DEXO: A Secure and Fair Exchange Mechanism for Decentralized IoT Data Markets

TL;DR

DEXO addresses the challenge of securely exchanging IoT and mobile data in a decentralized market by combining a decentralized oracle network with hardware-backed attested execution and secret sharing. The approach achieves end-to-end data confidentiality, source verifiability, fault tolerance, and fair exchange through off-chain data delivery and on-chain settlement, with dispute mechanisms to enforce integrity. A proof-of-concept on Ethereum and ARM TrustZone demonstrates feasibility and significant improvements in on-chain gas costs and exchange efficiency compared to traditional DON-based solutions. The results suggest DEXO can enable scalable, trustworthy data marketplaces for sensitive mobile and IoT data while reducing trust assumptions and central points of failure.

Abstract

Opening up data produced by the Internet of Things (IoT) and mobile devices for public utilization can maximize their economic value. Challenges remain in the trustworthiness of the data sources and the security of the trading process, particularly when there is no trust between the data providers and consumers. In this paper, we propose DEXO, a decentralized data exchange mechanism that facilitates secure and fair data exchange between data consumers and distributed IoT/mobile data providers at scale, allowing the consumer to verify the data generation process and the providers to be compensated for providing authentic data, with correctness guarantees from the exchange platform. To realize this, DEXO extends the decentralized oracle network model that has been successful in the blockchain applications domain to incorporate novel hardware-cryptographic co-design that harmonizes trusted execution environment, secret sharing, and smart contract-assisted fair exchange. For the first time, DEXO ensures end-to-end data confidentiality, source verifiability, and fairness of the exchange process with strong resilience against participant collusion. We implemented a prototype of the DEXO system to demonstrate feasibility. The evaluation shows a moderate deployment cost and significantly improved blockchain operation efficiency compared to a popular data exchange mechanism.

Figures (5)

• Figure 1: DEXO System Architecture and Workflow
• Figure 2: Fair exchange process with merged query and shared key (as described in §\ref{['subsec:dexo-contract']} and §\ref{['subsec:optimization']}). A total of $F+1$ parallel exchange protocol sessions are required.
• Figure 3: Average Confirmation Times. Note: The suffix number represents the number of nodes used in the test. Those nodes call this function to the contract on the testnet at the same time
• Figure 4: Compare Gas Cost of DEXO with Chainlink. (a) Each user provides each share of a one-time 10B data to each Node. (b) Each user provides each share of a one-time 100B data to each Node.
• Figure 5: Time cost of data provider's TEE operation ($\mathcal{F}_{TA}$). Here '10B' refers to the size of the original data involved in the secret sharing process, which is 10 bytes. Similarly, '100B' indicates that the original data size is 100 bytes.

Theorems & Definitions (9)

• Definition 1: Ideal Functionality $\mathcal{F}_{sc}$
• Definition 2: Ideal Functionality $\mathcal{G}_{att}$
• Definition 3: Ideal Functionality $\mathcal{F}_{ss}$
• Definition 4: Ideal Functionality $\mathcal{F}_{com}$
• Theorem 1: Data Source Verifiability
• Theorem 2: End-to-end Confidentiality
• Theorem 3: Fault Tolerance of Data Delivery
• Theorem 4: Fair Exchange with Collusion Resistance
• Lemma 1: Integrity of Dispute Handling