Blockchains & Cryptocurrencies
|
|
- Evan Robinson
- 5 years ago
- Views:
Transcription
1 1 Blockchains & Cryptocurrencies A Technical Introduction Lorenz Breidenbach ETH Zürich Cornell Tech The Initiative for CryptoCurrencies & Contracts (IC3)
2 2 Cryptocurrency Mania Market cap as of yesterday: Bitcoin $137B Ethereum $35B Top 10 together: > $200B
3 Why blockchains? 3
4 4 Centralized Bank Owner Balance Alice $10.00 Bob $20.00 Charlie $5.00
5 5 Centralized Bank Send $5 to Bob Alice Alice Owner Balance Bob Alice $5.00 Bob $25.00 Charlie $5.00
6 6 Centralized Bank Alice User: Alice PW: Send mr_mittens $5 to Bob Send $5 Alice to Bob Owner Balance Password Alice $10.00 mr_mittens Bob $20.00 hunter2 Charlie $ Bob
7 7 Centralized Bank Alice User: Alice PW: Send mr_mittens $5 to Bob Send $5 Alice to Bob Owner Balance Password Alice $5.00 mr_mittens Bob $25.00 hunter2 Charlie $ Bob
8 8 Centralized Bank Alice Owner Balance Password Alice $5.00 mr_mittens Bob $25.00 hunter2 Charlie $ Bob
9 9 Centralized Bank Alice Owner Balance Password Alice $5.00 mr_mittens Bob $25.00 hunter2 Charlie $ Bob
10 10 Centralized Bank Alice Owner Balance Password Alice $0.00 mr_mittens Bob $25.00 hunter2 Charlie $ Bob Bank can fake transactions: I swear Alice told me to transfer $5 to Charlie.
11 11 Digital Signatures Suppose you had a perfect signet ring Public Key: Everyone knows what your seal looks like Secret Key: But it can only be produced by someone with your ring Signature: The seal pressed on paper
12 12 Secret Digital Signatures Public SK KeyGen PK
13 13 Secret Digital Signatures SK Sign (M, Sig) = M
14 14 Digital Signatures Public PK (M, Sig) Verify M was signed with SK or Bad signature
15 15 Secret Digital Signatures Public SK KeyGen PK Sign (M, Sig) Verify = M M was signed with SK or Bad signature
16 16 Digital Signatures Anybody can run KeyGen, Sign, Verify, so: Any entity X can generate unique key pair (SKX, PKX) X can sign any message M using secret key SKX Anyone can verify X s signature against public key PKX But PKX does not contain X s real-world identity
17 17 Digital Signatures Most cryptocurrencies: use ECDSA (Elliptic-Curve Digital Signature Algorithm) Curve secp256k1 SK is 256 bits PK (uncompressed) is 512 bits
18 18 Centralized Bank w/ Sigs Send $5 to Bob Alice Alice Owner Balance Bob PKAlice $10.00 PKBob $25.00 PKCharlie $5.00
19 19 Centralized Bank w/ Sigs Send $5 to Bob Alice Alice Owner Balance Bob PKAlice $5.00 PKBob $30.00 PKCharlie $5.00
20 20 Centralized Bank w/ Sigs Alice Owner Balance Bob PKAlice $5.00 PKBob $30.00 PKCharlie $5.00
21 21 Centralized Bank w/ Sigs Send $5 to Bob Alice Alice Owner Balance Bob PKAlice $0.00 PKBob $35.00 PKCharlie $5.00
22 22 Centralized Bank w/ Sigs Alice Owner Counter Balance PKAlice 0 $10.00 PKBob 0 $25.00 PKCharlie 0 $5.00 Bob
23 23 Centralized Bank w/ Sigs #1: Send $5 to Bob Alice Alice Owner Counter Balance PKAlice 0 $10.00 PKBob 0 $25.00 PKCharlie 0 $5.00 Bob
24 24 Centralized Bank w/ Sigs #1: Send $5 to Bob Alice Alice Owner Counter Balance PKAlice 1 $5.00 PKBob 0 $30.00 PKCharlie 0 $5.00 Bob
25 25 Centralized Bank w/ Sigs #1: Send $5 to Bob Alice Alice Owner Counter Balance PKAlice 1 $5.00 PKBob 0 $30.00 PKCharlie 0 $5.00 Bob
26 26 Centralized Bank w/ Sigs #1: Send $5 to Bob Alice Alice Owner Counter Balance PKAlice 1 $5.00 PKBob 0 $30.00 PKCharlie 0 $5.00 Bob
27 27 Centralized Bank w/ Sigs Alice Owner Counter Balance PKAlice 1 $5.00 PKBob 0 $30.00 PKCharlie 0 $5.00 Bob
28 28 Bank can still cheat Can fail to process a transaction Can go back and reorder or erase transactions Can show different subsets of transactions to different users We want an immutable record of all transactions
29 Blockchains! 29
30 30 Blockchain Aggregate transactions into blocks every 10 minutes Bank signs and publishes blocks #1: Send $10 to Bob Alice #7: Send $5 to Bob Charlie #4: Send $5 to Dora Bob
31 31 Blockchain Each block refers to its predecessor Send $10 to Bob Alice Send $5 to Bob Charlie Send $5 to Dora Bob
32 32 Blockchain Chain contains all transactions ever made Can trace entire history Height n n-1 Genesis Block 0
33 33 Blockchain How to link blocks? Height n n-1 0
34 34 Blockchain Include entire history in each new block? Height n n-1 0
35 35 Blockchain Include entire history in each new block? Impractical! Height n n-1 0
36 36 Blockchain How to link blocks? Use hash function! Height H( ) = n H( ) = n-1 H( ) = } constant length 0
37 Cryptographic Hash 37 Functions H : {0, 1}! {0, 1} k Preimage resistance: Hard to find x given H(x) Collision resistance: Hard to find x y such that H(x) = H(y) k typically between 160 and 256 Hard : Cryptographers have mathematical definition. For our purposes: Take all computing hardware in the world and run it for millions of years
38 38 Random Oracle Model H
39 39 Random Oracle Model H 0100
40 40 Random Oracle Model H
41 41 Random Oracle Model H
42 42 Random Oracle Model H
43 43 Random Oracle Model H
44 44 Random Oracle Model H
45 Cryptographic Hash 45 Functions H : {0, 1}! {0, 1} k Random Oracle Model: Just a model of our ideal functionality In practice: MD5, SHA1, SHA2, SHA3, RIPEMD, scrypt Bitcoin: SHA2 and RIPEMD Ethereum: SHA3
46 46 Blockchain Why is history tamperproof? Collision resistance: Hard to find x y such that H(x) = H(y) Height H( ) = n H( ) = n-1 H( ) = } 256 bits 0
47 47 Centralized Blockchain Alice Bob Compute Owner Counter Ba PKAlice 1 $
48 48 Centralized Blockchain Alice Bob
49 49 Centralized Blockchain #1: Send $5 to Bob Alice Alice Bob
50 50 Centralized Blockchain #1: Send $5 to Bob Alice Alice Bob Bank can censor transactions: I swear Alice never sent me any transactions. Bank can still cheat, it will just get caught
51 Real-world Examples 51
52 52 Real-world Examples
53 53 Real-world Examples
54 54 Real-world Examples
55 55 Real-world Examples
56 56 Decentralization We don t want to trust a single party We need to build a decentralized system Parties need to agree on ledger/state. Which transactions should be included? Distributed Consensus Permissioned (a.k.a. private/consortium) system vs Unpermissioned (a.k.a. public) system
57 Permissioned Blockchain 57
58 58 Permissioned Blockchain Please let me join?
59 59 Permissioned Blockchain Requirements: Banking license $10M yearly membership fee > $10B AUM
60 60 Byzantine Fault Tolerance Well studied problem from Distributed Systems As long as less than 1/3 of parties are malicious, honest parties can always come to agreement Practical algorithms exist: PBFT HoneyBadgerBFT Thousands of transactions per second, efficient,
61 61 Unpermissioned Blockchain Alice Charlie Bob Dora Participants don t know each other Anybody can join
62 62 Unpermissioned Blockchain Alice Charlie Bob Dora Participants don t know each other Anybody can join
63 63 Sybil Attack Alice Bob Charlie Dora
64 64 Sybil Attack Alice Charlie Dora Bob Dora2
65 65 Sybil Attack Alice Charlie Dora4 Dora Bob Dora3 Dora2
66 66 Sybil Attack Dora Dora Dora Dora Dora Dora Dora Dora Alice Charlie Dora Dora4 Dora Dora Dora Dora Bob Dora Dora Dora Dora Dora Dora Dora Dora3 Dora Dora Dora2 Dora
67 67 Unpermissioned Blockchain Anybody can create an arbitrary number of identities Byzantine fault tolerance won t work Solution: Nakamoto Consensus using Proof of Work
68 68 Proof of Work Alice Charlie Bob Dora
69 69 Proof of Work Alice Charlie Bob Dora
70 70 Proof of Work Who gets to propose next block? We cannot vote or use PBFT because of Sybil Attacks. Let s have a lottery!
71 71 Proof of Work Analogy Everyone repeatedly: Scratch off ticket If ticket is a winning ticket, get to send my block to everyone This process is called mining M a e in k c blo
72 72 Proof of Work X H(previous block) X can be freely chosen
73 73 Proof of Work H ( X ) = Y H(previous block) X can be freely chosen Y is number on scratch-off ticket Y is a winning number if it starts with 10 zeros Output of H uniformly random: 2-10 success probability
74 74 Proof of Work H ( X ) = Y H(previous block) Output of H uniformly random: 2-10 success probability Work: Need to try (in expectation) 2 10 different values of X Can verify that somebody did the work with a single computation of H
75 75 Proof of Work H ( X ) = Y H(previous block) What is motivation for doing work? Miner gets to propose new block Miner earns $$$
76 76 Proof of Work H (. Tip Miner 1$. Tip Miner.7$. Tip Miner.4$ X PKMiner ) = Y What is motivation for doing work? Miner gets to propose new block Miner earns $$$ H(previous block)
77 77 Proof of Work H (. Tip Miner 1$. Tip Miner.7$. Tip Miner.4$ X PKMiner ) = Y Mining is resistant to Sybil Attack: H(previous block) Computers & electricity cost real money! Economic rather than absolute protection: Attack is possible, but expensive
78 78 Proof of Work Alice Charlie Bob Dora
79 79 Proof of Work Alice Charlie Bob Dora PKDora
80 80 Proof of Work Alice Charlie Bob Dora PKDora
81 81 Proof of Work Alice Charlie Bob Dora PKDora
82 82 Proof of Work Owner Balance Counter PKDora $5 Owner Balance Counter PKDora $5 Alice Charlie Bob Owner Balance Counter PKDora $5 Dora PKDora
83 83 Proof of Work Owner Balance Counter PKDora $10 Owner Balance Counter PKDora $10 Alice Charlie Bob Owner Balance Counter PKDora $10 Dora PKDora
84 84 Forks PKAlice PKDora
85 85 Forks??? Bob PKAlice PKDora
86 86 Forks??? PKAlice PKDora Bob Choose longer fork If both forks have same length: Randomly choose one fork and work with that
87 87 Forks Bob Bob chooses Alice s fork PKAlice PKDora
88 88 Forks PKAlice PKDora Bob Bob chooses Alice s fork Others choose Dora s fork. Now Dora s fork grows faster Everyone switches to Dora s fork
89 89 Forks PKAlice PKDora Bob Bob chooses Alice s fork Others choose Dora s fork. Now Dora s fork grows faster Everyone switches to Dora s fork
90 90 Forks PKAlice PKDora Bob Transaction can be undone if it is in dead fork Need to wait for a few blocks to be sure that transaction was included
91 91 Nakamoto Consensus Assumption: At least 51% of the hash power (= work rate) is controlled by honest parties Honest chain grows fastest In practice: Need to adjust number of leading zeros required for winning ticket so that block interval doesn t change. Bitcoin as of yesterday: need 72 (!) leading zeros. In expectation, need to compute 4.7E21 hashes to find winner!
92 92 Censorship Resistance Assumption: At least 51% of the hash power (= work rate) is controlled by honest parties Honest chain grows fastest If Alice wants to censor Bob s transactions, she can. But Alice controls less than 51% of hash power. Other parties will mine Bob s transaction. Bob s transaction will be included after a few blocks with very high probability.
93 93 Proof of Waste? This averages out to a shocking 215 kilowatt-hours (KWh) of juice used by miners for each Bitcoin transaction (there are currently about 300,000 transactions per day). That means that, at a minimum, worldwide Bitcoin mining could power the daily needs of 821,940 average American homes. Source: One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week, motherboard.vice.com, Nov 1
94 94 Summary Malicious Centralized Bank can claim unauthorized transactions were authorized Use digital signatures Malicious Centralized Bank can mess with history Use blockchain Malicious Centralized Bank can censor users Build decentralized blockchain
95 95 Summary Permissioned blockchain is resistant to sybil attack Can use highly efficient BFT protocols Process tens of thousands of transactions every second Not fully decentralized
96 96 Summary Unpermissioned blockchain suffers from sybil attack Use Nakamoto Consensus with Proof of Work Deal with forks Mining is wasteful, throughput is low
97 97 (Future) Improvements Better privacy zk-snarks (Zcash) Ring Signatures (Monero) Better programmability Smart Contracts (Ethereum) Less wasted energy Proof-of-Stake (Coming soon to a blockchain near you?)
98 98 Recommended Reading Bitcoin: A Peer-to-Peer Electronic Cash System by Satoshi Nakamoto Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction by Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, and Steven Goldfeder
ENEE 457: E-Cash and Bitcoin
ENEE 457: E-Cash and Bitcoin Charalampos (Babis) Papamanthou cpap@umd.edu Money today Any problems? Cash is cumbersome and can be forged Credit card transactions require centralized online bank are not
More informationProblem: Equivocation!
Bitcoin: 10,000 foot view Bitcoin and the Blockchain New bitcoins are created every ~10 min, owned by miner (more on this later) Thereafter, just keep record of transfers e.g., Alice pays Bob 1 BTC COS
More informationBlockchain. CS 240: Computing Systems and Concurrency Lecture 20. Marco Canini
Blockchain CS 240: Computing Systems and Concurrency Lecture 20 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material. Bitcoin: 10,000 foot view New bitcoins
More informationComputer Security. 14. Blockchain & Bitcoin. Paul Krzyzanowski. Rutgers University. Spring 2019
Computer Security 14. Blockchain & Bitcoin Paul Krzyzanowski Rutgers University Spring 2019 April 15, 2019 CS 419 2019 Paul Krzyzanowski 1 Bitcoin & Blockchain Bitcoin cryptocurrency system Introduced
More informationBitcoin, Security for Cloud & Big Data
Bitcoin, Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 18, 2013 Bitcoin Public, distributed, peer-to-peer, hash-chained audit log of all transactions ( block chain ).
More informationHyperledger fabric: towards scalable blockchain for business
Marko Vukolić, IBM Research - Zurich Hyperledger fabric: towards scalable blockchain for business Trust in Digital Life The Hague, Netherlands, June 17 2016 Blockchain shared, replicated, ledger Consensus
More informationBitcoin and Blockchain
Bitcoin and Blockchain COS 418: Distributed Systems Lecture 18 Zhenyu Song [Credit: Selected content adapted from Michael Freedman. Slides refined by Chris Hodsdon and Theano Stavrinos] Why Bitcoin? All
More informationDistributed Ledger Technology & Fintech Applications. Hart Montgomery, NFIC 2017
Distributed Ledger Technology & Fintech Applications Hart Montgomery, NFIC 2017 Let s consider a common scenario: Banks want to trade some asset class Participants in the market want to be able to efficiently
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationSmalltalk 3/30/15. The Mathematics of Bitcoin Brian Heinold
Smalltalk 3/30/15 The Mathematics of Bitcoin Brian Heinold What is Bitcoin? Created by Satoshi Nakamoto in 2008 What is Bitcoin? Created by Satoshi Nakamoto in 2008 Digital currency (though not the first)
More informationLecture 3. Introduction to Cryptocurrencies
Lecture 3 Introduction to Cryptocurrencies Public Keys as Identities public key := an identity if you see sig such that verify(pk, msg, sig)=true, think of it as: pk says, [msg] to speak for pk, you must
More informationBlockFin A Fork-Tolerant, Leaderless Consensus Protocol April
BlockFin A Fork-Tolerant, Leaderless Consensus Protocol April 2018 @storecoin What are the most desirable features in a blockchain? Scalability (throughput) and decentralization (censorship resistance),
More informationCryptography and Cryptocurrencies. Intro to Cryptography and Cryptocurrencies
Intro to Cryptographic Hash Functions Hash Pointers and Data Structures Block Chains Merkle Trees Digital Signatures Public Keys and Identities Let s design us some Digital Cash! Intro to Cryptographic
More informationBitcoin, a decentralized and trustless protocol
Bitcoin, a decentralized and trustless protocol Thomas Sibut-Pinote Inria Saclay February 12, 2015 Thomas Sibut-Pinote Bitcoin, a decentralized and trustless protocol 1 / 42 Introduction Questions 1 Introduction
More informationBITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW
BITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW Rustie Lin Wang Move the area1 over the image a little inside and then right click, replace image to change the background. (and delete this box while
More informationA Lightweight Blockchain Consensus Protocol
A Lightweight Blockchain Consensus Protocol Keir Finlow-Bates keir@chainfrog.com Abstract A lightweight yet deterministic and objective consensus protocol would allow blockchain systems to be maintained
More informationThe power of Blockchain: Smart Contracts. Foteini Baldimtsi
The power of Blockchain: Smart Contracts Foteini Baldimtsi The Blockchain at the heart of a cryptocurrency Alice sends 2 John sends 1 Dave sends 5 to Bob to Eve to Alice Bob sends 1 Eve sends 4 to Dave
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University March 30 2017 Outline Digital currencies Advantages over paper cash
More informationREM: Resource Efficient Mining for Blockchains
REM: Resource Efficient Mining for Blockchains Fan Zhang, Ittay Eyal, Robert Escriva, Ari Juels, Robbert van Renesse Vancouver, Canada 13 September 2017 USENIX Security 2017 1 The Cryptocurrency Vision
More informationBitcoin. CS6450: Distributed Systems Lecture 20 Ryan Stutsman
Bitcoin CS6450: Distributed Systems Lecture 20 Ryan Stutsman Material taken/derived from Princeton COS-418 materials created by Michael Freedman and Kyle Jamieson at Princeton University. Licensed for
More informationDistributed Algorithms Bitcoin
Distributed Algorithms Bitcoin Alberto Montresor Università di Trento 2018/12/18 Acknowledgment: Joseph Bonneau, Ed Felten, Arvind Narayanan This work is licensed under a Creative Commons Attribution-ShareAlike
More informationSecurity Analysis of Bitcoin. Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula
Security Analysis of Bitcoin Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula Security Analysis of Bitcoin Introduction How Bitcoin works? Similar peer-to-peer systems Vulnerabilities and solutions
More informationICS 421 & ICS 690. Bitcoin & Blockchain. Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa
ICS 421 & ICS 690 Bitcoin & Blockchain Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa Accepted by: Overstock.com Expedia.com Newegg.com Tigerdirect.com
More informationCONSENSUS PROTOCOLS & BLOCKCHAINS. Techruption Lecture March 16 th, 2017 Maarten Everts (TNO & University of Twente)
CONSENSUS PROTOCOLS & BLOCKCHAINS Techruption Lecture March 16 th, 2017 Maarten Everts (TNO & University of Twente) 2 Consensus protocols & blockchain 3 Consensus protocols & blockchain 4 Consensus protocols
More informationChapter 13. Digital Cash. Information Security/System Security p. 570/626
Chapter 13 Digital Cash Information Security/System Security p. 570/626 Introduction While cash is used in illegal activities such as bribing money laundering tax evasion it also protects privacy: not
More informationSpaceMint Overcoming Bitcoin s waste of energy
Bitcoin Overcoming Bitcoin s waste of energy Georg Fuchsbauer joint work with S Park, A Kwon, K Pietrzak, J Alwen and P Gaži Digital currency Decentralized (no bank issuing coins) Pseudonymous Controled
More informationConsensus & Blockchain
Consensus & Blockchain S P Suresh Chennai Mathematical Institute Formal Methods Update Meeting IIT Mandi July 17, 2017 The Bitcoin revolution is upon us What is Bitcoin? Bitcoin: an exciting new currency
More informationAlgorand: Scaling Byzantine Agreements for Cryptocurrencies
Algorand: Scaling Byzantine Agreements for Cryptocurrencies Yossi Gilad, Rotem Hemo, Silvio Micali, Georgios Vlachos, Nickolai Zeldovich Presented by: Preet Patel and Umang Lathia Outline Overview of Distributed
More informationLet's build a blockchain!
I'm Haseeb. That's me. Let's build a blockchain! A mini-cryptocurrency in Ruby I'm Haseeb Qureshi. I'm a software engineer. I'm working at a blockchain company called 21.co. Unless something terrible has
More informationLecture 12. Algorand
Lecture 12 Algorand Proof-of-Stake Virtual Mining Proof of Stake Bitcoin uses proof of work to address sybil attacks and implement consensus Philosophy: Chance of winning in a block mining round proportional
More informationAs a 3rd generation currency, not only are transactions secured, private and fast, you actually get paid for holding DigitalPrice coins.
Introduction With the circulation of cryptocurrency becoming common, there is a need for additional information. The scope of this white paper is to provide that information. If you are under the impression
More informationIntroduction to Cryptoeconomics
Introduction to Cryptoeconomics What is cryptoeconomics? Cryptoeconomics is about... Building systems that have certain desired properties Use cryptography to prove properties about messages that happened
More informationCS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University
CS 4770: Cryptography CS 6750: Cryptography and Communication Security Alina Oprea Associate Professor, CCIS Northeastern University April 9 2018 Schedule HW 4 Due on Thu 04/12 Programming project 3 Due
More informationBitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January Keeping Current 1
Bitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January 2014 2014.01.22 Keeping Current 1 Questions What problem is Bitcoin solving? Where did it come from? How does the system work? What makes
More informationThe security and insecurity of blockchains and smart contracts
The security and insecurity of blockchains and smart contracts Jean-Pierre Flori, expert in cryptography, Agence Nationale de la Sécurité des Systèmes d Information (ANSSI) In J.P. Dardayrol, editor of
More informationBLOCKCHAIN The foundation behind Bitcoin
BLOCKCHAIN The foundation behind Bitcoin Sourav Sen Gupta Indian Statistical Institute, Kolkata CRYPTOGRAPHY Backbone of Blockchain Technology Component 1 : Cryptographic Hash Functions HASH FUNCTIONS
More informationCryptocurrency and Blockchain Research
Cryptocurrency and Blockchain Research CHANATHIP NAMPREMPRE, PH.D. 1 Agenda Recall bitcoin consensus protocol Components of bitcoin consensus protocol Variations on the same theme Beware of snake oil Solution:
More informationIntroduction to Bitcoin I
Introduction to Bitcoin I P Peterlongo 1 A Tomasi 1 1 University of Trento Department of Mathematics June 10, 2013 Outline 1 Fiat and online payments Functions of Online payments and cost of clearing 2
More informationAbout cryptocurrencies and blockchains part 1. Jyväskylä 17th of April 2018 Henri Heinonen
About cryptocurrencies and blockchains part 1 Jyväskylä 17th of April 2018 Henri Heinonen (henri.t.heinonen@jyu.fi) What is a blockchain? BitTorrent is a famous example of a peer-to-peer network (P2P)
More informationSOME OF THE PROBLEMS IN BLOCKCHAIN TODAY
BLOCKCHAIN EVOLVED THE PROBLEM SOME OF THE PROBLEMS IN BLOCKCHAIN TODAY An overall lack of governance is one of the most challenging facets of current blockchain ecosystems Controversy regarding scalability
More informationI. Introduction. II. Security, Coinage and Attacks
Abstract Proof of Stake's security has proven itself over years of testing. Advances in this technology in Blackcoin's Proof-of-Stake 3.0 have solved the issues faced with Coin-Age, Block Reward and Blockchain
More informationCCP: Conflicts Check Protocol for Bitcoin Block Security 1
CCP: Conflicts Check Protocol for Bitcoin Block Security Chen Yang Peking University, China yc900@pku.edu.cn Abstract In this work, we present our early stage results on a Conflicts Check Protocol (CCP)
More informationBlockchain, cryptography, and consensus
ITU Workshop on Security Aspects of Blockchain (Geneva, Switzerland, 21 March 2017) Blockchain, cryptography, and consensus Dr. Christian Cachin IBM Research - Zurich www.zurich.ibm.com/~cca/ Geneva, Switzerland,
More informationSecurity (and finale) Dan Ports, CSEP 552
Security (and finale) Dan Ports, CSEP 552 Today Security: what if parts of your distributed system are malicious? BFT: state machine replication Bitcoin: peer-to-peer currency Course wrap-up Security Too
More informationCS 251: Bitcoin and Crypto Currencies Fall 2015
CS 251: Bitcoin and Crypto Currencies Fall 2015 Final Exam The exam is open book and open notes. You have 2 hours. Please answer all five questions. All questions are weighted equally. You may use course
More informationHow Bitcoin achieves Decentralization. How Bitcoin achieves Decentralization
Centralization vs. Decentralization Distributed Consensus Consensus without Identity, using a Block Chain Incentives and Proof of Work Putting it all together Centralization vs. Decentralization Distributed
More informationhard to perform, easy to verify
Proof of Stake The Role of PoW Bitcoin, Ethereum and similar systems are open, permissionless networks Anyone can participate The system must agree on some canonical order of transactions Think of this
More informationWhat is Proof of Work?
What is Proof of Work? Educational Series September 18, 2018 Overview There are many protocols that regulate how nodes on a blockchain achieve consensus, and currently the most popular is proof-of-work.
More informationErgo platform. Dmitry Meshkov
Ergo platform Dmitry Meshkov Prehistory Motivation Theory Practice Provably secure 1000 currencies New features Ad-hoc solutions Impractical Security issues Motivation Theory Provably secure New features
More informationProof of Stake Made Simple with Casper
Proof of Stake Made Simple with Casper Olivier Moindrot ICME, Stanford University olivierm@stanford.edu Charles Bournhonesque ICME, Stanford University cbournho@stanford.edu Abstract We study the recent
More informationProof-of-Stake Protocol v3.0
Proof-of-Stake Protocol v3.0 Abstract Proof of Stake's security has proven itself reliable & effective over years of testing while at the same time solving Bitcoin s issues caused by the Proof of Work
More informationBlockchain: Past, Present and Future
Blockchain: Past, Present and Future P ROF. D R. IR. BART PRENEEL FIRST NAME.LASTNAME@ESAT. KU LEUVEN.BE IMEC-COSIC KU LEUVEN, B ELG I U M ETSI SECURITY WEEK THE VALUE OF DISTRIBUTED LEDGER TECHNOLOGY
More informationSCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains
SCP: A Computationally Scalable Byzantine Consensus Protocol for Blockchains Loi Luu, Viswesh Narayanan, Kunal Baweja, Chaodong Zheng, Seth Gilbert, Prateek Saxena National University of Singapore Bitcoin
More informationP2P BitCoin: Technical details
ELT-53206 Peer-to-Peer Networks P2P BitCoin: Technical details Mathieu Devos Tampere University of Technology Department of Electronics & Communications Engineering mathieu.devos@tut.fi TG406 2 Outline
More informationA Perspective on Bitcoin and Blockchain
A Perspective on Bitcoin and Blockchain BART PRENEEL IMEC-COSIC KU LEUVEN BART.PRENEEL(AT)ESAT.KULEUVEN.BE 6 JUNE 2017 1 Currencies = maintaining memory Envelope and contents from Susa, Iran, circa 3300
More informationInternational Journal of Computer Engineering and Applications, Volume XIII, Issue II, Feb. 19, ISSN
BLOCK-CHAIN: SURVEY ON PRIVACY, SECURITY AND CHALLENGES Monalisha Sinha ABSTRACT: Department of computer science & engineering Birla institute of technology Ranchi, India Blockchain has gained wide attention
More informationSecuring Distributed Computation via Trusted Quorums. Yan Michalevsky, Valeria Nikolaenko, Dan Boneh
Securing Distributed Computation via Trusted Quorums Yan Michalevsky, Valeria Nikolaenko, Dan Boneh Setting Distributed computation over data contributed by users Communication through a central party
More informationHyperledger Fabric v1:
Marko Vukolić, IBM Research - Zurich May 4, 2017 Hyperledger Fabric v1: Rethinking Permissioned Blockchains Blockchain: du Bitcoin au Smart Contract 4 Mai 2017 2017 IBM Corporation What is a Blockchain?
More informationECC: Peer-to-Peer Electronic Cash with Trustless Network Services
ECC: Peer-to-Peer Electronic Cash with Trustless Network Services Greg Griffith October 2017 (griffith@cryptounited.io) https://www.ecc.network ECC: Peer-to-Peer Electronic Cash with Trustless Network
More informationAn Introduction to Blockchain and Distributed Ledger Technology
An Introduction to Blockchain and Distributed Ledger Technology Ron van der Meyden UNSW School of Computer Science and Engineering The source of the buzz Bitcoin: A Peer-to-Peer Electronic Cash System,
More informationBrown University. Yana Hrytsenko. Final Project: Blockchain for PKI: Using Blockchain data structure for Public Key. Infrastructure.
Brown University Yana Hrytsenko Final Project: Blockchain for PKI: Using Blockchain data structure for Public Key Infrastructure May 2017 1 Blockchain for PKI Using Blockchain data structure for Public
More informationPrivacy based Public Key Infrastructure (PKI) using Smart Contract in Blockchain Technology
2 nd Advanced Workshop on Blockchain, IIT Bombay Privacy based Public Key Infrastructure (PKI) using Smart Contract in Blockchain Technology Sivakumar.P M.Tech (CSE), Sem-III, NIT Trichy Guide:- Dr Kunwar
More informationDarkcoin: Peer to Peer Crypto Currency with Anonymous Blockchain Transactions and an Improved Proof of Work System
Darkcoin: Peer to Peer Crypto Currency with Anonymous Blockchain Transactions and an Improved Proof of Work System Introduction Evan Duffield, Kyle Hagan (evan@darkcoin.io, kyle@darkcoin.io) 18 March 2014
More informationAnalyzing Bitcoin Security. Philippe Camacho
Analyzing Bitcoin Security Philippe Camacho philippe.camacho@dreamlab.net Universidad Católica, Santiago de Chile 15 of June 2016 Bitcoin matters Map Blockchain Design Known Attacks Security Models Double
More informationApplied cryptography
Applied cryptography Electronic Cash Andreas Hülsing 29 November 2016 1 / 61 Classical Cash - Life Cycle Mint produces money (coins / bank notes) Sent to bank User withdraws money (reduces account balance)
More informationAlternative Consensus Algorithms. Murat Osmanoglu
Alternative Consensus Algorithms Murat Osmanoglu Bitcoin Block i-1 Block i Block i+1 Hash i-2 Nonce i-1 Hash i-1 Nonce i Hash i Nonce i+1 tx tx tx tx tx tx tx tx tx tx tx tx Do you really need a Blockchain?
More informationWho wants to be a millionaire? A class in creating your own cryptocurrency
DEVNET-3626 Who wants to be a millionaire? A class in creating your own cryptocurrency Tom Davies, Sr. Manager, DevNet Sandbox Vallard Benincosa, Software Engineer Cisco Spark How Questions? Use Cisco
More informationBiomedical and Healthcare Applications for Blockchain. Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs
Biomedical and Healthcare Applications for Blockchain Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs Network Analysis Working Group 01.25.2018 Outline Introduction to bitcoin + blockchain
More informationCS 261 Notes: Algorand
CS 261 Notes: Algorand Scribe: Rachel Lawrence September 17, 2018 1 Introduction: Why Algorand? Algorand [6] is a cryptocurrency that works to reach consensus on transactions with a system based on Proof
More informationRadix - Public Node Incentives
Radix - Public Node Incentives Dan Hughes Piers Ridyard www.radix.global December 2017 Abstract In this paper we present a novel method for implementing a mechanism to reward work carried out across a
More informationCandidates Day Modeling the Energy Consumption of. Ryan Cole Liang Cheng. CSE Department Lehigh University
Candidates Day 2016 Modeling the Energy Consumption of Blockchain Consensus Algorithms Daniel Lopresti, Interim Dean P.C. Rossin College of Engineering and Applied Science July 30, April 15,2018 2016 Ryan
More informationSharding. Making blockchains scalable, decentralized and secure.
Sharding Making blockchains scalable, decentralized and secure. The Scalability Triangle Scalability Decentralization Semi-formally defining these properties Assume the total computational/bandwidth capacity
More informationBlockchain, Cryptocurrency, Smart Contracts and Initial Coin Offerings: A Technical Perspective
SESSION ID: LAB3-R09 Blockchain, Cryptocurrency, Smart Contracts and Initial Coin Offerings: A Technical Perspective Tom Plunkett Consulting Solutions Director Oracle Captain Brittany Snelgrove United
More informationThe Not-So-Short ZILLIQA Technical FAQ
The Not-So-Short ZILLIQA Technical FAQ [Version 0.1] The ZILLIQA Team & The ZILLIQA Community www.zilliqa.com enquiry@zilliqa.com @zilliqa December 28, 2017 Abstract This document is a compilation of questions
More informationEnhanced Immutability of Permissioned Blockchain Networks by Tethering Provenance with a Public Blockchain Network
Enhanced Immutability of Permissioned Blockchain Networks by Tethering Provenance with a Public Blockchain Network Abstract Azeem Ahmed (azeem.ahmed@consensys.net) Jim Zhang (jim.zhang@consensys.net) Permissioned
More informationUniversity of Duisburg-Essen Bismarckstr Duisburg Germany HOW BITCOIN WORKS. Matthäus Wander. June 29, 2011
University of Duisburg-Essen Bismarckstr. 90 47057 Duisburg Germany HOW BITCOIN WORKS June 29, 2011 Overview Electronic currency system Decentralized No trusted third party involved Unstructured peer-to-peer
More informationPOLARIS ADAPTIVE STATE SHARDING TECHNOLOGY, A SECURE SHARDING PROTOCOL FOR BLOCKCHAINS.
POLARIS ADAPTIVE STATE SHARDING TECHNOLOGY, A SECURE SHARDING PROTOCOL FOR BLOCKCHAINS. TABLE OF CONTENTS Contents Abstract 1 Introduction 2 Problem and challenges 3 Polaris degign 4 Securtiy analysis
More informationSecurity: Focus of Control
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationFormal Expression of BBc-1 Mechanism and Its Security Analysis
Formal Expression of BBc-1 Mechanism and Its Security Analysis Jun KURIHARA and Takeshi KUBO kurihara@ieee.org t-kubo@zettant.com October 31, 2017 1 Introduction Bitcoin and its core database/ledger technology
More informationEnsimag - 4MMSR Network Security Student Seminar. Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto
Ensimag - 4MMSR Network Security Student Seminar Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto wafa.mbarek@ensimag.fr halima.myesser@ensimag.fr 1 Table of contents: I- Introduction: Classic
More informationA Scalable Smart Contracts Platform
A Scalable Smart Contracts Platform! Shehar Bano! Postdoc, InfoSec group! University College London!! s.bano@ucl.ac.uk! @thatbano https://github.com/chainspace The Team Mustafa Al-Bassam! (UCL) Alberto
More informationAlternative Consensus
1 Alternative Consensus DEEP DIVE Alexandra Tran, Dev Ojha, Jeremiah Andrews, Steven Elleman, Ashvin Nihalani 2 TODAY S AGENDA GETTING STARTED 1 INTRO TO CONSENSUS AND BFT 2 NAKAMOTO CONSENSUS 3 BFT ALGORITHMS
More informationHybrid Consensus. Tai-Ning Liao, Xian-Ming Pan, Zhao-Heng Chiu, Imu Lin 1/65
Hybrid Consensus Tai-Ning Liao, Xian-Ming Pan, Zhao-Heng Chiu, Imu Lin Hybrid Consensus: Efficient Consensus in the Permissionless Model, 2017, Rafael Pass and Elaine Shi CornellTech, Cornell, Initiative
More informationDEV. Deviant Coin, Innovative Anonymity. A PoS/Masternode cr yptocurrency developed with POS proof of stake.
DEV Deviant Coin, Innovative Anonymity A PoS/Masternode cr yptocurrency developed with POS proof of stake. CONTENTS 03 Overview 06 Pre-mine phase 07 Privacy 08 Basic parameters 09 Proof-of-stake The benefits
More informationBitcoin/Namecoin/*coin: On Bitcoin like protocols and their relation to other IT-Security issues
: On Bitcoin like protocols and their relation to other IT-Security issues Aljosha Judmayer ajudmayer@sba-research.org 2014-11-07 SBA Research Area 1 (GRC): Governance, Risk and Compliance P1.1: Risk Management
More informationBlockchain (de)constructed
Blockchain (de)constructed Fritz Henglein Department of Computer Science, University of Copenhagen (DIKU) DIKU Business Club meeting on blockchain January 11th, 2016 Fritz Henglein Professor of programming
More informationWhat is Bitcoin? Consensus technology has the power to do for economics what the internet did for information - Dan Larimer
What is Bitcoin? Consensus technology has the power to do for economics what the internet did for information - Dan Larimer Ross Rydman 2014 For Academic Use Only The 30 second description Bitcoin is the
More informationFailure models. Byzantine Fault Tolerance. What can go wrong? Paxos is fail-stop tolerant. BFT model. BFT replication 5/25/18
Failure models Byzantine Fault Tolerance Fail-stop: nodes either execute the protocol correctly or just stop Byzantine failures: nodes can behave in any arbitrary way Send illegal messages, try to trick
More informationThe game If you listen very carefully during the first 4 cards (or use the cheat sheet) you will get an advantage on the last 5 cards
The blockchain game GAMEMASTER NOTES Time: 10 minutes The game: up to 9 info/question cards + a short test with 7 questions Reward: The game If you listen very carefully during the first 4 cards (or use
More informationKey concepts of blockchain
Advisory A brief history of blockchains 2008 The mysterious Satoshi Nakamoto publishes his Bitcoin white paper 2014 2017 Nov. 23 rd Ethereum crowd sale Number of crypto tokens: 1.172 BTC $8.216 The first
More informationBYZANTINE CONSENSUS THROUGH BITCOIN S PROOF- OF-WORK
Informatiemanagement: BYZANTINE CONSENSUS THROUGH BITCOIN S PROOF- OF-WORK The aim of this paper is to elucidate how Byzantine consensus is achieved through Bitcoin s novel proof-of-work system without
More informationCrypto tricks: Proof of work, Hash chaining
Crypto tricks: Proof of work, Hash chaining CS 161: Computer Security Prof. David Wagner April 13, 2016 A Tangent: How Can I Prove I Am Rich? Math Puzzle Proof of Work Problem. To prove to Bob I m not
More informationThe Blockchain. Josh Vorick
The Blockchain Josh Vorick Bitcoin is a currency. Blockchain is a technology. What is a blockchain? A decentralized database that anyone can add to and no one can delete from The Bitcoin blockchain Agenda
More informationSecurity, Privacy and Interoperability in Payment- Channel Networks
FAKULTÄT FÜR!NFORMATIK Faculty of Informatics & PRIVACY SECURITY GROUP Security, Privacy and Interoperability in Payment- Channel Networks Pedro Moreno-Sanchez (@pedrorechez) Joint work with Giulio Malavolta,
More informationTHE SWIRLDS HASHGRAPH CONSENSUS ALGORITHM: FAIR, FAST, BYZANTINE FAULT TOLERANCE
THE SWIRLDS HASHGRAPH CONSENSUS ALGORITHM: FAIR, FAST, BYZANTINE FAULT TOLERANCE LEEMON BAIRD BAIRD@SWIRLDS.COM MAY 31, 2016 SWIRLDS TECH REPORT SWIRLDS-TR-2016-01 Abstract. A new system, the Swirlds hashgraph
More informationOn the impact of propogation delay on mining rewards in Bitcoin. Xuan Wen 1. Abstract
On the impact of propogation delay on mining rewards in Bitcoin Xuan Wen 1 Abstract Bitcoin 2 is a decentralized digital currency that is rapidly gaining in popularity. The Bitcoin system relies on miners
More informationDAVID ANDREWS, FOUNDER RYATTA BLOCKCHAIN FOUNDATIONS
DAVID ANDREWS, FOUNDER RYATTA GROUP, CRYPTOGRAPHY IS THE STUDY OF TECHNIQUES FOR SECURE COMMUNICATION cryptography is defined as the practice and study of techniques for secure communication in the early
More informationBitcoin. Arni Par ov. December 17, 2013
Bitcoin Arni Par ov December 17, 2013 Abstract Bitcoin is a distributed, peer-to-peer cryptocurrency that functions without any central authority and in recent years has gained large popularity. This paper
More informationBLOCKCHAIN The foundation behind Bitcoin
BLOCKCHAIN The foundation behind Bitcoin Sourav Sen Gupta Indian Statistical Institute, Kolkata CRYPTOGRAPHY Backbone of Blockchain Technology Component 1 : Cryptographic Hash Functions HASH FUNCTIONS
More informationJan Møller Co-founder, CTO Chainalysis
Jan Møller Co-founder, CTO Chainalysis How Does Bitcoin Actually Work? This talk is not about the poli:cal or economical impact of Bitcoin. This talk is not about how to buy, sell, spend, or secure your
More information