Date of Award

5-11-2025

Date Published

June 2025

Degree Type

Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department

Electrical Engineering and Computer Science

Advisor(s)

Yuzhe Tang

Keywords

Blockchain;Decentralized system;System security

Subject Categories

Computer Sciences | Physical Sciences and Mathematics

Abstract

This dissertation studies the security challenges of blockchain transaction processing before consensus. While prior work has focused on consensus protocols and smart contract bugs, the pre-consensus infrastructure, such as the mempool and off-chain batching, remain underexplored. This dissertation aims to bridge that gap by systematically analyzing both transaction processing in the mempool and off-chain transaction batching for cost-optimization. This dissertation focuses on two core contributions. First, it presents MPFUZZ, an automated software fuzzing tool designed to uncover denial-of-service vulnerabilities in Ethereum mempools. This work is the first to formally define the mempool fuzzing problem and introduce bug oracles that detect asymmetric DoS conditions. MPFUZZ successfully discovers 24 previously unknown vulnerabilities in major Ethereum clients. Second, the dissertation introduces iBatch, a secure and cost-efficient middleware for batching smart contract invocations against an untrusted off-chain relay server. iBatch addresses core security challenges in transaction batching by preventing invocation manipulation from untrusted servers. It significantly reduces invocation costs while maintaining lightweight and effective security validation. Together, these contributions improve the robustness and security of transaction processing before confirmation in blockchain systems.

Access

Open Access

Download

Share

COinS