Privacy-Preserving and Incentive-Driven Relay-Based Framework for Cross-Domain Blockchain Interoperability

Basic Information

• Paper ID: 2510.14151
• Title: Privacy-Preserving and Incentive-Driven Relay-Based Framework for Cross-Domain Blockchain Interoperability
• Authors: Saeed Moradi, Koosha Esmaeilzadeh Khorasani, Sara Rouhani (University of Manitoba & École de technologie supérieure)
• Classification: cs.DC (Distributed, Parallel, and Cluster Computing)
• Publication Date: October 15, 2025 (arXiv preprint)
• Paper Link: https://arxiv.org/abs/2510.14151

Abstract

Blockchain interoperability is crucial for transforming isolated networks into collaborative ecosystems. While significant progress has been made in public chain interoperability, connecting permissioned and permissionless chains faces unique challenges due to differences in access control, architecture, and security requirements. This paper proposes a blockchain-agnostic framework that leverages cryptographic techniques to ensure secure data exchange. Its lightweight architectural design simplifies implementation and maintenance, while integrating Clover and Dandelion++ protocols to enhance transaction anonymity. Performance evaluation through measurements of forwarding time, throughput, availability, and system resilience against collusion attacks demonstrates the framework's effectiveness in achieving secure and efficient interoperability in heterogeneous blockchain ecosystems.

Research Background and Motivation

Core Problems

1. Interoperability Challenges: Most existing blockchain networks operate in isolation, limiting their potential in multi-network environments
2. Heterogeneous Network Connectivity: Fundamental differences exist between permissioned chains (e.g., enterprise-grade Hyperledger Fabric) and permissionless chains (e.g., Substrate)
3. Privacy Protection Requirements: Enterprise-grade permissioned chains handle sensitive data requiring strict confidentiality and anonymity measures

Problem Significance

• Widespread application of blockchain technology in finance, healthcare, supply chain management, and other domains requires cross-chain collaboration
• Enterprise-level applications require interoperability with public chains while maintaining data privacy
• Existing solutions primarily focus on homogeneous networks, overlooking hybrid scenarios combining permissioned and permissionless chains

Limitations of Existing Approaches

1. Polkadot: Primarily targets permissionless networks, lacking privacy protection capabilities required for enterprise applications
2. Cosmos: While supporting both network types, primarily focuses on permissionless systems, facing challenges when integrating highly customized permissioned networks
3. Hyperledger Cacti: Specifically connects permissioned chains but does not support interoperability with permissionless systems
4. Existing Privacy Solutions: Primarily focus on atomic swaps without adequately addressing network-layer security concerns

Core Contributions

1. Blockchain-Agnostic Interoperability Framework: Proposes the first architecture specifically connecting permissioned and permissionless chains, emphasizing privacy and security in heterogeneous environments
2. Privacy Security Mechanisms: Combines cryptographic methods and advanced routing protocols to protect user identity, obfuscate request sources, and ensure data confidentiality in cross-network transactions
3. Security Analysis: Conducts formal security analysis of relay-based architecture, demonstrating how probabilistic source obfuscation mechanisms mitigate de-anonymization attacks
4. Performance Evaluation: Provides comprehensive analysis of system communication efficiency and scalability through measurement of request-response time and isolation of blockchain-related processing latency

Methodology Details

Task Definition

Input: Cross-chain transaction requests from permissioned chain (Hyperledger Fabric) or permissionless chain (Substrate) users Output: Transactions securely executed on target chains while protecting user identity and transaction data privacy Constraints:

• Guarantee data confidentiality and integrity
• Achieve user identity anonymization
• Resist various network attacks (including collusion attacks)

System Architecture

Core Components

1. Relay Service: Acts as intermediary between two blockchains with blockchain-agnostic properties
2. Cross-Chain Smart Contracts: Store configuration information, manage relay installation, and control transaction flow
3. Encryption and Signature Keys: Used for encrypting and signing transaction requests
4. Certificate Authority (CA): Issues certificates to relay nodes and manages network membership

Transaction Flow

User A (HF) → Cross-chain Smart Contract → Relay Node 1 → ... → Relay Node n → Target Contract → User B (Substrate)

Each step includes:

• Encrypting messages using recipient's public key
• Signing with sender's private key
• Verifying signature before re-encrypting and forwarding

Key Technical Components

1. Blind Signature Mechanism

m' = b · m (mod n)          // User blinds message
s' = D(m') = (m')^d (mod n) // Signer computes signature  
s = s' · b^(-1) (mod n)     // User unblinds

Prevents signers (smart contracts and relay nodes) from viewing message content.

2. Ring Signatures

Each relay node uses ring signature scheme to sign forwarded messages. Verifiers can confirm the message was signed by some member of group R = {P1, P2, ..., Pn}, but cannot determine which specific member.

3. Onion Routing

Messages are randomly forwarded through multiple nodes, with each node knowing only the previous and next nodes:

User → Relay_i: Enc_Ri(M)
Relay_i → Relay_{i+1}: RingSign_R(M)

Source Anonymization Protocol

Dandelion++ Protocol

• Stem Phase: Transaction forwarded along random path (no cycles/backtracking)
• Fluff Phase: Broadcast to broader network
• Objective: External observers cannot link broadcast to true source

Clover Protocol

• Diffusion Phase: Transaction sent to multiple randomly selected relay nodes
• Proxy Phase: Transaction hops between nodes until satisfying probability condition
• Advantage: Enhanced resistance to path inference attacks through multi-path distribution

Security Mathematical Model

Data Leakage Probability:

p(BTx) = ∏_{i=0,j=0}^{3f/n} (f-j)/(n-i)

Where:

• f: Number of forwarding steps
• n: Total number of relay nodes
• Attackers must compromise at least f/3 nodes to reconstruct complete path

Key Insights:

• Higher f/n ratio increases privacy leakage risk
• More network nodes reduce data leakage probability
• Trade-off exists between anonymity and data leakage

Experimental Setup

Experimental Environment

1. Substrate Network: Uses Substrate Contracts Node configuration with necessary interfaces for deploying and interacting with smart contracts
2. Hyperledger Fabric Test Network: Serves as permissioned chain environment, configured with channels and CA for secure communication
3. Relay Service: Contains 100 relay nodes connecting HF and Substrate

Evaluation Metrics

1. Forwarding Time: Average time for messages to traverse relay network
2. Throughput: Number of transactions processed per second
3. Availability: System performance under node failures
4. De-anonymization Probability: Probability of exposing user identity under collusion attacks
5. Anonymity Set Size: Number of possible transaction initiators

Comparison Methods

• Shortest Ping: Selects relay nodes with shortest response time (prioritizes performance over privacy)
• Dandelion++: Deterministic stem-fluff mechanism
• Clover: Probabilistic random forwarding

Experimental Results

Forwarding Time Performance

• Clover: Achieves balance between forwarding time and forwarding hops, suitable for applications requiring efficiency and moderate privacy
• Dandelion++: Prioritizes robust source obfuscation and privacy but incurs higher forwarding time
• Shortest Ping: Best performance but weakest privacy protection

Throughput Analysis

Theoretical system throughput:

TPR = Σ_{i=1}^{n-1} TPr_i

Experimental Results:

• Clover performance approaches Shortest Ping method
• Dandelion++ throughput significantly decreases when forwarding steps exceed 10
• All methods show similar performance with fewer forwarding steps

Availability Testing

• All methods show similar performance when fewer than 3 nodes fail
• Processing time increases exponentially as failed nodes increase
• Clover shows slower processing time growth than Dandelion++, attributed to its ability to broadcast requests to sufficient nodes

Collusion Attack Resistance Analysis

De-anonymization Probability

• Dandelion++: Steep increase with collusion ratio, approaching 90% at 50% collusion
• Clover: Greater resistance, remaining below 70% de-anonymization rate at 50% collusion

Anonymity Set Size

• Dandelion++: Larger initial anonymity set (approximately 7) but rapidly decreases with increased collusion
• Clover: Smaller initial anonymity set (4.5) but decreases more gradually, demonstrating better stability

Related Work

Permissionless Chain Interoperability Frameworks

1. Polkadot: Enables heterogeneous network communication through relay chain architecture, but primarily focuses on permissionless networks
2. Cosmos: Connects independent blockchains through IBC protocol, maintains blockchain sovereignty but primarily serves DeFi applications

Permissioned Chain Interoperability Solutions

1. Hyperledger Cacti: Specifically connects HF, Corda, Quorum and other permissioned chains, adopts modular architecture but does not support permissionless systems

Hybrid Network Solutions

1. Axelar: Supports cross-chain communication through decentralized validator networks but introduces additional trust assumptions
2. Chainlink CCIP: Uses decentralized oracle networks but trust dependencies may conflict with permissioned chain privacy requirements

Privacy Protection Technologies

Existing solutions primarily focus on atomic swaps without adequately addressing network-layer security issues when connecting permissioned and permissionless chains.

Conclusions and Discussion

Main Conclusions

1. Proposes the first privacy-preserving framework specifically for permissioned-permissionless chain interoperability
2. Clover protocol achieves better balance between collusion attack resistance and performance
3. System achieves acceptable performance levels while ensuring privacy
4. Inherent trade-off exists between anonymity and data leakage risk

Limitations

1. Title-Content Mismatch: Paper title mentions "incentive-driven" but content lacks detailed discussion of incentive mechanisms
2. Experimental Scale: Testing conducted only in environment with 100 relay nodes; actual deployment scale may be larger
3. Network Heterogeneity: Only tested with HF and Substrate; applicability to other blockchain platforms unverified
4. Long-term Security: Does not consider future threats such as quantum computing on cryptographic schemes

Future Directions

1. Design specific incentive mechanisms to encourage relay node participation
2. Extend support to additional blockchain platforms
3. Optimize performance for large-scale deployment
4. Research integration of post-quantum cryptographic schemes

In-Depth Evaluation

Strengths

1. Strong Problem Targeting: Fills important gap in permissioned-permissionless chain interoperability
2. Complete Technical Solution: Forms complete technology stack from architectural design to security analysis
3. Comprehensive Experimental Evaluation: Covers multiple dimensions including performance, security, and availability
4. In-Depth Theoretical Analysis: Provides mathematized security analysis model
5. Objective Protocol Comparison: Fairly compares advantages and disadvantages of different anonymization protocols

Weaknesses

1. Missing Incentive Mechanisms: Incentive-driven characteristics promised in title insufficiently reflected in content
2. Limited Experimental Environment: Testing environment relatively simple with gaps from actual production environments
3. Insufficient Scalability Verification: Performance in large-scale networks not adequately validated
4. Lacking Economic Model: Absence of economic incentive analysis for relay node participation
5. Insufficient Deployment Complexity Discussion: Limited discussion of operational complexity in actual deployment

Impact

1. Academic Value: Provides new perspectives and methods for cross-chain interoperability research
2. Practical Value: Offers privacy-preserving interoperability solutions for enterprise-level blockchain applications
3. Reproducibility: GitHub implementation provided facilitates research reproduction and extension
4. Standardization Potential: May provide reference for cross-chain interoperability standard development

Applicable Scenarios

1. Enterprise Applications: Enterprises needing to connect internal permissioned chains with external public chains
2. Financial Services: Financial institutions requiring interaction with DeFi protocols while protecting privacy
3. Supply Chain Management: Cross-organizational supply chains requiring data sharing across different blockchain types
4. Healthcare: Medical institutions requiring data interoperability while protecting patient privacy

References

The paper cites 33 relevant references covering multiple domains including blockchain interoperability, privacy protection, and cryptography, providing solid theoretical foundation for the research.

Overall Assessment: This is a paper with significant contributions to the blockchain interoperability field, particularly in hybrid scenarios combining permissioned and permissionless chains. Despite certain limitations, the completeness of its technical solution and comprehensiveness of experimental evaluation make it a valuable contribution to the field.