Imperial College London

MrKaihuaQin

Faculty of EngineeringDepartment of Computing

Research Postgraduate
 
 
 
//

Contact

 

kaihua.qin Website

 
 
//

Location

 

ACE ExtensionSouth Kensington Campus

//

Summary

 

Publications

Publication Type
Year
to

10 results found

Qin K, Zhou L, Gamito P, Jovanovic P, Gervais Aet al., 2021, An empirical study of DeFi liquidations, Proceedings of the 21st ACM Internet Measurement Conference

Journal article

Zhou L, Qin K, Cully A, Livshits B, Gervais Aet al., 2021, On the Just-In-Time Discovery of Profit-Generating Transactions in DeFi Protocols, 2021 IEEE Symposium on Security and Privacy (SP), Publisher: IEEE

Conference paper

Qin K, Zhou L, Livshits B, Gervais Aet al., 2021, Attacking the DeFi Ecosystem with Flash Loans for Fun and Profit, FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, FC 2021, PT I, Vol: 12674, Pages: 3-32, ISSN: 0302-9743

Journal article

Janin S, Qin K, Mamageishvili A, Gervais Aet al., 2020, FileBounty: fair data exchange, 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Publisher: IEEE, Pages: 357-366

Digital contents are typically sold online through centralized and custodian marketplaces, which requires the trading partners to trust a central entity. We present FileBounty, a fair protocol which, assuming the cryptographic hash of the file of interest is known to the buyer, is trust-free and lets a buyer purchase data for a previously agreed monetary amount, while guaranteeing the integrity of the contents. To prevent misbehavior, FileBounty guarantees that any deviation from the expected participants' behavior results in a negative financial payoff; i.e. we show that honest behavior corresponds to a subgame perfect Nash equilibrium. Our novel deposit refunding scheme is resistant to extortion attacks under rational adversaries. If buyer and seller behave honestly, FileBounty's execution requires only three on-chain transactions, while the actual data is exchanged off-chain in an efficient and privacypreserving manner. We moreover show how FileBounty enables a flexible peer-to-peer setting where multiple parties fairly sell a file to a buyer.

Conference paper

Zhou L, Qin K, Torres CF, Le DV, Gervais Aet al., 2020, High-Frequency Trading on Decentralized On-Chain Exchanges, 42nd IEEE Symposium on Security and Privacy

Conference paper

Qin K, Hadass H, Gervais A, Reardon Jet al., 2019, Applying Private Information Retrieval to Lightweight Bitcoin Clients, 2019 Crypto Valley Conference on Blockchain Technology (CVCBT), Publisher: IEEE

Conference paper

Song Yubo, Qin Kaihua, Zhou Mujing, 2014, Accurate location based services by mobile phone actively detected, International Conference on Cyberspace Technology (CCT 2014), Publisher: Institution of Engineering and Technology

Conference paper

Janin S, Qin K, Mamageishvili A, Gervais Aet al., FileBounty: Fair Data Exchange

Digital contents are typically sold online through centralized and custodianmarketplaces, which requires the trading partners to trust a central entity. Wepresent FileBounty, a fair protocol which, assuming the cryptographic hash ofthe file of interest is known to the buyer, is trust-free and lets a buyerpurchase data for a previously agreed monetary amount, while guaranteeing theintegrity of the contents. To prevent misbehavior, FileBounty guarantees thatany deviation from the expected participants' behavior results in a negativefinancial payoff; i.e. we show that honest behavior corresponds to a subgameperfect Nash equilibrium. Our novel deposit refunding scheme is resistant toextortion attacks under rational adversaries. If buyer and seller behavehonestly, FileBounty's execution requires only three on-chain transactions,while the actual data is exchanged off-chain in an efficient andprivacy-preserving manner. We moreover show how FileBounty enables a flexiblepeer-to-peer setting where multiple parties fairly sell a file to a buyer.

Working paper

Qin K, Zhou L, Gervais A, Quantifying Blockchain Extractable Value: How dark is the forest?

Permissionless blockchains such as Bitcoin have excelled at financialservices. Yet, opportunistic traders extract monetary value from the mesh ofdecentralized finance (DeFi) smart contracts through so-called blockchainextractable value (BEV). The recent emergence of centralized BEV relayerportrays BEV as a positive additional revenue source. Because BEV wasquantitatively shown to deteriorate the blockchain's consensus security, BEVrelayers endanger the ledger security by incentivizing rational miners to forkthe chain. For example, a rational miner with a 10% hashrate will fork Ethereumif a BEV opportunity exceeds 4x the block reward. However, related work is currently missing quantitative insights on past BEVextraction to assess the practical risks of BEV objectively. In this work, weallow to quantify the BEV danger by deriving the USD extracted from sandwichattacks, liquidations, and decentralized exchange arbitrage. We estimate thatover 32 months, BEV yielded 540.54M USD in profit, divided among 11,289addresses when capturing 49,691 cryptocurrencies and 60,830 on-chain markets.The highest BEV instance we find amounts to 4.1M USD, 616.6x the Ethereum blockreward. Moreover, while the practitioner's community has discussed the existence ofgeneralized trading bots, we are, to our knowledge, the first to provide aconcrete algorithm. Our algorithm can replace unconfirmed transactions withoutthe need to understand the victim transactions' underlying logic, which weestimate to have yielded a profit of 57,037.32 ETH (35.37M USD) over 32 monthsof past blockchain data. Finally, we formalize and analyze emerging BEV relay systems, where minersaccept BEV transactions from a centralized relay server instead of thepeer-to-peer (P2P) network. We find that such relay systems aggravate theconsensus layer attacks and therefore further endanger blockchain security.

Journal article

Qin K, Zhou L, Afonin Y, Lazzaretti L, Gervais Aet al., CeFi vs. DeFi -- Comparing Centralized to Decentralized Finance

To non-experts, the traditional Centralized Finance (CeFi) ecosystem may seemobscure, because users are typically not aware of the underlying rules oragreements of financial assets and products. Decentralized Finance (DeFi),however, is making its debut as an ecosystem claiming to offer transparency andcontrol, which are partially attributable to the underlying integrity-protectedblockchain, as well as currently higher financial asset yields than CeFi. Yet,the boundaries between CeFi and DeFi may not be always so clear cut. In this work, we systematically analyze the differences between CeFi andDeFi, covering legal, economic, security, privacy and market manipulation. Weprovide a structured methodology to differentiate between a CeFi and a DeFiservice. Our findings show that certain DeFi assets (such as USDC or USDTstablecoins) do not necessarily classify as DeFi assets, and may endanger theeconomic security of intertwined DeFi protocols. We conclude this work with theexploration of possible synergies between CeFi and DeFi.

Journal article

This data is extracted from the Web of Science and reproduced under a licence from Thomson Reuters. You may not copy or re-distribute this data in whole or in part without the written consent of the Science business of Thomson Reuters.

Request URL: http://wlsprd.imperial.ac.uk:80/respub/WEB-INF/jsp/search-html.jsp Request URI: /respub/WEB-INF/jsp/search-html.jsp Query String: respub-action=search.html&id=00958695&limit=30&person=true