About Me

I work on computer security and applied cryptography, with a focus on real-world distributed and decentralized systems. Recently, I’m passionate about blockchains systems and their applications (e.g., DeFi), digital identity, anonymity networks, etc.

I received my Ph.D. in Computer Science from Cornell University, advised by Prof. Ari Juels. I received my bachelor’s degree from Tsinghua University. I’m also affiliated with Center for Distributed Confidential Computing (CDCC) and Center for Algorithms, Data, and Market Design at Yale (CADMY).

At Yale, I teach Intro to Blockchain and Real-World Cryptography.

Research

I run the Decentralized Systems Group at Yale CS. We work on two broad themes: cryptography for decentralized systems and economic security of decentralized systems. Select recent projects include:

• Qelect: Lattice-based Single Secret Leader Election (SSLE) Made Practical
• ZipNet: Low-bandwidth anonymous broadcast from (dis)Trusted Execution Environments
• RediSwap: MEV Redistribution Mechanism for CFMMs
• Prooφ: a ZKP Market Mechanism
• zkBridge: trustless cross-chain interoperability using SNARKs.
• Mempool Guru: an open public service that persists Ethereum mempool data for research.
• DECO: proving TLS data provenance while protecting privacy.

See the publication page for an up-to-date list of papers.

Interested in working with me?

• For Yale undergrads: we enjoy having undergrad researchers in our lab to help them gain research experience. Feel free to get in touch.
• We have openings for Postdocs, visiting scholars, and summer interns for strong candidates.

Updates

• 🎉 “Decentralization of Ethereum’s Builder Market” is accepted to IEEE S&P 2025. Congrats, Sen! (Mar 2025)
• 📣 “AUCIL: An Inclusion List Design for Rational Parties” is online. (Feb 2025)
• 🎉 Qelect is accepted to USENIX Security 2025. (Jan 2025)
• 🎉 Prooφ is accepted to FC 2025. (Jan 2025)

• 📣 RediSwap is online. RediSwap is a novel AMM that captures MEV at the application level and refunds it fairly among users and liquidity providers. (Oct 2024)
• 📣 DECO, the first zkTLS protocol we devised in 2019, is now in Chainlink’s Platform Privacy Suite. (Oct 2024)
• 📣 The texbook I co-authored, titled “Blockchain, the New Economy, and the Self-Sovereign Internet”, is now available for pre-order through Cambridge University Press. (Oct 2024)
• 🎉 ZIPNet is accepted to PoPETS 2025! We use TEEs to make DC nets faster while i) not trusting TEE for priavcy, ii) making TEE breaches detectable. (Sep 2024)
• 🚞 Spent a productive week at Dagstuhl! Thanks to the organizers. (Sep 2024)
• 🎉 Received Sui Academic Research Award. (Jun 2024)
• 📣 Excited to finally release this paper on measuring the decentralization of Ethereum’s builder market. In terms of market share, the market is highly centralized. However, we ask two questions: first, why does the builder market centralize, given that it is permissionless and anyone can join? Second, does the centralization affect the efficacy of MEV-Boost auctions? We answered these two questions using a large-scale auction dataset we curated since 2022. Read more here. (May 2024)
• 🎉 “Data Independent Order Policy Enforcement: Limitations and Solutions” has been accepted to CCS 2024. TLDR: it proposes an AMM design that prevents sandwich attacks with a clever (credit to co authors) incentive design " (Apr 2024)
• 📣 Excited to share some early results on ZK Rollup prover market fee mechanisms with this position paper on Prooφ (proo-fee). A prover market is where ZK provers sell proof capacity, and users pay to get transactions proven (potentially coordinated by sequencers). EIP-1559 is a nice TFM for L1, but it does not work here because generating ZK proofs is expensive ($$$) today, while EIP-1559 burns most of the revenues. Challenges arise when we try to design something that covers the prover’s heterogeneous cost and has nice properties like those of EIP-1559, and Prooφ is a solution that satisfies desired properties under certain conditions. (Mar 2024)
• 🎉 “Sprints: Intermittent Blockchain PoW Mining” is accepted to USENIX Security'24. (Mar 2024)
• 🎉 “The Locality of Memory Checking” with Weijie Wang, Yujie Lu, and Charalampos Papamanthou is online! (To appear in CCS'23) (Sep 2023)
• 🎙️ “Sprints: Intermittent Blockchain PoW Mining” will be presented at SBC'23. (Jul 2023)
• 📣 “Breaking the Chains of Rationality: Understanding the Limitations to and Obtaining Order Policy Enforcement” with Sarisht Wadhwa, Luca Zanolini, Francesco D’Amato, Aditya Asgaonkar, and Kartik Nayak is online! (Jun 2023)
• 📣 “Sprints: Intermittent Blockchain PoW Mining” with Michael Mirkin, Lulu Zhou, Ittay Eyal is online. (May 2023)
• 🎉 “MISO: Legacy-compatible Privacy-preserving Single Sign-on using Trusted Execution Environments” has been accepted to EurpS&P 2023. (May 2023)
• 🎉 Received Yale Roberts Innovation Fund Award. (Feb 2023)
• He-HTLC: Revisiting Incentives in HTLC is accepted to NDSS 2023. Congrats to Sarisht and Jannis! (Oct 2022)
• zkBridge: Trustless Cross-chain Bridges Made Practical is accepted to CCS 2022. (Aug 2022)
• We wrote a blog post on incentive attacks in HTLCs and our solution He-HTLC. (Aug 2022)
• Received an NSF Frontier grant for the Center for Distributed Confidential Computing. This is a multi-institution effort, involving faculty from IU (Lead), CMU, Duke, OSU, Penn State, Purdue, Spelman, UIUC and Yale. Yale News. (Aug 2022)
• Received three grants from Ethereum Foundation. (Jul 2022)
• Manuscript on He-HTLC is online. We revisited bribery attacks in HTLCs (hash-time locked contracts), presented a new family of them (reverse bribery), and proposed a solution. (May 2022)
• Our work on empirical analysis of EIP-1559 is presented at ETHconomics @ Devconnect 2022. Recording available here. (Apr 2022)
• Our paper on empirical analysis of EIP-1559 is accepted in CCS 2022. (Mar 2022)
• I will join the TPC of Oakland'23. (Mar 2022)
• I will join the TPC of CCS'22 and DeFi'22. (Dec 2021)
• I will join the TPC of PET 2022 and AFT 2021. (May 2021)
• I joined the TPC of PET 2021 and CCS 2021. (Nov 2020)
• I presented DECO at CCS'20. (Nov 2020)
• I presented CanDID at the annual convention of Chinese Institute of Engineers - Greater New York Chapter. (Oct 2020)
• I presented CanDID at Empire Hacking (organized by Trail of Bits). (Oct 2020)
• I presented DECO at W3C Credential Community Group (CCG). (Oct 2020)
• I joined the TPC of Financial Crypto 2021 and DeFi'21 workshop. (Oct 2020)
• CanDID paper is accepted to IEEE S&P 2021! (Sep 2020)
• DECO acquisition by ChainLink is announced! (Aug 2020)
• CanDID, our latest work on Decentralized Identity (DID) is available online. (Jul 2020)
• DECO accepted to CCS 2020! (Mar 2020)
• Real World Crypto (RWC) video on DECO is now available online. (Jan 2020)
• I visited ETH Zurich and presented “Connecting Blockchains to the Real World”. (Oct 2019)
• I presented Paralysis Proofs at ACM AFT 2019 at Zurich, Switzerland. (Oct 2019)
• I visited IBM Waston Center and presented DECO (Decenetralized Oracles)." (Sep 2019)
• Two papers (CHURP, Tesseract) are accepted to ACM CCS'19! See you all in London! (Sep 2019)
• “Paralysis Proofs: Secure Access-Structure Updates for Cryptocurrencies and More” is accepted to ACM AFT'19! (Aug 2019)
• “Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contract Execution” is accepted to EuroS&P'19! (Apr 2019)
• Town Crier is acquired by ChainLink! (Nov 2018)
• I’m awarded the IBM PhD Fellowship Award for 2018-2020. (Mar 2018)
• I presented Paralysis Proof at the 5th Bitcoin workshop @ Financial Crypto 2018 in Curacao. (Mar 2018)
• Solidus: Confidential Distributed Ledger Transactions via PVORM is accepted to CCS'17. (Aug 2017)
• I was invited to present Town Crier at Silicon Valley Ethereum Meetup. (Aug 2017)
• I presented REM at USENIX Security 2017, Vancouver, Canada. (Aug 2017)
• Intern at Intel Labs this summer. (Jul 2017)
• Town Crier is officially live! (May 2017)
• REM: Resource-Efficient Mining for Blockchains paper is accepted to USENIX Security'17. Available here. (May 2017)
• Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge is accepted to EuroS&P ‘17. (Oct 2016)
• Town Crier: An Authenticated Data Feed for Smart Contracts is accepted to ACM CCS'16. (Jul 2016)
• Stealing Machine Learning Models via Prediction APIs is accepted to USENIX Security'16. (May 2016)