Ayelet Lotem (Mizrahi)
PhD student at the Hebrew University, researching Cryptocurrencies. Supervised by Prof. Aviv Zohar.
Sliding Window Challenge Process for Congestion Detection (Publisher: FC 2022) Many prominent smart-contract applications such as payment channels, auctions, and voting systems often involve a mechanism in which some party must respond to a challenge or appeal some action within a fixed time limit. This pattern of challenge-response mechanisms poses great risks if during periods of high transaction volume, the network becomes congested. In this case fee market competition can prevent the inclusion of the response in blocks, causing great harm. As a result, responders are allowed long periods to submit their response and overpay in fees. To overcome these problems and improve challenge-response protocols, we suggest a secure mechanism that detects congestion in blocks and adjusts the deadline of the response accordingly. The responder is thus guaranteed a deadline extension should congestion arise. We lay theoretical foundations for congestion signals in blockchains and then proceed to analyze and discuss possible attacks on the mechanism and evaluate its robustness.
Congestion Attacks in Payment Channel Networks (Publisher: FC 2021) We discuss a fundamental vulnerability that arises in payment channel networks as part of the construction of trustless multi-hop payments. We present three modes of attack: the first aims to lock as many high liquidity channels as possible for an extended period, the second disconnects as many pairs of nodes as possible and the third isolates hubs from the rest of the network. We present the evaluation of these attacks over the Lightning Network. We examine the network's properties and different parameters set by the three main implementations of the Lightning Network and show how recent changes in default parameters agreed upon by Lightning Devs made the attack easier to carry out. Our results show that it is possible to disrupt the Lightning Network by locking most of its liquidity spending less than half a bitcoin.
How Developers Choose Names (Publisher: IEEE Trans. Softw. Eng.) The names of variables and functions serve as implicit documentation and are instrumental for program comprehension. But choosing good meaningful names is hard. We perform a sequence of experiments in which a total of 334 subjects are required to choose names in given programming scenarios. The first experiment shows that the probability that two developers would select the same name is low: in the 47 instances in our experiments the median probability was only 6.9%. At the same time, given that a specific name is chosen, it is usually understood by the majority of developers. Analysis of the names given in the experiment suggests a model where naming is a (not necessarily cognizant or serial) three-step process: (1) selecting the concepts to include in the name, (2) choosing the words to represent each concept, and (3) constructing a name using these words. A followup experiment, using the same experimental setup, then checked whether using this model explicitly can improve the quality of names. The results were that names selected by subjects using the model were judged by two independent judges to be superior to names chosen in the original experiment by a ratio of two-to-one. Using the model appears to encourage the use of more concepts and longer names. ©Copyright 2020 by IEEE