution of these protocols.
| Short bio: Sheng-Nan Li is Postdoc in the Blockchain & Distributed Ledger Technologies group at the Informatics Department (University of Zurich) and member of the UZH Blockchain Center. Her PhD Thesis (2023) on “Effects of Consensus and Incentives on the Functioning of Blockchains highlights her systematic cognition of the blockchain ecosystem from both the academic and industry perspectives. During her PhD, she focused on data analytics and agent-based modelling of blockchain-based systems, including detection of selfish mining, data analysis on reward incentive distribution and modelling staking mechanisms. |  |
Markus Legner (Mysten Labs)
Talk Title: Modern Blockchains and Next-Generation Internet Architectures: Opportunities and Synergies
Abstract: As globally distributed systems, blockchains fundamentally rely on an available network infrastructure. Unfortunately, today’s Internet is vulnerable to a large number of attacks that may render it unavailable. On the other hand, centralized solutions offered by companies like Cloudflare contradict the decentralization promise of blockchains. Ideally, a blockchain could rely on a public and distributed network infrastructure that is resilient against attacks and provides strong availability guarantees.
SCION is a next-generation Internet architecture developed at ETH Zurich that is seeing increasing global deployment. Besides its built-in security mechanisms, it has another unique feature: As SCION packets carry forwarding information in their packet headers, it offers the opportunity to coordinate some of that forwarding information through an out-of-band mechanism—for example through a blockchain.
In my presentation, I will discuss these synergies between modern blockchains and next-generation Internet architectures, and report on some concrete work on achieving these for the Sui blockchain developed at Mysten Labs and SCION.
| Short bio: Markus Legner is a physicist by training and obtained his PhD in theoretical physics from ETH Zurich in 2016. Afterwards, he discovered his passion for computer science and network security. As a senior researcher and lecturer in Adrian Perrig’s Network Security Group at ETH Zurich, he spent several years analyzing and further improving the next-generation Internet architecture SCION. He is now a senior software engineer at Mysten Labs, where he is working on several projects at the intersection of the high-performance blockchain Sui and the SCION Internet architecture. |  |
Richard von Seck (Technical University of Munich)
Talk Title: Permissioned Consensus in the Lens of Network Transport
Abstract: In the pursuit of more performant byzantine fault-tolerant (BFT) state-machine replication (SMR) systems, optimization of building blocks is increasingly shifting into the focus of researchers. Permissioned and medium-scale setups can offer more predictable network conditions than a set of globally distributed VMs. However, not all of these setups can benefit from techniques such as Remote Direct Memory Access (RDMA) in pure datacenter deployments, but instead require communication via commodity network stacks. In this problem space, tuning of network transport protocols allows for optimization. In this talk, we present a study of behavior, configuration space, and performance impact of transport protocols and secure channel implementations, in context of a representative, leader-based BFT-SMR system.
| Short bio: Richard von Seck received his Master’s Degree in Informatics from Technical University of Munich in 2018. Since 2019 he is a Ph.D. student at the Chair of Network Architectures and Services of TUM. His research interests include performance and security of distributed systems, with a focus on agreement and consensus systems. |  |
Zeta Avarikioti (TU Wien & Common Prefix)
Talk Title: Blink: A PoW Light Client with Constant Communication
Abstract: Designing light clients for proof-of-work blockchains has beena foundational problem since Nakamoto’s SPV construction in the Bitcoin paper. Over the years, communication was reduced from O(C) down to O(polylog(C)) in the system’s lifetime C. In this talk, we present the first provably secure O(1) light client that does not require a trusted setup.
| Short bio: Zeta Avarikioti is an upcoming Assistant Professor at TU Wien in Austria, where she is currently a post-doctoral researcher. She is also a research scientist at the consulting company Common Prefix. Her academic interests lie in distributed systems, scaling blockchains, and the analysis of cryptoeconomic incentives. |  |
David Millar-Durrant (NEAR/Pagoda)
Talk Title: Chain Signatures and what to do with them
Abstract: NEAR Protocol has the ability to sign transactions using smart contracts. How does the technology work and what are the applications?
| Short bio: David has been building Blockchains for the last 7 years, is currently at NEAR, but previously at Dfinity and Digital asset. |  |
Arthur Gervais (UCL)
Talk Title: (Pre)training and applying LLMs to Blockchain Transactions
Abstract: Why pay tens of thousands of USD, and wait weeks for a smart contract security audit? In this paper, we explore the potential of using large language models (LLMs) to perform smart contract security audits. We explore prompt engineering for effective security analysis, while comparing the performance and accuracy of LLMs given a ground-truth dataset of 52 DeFi smart contracts that were attacked in the wild. On vulnerable contracts, our system SmartGPT achieves a hit rate of 40% on the correct vulnerability type, yet exhibits a high false positive rate which still requires manual auditor attention. We find that SmartGPT achieves a 20% better F1-score than a random model. Extending SmartGPT is as easy as providing a new vulnerability type name along its technical description. While there are many possible improvements, this study paves the way for faster, more cost-effective and systematic smart contract security audits using LLMs, revolutionizing the field of smart contract security. Abstract:
| Short bio: Arthur Gervais is a distinguished computer scientist and Associate Professor of Information Security at University College London, where he leads a research group focused on blockchain security. His expertise spans smart contract security, decentralized systems, and blockchain privacy. Gervais has received numerous accolades for his contributions, including top-ranked computer security faculty status at UCL and Imperial, as well as Best Paper and Best Artifact awards. He has significantly impacted both academia and industry, with thousands of citations and six companies implementing his research. In addition to his position at UCL, Gervais is an Affiliate Faculty at UC Berkeley and a pioneer in blockchain education. He co-instructed the first DeFi Massive Open Online Course alongside renowned experts, attracting over 4,000 students. Gervais actively engages with the blockchain community, regularly speaking at community venues, serving on various committees and advising startups to drive innovation and security in the field. |  |
Fran Algaba (Gizatech)
Talk Title: Act Onchain with AI Agents
Abstract: Expanding the decentralized digital services offered by blockchain protocols using AI Agents that are wallet-enabled to act onchain, thinking offchain with immutable and cryptographic guarantees of their activity.
| Short bio: Fran is cofounder of Giza where we create actionable AI for decentralized applications. I have an extensive experience in the AI industry for more than 10 years as previously Head of ML in Adidas and BBVA. |  |
Jan Lauinger (Technical University of Munich)
Talk Title: Transpiling Policies to Secure Computation Circuits
Abstract: Modern privacy-enhancing technologies reach new forms of computation or data compliance, compression, and privacy according to a statement (e.g. private value > 100). However, beyond the statement expression, the description of secure computation circuits requires knowledge of security algorithms protecting private values.
To keep the description of secure and compliant computation circuits as close to the statement expression as possible, this talk introduces techniques to develop composable policy languages which can be transpiled into secure computation circuits. Additionally, this talk shows how a policy transpiler architecture can be used to decouple the structure of the domain-specific policy language into secure computation gadgets which evaluate the statements expressed by the policy language. The transpilation design reduces the description of secure computation circuits to few lines of code written in the policy language. Thus, the talk shows how the automated generation and composition of private computation circuits can be simplified to a minimum effort of configuring a policy language.
| Short bio: Jan Lauinger is a researcher and PhD candidate at the Technical University of Munich with a research focus on TLS-oracles, decentralized identity, decentralized access control and decentralized policy compliant computation. During the last years, Jan Lauinger contributed to the an EU security project as a developer and project lead and has conducted teaching activities in the domain of IoT security. |  |
Simone Romano (IoTeX)
Talk Title: Building Decentralized Physical Infrastructure Networks (DePINs)
Abstract: In an era dominated by oligopolistic markets, particularly in the telecom and energy sectors, the need for innovation and competition has never been more critical. Decentralized Physical Infrastructure Networks (DePINs) emerge as a beacon of hope, aiming to dismantle the high barriers to entry imposed by financial, logistical, and regulatory challenges that have long stifled competition and innovation. This talk delves into the essence of DePIN, exploring its potential to revolutionize industries by democratizing access to essential services and technologies. We will introduce the concept of DePIN, and its potential to foster innovation. The discussion will highlight the complexities of developing DePIN projects and the critical role of physical work verification within these networks. Featuring IoTeX’s contributions, we’ll showcase its modules designed specifically for building and scaling DePIN projects.
| Short bio: Simone Romano, with an MSc in Computer Engineering specializing in Industrial Automation, has over 15 years of experience in industrial machine vision, holding several patents in the field. Now leading developer relations at IoTeX, Simone uses his expertise to blend development with operational strategy. A passionate blockchain advocate, Simone’s expertise spans traditional industrial technologies and blockchain, and he focuses on applying blockchain to improve real-world systems, especially in decentralized physical infrastructures. |  |
Filip Rezabek (Technical University of Munich)
Talk Title: METHODA: Framework for Large Scale Distributed Systems Evaluation
Abstract: To assess various topologies, configurations, and data traffic types in permissionless setups, we introduce METHODS. It aims to provide, among many others, repeatable, reproducible, and replicable distributed systems experiments with high precision and flexibility. METHOD is based on commercial off-the-shelf hardware and uses the flexible Ansible framework for experiment orchestration. This allows us to configure various topologies emulating realistic behavior of distributed systems deployments. Obtaining such realism is challenging using simulations. Based on the available related work, we will address the challenges found in those networks further. We have introduced some open challenges for the framework requirements.
| Short bio: Filip Rezabek received the Master of Science degree in communications engineering from the Technical University of Munich, in 2020. He is currently pursuing the Ph.D. degree with the Chair of Network Architectures and Services. His research interests include network security, applied and threshold cryptography, and distributed systems resilience and robustness. Besides, he is active in the area of TSN with focus on intra-vehicular networks and smart manufacturing. For both areas are important aspects of reproducible experiments. |  |
Ognjen Maric (Dfinity Foundation)
Talk Title: Fast and Reliable P2P Without Breaking the Memory Budget
Abstract: Blockchain protocol stacks often assume networking primitives such as reliable broadcast. But these primitives are problematic in a Byzantine environment, as they either require unbounded buffering, or give up reliability. Both options open opportunities for DoS attacks and endanger the protocol liveness. In this talk, I’ll describe the message delivery protocol of the Internet Computer (IC), and explain how it guarantees the liveness of the IC blockchain protocol even in a Byzantine setting. To this end, we define a new networking primitive we call abortable broadcast. I’ll then describe the implementation of this primitive in the IC’s networking layer. This layer (1) provides strong delivery guarantees, even in the case of network congestion, peer failure, and backpressure, (2) preserves bandwidth, and (3) enforces all data structures to be bounded even in the presence of malicious peers.
| Short bio: Ognjen Maric is a researcher working the fields of formal verification, distributed systems, and security. He obtained his PhD from ETH Zurich in 2017. After that, he worked at Digital Asset, focusing on Canton, a privacy-enabled protocol for atomic transactions across mutually distrusting parties. He joined the DFINITY Foundation in 2021, focusing on formal verification and design of different parts of the Internet Computer protocol. |
Last Hupel (Giesecke+Devrient)
Talk Title: Digital Euro Update
Abstract: The work on the Digital Euro is going full steam ahead. In January, the European Central Bank has issued calls for applications for component providers, including for example offline payments and fraud & risk management. Meanwhile, the European Parliament is considering the legislation in committee. In this talk, I will give an update about the current state and developments to be expected in the near future.
| Short bio: Software engineer Lars Hupel has a passion: modern payment services. Happily, as Chief Evangelist at G+D, it is their job to share this passion with others. In public lectures and workshops with banks and central banks, Lars spreads the word on Central Bank Digital Currency (CBDC) to a broad audience. |  |
Felix Hoops (Technical University of Munich)
Talk Title: A Middleware Architecture for Self-Sovereign Identity Authentication and Authorization
Abstract: In the evolving digital identity landscape, the concept of Self-Sovereign Identity (SSI) has emerged as a paradigm shift, empowering individuals with the ownership and control of their personal information. In this talk, we will explore how Blockchain and SSI are interconnected. We then present a middleware architecture that leverages the principles of SSI, enabling application clients to authenticate and authorize users holding Verifiable Credentials via the widespread OpenID Connect protocol. This architecture simplifies adoption for new and existing service providers by letting them build on established standards with proven tools.
| Short bio: Felix Hoops is a research associate at the chair of Software Engineering for Business Information Systems at TU Munich since June 2021. He researches Self-Sovereign Identity with a focus on simplifying industry adoption, improving technical elements of it, and the interplay of distributed ledger technology and SSI. |  |
Federico Kunze Küllmer (evmOS/Altiplanic)
Talk Title: Enterprise EVMs: How evmOS enables Access Control for Web3 Businesses
Abstract: The talk will cover how enterprises can leverage evmOS to create Permissioned or Restricted EVM blockchain for their web3 businesses
| Short bio: Federico is the Founder and Director of EvmOS and CEO of Altiplanic. He was an early employee of Cosmos where he built the Cosmos SDK framework and the IBC interoperability protocol. |  |
Fabian Stiehle (Technical University of Munich)
Talk Title: Process Channels: A New Layer for Process Enactment Based on Blockchain State Channels
Abstract: For the enactment of inter-organizational processes, blockchain can guarantee the enforcement of process rules and the integrity of execution traces. However, existing solutions come with downsides regarding throughput scalability, latency, and suboptimal tradeoffs between confidentiality and transparency. To address these issues, we propose to change the foundation of blockchain-based process enactment: from on-chain smart contracts to state channels, an overlay network on top of a blockchain. State channels allow conducting most transactions off-chain while mostly retaining the core security properties offered by blockchain. Our proposal, process channels, is a model-driven approach to enacting processes on state channels, with the aim to retain the desired blockchain properties while reducing the on-chain footprint as much as possible. We here focus on the principled approach of state channels as a platform, to enable manifold future optimizations in various directions, like latency and confidentiality. We implement our approach prototypical and evaluate it both qualitatively (w.r.t. assumptions and guarantees) and quantitatively (w.r.t. correctness and gas cost). In short, while the initial deployment effort is higher with state channels, it typically pays off after a few process instances; and as long as the new assumptions hold, so do the guarantees.
| Short bio: Fabian Stiehle is a research associate and doctoral student at the Technical University of Munich. His research aims at the intersection of distributed information systems and their application in process automation. Specifically, regarding the architecture, development, and integration of such systems. Fabian holds a Master of Computer Science from Technical University of Berlin and a Bachelor of Applied Sciences from Konstanz University of Applied Sciences. |  |