O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications

719 visualizações

Publicada em

Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com


Publicada em: Software
  • Seja o primeiro a comentar

Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications

  1. 1. Understanding Bitcoin and Blockchains The Future of Decentralized Recordkeeping
  2. 2. Navin Kabra  Background: – Founder & CTO ReliScore.com – Previously: Senior Researcher @ Symantec/Veritas, Teradata – PhD (CS) Univ. of Wisconsin-Madison, USA – B.Tech (CS) IIT Bombay  Contact – Twitter: @ngkabra – Email: navin@punetech.com
  3. 3. Overview What does Bitcoin do How does it work Why does it work that way Blockchain (going beyond just currency) - Ethereum (automated contracts) - The DAO (“pvt. ltd.” in the cloud) Which to spend time on?
  4. 4. Roadmap Background – Decentralized Recordkeeping • Motivation for Problem • Understanding the Issues • The Blockchain Solution Bitcoin Going beyond cryptocurrency Potential Applications – The DAO
  5. 5. Motivation Example: Land Records – Navin sells Plot #167, Aundh to Amit – Two copies of agreement – Signed by both Amit and Navin
  6. 6. Important Requirements Authentication: Amit & Navin's signature matched with ID Proof Non-Repudiation: Neither can claim that transaction never happened Integrity: Transaction can't be modified later (?)
  7. 7. Improvement #1 Problem: Signatures are easily forged Solution: Get agreement notarized by third party Suhas authenticates Navin & Amit and witnesses the agreement; notarizes and signs each page – Authentication, Non-Repudiation, Integrity improved.
  8. 8. Improvement #2 Problem: How do I know Navin owns the land? Solution: Centralized registry (“Registrar's Office”) of all land transactions “Title search” to find last transaction involving Plot #167 Aundh – Note: Suhas's services no longer needed. Registrar handles authentication, non-repudiation, integrity
  9. 9. Can we decentralize it? We all hate the Regisrar's office, don't we? Need a different way to re-create: – Authentication – Non-repudiation – Integrity
  10. 10. Digression #1: PKI Public Key Cryptography Asymmetric Encryption Two keys: Public (pk), Private/Secret (sk) Encrypt(msg, pk): sk necessary to decrypt Encrypt(msg, sk): pk necessary to decrpty
  11. 11. PKI Characteristics #1 Very easy to to create pk-sk pair Given message + key, encryption is easy Given crypt + xkey, decryption is easy Without key, decryption is very expensive
  12. 12. PKI Characteristics #2 Each participant widely publicizes pk Keeps sk hidden One participant can create multiple pk-sk pairs
  13. 13. PKI Use Cases Encryption: – Encrypt(msg, Navin(pk)): can only be read by Navin – Encrypt(msg, Navin(sk)): can only be sent by Navin Signature – Publish plaintext document – And checksum encrypted using Navin's sk – Guarantee: Navin approves document – Any document modification causes checksum mismatch
  14. 14. Digression #2 One-way Hash – e.g. MD5, SHA1 Given a document, compute a hash-function – Easy to compute hash – Easy to verify that a hash matches document – Difficult to create document matching hash • Impossible if number of bits is large enough
  15. 15. Removing the Registrar Navin creates document indicating that Plot #167 sold to Amit Signs using his private key Stored at Suhas's server – Signed with Suhas's private key – Note: Authentication, Non-Repudiation, Integrity – Note: this is still centralized
  16. 16. Decentralization Create multiple copies of Suhas – How to get consistency – 2PC doesn't work. Paxos Doesn't work. Other Requirements: – Partition Tolerance – Availability Now we run into CAP theorem.
  17. 17. Solution – Part 1 Allow temporary inconsistency All Suhases vote Now worry about Sybil Attack – How to prevent new copies of Suhas being created
  18. 18. Solution Part 2 Suhas creation should be expensive Real life: – Government issued IDs In this solution: – Proof-of-Work
  19. 19. Proof of Work pk-sk pair is easy to create Force new Suhas to solve a hard mathematical problem e.g. create a new document with given hash
  20. 20. How to handle conflicts Each transaction embeds ID of previous transaction Form an unbroken chain of transactions In case of conflicts, server with longer chain wins Over time, consensus of servers is formed
  21. 21. Bitcoin
  22. 22. Bitcoin New coins created in system every 10 minutes Coin creation involves solving a hard cryptographic problem That is the proof-of-work
  23. 23. Bitcoin Servers Equivalent of Suhas in our Example Collect together transactions
  24. 24. Bitcoin Advanced A transaction isn't a simple bitcoin transfer – It's a script in Bitcoin Scripting Language – Transaction valid if script returns true – Default script: if verify_signature(transaction.signature, transaction.input.public_key): return True else return False
  25. 25. Bitcoin Scripting Smart Transactions possible – Low-overhead escrow using 2-of-3 multisig – Micropayments using double-spending – Protected micropayments using “lock-time” – Green addresses: instant payment using trusted third party • Also: offline payment
  26. 26. Pay-to-script-hash Allow payer to pay using a non-standard script – Output script needs to be inserted by payer – Seller wants to receive money using complex script • e.g. 2-non-trusting partners want to receive on a 2-of-2 multisig – Normally, non-technical payer will not insert complex third- party script – risky – Hence: pay to a hash of a script • Bitcoin protocol ensures that it can only be redeemed by someone who produces the right script to match the hash, and execution of that script returns True
  27. 27. Proof-of-Burn Send money to a script that can never be redeemed Use OP_RETURN Money gone forever Can put extra content in script after OP_RETURN – Use bitcoin to store non-repudiable information
  28. 28. Blockchain
  29. 29. Blockchain Applicable beyond Bitcoin Basic idea: – Start state + transactions => chained – Decentralized – Strong cryptography: Authentication, Non-Repudiation, Integrity – Proof-of-Work: solves the Byzantine Generals Problem – Allow more general pay-to scripts • Smart transactions
  30. 30. Ethereum Important blockchain based platform More complex scripting language Use for automated contracts
  31. 31. Examples Blockchain based DNS – Remember Wikileaks Blockchain based internet!! – Remember Snowden Many more – e.g. our Land Records example! (being considered in Honduras)
  32. 32. More Examples Provenance – Track history of diamonds Election – Remember Snowden Many more – e.g. our Land Records example!
  33. 33. The DAO Distribute Autonomous Organization Venture Capital Company Exists Entirely on Ethereum Anonymous shareholders! Voting based decisions Ethereum scripts control all working of org
  34. 34. The DAO - 2 Shareholders: – All those who bought tokens on Ethereum by May 28 – Can be traded on Ethereum Working capital: money paid by shareholders – Money paid by shareholders: $168M Funds startups – Proposal in ethereum – If majority vote yes, money transfered automatically
  35. 35. Impact Top VCs pumping 100s of millions of dollars in blockchain companies Visionaries on Wallstreet investing in, and joining blockchain companies – Includes Vikram Pandit, NASDAQ Top banks doing PoC – Includes Barclays, Deutsche Bank, Credit Suisse
  36. 36. Contact: @ngkabra on Twitter navin@reliscore.com or Navin Kabra on Quora Facebook Google