2nd Edition of the TUM Blockchain Salon

Aims

Exploring core technologies for security, scalability, and privacy in Blockchain systems
Discussing applications and solutions with requirements met by these core technologies, and to which extent these technologies provide value
Exchange on methods for assessment of P2P layer, smart-contract security, and cryptographic innovations
Bridge academia, industry, and students and introduce recent topics from various layers of the Blockchain stack and ecosystems

Topical Scope

Individual layers of Blockchain Protocols spanning hardware, peer-to-peer network, consensus, execution layers, applications, and ecosystems
Innovative scalability and privacy technologies, such as zero knowledge proofs
Design, verification, and implementation of smart contracts logic
Methods and tools for performance assessment
Overview of possible optimization solutions and their applicability to blockchain solutions
Applications and use-cases in Web3.0 and Blockchain Technologies and open challenges

Organisation by the Technical University of Munich

Chair: Georg Carle
Organizing committee chairs: Kilian Glas, Filip Rezabek, and Richard von Seck

Venue

16 and 17 May 2024
TUM-IAS Institute of Advance Studies

Program

Day 1 - 16. May 2025

Session 1

Topic: Privacy and Security in the Blockchain Technologies

Chair: Georg Carle (TUM)

Jeffrey Burdges (Web3 Foundation): Ethical Identity, Ring VRFs, and Zero-Knowledge Continuations Abstract Video Slides

Anonymized ring VRFs are ring signatures that prove correct evaluation of some authorized signer’s PRF while hiding the specific signer’s identity within some set of possible signers, known as the ring. We propose ring VRFs as a natural fulcrum around which a diverse array of zkSNARK circuits turn, making them an ideal target for optimization and eventually standards.

We explain how rerandomizable Groth16 zkSNARKs transform into reusable zero-knowledge continuations, and build a ring VRF that amortizes expensive ring membership proofs across many ring VRF signatures. In fact, our ring VRF needs only eight G_1 and two G_2 scalar multiplications, making it the only ring signature with performance competitive with constructions like group signatures.

Ring VRFs produce a unique identity for any give context but which remain unlinkable between different contexts. These unlinkable but unique pseudonyms provide a far better balance between user privacy and service provider or social interests than attribute based credentials like IRMA.

Ring VRFs support anonymously rationing or rate limiting resource consumption with major performance advantages over protocols for private monetary transactions.
Daniel Hugenroth (University of Cambridge): Building Decentralized Applications for Smartphones: Energy Measurements for Practical Protocol Design Abstract Video

Smartphones have become the primary computing devices for many. As such we ask them to do more and more with the limited energy stored in their battery. In this talk we look at decentralized applications and discuss how mobile network transmissions and CPU usage affect battery life based on measurements with an open-source test setup. We will see that communication patterns matter and many cryptography operations are cheap. The talk provides practical advice for protocol design and shows how you can empirically evaluate your software on real devices.
Laura Ricci (University of Pisa): Supporting Privacy with Zero Knowledge in SSI and Blockchain based Access Control Abstract Video Slides

Rollups scale Ethereum by relying on sequencers, components which order and include transactions, to build blocks off-chain. This talk explores the transformative potential of integrating artificial intelligence (AI) into blockchain rollup sequencers. We’ll explore the idea of utilizing AI for transaction ordering, increase user security, enhance scalability, and more. Some of these ideas are in use right now, while others are worth exploring.

Session 2

Secure Smart Contract Computing

Chair: Florian Matthes (TUM)

Ingo Weber (TUM/Fraunhofer): Business Process Execution and Process Mining on Blockchain Abstract Slides

How can blockchain shape future business processes? We explore two research directions at the intersection of blockchain and business process management: (i) the integration of business processes across different organizations to address the fundamental problem of trust, and (ii) the application of process mining techniques to analyze blockchain-based applications. We discuss a technique to integrate blockchain into the choreography of processes in such a way that no central authority is needed. Our studies on applying process mining to blockchain applications includes tooling and two case studies: one on Augur, a prediction and betting marketplace, where we were able to generate value-adding insights for application-redesign and security analysis; and one on Forsage, showcasing the analysis of interesting user behavior and insights into the veracity of marketing claims of a Ponzi scheme.
Louis Tremblay Thibault (Zama): Privacy-Preserving Smart Contracts using FHE Abstract Video Slides

This talk outlines some of the cryptographic protocols and primitives which are needed to implement private smart contracts. The main challenges and open problems surrounding the use of FHE in blockchain systems are presented.
Josef Gattermayer (Ackee Blockchain Security): Wake: Why we built an Open-Source Swiss Knife for Solidity Developers Abstract Video

Solidity development and security tooling are still evolving, the first ecosystem has grown around tools such as Brownie, Slither, Echidna, or VS Studio Code extension Solidity Juan Blanco wrote in 2015 and has over 1,2 million installations. Thanks to those early adopters, the next waves of tooling could arrive, improving comfort, effectiveness, and security. Thanks to the openness and invocation drive of the Ethereum ecosystem, every major player is trying to contribute and push boundaries. But the take of Ackee Security wasn’t to replace any of those tools - but to replace them all. What was the motivation to combine the functionality into one tool? And how did it end? This talk reveals the insides.

Session 3

Poster Madness

Chair: Kilian Glas (TUM)

Presentation of posters.

Session 4

Topic: Trust & Behavioral Considerations in Decentralized Systems

Chair: Filip Rezabek (TUM)

Christof Ferreira Torres (ETH Zurich): Rolling in the Shadows: A Closer Look at MEV Extraction Across Layer 2 Rollups Abstract

In this talk we will dive into the technicalities of Layer 2 rollups and highlight it’s differences to Layer 1 Ethereum from a perspective of an MEV extractor. Moreover, we will compare MEV extraction on Ethereum with MEV extraction across optimistic and zero-knowledge based rollups, by highlighting volume, profits, costs, opportunities, and competition. To that end, we also present three novel strategies that attackers can use to perform cross-layer sandwich attacks on rollups, despite rollups not offering public mempools.
Bhargav Bhatt (Web3 Foundation): Trustless and Efficient Bridges between PoS Blockchains via Random Sampling Abstract Video Slides

Peer-discovery or membership protocols play a crucial role in any distributed system; they allow network participants to find other nodes and form the foundation for blockchains, file sharing, or decentralized storage networks. However, protocols deployed in practice mainly rely on heuristics to prevent Byzantine nodes from mounting eclipse attacks on honest nodes, biasing peer sampling for upstream applications towards malicious nodes, or taking over subspaces of the logical identity space. This issue becomes even more pressing when more complex overlay networks, such as the currently developed data availability sampling protocol for Ethereum, are built on top of the peer discovery protocol. To this end, we introduce a distributed membership data structure that guarantees uniform identity assignment, prevents network partitions and eclipse attacks, automatically scales up to very large network sizes, and exposes a lookup-based peer sampling functionality with quantifiable adversarial bias. The latter can be used by applications to build randomized structured overlay networks that inherit security guarantees from the membership protocol.
Sheng-Nan Li (UZH Blockchain Center): Trust Management of Decentralised Platforms Abstract Video

In this presentation, we emphasise three foundational pillars—honesty, fairness, and sustainability—essential for maintaining and reinforcing trust in Blockchains and other Decentralised Platforms. Each pillar is exemplified through a dedicated project, which are focus on monitoring, analysis, and modelling of user behaviour and protocol functioning within reward mechanisms. To effectively manage both inherent internal trust challenges (embedded within protocol design) and external trust issues (arising from strategic behaviour), we uncover anomalies such as selfish and cartel mining in real-world Proof of Work (PoW) systems. We then analyse the fairness of Proof of Stake (PoS) reward distribution mechanisms, finding unexpected relationships between their inclusiveness and the emergent inequality. Furthermore, we introduce a comprehensive framework for PoS staking modelling, poised to bring potential enhancements to the design and evolution of these protocols.

Session 5

Panel Discussions

Moderator: Eomji Park (Encode Club)

Panelists

Topics
- VC Perspective on Web3
- Upcoming Research Challenges

Session 6

Panel Discussions

Moderator: Valentin Zieglmeier (TUM)

Panelists

Topics
- Security tooling for EVM
- Developers profession

Session 7

Blockchain Optimization and Interoperability Approaches

Session Chair: Sebastian Steinhorst (TUM)

Markus Legner (Mysten Labs): Modern Blockchains and Next-Generation Internet Architectures: Opportunities and Synergies Abstract Video Slides

As globally distributed systems, blockchains fundamentally rely on an available network infrastructure. Unfortunately, today’s Internet is vulnerable to a large number of attacks that may render it unavailable. On the other hand, centralized solutions offered by companies like Cloudflare contradict the decentralization promise of blockchains. Ideally, a blockchain could rely on a public and distributed network infrastructure that is resilient against attacks and provides strong availability guarantees.

SCION is a next-generation Internet architecture developed at ETH Zurich that is seeing increasing global deployment. Besides its built-in security mechanisms, it has another unique feature: As SCION packets carry forwarding information in their packet headers, it offers the opportunity to coordinate some of that forwarding information through an out-of-band mechanism—for example through a blockchain.

In my presentation, I will discuss these synergies between modern blockchains and next-generation Internet architectures, and report on some concrete work on achieving these for the Sui blockchain developed at Mysten Labs and SCION.
Richard von Seck (TUM): Permissioned Consensus in the Lens of Network Transport Abstract

In the pursuit of more performant byzantine fault-tolerant (BFT) state-machine replication (SMR) systems, optimization of building blocks is increasingly shifting into the focus of researchers. Permissioned and medium-scale setups can offer more predictable network conditions than a set of globally distributed VMs. However, not all of these setups can benefit from techniques such as Remote Direct Memory Access (RDMA) in pure datacenter deployments, but instead require communication via commodity network stacks. In this problem space, tuning of network transport protocols allows for optimization. In this talk, we present a study of behavior, configuration space, and performance impact of transport protocols and secure channel implementations, in context of a representative, leader-based BFT-SMR system.
Zeta Avariokioti (TU Wien & Common Prefix): Blink: A PoW Light Client with Constant Communication Abstract

Designing light clients for proof-of-work blockchains has beena foundational problem since Nakamoto’s SPV construction in the Bitcoin paper. Over the years, communication was reduced from O(n) down to O(polylog(n)) in the system’s lifetime C. In this talk, we present the first provably secure O(1) light client that does not require a trusted setup.

Day 2 - Wednesday 17.5.2025

Session 8

Topic: New Trends Blockchain

Session Chair: Georg Carle (TUM)

David Millar-Durrant (NEAR/Pagoda): Chain Signatures and what to do with them Abstract Video

NEAR Protocol has the ability to sign transactions using smart contracts. How does the technology work and what are the applications?
Arthur Gervais (UCL): (Pre)training and applying LLMs to Blockchain Transactions Abstract Video

Why pay tens of thousands of USD, and wait weeks for a smart contract security audit? In this paper, we explore the potential of using large language models (LLMs) to perform smart contract security audits. We explore prompt engineering for effective security analysis, while comparing the performance and accuracy of LLMs given a ground-truth dataset of 52 DeFi smart contracts that were attacked in the wild. On vulnerable contracts, our system SmartGPT achieves a hit rate of 40% on the correct vulnerability type, yet exhibits a high false positive rate which still requires manual auditor attention. We find that SmartGPT achieves a 20% better F1-score than a random model. Extending SmartGPT is as easy as providing a new vulnerability type name along its technical description. While there are many possible improvements, this study paves the way for faster, more cost-effective and systematic smart contract security audits using LLMs, revolutionizing the field of smart contract security.
Fran Algaba (Gizatech): Act onchain with AI Agents Abstract Video

Expanding the decentralized digital services offered by blockchain protocols using AI Agents that are wallet-enabled to act onchain, thinking offchain with immutable and cryptographic guarantees of their activity.
Jan Lauinger (TUM): Transpiling Policies to Secure Computation Circuits Abstract Video

Modern privacy-enhancing technologies reach new forms of computation or data compliance, compression, and privacy according to a statement (e.g. private value > 100). However, beyond the statement expression, the description of secure computation circuits requires knowledge of security algorithms protecting private values.

To keep the description of secure and compliant computation circuits as close to the statement expression as possible, this talk introduces techniques to develop composable policy languages which can be transpiled into secure computation circuits. Additionally, this talk shows how a policy transpiler architecture can be used to decouple the structure of the domain-specific policy language into secure computation gadgets which evaluate the statements expressed by the policy language. The transpilation design reduces the description of secure computation circuits to few lines of code written in the policy language. Thus, the talk shows how the automated generation and composition of private computation circuits can be simplified to a minimum effort of configuring a policy language.

Session 9

Topic: Blockchain Infrastructure & Network Challenges

Session Chair: Richard von Seck (TUM)

Simone Romano (IoTeX): Building Decentralized Physical Infrastructure Networks (DePINs) Abstract Video

In an era dominated by oligopolistic markets, particularly in the telecom and energy sectors, the need for innovation and competition has never been more critical. Decentralized Physical Infrastructure Networks (DePINs) emerge as a beacon of hope, aiming to dismantle the high barriers to entry imposed by financial, logistical, and regulatory challenges that have long stifled competition and innovation. This talk delves into the essence of DePIN, exploring its potential to revolutionize industries by democratizing access to essential services and technologies. We will introduce the concept of DePIN, and its potential to foster innovation. The discussion will highlight the complexities of developing DePIN projects and the critical role of physical work verification within these networks. Featuring IoTeX’s contributions, we’ll showcase its modules designed specifically for building and scaling DePIN projects.
Filip Rezabek (TUM): METHODA - Framework for Distributed Systems Evaluations Abstract Video Slides

To assess various topologies, configurations, and data traffic types in permissionless setups, we introduce METHODA. It aims to provide, among many others, repeatable, reproducible, and replicable distributed systems experiments with high precision and flexibility. METHODA is based on commercial off-the-shelf hardware and uses the flexible Ansible framework for experiment orchestration. This allows us to configure various topologies emulating realistic behavior of distributed systems deployments. Obtaining such realism is challenging using simulations. Based on the available related work, we will address the challenges found in those networks further. We have introduced some open challenges for the framework requirements.
Ognjen Maric (Dfinity Foundation): Fast and Reliable P2P Without Breaking the Memory Budget Abstract Video Slides

Blockchain protocol stacks often assume networking primitives such as reliable broadcast. But these primitives are problematic in a Byzantine environment, as they either require unbounded buffering, or give up reliability. Both options open opportunities for DoS attacks and endanger the protocol liveness. In this talk, I’ll describe the message delivery protocol of the Internet Computer (IC), and explain how it guarantees the liveness of the IC blockchain protocol even in a Byzantine setting. To this end, we define a new networking primitive we call abortable broadcast. I’ll then describe the implementation of this primitive in the IC’s networking layer. This layer (1) provides strong delivery guarantees, even in the case of network congestion, peer failure, and backpressure, (2) preserves bandwidth, and (3) enforces all data structures to be bounded even in the presence of malicious peers.

Session 10

Panel Discussions

Moderator: Filip Rezabek (TUM)

Panelists

Topics
- Synergies between industry and academia
- Web3.0 education

Session 11

Decentralized Identities, Business Logic, and Governance

Session Chair: Ingo Weber (TUM/Fraunhofer)

Lars Hupel (Giesecke+Devrient): Digital Euro Update Abstract Video Slides

The work on the Digital Euro is going full steam ahead. In January, the European Central Bank has issued calls for applications for component providers, including for example offline payments and fraud & risk management. Meanwhile, the European Parliament is considering the legislation in committee. In this talk, I will give an update about the current state and developments to be expected in the near future.
Federico Kunze Küllmer (evmOS/Altiplanic): Enterprise EVMs: How evmOS enables Access Control for Web3 Businesses Abstract Video Slides

The talk will cover how enterprises can leverage evmOS to create Permissioned or Restricted EVM blockchain for their web3 businesses
Felix Hoops (TUM): A Middleware Architecture for Self-Sovereign Identity Authentication and Authorization Abstract Video

In the evolving digital identity landscape, the concept of Self-Sovereign Identity (SSI) has emerged as a paradigm shift, empowering individuals with the ownership and control of their personal information. In this talk, we will explore how Blockchain and SSI are interconnected. We then present a middleware architecture that leverages the principles of SSI, enabling application clients to authenticate and authorize users holding Verifiable Credentials via the widespread OpenID Connect protocol. This architecture simplifies adoption for new and existing service providers by letting them build on established standards with proven tools.
Fabian Stiehle (TUM): Process Channels: A New Layer for Process Enactment Based on Blockchain State Channels Abstract Video

For the enactment of inter-organizational processes, blockchain can guarantee the enforcement of process rules and the integrity of execution traces. However, existing solutions come with downsides regarding throughput scalability, latency, and suboptimal tradeoffs between confidentiality and transparency. To address these issues, we propose to change the foundation of blockchain-based process enactment: from on-chain smart contracts to state channels, an overlay network on top of a blockchain. State channels allow conducting most transactions off-chain while mostly retaining the core security properties offered by blockchain. Our proposal, process channels, is a model-driven approach to enacting processes on state channels, with the aim to retain the desired blockchain properties while reducing the on-chain footprint as much as possible. We here focus on the principled approach of state channels as a platform, to enable manifold future optimizations in various directions, like latency and confidentiality. We implement our approach prototypical and evaluate it both qualitatively (w.r.t. assumptions and guarantees) and quantitatively (w.r.t. correctness and gas cost). In short, while the initial deployment effort is higher with state channels, it typically pays off after a few process instances; and as long as the new assumptions hold, so do the guarantees.

Wrap-up of the Blockchain Salon

Poster Sessions

Jonas Gebele: Detecting Arbitrages on a First-Come-First-Served Blockchain
Eber Christer: Scalable Cloud-Based Off-Chain Computation on Data Streams using Trusted Execution Environments
Tizian Leonhardt: Private Computing on Permissionless Blockchains
Gopi Mehta: TUM Blockchain Club
Veronika Bauer: Women in Computer Science
Jesco Melzer, Till Köbele, Yu Nakai, Furkan Atasay: TUMChainBook: A Data Exploration for Blockchain-based Systems
David Guzman: Distributed Consensus through Network Support
Veronika Bauer: Evaluation of SNARK Generation Tools in Private Infrastructure
Benjamin Kraner: The Emergence of Liquid Staking
Nicolò Vallarano: An Attack Simulation on Ethereum