View
4
Download
0
Category
Preview:
Citation preview
UNC, September 2016
Bitcoin and Blockchain (fiction, fallacy, fact, fun
and future)Bebo White
SLAC National Accelerator Laboratory/Stanford University
bebo@slac.stanford.edu
UNC, September 2016
A few observations
UNC, September 2016
Bitcoin/cybercurrency• Is not science fiction
• Is not a computer science fantasy
• Is not strictly the domain of criminals and hackers
• Is a global empowering tool for 21st century society OR
• “Bitcoin and blockchain are a flawed solution to a problem that does not exist” (Izabella Kaminska, FT Alphaville)
• It frightens some or threatens the status quo
UNC, September 2016
UNC, September 2016
Who owns bitcoin?
Why?/Why Not?
bitcoin is everywhere
UNC, September 2016
UNC, September 2016
Does this suggestlegitimacy?
UNC, September 2016
What is Bitcoin?• “Bitcoin” is the protocol; “bitcoins” are the units (BTC)
• Designed for an “Internet Society” using Internet technologies
• Decentralized and independent of “state currencies”
• Can be used for anonymous transactions like “hard currency” (i.e., unlike credit cards)
• Potential to revolutionize E-Commerce - online exchange, no specific currency, micro payments
• Easily convertible to “state currencies”
UNC, September 2016
UNC, September 2016
It all started with• 2008
• Defined a protocol for generating, validating, and exchanging cybercurrency
• Implemented in publicly available, open source software
• Described a technology platform that goes far beyond its original purpose (the blockchain)
UNC, September 2016
UNC, September 2016
Remember what this paper started…
UNC, September 2016
People are using it…
• Not just for illegal activities (e.g., Silk Road)
• Some financial analysts advise portfolio diversification with BTC
UNC, September 2016
• wordpress.com
• overstock.com
• Subway
• Tesla
• Bitcoin.Travel
• Zynga
• Paypal/Ebay
• The Sacramento Kings
• Zappos
• Whole Foods
• PizzaForCoins.com
• etc,etc,etc.
UNC, September 2016
UNC, September 2016
UNC, September 2016
UNC, September 2016
UNC, September 2016
First, a very quick look at money…
UNC, September 2016
Token Money
• Represented by a physical object (token) such as a banknote, coin, traveler’s check, etc.
• Without that token, the value is lost
• No intermediary is required for spending
• BUT - requires faith in the ISSUER, usually a government or a bank
UNC, September 2016
Notational Money
• Represented by a notation in a ledger, passbook or database (e.g., a bank account)
• Notational money cannot be lost
• BUT - requires an intermediary (bank or clearing house) for spending
• ALSO - requires faith in the MAINTAINER of the ledger
UNC, September 2016
Hybrid Money
• Requires BOTH a token AND a ledger account (e.g., personal check, stored value or gift card)
• Can be lost AND requires faith in the ISSUER
• AND requires an intermediary (bank or clearing house) for spending
UNC, September 2016
Virtual Money (?)• No token
• No ledger
• No issuer, no government backing (or supervision)
• No intermediary required for spending
• Is this even possible?
• Who creates the money? Why is it money?
• Without a token or ledger, how do you know how much you have? What is its value?
• How do you know the spender is the owner?
• What prevents spending the same money twice?
BUT
UNC, September 2016
Another reason to backup…
• Your money is just a string of bytes (data) on your device
• Device failure means your money is gone
• Device intrusion means your money can be stolen
UNC, September 2016
UNC, September 2016
Analogy: real estate• Land ownership is defined by a “chain of title,” a sequence of deeds
leading from the original owner to the present owner
• Deeds are recorded in the Land Registry
• Ownership determined by searching the Registry
• The Land Registry is, in effect, a ledger holder
• If the Registry is altered, ownership can be lost
• Double-selling is prevented by timestamps
UNC, September 2016
Distributed Registry/Ledger• Suppose we broadcast ALL deeds to thousands of nodes
of a de-centralized public network?
• IF the deeds are genuine AND the network members agree on the chain of title, THEN we can tell who owns a piece of property
• Ask the network and count the responses - if a majority say that someone is the owner, then they are
• There must be enough honest members that false responses cannot dominate (or they have some incentive)
• The registry is NOT under government control
REMEMBER THIS CONCEPT!
UNC, September 2016
A Little Math - Hash Functions
• A “hash” is a short function of a message
• BUT: a hash is not uniquely reversible
• Hash function H produces a fixed size hash of message M, usually 128-512 bits
• h = H(M)
UNC, September 2016
One-way hash functions
• Hashes are easy (fast) to compute but computationally difficult to invert
• Should not be able to find any message corresponding to a given hash
• Bitcoin uses a well-known published hash function SHA-256, which produces 256 bit hashes
UNC, September 2016
A little more math/CS - asymmetric encryption• Same as public-private key encryption
• Provides the security in PKI/certificates, HTTPS, secure e-mail, digital signatures, etc.
• Everyone has a public key (which they openly share) and a private key (which they protect) that are linked by very complex mathematics
• Insures end-to-end security, non-repudiation, etc.
UNC, September 2016
What is Bitcoin really?• No physical object, not even a character string
• “A chain of digitally signed transaction records leading from the original owner to the current holder” - similar to a chain of land deeds
• The transaction records contain
• Hashes that are difficult to find AND
• Virtual/anonymous owner IDs (addresses)
• There is NO bitcoin registry, NO centralization
• Bitcoin blockchains are broadcast to everyone; anyone can verify them; they encompass all the past and the present transactions
UNC, September 2016
Bitcoin Addresses• Bitcoin software generates bitcoin addresses of 25-44
characters for users
• Sample address: 1BBsbEq8Q29JpQr4jygjPof7F7uphqyUCQ
• The address is actually an elliptic curve public key; a 44 character key is as secure as a 7000-bit RSA key
• To send bitcoins, user specifies a receiving address and amount then clicks “send”
• To receive bitcoins, just tell the sender your public address!
• Addresses are not registered to users. A user can have a different address for every transaction
UNC, September 2016
(https://www.ft.com/content/eb1f8256-7b4b-11e5-a1fe-567b37f80b64#axzz3qe4rV5dH)
UNC, September 2016
What is happening here?
• The security, privacy, trust, and immutability that has come from centralized or third-party systems is being replaced by
• Strong encryption technologies
• De-centralized peer-to-peer consensus
UNC, September 2016
UNC, September 2016
UNC, September 2016
UNC, September 2016
If I can’t remember my public key…
UNC, September 2016
How do you get bitcoin?
• Sell something for BTC
• Salary (legal ramifications?)
• Donation/gift?
• Use a bitcoin exchange (including bitcoin ATMs)
• Games, rewards, gambling
• Bitcoin mining (least likely)
UNC, September 2016
Bitcoin mining (1/5)
• Bitcoin blockchain begins with data “mined” by using a large number of hash function computations
• “Mining” software is run on mining machines
• A “miner” tries many different (e.g., 10^15) numbers, trying to find one whose hash value is less than a given threshold (A); a “brute force” computation
• Verified success is rewarded with a number of bitcoins (N)
UNC, September 2016
Bitcoin mining (2/5)x = blockchainy= proposed added blockn = additional number (nonce)A = threshold valueN = miner’s reward
find n such that:H(x,y,n) < A
Miner includes N BTC in “y” for themselves
Miner broadcasts solutionto network for
verification
N began at 50 andis halved every210,000 blocks
UNC, September 2016
Bitcoin mining (3/5)
• Example: problem or “proof of work”
• Find a number (nonce) so that the cryptographic hash of the block and the nonce starts with some required number of binary zeros (e.g., 40)
• Once solved the miner transmits the block to the network for verification, collects reward, and starts on new block
UNC, September 2016
Bitcoin mining (4/5)• The threshold (A) adjusted every 2 weeks (to
establish rate of 6 blocks/hour)
• Therefore, bitcoin hashes are progressively more difficult to find (i.e., finding “n” more difficult); part of finding “n” involves verifying that no bitcoin transacted in block “y” has already been spent in blockchain “x” (Merkle trees)
• There will never be more than 21 million BTC. (2*50*210,000); divisible into units as small as 1/100 millionth of a BTC (satoshi)
UNC, September 2016
Controlled bitcoin inflation
UNC, September 2016
Bitcoin mining (5/5)
• Miner’s reward (N) halves after 210,000 blocks (~4 years)
• Era 1 = 50 BTC
• Era 2 = 25 BTC
• Era 3 = 12.5 BTC
• …….
• Era 33 = 1 satoshi
July 2016
UNC, September 2016
UNC, September 2016
UNC, September 2016
Why is mining so difficult?
• Because of bitcoin’s “public” structure, it needs a defense against malicious attacks
• Uses POW to make it computationally difficult to add a block
• Has created a cost (equipment + running) of mining and therefor a need for incentivization
UNC, September 2016
Transaction fees are meant to replace block rewards
UNC, September 2016
Supply of bitcoins
• Current maximum number of bitcoins = 21*10^6
• Current maximum number of satoshis = 2.1*10^15
• Amount of $US in the world = 10^12
• As value of BTC increases, most transactions are likely to be in satoshis
UNC, September 2016
UNC, September 2016
UNC, September 2016
Is this really different from stock market, currency market,
commodities market fluctuations?
UNC, September 2016
UNC, September 2016
Bad things do happen because of value
• Silk Road and black market crime
• Ransomware and blackmail enablement
• Hacks and embezzlement
• MT Gox (2011, 2013,2014)
• Bitfinex
• Bitstamp
• Poloniex
• BTC-E
• BitcoinTalk
UNC, September 2016
Possible vulnerabilities• No way to reverse a transaction without the
payee’s cooperation
• Software bugs
• Bank robbery by hackers
• Malware attacks against wallets
• Government attempts to control
• Competing cybercurrencies easy to make (forks) - imitation is flattery
UNC, September 2016
UNC, September 2016
Summary - the 5 elements of cybercurrency
• Currency - send units of value, convertible, divisible
• Commodity - scarcity stores wealth, market fluctuates with speculation
• Brand - marketing message, community and sharing knowledge
• Protocol - decentralized trust on the block chain
• Technology - services and solutions implemented and integrated
UNC, September 2016
Possible future of Bitcoin/cybercurrencies (social)• For the world’s unbanked, there is no choice
• For small businesses, freelancers and startups in developing nations, there is no choice
• When you have choice, it is hard to imagine those without
• New generation growing up with instant expectations, who are or will be disillusioned by huge economic bailouts
• From stones to precious metals to paper to bytes
UNC, September 2016
Possible future of Bitcoin/cybercurrencies (economic/political)
• A future with digital currencies and decentralized stores is guaranteed - people trust math over people
• National adoption of decentralized currencies would bring political transparency and economic neutrality
• Developing nations seeking to curb corruption and break free of economic dependence on other countries could see potential in these technologies
UNC, September 2016
UNC, September 2016
Possible future of Bitcoin/cybercurrencies (impact)• Bitcoin itself may well not be relevant in the future
(though won’t/can’t disappear?), but
• The discussion has been started
• Cybercurrencies will be a part of the future with features that Bitcoin lacks (e.g., Ethereum); links to actual resources (e.g., Colored Coins), or different schemes for POW or POS
• Bitcoin’s biggest legacy will likely be the Blockchain/DLT
UNC, September 2016
Blockchain common elements
• Is digitally distributed across computer network in almost real-time
• Uses many participants in the network to reach consensus
• Uses cryptography and digital signatures to prove identity
• Has mechanisms to make it almost impossible to change historical records
• Is time-stamped
• Is programmable
• Blockchain is independent of Bitcoin
Is a platform!
UNC, September 2016
UNC, September 2016
Can blockchain help drive the next important tech eras?
• Or is it the next important tech era after mainframe, PC, Internet/Web, cloud, mobile?
• Internet: transfer of information; Blockchain: transfer ownership
• De-centralized systems vs. centralized systems
• Public, private, parallel/forking, and intersecting blockchains
• Potential role in
• Commerce/business/shared economies
• Internet of Things
• etc,etc,etc.
UNC, September 2016
UNC, September 2016
(Melanie Swan)
UNC, September 2016
“Blockchain is the new quantum physics:A really, really hard science that no oneunderstands, ambushed by clowns likeDeepak Chopra looking to make a quickbuck on solutionist nonsense”——-Chris DeRose (TED talk)
“Blockchain does nothingbut circumvent the ruleswe have imposed onbanks to keep them honest”——-Izabella Kaminska (FT Alphaville)
UNC, September 2016
UNC, September 2016
Blockcom• A company formed and functioning on blockchain
technologies; for example
• Lighthouse - peer-to-peer crowdfunding
• Factom - distributed registry
• Gems - decentralized messaging
• Maidsafe - decentralized applications
• Storj - distributed cloud
• Tezos - decentralized voting
UNC, September 2016
UNC, September 2016
UNC, September 2016
UNC, September 2016
UNC, September 2016
Summary and conclusions (IMHOs)
• Bitcoin and blockchain
• are significant disruptive technologies based upon established principles that is likely to impact many fields and society in general
• will evolve and spawn/fork exciting new variations
• provides a powerful development platform comparable to that of the Internet
• will continue to raise non-trivial issues surrounding adoption and regulation
• defines a rich area for innovative research
• requires a new wave of SMEs and developers
UNC, September 2016
I encourage you to get onboard - your ideas are needed!
UNC, September 2016
Thank You!Questions? Comments?
Want the slides?
bebo@slac.stanford.edu
Recommended