scispace - formally typeset
Search or ask a question
Author

Anwar Alruwaili

Bio: Anwar Alruwaili is an academic researcher from Stevens Institute of Technology. The author has contributed to research in topics: Smart contract & Database transaction. The author has an hindex of 1, co-authored 3 publications receiving 3 citations.

Papers
More filters
Proceedings ArticleDOI
01 Aug 2019
TL;DR: A new protocol of pre-authorization in which all parties agree and sign, and the blockchain ratifies the resulting agreement is defined, to prevent losses in cryptocurrency transactions.
Abstract: This paper describes a new way to create a pre-authorized transaction on the blockchain so that the transaction is less likely to have errors. Currently, cryptocurrency transactions do not allow a sender to modify or cancel a transaction that has been sent to a wrong address or person. There is no way for the user to retrieve the funds, and the receiver may not return any coins or data. Thus, if a user sends a coin or data to a wrong or non-existent party the coin or data is permanently lost once the transaction is accepted in the blockchain. Current blockchain frameworks such as Bitcoin and Ethereum share this unidirectional technical standard. It is also possible to make it appear that a recipient is taking a bribe by sending them cryptocurrency without their permission. We define a new protocol of pre-authorization in which all parties agree and sign, and the blockchain ratifies the resulting agreement. While nothing will eliminate all risk of error and fraud, this proposal will prevent these kinds of losses.

3 citations

Proceedings ArticleDOI
01 Sep 2020
TL;DR: A hybrid-trusted multi-party contract to identify the input of a client and validate a transaction is described, using trusted parties to authorize a particular input and verify that an owner initially owns that input.
Abstract: Modern applications implemented on distributed ledgers and blockchain platforms serve a wide variety of purposes in automating business and end-user processes. Smart contracts, which are immutable records of functions, are used to mitigate and reduce the administration cost of these implementations. This paper describes a hybrid-trusted multi-party contract to identify the input of a client and validate a transaction. A policy is defined to create the initial relationship, using trusted parties to authorize a particular input and verify that an owner initially owns that input. This ties the reality into the blockchain and requires that trusted parties set up the initial blockchain database. After that, transactions are performed without trusted third parties, reducing costs.

1 citations

Book ChapterDOI
08 Jun 2020
TL;DR: Anwar et al. as discussed by the authors developed a new voting system for use in fundraising that increases fairness for all investors in approving multi-stage funding for a project, and defined smart contracts supporting projects with milestones and a sequence of opportunities for the investors to vote on whether to continue.
Abstract: This paper develops a new voting system for use in fundraising that increases fairness for all investors in approving multi-stage funding for a project. A voting system is a method for people to choose one from two or more possibilities. For electronic voting, it is vital to secure the vote against fraud, so selecting a robust security protocol is critical. For online projects, there are issues of requiring performance for continued payment, and fairness to all investors regardless of the money they invest. To avoid fiascos where projects request vast sums of money and then do not deliver, we define smart contracts supporting projects with milestones and a sequence of opportunities for the investors to vote on whether to continue. For a project with multiple milestones, a new algorithm Anwar gives each investor an equal say and equal risk until their money runs out. This protocol works in a smart contract which requires no central authority, parties, or private channel.

Cited by
More filters
Journal ArticleDOI
TL;DR: This article surveyed the adoption of BC in the diamond industry, and also present pros and cons of this integration, and presents a case study on frameworks, such as Everledger and Tracr, which highlights the real-time challenges of integrating BC inThe diamond Industry.
Abstract: In the recent years, the blockchain (BC) technology has been used in various applications ranging from financial sector to healthcare sector. Moreover, developing BC-based solutions for these applications has been an area of interest among the academia and industry professionals. Diamond has huge potential to become an investment asset, but there are some issues, which hinder the progress of the diamond industry, such as provenance, supply chain traceability, involvement of third party in the verification process, and reliability of transactions . BC seems to be a promising technology, which bridges the gap between the diamond industry and the burgeoning financial markets. Individuals are always confident that the crystals they bought are legitimate and that stolen property can be handed back to the legitimate owner easily. Motivated from these facts, in this article, we surveyed the adoption of BC in the diamond industry, and also present pros and cons of this integration. Then, we discuss issues of the diamond industry operations and based on the literature review, we suggest their probable countermeasures. Then, we analyze various open research issues and challenges associated with integrating the BC in the diamond industry. Finally, we present a case study on frameworks, such as Everledger and Tracr , which highlights the real-time challenges of integrating BC in the diamond Industry.

13 citations

Proceedings ArticleDOI
01 Sep 2020
TL;DR: A hybrid-trusted multi-party contract to identify the input of a client and validate a transaction is described, using trusted parties to authorize a particular input and verify that an owner initially owns that input.
Abstract: Modern applications implemented on distributed ledgers and blockchain platforms serve a wide variety of purposes in automating business and end-user processes. Smart contracts, which are immutable records of functions, are used to mitigate and reduce the administration cost of these implementations. This paper describes a hybrid-trusted multi-party contract to identify the input of a client and validate a transaction. A policy is defined to create the initial relationship, using trusted parties to authorize a particular input and verify that an owner initially owns that input. This ties the reality into the blockchain and requires that trusted parties set up the initial blockchain database. After that, transactions are performed without trusted third parties, reducing costs.

1 citations

Book ChapterDOI
01 Jan 2022
TL;DR: In this article , the authors discuss some of the most common vulnerabilities in blockchain-based solutions that can arise in the context of life sciences research and propose mitigating strategies to address the identified risk.
Abstract: Blockchain technology has a reputation for providing a higher level of assurance and security than other information systems. However, many design decisions, implementation realities, limitations, and trade-offs can create underlying vulnerabilities in blockchain-based solutions that are exploitable by malicious attackers. This chapter discusses some of the most common vulnerabilities in blockchain-based solutions that can arise in the context of life sciences research. For each of these vulnerabilities, mitigating strategies are proposed to address the identified risk. These mitigating strategies reduce the likelihood and impact of the occurrence and, thereby, bring the cybersecurity risk to an acceptable level. Like any other information system, securing a blockchain-based solution requires a holistic, contextual, and risk-based approach that investigates all possible attack vectors and contextually evaluates their potential harm.
Posted Content
TL;DR: Phoenix as mentioned in this paper is a contract architecture that allows the user to restore its security properties after key loss by storing keys in easily available but less secure storage (tier-two) as well as more secure storage that is harder to access (tierone).
Abstract: An attacker that gains access to a cryptocurrency user's private keys can perform any operation in her stead. Due to the decentralized nature of most cryptocurrencies, no entity can revert those operations. This is a central challenge for decentralized systems, illustrated by numerous high-profile heists. Vault contracts reduce this risk by introducing artificial delay on operations, allowing abortion by the contract owner during the delay. However, the theft of a key still renders the vault unusable and puts funds at risk. We introduce Phoenix, a novel contract architecture that allows the user to restore its security properties after key loss. Phoenix takes advantage of users' ability to store keys in easily-available but less secure storage (tier-two) as well as more secure storage that is harder to access (tier-one). Unlike previous solutions, the user can restore Phoenix security after the theft of tier-two keys and does not lose funds despite losing keys in either tier. Phoenix also introduces a mechanism to reduce the damage an attacker can cause in case of a tier-one compromise. We formally specify Phoenix's required behavior and provide a prototype implementation of Phoenix as an Ethereum contract. Since such an implementation is highly sensitive and vulnerable to subtle bugs, we apply a formal verification tool to prove specific code properties and identify faults. We highlight a bug identified by the tool that could be exploited by an attacker to compromise Phoenix. After fixing the bug, the tool proved the low-level executable code's correctness.