Sebastião Mayor, Rafael Belchior, Miguel Correia, André Vasconcelos

Conference International Conference on Enterprise Information Systems (ICEIS)

TBD

André Augusto, Rafael Belchior, Miguel Correia, André Vasconcelos, Luyao Zhang, Thomas Hardjono

Conference IEEE Symposium on Security and Privacy

TBD

Rafael Belchior, Dimo Dimov, Zahary Karadjov, Jonas Pfannschmidt, André Vasconcelos, Miguel Correia

Journal Submitted

(click me!)

We propose Harmonia, a framework to build robust, secure, efficient, and decentralized cross-chain decentralized applications. As one of its main components, Harmonia utilizes a decentralized and efficient zero-knowledge proof based light client called DendrETH. DendrETH mitigates the security problem by lowering the attack surface and relying on the properties of zero-knowledge proofs.

In this instantiation of Harmonia, DendrETH implements an improved version of Ethereum's light client sync protocol that fixes previously known critical security flaws. This light client protocol is implemented as a smart contract, allowing blockchains to read a source blockchain's state in a trust-minimized way. This enables the creation of several cross-chain use cases, such as secure cross-blockchain bridges (asset transfers) or smart contract migrations (data transfers) that do not require a trusted operator.

Our implementations are compatible with the Ethereum Virtual Machine (EVM) based chains and some non-EVM chains. We provide an open-source implementation and reproducible environment for researchers and practitioners to replicate our results.

Rafael Belchior, Jan Süßenguth, Qi Feng, Thomas Hardjono, André Vasconcelos, Miguel Correia

Academic Magazine Communications of the ACM

A gentle, high-level, state of the art review of the blockchain interoperability research area.

André Augusto, Rafael Belchior, André Vasconcelos, Imre Kocsis, Gönczy László, Miguel Correia

Workshop ICBC Cross-Chain Workshop'23

In this paper, we leverage an asset transfer protocol, ODAP/SATP, to define an extendable and dependable blockchain interoperability middleware that can bridge CBDC from Hyperledger Fabric to EVM-based permissioned blockchains.

André Augusto, Rafael Belchior, Thomas Hardjono, André Vasconcelos

Conference ICBC 2024

With the growing interest in blockchain technology, researchers and developers in different industries are shifting their attention to creating interoperability mechanisms. Existing mechanisms usually encompass asset exchanges, asset transfers, and general data transfers. However, most of the solutions based on these mechanisms only work for two permissionless blockchains falling short in use cases requiring more complex business relationships. Also, contrary to existing legacy systems, there is little standardization for cross-chain communication. Here we present MP-SATP, a resilient multi-party asset transfer protocol built on top of the Secure Asset Transfer Protocol (SATP). Furthermore, we enhance SATP's crash recovery mechanism that directly influences the reliability and performance of our solution. Using MP-SATP, we show how to perform N-to-N resilient asset transfers in permissioned environments by decoupling them into multiple 1-to-1 asset transfers. Our results demonstrate that the latency of the protocol is driven by the latency of the slowest 1-to-1 session; and how the usage of backup gateways avoid the overhead caused by rollbacks. Enterprise-grade environments such as supply-chain management systems can immediately leverage our solution to perform atomic multi-party asset transfers as shown by our use case.

Rafael Belchior, Peter Somogyvari, Jonas Pfannschmidt, André Vasconcelos and Miguel Correia

Journal IEEE Transactions on Reliability

Bridge security in a cross-chain world is paramount. Some estimates talk about over $2 billion in damages only this year (source: https://lnkd.in/dSW9uvAQ). Why is it so hard to secure bridges? Is there a way we could formalize bridge security and therefore alleviate the likelihood of attacks?
At Blockdaemon (with Jonas Pfannschmidt), INESC-ID & Instituto Superior Técnico (with André Vasconcelos, Miguel Pupo Correia), and Accenture (Peter Somogyvari), we are tackling this prominent issue of cross-chain security.
Meet Hephaestus (the greek god that links the chains), our most recent paper that describes our method to generate a cross-chain model from a bridging use case, to provide a basis for dependable bridging. Note that this is a primer initial effort to understand and relate the concepts of cross-chain logic, cross-chain transactions, cross-chain state, and cross-chain model.
Our implementation is open-source and available here, implemented with #Hyperledger Cactus (thanks for the support Hyperledger Foundation).

Rafael Belchior, Limaris Torres, Jonas Pfannschmidt, André Vasconcelos and Miguel Correia

Journal ACM DLT

In this paper, we present a foundational concept, that helps understand the concept of cross-chain state. A \emph{view} represents the states of a blockchain available to a particular stakeholder. The combination of views forms an integrated view that represents a consistent global state shared by all participants. This paper introduces BUNGEE (Blockchain UNifier view GEnErator), the first DLT view generator, to allow capturing DLT snapshots, constructing views, and performing arbitrary operations on those, such as integrating views. Creating and integrating views allows interesting applications, such as stakeholder-centric snapshots for audits, cross-chain analysis, blockchain migration, and data analytics.

Rafael Belchior, Sabrina Scuri, Nuno Nunes, Thomas Hardjono

Technical Report

In this report, we focus on the problem of managing cross-chain state in an integrated manner. First, we introduce the concept of cross-chain logic/cross-chain rules. After that, we present and discuss the results of our blockchain interoperability survey. In this survey we analyzed the needs of experts to systematically model and analyze cross-chain state.

Catarina Pedreira, Rafael Belchior, Miguel Matos, and André Vasconcelos

Workshop BlockTEE'22

This paper explores a trustless solution built on top of ODAP, a protocol to conduct asset transfers between gateways. T-ODAP enhances the decentralization of ODAP by leveraging a decentralized view storage, envisioned to be implemented in Polkadot.

Rafael Belchior, Luke Riley, Thomas Hardjono, André Vasconcelos, and Miguel Correia

Journal ACM DLT

This paper was the output of a long collaboration within the IETF forming group ODAP and Quant Network. In this paper, we systematically study the research area of DLT interoperability by dissecting and analyzing previous work. We study the logical separation of interoperability layers, how a DLT can connect to others (connection mode), the object of interoperation (interoperation mode), and propose a new categorization for IMs. Second, we propose the first interoperability assessment for DLTs that systematically evaluates the interoperability degree of an IM. This framework allows comparing the potentiality, compatibility, and performance among solutions. Finally, we propose two decision models to assist in choosing an IM, considering different requirements. The first decision model assists in choosing the infrastructure of an IM, while the second decision model assists in choosing its functionality.

Rafael Belchior, André Vasconcelos, Miguel Correia, Thomas Hardjono

Conference IEEE International Conference on Services Computing (SCC), 2021

This is a short version of our paper Hermes

Martin Hargreaves, Thomas Hardjono, Rafael Belchior

Technical Specification IETF, 2021

This memo This memo describes the Secure Asset Transfer (SAT) Protocol for digital assets. SAT is a protocol operating between two gateways that conducts the transfer of a digital asset from one gateway to another. The protocol establishes a secure channel between the endpoints and implements a 2-phase commit to ensure the properties of transfer atomicity, consistency, isolation and durability.

Rafael Belchior, André Vasconcelos, Miguel Correia and Thomas Hardjono

Journal Future Generation Computer Systems

Hermes is a blockchain interoperability middleware based on the Open Digital Asset Protocol (ODAP).
Hermes extends ODAP gateways with crash recovery mechanisms to increase resiliency.
ODAP-2PC comes with a rollback protocol, guaranteeing the ACID properties of cross-chain transactions.
ODAP and ODAP-2PC can be used for (regulated) digital assets exchange across jurisdictions.

Sara Ghaemi, Sara Rouhani, Rafael Belchior, Rui Cruz, Hamzeh Khazaei and Petr Musilek

Technical Report

This paper proposes a novel blockchain interoperability solution for permissioned blockchains based on the publish/subscribe architecture - the outcome of a Hyperledger Summer Internship.

Rafael Belchior, Miguel Correia and Thomas Hardjono

Technical Specification IETF, 2021

This memo describes crash recovery mechanisms for the Open Digital Asset Protocol (ODAP). The memo presents ODAP-2PC, a protocol assures that gateways running ODAP are crash fault-tolerant, meaning that the atomicity of asset transfers are assured even if gateways crash. This protocol includes the description of the messaging and logging flows necessary for gateways to keep track of current state, the crash-recovery protocol, and a rollback mechanism.

Rafael Belchior, Sérgio Guerreiro, André Vasconcelos, and Miguel Correia

Journal Business Process Management Journal

This study gives an overview of the business process view integration research area. Rooted on database schema integration, business process view integration is needed to consolidate different versions of the same business process. It turns out that lessons from this area are directly applicable to blockchain, because blockchain supports different views on the same data, contrarily to common knowledge.

Rafael Belchior, Benedikt Putz, Guenther Pernul, Miguel Correia, André Vasconcelos, Sérgio Guerreiro

Workshop IEEE 3rd International Workshop on Blockchain Systems and Applications

This paper implements efforts with a colleague and friend from Germany, Benedikt and his advisor, Guenther. I've got to know Benedikt from his incredibly talented work, A secure and auditable logging infrastructure based on a permissioned blockchain. After Benedikt helped me with my own paper, Towards Secure, Decentralized, and Automatic Audits With Blockchain, we started cooperating. We are both fascinated on how one can use the self sovereign identity paradigm to achieve privacy-preserving access control processes. This was then our first effort understanding decentralized identifiers, verifiable credentials, and identity-centric blockchains. We design an integration between blockchains and centralized access control mechanisms encoding access control policies into verifiable presentations. This paves the way for more privacy preserving access control enterprise scenarios.

A poster presented on Tecnico Lisboa PhD Open Days is available, as well as its presentation, in the form of a video poster.

Rafael Belchior, André Vasconcelos, Sérgio Guerreiro, Miguel Correia

Journal ACM Computing Surveys

This survey depicts the past and current state of blockchain interoperability, presenting and categorizing existing solutions. It discusses in detail what is blockchain interoperability, the proposed architectures, use cases, challenges, and future research directions. What I consider special about this survey is that we contacted dozens of people asking feedback on their solutions. It ensured us to have updated information, in a research area set up by obsolete whitepapers. This is the first paper I wrote that I consider a very good paper - It took around 6 months to write, and was reviewed by several colleagues.

Sara Rouhani, Rafael Belchior, Rui Cruz, Ralph Deters

Journal World Wide Web

Rafael Belchior, Miguel Correia, and André Vasconcelos

Conference ECIS '20: European Conference on Information Systems, 2020

I consider the second paper I wrote to be a very notorious improvement compared to the first. In this paper, we extended JusticeChain to support audit processes - by encoding dummy audit rules into smart contracts. This technique caught the interest of the reviewers, as it could be easily integrated with real audits, given that the audit rules satisfy the GDPR.

Rafael Belchior, Miguel Correia, and André Vasconcelos

Conference CoopIS 2019: 27th International Conference on COOPERATIVE INFORMATION SYSTEMS, 2019

This was the first paper I wrote, in the context of my MSc degree - and my first direct contact with academia. Although very drafty, it exposes the long term effort collaborating with the Portuguese public sector. I learned how to ally the academic thinking with the practical effort of developing a system to be production ready. The experience on the academic conference was very motivating as well.