Ittay Eyal?

Associate Prof., ECE, Technion.

Associate Director, Initiative For Cryptocurrencies & Contracts.
Twitter @ittayeyal
Meyer 904, Technion,
Haifa, Israel [map]

My research focuses on the security and scalability of distributed systems, in particular blockchain protocols and trusted execution environments. I have previously worked on distributed storage algorithms and data aggregation in sensor networks. I completed my Ph.D. in 2013 at the Technion's Electrical Engineering (today ECE) Department under the supervision of Prof. Idit Keidar and Prof. Raphi Rom.





Publications in Google Scholar and DBLP.

Selected projects:


Human-machine authentication, the binding of a principal to a digital identity, stands at the basis of security analysis and design and its various aspects are actively studied. Nonetheless, authentication in large-scale systems and in decentralized systems presents challenges that are, to the best of our knowledge, not addressed or even defined by previous work.
[ Avalanche Summit II]

Asynchronous Authentication If the network between the user and authenticator is asynchronous, every mechanism is dominated by one defined with a monotonic Boolean function. A greedy algorithm can approximate optimal mechanisms based on scenario probability.
With Marwa Mouallem. [tech report '23] To be published in CCS'24

Interactive Authentication Interactive authentication mechanisms offer superior security compared to one-shot methods, with provable bounds and maximal mechanisms improving widely-used systems.
With Deepak Maram and Mahimna Kelkar. [tech report '23] To be published in CCS'24

Wallet Design We define the faults keys suffer (loss, leak, theft), formulate cryptocurrency wallets as monotone boolean functions, and search for optimal wallets. We use exhaustive search where possible and heuristic approaches otherwise, revealing surprising behavior.
[post] [Tokenomics'21]
Wallet designer app: Find optimal wallet and deploy directly with Metamask. (First place in the 2022 IC3 Blockchain Camp hackathon) [Ethereum Wallet Designer]

Blockchain Incentives

The security of blockchain protocols relies critically on incentives, generated as tokens within the system. This allows them to achieve unprecedented guarantees, but opens up questions on security, mechanism design, and performance.

WeRLman: To Tackle Whale (Transactions), Go Deep (RL) Blockchain consensus is sensitive to reward variance due to fees, not only to reward value. Using deep reinforcement learning to explore the large state space induced due to fees.
With Roi Bar-Zur, Ameer Abu-Hanna, and Aviv Tamar. [post] [tech report '22] [IEEE S&P'23] [ Roi @ IEEE S&P'23]

Mutual Assured Destruction HTLC (MAD-HTLC) A new attack threatens the common HTLC primitive that secures various smart contracts including payment channels. A novel alternative utilizes Mutual Assured Destruction (MAD-HTLC) to align participant incentives, utilizing miners as first-class participants.
With Itay Tsabary, Matan Yehieli and Alex Manuskin. [post] [IEEE S&P'21] [ Itay @ IBRD'21]

Blockchain Denial of Service (BDoS) First blockchain DoS by a minority attacker (actually much smaller) – by manipulating incentives.
With Michael Mirkin, Yan Ji, Jonathan Pang, Ariah Klages-Mundt, and Ari Juels. [post] [CCS'20] [ Michael @ CCS'20]

Random-Termination Markov Decision Process Efficient MDP analysis of selfish mining strategies by introducing a random-termination edge, resulting in a linear target function. New bound for Ethereum security.
With Roi Bar-Zur and Aviv Tamar. [AFT'20] [ Roi @ AFT'20]

The Gap Game When a blockchain's minting rate is not large enough, miners switch to intermittent mining sooner rather than later.
With Itay Tsabary. [CCS'18] [ Itay @ CCS'18]

Selfish Mining The security threshold for Nakamoto's blockchain is lower than previously thought, as minority miners are incentivized to deviate from the protocol.
With Emin Gun Sirer [HD post '13] [DT post '20] [FC'14] [CACM'18]

Blockchain Performance

Proof of Work and similar mechanisms overcome Sybil attacks in open decentralized systems, but introduce new trade-offs. The interaction of second-tier protocols with an underlying blockchain poses novel challenges.

Teechain Payment channels and chains of channels with asynchronous blockchain access using Trusted Execution Environments (Intel SGX).
With Joshua Lind, Oded Naor, Florian Kelbert, Emin Gün Sirer, and Peter Pietzuch. [SOSP'19] [ Josh @ SOSP'19]

Ostraka High-throughput blockchain by scaling up: securely parallelizing a Bitcoin node.
With Alex Manuskin and Michael Mirkin. [IEEE S&B'20] [ Alex @ Binary District 2018]

Bitcoin-NG High-throughput blockchain with low first-confirmation latency by separating leader election from block proposal.
With Adem Efe Gencer, Emin Gün Sirer, and Robbert Van Renesse. [NSDI'16]

Proof of Work Sustainability

Proof of Work overcomes Sybil resistance in an open decentralized system but comes at a significant cost in terms of ecological impact. Can similar security be achieved with a reduced footprint?

Sprints: Intermittent Blockchain PoW Mining Achieve (almost) pure-Proof-of-Work security by intermittently mining. Enforced with Proof-of-Delay (locally computed, think VDF) before each block's PoW.
With Michael Mirkin, Lulu Zhou, and Fan Zhang. [ePrint] To be published in USENIX'24

HEB: Hybrid-Expenditure Blockchains Reducing external (physical) PoW expenditure while keeping security against rational attackers. We achieve this while keeping the system decentralized by incentivizing miners to expend tokens on-chain.
With Itay Tsabary and Alexander Spiegelman. [arXiv] [Tokenomics'21]

REM: Resource-Efficient Mining Using personally-useful work for Proof of Work, enforced by a 2-level hierarchy of TEE enclaves.
With Fan Zhang, Robert Escriva, Ari Juels, and Robbert van Renesse. [USENIX-SECURITY'17] [ Fan @ USENIX-SECURITY'17]

Theme by Bootstrap, under MIT licenses
Twitter icon by Elegant Themes from is licensed under CC BY 3.0
Youtube icons by Freepik from