Cryptoeconomics transforms the Internet: HTTP Use cases

Photo by Clint Adair.

Notes part 2, by Prof. Dr. Sebastian Gajek, Weeve CTO

Prof. Dr. Sebastian Gajek, has 15 years experience in Cryptography and Information Security. He has been following Blockchain technology with great enthusiasm since its inception. The following is the part 2 summary to his article; “Unveiling Blockchain’s full potential — A new Era of Internet Protocols and Applications”.

In this post, we outline how a non-straightforward application of cryptoeconomic incentive design would work, specifically to design a Denial-of-Service resilient HTTP Protocol and a Blockchain enabled Authentication HTTP Protocol.

Denial-of-Service resilient HTTP Protocol

“The Internet is clearly one of the greatest inventions of the last millennium, and much of its success must be accredited to the people of the IETF that over decades maintained an interoperable Internet protocol stack.” — Prof. Dr. Sebastian Gajek

Denial-of-service (DOS) cyber attacks form the crux of the Internet protocol stack and applications, affecting its stability. A DOS attack occurs when a service is blocked through the repetitive request of a service from a target server. This results in the service requests to outperform the server’s capability. Consequently, the server effected is inoperable and cannot be contacted.

DOS attacks are extremely problematic in an Internet-connected world. Imagine the chaos created, if an attack shuts down a major cities’ public transport system.

Cryptoeconomic mechanism design

According to Prof. Dr. Sebastian Gajek, protocols leveraging cryptoeconomic mechanism design can be used to disincentivize DOS attacks with a staking mechanism. For the following explanation we will use the cryptographically rebound Alice and Bob narrative.

Protocol Goal: Alice requests a website from Bob’s server, with the understanding that this request will not override Bob’s server.

Protocol setup: Alice and Bob both have a Wallet address that enables token transfers. Bob also has a staking smart contract. This means that he has staked sufficient tokens in the smart contract as collateral, to the number of expected server visits.

Protocol: The protocol (a set of rules governing the format of data sent over a network) runs between Alice and Bob in the following layers:

Sub-protocol running on the Blockchain layer (e.g. Ethereum)

1. Alice deposits a stake by calling Bob’s staking contract.
2. Staking results in a transaction identifiable through a transaction ID. Typically shown as a hash, believed to be a sufficiently good random value.

Sub-protocol running on the application layer

1. Alice sends an HTTP request to Bob by adding her transaction ID to the URL
2. When Alice’s HTTP request is received,
3. Upon reception of the HTTP request, Bob gains Alice’s transaction ID via the URL.

Sub-protocol running on the Blockchain layer (e.g. Ethereum)

1. Bob then verifies that the transaction is within the last n amount of blocks on the blockchain. If he cannot verify this he aborts the mission of allowing Alice access to the server. Blockchain is used as a timestamp for transactions.
2. Bob unlocks the stake after n blocks, in the case that a DOS attack has not occurred.

Sub-protocol running on the application layer

1. Upon transaction ID validation, Bob grants Alice access to the requested server.

Alice is disincentivized to exploit Bob’s server, as this exploitation will cause her to lose her stake. In this scenario, voting mechanism are used to incentivise Bob to grant access to the server. Validators use the immutable records of transactions on the Blockchain to vote accordingly.

Identity and Blockchain-enabled Authentication HTTP Protocol

“Identity theft is one of the top cyber security concerns ranked today.” — Prof. Dr. Sebastian Gajek

Identity on the Internet is the IP address. This address is problematic as IPs addresses change constantly. A Blockchain layer used as a infrastructure for new application and protocols to be built upon offers a unique identity, for example a Wallet address. Using cryptographic public and private key pairs, these uniques identities are insusceptible to theft.

“On the basis of cryptographic keys and Blockchain technology, we can design a simple Blockchain-enabled authentication protocol on top of HTTP” — Prof. Dr. Sebastian Gajek

For a comprehensive breakdown on how to design a Blockchain-enabled Authentication HTTP Protocol, head over to Prof. Dr. Sebastian’s full article titled “Unveiling Blockchain’s true potential- A new era of Internet protocols and applications”.

The article elaborates on the true advantages and benefits of Blockchain yet to be unveiled. With the Blockchain layer holding the potential to bring about a novel redesign to the Internet.

A note to our community: Weeve’s innovative and security driven approach to unite the fragmented IoT space, in combination with Blockchain technology, will empower the Economy of Things. In a decentralized and open source world community is key — join ours on Telegram.