Giulia Scaffino

MSc

Giulia Scaffino

I joined the Security and Privacy group as a University Researcher in August 2021. My research interests include cryptocurrencies, blockchain interoperability and scalability, off-chain protocols and decentralized finance (DeFi).

Before starting my PhD at TUWien, I have been working for 9 months as a Salesforce developer at Deloitte Digital, Milan, Italy. After my Bachelor in Physics, I have done my Master in Nuclear and Particle Physics at the University of Pavia, Italy. I graduated in 2019 with the thesis Analysis of the pi0 photoproduction in the Delta(1232) region.

Roles
  • PreDoc Researcher
Publications (created while at TU Wien)
    2023
    • Distributed Key Generation with Smart Contracts using zk-SNARKs
      Sober, M., Max Kobelt, Scaffino, G., Kaaser, D., & Schulte, S. (2023). Distributed Key Generation with Smart Contracts using zk-SNARKs. In SAC ’23: Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing (pp. 231–240). Association for Computing Machinery.
      DOI: 10.34726/4523 Metadata
      Abstract
      Distributed Key Generation (DKG) is an extensively researched topic as it is fundamental to threshold cryptosystems. Emerging technologies such as blockchains benefit massively from applying threshold cryptography in consensus protocols, randomness beacons, and threshold signatures. However, blockchains and smart contracts also enable further improvements of DKG protocols by providing a decentralized computation and communication platform. For that reason, we propose a DKG protocol that uses smart contracts to ensure the correct execution of the protocol, allow dynamic participation, and provide crypto-economic incentives to encourage honest behavior. The DKG protocol uses a dispute and key derivation mechanism based on Zero-Knowledge Succinct Non-interactive Arguments of Knowledge (zk-SNARKs) to reduce the costs of applying smart contracts by moving the computations off-chain, where the smart contract only verifies the correctness of the computation.
    • Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFi
      Scaffino, G., Aumayr, L., Avarikioti, G., & Maffei, M. (2023). Glimpse: On-Demand PoW Light Client with Constant-Size Storage for DeFi. In Proceedings of the 32nd USENIX Security Symposium (pp. 733–750).
      Metadata
      Abstract
      Cross-chain communication is instrumental in unleashing the full potential of blockchain technologies, as it allows users and developers to exploit the unique design features and the profit opportunities of different existing blockchains. The majority of interoperability solutions are provided by centralized exchanges and bridge protocols based on a trusted majority, both introducing undesirable trust assumptions compared to native blockchain assets. Hence, increasing attention has been given to decentralized solutions: Light and super-light clients paved the way for chain relays, which allow verifying on a blockchain the state of another blockchain by respectively verifying and storing a linear and logarithmic amount of data. Unfortunately, relays turn out to be inefficient in terms of computational costs, storage, or compatibility. We introduce Glimpse, an on-demand bridge that leverages a novel on-demand light client construction with only constant on-chain storage, cost, and computational overhead. Glimpse is expressive, enabling a plethora of DeFi and off-chain applications such as lending, pegs, proofs of oracle attestations, and betting hubs. Glimpse also remains compatible with blockchains featuring a limited scripting language such as the Liquid Network (a pegged sidechain of Bitcoin), for which we present a concrete instantiation. We prove Glimpse security in the Universal Composability (UC) framework and further conduct an economic analysis. We evaluate the cost of Glimpse for Bitcoin-like chains: verifying a simple transaction has at most 700 bytes of on-chain overhead, resulting in a one-time fee of $3, only twice as much as a standard Bitcoin transaction.
    • A blockchain-based IoT data marketplace
      Sober, M., Scaffino, G., Schulte, S., & Kanhere, S. S. (2023). A blockchain-based IoT data marketplace. CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 26(6), 3523–3545.
      DOI: 10.1007/s10586-022-03745-6 Metadata
      Abstract
      The (IoT) is growing steadily, and so is the number of data that is generated by (IoT) devices. This makes it difficult to find and leverage relevant data (and data sources) without a data marketplace. Such a marketplace provides a platform to enable different parties, e.g., sensor operators and service providers, to trade their data. Today, most data marketplaces are based on centralized solutions, which may become a single point of failure and come with expensive infrastructure, trust problems, and privacy issues. Therefore, we propose the application of blockchain technology to implement a data marketplace for the IoT. Within the proposed marketplace, smart contracts are used to implement various functionalities and enforce the rules of the data exchange. The marketplace also includes a proxy, a broker, and (GUIs) to enable data trading. To show the applicability of the proposed data marketplace, we analyze the costs arising from the utilization of smart contracts.