Sui Funds University Researchers Exploring Scalability, Privacy, and AI-based Tools

The Sui Foundation is thrilled to announce the awardees of the fourth cohort of the Sui Academic Research Awards. This program funds groundbreaking research that advances Web3, particularly focusing on blockchain technology, smart contract programming, and products built on Sui.

In this cohort, we accepted 20 exceptional proposals from prestigious universities such as UC Berkeley, Yale, NYU, EPFL, and the National University of Singapore. These leading researchers will drive innovation in the Sui ecosystem. Due to the outstanding quality of proposals, the Sui Foundation committed an additional $1 million in funding for 2024 to support further research that accelerates blockchain innovation and adoption. The next call for proposals closes on July 5, 2024.

Accelerating ZKP with Caching  

Fan Zhang (Yale University)

Zero-knowledge proofs (zk-proofs) are crucial for blockchain scalability, privacy, and identity, such as Sui’s zkLogin primitive. However, generating zk-proofs is slow due to resource-intensive computations. This research enhances zk-proof generation with caching to store intermediate results of repetitive calculations, like multi-scalar multiplications and fast fourier transforms. This approach leverages patterns in user inputs to significantly speed up zk-proof generation, improving efficiency in real-world applications.

AIChain: An LLM to Connect Static Analysis and Fuzzing for More Secure Smart Contracts 

Vijay Ganesh (Georgia Institute of Technology)

AIChain addresses the challenge of smart contract security by employing AI for static analysis and fuzzing to eliminate manual work. AIChain is a Large Language Model (LLM) used to process smart contracts and a static analysis report to generate code for fuzzing to verify potential vulnerabilities. Initial tests with OpenAI’s GPT-3.5-Turbo have shown effective results, and the tool is being expanded to detect more vulnerabilities.

At-home Key Custody for Web3 Platforms

Tushar Jois (The Research Foundation of CUNY)

Web3 platforms offer unprecedented control over digital assets, but key custody remains a major point of friction. Traditional solutions like hardware wallets and third-party escrow are costly, deterring potential users. This research explores using existing internet of things devices in smart homes for key custody, leveraging the collective security of multiple fixed-in-place devices. The system, SocIoTy, will use smart home devices to perform cryptographic operations and two-factor authentication, ensuring key material remains secure within the home. This approach provides a cost-effective, secure method for Web3 key custody, enhancing user confidence and accessibility.

Autobahn: How to Make Partially Synchronous BFT Protocols Robust to Partial Synchrony

Natacha Crooks (University of California, Berkeley)

Traditional Byzantine Fault Tolerant (BFT) protocols must balance low latency and network robustness but on occasion falter during network blips, leading to “asynchrony hangovers.” DAG-based BFT protocols, while robust, often experience higher latency. This research will develop Autobahn, a new consensus protocol combining DAG-based data dissemination with a traditional partially synchronous consensus mechanism. Autobahn maintains low latency during normal operation and robustness during network blips by decoupling consensus from data dissemination, ensuring efficient recovery and high performance.

Automated Risk Management for the Sui DeFi Ecosystem

Lukasz Szpruch and David Siska (University of Edinburgh)

This project aims to develop automated risk management systems to enhance economic security in Sui’s DeFi ecosystem using quantitative finance and agent-based simulations. Current DAO governance struggles with real-time risk management, often relying on offchain, centralized third-party recommendations. This research will create a verifiable, real-time data-driven risk management framework, automating protocol parameter settings and stress testing with agent-based simulations. The initial focus will be on decentralized lending protocols providing open-source tools to enable transparent, scalable, and accountable risk assessments.

Behavioral Abstractions to Support Smart Contract Auditors

Diego Garbervetsky (Universidad de Buenos Aires)

Auditing is a human-intensive task that often relies on tools like linters and fuzzers, which lack domain-specific insights. This research will build tools using predicate abstraction to construct models (automata) that help auditors explore and validate smart contract behavior. By gradually understanding contract behavior through proposed predicates, auditors can use these models to identify functional and implementation bugs more effectively. The goal is to automate the generation of these models, improving audit efficiency and the overall security of smart contracts.

Benchmarking Sui Through Parallel Execution Perspective

Ooi Beng Chin (National University of Singapore)

This project addresses the execution engine bottleneck in modern blockchains, moving beyond the limitations of consensus algorithms. By designing Web3-native workloads for parallel execution, the team aims to benchmark popular apps like DEXes, NFT marketplaces, and games. This research will provide valuable insights into the scalability and performance of modern blockchains, enhancing the efficiency of parallel execution strategies.

Beyond Space and Time: Experimental Economics via Smart Contracts

Yang You (The University of Hong Kong), Lin William Cong (Cornell University)

Traditional social science experiments face limitations due to artificial treatments and short durations in lab settings. This research introduces a decentralized event contract trading platform powered by automated market-making, where participants trade based on real-world events, providing more reliable data. By continuously engaging participants with platform tokens convertible to USDC for correct predictions, this approach allows for long-term studies of expectations, demonstrated through an experiment on interest rate expectations influenced by US Federal Reserve announcements.

Blockchain Address Poisoning  

Nicolas Christin (Carnegie Mellon University)

This research tackles the issue of blockchain address poisoning, where attackers create “look-alike” addresses to trick users into sending funds to the wrong recipient, commonly referred to as address poisoning. Blockchain transactions are irreversible, making such attacks particularly harmful. This project will formalize the threat model, measure the prevalence across multiple blockchains, characterize attacker behavior, and develop mitigations. The goal is to create a rigorous framework for Web3 UI design that enhances user safety and confidence on Sui and other platforms.

Catching the Risk-free Yield on Sui: A Deep Hedging Approach Using Options and Futures

Dimitrios Karyampas and Walid Sofiane (École Polytechnique Fédérale de Lausanne), Adam Bouabda (ETH Zurich)

Stable, near risk-free yields are crucial for investor confidence in the highly volatile cryptocurrency market. This project employs innovative hedging strategies inspired by synthetic stablecoins to enhance current methods. By integrating perpetual contracts with advanced options strategies, particularly box spreads, and utilizing reinforcement learning, the project aims to develop a dynamic trading strategy that adapts to market conditions, maximizing yields while minimizing risks.

Compositional Specification and Verification of Blockchain Consensus Protocols

Zhong Shao (Yale University)

Byzantine State Machine Replication (SMR) protocols ensure a linear, tamper-proof history by making participating nodes agree on a single consensus. However, implementing these protocols correctly to maintain both safety and liveness remains a complex challenge. By introducing an intermediate model of consensus protocols that includes the pacemaker component, this work supports proving both safety and liveness through refinement. The goal is to develop a Linearizable Byzantine Distributed Objects (LiDO) model to simplify and improve the verification of consensus protocols, ensuring robust and reliable blockchain implementations.

Concurrent Smart Contract Execution Paradigm

Mohammad Sadoghi (University of California, Davis)

Over the past decade, ResilientDB has pioneered a resilient and sustainable data platform that unifies secure transactional and real-time analytical processing. As an Apache Incubator project, ResilientDB has made significant contributions, including developing a geo-scale consensus protocol (GeoBFT) and hybrid sharding protocols (Cerberus, RingBFT). Building on this foundation, the team now aims to develop high-throughput, low-latency concurrency control protocols optimized for concurrent smart contract execution.

Efficient Post-Quantum Multi-Party Computation using Lightweight Cryptography

Aniket Kate (Purdue University)

Multi-Party Computation (MPC) allows multiple parties to compute functions on private inputs while maintaining privacy, essential for Web3 applications like privacy-preserving AI and healthcare analytics. This research aims to develop hash-based MPC protocols that are scalable and post-quantum secure, overcoming the limitations of current protocols that rely on computationally expensive cryptographic operations. Preliminary results with the HashRand protocol show significant performance improvements, achieving 11,000 beacons per minute with 16 participants, vastly outperforming existing solutions.

Encryption on Chain

Yevgeniy Dodis (New York University)

Blockchains like Bitcoin and Ethereum offer pseudonymity but lack strong privacy guarantees natively, allowing user transactions to be traceable. This research aims to address this by exploring “encryption on chain” for private storage, as opposed to zk-proofs, to ensure data privacy and availability on blockchains. Drawing on expertise from developing secure messaging protocols like Signal and Zoom, this project seeks to develop robust privacy solutions for blockchain transactions.

Evaluating Sui’s Resilience to Network Attacks

Prateek Mittal (Princeton University)

This research investigates the resilience of the Sui validator network to network-level routing attacks, particularly Border Gateway Protocol (BGP) hijacks and DDoS attacks. The study will assess validator nodes’ resilience to these threats, with the ultimate goal of developing a resilience “score” function to adjust validation payouts accordingly and incentivize secure connectivity via the next-generation network architecture SCION. This research will be the most detailed simulation of BGP hijack resilience to date, incorporating real-world routing aspects to ensure the robustness and reliability of Sui.

Faster zk-SNARKs from Accumulation

Benedikt Bünz (New York University)

This research aims to improve Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge (zk-SNARKs), enhancing blockchain privacy and efficiency. By using “accumulation” techniques, computations are broken into small steps and combined, simplifying verification. This method can improve signature aggregation in systems like Bullshark and Narwhal, offering more efficient verification. The project seeks to make zk-SNARKs faster and easier to generate for practical applications.

Fully Decentralized zkLogin with Biometric Login Methods and Switchable Login Providers

Jieliang Yin (The Hong Kong University of Science and Technology)

Current blockchain systems face challenges in user identity authentication, relying heavily on users to manage passwords or specific devices, which can be inconvenient and insecure. This proposed research addresses this issue by introducing a decentralized zkLogin solution that utilizes biometric identification methods such as voiceprint, fingerprint, face, and iris recognition. This approach eliminates the need for users to remember or carry anything and allows them to switch between different service providers, enhancing both convenience and security while ensuring continuous access to their blockchain accounts.

MoveGen: Generating Secure Smart Contracts Based on Natural Language and Security Specifications

Weidong Shi and Rabimba Karanjai (University Of Houston)

This project aims to enhance SolMover, a tool for generating Move code, by improving its task generator LLM, expanding the Move code dataset, and integrating error correction mechanisms. The research will explore the direct generation of Move code from natural language specifications, using compiler feedback to iteratively improve code accuracy and quality. Additionally, advanced safety alignment techniques, linter-based patching, and automatic unit test generation will be employed to ensure the correctness and reliability of the generated Move contracts. 

Scalability from Zero-Knowledge Virtual Machines

Sanjam Garg (University of California, Berkeley)

zk-proofs are a powerful cryptographic tool that ensures security and privacy in blockchain applications. zk-proofs certify the correct execution of computations without revealing any input data, making them crucial for applications like verifiable databases, private voting, and anonymous credentials. Implementing zk-proofs for the Move virtual machine would allow clients to execute smart contracts locally and submit proof, reducing miners’ workloads and supporting computationally-intensive contracts. This would also help enable privacy-preserving applications on Sui.

SuiGPT AutoTest: Generate Comprehensive Move Unit Tests with Large Language Models

Ken Koedinger and Eason Chen (Carnegie Mellon University)

While testing is crucial for maintaining smart contract integrity, crafting unit tests is very time-consuming. This research explores using LLMs to assist in writing these tests. Initial successes with prompt engineering show LLMs can generate effective, compilable test code. This research will develop an SDK and a Visual Studio Code extension to help Move developers easily create comprehensive unit tests, enhancing efficiency and reliability.

We would like to thank all those who submitted proposals for the Sui Academic Research Awards program. 

For those who are interested in the program, please submit your proposals for the next round by July 5, 2024.