Patrick McCorry

I am an Assistant Professor (Lecturer) at King's College London and at heart I am an Engineer with a focus on cryptocurrencies, decentralised systems and building cryptographic protocols.

My research and its implementation is funded by the Ethereum Foundation, Ethereum Community Fund and the Research Institute.

I have a single PhD Scholarship available for a UK/EU student, so please get in touch if interested.

I advise a startup called Indorse.io, maintain the popular Open Vote Network Project/StateChannels/LocalCrypto, I'm a member of IC3. I have conducted two security audits for RSK.

In the past, I was a post-doc at UCL with Sarah Meiklejohn, a post-doc at UIUC with Andrew Miller and completed my PhD at Newcastle University with Feng Hao and Siamak F. Shahandashti. My thesis is online.

A short list of links about me

• An interview with me at Genesis Moscow,
• I've participated in a panel session on Chinese Global Television Network (CGTN) talking about Bitcoin,
• A discussion transcript (in spanish) on Criptonoticias talking about my PhD experience.

Publications

• [Preprint] You sank my battleship! A case study to evaluate state channels as a scaling solution for cryptocurrencies Patrick McCorry, Chris Buckland, Surya Bakshi, Karl Wüst and Andrew Miller [Paper][Blog][Github]
• We propose Kitsune, a new state channel contract that combines features from existing constructions
• We explore the minimal modifications required to deploy an application as a state channel and propose an application template to aid others
• This experiment highlights the worst-case scenario of state channels and how it potentially renders applications like battleship as unreasonable to deploy within a state channel.

• [Preprint] Pisa: Arbitration Outsourcing for State Channels Patrick McCorry, Surya Bakshi, Iddo Bentov, Sarah Meiklejohn and Andrew Miller [Preprint][Video]
• Lets a customer hire an accountable third party to watch over a state channel on their behalf
• Provides cryptographic evidence to customer that third party was hired and seek financial recourse if the third party cheats (i.e. doesn't resolve a dispute in the state channel on customer's behalf).
• I have received $350k from The Ethereum Foundation and the Ethereum Community Fund towards further research and development of state channels.

• [SPW '18] Why Preventing a Cryptocurrency Heist Isn't Good Enough Patrick McCorry, Malte Moeser and Taha Ali [Not online]
• All exchanges deploy preventive security measures to prevent (or reduce impact) of a heist. So far, this hasn't proven good enough.
• We propose that exchanges need to pursue reactionary measures that allow them to respond to a heist - which can be self-enforced by the blockchain. (i.e. a "pending" transaction that can be cancelled)

• [BITCOIN '18] Smart Contracts for Bribing Miners Patrick McCorry, Alexander Hicks and Sarah Meiklejohn [Paper][Ethnews]
• Three contracts to facilitate censorship, double-spending and goldfinger attacks
• Briber and Bribee only trust the contracts; and not each other

• [Audit] Security Audit of RSKJ Ginger 0.2.0, Patrick McCorry, Andrew Miller [Audit Report]
• A security audit commissioned by Rootstock.

• [Preprint] Consensus in the Age of Blockchains, Shehar Bano, Alberto Sonnino, Mustafa Al-Bassam, Sarah Azouvi, Patrick McCorry, Sarah Meiklejohn, George Danezis [Paper]
• Work-in-progress SoK on blockchain consensus protocols.

• [Preprint] The Nuts and Bolts of Micropayments: a Survey, Syed Taha Ali, Dylan Clarke and Patrick McCorry. [Paper]
• Work-in-progress survey on the evolution of micropayment systems and protocols.

• [CCS'17] Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing, Changyu Dong, Yilei Wang, Amjad Aldweesh, Patrick McCorry and Aad van Moorsel accepted at ACM Conference on Computer and Communications Security 2017. [Paper]
• A game-theoretic analysis of defeating collusion between two clouds for verifiable cloud computing.
• Game is set up such that one of the colluding cloud should declare their treachery (i.e. traitor).

• [CBT'17] Atomically Trading with Roger: Gambling on the success of a hard fork, Patrick McCorry, Ethan Heilman and Andrew Miller, accepted at the 1st International Workshop on Cryptocurrencies and Blockchain Technology. [Paper] [Hacking Distributed] [Front Cover of Coindesk]
• An atomic trade protocol that allows two parties to swap coins in the event a blockchain splits into two forks.
• Paper is motivated by a public pledge between Loaded and Roger to swap 60,000 coins in the event that Bitcoin Unlimited splits the blockchain.
• Suitable for any hardfork in Bitcoin that includes replay protection (and if a hardfork oracle can be constructed in Ethereum)
• Presented at Breaking Bitcoin 2017 and Scaling Bitcoin 2017!

• [Preprint] Sprites: Payment Channels that Go Faster than Lightning, Andrew Miller, Iddo Bentov, Ranjit Kumaresan, Patrick McCorry, under review. [Paper] [GitHub] [Coindesk]
• A smart contract for Bidirectional Payment Channels without an expiry time.
• Benefits of Ethereum include continuous withdrawals and deposits.
• Introduces a PreimageManager that reduces the worst-case delay to constant time.

• [FC'17] A Smart Contract for Boardroom Voting with Maximum Voter Privacy, Patrick McCorry, Siamak F. Shahandashti, and Feng Hao, accepted at the 21st Financial Cryptography and Data Security conference, Sliema, Malta. [Paper] [GitHub]
• We study the feasibility of executing cryptography protocols over the Ethereum blockchain.
• We implement the Open Vote Network that is a self-tallying internet voting protocol as a smart contract in Solidity.
• Our smart contract won 3rd prize in the Economist Security Challenge and the code is publicly available. [Blog] [Economist] [Economist Report] [Coindesk]

• [ACISP'16] Towards Bitcoin Payment Networks, Patrick McCorry, Malte Möser, Siamak F. Shahandashti, and Feng Hao, invited paper for 21st Australasian Conference on Information Security and Privacy , Melbourne, Australia.[Paper] [Blog]
• We summarise a new field of research 'Bitcoin Payment Networks' and provide a comparison for Duplex Micropayment Channels and Lightning Channels.
• We discuss how to perform Hashed Time-Locked Contracts (HTLC) in both schemes, and the challenges that payment networks face.
• It is our hope that this paper will inspire others to consider further research in this area.

• [FC'16] Refund Attacks on Bitcoins Payment Protocol, Patrick McCorry, Siamak F. Shahandashti, and Feng Hao, accepted at the 20th Financial Cryptography and Data Security conference, Bridgetown, Barbados.[Paper] [Blog]
• In this paper, we present new attacks on the Payment Protocol, which affect all BIP70 merchants.
• The Silkroad Trader attack highlights an authentication vulnerability in the Payment Protocol while the Marketplace Trader attack exploits the refund policies of existing Payment Processors.
• Both attacks have been experimentally verified on real-life merchants using a modified Bitcoin wallet.
• They have also been acknowledged by both Coinbase and Bitpay with temporary mitigation measures put in place.

• [SSR'15] Authenticated Key Exchange over Bitcoin, Patrick McCorry, Siamak F. Shahandashti, Dylan Clarke, and Feng Hao, accepted by the 2nd Security Standardisation Research Conference in Tokyo, Japan. [Paper]
  • Allows two pseudonymous parties to establish a secure end-to-end communication channel using Bitcoin's public ledger.
  • This Bitcoin-based Authentication is necessary in the cryptocurrency world as PKI (Pubic key infrastructure) and PAKE (Password based Authenticated Key Exchange) is not good enough to authenticate two pseudnymous users.
  • Our technique exploits the random nonce found in ECDSA signatures.

• [SPW'15] Bitcoin: Perils of an Unregulated Global P2P Currency, Syed Taha Ali, Dylan Clarke, Patrick McCorry, accepted by the 23rd Security Protocols Workshop in Cambridge, England. [Paper]
  • Ideological and design choices that define Bitcoin’s strengths are also directly responsible for the Bitcoin-related crime that we encounter in the news so often today.

• [BITCOIN'15] ZombieCoin: Powering Next-Generation Botnets with Bitcoin, Syed Taha Ali, Patrick McCorry, Peter Hyun-Jeen Lee and Feng Hao, accepted by the 2nd FC Workshop on Bitcoin Research 2015 in San Jaun, Puerto Rico. [Paper] [Forbes]
  • We outline a design for next-generation Botners that leverage the Bitcoin network for a stealth and fast command & control center.
  • Our design is immune to traditional takedown methods (closing web accounts/chatrooms/domains, poisoning routing tables, etc) - we have not yet discovered a method to "take down" these future botnets.

• [DIS'14] PosterVote: expanding the action repertoire for local political activism, Vasilis Vlachokyriakos, Rob Comber, Karim Ladha, Nick Taylor, Paul Dunphy, Patrick McCorry, Patrick Olivier, accepted at Proceedings of DIS 2014. [Paper]
  • A low-cost deployable poster to encourage local political activism

Peer review activities

• Program Chair
  • Master Workshop: Off the Chain 2018
• Program Committee Member
  • Financial Cryptography 2019
  • Scaling Bitcoin 2018 @ Tokyo
  • 2nd Crypto Economics Security Conference 2018 @ Berkeley
  • 2nd International Workshop on Cryptocurrencies and Blockchain Technology @ ESORICS 2018.
  • 1st Workshop on Cryptocurrencies and Blockchains for Distributed Systems @ ACM MobiSys 2018 (Cryblock)
  • 2nd Security on Blockchains @ EuroS&P 2018
  • 1st HCI for Blockchain Workshop @ CHI 2018
  • 2nd Blockchains, Cryptocurrencies and Contracts Workshop @ AsiaCCS 2018
  • 5th Bitcoin Workshop @ Financial Cryptography 2018
  • 1st International Workshop on Cryptocurrencies and Blockchain Technology @ ESORICS 2017.
  • 4th Bitcoin Workshop @ Financial Cryptography 2017
• Requested Reviewer
  • 22nd Eurocrypt 2018
  • 22nd Financial Cryptography 2018
  • International Workshop on Digital Crime and Forensics 2016
  • 14th Theory of Cryptography Conference 2016
  • 21st European Symposium on Research in Computer Security (ESORICS) 2016
  • 20th Financial Cryptography 2016
  • 3rd Bitcoin Workshop @ Financial Cryptography 2016
  • 20th European Symposium on Research in Computer Security (ESORICS) 2015

Presentations

I have had the pleasure of presenting to the following audiences (slides and videos):

• 2018
  • UPCOMING: Bitcoin MIT Exp
  • UPCOMING: Ethcc.io community meet up
  • UPCOMING: Bitcoin Workshop @ Financial Cryptography 2018 (Smart Contracts for Bribing Miners)
  • BPASE @ Stanford University (Smart Contracts for Bribing Miners)
• 2017
  • Catalyst-inc 4IRC Blockchain
  • Guest lecture at Oxford University for Ali Kaafarani's class (Introduction to Cryptocurrencies)
  • Guest lecture at Newcastle University for Changyu Dong's class (Introduction to Cryptocurrencies)
  • Genesis Moscow (Open Vote Network)
  • Devcon3 (Open Vote Network and Applications of Cryptography)
  • Scaling Bitcoin (Atomic Trade - Ethan Heilman presented amazingly on my behalf)
  • Crypto-economics at University of Berkeley (Open Vote Network)
  • Breaking Bitcoin (Atomic Trade Protocols) [Video]
  • 1st International Workshop on Cryptocurrencies and Blockchain Technology 2017 @ ESORICS (Atomic Trade Protocols)
  • Stanford University Security Seminar (Open Vote Network)
  • Purdue University Security Seminar (Open Vote Network)
  • University of Illinois at Urbana Champaign Seminar (Bitcoin Payment Networks)
  • Financial Cryptography (Open Vote Network)
  • IC3 Winter Retreat (Open Vote Network)
• 2016
  • Guest lecture at Newcastle University 2016 for Feng Hao's class (Quirky world of cryptocurrencies: An Introduction)
  • Guest lecture at University of Illinois Urbana-Champaign 2016 for Andrew Miller's class (Open Vote Network)
  • Financial Cryptography 2016 (Refund Attacks)
  • Bitcoin Summer School (Corfu) 2016 (Towards Bitcoin Payment Networks)
  • Australasian Conference on Information Security and Privacy 2016 (Towards Bitcoin Payment Networks)
• 2015
  • North East Fraud Forum 2015 (Refund Attacks)
  • PhD Consortium @ European Symposium on Research in Computer Security (ESORICS) 2015
  • Cryptoforma @ University of Strathclyde 2015 (AKE)
  • Security Standardisation Research 2015 (AKE)
  • Cryptoforma @ Kent University 2015 (Zombiecoin)
  • Bitcoin Workshop @ Financial Cryptography 2015 (Zombiecoin)

Awards

Awards that I have been lucky to win:

• 3rd Prize in the Economist Cyber Security Challenge.
  • Design an e-voting system over the Blockchain [Economist],
• Short listed for Impact in Progress Award
  • Only PhD student short-listed across all departments at Newcastle University
• 1st Prize in the Creative Cyber Security Hackathon
  • Hosted by Newcastle University, Lancaster University, Raytheon and BIS (Department for Business and Innovation, UK) [Press]
• Best overall performance in Computer Science 2013
  • [Award] was sponsored by Watersons
• Scott Logic Excellence Award
  • Highest grade during the second year of the bachelor's degree
• Best Team for Team Project in Stage 2
  • Sponsored by IBM
• Excellence Scholarship
  • Over-achieved the entry requirements to study at Newcastle University

Before the (emotional roller coaster) PhD

In my past life, I graduated 1^st in my class with a BSc (Hons) Computer Science with Industrial Placement and during this course I had two jobs:

1. Intern Software Engineer for CICS (Customer Information Control Systems) and CPSM (CICSPlex System Management) at IBM,
2. Supervisor @ Subway for 5 years, working alongside Moffy.

Quoted in News

This is a short list of articles that have quoted me. This does not include articles about work (listed above) and is probably not up to date.

Yahoo Finance/Quartz, Nasdaq, Money Magazine, Bitcoin Magazine, WikiTribune, Catalyst-inc NI, Hype Codes, Coindesk, Fortune, Engadget, Tech Crunch, Cryptocurrency news, Forbes,Yahoo News, Edgy Labs, International Business Times, Coindesk, Jincor Blog, The Register, So Raven

Contact details

My Linkedin and Twitter.

I can be contracted at patrick.mccorry@kcl.ac.uk.

Thank you for visiting my page!