# On the Practicality of Smart Contract PKI

**Authors:** Christos Patsonakis, Katerina Samari, Aggelos Kiayias, Mema, Roussopoulos

arXiv: 1902.00878 · 2019-08-05

## TL;DR

This paper evaluates practical smart contract-based PKIs on Ethereum, comparing different designs' storage and computational tradeoffs, and proposes modifications to improve smart contract platform efficiency.

## Contribution

It implements and evaluates the first provably secure smart contract PKI on Ethereum, introduces a new constant-sized state construction, and analyzes Ethereum's cost model for identity management.

## Key findings

- The first secure smart contract PKI on Ethereum is implemented and tested.
- A new construction with constant-sized state is proposed and shown to be deployable on Ethereum.
- Ethereum's current cost model has shortcomings for large-scale identity applications.

## Abstract

Public key infrastructures (PKIs) are one of the main building blocks for securing communications over the Internet. Currently, PKIs are under the control of centralized authorities, which is problematic as evidenced by numerous incidents where they have been compromised. The distributed, fault tolerant log of transactions provided by blockchains and more recently, smart contract platforms, constitutes a powerful tool for the decentralization of PKIs. To verify the validity of identity records, blockchain-based identity systems store on chain either all identity records, or, a small (or even constant) sized amount of data to verify identity records stored off chain. However, as most of these systems have never been implemented, there is little information regarding the practical implications of each design's tradeoffs.   In this work, we first implement and evaluate the only provably secure, smart contract based PKI of [1] on top of Ethereum. This construction incurs constant-sized storage at the expense of computational complexity. To explore this tradeoff, we propose and implement a second construction which, eliminates the need for trusted setup, preserves the security properties of [1] and, as illustrated through our evaluation, is the only version with constant-sized state that can be deployed on the live chain of Ethereum. Furthermore, we compare these two systems with the simple approach of most prior works, e.g., the Ethereum Name Service, where all identity records are stored on the smart contract's state, to illustrate several shortcomings of Ethereum and its cost model. We propose several modifications for fine tuning the model, which would be useful to be considered for any smart contract platform like Ethereum so that it reaches its full potential to support arbitrary distributed applications.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1902.00878/full.md

## Figures

6 figures with captions in the complete paper: https://tomesphere.com/paper/1902.00878/full.md

## References

49 references — full list in the complete paper: https://tomesphere.com/paper/1902.00878/full.md

---
Source: https://tomesphere.com/paper/1902.00878