[{"abstract":[{"lang":"eng","text":"Runtime verification offers scalable solutions to improve the safety and reliability of systems. However, systems that require verification or monitoring by a third party to ensure compliance with a specification might contain sensitive information, causing privacy concerns when usual runtime verification approaches are used. Privacy is compromised if protected information about the system, or sensitive data that is processed by the system, is revealed. In addition, revealing the specification being monitored may undermine the essence of third-party verification.\r\n\r\nIn this thesis, we propose a protocol for privacy-preserving runtime verification of systems against formal sequential specifications. We develop the protocol in two steps. In the first step, the monitor verifies whether the system satisfies the specification without learning anything else, though both parties are aware of the specification. In the second step, we extend the protocol to ensure that the system remains oblivious to the monitored specification, while the monitor learns only whether the system satisfies the specification and nothing more. Our protocol adapts and improves existing techniques used in cryptography, and more specifically, multi-party computation.\r\n\r\nThe sequential specification defines the observation step of the monitor, whose granularity depends on the situation (e.g., banks may be monitored on a daily basis). Our protocol exchanges a single message per observation step, after an initialization phase. This design minimizes communication overhead, enabling relatively lightweight privacy-preserving monitoring. We implement our approach for monitoring specifications described by register automata and evaluate it experimentally.\r\n"}],"title":"Privacy-preserving runtime verification","user_id":"8b945eb4-e2f2-11eb-945a-df72226e66a9","acknowledgement":"This work is part of the project VAMOS, which has received funding from the European\r\nResearch Council (ERC) under grant agreement No. 101020093, and the Austrian Science\r\nFund (FWF) SFB project SpyCoDe F8502.\r\n","type":"dissertation","month":"03","alternative_title":["ISTA Master’s Thesis"],"year":"2026","keyword":["Privacy-preserving verification","Runtime verification","Monitoring","Reactive functionalities","Cryptographic protocols"],"_id":"21401","department":[{"_id":"GradSch"},{"_id":"ToHe"}],"publication_identifier":{"issn":["2791-4585"]},"doi":"10.15479/AT-ISTA-21401","file_date_updated":"2026-03-10T15:20:09Z","supervisor":[{"last_name":"Henzinger","orcid":"0000-0002-2985-7724","id":"40876CD8-F248-11E8-B48F-1D18A9856A87","first_name":"Thomas A","full_name":"Henzinger, Thomas A"}],"ec_funded":1,"has_accepted_license":"1","date_published":"2026-03-05T00:00:00Z","project":[{"_id":"62781420-2b32-11ec-9570-8d9b63373d4d","name":"Vigilant Algorithmic Monitoring of Software","call_identifier":"H2020","grant_number":"101020093"},{"_id":"34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f","name":"Security and Privacy by Design for Complex Systems","grant_number":"F8512"}],"corr_author":"1","degree_awarded":"MS","publication_status":"published","day":"05","ddc":["000"],"article_processing_charge":"No","citation":{"short":"M. Karimi, Privacy-Preserving Runtime Verification, Institute of Science and Technology Austria, 2026.","ama":"Karimi M. Privacy-preserving runtime verification. 2026. doi:<a href=\"https://doi.org/10.15479/AT-ISTA-21401\">10.15479/AT-ISTA-21401</a>","ista":"Karimi M. 2026. Privacy-preserving runtime verification. Institute of Science and Technology Austria.","mla":"Karimi, Mahyar. <i>Privacy-Preserving Runtime Verification</i>. Institute of Science and Technology Austria, 2026, doi:<a href=\"https://doi.org/10.15479/AT-ISTA-21401\">10.15479/AT-ISTA-21401</a>.","ieee":"M. Karimi, “Privacy-preserving runtime verification,” Institute of Science and Technology Austria, 2026.","apa":"Karimi, M. (2026). <i>Privacy-preserving runtime verification</i>. Institute of Science and Technology Austria. <a href=\"https://doi.org/10.15479/AT-ISTA-21401\">https://doi.org/10.15479/AT-ISTA-21401</a>","chicago":"Karimi, Mahyar. “Privacy-Preserving Runtime Verification.” Institute of Science and Technology Austria, 2026. <a href=\"https://doi.org/10.15479/AT-ISTA-21401\">https://doi.org/10.15479/AT-ISTA-21401</a>."},"oa":1,"author":[{"id":"6e5417ba-5355-11ee-ae5a-94c2e510b26b","first_name":"Mahyar","full_name":"Karimi, Mahyar","last_name":"Karimi","orcid":"0009-0005-0820-1696"}],"file":[{"checksum":"3f49f05c9d123e14d7adb73d3bc50fe2","file_name":"2026_Karimi_Mahyar_Thesis.pdf","file_id":"21404","access_level":"open_access","date_created":"2026-03-06T14:06:25Z","content_type":"application/pdf","file_size":766048,"relation":"main_file","creator":"mkarimi","date_updated":"2026-03-10T15:20:09Z"},{"date_updated":"2026-03-06T14:06:25Z","relation":"source_file","creator":"mkarimi","file_size":1243394,"content_type":"application/zip","date_created":"2026-03-06T14:06:25Z","access_level":"closed","file_id":"21405","file_name":"2026_Karimi_Mahyar_Thesis_src.zip","checksum":"8fb9db4b4187e26443369a993427a5ff"}],"status":"public","OA_place":"repository","date_updated":"2026-03-13T13:37:20Z","page":"60","oa_version":"Published Version","related_material":{"record":[{"id":"21020","status":"public","relation":"part_of_dissertation"}]},"language":[{"iso":"eng"}],"publisher":"Institute of Science and Technology Austria","date_created":"2026-03-05T15:20:47Z"},{"file_date_updated":"2025-11-04T08:19:02Z","doi":"10.4230/LIPIcs.AFT.2025.16","publication_identifier":{"isbn":["9783959774000"],"issn":["1868-8969"]},"conference":{"name":"AFT: Conference on Advances in Financial Technologies","start_date":"2025-10-08","location":"Pittsburgh, PA, United States","end_date":"2025-10-10"},"scopus_import":"1","department":[{"_id":"KrPi"}],"_id":"20587","year":"2025","external_id":{"arxiv":["2508.01448"]},"alternative_title":["LIPIcs"],"tmp":{"short":"CC BY (4.0)","image":"/images/cc_by.png","legal_code_url":"https://creativecommons.org/licenses/by/4.0/legalcode","name":"Creative Commons Attribution 4.0 International Public License (CC-BY 4.0)"},"type":"conference","month":"10","acknowledgement":"This research was funded in whole or in part by the Austrian Science Fund (FWF)\r\n10.55776/F85. For open access purposes, the author has applied a CC BY public copyright license\r\nto any author-accepted manuscript version arising from this submission.","article_number":"16","title":"Nakamoto consensus from multiple resources","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","abstract":[{"text":"The blocks in the Bitcoin blockchain \"record\" the amount of work W that went into creating them through proofs of work. When honest parties control a majority of the work, consensus is achieved by picking the chain with the highest recorded weight. Resources other than work have been considered to secure such longest-chain blockchains. In Chia, blocks record the amount of disk-space S (via a proof of space) and sequential computational steps V (through a VDF).\r\nIn this paper, we ask what weight functions Γ(S,V,W) (that assign a weight to a block as a function of the recorded space, speed, and work) are secure in the sense that whenever the weight of the resources controlled by honest parties is larger than the weight of adversarial parties, the blockchain is secure against private double-spending attacks.\r\nWe completely classify such functions in an idealized \"continuous\" model: Γ(S,V,W) is secure against private double-spending attacks if and only if it is homogeneous of degree one in the \"timed\" resources V and W, i.e., αΓ(S,V,W) = Γ(S,α V, α W). This includes the Bitcoin rule Γ(S,V,W) = W and the Chia rule Γ(S,V,W) = S ⋅ V. In a more realistic model where blocks are created at discrete time-points, one additionally needs some mild assumptions on the dependency on S (basically, the weight should not grow too much if S is slightly increased, say linear as in Chia).\r\nOur classification is more general and allows various instantiations of the same resource. It provides a powerful tool for designing new longest-chain blockchains. E.g., consider combining different PoWs to counter centralization, say the Bitcoin PoW W₁ and a memory-hard PoW W₂. Previous work suggested to use W₁+W₂ as weight. Our results show that using e.g., √{W₁}⋅ √{W₂} or min{W₁,W₂} are also secure, and we argue that in practice these are much better choices.","lang":"eng"}],"date_created":"2025-11-02T23:01:34Z","publisher":"Schloss Dagstuhl - Leibniz-Zentrum für Informatik","language":[{"iso":"eng"}],"publication":"7th Conference on Advances in Financial Technologies","arxiv":1,"oa_version":"Published Version","related_material":{"record":[{"status":"public","id":"21651","relation":"dissertation_contains"}]},"OA_place":"publisher","date_updated":"2026-04-15T08:45:18Z","main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2025/1410"}],"intvolume":"       354","quality_controlled":"1","status":"public","oa":1,"author":[{"id":"3EDE6DE4-AA5A-11E9-986D-341CE6697425","first_name":"Mirza Ahad","full_name":"Baig, Mirza Ahad","last_name":"Baig"},{"last_name":"Günther","id":"ec98511c-eb8e-11eb-b029-edd25d7271a1","full_name":"Günther, Christoph Ullrich","first_name":"Christoph Ullrich"},{"id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87","full_name":"Pietrzak, Krzysztof Z","first_name":"Krzysztof Z","last_name":"Pietrzak","orcid":"0000-0002-9139-1654"}],"file":[{"file_id":"20598","checksum":"b638adcd4fbffa77116c35393e165eb7","file_name":"2025_LIPIcsAFT_Baig.pdf","date_created":"2025-11-04T08:19:02Z","access_level":"open_access","content_type":"application/pdf","file_size":1061847,"date_updated":"2025-11-04T08:19:02Z","success":1,"relation":"main_file","creator":"dernst"}],"ddc":["000"],"day":"06","publication_status":"published","article_processing_charge":"Yes","citation":{"apa":"Baig, M. A., Günther, C. U., &#38; Pietrzak, K. Z. (2025). Nakamoto consensus from multiple resources. In <i>7th Conference on Advances in Financial Technologies</i> (Vol. 354). Pittsburgh, PA, United States: Schloss Dagstuhl - Leibniz-Zentrum für Informatik. <a href=\"https://doi.org/10.4230/LIPIcs.AFT.2025.16\">https://doi.org/10.4230/LIPIcs.AFT.2025.16</a>","ieee":"M. A. Baig, C. U. Günther, and K. Z. Pietrzak, “Nakamoto consensus from multiple resources,” in <i>7th Conference on Advances in Financial Technologies</i>, Pittsburgh, PA, United States, 2025, vol. 354.","chicago":"Baig, Mirza Ahad, Christoph Ullrich Günther, and Krzysztof Z Pietrzak. “Nakamoto Consensus from Multiple Resources.” In <i>7th Conference on Advances in Financial Technologies</i>, Vol. 354. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2025. <a href=\"https://doi.org/10.4230/LIPIcs.AFT.2025.16\">https://doi.org/10.4230/LIPIcs.AFT.2025.16</a>.","mla":"Baig, Mirza Ahad, et al. “Nakamoto Consensus from Multiple Resources.” <i>7th Conference on Advances in Financial Technologies</i>, vol. 354, 16, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2025, doi:<a href=\"https://doi.org/10.4230/LIPIcs.AFT.2025.16\">10.4230/LIPIcs.AFT.2025.16</a>.","ama":"Baig MA, Günther CU, Pietrzak KZ. Nakamoto consensus from multiple resources. In: <i>7th Conference on Advances in Financial Technologies</i>. Vol 354. Schloss Dagstuhl - Leibniz-Zentrum für Informatik; 2025. doi:<a href=\"https://doi.org/10.4230/LIPIcs.AFT.2025.16\">10.4230/LIPIcs.AFT.2025.16</a>","ista":"Baig MA, Günther CU, Pietrzak KZ. 2025. Nakamoto consensus from multiple resources. 7th Conference on Advances in Financial Technologies. AFT: Conference on Advances in Financial Technologies, LIPIcs, vol. 354, 16.","short":"M.A. Baig, C.U. Günther, K.Z. Pietrzak, in:, 7th Conference on Advances in Financial Technologies, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2025."},"OA_type":"gold","volume":354,"corr_author":"1","project":[{"name":"Security and Privacy by Design for Complex Systems","_id":"34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f","grant_number":"F8512"},{"grant_number":"F8509","name":"Security and Privacy by Design for Complex Systems","_id":"34a34d57-11ca-11ed-8bc3-a2688a8724e1"}],"date_published":"2025-10-06T00:00:00Z","has_accepted_license":"1"},{"has_accepted_license":"1","corr_author":"1","date_published":"2023-08-15T00:00:00Z","project":[{"grant_number":"F8512","_id":"34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f","name":"Security and Privacy by Design for Complex Systems"}],"ddc":["000"],"publication_status":"published","day":"15","article_processing_charge":"No","citation":{"ista":"Das S, Xiang Z, Kokoris Kogias E, Ren L. 2023. Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling. 32nd USENIX Security Symposium. USENIX Security Symposium vol. 8, 5359–5376.","ama":"Das S, Xiang Z, Kokoris Kogias E, Ren L. Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling. In: <i>32nd USENIX Security Symposium</i>. Vol 8. Usenix; 2023:5359-5376.","mla":"Das, Sourav, et al. “Practical Asynchronous High-Threshold Distributed Key Generation and Distributed Polynomial Sampling.” <i>32nd USENIX Security Symposium</i>, vol. 8, Usenix, 2023, pp. 5359–76.","short":"S. Das, Z. Xiang, E. Kokoris Kogias, L. Ren, in:, 32nd USENIX Security Symposium, Usenix, 2023, pp. 5359–5376.","apa":"Das, S., Xiang, Z., Kokoris Kogias, E., &#38; Ren, L. (2023). Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling. In <i>32nd USENIX Security Symposium</i> (Vol. 8, pp. 5359–5376). Anaheim, CA, United States: Usenix.","ieee":"S. Das, Z. Xiang, E. Kokoris Kogias, and L. Ren, “Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling,” in <i>32nd USENIX Security Symposium</i>, Anaheim, CA, United States, 2023, vol. 8, pp. 5359–5376.","chicago":"Das, Sourav, Zhuolun Xiang, Eleftherios Kokoris Kogias, and Ling Ren. “Practical Asynchronous High-Threshold Distributed Key Generation and Distributed Polynomial Sampling.” In <i>32nd USENIX Security Symposium</i>, 8:5359–76. Usenix, 2023."},"volume":8,"status":"public","author":[{"first_name":"Sourav","full_name":"Das, Sourav","last_name":"Das"},{"last_name":"Xiang","full_name":"Xiang, Zhuolun","first_name":"Zhuolun"},{"full_name":"Kokoris Kogias, Eleftherios","first_name":"Eleftherios","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","last_name":"Kokoris Kogias"},{"last_name":"Ren","first_name":"Ling","full_name":"Ren, Ling"}],"oa":1,"file":[{"content_type":"application/pdf","file_size":704331,"relation":"main_file","creator":"dernst","date_updated":"2023-11-28T09:14:34Z","success":1,"file_name":"2023_USENIX_Das.pdf","checksum":"1a730765930138e23c6efd2575872641","file_id":"14621","access_level":"open_access","date_created":"2023-11-28T09:14:34Z"}],"date_updated":"2025-04-15T08:16:55Z","quality_controlled":"1","intvolume":"         8","main_file_link":[{"url":"https://eprint.iacr.org/2022/1389","open_access":"1"}],"page":"5359-5376","oa_version":"Published Version","publisher":"Usenix","date_created":"2023-11-26T23:00:55Z","language":[{"iso":"eng"}],"publication":"32nd USENIX Security Symposium","title":"Practical asynchronous high-threshold distributed key generation and distributed polynomial sampling","user_id":"2DF688A6-F248-11E8-B48F-1D18A9856A87","abstract":[{"lang":"eng","text":"Distributed Key Generation (DKG) is a technique to bootstrap threshold cryptosystems without a trusted party. DKG is an essential building block to many decentralized protocols such as randomness beacons, threshold signatures, Byzantine consensus, and multiparty computation. While significant progress has been made recently, existing asynchronous DKG constructions are inefficient when the reconstruction threshold is larger than one-third of the total nodes. In this paper, we present a simple and concretely efficient asynchronous DKG (ADKG) protocol among n = 3t + 1 nodes that can tolerate up to t malicious nodes and support any reconstruction threshold ℓ ≥ t. Our protocol has an expected O(κn3) communication cost, where κ is the security parameter, and only assumes the hardness of the Discrete Logarithm. The\r\ncore ingredient of our ADKG protocol is an asynchronous protocol to secret share a random polynomial of degree ℓ ≥ t, which has other applications, such as asynchronous proactive secret sharing and asynchronous multiparty computation. We implement our high-threshold ADKG protocol and evaluate it using a network of up to 128 geographically distributed nodes. Our evaluation shows that our high-threshold ADKG protocol reduces the running time by 90% and bandwidth usage by 80% over the state-of-the-art."}],"acknowledgement":"The authors would like to thank Amit Agarwal, Andrew Miller, and Tom Yurek for the helpful discussions related to the paper. This work is funded in part by a VMware early career faculty grant, a Chainlink Labs Ph.D. fellowship, the National Science Foundation, and the Austrian Science Fund (FWF) F8512-N.","type":"conference","month":"08","year":"2023","department":[{"_id":"ElKo"}],"_id":"14609","publication_identifier":{"isbn":["9781713879497"]},"conference":{"name":"USENIX Security Symposium","start_date":"2023-08-09","end_date":"2023-08-11","location":"Anaheim, CA, United States"},"scopus_import":"1","file_date_updated":"2023-11-28T09:14:34Z"},{"alternative_title":["LNCS"],"year":"2023","external_id":{"isi":["001150222600001"]},"type":"conference","month":"12","acknowledgement":"Eleftherios Kokoris-Kogias is partially supported by Austrian Science Fund (FWF) grant No: F8512-N.","abstract":[{"lang":"eng","text":"Scaling blockchain protocols to perform on par with the expected needs of Web3.0 has been proven to be a challenging task with almost a decade of research. In the forefront of the current solution is the idea of separating the execution of the updates encoded in a block from the ordering of blocks. In order to achieve this, a new class of protocols called rollups has emerged. Rollups have as input a total ordering of valid and invalid transactions and as output a new valid state-transition.\r\nIf we study rollups from a distributed computing perspective, we uncover that rollups take as input the output of a Byzantine Atomic Broadcast (BAB) protocol and convert it to a State Machine Replication (SMR) protocol. BAB and SMR, however, are considered equivalent as far as distributed computing is concerned and a solution to one can easily be retrofitted to solve the other simply by adding/removing an execution step before the validation of the input.\r\nThis “easy” step of retrofitting an atomic broadcast solution to implement an SMR has, however, been overlooked in practice. In this paper, we formalize the problem and show that after BAB is solved, traditional impossibility results for consensus no longer apply towards an SMR. Leveraging this we propose a distributed execution protocol that allows reduced execution and storage cost per executor (O(log2n/n)) without relaxing the network assumptions of the underlying BAB protocol and providing censorship-resistance. Finally, we propose efficient non-interactive light client constructions that leverage our efficient execution protocols and do not require any synchrony assumptions or expensive ZK-proofs."}],"title":"Executing and proving over dirty ledgers","user_id":"317138e5-6ab7-11ef-aa6d-ffef3953e345","conference":{"start_date":"2023-05-01","name":"FC: Financial Cryptography and Data Security","location":"Bol, Brac, Croatia","end_date":"2023-05-05"},"scopus_import":"1","publication_identifier":{"issn":["1611-3349"],"eissn":["0302-9743"],"isbn":["9783031477539"],"eisbn":["9783031477546"]},"doi":"10.1007/978-3-031-47754-6_1","_id":"14735","department":[{"_id":"ElKo"},{"_id":"GradSch"}],"volume":13950,"publication_status":"published","day":"01","citation":{"short":"C. Stefo, Z. Xiang, E. Kokoris Kogias, in:, 27th International Conference on Financial Cryptography and Data Security, Springer Nature, 2023, pp. 3–20.","mla":"Stefo, Christos, et al. “Executing and Proving over Dirty Ledgers.” <i>27th International Conference on Financial Cryptography and Data Security</i>, vol. 13950, Springer Nature, 2023, pp. 3–20, doi:<a href=\"https://doi.org/10.1007/978-3-031-47754-6_1\">10.1007/978-3-031-47754-6_1</a>.","ama":"Stefo C, Xiang Z, Kokoris Kogias E. Executing and proving over dirty ledgers. In: <i>27th International Conference on Financial Cryptography and Data Security</i>. Vol 13950. Springer Nature; 2023:3-20. doi:<a href=\"https://doi.org/10.1007/978-3-031-47754-6_1\">10.1007/978-3-031-47754-6_1</a>","ista":"Stefo C, Xiang Z, Kokoris Kogias E. 2023. Executing and proving over dirty ledgers. 27th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13950, 3–20.","apa":"Stefo, C., Xiang, Z., &#38; Kokoris Kogias, E. (2023). Executing and proving over dirty ledgers. In <i>27th International Conference on Financial Cryptography and Data Security</i> (Vol. 13950, pp. 3–20). Bol, Brac, Croatia: Springer Nature. <a href=\"https://doi.org/10.1007/978-3-031-47754-6_1\">https://doi.org/10.1007/978-3-031-47754-6_1</a>","ieee":"C. Stefo, Z. Xiang, and E. Kokoris Kogias, “Executing and proving over dirty ledgers,” in <i>27th International Conference on Financial Cryptography and Data Security</i>, Bol, Brac, Croatia, 2023, vol. 13950, pp. 3–20.","chicago":"Stefo, Christos, Zhuolun Xiang, and Eleftherios Kokoris Kogias. “Executing and Proving over Dirty Ledgers.” In <i>27th International Conference on Financial Cryptography and Data Security</i>, 13950:3–20. Springer Nature, 2023. <a href=\"https://doi.org/10.1007/978-3-031-47754-6_1\">https://doi.org/10.1007/978-3-031-47754-6_1</a>."},"article_processing_charge":"No","date_published":"2023-12-01T00:00:00Z","project":[{"_id":"34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f","name":"Security and Privacy by Design for Complex Systems","grant_number":"F8512"}],"corr_author":"1","language":[{"iso":"eng"}],"publication":"27th International Conference on Financial Cryptography and Data Security","date_created":"2024-01-08T09:17:38Z","publisher":"Springer Nature","page":"3-20","oa_version":"Preprint","main_file_link":[{"open_access":"1","url":"https://eprint.iacr.org/2022/1554"}],"intvolume":"     13950","quality_controlled":"1","date_updated":"2025-09-09T14:07:16Z","oa":1,"author":[{"first_name":"Christos","full_name":"Stefo, Christos","id":"a20e8902-32b0-11ee-9fa8-b23fa638b793","last_name":"Stefo"},{"last_name":"Xiang","first_name":"Zhuolun","full_name":"Xiang, Zhuolun"},{"full_name":"Kokoris Kogias, Eleftherios","first_name":"Eleftherios","id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","last_name":"Kokoris Kogias"}],"isi":1,"status":"public"},{"external_id":{"isi":["001150231600003"]},"year":"2023","alternative_title":["LNCS"],"month":"12","type":"conference","acknowledgement":"This work is partially supported by Meta. Eleftherios Kokoris-Kogias is partially supported by Austrian Science Fund (FWF) grant No: F8512-N. Shir Cohen is supported by the Adams Fellowship Program of the Israel Academy of Sciences and Humanities.","user_id":"317138e5-6ab7-11ef-aa6d-ffef3953e345","title":"Proof of availability and retrieval in a modular blockchain architecture","abstract":[{"lang":"eng","text":"This paper explores a modular design architecture aimed at helping blockchains (and other SMR implementation) to scale to a very large number of processes. This comes in contrast to existing monolithic architectures that interleave transaction dissemination, ordering, and execution in a single functionality. To achieve this we first split the monolith to multiple layers which can use existing distributed computing primitives. The exact specifications of the data dissemination part are formally defined by the Proof of Availability & Retrieval (PoA &R) abstraction. Solutions to the PoA &R problem contain two related sub-protocols: one that “pushes” information into the network and another that “pulls” this information. Regarding the latter, there is a dearth of research literature which is rectified in this paper. We present a family of pulling sub-protocols and rigorously analyze them. Extensive simulations support the theoretical claims of efficiency and robustness in case of a very large number of players. Finally, actual implementation and deployment on a small number of machines (roughly the size of several industrial systems) demonstrates the viability of the architecture’s paradigm."}],"publication_identifier":{"issn":["0302-9743"],"isbn":["9783031477508"],"eisbn":["9783031477515"],"eissn":["1611-3349"]},"doi":"10.1007/978-3-031-47751-5_3","scopus_import":"1","conference":{"end_date":"2023-05-05","location":"Bol, Brac, Croatia","start_date":"2023-05-01","name":"FC: Financial Cryptography and Data Security"},"department":[{"_id":"ElKo"}],"_id":"14829","citation":{"short":"S. Cohen, G. Goren, E. Kokoris Kogias, A. Sonnino, A. Spiegelman, in:, 27th International Conference on Financial Cryptography and Data Security, Springer Nature, 2023, pp. 36–53.","mla":"Cohen, Shir, et al. “Proof of Availability and Retrieval in a Modular Blockchain Architecture.” <i>27th International Conference on Financial Cryptography and Data Security</i>, vol. 13951, Springer Nature, 2023, pp. 36–53, doi:<a href=\"https://doi.org/10.1007/978-3-031-47751-5_3\">10.1007/978-3-031-47751-5_3</a>.","ista":"Cohen S, Goren G, Kokoris Kogias E, Sonnino A, Spiegelman A. 2023. Proof of availability and retrieval in a modular blockchain architecture. 27th International Conference on Financial Cryptography and Data Security. FC: Financial Cryptography and Data Security, LNCS, vol. 13951, 36–53.","ama":"Cohen S, Goren G, Kokoris Kogias E, Sonnino A, Spiegelman A. Proof of availability and retrieval in a modular blockchain architecture. In: <i>27th International Conference on Financial Cryptography and Data Security</i>. Vol 13951. Springer Nature; 2023:36-53. doi:<a href=\"https://doi.org/10.1007/978-3-031-47751-5_3\">10.1007/978-3-031-47751-5_3</a>","ieee":"S. Cohen, G. Goren, E. Kokoris Kogias, A. Sonnino, and A. Spiegelman, “Proof of availability and retrieval in a modular blockchain architecture,” in <i>27th International Conference on Financial Cryptography and Data Security</i>, Bol, Brac, Croatia, 2023, vol. 13951, pp. 36–53.","apa":"Cohen, S., Goren, G., Kokoris Kogias, E., Sonnino, A., &#38; Spiegelman, A. (2023). Proof of availability and retrieval in a modular blockchain architecture. In <i>27th International Conference on Financial Cryptography and Data Security</i> (Vol. 13951, pp. 36–53). Bol, Brac, Croatia: Springer Nature. <a href=\"https://doi.org/10.1007/978-3-031-47751-5_3\">https://doi.org/10.1007/978-3-031-47751-5_3</a>","chicago":"Cohen, Shir, Guy Goren, Eleftherios Kokoris Kogias, Alberto Sonnino, and Alexander Spiegelman. “Proof of Availability and Retrieval in a Modular Blockchain Architecture.” In <i>27th International Conference on Financial Cryptography and Data Security</i>, 13951:36–53. Springer Nature, 2023. <a href=\"https://doi.org/10.1007/978-3-031-47751-5_3\">https://doi.org/10.1007/978-3-031-47751-5_3</a>."},"article_processing_charge":"No","publication_status":"published","day":"01","volume":13951,"date_published":"2023-12-01T00:00:00Z","project":[{"name":"Security and Privacy by Design for Complex Systems","_id":"34a4ce89-11ca-11ed-8bc3-8cc37fb6e11f","grant_number":"F8512"}],"publisher":"Springer Nature","date_created":"2024-01-18T07:41:12Z","publication":"27th International Conference on Financial Cryptography and Data Security","language":[{"iso":"eng"}],"oa_version":"Submitted Version","page":"36-53","date_updated":"2025-09-09T14:22:38Z","main_file_link":[{"open_access":"1","url":"https://fc23.ifca.ai/preproceedings/150.pdf"}],"intvolume":"     13951","quality_controlled":"1","status":"public","isi":1,"author":[{"first_name":"Shir","full_name":"Cohen, Shir","last_name":"Cohen"},{"first_name":"Guy","full_name":"Goren, Guy","last_name":"Goren"},{"id":"f5983044-d7ef-11ea-ac6d-fd1430a26d30","first_name":"Eleftherios","full_name":"Kokoris Kogias, Eleftherios","last_name":"Kokoris Kogias"},{"last_name":"Sonnino","full_name":"Sonnino, Alberto","first_name":"Alberto"},{"last_name":"Spiegelman","full_name":"Spiegelman, Alexander","first_name":"Alexander"}],"oa":1}]