Scaling Crypto-Commerce Strawman

Transcript

1. Scaling Crypto-Commerce Strawman Tracking smart contracts and other intersections between

   computer science and economics. By Clive Boulton.

2. 143 million impacted… Equifax appears to have 618 domains, spread

   across 493 perimeter hosts on ipv4

3. Who has access? Examples

4. Permission (ACL) or Object-capability (token)

5. Pull request

6. Chrome’s Plan to Distrust Symantec Certificates

7. Who has access?

8. ICO Crypto-Commerce

9. bitcoin, blockchain, ethereum, smart contracts

10. Bonus - ICOs the new IPOs https://www.smithandcrown.com/icos/ @TokenCard

11. On scaling throughput during an ICO Blockchain meets Object-capability event

    at Berkeley, CAL via @ecsa_team pic @iC

12. Federated Wiki... Ward, does wiki deliberately avoid global locks by

    design? page Clive, yes, wiki enables collective behavior without any synchronization at the application level" page

13. Smart contracts - Public vs Private Nick Szabo Public smart

    contracts (short, coins) Satoshi Nakamoto, Bitcoin, Distributed blockchain, POW. Vitalik Buterin, Ethereum, ICOs Scalability, consensus based, solves Byzantine Generals. BC 3 tps. E 15 tps. PayPal 11,600 tps Mark S Miller Private smart contracts (long, business) Miller PhD Thesis, Robust Composition. E, Caja, ECMAScript, JS, (Ocap) Hyperledger, Linux Foundation, POCs Scalability, maximum modularity / least coupling. Avoids global block, global lock. Fabric x tps. Sawtooth y tps. Gravity z tps.

14. Mark S Miller Mark S. Miller is the main designer

    of the E and Dr. SES distributed object-capability programming languages, inventor of Miller Columns, a pioneer of agoric (market-based secure distributed) computing, an architect of the Xanadu hypertext publishing system, a representative to the EcmaScript committee, and a senior fellow of the Foresight Institute. https://research.google.com/pubs/author35958.html

15. Dr. SES - Distributed Resilient Secure EcmaScript Talk presented at

    the July 2017 TC39 (EcmaScript committee) meeting. https://www.youtube.com/watch?v=YQFPAyCgOlI

16. Bob’s talk about Alice…. https://utahjs17-creationix.hashbase.io/ Miller’s early schematic on web

    browser bugs repurposed by developers leading to web services. (todo)

17. 90% Of current online applications are vulnerable to hackers (ransomware).

18. Abstract ECMAScript 5 introduced strict mode as a shim and

    gained full support in ES6 by browser manufacturers. Now pending standards ratification at TC39 is the Frozen Realms API. This talk will reprise the Dr.SES work by Mark S Miller of Google Research. How these changes to the open web change security patterns in web apps and increase the scope for development using cloud computing. http://caniuse.com/#search=strict%20mode

19. strict mode: ECMAScript 2015, ES6 https://devfestseattle.org/ https://github.com/GDGSeattle/h overboard

20. None

21. Object-capability The object-capability model is a computer security model. A

    capability describes a transferable right to perform one (or more) operations on a given object. It can be obtained by the following combination: • An unforgeable reference (in the sense of object references or protected pointers) that can be sent in messages. • A message that specifies the operation to be performed. A first class move from ACL (access control lists) by closing the loopholes bad actors are exploiting in e-commerce.

22. Demo Fed Wiki

23. Ocap example via YouTube Replace youtube in the video url

    with youpak. Here's an example: http://www.youtube.com/watch?v=oWtDipSSAU8 In the next example, you will not get the country restriction notice. On the link https://www.youpak.com/watch?v=oWtDipSSAU8 It works only by clicking the link; it won't work on an embed.

24. Federated Wiki

25. Let’s compose (Sharepoint)

26. Web components - robust composition

27. None
28. None
29. None
30. None

31. Code Implementation

32. Dr. SES - Ocap Plugin Projects "Object capabilities offer an

    alternative where the possible complexity is unbonded." http://ward.bay.wiki.org/view/agreeing-with-strangers Google earth https://opensource.google.com/projects/earthenterprise Salesforce - Locker Service (solving robust composition) Drafting Frozen Realm proposal for ES7 https://github.com/tc39/proposal-frozen-realms
33. None
34. None
35. None

36. Frozen Realms API TC39 https://github.com/tc39/proposal-frozen-realms Maximum modularity / least coupling

    (as close as practical, remove destructive behavior)

37. About about.me/cliveboulton twitter.com/iC https://speakerdeck.com/cliveb/ github.com/cliveb google+cliveboulton