André Augusto, Rafael Belchior, Jonas Pfannschmidt, André Vasconcelos, Miguel Correia

Conference MIDDLEWARE '25: Proceedings of the 26th International Middleware Conference, 2025

Abstract: In recent years, there has been a growing adoption of blockchain interoperability solutions and cross-chain protocols. The most popular are cross-chain bridges or, simply, bridges. Bridges connect decentralized applications across various blockchains, supporting the transfer and exchange of assets between blockchains. We introduce XChainWatcher, the first open anomaly detection mechanism for cross-chain bridges, capable of detecting known attacks and other anomalies that harm users and protocol operators. XChainWatcher provides the entire pipeline for extracting cross-chain data from blockchains, decoding data, building logic relations, and evaluating the data against a set of anomaly detection rules.

Bruno Mateus, André Vasconcelos, Miguel Correia, André Augusto, Rafael Belchior

Conference 7th Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS), 2025

Abstract: This paper presents a novel approach for automatic cross-chain protocol pausing using real-time conformance checking. As blockchain interoperability solutions become increasingly prevalent, ensuring their secure and correct operation becomes critical. Our approach leverages runtime verification to detect protocol deviations and automatically trigger pausing mechanisms when potentially malicious behaviors are detected.

Rafael Belchior, André Augusto, André Vasconcelos, Miguel Correia

Tutorial IEEE International Conference on Blockchain and Cryptocurrency (ICBC), 2025

Abstract: Blockchain interoperability refers to the ability of distributed ledgers to communicate with other distributed ledgers and third-party systems. The rapid advancement of blockchain technology has caused knowledge about it to become increasingly fragmented and dispersed. In recent years, we have been seeing interoperability mechanisms being attacked, with the total losses in these protocols amounting to 3.2 billion USD since 2021. This tutorial addresses the growing complexity of blockchain interoperability, creating an increasingly interconnected ecosystem. We present a comprehensive overview of the field's challenges, focusing on the lack of common conceptual models, organizational interoperability gaps, and security risks. Through theoretical foundations and hands-on exercises, participants will explore state-of-the-art solutions, with particular emphasis on the Secure Asset Transfer Protocol (SATP) and its implementation within Hyperledger Cacti. SATP is being developed at the Internet Engineering Task Force with contributions from MIT, Técnico Lisboa, Blockdaemon, Intel, IBM, and several other universities and companies. Participants will have the option to set up and experiment with SATP, contributing to the consolidation of the theoretical part of the tutorial.

André Augusto, Rafael Belchior, André Vasconcelos, Miguel Correia (INESC-ID, Instituto Superior Técnico, Universidade de Lisboa, Portugal), Jonas Pfannschmidt (Blockdaemon - Dublin, Ireland)

Poster Paper The 55th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2025)

Abstract: In recent years, there has been a growing adoption of blockchain interoperability solutions and cross-chain protocols. The most popular are cross-chain bridges or, simply, bridges. Bridges connect decentralized applications across various blockchains, supporting the transfer and exchange of assets between blockchains. We introduce XChainWatcher, the first open anomaly detection mechanism for cross-chain bridges, capable of detecting known attacks and other anomalies that harm users and protocol operators. XChainWatcher provides the entire pipeline for extracting cross-chain data from blockchains, decoding data, building logic relations, and evaluating the data against a set of anomaly detection rules.

Rafael Belchior, Thomas Hardjono, Alex Chiriac, Venkatraman Ranakrishna

Technical Specification arXiv, 2025

Abstract: It is time for the legacy financial infrastructure to seamlessly connect with modern, decentralized infrastructure. Although it is increasingly evident that decentralized infrastructure for finance (namely distributed ledgers) will coexist with and complement legacy infrastructure, it is also clear that such interoperability efforts carry new risks and concerns. In particular, managing the range of heterogeneous (and not well-established) infrastructure brings security, privacy, and regulatory issues. The first step to overcome some of these challenges is to recognize that in many deployment instances using distributed ledgers, the purpose of the ledger is to share resources among the community members. The second step after recognizing that borders exist is to understand that interoperability across systems can be best achieved through the use of standardized service interfaces (or application programming interfaces (API)). In this paper we use the term ledger gateways (or simply gateways) to denote the computer and software systems that implement the standardized service interfaces into a distributed ledger. The main purpose of a gateway is to communicate with other peer gateways that implement the same standardized service interface. Among others, peer gateways perform the transfer of data and value across borders (legal or national borders). Gateways also become a mechanism to manage a permissioned environment, where abiding by laws and regulations is crucial for business compliance (e.g., EU General Data Protection Regulations (GDPR), EU MiCa regulation on digital assets, FAFT Recommendation 15, ISO 27001). .

Alternative preprint available here

André Augusto, Rafael Belchior, Jonas Pfannschmidt, André Vasconcelos, Miguel Correia

Poster Paper 2024

Abstract: Cross-chain bridges are widely used blockchain interoperability mechanisms. However, several of these bridges have vulnerabilities that have caused 3.2 billion dollars in losses since May 2021. Some studies have revealed the existence of these vulnerabilities, but little quantitative research is available, and there are no safeguard mechanisms to protect bridges from such attacks. We propose XChainWatcher, the first mechanism for monitoring bridges and detecting attacks against them. XChainWatcher relies on a cross-chain model powered by a Datalog engine, designed to be pluggable into any cross-chain bridge. Analyzing data from the Ronin and Nomad bridges, we successfully identified the transactions that led to losses of $611M and $190M USD, respectively. XChainWatcher not only uncovers successful attacks but also reveals unintended behavior, such as 37 cross-chain transactions (cctx) that these bridges should not have accepted, failed attempts to exploit Nomad, over $7.8M locked on one chain but never released on Ethereum, and $200K lost due to inadequate interaction with bridges. We provide the first open-source dataset of 81,000 cctxs across three blockchains, capturing $585M and $3.7B in token transfers in Nomad and Ronin, respectively.

Shankar Subramanian, André Augusto, Rafael Belchior, André Vasconcelos, Miguel Correia

Conference 2024 IEEE International Conference on Blockchain (Blockchain), 2024

Abstract: Blockchain aggregators play an instrumental role in the evolution of blockchain technology, serving as pivotal enablers of interoperability, efficiency, and user accessibility in an increasingly decentralized digital world. However, the literature on this emerging technology is scarce and is not systematized, making it harder for practitioners and researchers to understand the field. In this paper, we systematize bridge aggregators, a type of blockchain aggregators. We present an exhaustive analysis of a diverse array of token and message aggregators, each distinguished by its unique architecture. Our research delves into critical aspects of these aggregators, encompassing their functionality, security measures, pricing models, and latency. This research aims to provide readers, users, and developers with insightful and actionable information, facilitating informed navigation through the complex landscape of blockchain aggregators. We explore our findings and compare them with our intuitive expectations. We show that there is a value in centralizing token aggregators. Message aggregators are found to be more powerful but less efficient in transaction cost and latency. Finally, we propose a set of future research directions for practitioners.

Sebastião Mayor, Rafael Belchior, Miguel Correia, André Vasconcelos

Conference International Conference on Enterprise Information Systems (ICEIS) 2024

Abstract: Blockchain technology has revolutionized the way data is stored and accessed in a decentralized manner. However, the lack of interoperability between such systems is an ongoing challenge hindering their wider adoption. This document proposes a two-part solution composed of activities that aim to enhance semantic interoperability between homogeneous and heterogeneous blockchain systems. The first part are the design-time activities that consist of constructing an Archimate model, extracting its Resource Description Framework (RDF) ontology, and assessing its correctness utilizing a semantic reasoner. The second part are the runtime activities that involve leveraging the resulting ontology in a supply chain management application to validate transactions among participants in a network of systems. The evaluation results are promising, demonstrating that a shared ontology can support a transparent and accurate transaction validation approach. Thus, this work is a significant step in proving that distributed ledger technologies can benefit from enterprise architecture techniques to improve their interoperability.

André Augusto, Rafael Belchior, Miguel Correia, André Vasconcelos, Luyao Zhang, Thomas Hardjono

Conference IEEE Symposium on Security and Privacy 2024

Abstract: This paper presents a systematic overview of the security and privacy aspects of blockchain interoperability. As blockchain technology continues to evolve and diversify, the need for secure and private cross-chain communication becomes increasingly critical. The authors conduct a comprehensive analysis of existing blockchain interoperability solutions, identifying key security vulnerabilities and privacy concerns. They propose a taxonomy of blockchain interoperability approaches, categorizing them based on their architectural designs and security models. Furthermore, the paper discusses various attack vectors specific to cross-chain interactions and evaluates the effectiveness of current mitigation strategies. By synthesizing insights from both academic research and industry implementations, this work provides a valuable resource for researchers, developers, and policymakers working on secure and privacy-preserving blockchain interoperability solutions.

Rafael Belchior, Dimo Dimov, Zahary Karadjov, Jonas Pfannschmidt, André Vasconcelos, Miguel Correia

Journal Under review

(click me!)

Abstract: We propose Harmonia, a framework to build robust, secure, efficient, and decentralized cross-chain decentralized applications. As one of its main components, Harmonia utilizes a decentralized and efficient zero-knowledge proof based light client called DendrETH. DendrETH mitigates the security problem by lowering the attack surface and relying on the properties of zero-knowledge proofs.

In this instantiation of Harmonia, DendrETH implements an improved version of Ethereum's light client sync protocol that fixes previously known critical security flaws. This light client protocol is implemented as a smart contract, allowing blockchains to read a source blockchain's state in a trust-minimized way. This enables the creation of several cross-chain use cases, such as secure cross-blockchain bridges (asset transfers) or smart contract migrations (data transfers) that do not require a trusted operator.

Our implementations are compatible with the Ethereum Virtual Machine (EVM) based chains and some non-EVM chains. We provide an open-source implementation and reproducible environment for researchers and practitioners to replicate our results.

Rafael Belchior, Jan Süßenguth, Qi Feng, Thomas Hardjono, André Vasconcelos, Miguel Correia

Academic Magazine Communications of the ACM, 2024

Description: A deep dive into blockchain interoperability: why it is needed, progress that has been made, how it is currently deployed and used, and likely paths of future development.

Abstract: Blockchain interoperability conflates the need for distributed systems to communicate with third-party systems without a canonical chain or orchestration layer. As there is no “chain to rule them all” (for performance, privacy, and market forces), these distributed systems rely on exchanging data and value across network boundaries. Interconnected systems achieve a higher value than the sum of their parts, similar to how the Internet emerged as a set of isolated Local Area Networks (LANs) and, by force of surprising synergies, such networks fundamentally transformed society forever. In this paper, we dive into the rabbit hole of blockchain interoperability and explain why it is needed, what has been done in the last decade, and where it is going.

André Augusto, Rafael Belchior, André Vasconcelos, Imre Kocsis, Gönczy László, Miguel Correia

Workshop IEEE International Conference on Blockchain and Cryptocurrency Cross-Chain Workshop, 2023

Description: In this paper, we leverage an asset transfer protocol, ODAP/SATP, to define an extendable and dependable blockchain interoperability middleware that can bridge CBDC from Hyperledger Fabric to EVM-based permissioned blockchains.

Abstract: The last few years have seen a steep increase in blockchain interoperability research. Most solutions connect public blockchains; hence, the main cross-chain use case is token transfer. By-design platform transparency, tamper-resistance, and auditability make blockchains an infrastructure candidate for Central Bank Digital Currencies (CBDCs), but bridging CBDCs is an important missing piece in general. In this paper, we leverage an asset transfer protocol, ODAP/SATP, to define an extendable and dependable blockchain interoperability middleware that can bridge CBDC from Hyperledger Fabric to EVM-based permissioned blockchains. The key interoperation enabler in the solution is a shared asset definition enforced by both sides of the bridge, accompanied by a mapping between Fabric Identities and Ethereum addresses for identity management. We implement our design for the CBDC use case utilizing Hyperledger Cactus. Through a preliminary performance evaluation, we show that the underlying ledgers heavily influence the latency of the solution, not the bridging components.

André Augusto, Rafael Belchior, André Vasconcelos, Miguel Correia, Thomas Hardjono

Conference IEEE International Conference on Blockchain and Cryptocurrency 2024

Abstract: With the growing interest in blockchain technology, researchers and developers in different industries are shifting their attention to creating interoperability mechanisms. Existing mechanisms usually encompass asset exchanges, asset transfers, and general data transfers. However, most of the solutions based on these mechanisms only work for two permissionless blockchains falling short in use cases requiring more complex business relationships. Also, contrary to existing legacy systems, there is little standardization for cross-chain communication. Here we present MP-SATP, a resilient multi-party asset transfer protocol built on top of the Secure Asset Transfer Protocol (SATP). Furthermore, we enhance SATP's crash recovery mechanism that directly influences the reliability and performance of our solution. Using MP-SATP, we show how to perform N-to-N resilient asset transfers in permissioned environments by decoupling them into multiple 1-to-1 asset transfers. Our results demonstrate that the latency of the protocol is driven by the latency of the slowest 1-to-1 session; and how the usage of backup gateways avoid the overhead caused by rollbacks. Enterprise-grade environments such as supply-chain management systems can immediately leverage our solution to perform atomic multi-party asset transfers as shown by our use case.

Rafael Belchior, Peter Somogyvari, Jonas Pfannschmidt, André Vasconcelos, Miguel Correia

Journal IEEE Transactions on Reliability, 2024

Description: Bridge security in a cross-chain world is paramount. Some estimates talk about over $2 billion in damages only this year. Why is it so hard to secure bridges? Is there a way we could formalize bridge security and therefore alleviate the likelihood of attacks? Meet Hephaestus (the Greek god that links the chains), our most recent paper that describes our method to generate a cross-chain model from a bridging use case, to provide a basis for dependable bridging. Note that this is a primer initial effort to understand and relate the concepts of cross-chain logic, cross-chain transactions, cross-chain state, and cross-chain model.

Abstract: Ecosystems of multiple blockchains are now a reality. Multi-chain applications and protocols are perceived as necessary to enable scalability, privacy, and composability. Despite being a promising emerging research area, we recently have witnessed many attacks that have caused billions of dollars in losses. Attacks against bridges that connect chains are at the top of such attacks in terms of monetary cost, and no apparent solution seems to emerge from the ongoing chaos. In this paper, we present our contribution to minimizing bridge attacks. In particular, we explore the concepts of cross-chain transaction, cross-chain logic, and the cross-chain state as the enablers of the cross-chain model. We propose Hephaestus, the first cross-chain model generator that captures the operational complexity of cross-chain applications. Hephaestus can generate cross-chain models from local transactions on different ledgers realizing arbitrary use cases and allowing operators to monitor their cross-chain applications. Monitoring helps identify outliers and malicious behavior, which can help programmatically to stop bridge hacks and other attacks. We conduct a detailed evaluation of our system, where we implement a cross-chain bridge use case. Our experimental results show that Hephaestus can process 600 cross-chain transactions in less than 5.5 seconds in an environment with two blockchains and requires sublinear storage.

Our implementation is open-source and available here, implemented with Hyperledger Cactus (thanks for the support Hyperledger Foundation).

Rafael Belchior, Limaris Torres, Jonas Pfannschmidt, André Vasconcelos, Miguel Correia

Journal ACM Distributed Ledger Technologies: Research and Practice, 2024

Description: In this paper, we present a foundational concept that helps understand the concept of cross-chain state. A view represents the states of a blockchain available to a particular stakeholder. The combination of views forms an integrated view that represents a consistent global state shared by all participants. This paper introduces BUNGEE (Blockchain UNifier view GEnErator), the first DLT view generator, to allow capturing DLT snapshots, constructing views, and performing arbitrary operations on those, such as integrating views. Creating and integrating views allows interesting applications, such as stakeholder-centric snapshots for audits, cross-chain analysis, blockchain migration, and data analytics.

Abstract: With the evolution of distributed ledger technology (DLT), several blockchains have appeared that provide privacy guarantees, including Corda, Hyperledger Fabric, and Canton. These distributed ledgers only provide partial consistency, meaning that participants can observe the same ledger differently. We propose to use the concept of view to systematically reason about the state of blockchains, even if they provide privacy. We introduce BUNGEE (Blockchain UNifier view GEnErator), the first DLT view generator, to allow capturing snapshots, constructing views from these snapshots, and merging views, according to a set of rules specified by the view stakeholders. Creating views and operating over views allows new applications, such as stakeholder-centric snapshots for audits, cross-chain analysis, blockchain migration, and combined on-chain-off-chain analytics. An important subset of these applications that we cover in the paper is related to blockchain interoperability.

Rafael Belchior, Sabrina Scuri, Nuno Nunes, Thomas Hardjono, André Vasconcelos

Workshop IEEE International Conference on Blockchain and Cryptocurrency Cross-Chain Workshop, 2024

Description: In this paper, we focus on the problem of managing cross-chain state in an integrated manner. First, we introduce the concept of cross-chain logic/cross-chain rules. After that, we present and discuss the results of our blockchain interoperability survey. In this survey we analyzed the needs of experts to systematically model and analyze cross-chain state.

Abstract: With the evolution of distributed ledger technology (DLT), several blockchains have appeared that provide privacy guarantees, including Corda, Hyperledger Fabric, and Canton. These distributed ledgers only provide partial consistency, meaning that participants can observe the same ledger differently, i.e., observe some transactions but not others for privacy reasons. However, this lack of access to all transactions may hamper the development of applications that depend on reasoning about shared state. We propose to use the concept of view – an abstraction of the set of transactions a participant can access at a certain point of time – to systematically reason about the state of blockchains, even if they provide privacy. We introduce BUNGEE (Blockchain UNifier view GEnErator), the first DLT view generator, to allow capturing snapshots, constructing views from these snapshots, and merging views, according to a set of rules specified by the view stakeholders. Creating views and operating over views allows new applications, such as stakeholder-centric snapshots for audits, cross-chain analysis, blockchain migration, and combined on-chain-off-chain analytics.

Catarina Pedreira, Rafael Belchior, Miguel Matos, André Vasconcelos

Workshop BlockTEE'22, 2022

Description: This paper explores a trustless solution built on top of ODAP, a protocol to conduct asset transfers between gateways. T-ODAP enhances the decentralization of ODAP by leveraging a decentralized view storage, envisioned to be implemented in Polkadot.

Abstract: New applications and solutions are emerging as blockchain technology continues to prosper in different industries. However, blockchain systems are considered isolated silos, especially when it comes to interoperability on systems putting restrictions on handling private data. We propose ODAP-AS, a resilient N-N cross-chain asset transfer protocol that enables the execution of N transfers of assets in permissioned environments, leveraging the concept of gateways. Gateways act as the devices through which a blockchain network can be accessed. We build our protocol on top of the Open Digital Asset Protocol (ODAP), and its crash recovery mechanism, ODAP-2PC, a crash fault-tolerant protocol. ODAP-AS also defines how one gateway is replaced by a backup in case of a crash. We implement a cross-chain asset transfer across Hyperledger Fabric and Hyperledger Besu using Hyperledger Cactus, which takes approximately 20 seconds. Additionally, we can conduct a sequential execution of ODAP-AS achieving 0.15 transactions/second throughput.

Rafael Belchior, Luke Riley, Thomas Hardjono, André Vasconcelos, Miguel Correia

Journal ACM Distributed Ledger Technologies: Research and Practice, 2023

Description: This paper was the output of a long collaboration within the IETF forming group ODAP and Quant Network. In this paper, we systematically study the research area of DLT interoperability by dissecting and analyzing previous work. We study the logical separation of interoperability layers, how a DLT can connect to others (connection mode), the object of interoperation (interoperation mode), and propose a new categorization for IMs. Second, we propose the first interoperability assessment for DLTs that systematically evaluates the interoperability degree of an IM. This framework allows comparing the potentiality, compatibility, and performance among solutions. Finally, we propose two decision models to assist in choosing an IM, considering different requirements. The first decision model assists in choosing the infrastructure of an IM, while the second decision model assists in choosing its functionality.

Abstract: Entrepreneurs, enterprises, and governments are using distributed ledger technology (DLT) as a component of complex information systems, and therefore interoperability capabilities are required. Interoperating DLTs enables network effects, synergies and, similarly to the rise of the Internet, it unlocks the full potential of the technology. However, due to the novelty of the area, interoperability mechanisms (IM) are still not well understood, as interoperability is studied in silos. Consequently, choosing the proper IM for a use case is challenging. Our paper has three contributions: first, we systematically study the research area of DLT interoperability by dissecting and analyzing previous work. We study the logical separation of interoperability layers, how a DLT can connect to others (connection mode), the object of interoperation (interoperation mode), and propose a new categorization for IMs. Second, we propose the first interoperability assessment for DLTs that systematically evaluates the interoperability degree of an IM. This framework allows comparing the potentiality, compatibility, and performance among solutions. Finally, we propose two decision models to assist in choosing an IM, considering different requirements. The first decision model assists in choosing the infrastructure of an IM, while the second decision model assists in choosing its functionality.

Rafael Belchior, André Vasconcelos, Miguel Correia, Thomas Hardjono

Conference IEEE International Conference on Services Computing (SCC), 2021

Abstract: Enabling blockchain-based digital asset exchanges requires blockchain interoperability capabilities. Although some solutions have been proposed in recent years, asset and crypto-currency transfers across legal jurisdictions are still an unsolved problem. To realize this vision, we propose Hermes, a fault-tolerant middleware that connects blockchain networks, enabling the transfer of data and value across legal jurisdictions. Hermes is based on the Open Digital Asset Protocol (ODAP), an asset transfer protocol. Hermes utilizes a novel mechanism called ODAP-2PC and decentralized logging that can solve disputes regarding asset exchange. We find Hermes to fill an existing gap: the technical infrastructure that can constitute the basis for legislating and regulating cross-chain transfers, enabling the future of finance.

Martin Hargreaves, Thomas Hardjono, Rafael Belchior, Venkatraman Ramakrishna

Technical Specification IETF, 2023

Abstract: This memo describes the Secure Asset Transfer (SAT) Protocol for digital assets. SAT is a protocol operating between two gateways that conducts the transfer of a digital asset from one gateway to another, each representing their corresponding digital asset networks. The protocol establishes a secure channel between the endpoints and implements a 2-phase commit (2PC) to ensure the properties of transfer atomicity, consistency, isolation and durability.

Note: As of April 2026, the latest version is 13, available at https://datatracker.ietf.org/doc/draft-ietf-satp-core/13/

Rafael Belchior, André Vasconcelos, Miguel Correia, Thomas Hardjono

Journal Future Generation Computer Systems, 2022

Abstract: The emergence of blockchain interoperability is reducing the risk of investing in blockchain by avoiding vendor lock-in, leveraging interoperation, and providing migration capabilities. However, to fully unlock the internet of blockchains, it is necessary to provide enterprise interoperability mechanisms that allow service providers to comply with different regulations, e.g., data privacy regulations. Each blockchain can be reached via a gateway, allowing to interconnect value, to provide different services, and to enable self-sovereignty. To realize this vision, we propose Hermes, a fault-tolerant middleware that connects blockchain networks and is based on the Open Digital Asset Protocol (ODAP). Hermes is crash fault-tolerant by allying a new protocol, ODAP-2PC, with a log storage API that can leverage blockchain to secure logs, providing them transparency, auditability, availability, and non-repudiation. We introduce a use case benefiting from Hermes, digital cross-jurisdiction promissory notes. We show that cross-chain transactions can be achieved securely with Hermes, given that gateways are complying with legal frameworks

Sara Ghaemi, Sara Rouhani, Rafael Belchior, Rui S. Cruz, Hamzeh Khazaei, Petr Musilek

Technical Report arXiv, 2021

Abstract: The maturing of blockchain technology leads to heterogeneity, where multiple solutions specialize in a particular use case. While the development of different blockchain networks shows great potential for blockchains, the isolated networks have led to data and asset silos, limiting the applications of this technology. Blockchain interoperability solutions are essential to enable distributed ledgers to reach their full potential. Such solutions allow blockchains to support asset and data transfer, resulting in the development of innovative applications. This paper proposes a novel blockchain interoperability solution for permissioned blockchains based on the publish/subscribe architecture. We implemented a prototype of this platform to show the feasibility of our design. We evaluate our solution by implementing examples of the different publisher and subscriber networks, such as Hyperledger Besu, which is an Ethereum client, and two different versions of Hyperledger Fabric. We present a performance analysis of the whole network that indicates its limits and bottlenecks. Finally, we discuss the extensibility and scalability of the platform in different scenarios. Our evaluation shows that our system can handle a throughput in the order of the hundreds of transactions per second.

Rafael Belchior, Miguel Correia, Thomas Hardjono

Technical Specification IETF, 2021

Abstract: This memo describes the crash recovery mechanism for the Secure Asset Transfer Protocol (SATP). The goal of this draft is to specify the message flow that implements a crash recovery mechanism. The mechanism assures that gateways running SATP are able to recover faults, enforcing ACID properties for asset transfers across ledgers (i.e., double spend does not occur).

Rafael Belchior, Sérgio Guerreiro, André Vasconcelos, Miguel Correia

Journal Business Process Management Journal, 2022

Description: This study gives an overview of the business process view integration research area. Rooted in database schema integration, business process view integration is needed to consolidate different versions of the same business process. It turns out that lessons from this area are directly applicable to blockchain, because blockchain supports different views on the same data, contrary to common knowledge.

Abstract: The complexity of business environments often causes organizations to produce several inconsistent views of the same business process (BP), leading to fragmentation. BP view integration attempts to produce an integrated view from different views of the same model, facilitating the management of BP models. To study the trends of BP view integration, we conduct an extensive and systematic literature review to summarize findings since the 1970s. With a starting corpus of 918 documents, this survey draws up a systematic inventory of solutions used in academia and industry. By narrowing it down to 71 articles, we discuss in-depth 17 BP integration techniques papers, classifying each solution according to 9 criteria. Our study shows that most view-integration methods utilize annotation-based matching, based on formal merging rules. We highlight the application of view integration to the blockchain research area, where stakeholders can have different views on the same blockchain.

Rafael Belchior, Benedikt Putz, Guenther Pernul, Miguel Correia, André Vasconcelos, Sérgio Guerreiro

Workshop IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2020

Description: This paper implements efforts with a colleague and friend from Germany, Benedikt and his advisor, Guenther. We are both fascinated on how one can use the self-sovereign identity paradigm to achieve privacy-preserving access control processes. This was then our first effort understanding decentralized identifiers, verifiable credentials, and identity-centric blockchains. We design an integration between blockchains and centralized access control mechanisms encoding access control policies into verifiable presentations. This paves the way for more privacy-preserving access control enterprise scenarios.

Abstract: Ineffective data management practices pose serious issues to individuals and companies, e.g., risk of identity theft and online exposure. Self-sovereign identity (SSI) is a new identity management approach that ensures users have full control of their personal data. In this work, we alleviate data breach and user privacy problems by showing how SSI can fit within the context of established enterprise identity and access management technologies. In light of recent endeavors, we explore the use of decentralized identifiers, verifiable credentials, and blockchains that support SSI. We propose Self-Sovereign Identity Based Access Control (SSIBAC), an access control model for cross-organization identity management. SSIBAC leverages conventional access control models and blockchain technology to provide decentralized authentication, followed by centralized authorization. The access control process does not require storing user sensitive data. A prototype was implemented and evaluated, processing 55,000 access control requests per second with a latency of 3 seconds.

Rafael Belchior, André Vasconcelos, Sérgio Guerreiro, Miguel Correia

Journal ACM Computing Surveys, 2021

Description: This survey depicts the past and current state of blockchain interoperability, presenting and categorizing existing solutions. It discusses in detail what is blockchain interoperability, the proposed architectures, use cases, challenges, and future research directions. What I consider special about this survey is that we contacted dozens of people asking feedback on their solutions. It ensured us to have updated information, in a research area set up by obsolete whitepapers. This is the first paper I wrote that I consider a very good paper - It took around 6 months to write, and was reviewed by several colleagues.

An online appendix is available at: https://web.ist.utl.pt/~ist180970/papers/2021/interop-survey-appendix_acm-csur_2021.pdf

Abstract: Blockchain interoperability is emerging as one of the crucial features of blockchain technology, but the knowledge necessary for achieving it is fragmented. This fact makes it challenging for academics and the industry to achieve interoperability among blockchains seamlessly. Given this new domain's novelty and potential, we conduct a literature review on blockchain interoperability by collecting 284 papers and 120 grey literature documents, constituting a corpus of 404 documents. From those 404 documents, we systematically analyzed and discussed 102 documents, including peer-reviewed papers and grey literature. Our review classifies studies in three categories: Public Connectors, Blockchain of Blockchains, and Hybrid Connectors. Each category is further divided into sub-categories based on defined criteria. We classify 67 existing solutions in one sub-category using the Blockchain Interoperability Framework, providing a holistic overview of blockchain interoperability. Our findings show that blockchain interoperability has a much broader spectrum than cryptocurrencies and cross-chain asset transfers. Finally, this article discusses supporting technologies, standards, use cases, open challenges, and future research directions, paving the way for research in the area.

Sara Rouhani, Rafael Belchior, Rui S. Cruz, Ralph Deters

Journal World Wide Web, 2021

Description: This paper was the result of a collaboration with Prof. Rui Cruz, an Assistant Professor from Técnico, and Sara Rouhani, a PhD candidate at the University of Saskatchewan. On the context of a Hyperledger Summer Internship, we implemented a blockchain-based access control system based on Hyperledger Fabric, and explored its capabilities and limitations. It turns out that decentralized access control is quite feasible, we believe even in cross-organizational settings. Looking back, I'm glad to work with such I took the courage to challenge Prof. Rui to go forward with this project.

Abstract: Auditing provides essential security control in computer systems by keeping track of all access attempts, including both legitimate and illegal access attempts. This phase can be useful in the context of audits, where eventual misbehaving parties can be held accountable. Blockchain technology can provide the trusted auditability required for access control systems. In this paper, we propose a distributed Attribute-Based Access Control (ABAC) system based on blockchain to provide trusted auditing of access attempts. Besides auditability, our system presents a level of transparency that both access requesters and resource owners can benefit from it. We present a system architecture with an implementation based on Hyperledger Fabric, achieving high efficiency and low computational overhead. The proposed solution is validated through a use case of independent digital libraries. Detailed performance analysis of our implementation is presented, taking into account different consensus mechanisms and databases. The experimental evaluation shows that our presented system can effectively handle a transaction throughput of 270 transactions per second, with an average latency of 0.54 seconds per transaction.

Rafael Belchior, Miguel Correia, André Vasconcelos

Conference ECIS '20: European Conference on Information Systems, 2020

Description: I consider the second paper I wrote to be a very notorious improvement compared to the first. In this paper, we extended JusticeChain to support audit processes - by encoding dummy audit rules into smart contracts. This technique caught the interest of the reviewers, as it could be easily integrated with real audits, given that the audit rules satisfy the GDPR.

Abstract: Organizations are testing the potential of blockchain technology in different areas, bringing implications to record-keeping and the associated business processes, namely audits. Permissioned, private blockchain frameworks can contribute to the processes behind audits by (i) alleviating auditor's work, (ii) hindering fraud and collusion between organizations and auditors, (iii) promote synergies between organizations and their stakeholders, and (iv) protecting access to sensitive information. This paper studies the use of blockchain technology as an enhancer of secure, distributed, and more automatized audits. The proposed solution uses a permissioned, consortium, blockchain to store audit logs. The blockchain is then leveraged to perform distributed and automatic audits over the recorded logs, aiming to reduce costs associated with audits. In particular, the solution is based on a 4-layer architecture: data acquisition, data transfer, data audit, and data analysis & storage layers. The evaluation shows that the proposed solution is secure and can save and analyse up to around 30 audit log entries per second.

Rafael Belchior, Miguel Correia, André Vasconcelos

Conference CoopIS 2019: 27th International Conference on COOPERATIVE INFORMATION SYSTEMS, 2019

Description: This was the first paper I wrote, in the context of my MSc degree - and my first direct contact with academia. Although very drafty, it exposes the long term effort collaborating with the Portuguese public sector. I learned how to ally the academic thinking with the practical effort of developing a system to be production ready. The experience on the academic conference was very motivating as well.

Abstract: The auditability of information systems plays an essential role in public administration. Information system accesses are saved in log files so auditors can later inspect them. However, there are often distinct stakeholders with different roles and different levels of trust, namely the IT Department that manages the system and the government ministries that access the logs for auditing. This scenario happens at the Portuguese judicial system, where stakeholders utilize an information system managed by third-parties. This paper proposes using blockchain technology to make the storage of access logs more resilient while supporting such a multi-stakeholder scenario, in which different entities have different access rights to data. This proposal is implemented in the Portuguese Judicial System through JusticeChain. JusticeChain comprises the blockchain components and blockchain client components. The blockchain components grant log integrity and redundancy, while the blockchain client component is responsible for saving logs on behalf of an information system. The client allows end-users to access the blockchain, allowing audits mediated by the blockchain.