Liquefaction: Privately Liquefying Blockchain Assets
James Austgen, Andrés Fábrega, Mahimna Kelkar, Dani Vilardell, Sarah Allen, Kushal Babel, Jay Yu, Ari Juels
TL;DR
This work addresses the fragility of the $SEAO$ assumption in blockchain ecosystems by introducing Liquefaction, a privacy-preserving, TEEs-backed wallet that encumbers private keys to enable multi-user control and private leasing of assets. It offers a formal access-control model with policies $\Gamma$ and updates $\beta$, plus a practical prototype deployed on Oasis Sapphire that enforces asset-time segmentation and policy delegation through a tree of sub-policies. The authors explore the broad implications for governance, loyalty programs, soulbound tokens, and privacy, including adversarial uses like Dark DAOs, as well as constructive applications such as privacy-preserving DAOs and dusting-attack mitigation, with complete-knowledge (CK) proofs proposed as a countermeasure. A fallback liveness mechanism and careful design choices aim to secure usability in real-world conditions, while CK provides a path to mitigate Liquefaction threats for select applications. Overall, the paper advocates rethinking asset ownership in crypto systems as TEEs and encumbrance-based tools become more prevalent, balancing new capabilities with robust defenses.
Abstract
Inherent in the world of cryptocurrency systems and their security models is the notion that private keys, and thus assets, are controlled by individuals or individual entities. We present Liquefaction, a wallet platform that demonstrates the dangerous fragility of this foundational assumption by systemically breaking it. Liquefaction uses trusted execution environments (TEEs) to encumber private keys, i.e., attach rich, multi-user policies to their use. In this way, it enables the cryptocurrency credentials and assets of a single end-user address to be freely rented, shared, or pooled. It accomplishes these things privately, with no direct on-chain traces. Liquefaction demonstrates the sweeping consequences of TEE-based key encumbrance for the cryptocurrency landscape. Liquefaction can undermine the security and economic models of many applications and resources, such as locked tokens, DAO voting, airdrops, loyalty points, soulbound tokens, and quadratic voting. It can do so with no on-chain and minimal off-chain visibility. Conversely, we also discuss beneficial applications of Liquefaction, such as privacy-preserving, cost-efficient DAOs and a countermeasure to dusting attacks. Importantly, we describe an existing TEE-based tool that applications can use as a countermeasure to Liquefaction. Our work prompts a wholesale rethinking of existing models and enforcement of key and asset ownership in the cryptocurrency ecosystem.