| dc.description.abstract | Blockchain technology elegantly provides a spectrum of desirable semantic properties, including immutability, authenticity, verifiability, and data integrity. In recent years, implementing blockchains on relational database platforms has been advocated as a synergistic enterprise that leverages their efficient data processing capabilities. Therefore, in this work, we study Credereum, a public-domain software that layers blockchain semantics on native PostgreSQL. Specifically, Credereum is intended for delivering cryptographically verifiable consensus and provenance in a permissioned centralized setting, using an Ethereum smart contract as an immutable trusted storage repository. Our motivation for choosing Credereum is that it is among the few public-domain permissioned blockchain systems developed on an RDBMS platform. However, while studying Credereum, we encountered two major issues – the first related to security, with a potential for malicious server activity in block Merkle formation, and the other with regard to degraded transaction throughput. We address both these issues in our work, as described in the following.
With regard to security, Credereum summarizes the modifications made at transaction-level and block-level by constructing Merkle trees, namely, Transaction Merkle Tree (TMT) and Block Merkle Tree (BMT). However, the BMT details are hidden from the clients, and therefore the server can maliciously include extra rows, leading to ledger invalidity. To tackle this loophole, we propose SecCred, which displays the block Merkle details for clients to verify in SHA-256 hash forms. Importantly, these changes retain Credereum’s native blockchain properties, and do not incur perceptible processing overheads.
Turning to performance, our analysis shows that the Credereum blockchain semantics are obtained with enormous cost in performance – specifically, orders-of-magnitude degradation in transaction throughput as compared to native PostgreSQL. We carefully investigate the sources of this massive deterioration, and propose an initial set of simple but potent programming and algorithmic changes to the Credereum software that help retrieve an order-of-magnitude of the lost performance. These modifications are primarily with respect to the procedures for string matching and TMT formation. Again, our modified versions, called ProgCred, PerfCredA and PerfCredB, are implemented so as to preserve Credereum’s blockchain semantics. | en_US |
