I’m broadly interested in computer security and applied cryptography, especially techniques that enable Secure Decentralized Systems, a novel class of computer systems with unique security properties (such as transparency, verifiability, decentralized trust and governance).
My research aims to advance the technical foundation of decentralized systems, analyze the security of real-world deployments, and build practical tools to support applications in socially important domains.
I’m also affiliated with IC3, Center for Distributed Confidential Computing (CDCC) and Center for Algorithms, Data, and Market Design at Yale (CADMY).
At Yale, I teach Intro to Blockchain and Real-World Cryptography.
Building computer systems with transparency and integrity guarantees is a dream of security and cryptography research. As society grows more dependent on digital infrastructure, this goal is more urgent than ever.
Over the past decade, Secure Decentralized Systems, powered by cryptography and large-scale consensus protocols, have emerged as a promising path toward this vision, with early success in areas like stablecoins and Decentralized Finance.
My research advances the technical foundations of decentralized systems to enable transformative applications. Specifically, I work on:
We devise and improve fundamental cryptographic techniques underpinning secure decentralized systems.
Oracles originate as systems to supply verifiable data to smart contracts, but their applications extend to digital identity, social media, and AI. Our papers Town Crier and DECO were among the first to formalize oracle security and realize it via verifiable provenance of TLS-encrypted data, turning HTTPS websites into sources of verifiable claims. These works initiated a new line of research and many real-world implementations.
Slides: Overview of zkTLS
Trusted Execution Environments (TEEs) are CPU-enforced mechanisms that enable remote program execution with confidentiality and integrity guarantees. Beyond fast performance, TEE has unique security advantages over alternatives (e.g. MPC), most notably resilience to bribery and collusion. We leverage TEEs to enhance decentralized systems, for confidentiality (Ekiden), frontrunning prevention (Tesseract), energy efficiency (REM), and client-side security (Paralysis Proofs, CrudiTEE).
The main security limitation of TEE is side channels. We devise new trust models of TEEs so systems can rely on TEEs while enjoying graceful degradation. Our exploration includes tolerating full leakage (Sealed Glass Proof), detecting leakage (ZipNet), or incentivizing reporting of leakage (CrudiTEE).
Decentralized systems run in open networks, allowing an adversary to observe network messages and deanonymize users and system participants. We develop anonymity protocols optimized for decentralized systems.
ZipNet is a new Dining Cryptographer (DC) net protocol features low server cost, efficient scheduling, and simple disruption. Qelect is the first practical FHE-based secret single-leader election (SSLE) protocol, a primitive that hides the leader identity in consensus protocols.
Recent engineering and research breakthroughs have significantly improved the practicality of zero-knowledge proofs (ZKPs). We explore novel applications and fundamental improvements in new settings, building on, e.g., our recent works on parallel ZKP generation (e.g., zkBridge, Cirrus).
Traditional security analysis models participants as either honest or malicious, but participants in decentralized systems are economically motivated. Leveraging incentives properly can achieve unprecedented guarantees, but abusing incentives can lead to effective attacks.
Powerful attack vector where an attacker spends money bribing parties to take specific actions for even bigger profit.
DeFi has some unique advantages over traditional finance, but it gives rise to Miner Extractable Value (MEV), impacting security and decentralization. We work on understanding and mitigating negative consequences of MEV.
Improving digital identity with principles and tools from decentralized systems.
For a complete list of papers, see the publication page for an up-to-date list of papers