Seminar: On the Security of the Blockchain Bix Protocol and Certificates

posted Oct 6, 2017, 8:25 AM by Sebastian P.   [ updated Oct 6, 2017, 8:26 AM ]

Upcoming Seminar

 On the Security of the Blockchain Bix Protocol and Certificates

October 5, 15.00 (Aula F)
Palazzo delle Scienze - Cagliari

Riccardo Longo

University of Trento (IT)

Abstract: The BIX protocol is a blockchain-based protocol that allows distribution of certificates linking a subject with his public key, hence providing a service similar to that of a PKI but without the need of a CA. In this seminar I will present an analysis of the security of the BIX protocol in a formal way. First, I will identify formal security assumptions which are well-suited to this protocol. Second, I will present some attack scenarios against the BIX protocol. Finally, I will provide a formal security proof that these attacks are not feasible under our previously established assumptions.

Seminars series: cryptocurrencies and smart contracts 2017

posted Apr 18, 2017, 3:16 AM by Massimo Bartoletti

The preliminary programme of this series of seminars is available here.

Seminar: Behavioural type-checking of time-sensitive protocols

posted Apr 18, 2017, 2:57 AM by Massimo Bartoletti   [ updated Apr 18, 2017, 3:31 AM ]

Upcoming Seminar

Behavioural type-checking of time-sensitive protocols

April 21, 15.00 (Aula F)
Palazzo delle Scienze - Cagliari

Laura Bocchi

University of Kent (UK)

Abstract. In recent work we have extended multiparty session types (MPST) with a model of time borrowed from Communicating Time Automata (CTA). This allowed us to establish a sound and complete correspondence between timed MPST and a subclass of CTA that satisfies progress. On the basis of this correspondence, we can decide properties on CTA that are undecidable in the general case, such as safety (absence of orphan messages and communication mismatches), progress, non-zenoness and eventual reception of messages sent. I will present decidable conditions for these properties, and   give a concrete procedure to build *when possible* global timed MPST from (arbitrary) collections of timed automata, with the guarantee that the resulting global specification is a well-behaved composition.


Upcoming paper: An empirical analysis of smart contracts: platforms, applications, and design patterns

posted Mar 24, 2017, 1:49 PM by Massimo Bartoletti

Upcoming paper (to be presented at WTSC 2017)
Massimo Bartoletti and Livio Pompianu

Smart contracts are computer programs that can be consistently executed by a network of mutually distrusting nodes, without the arbitration of a trusted authority. Because of their resilience to tampering, smart contracts are appealing in many scenarios, especially in those which require transfers of money to respect certain agreed rules (like in financial services and in games). Over the last few years many platforms for smart contracts have been proposed, and some of them have been actually implemented and used. We study how the notion of smart contract is interpreted in some of these platforms. Focussing on the two most widespread ones, Bitcoin and Ethereum, we quantify the usage of smart contracts in relation to their application domain. We also analyse the most common programming patterns in Ethereum, where the source code of smart contracts is available.

Upcoming paper: An analysis of Bitcoin OP_RETURN metadata

posted Mar 24, 2017, 1:44 PM by Massimo Bartoletti

Upcoming paper (to be presented at BITCOIN 2017)
Massimo Bartoletti and Livio Pompianu

The Bitcoin protocol allows to save arbitrary data on the blockchain through a special instruction of the scripting language, called OP_RETURN. A growing number of protocols exploit this feature to extend the range of applications of the Bitcoin blockchain beyond transfer of currency. A point of debate in the Bitcoin community is whether loading data through OP_RETURN can negatively affect the performance of the Bitcoin network with respect to its primary goal. This paper is an empirical study of the usage of OP_RETURN over the years. We identify several protocols based on OP_RETURN, which we classify by their application domain. We measure the evolution in time of the usage of each protocol, the distribution of OP_RETURN transactions by application domain, and their space consumption.

Upcoming paper: Constant-deposit multiparty lotteries on Bitcoin

posted Mar 24, 2017, 1:42 PM by Massimo Bartoletti   [ updated Mar 24, 2017, 1:45 PM ]

Upcoming paper (to be presented at BITCOIN 2017)
Massimo Bartoletti and Roberto Zunino

Abstract. An active research trend is to exploit the consensus mechanism of cryptocurrencies to secure the execution of distributed applications. In particular, some recent works have proposed fair lotteries which work on Bitcoin. These protocols, however, require a deposit from each player which grows quadratically with the number of players. We propose a fair lottery on Bitcoin which only requires a constant deposit.

Upcoming paper: A survey of attacks on Ethereum smart contracts

posted Mar 24, 2017, 1:38 PM by Massimo Bartoletti

Upcoming paper (to be presented at POST 2017)
Nicola Atzei, Massimo Bartoletti, and Tiziana Cimoli

Abstract. Smart contracts are computer programs that can be correctly executed by a network of mutually distrusting nodes, without the need of an external trusted authority. Since smart contracts handle and transfer assets of considerable value, besides their correct execution it is also crucial that their implementation is secure against attacks which aim at stealing or tampering the assets. We study this problem in Ethereum, the most well-known and used framework for smart contracts so far. We analyse the security vulnerabilities of Ethereum smart contracts, providing a taxonomy of common programming pitfalls which may lead to vulnerabilities. We show a series of attacks which exploit these vulnerabilities, allowing an adversary to steal money or cause other damage.

The detailed code of attacks is available here.

Seminar: Scala in practice

posted Nov 30, 2016, 2:46 AM by Massimo Bartoletti   [ updated Dec 20, 2016, 10:49 PM ]

Upcoming seminar

Scala in practice
December 17th 2016, 9.00-13.00

Lab T - Palazzo delle Scienze - University of Cagliari


  • Introduction to Scala
  • Basic features and differences with respect to Ocaml
    • Values and functions
    • Classes and Case Class
    • Objects and Traits
  • Data structures and operations
    • Lists
    • Option
    • Map, Try, Futures
  • A practical application: Web services with Akka-Http

Teaching material

Upcoming paper: Honesty by Typing

posted Oct 24, 2016, 11:54 AM by Massimo Bartoletti

Upcoming paper (to appear in LMCS)
Massimo Bartoletti, Alceste Scalas, Emilio Tuosto and Roberto Zunino

Abstract. We propose a type system for a calculus of contracting processes. Processes can establish sessions by stipulating contracts, and then can interact either by keeping the promises made, or not. Type safety guarantees that a typeable process is honest - that is, it abides by the contracts it has stipulated in all possible contexts, even in presence of dishonest adversaries. Type inference is decidable, and it allows to safely approximate the honesty of processes using either synchronous or asynchronous communication.

Blockchain day @ Stirling

posted Aug 25, 2016, 2:50 AM by Massimo Bartoletti   [ updated Sep 7, 2016, 2:50 AM ]

Upcoming event

Bitcoin and Blockchain Technologies
August 31st 2016

Cottrell building 4B96  -  University of Stirling

An open, international, one-day of study, brainstorming and networking opportunities for interested researchers and stakeholders.

Keynote speaker:

Bud Mishra
Courant Institute of Mathematical Sciences and School of Medicine
New York University
Mt Sinai School of Medicine

Beyond the keynote talk, the day will comprise short introductions by the participants on ongoing research, initiatives, and groups focussing on BTC/BC. Networking opportunities and discussion on possible grants and projects will also be part of the day. We will be targeting H2020 and other EU initiatives, as well as UK funders and US-EU possible partnerships.

Preliminary Programme

09.30   Coffee & registration

10.00   Opening

 Welcome and round of short introductions

10.20   Daniela Bolle, Research Office,  University of Stirling

           Funding opportunities + questions/comments/insights.

           (including COST, ITN, Global Challenge, …)

11.00   Invited talk:  Bud Mishra, New York University.

           From spamhaus to our house: Blockchains and Costly Signaling

12.00   Lunch (Room 2B87)

13.15   Short talks

Andrea Bracciali, University of Stirling

Validation of decentralised Smart Contracts through game theory and formal methods

Massimo Bartoletti, TCS group University of Cagliari

Smart contracts: opportunities and open problems

Martin Chapman, King's College

Building a Blockchain POC for a major financial institution: the capabilities and limitations of existing technologies

Davide Grossi, University of Liverpool

Collective decision-making

Andrea Pinna, Agile group University of Cagliari

Bitcoin Blockchain analysis using the Petri Nets formalism

Federico Pintore, University of Trento

CryptoLabTN, Cryptyocurrencies and Blockchain

Simon Dobson, University of St Andrews

Can blockchains help make science must trustworthy?

15.30   Coffee break

16.00   Discussion on grant applications

 A networking session aimed at exploring the possibility of collaborations and funding

 applications, with a specific focus on selected EU and National programmes.

17.00   Closing

Accomodation and travelling information

Participation is free, but registration required for organisational purposes. Please register at:

preferably not later than 28th August!

Accommodation can be booked on campus or in nearby structures. Please see

for useful information about traveling to and staying in Stirling, as well as on-campus accommodation (please note that the event precedes the CIBB2016 conference, which is an independent event, but you can enquire for accommodation through the conference channels).


  • Andrea Bracciali, University of Stirling -, +44 (0)1786 467446
  • Massimo Bartoletti, University of Cagliari -     +39 (0)70 6758540

From spamhaus to our house: Blockchains and Costly Signaling

Abstract: this talk will focus on Bit-Coins and BlockChain Technologies and their implications for Privacy, Anonymity, Data Science, Finance and Market Micro-structure.


 Information Asymmetry, Signaling Games, Risks and Deception – Signaling Games On the Internet (& Biology)
– Costly Signaling, Block Chains, Verifiers and Recommenders
– Circulating Money via Signaling Games
– Value-Storing Money via Signaling Games
– Case Studies: Bit-Coins, Dark Web, Silk Road and MtGox
– Data Science and Finance

Slides: available here.

Bud Mishra is a professor of computer science and mathematics at NYU's Courant Institute of Mathematical Sciences, professor of computer science and engineering at NYU’s Tandon School of Engineering, professor of human genetics at Mt. Sinai School of Medicine, and a professor of cell biology at NYU School of Medicine. Prof. Mishra has a degree in Physics from Utkal University, in Electronics and Communication Engineering from IIT, Kharagpur, and MS and PhD degrees in Computer Science from Carnegie-Mellon University. He has industrial experience in Computer and Data Science (brainiad, Genesis Media, Pypestream, Tartan Laboratories, and ATTAP), Finance (Instadat, Tudor Investment and PRF, LLC), Robotics and Bio- and Nanotechnologies (Bioarrays, InSilico, Seqster, Abraxis, MRTech, and OpGen). He is the author of a textbook on algorithmic algebra and more than two hundred archived publications. He has advised and mentored more than 35 graduate students and post-docs in the areas of computer science, robotics and control engineering, applied mathematics, finance, biology and medicine. He is a fellow of IEEE, ACM and AAAS, a Distinguished Alumnus of IIT- Kharagpur, and a NYSTAR Distinguished Professor. From 2003-2006, he held adjunct professorship at Tata Institute of Fundamental Research in Mumbai, India. From 2001-04, he was a professor at the Watson School of Biological Sciences, Cold Spring Harbor Lab; currently he is a QB visiting scholar at Simons Center for Quantitative Biology, Cold Spring Harbor Lab.


  1. Open consultation on the next FET Proactive H2020 (please comment here)
  2. COST Action proposal Submission, Evaluation, Selection and Approval (SESA) guidelines
  3. COST technical annex

1-10 of 86