Student Projects

This page lists some potential projects in the DEDIS lab that may be available next semester.  Please first read the general guidelines for projects in the DEDIS lab, then use ONLY the following form to get in touch with us:

Get in touch:
 Google Form Link

For examples of reports, presentations, and code resulting from past projects please see these pages: 2022 2021 2020 2019 2018 2017 2016

List of projects updated November 18, 2022.


Anonymous Proof-of-Presence Groups for Messaging, Voting and Digital Currency

For up to 10 bachelor/master students

Abstract

Popular communication tools today either require semi-strong but privacy-invasive identities such as phone numbers to achieve some level of accountability and Sybil attack protection (e.g., WhatsApp or Signal), or use weak identities such as E-mail addresses or pseudonymous public keys (e.g., Bitcoin) but lose any fair, “person-centric” form of accountability or Sybil attack protection. The DEDIS lab is developing a new, human-centric “proof-of-personhood” (PoP) solution to this problem leveraging physical presence at real-world events to provide privacy-preserving but accountable, Sybil-protected identities.
This project will prototype a minimalistic but highly robust and usable proof-of-presence group communication app for mobile devices. The app will enable anyone to organize an in-person event, and take a secure “roll-call” at that event to connect with attendees and give each a one-per-person digital membership token. With these tokens, attendees can message each other, participate in an election or exchange currency without needing any strong identities (phone numbers etc), but with the ability to hold all participants accountable.

Required skills: solid programming experience, basic cryptography, web and/or mobile app development

Contact: Pierluca Borsò

 

Optimizing Front-Running Protection

For 1 semester or master thesis student

Abstract

Front-running attacks, which benefit from advanced knowledge of pending transactions, have proliferated in the cryptocurrency space since the emergence of Decentralized Finance(DeFi). Front-running causes devastating losses to honest participants—estimated at $280M each month—and endangers the fairness of the ecosystem. Thus, there is an urgent need to develop tools that can be deployed with reasonable overhead in the real world to mitigate the attack.

The DEDIS lab is developing a general architecture named Flash Freezing Flash Boys (F3B) that systematically mitigates front-running attacks for all smart contracts at once at the blockchain architecture level. This project aims to implement different advanced crypto primitives on the DEDIS blockchain for F3B to reduce the latency overhead and increase throughput performance.

This project will require a basic knowledge of cryptography.

Contact: Haoqian Zhang

Efficient deterministic execution for smart contracts and other applications

For several bachelor or master students

Abstract

Precisely-controlled deterministic code execution is useful for many purposes including reproducibility, debugging, smart contracts, and side-channel defenses. Mainstream programming languages are pervasively nondeterministic, however, and existing sandboxes that enforce strict determinism are usually application-specific and often inefficient. In this project, you are going to work on a language- and application-neutral framework that provides sandboxed execution in deterministic subsets of multiple languages. More specifically, you are going to define and implement a whitelisted deterministic subset of an existing language (e.g., Java, C on WASM, Go) and its standard-library features. You will experimentally evaluate the performance of these language subsets through prototype applications, such as accountable machine learning algorithms, reproducible image analysis, and smart contracts. This project is implementation-heavy that requires hacking the internals of different programming languages.

Contact: Ceyhun Alp

 

Analyzing Rationality on Blockchain

For 1 semester or master thesis student

Abstract

Many blockchain systems adopt rationality assumptions to ensure the security of the system. Rationality assumptions tell that any node would maximize its profit in a blockchain system. For example, a miner is incentivized to work on the current longest chain in Bitcoin. This strategy can improve his chance of producing the future longest chain, thus maximizing his reward. The Ethereum Proof-of-Stake consensus adopts the deposit-slashing protocol to disincentivize any node that double signs two blocks with the same height.

Such an incentive mechanism seems to provide additional security to the system. However, it may be that the argument only limits the system without considering the outside world. Thus, an irrational behavior within the system may be rational when analyzing rationality in the context of the larger ecosystem.

This project aims to study the rationality assumption. Does it increase the system’s actual security? If so, can this increase in security be quantified? If not, can we develop attacks that defeat the rationality assumption in some (or many) blockchain system(s)?

Contact: Haoqian Zhang

Humanitarian Aid Financial Network

For 1 semester or master thesis student

Abstract

Humanitarian Aid Organizations are interested in issuing digital assets to people in need (beneficiaries). However, existing infrastructure for digital assets present significant risks to the privacy and the personal safety of beneficiaries. The DEDIS lab has devised a new set of protocols for a permissioned infrastructure to allow for beneficiaries to transact securely and without Internet connectivity. In this project, you will be taking on building out the necessary infrastructure to implement and evaluate these sets of protocols.

The applicant must have knowledge of modern cryptography, such as zero-knowledge proofs. Knowing about and having worked with Multi-Party Computation is preferred.

Contact: Louis-Henri Merino

Resilient BFT State Machine Replication

For 1 master student

Abstract

State machine replication (SMR) is a distributed systems abstraction, which allows a group of nodes to replicate the state, in a strongly consistent manner, while being resilient to a fraction of node failures. Byzantine fault tolerant (BFT) SMR is a class of SMR algorithms, where the nodes can display byzantine behaviors (nodes can deviate from the correct protocol description in arbitrary ways).

Existing BFT SMR algorithms make a tradeoff between performance and resilience. In the performance end, algorithms such as Hotstuff aim at delivering high performance, while losing liveness in the face of targeted DDoS attacks. In the resilience end, algorithms such as VABA deliver resilience to DDoS attacks but have quadratic message complexity and low performance in the common synchronous case. In this project, we aim at addressing this tradeoff by proposing algorithms and system designs to achieve both performance and DDoS resilience.

This project will leverage random exponential backoff (REB) to address this tradeoff. We will first focus on how to adapt REB to BFT SMR algorithms, to strengthen the robustness guarantees of the resulting SMR algorithm. Second, we will focus on the design and implementation of the new algorithm. Finally, we will do an experimental analysis of the resulting system, to showcase its resiliency properties.

Contact: Pasindu Tennage