Venkatraman Ramakrishna

Krishnasuri Narayanam, Venkatraman Ramakrishna, Dhinakaran Vinayagamurthy et al.

A core enabler for blockchain or DLT interoperability is the ability to atomically exchange assets held by mutually untrusting owners on different ledgers. This atomic swap problem has been well-studied, with the Hash Time Locked Contract (HTLC) emerging as a canonical solution. HTLC ensures atomicity of exchange, albeit with caveats for node failure and timeliness of claims. But a bigger limitation of HTLC is that it only applies to a model consisting of two adversarial parties having sole ownership of a single asset in each ledger. Realistic extensions of the model in which assets may be jointly owned by multiple parties, all of whose consents are required for exchanges, or where multiple assets must be exchanged for one, are susceptible to collusion attacks and hence cannot be handled by HTLC. In this paper, we generalize the model of asset exchanges across DLT networks and present a taxonomy of use cases, describe the threat model, and propose MPHTLC, an augmented HTLC protocol for atomic multi-owner-and-asset exchanges. We analyze the correctness, safety, and application scope of MPHTLC. As proof-of-concept, we show how MPHTLC primitives can be implemented in networks built on Hyperledger Fabric and Corda, and how MPHTLC can be implemented in the Hyperledger Labs Weaver framework by augmenting its existing HTLC protocol.

Bishakh Chandra Ghosh, Venkatraman Ramakrishna, Chander Govindarajan et al.

Interoperation for data sharing between permissioned blockchain networks relies on networks' abilities to independently authenticate requests and validate proofs accompanying the data; these typically contain digital signatures. This requires counterparty networks to know the identities and certification chains of each other's members, establishing a common trust basis rooted in identity. But permissioned networks are ad hoc consortia of existing organizations, whose network affiliations may not be well-known or well-established even though their individual identities are. In this paper, we describe an architecture and set of protocols for distributed identity management across permissioned blockchain networks to establish a trust basis for data sharing. Networks wishing to interoperate can associate with one or more distributed identity registries that maintain credentials on shared ledgers managed by groups of reputed identity providers. A network's participants possess self-sovereign decentralized identities (DIDs) on these registries and can obtain privacy-preserving verifiable membership credentials. During interoperation, networks can securely and dynamically discover each others' latest membership lists and members' credentials. We implement a solution based on Hyperledger Indy and Aries, and demonstrate its viability and usefulness by linking a trade finance network with a trade logistics network, both built on Hyperledger Fabric. We also analyze the extensibility, security, and trustworthiness of our system.

Dushyant Behl, Palanivel Kodeswaran, Venkatraman Ramakrishna et al.

Private blockchain networks are used by enterprises to manage decentralized processes without trusted mediators and without exposing their assets publicly on an open network like Ethereum. Yet external parties that cannot join such networks may have a compelling need to be informed about certain data items on their shared ledgers along with certifications of data authenticity; e.g., a mortgage bank may need to know about the sale of a mortgaged property from a network managing property deeds. These parties are willing to compensate the networks in exchange for privately sharing information with proof of authenticity and authorization for external use. We have devised a novel and cryptographically secure protocol to effect a fair exchange between rational network members and information recipients using a public blockchain and atomic swap techniques. Using our protocol, any member of a private blockchain can atomically reveal private blockchain data with proofs in exchange for a monetary reward to an external party if and only if the external party is a valid recipient. The protocol preserves confidentiality of data for the recipient, and in addition, allows it to mount a challenge if the data turns out to be inauthentic. We also formally analyze the security and privacy of this protocol, which can be used in a wide array of practical scenarios

Ermyas Abebe, Yining Hu, Allison Irvin et al.

Permissioned ledger technologies have gained significant traction over the last few years. For practical reasons, their applications have focused on transforming narrowly scoped use-cases in isolation. This has led to a proliferation of niche, isolated networks that are quickly becoming data and value silos. To increase value across the broader ecosystem, these networks must seamlessly integrate with existing systems and interoperate with one another. A fundamental requirement for enabling crosschain communication is the ability to prove the validity of the internal state of a ledger to an external party. However, due to the closed nature of permissioned ledgers, their internal state is opaque to an external observer. This makes consuming and verifying states from these networks a non-trivial problem. This paper addresses this fundamental requirement for state sharing across permissioned ledgers. In particular, we address two key problems for external clients: (i) assurances on the validity of state in a permissioned ledger and (ii) the ability to reason about the currency of state. We assume an adversarial model where the members of the committee managing the permissioned ledger can be malicious in the absence of detectability and accountability. We present a formalization of the problem for state sharing and examine its security properties under different adversarial conditions. We propose the design of a protocol that uses a secure public ledger for providing guarantees on safety and the ability to reason about time, with at least one honest member in the committee. We then provide a formal security analysis of our design and a proof of concept implementation based on Hyperledger Fabric demonstrating the effectiveness of the proposed protocol.