Q.A. Stokkink
info
Please Note
<p>This page displays the records of the person named above and is not linked to a unique person identifier. This record may need to be merged to a profile.</p>
9 records found
1
Centralized platforms like TikTok are cause for significant concerns over information control, censorship, and bias. Decentralized systems offer a promising alternative, but their adoption is hindered by the lack of effective relevance ranking of search results. Existing decentralized approaches rely on heuristics that do not adapt to user behavior. This paper presents DART, the first decentralized ranking algorithm to leverage machine learning over users' search activities. DART adapts its ranking function using a Transformer-based learning-to-rank model trained on a real workload from a decentralized file-sharing application. We find that it improves over the best baseline by 19 % on our ranking metric (MRR).
...
Centralized platforms like TikTok are cause for significant concerns over information control, censorship, and bias. Decentralized systems offer a promising alternative, but their adoption is hindered by the lack of effective relevance ranking of search results. Existing decentralized approaches rely on heuristics that do not adapt to user behavior. This paper presents DART, the first decentralized ranking algorithm to leverage machine learning over users' search activities. DART adapts its ranking function using a Transformer-based learning-to-rank model trained on a real workload from a decentralized file-sharing application. We find that it improves over the best baseline by 19 % on our ranking metric (MRR).
The digital world is evolving toward representing - and serving the interconnection of - natural persons. Instead of depending on the intrastructure of Big Tech companies and governments, users can cooperate and use their hardware to form public infrastructure. Instead of existing by virtue of a reference in some institution's database, users can interact based on a digital representation of their own choosing. It is no longer sufficient to depend on users to act out of system-imposed altruism. A new digital world is emerging that aims to provide systems that respect the rights of users to control their own digital representation. The complete control over one's own representation and all the data that belongs to it is what we know as Self-Sovereignty.
Solutions for digital Self-Sovereignty are wildly sought after, though their solution space remains woefully underexplored. Numerous global entities, e.g., the European Union, have stated their support for Self-Sovereign systems. However, many old problems of peer-to-peer systems that have gone ignored for decennia resurge with the need for Self-Sovereignty. For example, interconnections in peer-to-peer networks are vulnerable to attacks using fake identities and attackers can manipulate peers by depriving them of data. As most deployed peer-to-peer solutions have very little incentive for disruption by attackers, we have seen very few attacks. However, cryptocurrencies have shown that these attacks do surface when there is sizable monetary gain for attackers. In order to secure our future digital society, we must define and study these systems for Self-Sovereignty.
In this thesis we take the first steps toward defining the systems that can power a Self-Sovereign "Web3" ecosystem. In particular, we explore systems that apply Self-Sovereignty for identity, for public infrastructure, and for the execution of shared code. We describe four prototype mechanisms to form a guide for future work and to derive their general properties. Each mechanism is evaluated as realistically as possible. Thereby, this thesis mostly fulfills an exploratory role to guide the further evolution of our digital world. ...
Solutions for digital Self-Sovereignty are wildly sought after, though their solution space remains woefully underexplored. Numerous global entities, e.g., the European Union, have stated their support for Self-Sovereign systems. However, many old problems of peer-to-peer systems that have gone ignored for decennia resurge with the need for Self-Sovereignty. For example, interconnections in peer-to-peer networks are vulnerable to attacks using fake identities and attackers can manipulate peers by depriving them of data. As most deployed peer-to-peer solutions have very little incentive for disruption by attackers, we have seen very few attacks. However, cryptocurrencies have shown that these attacks do surface when there is sizable monetary gain for attackers. In order to secure our future digital society, we must define and study these systems for Self-Sovereignty.
In this thesis we take the first steps toward defining the systems that can power a Self-Sovereign "Web3" ecosystem. In particular, we explore systems that apply Self-Sovereignty for identity, for public infrastructure, and for the execution of shared code. We describe four prototype mechanisms to form a guide for future work and to derive their general properties. Each mechanism is evaluated as realistically as possible. Thereby, this thesis mostly fulfills an exploratory role to guide the further evolution of our digital world. ...
The digital world is evolving toward representing - and serving the interconnection of - natural persons. Instead of depending on the intrastructure of Big Tech companies and governments, users can cooperate and use their hardware to form public infrastructure. Instead of existing by virtue of a reference in some institution's database, users can interact based on a digital representation of their own choosing. It is no longer sufficient to depend on users to act out of system-imposed altruism. A new digital world is emerging that aims to provide systems that respect the rights of users to control their own digital representation. The complete control over one's own representation and all the data that belongs to it is what we know as Self-Sovereignty.
Solutions for digital Self-Sovereignty are wildly sought after, though their solution space remains woefully underexplored. Numerous global entities, e.g., the European Union, have stated their support for Self-Sovereign systems. However, many old problems of peer-to-peer systems that have gone ignored for decennia resurge with the need for Self-Sovereignty. For example, interconnections in peer-to-peer networks are vulnerable to attacks using fake identities and attackers can manipulate peers by depriving them of data. As most deployed peer-to-peer solutions have very little incentive for disruption by attackers, we have seen very few attacks. However, cryptocurrencies have shown that these attacks do surface when there is sizable monetary gain for attackers. In order to secure our future digital society, we must define and study these systems for Self-Sovereignty.
In this thesis we take the first steps toward defining the systems that can power a Self-Sovereign "Web3" ecosystem. In particular, we explore systems that apply Self-Sovereignty for identity, for public infrastructure, and for the execution of shared code. We describe four prototype mechanisms to form a guide for future work and to derive their general properties. Each mechanism is evaluated as realistically as possible. Thereby, this thesis mostly fulfills an exploratory role to guide the further evolution of our digital world.
Solutions for digital Self-Sovereignty are wildly sought after, though their solution space remains woefully underexplored. Numerous global entities, e.g., the European Union, have stated their support for Self-Sovereign systems. However, many old problems of peer-to-peer systems that have gone ignored for decennia resurge with the need for Self-Sovereignty. For example, interconnections in peer-to-peer networks are vulnerable to attacks using fake identities and attackers can manipulate peers by depriving them of data. As most deployed peer-to-peer solutions have very little incentive for disruption by attackers, we have seen very few attacks. However, cryptocurrencies have shown that these attacks do surface when there is sizable monetary gain for attackers. In order to secure our future digital society, we must define and study these systems for Self-Sovereignty.
In this thesis we take the first steps toward defining the systems that can power a Self-Sovereign "Web3" ecosystem. In particular, we explore systems that apply Self-Sovereignty for identity, for public infrastructure, and for the execution of shared code. We describe four prototype mechanisms to form a guide for future work and to derive their general properties. Each mechanism is evaluated as realistically as possible. Thereby, this thesis mostly fulfills an exploratory role to guide the further evolution of our digital world.
Shared code in blockchains, known as smart contracts, stands to replace important parts of our digital governance and financial infrastructure. The permissionless execution of smart contracts is tightly coupled to cryptocurrencies and Proof-of-Work blockchains. As a result, smart contracts inherit the environmental impact of Proof-of-Work blockchains, such as its energy consumption, carbon footprint, and electronic waste. The four concepts of relaxed consistency, strong identities, probabilistic consensus, and the use of liabilities instead of assets may change the status quo. This work explores the integration of these concepts to decouple smart contracts from Proof-of-Work blockchains. By means of a local-first approach, which may expose users to inconsistent ephemeral contract states, the architecture of smart contracts can be transformed to become green. Because such contract states may be dropped, we base the interactions between users on liabilities. We propose a novel paradigm for smart contract architectures, named Green Smart Contracts, that is based on a local-first approach. Furthermore, we present and implement a prototype solution for this paradigm. We validate the need for a mechanism to resolve consistency violations by replaying the contract calls of a real smart contract. Our simulation shows that violations occur more often (13% of contract invocations) when using liabilities than when using a traditional blockchain (3% of contract invocations). However, we additionally validate that they can be avoided using a consensus mechanism, and our experiments show that a publish-subscribe messaging pattern uses the fewest messages to do so, though it may not be applicable for use cases that disallow the inherent imbalance in the messaging between peers. Our carbon emission estimation shows that a Green Smart Contract approach lowers carbon emissions by 52.31% when compared with the messaging behavior of a typical peer-to-peer blockchain with 1000 nodes.
...
Shared code in blockchains, known as smart contracts, stands to replace important parts of our digital governance and financial infrastructure. The permissionless execution of smart contracts is tightly coupled to cryptocurrencies and Proof-of-Work blockchains. As a result, smart contracts inherit the environmental impact of Proof-of-Work blockchains, such as its energy consumption, carbon footprint, and electronic waste. The four concepts of relaxed consistency, strong identities, probabilistic consensus, and the use of liabilities instead of assets may change the status quo. This work explores the integration of these concepts to decouple smart contracts from Proof-of-Work blockchains. By means of a local-first approach, which may expose users to inconsistent ephemeral contract states, the architecture of smart contracts can be transformed to become green. Because such contract states may be dropped, we base the interactions between users on liabilities. We propose a novel paradigm for smart contract architectures, named Green Smart Contracts, that is based on a local-first approach. Furthermore, we present and implement a prototype solution for this paradigm. We validate the need for a mechanism to resolve consistency violations by replaying the contract calls of a real smart contract. Our simulation shows that violations occur more often (13% of contract invocations) when using liabilities than when using a traditional blockchain (3% of contract invocations). However, we additionally validate that they can be avoided using a consensus mechanism, and our experiments show that a publish-subscribe messaging pattern uses the fewest messages to do so, though it may not be applicable for use cases that disallow the inherent imbalance in the messaging between peers. Our carbon emission estimation shows that a Green Smart Contract approach lowers carbon emissions by 52.31% when compared with the messaging behavior of a typical peer-to-peer blockchain with 1000 nodes.
Web3 is emerging as the new Internet-interaction model that facilitates direct collaboration between strangers without a need for prior trust between network participants and without central authorities. However, one of its shortcomings is the lack of a defense mechanism against the ability of a single user to generate a surplus of identities, known as the Sybil attack. Web3 has a Sybil attack problem because it uses peer sampling to establish connections between users. We evaluate the promising but under-explored direction of Sybil avoidance using network latency measurements, according to which two identities with equal latencies are suspected to be operated from the same node, and thus are likely Sybils. Network latency measurements have two desirable properties: they are only malleable by attackers by adding latency, and they do not require any trust between network participants. Our basic SybilSys mechanism avoids Sybil attackers using only network latency measurements if attackers do not actively exploit their malleability. We present an enhanced version of SybilSys that protects against targeted attacks using a variant of the flow correlation attack, which we name TrafficJamTrigger. We show how the message flows of Round-Trip Time measurements can be used to expose attack patterns and we propose and evaluate six classifiers to recognize these patterns. Our experiments show, through both emulation and real-world deployment, that enhanced SybilSys can serve a fundamental role for Web3, effectively establishing connections to real users even in the face of networks consisting of 99% Sybils.
...
Web3 is emerging as the new Internet-interaction model that facilitates direct collaboration between strangers without a need for prior trust between network participants and without central authorities. However, one of its shortcomings is the lack of a defense mechanism against the ability of a single user to generate a surplus of identities, known as the Sybil attack. Web3 has a Sybil attack problem because it uses peer sampling to establish connections between users. We evaluate the promising but under-explored direction of Sybil avoidance using network latency measurements, according to which two identities with equal latencies are suspected to be operated from the same node, and thus are likely Sybils. Network latency measurements have two desirable properties: they are only malleable by attackers by adding latency, and they do not require any trust between network participants. Our basic SybilSys mechanism avoids Sybil attackers using only network latency measurements if attackers do not actively exploit their malleability. We present an enhanced version of SybilSys that protects against targeted attacks using a variant of the flow correlation attack, which we name TrafficJamTrigger. We show how the message flows of Round-Trip Time measurements can be used to expose attack patterns and we propose and evaluate six classifiers to recognize these patterns. Our experiments show, through both emulation and real-world deployment, that enhanced SybilSys can serve a fundamental role for Web3, effectively establishing connections to real users even in the face of networks consisting of 99% Sybils.
Web3 networks are emerging to replace centrally-governed networking infrastructure. The integrity of the shared public infrastructure of Web3 networks is guaranteed through data sharing between nodes. However, due to the unstructured and highly partitioned nature of Web3 networks, data sharing between nodes in different partitions is a challenging task. In this paper we present the TSRP mechanism, which approaches the data sharing problem through nodes auditing each other to enforce carrying of data between partitions. Reputation is used as an analogue for the likelihood of nodes interacting with nodes from other partitions in the future. The number of copies of data shared with other nodes is inversely related to the nodes’ reputation. We use a real-world trace of Twitter to show how our implementation can converge to an equal number of copies as structured approaches
...
Web3 networks are emerging to replace centrally-governed networking infrastructure. The integrity of the shared public infrastructure of Web3 networks is guaranteed through data sharing between nodes. However, due to the unstructured and highly partitioned nature of Web3 networks, data sharing between nodes in different partitions is a challenging task. In this paper we present the TSRP mechanism, which approaches the data sharing problem through nodes auditing each other to enforce carrying of data between partitions. Reputation is used as an analogue for the likelihood of nodes interacting with nodes from other partitions in the future. The number of copies of data shared with other nodes is inversely related to the nodes’ reputation. We use a real-world trace of Twitter to show how our implementation can converge to an equal number of copies as structured approaches
Existing digital identity management systems fail to deliver the desirable properties of control by the users of their own identity data, credibility of disclosed identity data, and network-level anonymity. The recently proposed Self-Sovereign Identity (SSI) approach promises to give users these properties. However, we argue that without addressing privacy at the network level, SSI systems cannot deliver on this promise. In this paper we present the design and analysis of our solution TCID, created in collaboration with the Dutch government. TCID is a system consisting of a set of components that together satisfy seven functional requirements to guarantee the desirable system properties. We show that the latency incurred by network-level anonymization in TCID is significantly larger than that of identity data disclosure protocols but is still low enough for practical situations. We conclude that current research on SSI is too narrowly focused on these data disclosure protocols.
...
Existing digital identity management systems fail to deliver the desirable properties of control by the users of their own identity data, credibility of disclosed identity data, and network-level anonymity. The recently proposed Self-Sovereign Identity (SSI) approach promises to give users these properties. However, we argue that without addressing privacy at the network level, SSI systems cannot deliver on this promise. In this paper we present the design and analysis of our solution TCID, created in collaboration with the Dutch government. TCID is a system consisting of a set of components that together satisfy seven functional requirements to guarantee the desirable system properties. We show that the latency incurred by network-level anonymization in TCID is significantly larger than that of identity data disclosure protocols but is still low enough for practical situations. We conclude that current research on SSI is too narrowly focused on these data disclosure protocols.
Identity Management Systems
Singular Identities and Multiple Moral Issues
The paper examines some of the competing normative claims surrounding the development of Identity Management (IM) systems in general and Self-Sovereign Identity (SSI) systems in particular. It is argued that SSI developments should be assessed against the backdrop of IMs attempting to implement a global identity layer based on aggregated singular identities and reputation scores. It is also argued that this trend defines key ethical issues pertaining to the development of SSI systems. In order to explicate and evaluate these issues, the paper looks at the desirability of singular aggregated identities through the lens of moral-philosophical theories. It is argued that such an analysis strongly suggests moral desirability of a plural identities approach in SSIs that have built-in advantage for the implementation of the practical separation of identities.
...
The paper examines some of the competing normative claims surrounding the development of Identity Management (IM) systems in general and Self-Sovereign Identity (SSI) systems in particular. It is argued that SSI developments should be assessed against the backdrop of IMs attempting to implement a global identity layer based on aggregated singular identities and reputation scores. It is also argued that this trend defines key ethical issues pertaining to the development of SSI systems. In order to explicate and evaluate these issues, the paper looks at the desirability of singular aggregated identities through the lens of moral-philosophical theories. It is argued that such an analysis strongly suggests moral desirability of a plural identities approach in SSIs that have built-in advantage for the implementation of the practical separation of identities.
Successful classification of good or bad behavior in the digital domain is limited to central governance, as can be seen with trading platforms, search engines and news feeds. We explore and consolidate existing work on decentralized reputation systems to form a common denominator for what makes a reputation system successful when applied without a centralized reputation authority, formalized in 7 axioms and 3 postulates. Reputation must start from nothing and always reward performed work, respectively lowering and increasing as work is consumed and performed. However, it is impossible for nodes to perform work in a purely synchronous attackproof work model and real systems must necessarily employ relaxations to such a work model. We show how the relaxations of performing parallel work, allowing unconsumed work and seeding well-known identities with work satisfy our model. Our formalizations allow constraint driven design of decentralized reputation mechanisms.
...
Successful classification of good or bad behavior in the digital domain is limited to central governance, as can be seen with trading platforms, search engines and news feeds. We explore and consolidate existing work on decentralized reputation systems to form a common denominator for what makes a reputation system successful when applied without a centralized reputation authority, formalized in 7 axioms and 3 postulates. Reputation must start from nothing and always reward performed work, respectively lowering and increasing as work is consumed and performed. However, it is impossible for nodes to perform work in a purely synchronous attackproof work model and real systems must necessarily employ relaxations to such a work model. We show how the relaxations of performing parallel work, allowing unconsumed work and seeding well-known identities with work satisfy our model. Our formalizations allow constraint driven design of decentralized reputation mechanisms.
Digital identity is unsolved: after many years of research there is still no trusted communication over the Internet. To provide identity within the context of mutual distrust, this paper presents a blockchain-based digital identity solution. Without depending upon a single trusted third party, the proposed solution achieves passport-level legally valid identity. This solution for making identities Self-Sovereign, builds on a generic provable claim model for which attestations of truth from third parties need to be collected. The claim model is then shown to be both blockchain structure and proof method agnostic. Four different implementations in support of these two claim model properties are shown to offer sub-second performance for claim creation and claim verification. Through the properties of Self-Sovereign Identity, legally valid status and acceptable performance, our solution is considered to be fit for adoption by the general public.
...
Digital identity is unsolved: after many years of research there is still no trusted communication over the Internet. To provide identity within the context of mutual distrust, this paper presents a blockchain-based digital identity solution. Without depending upon a single trusted third party, the proposed solution achieves passport-level legally valid identity. This solution for making identities Self-Sovereign, builds on a generic provable claim model for which attestations of truth from third parties need to be collected. The claim model is then shown to be both blockchain structure and proof method agnostic. Four different implementations in support of these two claim model properties are shown to offer sub-second performance for claim creation and claim verification. Through the properties of Self-Sovereign Identity, legally valid status and acceptable performance, our solution is considered to be fit for adoption by the general public.