Sancus: Cryptographic Audits for Virtual Currency Institutions
Author(s)
Rahman, Ravi
DownloadThesis PDF (1.333Mb)
Advisor
Kagal, Lalana
Terms of use
Metadata
Show full item recordAbstract
Sancus introduces fully accountable, privacy preserving, cryptographic audits for virtual currency institutions – entities that allow users to deposit, exchange, and withdraw blockchain-based funds. These audits, verifiable by the public, provide irrefutable proofs that institutions not only have accounted for all customer transactions but also own at least as much in blockchain assets as they owe to their users. Sancus addresses major limitations in previous works for blockchain auditing: it supports institutions that offer multiple currencies on multiple blockchains, including Bitcoin and Ethereum; it follows security best practices and uses offline wallets; it preserves privacy for the institutions and their customers by hiding transaction amounts and blockchain addresses; and it produces definitive proofs of solvency as individual customers take no part in the auditing process. Evaluation of our reference implementation of Sancus demonstrated that the audit generation time, audit validation time, and size of audits scale linearly with the number of users, number of transactions, and privacy parameters. With efficient runtimes for audit generation and validation in a multi-threaded environment and megabyte order-of-magnitude audit sizes, Sancus offers a promising, new approach for continuous auditing of virtual currency institutions.
Date issued
2021-06Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer SciencePublisher
Massachusetts Institute of Technology