TOP
Search the Dagstuhl Website
Looking for information on the websites of the individual seminars? - Then please:
Not found what you are looking for? - Some of our services have separate websites, each with its own search option. Please check the following list:
Schloss Dagstuhl - LZI - Logo
Schloss Dagstuhl Services
Seminars
Within this website:
External resources:
  • DOOR (for registering your stay at Dagstuhl)
  • DOSA (for proposing future Dagstuhl Seminars or Dagstuhl Perspectives Workshops)
Publishing
Within this website:
External resources:
dblp
Within this website:
External resources:
  • the dblp Computer Science Bibliography


Dagstuhl Seminar 22421

Security of Decentralized Financial Technologies

( Oct 16 – Oct 21, 2022 )

(Click in the middle of the image to enlarge)

Permalink
Please use the following short url to reference this page: https://www.dagstuhl.de/22421

Organizers

Contact



Summary

Trusted intermediaries have been the backbone of economic transactions for centuries. However, with the rise of decentralized ledgers like Bitcoin and Ethereum, individuals now have the opportunity to trade and interact without relying on a centralized authority. In 2020, the decentralized finance (DeFi) sector grew to become a 13+ billion USD economy, encompassing exchanges, borrowing/lending, margin trading, derivatives, and more.

The non-custodial nature of decentralized ledgers gives individuals more control over their assets, but it also requires them to take greater responsibility for managing their private keys and assets. Cryptographers expect DeFi users to have a deep understanding of the security properties and guarantees of the protocols, but in reality, it is challenging to keep users informed about these complexities. Therefore, there is a pressing need for more research to clarify user comprehension of DeFi properties. Additionally, decentralized ledgers face a number of technical limitations, such as scalability issues and potential vulnerabilities to pseudonymous malicious actors.

To address these challenges, the Dagstuhl Seminar brought together researchers with expertise in various subfields of DeFi to jointly examine the security, privacy, and financial properties of decentralized finance. The primary objective of the seminar was to explore how to protect DeFi users. The seminar aimed to reconcile the conflicting demands of security, usability, and performance in DeFi, and outline best practices for users to remain safe while engaging in DeFi activities. Finally, the seminar aimed to apply its recommendations to the growing DeFi ecosystem.

During the seminar, participants presented talks on a wide range of topics, including active attacks on the DeFi ecosystem, proposed cryptographic schemes for enhancing the security of cryptocurrencies, and network insights on cryptocurrencies. The seminar also featured productive discussions across working groups, bringing together researchers from diverse perspectives to achieve the common goal of securing the DeFi landscape.

Given the rapid growth of the DeFi sector, it is important to keep exploring ways to improve its security and user-friendliness. One way to do this is through collaboration and information-sharing among researchers, developers, and users. The Dagstuhl Seminar was an important step in this direction, but there is still much work to be done.

One area of focus could be on improving user education and awareness. This could include developing easy-to-understand guides and tutorials, as well as increasing the transparency of DeFi protocols and the risks associated with using them. Additionally, there is a need for more research into the scalability and performance limitations of decentralized ledgers, as well as finding ways to mitigate security risks such as smart contract vulnerabilities.

Another important aspect to consider is the regulatory landscape for DeFi. Currently, many DeFi protocols operate in a regulatory gray area, and it is important to ensure that they comply with relevant laws and regulations while also protecting user privacy and security. This may require more collaboration between DeFi developers and regulators to establish clear guidelines and standards.

Despite the progress made in the DeFi sector, there are still many unknowns that need to be explored. For example, there is limited understanding of how the Ethereum Proof-of-Stake (PoS) security mechanism works, and what guarantees it provides. This is a crucial aspect of the DeFi landscape as Ethereum is the most widely used blockchain for DeFi applications. Further research is needed to understand the security properties of Ethereum PoS and how it can be improved to better protect users. Additionally, there are other areas in DeFi that require further investigation, such as the scalability and performance limitations of decentralized ledgers, and the trade-offs between privacy and security. By exploring these unknowns, we can gain a better understanding of the DeFi ecosystem and find ways to improve its security and user-friendliness.

In conclusion, the DeFi sector is still in its early stages, and there is much room for growth and improvement. By continuing to bring together experts from various fields and encouraging collaboration, we can help to build a secure and user-friendly DeFi ecosystem that benefits everyone.

Copyright Arthur Gervais and Marie Vasek

Motivation

Trusted intermediaries have dominated economic interactions for centuries. With the advent of decentralized ledgers, such as Bitcoin and Ethereum, people can now trade and interact without trusting a centralized custodian. In 2020 alone, decentralized finance (DeFi) grew to a 13+ Billion USD economy covering exchanges, borrowing/lending, margin trading, derivatives and more.

The non-custodial property of ledgers empowers individuals; however, it also demands greater responsibility in managing assets and private keys. Cryptographers simply assume DeFi users will understand protocols' security properties and guarantees, but in the real world it is a significant challenge to keep users informed. More research is therefore crucial to clarify user comprehension of DeFi properties. Besides usability challenges, decentralized ledgers still suffer from many technical limitations, e.g., they do not scale to throughput levels offered by state-of-the-art custodial payment networks, and more importantly, their security might be vulnerable to pseudonymous malicious actors.

The purpose of this Dagstuhl Seminar is to unite researchers with deep knowledge in the many subfields of DeFi, to jointly revisit their security, privacy and financial properties. The primary aim of the seminar is to elaborate on how we can protect DeFi users. The seminar, therefore, aims to refine the fundamental tensions between security, usability, and performance of DeFi. Second, given those insights, the seminar will aim to outline best practices for users to remain safe when engaging in DeFi. Third, we plan to apply our recommendations to the thriving DeFi ecosystem. Example topics we will study are:

  • Secure decentralized exchanges
  • Secure DeFi privacy and scaling ideas
  • Countering market manipulations
  • Quantification of decentralization

The objectives of the seminar are to:

  1. Elaborate on how we can protect users of decentralized financial technologies. The seminar, therefore, aims to refine the fundamental tensions between security, usability, performance and finance of decentralized networks.
  2. Given those insights, the seminar aims to outline best practices for users to remain safe when utilizing decentralized ledgers.
  3. We plan to apply our recommendations specifically to smart-contract and DeFi friendly blockchains.
This text is published under the Creative Commons BY 4.0 licens
Copyright Joseph Bonneau, Arthur Gervais, and Marie Vasek

Participants
  • Svetlana Abramova (Universität Innsbruck, AT) [dblp]
  • Sarah Azouvi (Protocol Labs - Edinburgh, GB) [dblp]
  • Alex Biryukov (University of Luxembourg, LU) [dblp]
  • Rainer Böhme (Universität Innsbruck, AT) [dblp]
  • Stefanos Chaliasos (London, GB)
  • George Danezis (University College London, GB) [dblp]
  • Markus Dürmuth (Leibniz Universität Hannover, DE)
  • Jens Ernstberger (TU München, DE)
  • Bryan Ford (EPFL Lausanne, CH) [dblp]
  • Arthur Gervais (Imperial College London, GB) [dblp]
  • Lioba Heimbach (ETH Zürich, CH)
  • Philipp Jovanovic (University College London, GB) [dblp]
  • Aljosha Judmayer (Universität Wien & SBA Research - Wien) [dblp]
  • Ghassan Karame (Ruhr-Universität Bochum, DE) [dblp]
  • Lucianna Kiffer (ETH Zürich, CH)
  • Ben Livshits (Imperial College London, GB) [dblp]
  • Pedro Moreno-Sanchez (IMDEA Software Institute - Madrid, ES) [dblp]
  • Joachim Neu (Stanford University, US)
  • Tim Ruffing (Blockstream - Victoria, CA) [dblp]
  • Florian Tschorsch (TU Berlin, DE) [dblp]
  • Marie Vasek (University College London, GB) [dblp]
  • Roger Wattenhofer (ETH Zürich, CH) [dblp]
  • Aviv Yaish (The Hebrew University of Jerusalem, IL)
  • Fan Zhang (Yale University - New Haven, US)
  • Liyi Zhou (Chainlink Labs - London, GB)
  • Aviv Zohar (The Hebrew University of Jerusalem, IL) [dblp]

Related Seminars
  • Dagstuhl Seminar 18461: Blockchain Security at Scale (2018-11-11 - 2018-11-16) (Details)

Classification
  • Computational Engineering / Finance / and Science
  • Cryptography and Security
  • Distributed / Parallel / and Cluster Computing

Keywords
  • blockchain technology
  • decentralized finance (DeFi)
  • security foundations
  • distributed consensus protocols
  • security economics