Blockchain is becoming popular as a distributed and reliable ledger which allows distrustful parties to transact safely without trusting third parties. Emerging blockchain systems like Ethereum support smart contracts where miners can run arbitrary user-defined programs. However, one of the biggest concerns about the blockchain and the smart contract is privacy, since all the transactions on the chain are exposed to the public. In this paper, we present ShadowEth, a system that leverages hardware enclave to ensure the confidentiality of smart contracts while keeping the integrity and availability based on existing public blockchains like Ethereum. ShadowEth establishes a confidential and secure platform protected by Trusted Execution Environment (TEE) off the public blockchain for the execution and storage of private contracts. It only puts the process of verification on the blockchain. We provide a design of our system including a protocol of the cryptographic communication and verification and show the applicability and feasibility of the ShadowEth by various case studies. We implement a prototype using the Intel SGX on the Ethereum network and analyze the security and availability of the system.
This work was supported by the National Key Research and Development Program of China under Grant No. 2016YFB1000104, the National Natural Science Foundation of China under Grant Nos. 61572314 and 61525204, and the Young Scientists Fund of the National Natural Science Foundation of China under Grant No. 61303011.
通讯作者: Yu-Bin Xia
About author: Rui Yuan is currently a postgraduate student of the Institute of Parallel and Distributed Systems, Shanghai Jiao Tong University, Shanghai. His research interests include blockchain and system security.
Rui Yuan, Yu-Bin Xia, Hai-Bo Chen, Bin-Yu Zang, Jan Xie.ShadowEth:公有区块链上的私有智能合约[J] Journal of Computer Science and Technology , 2018,V33(3): 542-556
Rui Yuan, Yu-Bin Xia, Hai-Bo Chen, Bin-Yu Zang, Jan Xie.ShadowEth: Private Smart Contract on Public Blockchain[J] Journal of Computer Science and Technology, 2018,V33(3): 542-556
 Meiklejohn S, Pomarole M, Jordan G, Levchenko K, McCoy D, Voelker G, Savage S. A fistful of bitcoins:Characterizing payments among men with no names. In Proc. the Conf. Internet Measurement Conf., October 2013, pp.127-140. Ron D, Shamir A. Quantitative analysis of the full bitcoin transaction graph. In Proc. the 17th International Conf. Financial Cryptography and Data Security, April 2013, pp.6-24. Parno B, Howell J, Gentry C, Raykova M. Pinocchio:Nearly practical verifiable computation. In Proc. IEEE Symp. Security and Privacy, May 2013, pp.127-140. Miers I, Garman C, Green M, Rubin A D. Zerocoin:Anonymous distributed E-cash from bitcoin. In Proc. IEEE Symp. Security and Privacy, May 2013, pp.397-411. Kosba A, Miller A, Shi E, Wen Z K, Papamanthou C. Hawk:The blockchain model of cryptography and privacypreserving smart contracts. In Proc. IEEE Symp. Security and Privacy, May 2016, pp.839-858. Costan V, Devadas S. Intel SGX explained. IACR Cryptology ePrint Archive:Report 2016/086, 2016. http://eprint.iacr.org/, Mar. 2018. Xu Y Z, Cui W D, Peinado M. Controlled-channel attacks:Deterministic side channels for untrusted operating systems. In Proc. IEEE Symp. Security and Privacy, May 2015, pp.640-656. Shih M W, Lee S, Kim T, Peinado M. T-SGX:Eradicating controlled-channel attacks against enclave programs. In Proc. the Annual Network and Distributed System Security Symposium, March 2017. Shinde S, Chua Z L, Narayanan V, Saxena P. Preventing page faults from telling your secrets:Defenses against pigeonhole attacks. In Proc. the 11th ACM on Asia Conf. Computer and Communications Security, May 2016, pp.317-328. Lee S, Shih M W, Gera P, Kim T, Kim H, Peinado M. Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In Proc. the 26th USENIX Security Symp., August 2017, pp.16-18. Prisco G. Intel develops 'Sawtooth Lake' distributed ledger technology for the Hyperledger project. https://bitcoinmagazine.com/articles/intel-develops-sawtooth-lake-distributed-ledger-technology-for-the-hyperledger-project-14603974-61/, Mar. 2018. Zhang F, Cecchetti E, Croman K, Juels A, Shi E. Town crier:An authenticated data feed for smart contracts. In Proc. the 23rd ACM SIGSAC Conf. Computer and Communications Security, October 2016, pp.270-282. Lind J, Eyal I, Pietzuch P, Sirer G S, Shi E. Teechan:Payment channels using trusted execution environments. arXiv preprint arXiv:1612.07766, 2016. http://arxiv.org/abs/1612.07766, Mar. 2018. Lind J, Eyal I, Kelbert F, Naor O, Pietzuch P, Sirer G S. Teechain:Scalable blockchain payments using trusted execution environments. arXiv preprint arXiv:1707.05454, 2017. http://arxiv.org/abs/1707.05454, Mar. 2018.