Financial Innovation and the Internet 2019 Fall Kenji Saito Professor, Graduate School of Business and Finance, Waseda University [email protected] Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.1/32
Lecture 2 10/4 Overview of FinTech (2) • Lecture 3 10/11 Internet Technology and Governance (1) • Lecture 4 10/18 Internet Technology and Governance (2) • Lecture 5 10/25 The World of Apps (1) • Lecture 6 11/8 The World of Apps (2) • Lecture 7 11/15 Blockchain (1) • Lecture 8 11/22 Blockchain (2) Lecture 9 11/29 Other Ledger Technology and Applications (1) Lecture 10 12/6 Other Ledger Technology and Applications (2) Lecture 11 12/13 Cyber-Physical Society and Future of Finance (1) Lecture 12 12/20 Cyber-Physical Society and Future of Finance (2) Lecture 13 1/10 FinTech Ideathon (1) Lecture 14 1/17 FinTech Ideathon (2) Lecture 15 1/24 Presentations and Conclusions Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.3/32
(REST) in particular Basics of cryptography Cryptographic hash function Public key cryptography and digital signature Zero-knowledge proof Assignment Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.4/32
to answer Physical model with beakers and newspaper Functional layers (validity, existence, uniqueness) Possibilities and Impossibilities Applications people talk about, and thoese workable in reality Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.5/32
Output : signature Verifying Input : <plain text, signature, public key> Output : OK or NG Whether the signature meets certain mathematical properties that can be tested using plain text and public key Private key cannot be inferred in the verification process Digital signature (can prove that the private key is there without revealing it) is an example of non-interactive zero-knowledge proof Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.8/32
no knowledge other than what prover wants to prove Example: “I know a secret spell to open the door” ↑ Prove this without revealing the spell itself For example, repeat “coming out from the way she is told” for 20 times Completeness Verifier accepts with high probability if the proposition is true Soundness Verifier has little chance of accepting if the proposition is false Zero-knowledge Can imitate dialogue without having to be a prover (without knowledge) Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.9/32
services (1) If a user is an “end (edge)”, what is the “center” involving people in the example? (2) How will the service change if the center is automated? Deadline and how to submit November 13, 2019 at 17:59 JST From Course N@vi Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.11/32
Countermeasures . . . how to improve the class 13 out of 16 students submitted (as of yesterday afternoon) (better later than never) Services : Venture capital / real estate (pricing) / selling weapons / insurance / solar power leasing / AML officer / cross-border trades / consulting / credit card application / loan agreement / derivatives market / credit scoring / service counters in banking Two types of automation (1) Cognitive and intelligent (2) Procedural and non-intelligent We will be discussing the latter today, where blockchain can be applied in straightforward ways “End-to-End” principle of the Internet also suggests that workers in the middle are procedural and non-intelligent Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.12/32
then investment experts are no longer needed As long as investors and entrepreneurs can be found, the company’s assessment is automatically carried out, and then the company’s movements after the investment are automatically monitored The use of automation instead of investment experts is good or bad The advantage is that the labour cost is reduced At the same time, the investment experts are excluded from being manipulated by bribery The disadvantage is that they rely entirely on automation software If there is a problem, the responsibility distribution problem cannot be solved very well ⇒ Although the automation seems cognitive and intelligent, Investors and entrepreneurs are the ends, so that automated decentralized investment funds may be a possibility Where collection of funds and distribution of profits are automated, but investments themselves are handled cooperatively among investors It has already been tried Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.13/32
create a database which would track the weapon from inception Moreover, it will be hack-proof If gun information were to be logged and connected through blockchain, we can track where the weapons came from in case of an illegal transaction This would be easy for purchasers, vendors and regulator Before each sale the, purchasers will have to pass a background check and the dealer will have to approve the sale The gun would have digit accessibility based on the “true” owners retina scan or fingerprint ⇒ Interesting traceability application Although the statement “it will be hack-proof” reminded me of the following sequence from STAR WARS Anakin Skywalker: “No one can kill a Jedi.” Qui-Gon Jinn: “I sure hope so.” Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.14/32
insurance can get involved in by taking out an amount of money and claiming that he is in Also, anyone in this system will be the supervisor to record this claim The money pool can be seen by everyone If some person in the pool oneday runs into a disaster, anyone in the system could become an insurance assessor and the insurance money could be paid automatically to him, without passing through a center ⇒ This may happen in the near future For specific types of insurance, such as one for auto accident, assessment of damage can also be automatic (may still require digital signatures from police or a hospital) Close to “Ko”, historical local financial systems in Japan cf. Tanomoshiko (https://en.wikipedia.org/wiki/Tanomoshiko) Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.15/32
cross-border remittance are automated, for example utilizing Blockchain technology, where all the database are shared among the banks, shorten the time in delivery the remittance transaction Utilizing an automated verification system in the blockchain through all of the parties involved will also shorten the transaction verification process As a result, it may lower the transaction cost overall, as the transaction became more efficient ⇒ This is happenning Simple cross-border money transfer has already been popular Also proof of concept experiments have been ongoing for trade finance A useful case because nobody really trusts one another in the situation, and blockchain would provide proof not based on trust but on mathematics/statistics Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.16/32
Nakamoto) Satoshi him or her or themselves called it “distributed time-stamp server” Not a good word for representing a concept (catchy, but manipulating the impression) Something implemented by Chain of ← actually, backward list of Blocks ← actually, sets of data For example, we don’t call TV “picture tube” today (or do we?) Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.17/32
so that no one can deny the contents and existence of them Denying = rejection, deletion, alteration, fabrication 2) Anyone can verify that ≪ to realize 1) ≫ 3) No one can stop the above ≪ to realize 1) ≫ “Anyone” and “no one” are defined stakeholders Which is more difficult to achieve: stakeholders are “all humankind” vs. “just the parties involved”? ⇒ As if records were locked up in the air ⇒ Double problems Is that really realized? If it is realized, can we apply it to many cases? Issue of reliable linking between physical entities and digital records · In supply chains, is it possible to reliably track things through processing, etc.? Challenges such as real-time performance, scalability, adaptability, and sustainability (can it be dependable?) Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.18/32
send money whenever we want, and never let anyone stop us”? Distrust of (central) bank money Bitcoin’s “Answer” Cannot depend on any particular service provider ⇒ Exchange digital coins over the Internet by P2P (peer-to-peer) What if they deny that they sent a coin? ⇒ Use digital signatures (collateral for verifiability and non-repudiability of contents) Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.19/32
by digital signatures alone Need to prevent double spending (want to ensure non-repudiation of existence) ⇒ Put the evidence of the transaction in newspaper What if refused for publishing or service is discontinued? ⇒ Place evidence of a transaction in “newspaper” (as collective evidences of events) issued by a crowd And thereby records are locked up in the air Theft of coins based on this idea always follow the story made typical by the Mt.GOX or CoinCheck incident “Don’t let anyone stop us from spending our own money whenever we want to” ⇒ Has to prove that the user is oneself by their own → Zero-knowledge proof of possession of the private key → Anyone with the private key is the user oneself ⇒ Transaction is verifiable by all but irrevocable → Stolen coins can be tracked but not recovered Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.20/32
of liquid of no value to mankind Contained in a tank Individuals can hold as many beakers as they like, measuring down to 1 100,000,000cm3 (it has a locked lid) Only “editor” selected every 10 minutes on average can pump now 12.5cm3 into their beaker Chosen by a special lottery The winning lottery is held in each box, and each person draws the lottery with all their strength → non-stoppable procedure Coordinate the proportion of winning lots so that someone is chosen every 10 minutes on average Volume pumped is reduced by half every about 4 years (every 21 thousand pages of “newspaper” described later) Started from 50cm3 in January 2009 Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.22/32
of fluid between beakers Recorded as “a signed article” by the pourer Post the article in the “newspaper” made by everyone Selected “Editor” verifies the articles and publishes them in the last page of the newspaper Page carries the evidence of winning the lottery Editor also gets “overflow” of trades on the page If people publish a page with the same page number. . . Longer sequence of pages wins People sometimes lose the key of their beakers Create this digitally, and pretend that it’s a currency → Bitcoin There is no money or currency that does not need pretension Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.23/32
number : n page number : n+1 page number : n+2 Cryptographic digest of the previous page (must be less than or equal to the target value) some extra number (Nonce : Number used Once) (random value to make the digest less than or equal to the target) Page digest (output by a cryptographic hash function) must be less than or equal to target We don’t know how to manipulate the original data to get the right digest This is the principle of the lottery, which requires the same amount of cost to fake the history Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.24/32
page number : n+1 page number : n+2 page number : n+3 page number : n+1 page number : n+2 page number : n+3 page number : n+4 This history is valid Sometimes page sequences are split when someone else wins the lottery at about the same time History is the hardest to tamper with when the lottery cumulatively costs the most Everyone agrees that it is the official history (strict consensus is not achieved) Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.25/32
+ fee eventually, unique TXs are extracted and stored in new blocks ᶃ Guarantee of Validity (UTXO (Unspent TX Output) structure and digital signatures) ᶄ Proof of Existence (Hash-chain with proof of work) ᶅ Consent of Uniqueness (Nakamoto Consensus) block n+1 block n+2 block n+3 block n+4 block n+2 block n+3 digest digest digest digest digest digest BTC Gen. TX TX TX TX …… Longest chain (one paid highest cost of PoW) is always valid digest 㱡 target Proof of Work (PoW) refer to an output of past TX + digital signature + public key address and quantity (coin) target nonce input input output output 1. Each miner stores in a block transactions it has collected over the last 10 minutes or so, and then mines (lottery) 2. Broadcast the block to the network if mining succeeded 3. Each miner, if they recognize the received block as the new end of the chain, returns to 1 to make a succeeding block Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.26/32
digital signature Proof of Existence e.g. hash-chain with proof of work Consent of Uniqueness e.g. Nakamoto consensus Description of Rules e.g. transfer of bitcoins - The content of a transaction cannot be altered, - not contrary to past history of transactions regarding the asset, - and the transaction is cast by a legitimate user - Cannot delete the evidence of an existing transaction in the past, - and cannot fabricate an evidence of a transaction that did not exist - When two mutually contradicting transactions are cast, (eventually) everyone chooses the same one to place in the history - Application logic to decide what valid transactions are Blockchain ≪or alike≫ (tries to) bring the End-to-End philosophy of the Internet into reality in the control of assets, thereby making a Record Fixation Device in the Air The center is automated Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.27/32
access (no need for mediation), agreed real-time settlements, business rule descriptions, and confidentiality Corporate behavior (automating corporate management, especially in financial matters) Real-time execution and confidentiality control of share splits, capital reductions and consolidations, share transfers and exchanges, mergers, third-party allocation of new shares, etc. Supply Chain Traceback of materials, and record and search from production, storage to sales (beware of linkage problem) Master Data Management Only authorized personnel can update and designated reviewers approve it Sharing Economy and IoT Smart cities/towns, transportation, healthcare/fitness, retail, architecture, education, etc. (implicitly real-time and on a large scale) where trust is not necessarily established Red letters denote parts that blockchains are not good at Among the problems we want to solve, there are problems that have not been solved yet Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.29/32
. . Remittances that bypass banking networks That’s a huge impact Proof of Existence Ex. Proof of Existence, Everledger, Factom, . . . Embed arbitrary digests in a blockchain (piggybacking hack) There is also a method of embedding a single digest of a large number of records Proof that it has existed and has not been tampered with Origin Certification (traceability, tracking and accounting) Original design application category (alternative to “newspaper”) Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.30/32
0SJHJO$FSUJpDBUJPO4FSWJDF .FSLMFUSFF .FSLMFSPPU 0CUBJOTVCUSFF 4FBSDIGPS.FSLMFSPPU &NCFEBUBDFSUBJOQPJOUPGUJNF ʜ ʜ 3FD 3FD 3FD 3FD EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU "1* EJHFTU *OGBDU JUJTQPTTJCMFUPNBLFB.BSLMFUSFFXJUI TFWFSBMUFOTPGUIPVTBOETPGSFDPSET &WFOJOUIFDBTF UIFIFJHIUPGUIFUSFFJT BCPVUUP *OPSEFSUPDPOpSNUIFFYJTUFODFPGSFD UIF.BSLMFSPPUDBOCFDBMDVMBUFEJG POMZUIFTVCUSFFTIPXOJOCMVFJTPCUBJOFE Services can be distributed (made large-scale and fast) by existing technologies (distributed KVS and DHT) Can be used for accounting in a broad sense Lecture 7 : Blockchain (1) — FinTech — Financial Innovation and the Internet 2019 Fall — 2019-11-15 – p.31/32