Abstract
Auctions are widely used to sell products between different users. In this paper, we present Auctionity, an English e-auction based on blockchain. We describe the different protocols used in Auctionity. We also define the security models and the associated properties. We formally prove some security properties of this protocol using ProVerif.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Smart contract names are written in true type.
- 2.
Gas is the pricing value required to execute operations on the Ethereum Virtual Machine (EVM).
- 3.
Wei is the smallest money unit of Ethereum, which is equal to \(10^{-18}\) Ether.
- 4.
Payment Guarantee is a functionality offered by the system that ensures sellers that they will receive the winning amount of their auctions. It is done thanks to the deposit made by bidders, that is blocked when they bid until another bid is accepted.
- 5.
WebSocket is a protocol for the connection between a http client and a server. It is used by Auctionity because it allows Ethereum nodes to broadcast information to anyone who listens to it, so the users do not need to constantly interrogate the network.
- 6.
SC function names are written in bold.
- 7.
An Ethereum event is an event emitted as result of a function computation. Every event is broadcasted through WebSockets.
- 8.
Solidity is a programming language for writing Ethereum smart contracts.
- 9.
- 10.
GWei is equal to \(10^{9}\) Wei and \(10^{-9}\) Ether.
References
Bashir, I.: Mastering Blockchain: Distributed Ledger Technology, Decentralization, and Smart Contracts Explained. Packt Publishing Ltd., Birmingham (2018)
Blanchet, B., Smyth, B., Cheval, V., Sylvestre, M.: ProVerif 2.00: automatic cryptographic protocol verifier, user manual and tutorial (2018)
Blass, E.-O., Kerschbaum, F.: Strain: a secure auction for blockchains. In: Lopez, J., Zhou, J., Soriano, M. (eds.) ESORICS 2018. LNCS, vol. 11098, pp. 87–110. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-99073-6_5
Brandt, F.: How to obtain full privacy in auctions. Int. J. Inf. Secur. 5, 201–216 (2006). https://doi.org/10.1007/s10207-006-0001-y
Buterin, V.: On slow and fast block times, July 2015
Curtis, B., Pieprzyk, J., Seruga, J.: An efficient eAuction protocol. In: ARES, pp. 417–421. IEEE Computer Society (2007)
Dreier, J., Dumas, J., Lafourcade, P.: Brandt’s fully private auction protocol revisited. J. Comput. Secur. 23(5), 587–610 (2015)
Dreier, J., Jonker, H., Lafourcade, P.: Defining verifiability in e-auction protocols. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security (ASIA CCS 2013) (2013)
Dreier, J., Lafourcade, P., Lakhnech, Y.: Formal verification of e-Auction protocols. In: Basin, D., Mitchell, J.C. (eds.) POST 2013. LNCS, vol. 7796, pp. 247–266. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36830-1_13
eBay: Our company webpage, July 2018
Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001). https://doi.org/10.1007/s102070100002
Juels, A., Szydlo, M.: A two-server, sealed-bid auction protocol. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 72–86. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36504-4_6
Krishna, V.: Auction Theory. Academic Press, Cambridge (2009)
Lafourcade, P., Picot, J., Pizzuti, D., Nopere, M., Roudeix, E.: Formal definition of the auctionity protocol and its security properties. Technical report, LIMOS (2018). http://sancy.univ-bpclermont.fr/~lafourcade/technical.pdf
Lafourcade, P., Picot, J., Pizzuti, D., Nopere, M., Roudeix, E.: http://sancy.univ-bpclermont.fr/~lafourcade/auctionity.tar (2019)
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2009)
Naor, M., Pinkas, B., Sumner, R.: Privacy preserving auctions and mechanism design. In: ACM Conference on Electronic Commerce, pp. 129–139 (1999)
Omote, K., Miyaji, A.: A practical english auction with one-time registration. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 221–234. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-47719-5_19
Peng, K., Boyd, C., Dawson, E., Viswanathan, K.: Robust, privacy protecting and publicly verifiable sealed-bid auction. In: Deng, R., Bao, F., Zhou, J., Qing, S. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 147–159. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36159-6_13
Sako, K.: An auction protocol which hides bids of losers. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 422–432. Springer, Heidelberg (2000). https://doi.org/10.1007/978-3-540-46588-1_28
Wood, G.: Ethereum: a secure decentralised genereralised transaction ledger (2018)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Lafourcade, P., Nopere, M., Picot, J., Pizzuti, D., Roudeix, E. (2020). Security Analysis of Auctionity: A Blockchain Based E-Auction. In: Benzekri, A., Barbeau, M., Gong, G., Laborde, R., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2019. Lecture Notes in Computer Science(), vol 12056. Springer, Cham. https://doi.org/10.1007/978-3-030-45371-8_18
Download citation
DOI: https://doi.org/10.1007/978-3-030-45371-8_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-45370-1
Online ISBN: 978-3-030-45371-8
eBook Packages: Computer ScienceComputer Science (R0)