Trustworthy Blockchain Gateways for Resource-Constrained Clients and IoT Devices

Resource-constrained blockchain clients and the Internet of Things (IoT) devices pose limitations in terms of processing and storing the entire blockchain ledger and mining blocks. Such clients and devices rely on a view of the blockchain provided by full nodes acting as gateways. However, gateway nodes sometimes can provide a distorted view of the blockchain that makes lightweight clients vulnerable to the eclipse attack. When under such an attack, a client cannot differentiate between a forked view of the blockchain and the legitimate blockchain ledger leading to fatal consequences and huge losses incurred. In this paper, we propose a data attestation solution that employs full nodes as validators to attest the responses reported by gateways of lightweight nodes. We leverage smart contracts to give lightweight clients confidence in the data reported as they are unable to validate it from the blockchain network themselves. The system governs the attestation process that comprises submitting attestation requests, approving them, recording the response of validators, and manage payments. Clients can, thereafter, provide their feedback about the validator/gateway performance in the form of a reputation score. We present the proposed system architecture and describe its implementation on the Ethereum blockchain network. We evaluate the proposed solution with respect to functionality testing, cost of execution, and security analysis of the developed smart contracts. We make our smart contracts code and testing scripts publicly available.

[1]  K. Salah,et al.  Blockchain for healthcare data management: opportunities, challenges, and future recommendations , 2021, Neural Computing and Applications.

[2]  Jong Hyuk Park,et al.  BlockIoTIntelligence: A Blockchain-enabled Intelligent IoT Architecture with Artificial Intelligence , 2020, Future Gener. Comput. Syst..

[3]  Daniel Reijsbergen,et al.  Decentralized Lightweight Detection of Eclipse Attacks on Bitcoin Clients , 2020, 2020 IEEE International Conference on Blockchain (Blockchain).

[4]  Loi Luu,et al.  FlyClient: Super-Light Clients for Cryptocurrencies , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[5]  Aggelos Kiayias,et al.  Non-Interactive Proofs of Proof-of-Work , 2020, IACR Cryptol. ePrint Arch..

[6]  Khaled Salah,et al.  COLIDE: a collaborative intrusion detection framework for Internet of Things , 2019, IET Networks.

[7]  Sergei Tikhomirov,et al.  SmartCheck: Static Analysis of Ethereum Smart Contracts , 2018, 2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB).

[8]  Khaled Salah,et al.  IoT security: Review, blockchain solutions, and open challenges , 2017, Future Gener. Comput. Syst..

[9]  Iuon-Chang Lin,et al.  A Survey of Blockchain Security Issues and Challenges , 2017, Int. J. Netw. Secur..

[10]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[11]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[12]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[13]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[14]  Khaled Salah,et al.  Monetization of Services Provided by Public Fog Nodes Using Blockchain and Smart Contracts , 2020, IEEE Access.

[15]  Khaled Salah,et al.  IoT Public Fog Nodes Reputation System: A Decentralized Solution Using Ethereum Blockchain , 2019, IEEE Access.

[16]  Dominic Letz,et al.  BlockQuick: Super-Light Client Protocol for Blockchain Validation on Constrained Devices , 2019, IACR Cryptol. ePrint Arch..

[17]  E. Soler,et al.  Future Generation Computer Systems , 2018 .

[18]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .