VELLET: Verifiable Embedded Wallet for Securing Authenticity and Integrity
- URL: http://arxiv.org/abs/2404.03874v1
- Date: Fri, 5 Apr 2024 03:23:19 GMT
- Title: VELLET: Verifiable Embedded Wallet for Securing Authenticity and Integrity
- Authors: Hiroki Watanabe, Kohei Ichihara, Takumi Aita,
- Abstract summary: This paper proposes a new protocol to enhance the security of embedded wallets.
Our VELLET protocol introduces a wallet verifier that can match the audit trail of embedded wallets on smart contracts.
- Score: 0.6144680854063939
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: The blockchain ecosystem, particularly with the rise of Web3 and Non-Fungible Tokens (NFTs), has experienced a significant increase in users and applications. However, this expansion is challenged by the need to connect early adopters with a wider user base. A notable difficulty in this process is the complex interfaces of blockchain wallets, which can be daunting for those familiar with traditional payment methods. To address this issue, the category of "embedded wallets" has emerged as a promising solution. These wallets are seamlessly integrated into the front-end of decentralized applications (Dapps), simplifying the onboarding process for users and making access more widely available. However, our insights indicate that this simplification introduces a trade-off between ease of use and security. Embedded wallets lack transparency and auditability, leading to obscured transactions by the front end and a pronounced risk of fraud and phishing attacks. This paper proposes a new protocol to enhance the security of embedded wallets. Our VELLET protocol introduces a wallet verifier that can match the audit trail of embedded wallets on smart contracts, incorporating a process to verify authenticity and integrity. In the implementation architecture of the VELLET protocol, we suggest using the Text Record feature of the Ethereum Name Service (ENS), known as a decentralized domain name service, to serve as a repository for managing the audit trails of smart contracts. This approach has been demonstrated to reduce the necessity for new smart contract development and operational costs, proving cost-effective through a proof-of-concept. This protocol is a vital step in reducing security risks associated with embedded wallets, ensuring their convenience does not undermine user security and trust.
Related papers
- Quantum digital signature based on single-qubit without a trusted third-party [45.41082277680607]
We propose a brand new quantum digital signature protocol without a trusted third party only with qubit technology to further improve the security.
We prove that the protocol has information-theoretical unforgeability. Moreover, it satisfies other important secure properties, including asymmetry, undeniability, and expandability.
arXiv Detail & Related papers (2024-10-17T09:49:29Z) - CrudiTEE: A Stick-and-Carrot Approach to Building Trustworthy Cryptocurrency Wallets with TEEs [14.702329452146602]
TEEs (Trusted Execution Environments) are promising technology to avoid side-channel attacks.
This paper explores a new approach to side-channel mitigation through economic incentives for TEE-based cryptocurrency wallet solutions.
arXiv Detail & Related papers (2024-07-23T13:44:19Z) - The Latency Price of Threshold Cryptosystem in Blockchains [52.359230560289745]
We study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols.
Existing approaches for threshold cryptosystems introduce a latency overhead of at least one message delay for running the threshold cryptographic protocol.
We propose a mechanism to eliminate this overhead for blockchain-native threshold cryptosystems with tight thresholds.
arXiv Detail & Related papers (2024-07-16T20:53:04Z) - Private Blockchain-based Procurement and Asset Management System with QR Code [0.0]
The developed system aims to incorporate a private blockchain technology in the procurement process for the supply office.
The procurement process includes the canvassing, purchasing, delivery and inspection of items, inventory, and disposal.
The study recommends the use of private blockchain-based technology with the procurement and asset management system in the supply office.
arXiv Detail & Related papers (2024-07-12T15:27:36Z) - WALLETRADAR: Towards Automating the Detection of Vulnerabilities in Browser-based Cryptocurrency Wallets [19.265999943788284]
We present a comprehensive security analysis of browser-based wallets in this paper, along with the development of an automated tool designed for this purpose.
We design WALLETRADAR, an automated detection framework that can accurately identify security issues based on static and dynamic analysis.
evaluation of 96 popular browser-based wallets shows WALLETRADAR's effectiveness, by successfully automating the detection process in 90% of these wallets with high precision.
arXiv Detail & Related papers (2024-05-07T14:01:27Z) - Enhancing Trust and Privacy in Distributed Networks: A Comprehensive Survey on Blockchain-based Federated Learning [51.13534069758711]
Decentralized approaches like blockchain offer a compelling solution by implementing a consensus mechanism among multiple entities.
Federated Learning (FL) enables participants to collaboratively train models while safeguarding data privacy.
This paper investigates the synergy between blockchain's security features and FL's privacy-preserving model training capabilities.
arXiv Detail & Related papers (2024-03-28T07:08:26Z) - Towards Secure and Trusted-by-Design Smart Contracts [0.3499870393443268]
Evidential transactions involve the exchange of any form of physical evidence, such as money, birth certificate, visas, tickets, etc.
Most of the time, evidential transactions occur in the context of complex procedures, called evidential protocols, among physical agents.
The blockchain provides the mechanisms to transfer evidence, while smart contracts allow encoding evidential protocols on top of a blockchain.
As a smart contract foregoes trusted third-parties and runs on several machines anonymously, it constitutes a highly critical program that has to be secure and trusted-by-design.
arXiv Detail & Related papers (2024-03-25T16:14:22Z) - The Power of Bamboo: On the Post-Compromise Security for Searchable Symmetric Encryption [43.669192188610964]
Dynamic searchable symmetric encryption (DSSE) enables users to delegate the keyword search over dynamically updated databases to an honest-but-curious server.
This paper studies a new and practical security risk to DSSE, namely, secret key compromise.
We introduce the notion of searchable encryption with key-update (SEKU) that provides users with the option of non-interactive key updates.
arXiv Detail & Related papers (2024-03-22T09:21:47Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - The Boomerang protocol: A Decentralised Privacy-Preserving Verifiable Incentive Protocol [5.384175614198884]
We propose the BOOMERANG protocol for privacy-preserving incentive systems.
It uses cryptographic black box accumulators to store user interactions privately.
It also employs zero-knowledge proofs to transparently compute rewards for users.
arXiv Detail & Related papers (2023-12-06T09:37:45Z) - ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep
Neural Network and Transfer Learning [80.85273827468063]
Existing machine learning-based vulnerability detection methods are limited and only inspect whether the smart contract is vulnerable.
We propose ESCORT, the first Deep Neural Network (DNN)-based vulnerability detection framework for smart contracts.
We show that ESCORT achieves an average F1-score of 95% on six vulnerability types and the detection time is 0.02 seconds per contract.
arXiv Detail & Related papers (2021-03-23T15:04:44Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.