smart contracts
TRANSCRIPT
When machines take decisions on their own:
Introduction to
Smart Contracts
Dreamlab 28 of August 2015
Bern, Switzerland
2
“As another example, consider a hypothetical
digital security system for automobiles. The smart
contract design strategy suggests that we
successively refine security protocols to more fully
embed in a property the contractual terms which
deal with it. These protocols would give control of
the cryptographic keys for operating the
property to the person who rightfully owns that
property, based on the terms of the contract. In
the most straightforward implementation, the car
can be rendered inoperable unless the proper
challenge-response protocol is completed with
its rightful owner, preventing theft.”
Nick Szabo
3
A smart contract is a program which execution is autonomous and
totally transparent.
In particular this execution cannot be reverted and its trace is public
and immutable.
A smart contract can send, receive and store money. It can also
interact with other smart contracts or any computational systems
connected to the internet.
4
«Traditional» contract
Contract
Execution
Audit (Control)
Definition
Interaction between human and objects.
Possible application of punishments
Definitions can be interpreted (trial)
Paper
(semi-) manual
data recollection
5
Smart contract
Contract
Execution
Audit (Control)
Definition
Program execution
(Only one interpretation)
Not reversible, autonomous
Software
program Real time
Immutable
6
Agenda
• Bitcoin
• Change of paradigm
• Bitcoin is more than money
• Smart contracts
• Examples
• Ethereum
Objective:
understading the
principles behind this
technology
Objective:
Have a feeling of the
impact and challenges
related to this
technology
7
From 1 USD to 1000 USD in 3 years
8
http://dealbook.nytimes.com/2014/01/21/why-bitcoin-matters/
Netscape
cofounder
Investor
9
The first five times you think you
understand it, you don’t.
http://dankaminsky.com/2011/08/05/bo2k11/
10
11
12
Solución #0
Is it possible to
create a
decentralized digital
currency?
Centralized systems
have limitations…
13
14
Arreglo #1
Banks Trust in institutions
Bitcoin Trust in source code
(open source) +
mathematical laws
V/S
= +
15
¿But who did invent Bitcoin?
No one knows...
Anyways trust should
not depend on this.
http://www.newsweek.com/2014/03/14/face-behind-bitcoin-247957.html
16
Solution #1
1 BTC
2 BTC 1 BTC
17
I can spend my bitcoins
several times
(double spending).
18
19
Fix #2
The Bitcoin network shares a database
of all the transactions
20
Audit
Not only the banking industry is
going to be impacted by Bitcoin,
but also the audit industry
21
Solution #2
Origin Destination Amount
Homer Lisa 1 BTC
Homer Bart 2 BTC
Lisa Bart 1 BTC
… … …
The Bitcoin network
checks that an
account has enough
funds before
accepting a
transaction.
22
Every transaction needs to be public.
Nobody will want to use such a system that
reveals all this information!
23
24
Fix #3
The user identifier is replaced by a random number
Bitcoin address: 31uEbMgunupShBVTewXjtqbBv5MndwfXhb
25
Solution #3
Origin Destination Amount
HhY67j81 Jh89HF8m 1 BTC
HhY67J81 LaU4V6uU 2 BTC
Jh89HF8m LaU4V6uU 1 BTC
… … …
Note: every user can
create multiple
accounts / addresses
26
Bitcoin y Anonymity
• Bitcoin is not totally
anonymous by default
• Some attempts to improve anonymity
zerocash-project.org Blockchain.info
Dilemma: privacy
v/s crime
27
Every account is public so I can spend
money from any of them
(I can spend other people’s
bitcoins).
28
29
Fix #4: Digital Signatures
32
Solution #4
Origin Destination Amount Signature
HhY67j81 Jh89HF8m 1 BTC Djsh767
HhY67J81 LaU4V6uU 2 BTC 8988dd
Jh89HF8m LaU4V6uU 1 BTC djDhd7n
… … …
Bitcoin addresses are
computed from the public
key
Message
33
What does it mean when I say
“I own 30 BTC”?
You know the private key related to a
public key (≈bitcoin address)
and its balance is 30 BTC.
You are the only person to know this
private key.
1
2
Implicit contract
You know the key => you are the owner
(Being owner = having the hability to
transfer)
34
¿Future of banking?
YCombinator
70+ millionsde USD
39 000 businesses
served
40 millions USD
Wences Casares
Debit card that can be
paid in BTC
35
Pagar con bitcoin
Paying with bitcoin is very easy
but cannot be reverted
My bitcoin address:
1Ask9dvcJHEyjiVm5L9vjxYTU3i8Q1Q1zV
36
I still can do evil things....
What about publishing a
fake history of transactions?
37
38
Fix #5:
Cryptograhic Hash Functions
H
01110001110001110
10001010100010010
00110101010010110
01100111100011100
10000101000101110
1101101011010010
Big size input
Fixed size output
(e.g.: 256 bits)
39
Solution #5
H H H
Tx1;
Tx2;
Tx3…
Initial value
(coinbase)
Tx34;
Tx35;
Tx36…
Tx54;
Tx55;
Tx56…
Block of
transactions
Blockchain
…
40
But who will compute the next block?
41
Proof of Work
00000
00001
00010
00011
00100
00101
00110
00111
01000
01001
01010
01011
01100
01101
01110
01111
10000
10001
10010
10011
10100
10101
10110
10111
11000
11001
11010
11011
11100
11101
11110
11111
H 1001101|| x 000||10
Find value x so
that the output
begins with 3 zeros.
The only way (*) to compute
this value so that the output
starts with 𝒏 zeros is to try at
random around de 𝟐𝒏 times.
(*) If you find another way you can
(1) become rich, (2) famous (Turing Award), or (3) both (start with (1) then (2)...
42
Solution #5
• The first node that manages to
solve this puzzle/equation wins
the block
• The bitcoin network extends this
chain with the new block
• The network always chooses to
extend the largest chain
Grrr!
I need to control
51% of the computational
power of the network (*)
(*) It is not that simple… => Majority is not Enough: Bitcoin Mining is Vulnerable
http://arxiv.org/abs/1311.0243
43
Computational power of the Bitcoin
network
44
Sounds good… but why would
people waste their CPU cycle?
45
Mining
• The winnner of a block receives a
reward of 25 BTC
Indeed this is how the bitcoins are
«created»
• This process is called mining
46
Solution to the consensus
problem (Proof of work)
Simple tools
(Hash functions +
digital signature)
Economic incentive
Why is Bitcoin’s design so brilliant?
47
Bitcoin is a
smart contract!
48
49
Bitcoin is a smart contract
• It is a program
• Its execution is autonomous • because of the decentralized network
• Every transactions are public
• It is not possible to modify the history of transactions • The execution cannot be reverted
• A few clauses/statements of this contract • No more than 21.000.000 de bitcoins
• A new block every 10 minutes
• Mining difficulty is ajusted to the power of the network
• Only a subset of possible transactions are allowed
• …
50
Bitcoin transaction
https://bitcoin.org/en/developer-guide#signature-hash-types
Much more complex
than a simple signed
message…
It is a smart
contract!
51
Sure, a smart contrat that
executes another smart
contract….
52
Innovation v/s Fragmentation
http://mapofcoins.com/bitcoin#
Bitcoin
Litecoin
Litecoin
53
Ethereum
• Platform similar to Bitcoin but: • The language for writing smart
contracts is more expressive (Turing-Complete)
• Avoids to reinvent the wheel by forking an existing cryptocurrency
• All the smart contracts use the same blockchain
• Crowdfunding (sept. 2014) • 31531 BTC = US$18,439,086
• Launching: • it’s live since July 30th 2015!
Vitalik Buterin
Ethereum founder
54
Sales contract
http://etherscripter.com/0-5-1/
Hard problem
solved: who
pays/sends the
product first?
55
More examples of smart contracts
• Decentralized DNS
• Autonomous companies • Define the shares at the beginning
• Dividends can be distributed automatically
• One could buy and sell stock instantly
• Insurance
• Heritance
• Direct democracy
• IOT (IBM+ Samsung using Ethereum => https://www.youtube.com/watch?v=U1XOPIqyP7A)
Great video, only 8
minutes
56
Challenges
• Scalability (current problem with Bitcoin)
• Privacy v/s Criminality
• A bug can be very expensive
• A breach can lead to a loss of all funds of the contract
(which could be a whole company!)
• Generalized bug
• Fork Bitcoin in 2013
• Security?
Still relying on the
break-and-fix cycle
57
Using smart contracts for crime
• Enable to do business without relying on trust
• => perfect for cybercrime
• Example of evil businesses
• Selling secrets
• DoS
• Assassination
• Defacement
• Relies on very sophisticated cryptography on top of
smart contracts
http://www.arijuels.com/wp-content/uploads/2013/09/public_gyges.pdf
58
Thank you!