{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,27]],"date-time":"2026-05-27T14:36:45Z","timestamp":1779892605215,"version":"3.53.1"},"reference-count":29,"publisher":"Frontiers Media SA","license":[{"start":{"date-parts":[[2025,12,18]],"date-time":"2025-12-18T00:00:00Z","timestamp":1766016000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["frontiersin.org"],"crossmark-restriction":true},"short-container-title":["Front. Blockchain"],"abstract":"<jats:p>The rapid growth of IoT devices in smart home environments has introduced significant challenges in ensuring secure, scalable, and efficient communication among heterogeneous devices. Centralized architectures suffer from a single point of failure, while blockchain-only solutions face high latency, limiting their use in real-time control. To address these issues, we propose a multi-layered decentralized framework that combines a consortium blockchain, a trusted off-chain coordinator, group-based zero-knowledge proofs (ZKPs), and a two-tiered access control policy (ACP) architecture. The consortium blockchain provides an immutable ledger for device identities and foundational, coarse-grained ACP enforcement through smart contracts, ensuring tamper-proof trust. For privacy-preserving mutual authentication, a group-based ZKP protocol enables collective device authorization without revealing sensitive keys. The off-chain coordinator complements this by enforcing dynamic security mechanisms, including fine-grained ACPv2 checks\u2014such as rate limits, time-of-day restrictions, and device telemetry\u2014in addition to anomaly detection for behavioral risk assessment. This proposed hybrid structure achieves both immutability and high efficiency over traditional methods. A performance evaluation highlighted the framework\u2019s efficiency by demonstrating that the core ZKP verification for a 500-device group can be completed in just 190\u00a0ms. The framework drastically reduces on-chain costs, with critical access control policy transactions consuming only 82,748 gas\u2014a reduction of over 90% compared to benchmarked on-chain systems. The complete end-to-end workflow, from user request to secure session establishment, has a latency bound of approximately 3s. Formal security verification with the BAN and AVISPA tools validates resilience against common attacks, including man-in-the-middle, replay, and impersonation, while static analysis using the Slither framework confirms the absence of critical vulnerabilities in the smart contract code. By combining an immutable on-chain foundation with intelligent, dynamic off-chain enforcement, our proposed framework provides a uniquely resilient, scalable, and adaptive security solution for modern smart home systems.<\/jats:p>","DOI":"10.3389\/fbloc.2025.1707911","type":"journal-article","created":{"date-parts":[[2025,12,18]],"date-time":"2025-12-18T06:41:31Z","timestamp":1766040091000},"update-policy":"https:\/\/doi.org\/10.3389\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["A hybrid blockchain and smart contract framework for resilient IoT security in smart homes"],"prefix":"10.3389","volume":"8","author":[{"given":"Shiva","family":"Soni","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Abhilasha","family":"Singh","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1965","published-online":{"date-parts":[[2025,12,18]]},"reference":[{"key":"B1","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/PRISMS.2014.6970594","article-title":"Security and privacy in the internet of things: current status and open issues","volume-title":"2014 international conference on privacy and security in mobile systems (PRISMS)","author":"Abomhara","year":"2014"},{"key":"B2","doi-asserted-by":"publisher","first-page":"3618","DOI":"10.3390\/electronics12173618","article-title":"A new blockchain-based authentication framework for secure IoT networks","volume":"12","author":"Al Hwaitat","year":"2023","journal-title":"Electronics"},{"key":"B3","doi-asserted-by":"publisher","first-page":"910","DOI":"10.3390\/electronics1204091010.48550\/ar","article-title":"A novel hybrid approach using blockchain and machine learning for secure and efficient IoT-Based smart home systems","volume":"12","author":"Ali","year":"2023","journal-title":"Electronics"},{"key":"B4","doi-asserted-by":"publisher","first-page":"14146","DOI":"10.1109\/ACCESS.2024.3352502","article-title":"A decentralized approach to smart home security: blockchain with red-tailed hawk-enabled deep learning","volume":"12","author":"Alruwaili","year":"2024","journal-title":"IEEE Access"},{"key":"B5","doi-asserted-by":"publisher","first-page":"7268","DOI":"10.3390\/s23167268","article-title":"Fortifying smart home security: a robust and efficient user-authentication scheme to counter node capture attacks","volume":"23","author":"Asghar","year":"2023","journal-title":"Sensors"},{"key":"B6","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1080\/24751839.2023.2281143","article-title":"Lightweight authentication scheme based on elliptic curve el gamal","volume":"8","author":"Baccouri","year":"2024","journal-title":"J. Inf. Telecommun."},{"key":"B7","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/IRASET64571.2025.11008265","article-title":"Managing access control for AI APIs via blockchain smart contracts","volume-title":"2025 5th international conference on innovative research in Applied Science, engineering and Technology (IRASET)","author":"Batal","year":"2025"},{"key":"B8","doi-asserted-by":"crossref","first-page":"618","DOI":"10.1109\/PERCOMW.2017.7917634","article-title":"Blockchain for IoT security and privacy: the case study of a smart home","volume-title":"2017 IEEE international conference on pervasive computing and communications workshops (PerCom workshops)","author":"Dorri","year":"2017"},{"key":"B9","doi-asserted-by":"publisher","first-page":"4522","DOI":"10.3390\/s22124522","article-title":"Blockchain-based smart home networks security empowered with fused machine learning","volume":"22","author":"Farooq","year":"2022","journal-title":"Sensors"},{"key":"B10","doi-asserted-by":"crossref","first-page":"8","DOI":"10.1109\/WETSEB.2019.00008","article-title":"Slither: a static analysis framework for smart contracts","volume-title":"2019 IEEE\/ACM 2nd international workshop on emerging trends in software engineering for blockchain (WETSEB)","author":"Feist","year":"2019"},{"key":"B11","doi-asserted-by":"crossref","first-page":"346","DOI":"10.1109\/KST65016.2025.11003315","article-title":"AC-Devchain: an efficient context-aware access control in devsecops using blockchain","volume-title":"2025 17th international conference on knowledge and smart technology (KST)","author":"Fugkeaw","year":"2025"},{"key":"B12","doi-asserted-by":"publisher","first-page":"240","DOI":"10.3390\/computers12110240","article-title":"Smart contract-based access control framework for internet of things devices","volume":"12","author":"Hasan","year":"2023","journal-title":"Computers"},{"key":"B13","article-title":"A survey on the applications of zero-knowledge proofs","author":"Lavin","year":"2024","journal-title":"arXiv Prepr. arXiv:2408.00243"},{"key":"B14","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1007\/s10796-014-9492-7","article-title":"The internet of things: a survey","volume":"17","author":"Li","year":"2015","journal-title":"Inf. Syst. Front."},{"key":"B15","doi-asserted-by":"publisher","first-page":"818","DOI":"10.1109\/JIOT.2019.2944400","article-title":"HomeChain: a blockchain-based secure mutual authentication system for smart homes","volume":"7","author":"Lin","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"B16","first-page":"1","article-title":"NCZKP based privacy-preserving authentication scheme for the untrusted gateway node smart home environment","volume-title":"2020 IEEE symposium on computers and communications (ISCC)","author":"Liu","year":"2020"},{"key":"B17","doi-asserted-by":"publisher","first-page":"43","DOI":"10.52783\/jes.2356","article-title":"A blockchain empowered smart home access scheme based on zero-trust Architecture","volume":"20","author":"Liu","year":"2024","journal-title":"J. Electr. Syst."},{"key":"B18","doi-asserted-by":"publisher","first-page":"6132","DOI":"10.3390\/s23136132","article-title":"Blockchain and machine learning inspired secure smart home communication network","volume":"23","author":"Menon","year":"2023","journal-title":"Sensors"},{"key":"B19","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1016\/j.procs.2016.06.038","article-title":"Mutual entity authentication protocol based on ECDSA for WSN","volume":"89","author":"Moon","year":"2016","journal-title":"Procedia Comput. Sci."},{"key":"B20","article-title":"Scalable role-based access control using the eos blockchain","author":"Rahman","year":"2020"},{"key":"B21","doi-asserted-by":"publisher","first-page":"867","DOI":"10.1109\/TITS.2019.2899321","article-title":"Adaptive group-based zero knowledge proof-authentication protocol in vehicular ad hoc networks","volume":"21","author":"Rasheed","year":"2019","journal-title":"IEEE Trans. Intelligent Transp. Syst."},{"key":"B22","doi-asserted-by":"publisher","first-page":"1246","DOI":"10.1016\/j.dcan.2024.12.007","article-title":"Lightweight Consensus mechanisms in the internet of blockchained things: thorough analysis and research directions","volume":"11","author":"Sahraoui","year":"2025","journal-title":"Digital Commun. Netw."},{"key":"B23","first-page":"0323","article-title":"Blockchain-based scheme for authentication and capability-based access control in IoT environment","volume-title":"2020 11th IEEE annual ubiquitous computing, electronics and Mobile communication conference (UEMCON)","author":"Sivaselvan","year":"2020"},{"key":"B24","doi-asserted-by":"crossref","first-page":"67","DOI":"10.1109\/WF-IoT.2014.6803122","article-title":"A decentralized approach for security and privacy challenges in the internet of things","volume-title":"2014 IEEE world forum on internet of Things (WF-IoT)","author":"Skarmeta","year":"2014"},{"key":"B25","doi-asserted-by":"crossref","first-page":"1331","DOI":"10.1109\/ICDT63985.2025.10986551","article-title":"Analyzing blockchain technology for enhancing security in smart home systems: current developments and future directions","volume-title":"2025 3rd international conference on disruptive technologies (ICDT)","author":"Soni","year":"2025"},{"key":"B26","doi-asserted-by":"publisher","first-page":"3735","DOI":"10.3390\/electronics13183735","article-title":"A secure and efficient authentication scheme for large-scale IoT devices based on zero-knowledge proof","volume":"13","author":"Su","year":"2024","journal-title":"Electronics"},{"key":"B27","doi-asserted-by":"publisher","first-page":"488","DOI":"10.3390\/app10020488","article-title":"Data sharing system integrating access control mechanism using blockchain-based smart contracts for IoT devices","volume":"10","author":"Sultana","year":"2020","journal-title":"Appl. Sci."},{"key":"B28","volume-title":"Zero knowledge proofs: a comprehensive review of applications, protocols, and future directions in cybersecurity","author":"Wishwasara","year":"2023"},{"key":"B29","doi-asserted-by":"publisher","first-page":"10556","DOI":"10.3390\/su131910556","article-title":"An attribute-based access control for IoT using blockchain and smart contracts","volume":"13","author":"Zaidi","year":"2021","journal-title":"Sustainability"}],"container-title":["Frontiers in Blockchain"],"original-title":[],"link":[{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/fbloc.2025.1707911\/full","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,18]],"date-time":"2025-12-18T06:41:35Z","timestamp":1766040095000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.frontiersin.org\/articles\/10.3389\/fbloc.2025.1707911\/full"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,18]]},"references-count":29,"alternative-id":["10.3389\/fbloc.2025.1707911"],"URL":"https:\/\/doi.org\/10.3389\/fbloc.2025.1707911","relation":{},"ISSN":["2624-7852"],"issn-type":[{"value":"2624-7852","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,18]]},"article-number":"1707911"}}