Digital Finance by targens - meetup.123-altcoin.de · © 2019 targens GmbH 23.05.2019 targens.de Digital Finance by targens Altcoin Meetup –targens GmbH

© 2019 targens GmbH targens.de23.05.2019

Digital Finance by targens

Altcoin Meetup – targens GmbH


Introduction targens Marcus Karcher

Previous Projects

Payment Channels on Ethereum Julian Sauer

Payment Channel Networks

General State Channel Networks

Payment Channels on Stellar Nandan Joshi

Stellar Overview

Starlight

Challenges of Payment Channel Networks Marco Walz

Virtual State Channels Marco Walz

MimbleWimble Protocol Nandan Joshi & Julian Sauer

Agenda


Data and Facts

Range of services : Consulting | Products | Technology

Turnover : 35 € millions

Number of employees : 250

Locations : Stuttgart, Frankfurt a. M., München

Legal Form: Private limited company

Managing Director : Thomas Wild

Shareholder : 100 % Landesbank Baden-Württemberg (LBBW)


Pilots & Projects

Cloud operation for pilot projects

Agile development andconsulting

Deepening the prototypingapproach

Consulting

Workshops

Training sessions

Joint determination of the right use case with design thinking methods

Technology consulting

Service portfolio and fields of expertise

Prototyping

Agile implementation

Development of a Use Case

Advice on the use case with new perspectives

Consideration of disruptive potentials of the use case


Projekte

For Daimler it was "our first step in testing the wide variety of possibilities for using blockchaintechnology and assessing this technology’s potential for future transactions and financial processes," stated Bodo Uebber, member of the Board of Management of Daimler AG

Daimler and LBBW: Successful with Blockchain

• Daimler placed a Schuldschein through LBBW with a volume of EUR 100 million and a term of one year. • Together with TSS (Daimler) and Targens (LBBW), the entire transaction was digitally mapped on a

blockchain. • A parallel paper process has still taken place.

Further Reading: https://www.lbbw.de/articlepage/experience-banking/pilot-project-blockchain-daimler-lbbw_661e61yw9_e.html

https://www.lbbw.de/articlepage/experience-banking/pilot-project-blockchain-daimler-lbbw_661e61yw9_e.html


Projekte

Weinberg Asset Backed Commercial Paper

• Transactions involving money market paper (ABCP) purchase and redemption completely powered by Corda blockchain technology

• Conclusion and winding-up of a contract for the first time without conducting parallel analog process• LBBW creates first digital platform for ABCP, drastically reducing transaction time and streamlining

procedures• Rating Agencies Fitch and Moody’s confirmed rating for digital issue process

“[…] Thanks to the shorter transaction times, we gain a significant amount of flexibility in our cash management, at the same time generating an interest rate advantage from immediate delivery of the security. Accelerated processing minimizes the counterparty and settlement risks," - Dr. Frank Wellhöfer, member of the board of management at MEAG.

Further Reading: https://www.lbbw.de/articlepage/press-release/blockchain-with-no-strings-attached_82zumb2qr_e.html

https://www.lbbw.de/articlepage/press-release/blockchain-with-no-strings-attached_82zumb2qr_e.html


Projekte

• Industry consulting on various DLT solutions

• Payment Variants e.g. payment channels

• Scaling of networks technically and economically

• Creation of personal networks between finance and industry – bringing the right people together

• Blockfunk (https://digitalfinance.blog/)

• Member of BLOCKCHAIN BUNDESVERBAND (https://bundesblock.de/de/)

https://digitalfinance.blog/

https://bundesblock.de/de/


Thank you foryour attention!

Dieses Dokument unterliegt dem Urheberrecht. Veränderungen, Kürzungen, Erweiterungen und Ergänzungen bedürfen der vorherigenschriftlichen Zustimmung des Anbieters. Jede Vervielfältigung ist nur zum persönlichen Gebrauch gestattet und nur unter der Bedingung, dassdieser Urheberrechtsvermerk beim Vervielfältigen auf dem Dokument erhalten bleibt. Jede Veröffentlichung, Übersetzung, gewerbliche Nutzungoder Nutzung zu Schulungszwecken bedarf der vorherigen schriftlichen Zustimmung des Anbieters.

Marcus Karcher

Senior Manager Digital [email protected]

+49 (0711) 222992 633

+49 (0151) 23448879


Payment Channels / State Channels, Mimblewimble und Stellar Protocol

Altcoin Meetup – targens GmbH



Previous Projects





Stellar Overview

Starlight




Agenda


Payment Channel / State Channel Network

State Channel Varianten / Technologien


e.g. Raiden Network

Payment Channels

e.g. Micro Raiden


e.g. Celer Network

General State Channels

e.g. Counterfactual

Sources: https://raiden.network/ https://www.celer.network/ https://www.celer.network/doc/CelerNetwork-Whitepaper.pdf

https://raiden.network/

https://www.celer.network/

https://www.celer.network/doc/CelerNetwork-Whitepaper.pdf


ALICE

MultiSigContract

BOBPayment Channel

Micro Raiden

Roadmap: live on Mainnet

Easiest form of State Channel

Micropayment / P2P

Instant / no fees

Payment Channel







ALICE BOB

Pay

men

t C

han

nel

DAVE EVEPayment Channel

Pay

men

t Ch

ann

el

Raiden Network

Routing between Channels

Privacy increase

Liquidityprovider offers a Service

Roadmap: live on Mainnet






General State Channels

MultiSigContract

ALICE BOBPayment Channel

Smart Contract

Smart ContractInstance

Counterfactual

Off-Chain use of Smart Contracts

Multiple Smart Contracts per Channel

Conditional Payments possible

Roadmap: Testingphase on theMainnet







ALICE BOB

Pay

men

t C

han

nel

DAVE EVEPayment ChannelP

aym

ent C

han

nel

Smart ContractInstance

Multi Party Condition

Routing of condition Payments

Payment Channel Network + Smart Contracts

Roadmap: Testingphase / End of Q2 Mainnet Launch

Celer Network






Raiden Network – Key Features

The Ethereum Version of Bitcoin Lightning Network

Open Source Project

Supports ERC20 Tokens

Uses Smart Contract for the Payment Channels

Multi Hop Payment with Secret Key / Secret Registry






Raiden Network – Key Features

Instant Atomic Swap between all ERC20 Tokens (Raidex)

• Performance Increase to other decentralized Exchanges

• Low fees

• High transaction throughput

Micropayments / P2P Cash

Raidos (Raiden 2.0) - General State Channels

ALICE

BOB






Demo Raiden Network


Celer Network – Key Features

Payment Channel Network+ Smart Contract

PoLC, LiBA and SGN

Proof of Liquidity Commitment

Liquidity Backing Auction

State Guardian Network

Supports ERC20 / ERC223 and native Token

Coperation with Counterfactual (State Channel Protocol)

Advanced Routing Protocol (Dristibuted Balanced Routing)

State Guardian Network

Liquidity BackingAuction

Proof of LiquidityCommitment






Distributed Balanced Routing

ALICE

BOB






Distributed Balanced Routing






Celer Network – Use Case

Generic conditional Payment

Multi Party Game

Second price auction bid

High frequency token exchange






Roadmap

Celer Network

CelerX (IOS & Android App)

Q2 2019 roll out onto the Ethereum Mainnet

Q3-4 2019 cross-chain interoperability

Raiden Network

Alpha/Stable Version live on the Ethereum Mainnet

• Limits to deposit Tokens to Payment Channel

• Supports only WETH






Sources










Julian Sauer

Consultant / Software [email protected]

+49 (711) 222 992 -505

mailto:[email protected]



Previous Projects





Stellar Overview

Starlight




Agenda


- Overview

Pro

ble

m Financial infrastructure is currently a mess of closed systems

Transaction costs are high

Money moves slowly across political and geographic boundaries

So

luti

on A decentralised worldwide

financial network

Remove barriers to entry

Protocol for worldwideconsensus – Stellar Consensus Protocol


- Overview

Source: https://www.stellar.org

https://www.stellar.org/




– Stellar Consensus Protocol

Federated Byzantine Agreement

Quorum is a set of nodes sufficient to reach agreement

Quorum Slices is the subset of a quorum that can convince one particular node of agreement

Each node chooses its own quorum slices.




- Overview








Starlight DEMO


- WHAT is Starlight?

Bi-directional, cross-assets, instant payment protocol

with payment channels and zero-fee transaction

Benefits

Secure Private Free Instant


- WHY does Stellar need Starlight?

PRIVACY

As financial institutions are the main users of Stellar, they want to transaction in a trustless manner but keeping the transactions off the public chain

SCALABILITY

„…(to) allow the user of Stellar to scale much much further than keeping everything on the ledger.“

INTEROPERABILITY

Unlikely that only one blockchain will prevail. Hence, interoperability will be increasingly more important.


- HOW does Starlight work?

Constituents of Payment Channel

Host and Guest

Software agents which executes the commands of the protocol on their behalf

On Chain accounts

◆ EscrowAccount

◆ HostRatchetAccount

◆ GuestRatchetAccount



Start

SettingUp

ChannelProposed

AwaitingFunding

Open



Start Keypair Generation

Parameter Selection



SettingUp

Escrow Account

HostRatchetAccount

GuestRatchetAccount



ChannelProposed

ChannelProposalMsg

ChannelAcceptMsg

Guest

Host



AwaitingFunding

Escrow Account

HostRatchetAccount

GuestRatchetAccount

Minimum balance of

Funding for the channel



Open

PaymentProposeMsg

PaymentAcceptMsg

Receiver

Sender



Open ChannelPayCmd



PaymentProposed

PaymentProposeMsg Receiver



PaymentAccepted

PaymentAcceptMsg Sender



Open

PaymentAccepted

PaymentCompleteMsg Receiver



Open

PaymentProposed

AwaitingClose

Cooperative Closing

Force Closing

CloseChannelCmd

CloseMsg

CooperativeCloseTx

ForceCloseCmd



Closed

Settlement Transaction

hits the ledger


- Starlight DEMO

Quelle: https://github.com/interstellar/starlight


Payment Channels on Stellar - Appendix



Quelle: https://www.stellar.org


Stellar – Stellar Consensus Protocol

FBAS nodes use a federated voting technique to get to agreement

Quelle: https://www.stellar.org


Sources


https://www.stellar.org/papers/stellar-consensus-protocol.pdf

https://github.com/interstellar/starlight


https://www.stellar.org/papers/stellar-consensus-protocol.pdf

https://github.com/interstellar/starlight




Nandan Joshi

Consultant / Senior Software [email protected]

+49 (0711) 222992 534

+49 (0151) 23448879




Previous Projects





Stellar Overview

Starlight




Agenda


Dealing with off-chain states

Challenges

Never lose any off-chain state

Always detect malicious behaviour

Never publish an old state

Solutions

Be careful!

Make backups

Use Monitoring Servcices („Watchtowers“)

Test your software on the testnet and make sure it has no bugs

Source: https://medium.com/crypto-punks/lightning-vs-raiden-watchtowers-monitoring-services-differences-c8eb0f724e68

https://medium.com/crypto-punks/lightning-vs-raiden-watchtowers-monitoring-services-differences-c8eb0f724e68


Updating channel capacity

Challenge

Update balances of existing channels

Currently not possible

It‘s always needed to close the existing

and reopen a new channel (2 on-chain tx)

Solutions

Submarine Swaps

Allow cross-chain channel updates

„Splicing“-Transactions

Allow channel updates (closing/reopening channels with 1 transaction)

Source: https://blog.lightning.engineering/posts/2019/03/20/loop.html

https://blog.lightning.engineering/posts/2019/03/20/loop.html


Routing: Path discovery

Challenge

Find a route in the lightning network

Only the capacity of the channels are publicy known

There is uncertainty whether a route as enough capacity

Solutions

Atomic Multipath Routing (AMP)

Allows to send fragments of payments

Enables „bill splitting“ from multiple sources to a single recipient

„Autopilots“

Automatically open multiple channels with cheap, reliable gateway nodes

Source: https://twitter.com/lopp/status/1046096631303671809

https://twitter.com/lopp/status/1046096631303671809


Routing: dependency on other nodes

Challenge

Perform many microtransactions to the same recipient in a short period of time

Nodes need to route each transaction and collect a fee each time

Nodes can decide to stop routing your payments

Nodes can go offline

Solution

Virtual Payment Channels

Agreement between multiple parties in a route to lock funds and create a „virtual“ channel between two

participants

1-time fee for opening the channel and locking funds

Nodes in between can go offline

Source: https://medium.com/blockchannel/state-channel-for-dummies-part-4-f3ba9d76c7c4

https://medium.com/blockchannel/state-channel-for-dummies-part-4-f3ba9d76c7c4


Other Challenges

Challenge Assumption Solution

Keep privacy while usingwatchtowers

• Many people will use Watchtowers

• Watchtowers will be able to link transactions together

• This is being researched• There are different proposals

addressing this problem

Keep track of activities withinchannels

• Companies need thatinformation for audit-purposes

• Web-application that displaysthe private tx-history



Previous Projects





Stellar Overview

Starlight




Agenda


Virtual State Channels




Opening a Virtual State Channel

Alice and Bob want to open a virtual channel through Ingrid

both send a signed request to Ingrid




Opening a Virtual State Channel

Ingrid receives the signed requests

She approves the change and updates both ledger channels

funds in the existing ledger channels get locked




Payments in Virtual State Channels

Alice and Bob now

don‘t rely on Ingrid to perform off-chain transactions (Ingrid can go offline)

can perform as many transactions as they want

have increased privacy




Closing Virtual State Channels

Alice and Bob submit the latest mutually signed transaction to Ingrid

Ingrid updates balances of each ledger channel






Marco Walz


+49 (0711) 222992 592




Previous Projects





Stellar Overview

Starlight




Agenda


MimbleWimble – History

Juli2016

October2016

March2017

March2018

A character called Tom Elvis Jedusor publishes a Paper on

a IRC Channel to a Technology called MimbleWimble

Andrew Poelstra publishes a

White Paper to Mimblewimble

GRIN

first Open Source Project

with Mimblewimble

BEAM – second Project using

Mimblewimble by the Company


MimbleWimble – Key Features

Uses main architecture of Bitcoin

No Scripting Language

Combined with idea of

Confidential Transactions

Cut Through / Pruning

Completely private

Permission-less

Only stores the UTXO List – improved scaling

ALICE BOB


MimbleWimble – Key Features

ALICE BOB

What we get

HIGHLY COMPRESSIBLE AND OPAQUE BLOCKCHAIN


MimbleWimble – Transactions explained

The recipient must be available to create a transaction

Interactive transaction building

ALICE BOB

ALICE BOB


MimbleWimble – Pederson Commitment

r*G + v*H

Private Key

Generator Point

value

Generator Point

Blinding factor



r*G + v*HPublic Key



(28*G + 3*H) - (28*G + 3*H) = 0*G + 0*H



ALICE BOB Dave

28*G + 3*H

Private Key:28 Private Key:28


Pederson Commitment - Mimblewimble

(113*G + 3*H) - (28*G + 3*H) = 85*G + 0*H

BOB generates

his Private Key

excess value


MimbleWimble – Range Proof

r*G + v*H

v > 0

v < Range


MimbleWimble – Range Proof

Range Proof


MimbleWimble – Transactions structure

Inputs: reference old unspent outputs

Outputs: new commitments

Kernels: excess and a signature

sum outputs – sum inputs == sum excess


Transactions… Inputs Outputs Kernels

TX 1

TX2

6

1

4 9

5

2

5


…can be joined together.Inputs Outputs Kernels

TX 1+2

+

6

1

4 9

5

2

5


And outputs later used as inputs…Inputs Outputs Kernels

TX 1+2

+

6

1

4 9

5

2

5


And outputs later used as inputs…Inputs Outputs Kernels

TX 1+2

+

6

1

4 9

2


Similarly, the blockchain…

Block 1

Block 2

Block 3

Block 5

Block 4


…can be joined.

Block 1

Block 2

Block 3

Block 5

Block 4


And when outputs are spent…

Block 1

Block 2

Block 3

Block 5

Block 4


…they can be removed.

Block 1

Block 2

Block 3

Block 5

Block 4


Initial sync

Block 1

Block 2

Block 3

Block 5

Block 4

Block Headers UTXO set Kernel set


MimbleWimble Implementation

Source: https://medium.com/scalar-capital/behind-mimblewimble-cd9da78a00e9


MimbleWimble - Applications

Payment Channel Sidechain Atomic Swap

Source: Celer WhitepaperSource: Celer bitcoinwiki.org

Source: 3iQ Research Group


MimbleWimble - Shortcomings

Quantum Resistance

NTRU1

Post-quantum Commitment Scheme

Hashes are already quantum secure

Size of Transaction Kernel

Smaller ZKP – Bulletproofs2

1 https://github.com/NTRUOpenSourceProject/ntru-crypto

2 https://crypto.stanford.edu/bulletproofs/

https://github.com/NTRUOpenSourceProject/ntru-crypto

https://crypto.stanford.edu/bulletproofs/


MimbleWimble - Outlook

Scriptless Scripts1

No revealation of contracts

Chain saves only Public Keys and Signatures

Adaptor Signature2

A general framework for attaching valid signatures to any arbitrary protocols

Confidential Assets3

Extension of idea of Confidential Transactions to different kinds of assets

1 https://github.com/apoelstra/scriptless-scripts

2 https://www.politesi.polimi.it/bitstream/10589/144372/1/main.pdf

3 https://tlu.tarilabs.com/digital-assets/confidential-assets/MainReport.html

https://goblockchain.network/2018/12/adaptor_signature/


MimbleWimble – In Short

Crazy but true!

No addresses, but cryptographic commitments

No amounts, but range proofs

No scripts, but Scriptless Scripts

Privacy

Amounts are obscured through cryptographic commitments

Commitments can only be spent by people with knowledge of blinding factor, which is actually one-time Private Key to authenticate the transaction

Scalability

Transaction structure is removed by means of CoinJoin and Cut Through


MimbleWimble Protocol - Appendix


MimbleWimble – Cryptographic Paradigms

Based on simple cryptographic assumptions as Bitcoin

Discrete log problemCryptography is built on the idea that certain operations are easy to compute in one direction, and near impossible to compute in the other direction.

Cryptographic hashingUsed in Bitcoin to generate public key and proof-of-work, but in MW, it is used to create outputs as cryptographic commitments. These commitments do not reveal destination address on the chain, but are only spendable when a user has possession of a private key.

Homomorphic EncryptionLeans heavily on this additively homomorphic property to continuously verify that the sum of the inputs equals the sum of the outputs without needing to know the values themselves.

Confidential TransactionsUsed for bookkeeping. No observable values needed, only cryptographic commitments (Pederson commitment) and range proofs.

CoinJoinCombines all transactions at the block level automatically so that the transaction graph becomes obfuscated.

Pruning / Cut ThroughCollapses all transactions within a block into a single block-wide transaction. It removes the value of transaction, but transaction is saved as transaction kernel.


MimbleWimble – Elliptical Curve Cryptography

Different shapes for different elliptic curves

(b = 1, a from 2 to -3)

y2 = x3 + ax + b

• Part of the field of group theory, in the form of

abstract algebra

• Allows arithmetic operations, such as addition

and subtraction using scalar

• Multiplication is easy, but division is „very“ difficult


MimbleWimble – HOW a Transaction looks like?

Amount

Every Output is a Pedersen Commitment

…(r ∙ G) + (v ∙ H)…

Blinding Factor












































Quellen

https://github.com/mimblewimble/grin/blob/master/doc/intro.md

https://tlu.tarilabs.com/cryptography/bulletproofs-and-mimblewimble/MainReport.html

https://eprint.iacr.org/2017/1066.pdf

https://download.wpsoftware.net/bitcoin/wizardry/mimblewimble.pdf

https://github.com/mimblewimble/grin/blob/master/doc/intro.md

https://tlu.tarilabs.com/cryptography/bulletproofs-and-mimblewimble/MainReport.html

https://eprint.iacr.org/2017/1066.pdf

https://download.wpsoftware.net/bitcoin/wizardry/mimblewimble.pdf




Nandan Joshi

Consultant / Senior Software [email protected]

+49 (0711) 222992 534

Julian Sauer


+49 (0711) 222 992 -505



Documents

Digital Finance by targens - meetup.123-altcoin.de · © 2019 targens GmbH 23.05.2019 targens.de Digital Finance by targens Altcoin Meetup –targens GmbH