Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts

Ahmed Kosba, Andrew Miller, Elaine Shi, Zikai Wen, Charalampos Papamanthou

Research output: Contribution to conferencePaperpeer-review


Emerging smart contract systems over decentralized cryptocurrencies allow mutually distrustful parties to transact safely without trusted third parties. In the event of contractual breaches or aborts, the decentralized blockchain ensures that honest parties obtain commensurate compensation. Existing systems, however, lack transactional privacy. All transactions, including flow of money between pseudonyms and amount transacted, are exposed on the blockchain. We present Hawk, a decentralized smart contract system that does not store financial transactions in the clear on the blockchain, thus retaining transactional privacy from the public's view. A Hawk programmer can write a private smart contract in an intuitive manner without having to implement cryptography, and our compiler automatically generates an efficient cryptographic protocol where contractual parties interact with the blockchain, using cryptographic primitives such as zero-knowledge proofs. To formally define and reason about the security of our protocols, we are the first to formalize the blockchain model of cryptography. The formal modeling is of independent interest. We advocate the community to adopt such a formal model when designing applications atop decentralized blockchains.
Original languageEnglish (US)
Number of pages20
StatePublished - Aug 16 2016
Event2016 IEEE Symposium on Security and Privacy (SP) - San Jose, CA
Duration: May 22 2016May 26 2016


Conference2016 IEEE Symposium on Security and Privacy (SP)


  • contracts
  • cryptography
  • privacy
  • cryptographic protocols
  • online banking

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts'. Together they form a unique fingerprint.

Cite this