Christof Ferreira Torres


Last Name

Ferreira Torres

First Name

Christof

ORCID

0000-0001-6992-703X

Organisational unit

Filters

2023 - 20268
Reset filters

Search Results

Publications 1 - 8 of 8
  • Ethereum's Proposer-Builder Separation: Promises and Realities
    Item type: Conference Paper
    Heimbach, Lioba; Kiffer, Lucianna; Ferreira Torres, Christof; et al. (2023)
    IMC '23: Proceedings of the 2023 ACM on Internet Measurement Conference
    With Ethereum's transition from Proof-of-Work to Proof-of-Stake in September 2022 came another paradigm shift, the Proposer-Builder Separation (PBS) scheme. PBS was introduced to decouple the roles of selecting and ordering transactions in a block (i.e., the builder), from those validating its contents and proposing the block to the network as the new head of the blockchain (i.e., the proposer). In this landscape, proposers are the validators in the Proof-of-Stake consensus protocol who validate and secure the network, while now relying on specialized block builders for creating blocks with the most value (e.g., transaction fees) for the proposer. Additionally, relays play a crucial new role in this ecosystem, acting as mediators between builders and proposers, being entrusted with the responsibility of transmitting the most lucrative blocks from the builders to the proposers. PBS is currently an opt-in protocol (i.e., a proposer can still opt-out and build their own blocks). In this work, we study it's adoption and show that the current PBS landscape exhibits significant centralization amongst the builders and relays. We further explore whether PBS effectively achieves its intended objectives of enabling hobbyist validators to maximize block profitability and preventing censorship. Our findings reveal that although PBS grants all validators the same opportunity to access optimized and competitive blocks, it tends to stimulate censorship rather than reduce it. Additionally, our analysis demonstrates that relays do not consistently uphold their commitments and may prove unreliable. Specifically, there are instances where proposers do not receive the complete value as initially promised, and the censorship or filtering capabilities pledged by the relay exhibit significant gaps.
  • Revisiting Rollbacks on Smart Contracts in TEE-protected Private Blockchains
    Item type: Conference Paper
    Lew, Chen Chang; Ferreira Torres, Christof; Shinde, Shweta; et al. (2024)
    2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)
    Blockchain technology offers decentralized security but fails to ensure data confidentiality due to its inherent data replication across all network nodes. To address these confidentiality challenges, integrating blockchains with Trusted Execution Environments (TEEs), such as Intel SGX, offers a viable solution. This approach, by encrypting all data outside the SGX enclave and making them unrecognizable to untrusted network nodes, ensures secure processing of data and computations within TEEs. Fabric Private Chaincode (FPC), an enhancement of Hyperledger Fabric, demonstrates this integration by securing smart contracts in enclaves, thereby enhancing confidentiality. However, FPC's reliance on states stored on the blockchain introduces vulnerabilities, especially to rollback attacks. This work provides a detailed analysis of rollback attacks in FPC, evaluates existing protection mechanisms, and proposes a solution: a Merkle Tree approach implemented in an FPC application named Secret Keeper. Through experimental validation, this solution shows significant security enhancements against rollback attacks within FPC contexts.
  • Rolling in the Shadows: Analyzing the Extraction of MEV Across Layer-2 Rollups
    Item type: Conference Paper
    Ferreira Torres, Christof; Mamuti, Albin; Weintraub, Ben; et al. (2024)
    CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security
    The emergence of decentralized finance has transformed asset trading on the blockchain, making traditional financial instruments more accessible while also introducing a series of exploitative economic practices known as Maximal Extractable Value (MEV). Concurrently, decentralized finance has embraced rollup-based Layer-2 solutions to facilitate asset trading at reduced transaction costs compared to Layer-1 solutions such as Ethereum. However, rollups lack a public mempool like Ethereum, making the extraction of MEV more challenging. In this paper, we investigate the prevalence and impact of MEV on Ethereum and prominent rollups such as Arbitrum, Optimism, and zkSync over a nearly three-year period. Our analysis encompasses various metrics including volume, profits, costs, competition, and response time to MEV opportunities. We discover that MEV is widespread on rollups, with trading volume comparable to Ethereum. We also find that, although MEV costs are lower on rollups, profits are also significantly lower compared to Ethereum. Additionally, we examine the prevalence of sandwich attacks on rollups. While our findings did not detect any sandwiching activity on popular rollups, we did identify the potential for cross-layer sandwich attacks facilitated by transactions that are sent across rollups and Ethereum. Consequently, we propose and evaluate the feasibility of three novel attacks that exploit cross-layer transactions, revealing that attackers could have already earned approximately 2 million USD through cross-layer sandwich attacks.
  • A Ripple for Change: Analysis of Frontrunning in the XRP Ledger
    Item type: Conference Paper
    Tumas, Vytautas; Pontiveros, Beltran Borja Fiz; Ferreira Torres, Christof; et al. (2023)
    2023 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)
    Blockchains are disrupting traditional finance by reducing the number of intermediaries and providing transparency. Blockchains, however, come with their own set of prominent issues. One such challenge is frontrunning. Attackers try to influence the transaction order so that their transaction executes before their victims' transaction. While frontrunning is a well-studied topic on Ethereum, it is unknown whether other blockchains are also susceptible to such attacks. One proposed defence strategy against frontrunning attacks is to randomize the transaction execution order. XRP Ledger is the highest-value blockchain to use such a strategy. Furthermore, it runs a Decentralized Exchange, which provides ample frontrunning opportunities. Therefore, in the context of XRP Ledger, we examine whether randomized transaction order provides sufficient protection against frontrunning. Our results show that the mechanism embedded in the XRP Ledger protocol is insufficient to prevent these attacks. We showcase two strategies to perform frontrunning attacks. The first, “naive” strategy, uses randomly generated accounts, whereas the second uses carefully selected accounts to improve the attack's success. Based on our analysis of the XRP Ledgers' historical data, we estimate that attackers could generate up to approx. 1.4M USD profit over two months, provided they succeeded to frontrun every opportunity.
  • Analyzing the Impact of Copying-and-Pasting Vulnerable Solidity Code Snippets from Question-and-Answer Websites
    Item type: Conference Paper
    Weiss, Konrad; Ferreira Torres, Christof; Wendland, Florian (2024)
    IMC '24: Proceedings of the 2024 ACM on Internet Measurement Conference
    Ethereum smart contracts are executable programs deployed on a blockchain. Once deployed, they cannot be updated due to their inherent immutability. Moreover, they often manage valuable assets that are worth millions of dollars, making them attractive targets for attackers. The introduction of vulnerabilities in programs due to the reuse of vulnerable code posted on Q&A websites such as Stack Overflow is not a new issue. However, little effort has been made to analyze the extent of this issue on deployed smart contracts. In this paper, we conduct a study on the impact of vulnerable code reuse from Q&A websites during the development of smart contracts and provide tools uniquely fit to detect vulnerable code patterns in complete and incomplete Smart Contract code. This paper proposes a pattern-based vulnerability detection tool that is able to analyze code snippets (i.e., incomplete code) as well as full smart contracts based on the concept of code property graphs. We also propose a methodology that leverages fuzzy hashing to quickly detect code clones of vulnerable snippets among deployed smart contracts. Our results show that our vulnerability search, as well as our code clone detection, are comparable to state-of-the-art while being applicable to code snippets. Our large-scale study on 18,660 code snippets reveals that 4,596 of them are vulnerable, out of which 616 can be found in 17,852 deployed smart contracts. These results highlight that the reuse of vulnerable code snippets is indeed an issue in currently deployed smart contracts.
  • Is Your Wallet Snitching On You? An Analysis on the Privacy Implications of Web3
    Item type: Conference Paper
    Ferreira Torres, Christof; Willi, Fiona; Shinde, Shweta (2023)
    Proceedings of the 32nd USENIX Security Symposium
    With the recent hype around the Metaverse and NFTs, Web3 is getting more and more popular. The goal of Web3 is to decentralize the web via decentralized applications. Wallets play a crucial role as they act as an interface between these applications and the user. Wallets such as MetaMask are being used by millions of users nowadays. Unfortunately, Web3 is often advertised as more secure and private. However, decentralized applications as well as wallets are based on traditional technologies, which are not designed with privacy of users in mind. In this paper, we analyze the privacy implications that Web3 technologies such as decentralized applications and wallets have on users. To this end, we build a framework that measures exposure of wallet information. First, we study whether information about installed wallets is being used to track users online. We analyze the top 100K websites and find evidence of 1,325 websites running scripts that probe whether users have wallets installed in their browser. Second, we measure whether decentralized applications and wallets leak the user's unique wallet address to third-parties. We intercept the traffic of 616 decentralized applications and 100 wallets and find over 2000 leaks across 211 applications and more than 300 leaks across 13 wallets. Our study shows that Web3 poses a threat to users' privacy and requires new designs towards more privacy-aware wallet architectures.
  • Timely Identification of Victim Addresses in DeFi Attacks
    Item type: Conference Paper
    Parhizkari, Bahareh; Iannillo, Antonio Ken; Ferreira Torres, Christof; et al. (2024)
    Lecture Notes in Computer Science ~ Computer Security - ESORICS 2023
    Over the past years, Decentralized Finance (DeFi) protocols have suffered from several attacks. As a result, multiple solutions have been proposed to prevent such attacks. Most solutions rely on identifying malicious transactions before they are included in blocks. However, with the emergence of private pools, attackers can now conceal their exploit transactions from attack detection. This poses a significant challenge for existing security tools, which primarily rely on monitoring transactions in public mempools. To effectively address this challenge, it is crucial to develop proactive methods that predict malicious behavior before the actual attack transactions occur. In this work, we introduce a novel methodology to infer potential victims by analyzing the deployment bytecode of malicious smart contracts. Our idea leverages the fact that attackers typically split their attacks into two stages, a deployment stage, and an attack stage. This provides a small window to analyze the attacker's deployment code and identify victims in a timely manner before the actual attack occurs. By analyzing a set of past DeFi attacks, this work demonstrates that the victim of an attack transaction can be identified with an accuracy of almost 70%.
  • Beyond the Public Mempool: Catching DeFi Attacks Before They Happen with Real-Time Smart Contract Analysis
    Item type: Conference Paper
    Parhizkari, Bahareh; Iannillo, Antonio Ken; Ferreira Torres, Christof; et al. (2026)
    Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering ~ Security and Privacy in Communication Networks
    The rise of decentralized finance has brought a vast range of opportunities to the blockchain space and many risks. This paper tackles the challenge of detecting malicious smart contracts on Ethereum designed to exploit vulnerabilities and cause financial losses. We present a novel approach for preemptively identifying malicious smart contracts during their deployment stage. For this purpose, we gathered a dataset comprising 161 malicious smart contracts and 5500 benign smart contracts. By introducing and extracting various features related to the deployer, transaction characteristics, and deployment bytecode and selecting the most impactful features, we developed multiple models using different machine learning (ML) classification algorithms, compared them using the set of most impactful features, and selected the most accurate one as our detection model. We compared the models performance with a publicly available ML malicious smart contract detection tool to benchmark it. The results demonstrate that our model achieves a superior True Positive Rate while having a lower False Positive Rate. Our model achieved a 79.17% detection rate for malicious smart contracts while maintaining a False Positive rate of less than 1.8%. Our model provides swift detection capabilities by alerting users immediately after a contracts deployment, thus enabling timely response and risk mitigation. 2025 Elsevier B.V., All rights reserved.
Publications 1 - 8 of 8