Selected Publications

Google Scholar DBLP ORCID

Grunspan and Pérez-Marco argued that a difficulty adjustment mechanism incorporating orphaned blocks would eliminate the profitability of selfish mining in terms of time-averaged revenue. However, we have demonstrated the nontrivial complexity of designing such a protocol.

Contrary to popular belief, DAG-based protocols, like their chain-based predecessors, are not immune to the security-performance tradeoff.

Zero-knowledge virtual machines (ZKVMs) rely heavily on random-access memory, a component that has been understudied despite its influence on performance.

For years, Bitcoin miners put little efforts into adopting several widely-acclaimed block acceleration techniques, which, as some argued, would secure their revenues. Why?

We propose a novel workflow for designing and implementing zkSNARKs that conceals most algebraic and cryptographic operations inside the compiler, eliminating the need for designers to grasp these complex and error-prone procedures.

Many Proof-of-Stake protocols utilize a committee to sign each block, enhancing its security. Could a similar approach be applied to Proof-of-Work protocols?

Maintaining a balanced distribution of nodes across shards is a challenging task. We explore the underlying reasons and present a viable solution.

By decoupling transaction synchronization from confirmation, we can fully exhaust the network’s throughput and substantially reduce the transaction confirmation latency.

Binder, Android’s primary mechanism for inter-process communication (IPC), employs a client-server model where applications act as clients and system services serve as servers. While most security measures focus on protecting against client-side attacks, the system remains vulnerable when an attacker assumes the role of a Binder server.

This task is extracted from a real-world application. One party needs to distribute an encryption key to multiple parties using a blockchain, knowing only their public keys. How can we ensure (1) that all parties receive the same key, and (2) that any discrepancies can be publicly proven without compromising the key’s secrecy?

Many PoW protocols claim superior security to Nakamoto Consensus. Do they deliver?

BU was once the most popular Bitcoin scaling proposal among the miners. Is it as secure as its supporters claimed?

My first attempt to defend against selfish mining by encouraging miners to ignore late blocks.
Post-publication note: I would not recommend a faithful implementation of this design. Now that we understand PoW better, the design and analysis presented in this paper could benefit from further refinement.

Existing distributed web search engines (Faroo, Seeks, and Yacy) do not offer adequate protection against censorship and de-anonymization attacks. We identify the security properties and design new protocols to achieve them.

By requiring every user to complete a proof-of-work puzzle, the DHT network discourages attackers from monopolizing particular ID ranges, as this would necessitate significant computational resources.
Post-publication note: This mechanism no longer works. The widespread availability of ASIC mining equipment has rendered PoW an ineffective defense against Sybil attacks. An attacker can easily overwhelm honest nodes by deploying specialized hardware.