EDALoCo: Enhancing the accessibility of blockchains through a low-code approach to the development of event-driven applications for smart contract management

Blockchain is a cutting-edge technology based on a distributed, secure and immutable ledger that facilitates the registration of transactions and the traceability of tangible and intangible assets without requiring central governance. The agreements between the nodes participating in a blockchain network are defined through smart contracts. However, the compilation, deployment, interaction and monitoring of these smart contracts is a barrier compromising the accessibility of blockchains by non-expert developers. To address this challenge, in this paper, we propose a low-code approach, called EDALoCo, that facilitates the development of event-driven applications for smart contract management. These applications make blockchain more accessible for software developers who are non-experts in this technology as these can be modeled through graphical flows, which specify the communications between data producers, data processors and data consumers. Specifically, we have enhanced the open-source Node-RED low-code platform with blockchain technology, giving support for the creation of user-friendly and lightweight event-driven applications that can compile and deploy smart contracts in a particular blockchain. Additionally, this platform extension allows users to interact with and monitor the smart contracts already deployed in a blockchain network, hiding the implementation details from non-experts in blockchain. This approach was successfully applied to a case study of COVID-19 vaccines to monitor and obtain the temperatures to which these vaccines are continuously exposed, to process them and then to store them in a blockchain network with the aim of making them immutable and traceable to any user. As a conclusion, our approach enables the integration of blockchain with the low-code paradigm, simplifying the development of lightweight event-driven applications for smart contract management. The approach comprises a novel open-source solution that makes data security, immutability and traceability more accessible to software developers who are non-blockchain experts.     

Electronic Auction Scheme Based on Smart Contract and IPFS

Sealed-bid auctions are a vital transaction tool in the e-commerce field. Traditional centralized auction schemes typically result in severe threats to data integrity,information transparency,and traceability owing to their excessive reliance on third parties,and blockchain-based auction schemes generally suffer from high storage costs and are deficient in functional and architectural design. To solve these problems,this study presents a sealed-bid auction scheme that removes the third-party bas...     

结合简短可链接环签名的智能合约选举方案

目前一些电子选举协议利用可链接环签名或一次性环签名来保护投票者的隐私,并防止重复投票的情况发生,但签名大小随投票人数的增大而增大,而简短可链接环签名大小始终固定不变,但已有简短可链接环签名算法效率较低。针对这些问题,利用累加器和基于知识证明的签名,构造新的高效的简短可链接环签名,结合匿名地址及星际文件系统,提出一种新的智能合约选举方案,分别设计了选举的创建、投票、计票等阶段的操作。对方案的不可伪造性、可链接性、匿名性、隐私性、公开验证性以及运行效率进行了证明和分析。最后进行了实验仿真评估,结果显示,随着投票者人数的增大,该方案选票的签名大小及Gas消耗保持不变且较少,生成时间及验证时间增长缓慢且较少。     

区块链资产窃取攻击与防御技术综述

自中本聪提出比特币以来,区块链技术得到了跨越式发展,特别是在数字资产转移及电子货币支付方面。以太坊引入智能合约代码,使其具备了同步及保存智能合约程序执行状态,自动执行交易条件并消除对中介机构需求,Web3.0 开发者可利用以太坊提供的通用可编程区块链平台构建更加强大的去中心化应用。公链系统具备的特点,如无须中央节点控制、通过智能合约保障交互数据公开透明、用户数据由用户个人控制等,使得它在区块链技术发展的过程中吸引了更多的用户关注。然而,随着区块链技术的普及和应用,越来越多的用户将自己的数字资产存储在区块链上。由于缺少权威机构的监管及治理,以太坊等公链系统正逐步成为黑客窃取数字资产的媒介。黑客利用区块链实施诈骗及钓鱼攻击,盗取用户所持有的数字资产来获取利益。帮助读者建立区块链资产安全的概念,从源头防范利用区块链实施的资产窃取攻击。通过整理总结黑客利用区块链环境实施的资产窃取攻击方案,抽象并归纳威胁模型的研究方法,有效研究了各类攻击的特征及实施场景。通过深入分析典型攻击方法,比较不同攻击的优缺点,回答了攻击能够成功实施的根本原因。在防御技术方面,针对性结合攻击案例及攻击实施场景介绍了钓鱼检测、代币授权检测、代币锁定、去中心化代币所属权仲裁、智能合约漏洞检测、资产隔离、供应链攻击检测、签名数据合法性检测等防御方案。对于每一类防御方案,给出其实施的基本流程及方案,明确了各防护方案能够在哪类攻击场景下为用户资产安全提供防护。     

基于区块链的电力交易模型及博弈定价方法

为解决传统能源中心化交易模式缺少灵活性、透明性和可监督性等问题,满足新型电力系统中电网各主体间电力交易市场化、定价灵活化等新要求,提出一种基于区块链的电力交易模型及博弈定价方法。该电力交易模型具有分布式、去中心化、不可篡改和加密安全等优势。首先,建立基于区块链的电力交易模型,协调发、供、用等主体间的生产和消费行为,形成统一的市场机制;其次,提出了基于博弈的多时间尺度电力交易竞价机制,利用蚁群优化(ACO)算法求解可得每小时的最佳竞拍价格。最后,通过仿真验证了交易模型及博弈定价方法,在激励政策下各交易方收益最优化。结果表明,交易模型及定价方法在新能源参与交易背景下能有效地平衡市场各主体的效益;基于区块链的智能合约可实现电力交易过程的智能化、透明化和可追溯性。     

基于MADDPG和智能合约的微电网交易决策优化

为解决微电网在传统集中化交易模式下面临的决策耗时长、信任成本高和隐私安全等问题,提出了基于多智能体深度确定性策略梯度(multi-agent deep deterministic policy gradient, MADDPG)算法与智能合约的微电网去中心化市场交易体系。首先,对微电网市场中多智能体进行划分后设计了适用于各主体参与分布式交易的微电网去中心化交易机制,以保障市场主体利益。其次,为实现交易确认阶段微电网市场主体的交易策略优化,采用MADDPG算法对各主体追求利益最大的竞价模型进行求解。最后,通过算例仿真验证了MADDPG算法在智能合约下微电网市场主体交易策略优化过程中的可行性和经济性。     

The price of anarchy in closed-loop supply chains

This paper measures the worst-case efficiency of price-only contracts in closed-loop supply chains (CLSCs) with the price of anarchy (PoA). We model a single-period Stackelberg game in which a manufacturer sells new products to a retailer and collects used products with exogenous retail price and collection price via three alternative reverse channels: (a) the manufacturer collects directly from customers, (b) the retailer collects for the manufacturer, and (c) a third party is awarded a collection subcontract from the manufacturer. We carry out a comprehensive investigation under push–pull configurations to observe how reverse channel structures with different gaming sequences of CLSC members influence the worst-case performance when the demand distribution is over the set of increasing generalized failure rate distributions. From our PoA analysis, we find that the pull system does not always outperform the push system, especially when the retailer is the leader, in contrast to the results for forward supply chains. While the PoA of the push system is dramatically sensitive to the quality condition of used products, the pull system has a constant efficiency loss that is independent of the quality condition. Instead, the PoA of the pull system solely changes with the gaming sequence of the manufacturer. We also find that manufacturer's direct collection is a better reverse channel choice compared to retailer's collection. Additional managerial insights are summarized for discussion.     

基于区块链的危险驾驶地图数据评估模型

在车联网中车辆与周边道路环境进行无线通信与数据交互,使车辆传感器、行人、道路单元之间实现信息互联,但大量的数据通信导致车辆运行环境复杂,车辆在行驶过程中不可避免地会遇到各种危险场景,从而引发车辆安全问题。为确保车辆数据可信及行车安全,建立基于区块链技术的危险驾驶地图数据评估模型。通过传感器实时记录环境数据,将车辆位置、速度等关键数据以及个人隐私信息加密上链实现交易传输,利用智能合约技术进行自动化脚本处理,随后执行共识将交易信息扩散到全部节点,节点承认交易合法后写入区块链。同时对车辆地图交互数据进行危险评估,并将评级结果及其对应操作反馈给车辆,使得车辆可在障碍物、网络攻击等场景下完成应急处理。实验结果表明,该模型能够根据不同危险场景对车辆进行危险评估与规避,确保车辆安全运行。     

Myopic vs. far-sighted behaviours in a revenue-sharing supply chain with reference quality effects

In this paper, we consider a dynamic supply chain where a manufacturer produces and distributes a featured product through an exclusive retailer to end consumers. The manufacturer decides the product quality and wholesale price, while the retailer sets the retail price in the presence of a revenue-sharing contract and consumers’ reference quality effects. The objective of this study is to investigate the impacts of myopic behaviour regarding the reference quality on the product quality and pricing strategies and profits of both members. Our results suggest that the manufacturer’s myopia leads to a higher quality, higher price strategy and a higher quality–price ratio which benefits consumers. Meanwhile, relative to the far-sighted behaviour, myopia results in a more quality-sensitive but less price-sensitive market demand. What’s more, we find that the manufacturer is apt to act in a far-sighted way, but the retailer isn’t always willing to cooperate with a far-sighted manufacturer. Taking myopic strategies for both members is likely to gain a high profit of the whole supply chain for a relatively high marginal contribution of product quality on demand and a relatively low revenue-sharing proportion.     

Incentives for quality improvement efforts coordination in supply chains with partial cost allocation contract

In this paper, we consider quality improvement efforts coordination in a two-stage decentralised supply chain with a partial cost allocation contract. The supply chain consists of one supplier and one manufacturer, both of which produce defective products. Two kinds of failure cost occur within the supply chain: internal and external. The supplier and the manufacturer determine their individual quality levels to maximise their own profits. We propose a partial cost allocation contract, under which the external failure cost is allocated between the manufacturer and the supplier at different rates based on information derived from failure root cause analysis. If the quality levels of the supplier and the manufacturer are observable, we show that the partial cost allocation contract coordinates the supply chain, provided that the failure root cause analysis does not erroneously identify the manufacturer’s fault as the supplier’s, and the supplier does not take responsibility for the manufacture’s fault. In the single moral hazard model, where only the quality level of the supplier is unobservable, the optimal share rates require the supplier to take some responsibility for the manufacture’s fault. However, in the double moral hazard model, where quality levels of the supplier and the manufacturer are unobservable to each other, the optimal share rates require the supplier not to take responsibility for the manufacturer’s fault. It is noted that the root cause analysis conducted by the manufacturer may have its disadvantage in attributing the fault to the supplier when both sides are at fault. We also propose a contract based on the dual root cause analysis to reduce the supplier’s penalty cost. Numerical results illustrate that the partial cost allocation contract satisfies the fairness criterion compared with the traditional cost allocation contract.