Improving the Security and Performance of Ethereum Blockchain Transactions: A Decentralised Autonomous Organisations Model

Tools

Mollajafari, Sepideh (2024) Improving the Security and Performance of Ethereum Blockchain Transactions: A Decentralised Autonomous Organisations Model. PhD thesis, University of Gloucestershire. doi:10.46289/ZFHX1698

[img]
Preview
 Text (Final thesis)
14679 Sepideh Mollajafari (2024) Improving the Security and Performance of Ethereum Blockchain Transactions_.pdf - Accepted Version
Available under License All Rights Reserved.
Download (6MB) | Preview

Abstract

Blockchain technology has recently received a great deal of attention from industry and academia due to its apparent benefits. From the initial foundation based on cryptocurrency to the development of smart contracts, Blockchain technology continues to promise significant business benefits for various industry sectors. Notwithstanding its known benefits, and despite having some protective measures and security features, this technology still faces significant security challenges within its different abstract layers. This work focuses on the critical cybersecurity threats and vulnerabilities inherent to the different layers of the Blockchain architecture, with a view to mitigate against the associated risks. From the perspective of architectural layering, each layer of the Blockchain has its own corresponding security issues. In this work, a seven-layer architecture is used, whereby the various components of each layer are set out, highlighting the related security risks and corresponding countermeasures. A taxonomy is then developed, that establishes the inter-relationships between the vulnerabilities and attacks in a smart contract. A specific emphasis is placed on the issues caused by centralisation within smart contracts, whereby a “one-owner” controls access, thus threatening the very decentralised nature that Blockchain is based upon. Smart contracts with centralised ownership pose major security issues and act as a single point of failure, allowing single individuals, or teams, to have complete control over the Blockchain network. To mitigate against the risks associated with centralised control, decentralised autonomous organisations (DAOs) promote a decentralised decision-making process whereby the power of decision-making is distributed and therefore preventing smart contract ownership monopoly. The main contribution of this thesis is the development of a novel automated decentralised application, “Genuine DAO”, that promises to reduce security risks and improve the performance of Blockchain networks. “Genuine DAO” achieves the reduction in security risks by enforcing automated rules that are encoded in smart contracts thus reinforcing the community-based governance and minimising the threats inherent to centralisation, which can be caused by smart contracts’ owners/developers. Additionally, “Genuine DAO” strengthens the security of the network by guarding against the threats caused by Frontrunning attacks. Three further contributions emanate from this work. The first one is an improvement of the overall performance of the Blockchain network, through gas optimisation, cost reduction, and network throughput. This is achieved by using a Polygon layer 2 scaling solution built on the Ethereum network. The second one is the development of a general taxonomy that compiles the different vulnerabilities, the types of attacks, and the related countermeasures within each of the seven layers of the Blockchain. The third one stems from a deep dive into one layer of the Blockchain namely, the Contract Layer. A model application is developed depicting, in detail, the security risks within the Contract Layer, while enlisting the best practices and tools to adopt in order to mitigate against these risks. The understanding gained from delving into the details of security risks within the Contract Layer reinforced the need for developing countermeasures to alleviate the security risks and vulnerabilities inherent to one-owner control in smart contracts, which ultimately led to the main contribution of this work: Genuine DAO.

Item Type: Thesis (PhD)
Thesis Advisors:
Thesis AdvisorEmailURL
Bechkoum, Kamalkbechkoum@glos.ac.ukUNSPECIFIED
Uncontrolled Keywords: Blockchain technology; Ethereum Blockchain Transactions; Cybersecurity threats; decentralised autonomous organisations; DAO
Subjects: H Social Sciences > HD Industries. Land use. Labor > HD28 Management. Industrial Management > HD61 Risk in industry. Risk management
Q Science > QA Mathematics > QA76 Computer software
Divisions: Schools and Research Institutes > School of Business, Computing and Social Sciences
Depositing User: Kamila Niekoraniec
Date Deposited: 10 Jan 2025 11:33
Last Modified: 16 Jan 2025 15:03
URI: https://eprints.glos.ac.uk/id/eprint/14679

University Staff: Request a correction | Repository Editors: Update this record

Altmetric
CORE (COnnecting REpositories)

University Of Gloucestershire

Bookmark and Share

Find Us On Social Media:

Social Media Icons Facebook Twitter YouTube Pinterest Linkedin

Other University Web Sites

University of Gloucestershire, The Park, Cheltenham, Gloucestershire, GL50 2RH. Telephone +44 (0)844 8010001.