Student Projects

For 1 bachelor or master semester project or 1 Master thesis project

Abstract

Many blockchain systems adopt rationality assumptions to ensure the security of the system. Rationality assumptions tell that any node would maximize its profit in a blockchain system. For example, a miner is incentivized to work on the current longest chain in Bitcoin. This strategy can improve his chance of producing the future longest chain, thus maximizing his reward. The Ethereum Proof-of-Stake consensus adopts the deposit-slashing protocol to disincentivize any node that double signs two blocks with the same height.

Such an incentive mechanism seems to provide additional security to the system. However, it may be that the argument only limits the system without considering the outside world. Thus, an irrational behavior within the system may be rational when analyzing rationality in the context of the larger ecosystem.

This project aims to study the rationality assumption. Does it increase the system’s actual security? If so, can this increase in security be quantified? If not, can we develop attacks that defeat the rationality assumption in some (or many) blockchain system(s)?

Contact: Haoqian Zhang

For 1 semester project or Master thesis student

Abstract

Humanitarian Aid Organizations are interested in issuing digital assets to people in need (beneficiaries). However, existing infrastructure for digital assets present significant risks to the privacy and the personal safety of beneficiaries. The DEDIS lab has devised a new set of protocols for a permissioned infrastructure to allow for beneficiaries to transact securely and without Internet connectivity. In this project, you will be taking on building out the necessary infrastructure to implement and evaluate these sets of protocols.

Requirements: The applicant must have knowledge of modern cryptography, such as zero-knowledge proofs. Knowing about and having worked with Multi-Party Computation is preferred.

Contact: Louis-Henri Merino

For 1 Master student (CS, SC, Cyber)

Abstract

D-Voting is an e-voting platform based on the DELA blockchain and en route to replace EPFL’s current e-voting system. The project started in early 2021 and has been continuously developed by EPFL students and research software engineers. D-Voting consists of four main components: the web frontend serving the website, the web backend managing authentication and authorization and finally the blockchain node and its proxy exposing the node’s API. The blockchain is manipulated by sending requests to the web backend which performs access control and permission checks and forwards the messages to the blockchain. The blockchain only trusts requests from without the blockchain that have been signed by the web backend. The web backend therefore currently presents a single point of failure in the setup. As the blockchain mistrusts any requests that have not been signed by the web backend, the blockchain’s content is inaccessible if the web backend is not running.

The goal of this project is therefore to integrate the access/permission management into the smart contract so that the blockchain can perform these checks itself.

Required skills: This project requires a basic understanding of blockchain technologies. Prior programming experience in Go and/or Typescript is appreciated but not a prerequisite.

Contact: [email protected]

For 2 students, Master project, Master thesis

Abstract

State machine replication allows a group of computing nodes to reach agreement over a single history of commands, that can be used to consistently update the distribted state. In this project, we aim at improving the performance of state machine replication protocols using two methods. First, we’ll look at heuristic based approaches to improve the throughput and reduce the latency of state machine replication protocols. Then we explore automated methods based on machine learning and multi armed bandit methods.

Required background: Computer Networks, Go Lang programming, and Machine learning 

Contact: [email protected]

For 1 bachelor or master semester project or 1 Master thesis project

Abstract

Many applications on blockchain rely on a commit-and-reveal scheme. For example, in a sealed-bid auction smart contract, a user could first publish a transaction committing his bid without revealing it. After the blockchain finalizes the transaction, the user can send the second transaction to reveal his actual bid.

However, the current commit-and-reveal implementation requires users to send two transactions, thus doubling the latency overhead. Furthermore, a user could choose not to reveal his value, creating undesirable bias. Finally, the second transaction is subject to suppression attacks in which miners ignore the transaction.

To mitigate the drawbacks mentioned above, DEDIS is designing a new blockchain feature aiming to provide a commit-and-reveal functionality by the execution layer directly. This project aims to implement/test this new feature on Ethereum, as well as demonstrate its power by providing various commit-and-reveal smart contracts.

Contact: Haoqian Zhang

For 1 semester project or Master thesis student

Abstract

Existing solutions for achieving sybil resistance rely on graph-theoretic approaches for reducing the impact of Sybil attacks in a system. Broadly, they exploit the fact that the connection between Sybil nodes and honest nodes is abnormal as compared to the connections among the honest nodes. However, these solutions have some shortcomings – (i) their performance drops drastically in the case where nodes can join and leave the network; (ii) their design depends on the knowledge of the entire social graph; and these shortcomings undermine the practicality of such Sybil resistance mechanisms in various settings. Most notably, these mechanisms would not function in a humanitarian aid distribution setting where the humanitarian aid organization does not possess the social graph and people might not have access to internet connection.

Therefore, our goal will be to build a technique to detect Sybils in the system based on their personhood and the problem of Sybil detection in this setting translates to solving the set cover problem (which is NP-hard). Thus, our approach would involve designing heuristics for the set cover problem and providing bounds for Sybil detection. Additionally, the project would also involve writing simulations for depicting the performance of the system.

Requirements: The applicant must have knowledge about graph theory and some background in programming in Go.

Contact: [email protected] 

For up to 10 bachelor/master students (CS, SC, Cybersec)

Abstract

Popular communication tools today either require semi-strong but privacy-invasive identities such as phone numbers to achieve some level of accountability and Sybil attack protection (e.g., WhatsApp or Signal), or use weak identities such as E-mail addresses or pseudonymous public keys (e.g., Bitcoin) but lose any fair, “person-centric” form of accountability or Sybil attack protection. The DEDIS lab is developing a new, human-centric “proof-of-personhood” (PoP) solution to this problem leveraging physical presence at real-world events to provide privacy-preserving but accountable, Sybil-protected identities.
This project will prototype a minimalistic but highly robust and usable proof-of-presence group communication app for mobile devices. The app will enable anyone to organize an in-person event, and take a secure “roll-call” at that event to connect with attendees and give each a one-per-person digital membership token. With these tokens, attendees can message each other, participate in an election or exchange currency without needing any strong identities (phone numbers etc), but with the ability to hold all participants accountable.

Required skills: solid programming experience, basic cryptography, web and/or mobile app development

Contact: [email protected]

For 1 Master semester project (Cybersecurity)

Abstract

Kyber is an advanced crypto library for the Go language developed by DEDIS, widely used in novel cryptographic applications, both in the industry and within academia. Its success is reflected in the 570+ stars on GitHub and in the 150+ forks that have been created.

This implementation-heavy project consists in developing functionality that will go into the next major version of Kyber: integrating major changes and improvements from forks and projects, improving the package’s API, documentation and testing, as well as helping resolve known security issues.

To achieve these ambitious goals, the selected student will benefit from the co-supervision by DEDIS engineers (Kyber maintainers), an applied cryptographer (current maintainer of the drand Kyber fork) and a PhD student with a strong crypto focus. 

Required skills: solid development skills, including software design and refactoring, as well as the ability to dive into cryptography code and papers. While prior experience with Go is not a requirement, the successful student will need to acquire a strong foundations in the language.

Contact: [email protected]