I am a Research Associate working with Sarah Meiklejohn and funded by the Glass Houses Project.
Previously, I visited Andrew Miller at UIUC and completed my PhD with Feng Hao and Siamak F. Shahandashti at Newcastle University.
As well, I advise a startup called Indorse.io, maintain the popular Open Vote Network Project/LocalCrypto,
I'm member of IC3 and finally I work closely with RSK.
At heart I am an Engineer and interests include cryptocurrencies, smart contracts, cryptography and decentralised systems.
A short list of links about me
- [SPW '18] Why Preventing a Cryptocurrency Heist Isn't Good Enough Patrick McCorry, Malte Moeser and Taha Ali [Not online]
- All exchanges deploy preventive security measures to prevent (or reduce impact) of a heist. So far, this hasn't proven good enough.
- We propose that exchanges need to pursue reactionary measures that allow them to respond to a heist - which can be self-enforced by the blockchain. (i.e. a "pending" transaction that can be cancelled)
- [BITCOIN '18] Smart Contracts for Bribing Miners Patrick McCorry, Alexander Hicks and Sarah Meiklejohn [Paper][Ethnews]
- Three contracts to facilitate censorship, double-spending and goldfinger attacks
- Briber and Bribee only trust the contracts; and not each other
- [Audit] Security Audit of RSKJ Ginger 0.2.0, Patrick McCorry, Andrew Miller [Audit Report]
- A security audit commissioned by Rootstock.
- [Preprint] Consensus in the Age of Blockchains, Shehar Bano, Alberto Sonnino, Mustafa Al-Bassam, Sarah Azouvi, Patrick McCorry, Sarah Meiklejohn, George Danezis [Paper]
- Work-in-progress SoK on blockchain consensus protocols.
- [Preprint] The Nuts and Bolts of Micropayments: a Survey, Syed Taha Ali, Dylan Clarke and Patrick McCorry. [Paper]
- Work-in-progress survey on the evolution of micropayment systems and protocols.
- [CCS'17] Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing, Changyu Dong, Yilei Wang, Amjad Aldweesh, Patrick McCorry and Aad van Moorsel accepted at ACM Conference on Computer and Communications Security 2017. [Paper]
- A game-theoretic analysis of defeating collusion between two clouds for verifiable cloud computing.
- Game is set up such that one of the colluding cloud should declare their treachery (i.e. traitor).
- [CBT'17] Atomically Trading with Roger: Gambling on the success of a hard fork, Patrick McCorry, Ethan Heilman and Andrew Miller, accepted at the 1st International Workshop on Cryptocurrencies and Blockchain Technology. [Paper] [Hacking Distributed] [Front Cover of Coindesk]
- An atomic trade protocol that allows two parties to swap coins in the event a blockchain splits into two forks.
- Paper is motivated by a public pledge between Loaded and Roger to swap 60,000 coins in the event that Bitcoin Unlimited splits the blockchain.
- Suitable for any hardfork in Bitcoin that includes replay protection (and if a hardfork oracle can be constructed in Ethereum)
- Presented at Breaking Bitcoin 2017 and Scaling Bitcoin 2017!
- [Preprint] Sprites: Payment Channels that Go Faster than Lightning, Andrew Miller, Iddo Bentov, Ranjit Kumaresan, Patrick McCorry, under review. [Paper] [GitHub] [Coindesk]
- A smart contract for Bidirectional Payment Channels without an expiry time.
- Benefits of Ethereum include continuous withdrawals and deposits.
- Introduces a PreimageManager that reduces the worst-case delay to constant time.
- [FC'17] A Smart Contract for Boardroom Voting with Maximum Voter Privacy, Patrick McCorry, Siamak F. Shahandashti, and Feng Hao, accepted at the 21st Financial Cryptography and Data Security conference, Sliema, Malta. [Paper] [GitHub]
- We study the feasibility of executing cryptography protocols over the Ethereum blockchain.
- We implement the Open Vote Network that is a self-tallying internet voting protocol as a smart contract in Solidity.
- Our smart contract won 3rd prize in the Economist Security Challenge and the code is publicly available. [Blog] [Economist] [Economist Report] [Coindesk]
- [ACISP'16] Towards Bitcoin Payment Networks, Patrick McCorry, Malte Möser, Siamak F. Shahandashti, and Feng Hao, invited paper for 21st Australasian Conference on Information Security and Privacy , Melbourne, Australia.[Paper] [Blog]
- We summarise a new field of research 'Bitcoin Payment Networks' and provide a comparison for Duplex Micropayment Channels and Lightning Channels.
- We discuss how to perform Hashed Time-Locked Contracts (HTLC) in both schemes, and the challenges that payment networks face.
- It is our hope that this paper will inspire others to consider further research in this area.
- [FC'16] Refund Attacks on Bitcoins Payment Protocol, Patrick McCorry, Siamak F. Shahandashti, and Feng Hao, accepted at the 20th Financial Cryptography and Data Security conference, Bridgetown, Barbados.[Paper] [Blog]
- In this paper, we present new attacks on the Payment Protocol, which affect all BIP70 merchants.
- The Silkroad Trader attack highlights an authentication vulnerability in the Payment Protocol while the Marketplace Trader attack exploits the refund policies of existing Payment Processors.
- Both attacks have been experimentally verified on real-life merchants using a modified Bitcoin wallet.
- They have also been acknowledged by both Coinbase and Bitpay with temporary mitigation measures put in place.
- [SSR'15] Authenticated Key Exchange over Bitcoin, Patrick McCorry, Siamak F. Shahandashti, Dylan Clarke, and Feng Hao, accepted by the 2nd Security Standardisation Research Conference in Tokyo, Japan. [Paper]
- Allows two pseudonymous parties to establish a secure end-to-end communication channel using Bitcoin's public ledger.
- This Bitcoin-based Authentication is necessary in the cryptocurrency world as PKI (Pubic key infrastructure) and PAKE (Password based Authenticated Key Exchange) is not good enough to authenticate two pseudnymous users.
- Our technique exploits the random nonce found in ECDSA signatures.
- [SPW'15] Bitcoin: Perils of an Unregulated Global P2P Currency, Syed Taha Ali, Dylan Clarke, Patrick McCorry, accepted by the 23rd Security Protocols Workshop in Cambridge, England. [Paper]
- Ideological and design choices that define Bitcoin’s strengths are also directly responsible for the Bitcoin-related crime that we encounter in the news so often today.
- [BITCOIN'15] ZombieCoin: Powering Next-Generation Botnets with Bitcoin, Syed Taha Ali, Patrick McCorry, Peter Hyun-Jeen Lee and Feng Hao, accepted by the 2nd FC Workshop on Bitcoin Research 2015 in San Jaun, Puerto Rico. [Paper] [Forbes]
- We outline a design for next-generation Botners that leverage the Bitcoin network for a stealth and fast command & control center.
- Our design is immune to traditional takedown methods (closing web accounts/chatrooms/domains, poisoning routing tables, etc) - we have not yet discovered a method to "take down" these future botnets.
- [DIS'14] PosterVote: expanding the action repertoire for local political activism, Vasilis Vlachokyriakos, Rob Comber, Karim Ladha, Nick Taylor, Paul Dunphy, Patrick McCorry, Patrick Olivier, accepted at Proceedings of DIS 2014. [Paper]
- A low-cost deployable poster to encourage local political activism
Peer review activities
- Program Committee Member
- 1st Workshop on Cryptocurrencies and Blockchains for Distributed Systems @ ACM MobiSys 2018
- 2nd Security on Blockchains @ EuroS&P 2018
- 1st HCI for Blockchain Workshop @ CHI 2018
- 2nd Blockchains, Cryptocurrencies and Contracts Workshop @ AsiaCCS 2018
- 5th Bitcoin Workshop @ Financial Cryptography 2018
- 1st International Workshop on Cryptocurrencies and Blockchain Technology @ ESORICS 2017.
- 4th Bitcoin Workshop @ Financial Cryptography 2017
- Requested Reviewer
- 22nd Eurocrypt 2018
- 22nd Financial Cryptography 2018
- International Workshop on Digital Crime and Forensics 2016
- 14th Theory of Cryptography Conference 2016
- 21st European Symposium on Research in Computer Security (ESORICS) 2016
- 20th Financial Cryptography 2016
- 3rd Bitcoin Workshop @ Financial Cryptography 2016
- 20th European Symposium on Research in Computer Security (ESORICS) 2015
I have had the pleasure of presenting to the following audiences (slides and videos):
- UPCOMING: Bitcoin MIT Exp
- UPCOMING: Ethcc.io community meet up
- UPCOMING: Bitcoin Workshop @ Financial Cryptography 2018 (Smart Contracts for Bribing Miners)
- BPASE @ Stanford University (Smart Contracts for Bribing Miners)
- Guest lecture at Newcastle University 2016 for Feng Hao's class (Quirky world of cryptocurrencies: An Introduction)
- Guest lecture at University of Illinois Urbana-Champaign 2016 for Andrew Miller's class (Open Vote Network)
- Financial Cryptography 2016 (Refund Attacks)
- Bitcoin Summer School (Corfu) 2016 (Towards Bitcoin Payment Networks)
- Australasian Conference on Information Security and Privacy 2016 (Towards Bitcoin Payment Networks)
- North East Fraud Forum 2015 (Refund Attacks)
- PhD Consortium @ European Symposium on Research in Computer Security (ESORICS) 2015
- Cryptoforma @ University of Strathclyde 2015 (AKE)
- Security Standardisation Research 2015 (AKE)
- Cryptoforma @ Kent University 2015 (Zombiecoin)
- Bitcoin Workshop @ Financial Cryptography 2015 (Zombiecoin)
Awards that I have been lucky to win:
- 3rd Prize in the Economist Cyber Security Challenge.
- Design an e-voting system over the Blockchain [Economist],
- Short listed for Impact in Progress Award
- Only PhD student short-listed across all departments at Newcastle University
- 1st Prize in the Creative Cyber Security Hackathon
- Hosted by Newcastle University, Lancaster University, Raytheon and BIS (Department for Business and Innovation, UK) [Press]
- Best overall performance in Computer Science 2013
- [Award] was sponsored by Watersons
- Scott Logic Excellence Award
- Highest grade during the second year of the bachelor's degree
- Best Team for Team Project in Stage 2
- Excellence Scholarship
- Over-achieved the entry requirements to study at Newcastle University
Before the (emotional roller coaster) PhD
In my past life, I graduated 1st in my class with a BSc (Hons) Computer Science with Industrial Placement and during this course I had two jobs:
- Intern Software Engineer for CICS (Customer Information Control Systems) and CPSM (CICSPlex System Management) at IBM,
- Supervisor @ Subway for 5 years, working alongside Moffy.
Quoted in News
This is a short list of articles that have quoted me. This does not include articles about work (listed above) and is probably not up to date.
Yahoo Finance/Quartz, Nasdaq, Money Magazine, Bitcoin Magazine, WikiTribune, Catalyst-inc NI, Hype Codes, Coindesk, Fortune, Engadget, Tech Crunch, Cryptocurrency news, Forbes,Yahoo News, Edgy Labs, International Business Times, Coindesk, Jincor Blog, The Register, So Raven
My Linkedin profile, Twitter and curriculum vitae.
I can be contracted at firstname.lastname@example.org.
Thank you for visiting my page!