blockchain technology bitcoin and beyond · david v duccini, executive director, strength in...
Post on 15-Apr-2018
217 Views
Preview:
TRANSCRIPT
David V Duccini, Executive Director, Strength in Numbers Foundation
Blockchain Technology Bitcoin and Beyond
www.cybersecuritysummit.org #CSSMN2016
Overview/1
• What is a Blockchain • What is Bitcoin • Where did Bitcoin come from? • How does a Blockchain get built • How does a Blockchain get verified
www.cybersecuritysummit.org #CSSMN2016
Overview/2
• Weaknesses of Blockchain technology • Value • Current applications of Blockchain technology • Future applications of Blockchain technology • Q & A
www.cybersecuritysummit.org #CSSMN2016
Who am I? • Serialentrepreneursinceage16-firstcomputerwasanApple][+• Codingsince1980ineverymajorlanguage(andalotofminorones)• WroteaBBSfromscratch–forcedtolearnassemblylanguage;-)• MScSoLwareEngineering,UST&MBACarlsonSchoolofManagement
www.cybersecuritysummit.org #CSSMN2016
Some of my hobbies
www.cybersecuritysummit.org #CSSMN2016
Blockchain Defined
SimplydefinedaBlockchainisliSlemorethana:
• Distributed• Secure• Logfile
Adigitalcurrencywasinalotofwaysthefirstdemonstrableuse
www.cybersecuritysummit.org #CSSMN2016
What is Bitcoin ? • Aprotocolthatsupportsadecentralized,pseudo-anonymous,peer-
to-peerdigitalcurrency*
• ApubliclydisclosedlinkedledgeroftransacYonsstoredinablockchain
• Arewarddrivensystemforachievingconsensus(mining)basedon
“ProofsofWork”forhelpingtosecurethenetwork
• A“scarcetoken”economywithaneventualcapofabout21Mbitcoins
*IwouldargueitbehavesmorelikeasecuritylikeaStockorBondthanacurrency,acrypto-equity
www.cybersecuritysummit.org #CSSMN2016
Bitcoin Whitepaper – 2008.10.31*
*Halloween
www.cybersecuritysummit.org #CSSMN2016
Features of Bitcoin • EssenYallyit’s“deflaYonary”–therewardiscutinhalfeveryfouryears,and
tokenscanbeirrevocablydestroyed• NearlyinfinitelydivisiblecurrencyunitssupporYngeightdecimalplaces
0.00000001(knownasaSatoshiorNoncent*)• NominaltransacYonfee’spaidtothenetwork
– Samecosttosend$.01as$1,000,000• Consensusdriven–nocentralauthority• Counterfeitresilient
– Cannotaddcoinsarbitrarily– Cannotbedouble-spent
• Non-repudiaYon–aka“gonebabygone”–norecourseandnoonetoappealtoreturnsenttokens
hSp://www.urbandicYonary.com/define.php?term=Noncents
www.cybersecuritysummit.org #CSSMN2016
When did it start?
• “SatoshiNakamoto”createdthereferenceimplementaYonthatbeganwithaGenesisBlockof50coins
• 2008
– August18 Domainname"bitcoin.org"registered[1]. – October31 Bitcoindesignpaperpublished– November09BitcoinprojectregisteredatSourceForge.net
• 2009– January3 Genesisblockestablishedat18:15:05GMT– January9 Bitcoinv0.1releasedandannouncedonthe
cryptographymailinglist– January12 FirstBitcointransacYon,inblock170fromSatoshitoHalFinney
hSps://en.bitcoin.it/wiki/History
www.cybersecuritysummit.org #CSSMN2016
Why does it have value?
Theworthofathing
isthepriceitwillbring.
www.cybersecuritysummit.org #CSSMN2016
Why does it matter?
9.8BillionDollarMarketCap!
hSp://coinmarketcap.com
www.cybersecuritysummit.org #CSSMN2016
Decentralized
• The“digitalwallet”operatesinapeertopeermode• Whenitstartsitbootstrapstofindotherwallets
– OriginallyitusedtheInternetRelayChat(IRC)network– NowbasedonDNSand“seednodes”
• ThewalletwillsynchronizewiththenetworkbydownloadingALLofthetransacYonsstarYngfromtheGENESISblockifnecessary– 433,679blocksatYmeofslideprep– Justover90GB
• Usinga“gossipprotocol”thewalletssharealltransacYoninformaYonwiththeirpeers
• hSp://en.wikipedia.org/wiki/Gossip_protocol
www.cybersecuritysummit.org #CSSMN2016
Coins flow from Inputs to Outputs
Acoinownertransferscoinsbydigitallysigning(viaECDSA)ahashdigestoftheprevioustransacYonandthepublickeyofthenextowner.Thissignatureisthenappendedtotheendofthecoin.
www.cybersecuritysummit.org #CSSMN2016
Pseudo Anonymous
• Usingpublickeycryptography,specificallyEllipYcCurveCryptographyduetoitskeystrengthandshorterkeys
• TransacYonsaresenttopublickey“addresses”
1AjYPi8qryPCJu6xgdJuQzVnWFXLmxq9s31Give4dbry2pyJihnpqV6Urq2SGEhpz3K
www.cybersecuritysummit.org #CSSMN2016
Addresses are like Accounts • ThewalletlistensfortransacYonsaddressedtoanyof
itspublickeysandintheoryistheonlynodethatisabletodecryptandacceptthetransfer
• “Coins”are“sent”bybroadcasYngthetransacYonto
thenetworkwhichareverifiedtobeviableandthenaddedtoablock
• KeyscanrepresentaMULTI-SIGaddressthatrequiresaNofMprivatekeysinordertodecryptthemessage
www.cybersecuritysummit.org #CSSMN2016
The Public Ledger
• EveryviabletransacYonisstoredinapublicledger
• TransacYonsareplacedinblocks,whicharelinkedbySHA256hashes.
• hSps://blockchain.info
www.cybersecuritysummit.org #CSSMN2016
“What is Bitcoin” – Video
• hSp://weusecoins.com
www.cybersecuritysummit.org #CSSMN2016
Arriving at Consensus
• Althoughtheacceptedchaincanbeconsideredalist,theblockchainisbestrepresentedwithatree.
• Thelongestpathrepresentstheacceptedchain.• AparYcipantchoosingtoextendanexisYngpathintheblockchain
indicatesavotetowardsconsensusonthatpath.Thelongerthepath,themorecomputaYonwasexpendedbuildingit.
www.cybersecuritysummit.org #CSSMN2016
Consensus Process = Mining
• OriginallythedigitalwalletcouldalsoparYcipateintheconsensusprocessbyaSempYngtosecurethenetworkdirectly
• Thisprocessisknownas“mining”• MininginvolvesaSempYngtofindanumericalvalue,known
asa“nonce”thatwhencombinedwithallopentransacYonscanbe“hashed”intoavaluethatsaYsfiesacertain“difficulty”
• Custom,purposebuilt-hardwarehaslongsincereplacedthefuncYonsuchthatitsnolongerproducYveforsimpleCPUbasedsystemstocompeteintheminingprocess,andthusitwasremoved
www.cybersecuritysummit.org #CSSMN2016
Hashcash (Or How to Pay a Byzantine Generals Salary)
• Likemanygreatideastobecomerealized,ittakesaconfluenceofothergreatideas
• BasedontheideaofHashCash,aProofofWorkconceptinventedbyAdamBackin1997(hSp://www.hashcash.org/papers/hashcash.pdf)
• OriginallyproposedasananY-spamthroSlingmechanism• ThecoreideaisthatbeforeaccepYngatransacYon,thesendermustfirst
demonstratea“cost”viaacomputaYonally“hard”problemthatcansimultaneouslybeeasilyverified.
• Thisgenerallyreferredtoasa“ProofofWork”
www.cybersecuritysummit.org #CSSMN2016
The Role of Hashing
• AhashfuncAonisanyfuncAonthatcanbeusedtomapdigitaldataofarbitrarysizetodigitaldataoffixedsize,withslightdifferencesininputdataproducingverybigdifferencesinoutputdata.
• MD5,SHA1,SHA256• Forexample,theMD5hashesof‘abc’comparedto‘abC’
abc0bee89b07a248e27c83fc3d5951213c1
abC
2217c53a2f88ebadd9b3c1a79cde2638
“TheQuickBrownFoxJumpedOvertheLazyDog” 2dfd75162490ed3b4c893141f9ab37cf
www.cybersecuritysummit.org #CSSMN2016
Proof of “Work” ( or proof of waste :-)
• Apubliclyauditablecost-funcYoncanbeefficientlyverifiedbyanythirdpartywithoutaccesstoanytrapdoororsecretinformaYon.
• Afixedcostcost-funcYontakesafixedamountofresourcestocompute.ThefastestalgorithmtomintafixedcosttokenisadeterminisYcalgorithm.
• Aprobabilis2ccostcost-funcYonisonewherethecosttotheclientofminYngatokenhasapredictableexpectedYme,butarandomactualYmeastheclientcanmostefficientlycomputethecost-funcYonbystarYngatarandomstartvalue.SomeYmestheclientwillgetluckyandstartclosetothesoluYon.
www.cybersecuritysummit.org #CSSMN2016
The Hash Lottery
• Hashingisstraigh~orward,butnotchallenging• Unlessthegoalistosay,findmeahashvaluethatsaYsfiesacertainlevelof
“difficulty”• Forexample,let’ssaythechallengeisfindahash-valuethatbeginswitha
numberofzeros,foragiveninput• TheProofofWorkcomesfromfindinganumber(knownasaNONCE)that
whenaddedtotheinputchangestheoutputofthehashvaluetosaYsfythedifficulty.
• IntheBitcoinworldthisiswhat“mining”isandineffectisliSlemorethanalotofhash-powerspentonguessingwinningloSerynumbersthatsaYsfythedifficultyoftheprobleminordertoobtaintherewardfromthenetwork
www.cybersecuritysummit.org #CSSMN2016
The Payout
• ThenodethatfindsthebestsoluYontothechallengeisprovisionallygrantedareward
• OriginallyinBitcoinitwas50newcoins,todayit’s12.5• CompeYngsoluYonsareevaluatedbasedonwhichnodeoffersthe
highernumberoftransacYonsincludedinthecandidateblockaswellasthelevelofover-saYsfyingthedifficulty.
• Forexample,iftwonodesofferasoluYontothechallengeandbothhavethesamenumberoftransacYons,therewardwillgotothenodethatfoundaNONCEthatbeatthechallenge– E.G.Findahashthatbeginswith4zeros– Thenodethatsuppliesahashthathas5zerosbeatsthenodethatonly
findstheminimum
www.cybersecuritysummit.org #CSSMN2016
Transaction Confirmation • HavingatransacYonprovisionallyacceptedintoacandidateblocksignals
thatthenetworkhasverifiedthattheinputswereviable• EverynewblockacceptedintothechainaLerthetransacYonwasaccepted
isconsideredaconfirmaAon• CoinsarenotconsideredmatureunYltherehavebeen6confirmaYons
(basicallyanhourassuminga10minuteblockcadence)• NewCoinscreatedbytheminingprocessarenotvalidunYlabout120
confirmaYons• Thisistoassurethatanodewithmorethan51%ofthetotalhash-power
doesnotpullofffraudulenttransacYons
www.cybersecuritysummit.org #CSSMN2016
“What is Bitcoin Mining” – Video
• hSp://www.bitcoinmining.com
www.cybersecuritysummit.org #CSSMN2016
Why 51% Matters • “Whendoes1+1=3?”*
*Wheneveryonesaysitdoes!
• InthecaseofBitcoin“consensus”goestothechainwiththehighestnumberofblocks
• Notjustintheory,butinpracYceseverallargeminingpoolshavegenerated
sixblocksinarow
• TodatethenetworkhasvoluntarilyshiLeditsminingpoweraroundorfacedDistributedDenialofServiceaSacks
www.cybersecuritysummit.org #CSSMN2016
Purchase / Exchange Bitcoins InaddiYontominingbitcoins,theycanbeacquiredfromanexchange!
www.cybersecuritysummit.org #CSSMN2016
Who Accepts Bitcoins?
www.cybersecuritysummit.org #CSSMN2016
Merchants Accepting Bitcoin • Overstock.com• Newegg.com• MicrosoLXBOXNetwork• TelsaMotors• TimeInc(publisher)• VirginGalacYc• Wordpress• BitPayclaims44,000merchants!
• hSp://www.bitcoinvalues.net/who-accepts-bitcoins-payment-companies-stores-take-bitcoins.html
www.cybersecuritysummit.org #CSSMN2016
Other Uses of Blockchain Tek • Registeries• AuthoritaYveSystemsofRecord• DirectoryServices• TimestampingServices(“ProofofExistence”)
• Counter-partyExchanges
www.cybersecuritysummit.org #CSSMN2016
Registries
www.cybersecuritysummit.org #CSSMN2016
Namecoin ThefirstforkofBitcoinwithapurpose
• Securelyrecordandtransferarbitrarynames(keys).• ASachavalue(data)tothenames• (upto520bytes,moreinthefuture).• Transactnamecoins,thedigitalcurrency(NMC).
www.cybersecuritysummit.org #CSSMN2016
Namecoin as a fault-tolerant Domain Name System
CanactasadecentralizedDomainNameServicethatisresilienttocensorshiphSp://bit.namecoin.info
www.cybersecuritysummit.org #CSSMN2016
Alternates to Bitcoin aka Altcoins
• “GoodarYstscopy.GreatarYstssteal.”• ThefirstalternateblockchainasmenYonedwasNamecoin• EarlyaSemptsto“re-leveltheplayingfield”weremadebychangingthe
hashingfuncYonfromSHA256toSCRYPTorsetsofhashfuncYons(X11)• SCRYPTisa“memoryintensive”funcYonthatwasthoughttoberesistantto
customizedhardware(false)• ChangestotheblockemitYmetargetwerealsochangedfromBitcoins10
minutesto2.5minutestoincreasethevelocity• NewerALTSincorporateeverescalaYnghashfuncYons,chainedtogetherin
novelwaystoresistgivingpurposebuilthardwareanadvantageoverCPUbasedmining
www.cybersecuritysummit.org #CSSMN2016
A Babel of Altcoins • Nowwellover640“alternate”coinstoBitcoin(and67“assets),
comprising~2,300markets!• 99.999%ofthemaresimplybrands/clones• MostYnkerwith:
– thetotalcoinsupply– thehashingfuncYons(SHA256,SCRYPT,X11etal)– blockemitYmetargets– ProofofSomething(ProofofWork,ProofofStake)
• NotableAlts:Ripple,Litecoin,Dogecoin• TotalMarketCap:$12B(Bitcoinis9.8Bofthat)• hSp://coinmarketcap.com
www.cybersecuritysummit.org #CSSMN2016
It’s Better 2GIVE! • hSps://2Give.Info
www.cybersecuritysummit.org #CSSMN2016
Bitcoin 1.5 COUNTERPARTY.ORGCounterpartyworksbystoringextradatainregularBitcointransacYons,whichmakeseveryCounterpartytransacYonaBitcointransacYon,albeitaverysmallone.MASTERCOIN.ORG
• TheMasterProtocolfacilitatesthecreaYonandtradingofsmartproperYesandusercurrenciesaswellasothertypesofsmartcontracts.
• Mastercoinsserveasthebindingbetweenbitcoins(BTC),smartproperYesandsmartcontractscreatedontopoftheMastercoinProtocol.
NXT.ORGAssetcreaYonandexchangeonitsownblockchain
www.cybersecuritysummit.org #CSSMN2016
Bitcoin 2.0
• SmartContracts– Escrow-freeexchange– Insurance
• VoYng• DistributedAutonomousOrganizaYons• IdenYty&ReputaYonSystems
– hSp://bit.ly/idcoins
• NotableImplementaYons
www.cybersecuritysummit.org #CSSMN2016
Ethereum.org Turing complete contracts on a blockchain. • ContractsarethemainbuildingblocksofEthereum.• Acontractisacomputerprogramthatlivesinsidethedistributed
Ethereumnetworkandhasitsownetherbalance,memoryandcode.
• EveryYmeyousendatransacYontoacontract,itexecutesitscode,whichcanstoredata,sendtransacYonsandinteractwithothercontracts.
• Contractsaremaintainedbythenetwork,withoutanycentralownershiporcontrol.
• ContractsarewriSeninlanguagesinstantlyfamiliartoanyprogrammerandpoweredbyEther,Ethereum'scryptofuel.
www.cybersecuritysummit.org #CSSMN2016
Bad Uses for Good Technology “Guns Don’t Kill People. People Kill People” • Bitcoinhashaditsfairshareof“badpress”• SilkRoad
– Anonlineanonymousmarketplacefor“censorship-free”commerce
• BiYnstant– CharlieShrempleadguiltytoaidingmoneylaundering
• MT-GOX– aka“MagicTheGatheringOnlineeXchange”– 700,000coins“missing”
• Bitstamp
www.cybersecuritysummit.org #CSSMN2016
Resources
• Bitcoin:APeer-to-PeerElectronicCashSystemhSps://bitcoin.org/bitcoin.pdf
• hSp://coinmarketcap.com• Hashcash.org• IDCoins:AWebofTrustBlockchainforIdenYtyandReputaYon,
DavidVDuccini,hSp://bit.ly/idcoins• “MasteringBitcoin”,AndreasM.Antonopoulos,O’ReillyMedia• hSp://www.bitcoinsecurity.org/2012/07/22/what-is-bitcoin/• hSps://www.weusecoins.com
www.cybersecuritysummit.org #CSSMN2016
Q&A
?
www.cybersecuritysummit.org #CSSMN2016
Contact Info
• TwiSer: @TheLiSleDuke• Skype: The_LiSle_Duke• LinkedIN: hSp://linkedin.com/in/dvduccini
top related