Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Blockchain : What For?

Blockchain : What For?

Slides I used on Thursday June 25, 2020, as a guest speaker at Maki Zemi, Graduate School of Business and Finance, Waseda University.

Kenji Saito

June 25, 2020
Tweet

More Decks by Kenji Saito

Other Decks in Technology

Transcript

  1. Towards the Tool for More Autonomy Blockchain : What For?

    Kenji Saito Professor, Graduate School of Business and Finance, Waseda University [email protected] Blockchain : What For? — 2020-06-25 – p.1/28
  2. The slides for this talk can be found at :

    https://speakerdeck.com/ks91 Thank you for inviting me to this zemi! Blockchain : What For? — 2020-06-25 – p.2/28
  3. Brief Self Introduction Kenji Saito (Google Scholar citations) Professor, Graduate

    School of Business and Finance, Waseda University Senior Researcher / Lecturer, SFC / KMD, Keio University Chief Science Officer, BlockchainHub Inc. Representative Director, Beyond Blockchain Representative Director, Academy Camp Bio M.Eng in Computer Science from Cornell University, 1993 Ph.D. in Media and Governance from Keio University, 2006 (on digital currency research) Researcher of P2P (Peer-to-Peer) and digital currency for 19 years at Keio University (Just started my career at Waseda last September) Holding Academy Camp for children in Fukushima with friends since summer 2011 2018 Summer “OK Google, Do My Homework!” 2019 Winter “Automation for Girls” 2019 Summer “REINVENT THE WORLD” 2020 Spring “STAY HOME, ENJOY LIFE” (in Zoom) → Inter-connected in my mind (society hereafter needs to be designed with children) Blockchain : What For? — 2020-06-25 – p.3/28
  4. O-san’s Question Is it possible to decode blockchain by new

    technology? For example, I saw on the news quantum computer will dramatically increase the speed of calculating Therefore, the bitcoin might be no longer valuable in this sense ⇒ Short answer is, we have like 10 years to make changes in the technology But perhaps not because of the reason you mentioned In Bitcoin blockchain, nothing is encrypted But if you mean compromising cryptographic hash functions and/or digital signatures with quantum algorithms, Yes, that’s the reason why We will cover cryptographic basics later in this talk Blockchain : What For? — 2020-06-25 – p.5/28
  5. S-san’s Question I’m not proffesional, so I can’t understand the

    benefit of blockchain concretely For example, why decenterlization is good for our daily life? ⇒ Good question! If monetary system is centralized (it is), for example, someday your bank account may be frozen for no particular reason That’s exactly why Bitcoin was invented It doesn’t mean that we cannot stop Bitcoin Blockchain : What For? — 2020-06-25 – p.6/28
  6. K-san’s Question Is the blockchain really perfect for security? If

    an individual node is attacked, won’t the information eventually leak out? ⇒ Nothing is perfect for security But then again in Bitcoin blockchain, nothing is encrypted So we don’t worry about information leaking out It is true that with Bitcoin we can maintain some level of anonymity, But anonymity is not Bitcoin’s or blockchain’s main goal, And the technology is not really good at maintaining anonymity Blockchain : What For? — 2020-06-25 – p.7/28
  7. Shortest-Possible Explanation of What It Is Digital Record-Keeping that can

    prove, in effect, that the records have not been tampered with For detail, please search for WBS’s “FinTech (2019 Fall)” materials https://speakerdeck.com/ks91 Hopefully, it will provide a solution to the following essential problems with digital signatures Elapsed-Time Problem: “Did the signature allegedly applied in the past really exist from that time?” Alibi Problem: “Did the signature that was allegedly not applied in the past really not exist at the time?” The reason why these are problematic is that time can be spoofed, and if the private key is compromised or the signature technology itself is compromised, you can recreate the signature at any point in the past, or the signed data may be erased in the first place Therefore, digital signatures (or their absense) in the past cannot be trusted in general The real value of blockchain is “the ability to prove the existence or non-existence and authenticity of a previously signed digital signature without relying on any authority” Can you imagine applications for that? Blockchain : What For? — 2020-06-25 – p.9/28
  8. Cryptographic Basics Cryptographic hash function Digital signature (an application of

    public key cryptography) Blockchain : What For? — 2020-06-25 – p.10/28
  9. Cryptographic Hash Function       

                 *OQVUUIBUHJWFTUIFTBNFEJHFTU $BO` UEFEVDF 'JYFEMFOHUIEFpOFECZ UIFGVODUJPO FYCJU *OQVU )BTIWBMVF EJHFTU *GJOQVUTBSFKVTU CJUEJ⒎FSFOU 5PUBMMZEJ⒎FSFOU PVUQVU $SZQUPHSBQIJDIBTIGVODUJPO 4)" 3*1&.% FUD $BO` UEFEVDF $BO`UEFEVDF *U` TJOGFBTJCMFUPDBMDVMBUFBO JOQVUUIBUQSPEVDFTBTQFDJpD EJHFTU Blockchain : What For? — 2020-06-25 – p.11/28
  10. Digital Signature (RSA) 5IF*OUFSOFU &ODSZQUXQVCMJDLFZ  BTJGJU`TBEFDSZQUFEEBUB 4FOEQMBJOUFYUX TJHOBUVSF %PFTUIFFODSZQUFETJHOBUVSF

    NBUDIUIFEJHFTU DPNQVUFEGSPNUIFQMBJOUFYU %FDSZQUXQSJWBUFLFZ  BTJGJU`TBOFODSZQUFEEBUB 3FDFJWFS 4FOEFS QMBJOUFYU QMBJOUFYU TJHOBUVSF TJHOBUVSF %JTUSJCVUFQVCMJDLFZTJOBEWBODF LFZQBJS EJHFTU QVCMJDLFZ QSJWBUFLFZ EJHFTU Can prove that it was sent by the very person and has not been altered This illustration shows how it works with RSA (RSA : Rivest, Shamir, Adleman) Instead, ECDSA is used in Bitcoin, etc. (Elliptic Curve DSA : Digital Signature Algorithm) Blockchain : What For? — 2020-06-25 – p.12/28
  11. Generalized Digital Signature Signing Input : <plain text, private key>

    Output : signature Verifying Input : <plain text, signature, public key> Output : OK or NG Whether the signature meets certain mathematical properties that can be tested using plain text and public key Private key cannot be inferred in the verification process Blockchain : What For? — 2020-06-25 – p.13/28
  12. Blockchain Begins Origin : invented for realization of Bitcoin Let

    nobody stop anyone from spending their own money (no denial of transactions) → (Payment) records can be proven (that they have not been altered) Proven = independent from authority = no trust on the center ⇒ rather, the center should be automated Fuss over what are really “features of the Internet itself” Which are not unique to blockchains, and blockchains cannot really provide them by themselves “Decentralization”, “consensus”, “zero downtime”, “secure”, “low-cost sharing”, . . . , etc. The worst is perhaps “consensus” Confusion between a casual everyday word and a computer science (CS) term What it really means is automatic replication of the same set of states (consensus in CS) “Matching intentions” can be represented by multi-signatures (consensus is expressed on the data after achieving an agreement elsewhere) Blockchain : What For? — 2020-06-25 – p.15/28
  13. Where Will Bitcoin/Blockchain Go? Today, explaining Bitcoin and its blockchain

    to people is like “explaining how vacuum tubes work to would-be YouTubers” Name of Technology Tele-vision Ledger Real Goal To transmit images to remote places To prove that records have not been altered (in order to freely spend money) First Technology Cathode-Ray Tube Blockchain First Model TV Bitcoin Evolved Into YouTube, Zoom, etc. ??? (Real applications) The first technology and first model become obsolete. . . Evolve so that the real goal (true value) can be pursued more freely Blockchain : What For? — 2020-06-25 – p.16/28
  14. Abstract Blockchain (in a narrow sense, which is becoming obsolete)

    block_no : n block_no : n+1 block_no : n+2 block_no : n+3 block_no : n+1 block_no : n+2 block_no : n+3 block_no : n+4 Histroy with the largest cost to record or modify (history the most difficult to alter) is chosen Cryptographic digest of the previous block Transactions are digitally signed To create a block, its cryptographic digest needs to be below some certain number (Proof of Work) or one needs to win by voting weighted by the stakes in cryptocurrency (Proof of Stake) [both costly] Creator of a block can record the reward in cryptocurrency in the block, which is effective only when the block is included in the chosen history Means are provided to confirm existence of transactions validity existence uniqueness In proof of work, cast cost of electricity balances with market price of the cryptocurrency Proof is achieved by everyone following the recording system protected by cost of cryptocurrency Blockchain : What For? — 2020-06-25 – p.17/28
  15. How Many Blockchains Are There? Bitcoin, Ethereum, Ethereum 2.0, NEM,

    . . . (blockchain) Quorum, Hyperledger Besu, . . . (private blockchain) Hyperledger Fabric, Hyperledger Iroha, . . . (general-purpose private ledger) Hyperledger Indy, . . . (identifier management) Polkadot, . . . (second-layer and multiple-ledger interconnection) Corda, Hedera Hashgraph, BBc-1, . . . (some more alternatives) There are plenty But I believe that they should all be tested with “The Last Will Test” “Can you record a digital last will and testament in your blockchain?” After the death of the person, the private key used for the digital signature may no longer be a secret Can’t believe a notary saying ,“it is as signed before the death” (possible collusion with malicious heir) Blockchain : What For? — 2020-06-25 – p.18/28
  16. Applications and Demonstrations 1: Automated Escrow An attempt to automate

    real-estate brokerage, banking, and Legal Affairs Bureau (or judicial scrivener) Blockchain : What For? — 2020-06-25 – p.19/28
  17. ex. Automated Escrow to Purchase Land (automation of centers) %FpOFEb"JS`

    SFUVSOMBOE 1VSDIBTF$POUSBDU -BOE"TTFU MBOE EFQPTJU USBOTGFSMBOESJHIUTUPCVZFS USBOTGFSQBZNFOUUPTFMMFS QBZNFOU EFQPTJU %JHJUBM5PLFO DSFBUFBOEpYJOUIFBJS FJUIFSDBOEPUIJT DSFBUFBOEpYJOUIFBJS DBOGSFFMZKPJOBOEMFBWF DBOGSFFMZKPJOBOEMFBWF 4FMMFS #VZFS JOUFSOBM TUBUF SFUVSONPOFZ TFUUMF USBOTGFS JOUFSOBM TUBUF USBOTGFS JOUFSOBM TUBUF     1. Purchase contract is fixed in the air to prevent taking away of land or money (both parties can verify the contract) 2. Deposit land rights and purchase money in the contract (if they change their minds, they can take them back) 3. When settled (anyone can do it if both right and money are deposited), the rights and money for the property are transferred simultaneously in one transaction Blockchain : What For? — 2020-06-25 – p.20/28
  18. Sample Code and Demo git clone from GitHub $ git

    clone https://github.com/ks91/sample-smart-contracts.git Follow README 1. Setup a sample token project with brownie 2. Copy the content of contracts, scripts and tests directories of this sample project into the corresponding directories of the token project 3. Compile 4. Test I can demonstrate manually the test for automated escrow I wouldn’t today though Blockchain : What For? — 2020-06-25 – p.21/28
  19. Applications and Demonstrations 2: Graduation Certification An attempt to automate

    some of the functions of a university From a real example from “Meta University” Blockchain : What For? — 2020-06-25 – p.22/28
  20. To Verify Graduation Certification channel is encrypted and protected https

    : //eg.beyond − blockchain.org/metauniv/? query string (important!) certificate = %3Cc%3E%3Cid . . . URL-encoded certificate (XML) & subtree = r − 7aa6334a311b357ed6 . . . Merkle subtree SAMPLE Since the URL is very long, we have shortened it to QR code, but . . . Expanded URL must be save for later proof (URL-shortening service may discontinue) Format of the graduation certificate is described later UTF-8/URL-encoded names and other information are listed as they are, but kept secret by HTTPS ⇒ Accessing to the above URL shows “Certificate is Verified!” and “The existence and the content of the following certificate is verified by matching the calculated Merkle root with the one stored in the Ethereum smart contract below.” What does it mean? BTW the certificate is real, but concealing the identity of the graduate (also the URL uses general verifier instead of one dedicated for Meta Univ.) Blockchain : What For? — 2020-06-25 – p.23/28
  21. BBcAnchor.sol (excerpt) contract BBcAnchor { mapping (uint256 => uint) public

    _digests; constructor () public { } function getStored(uint256 digest) public view returns (uint block_no) { return (_digests[digest]); } function isStored(uint256 digest) public view returns (bool isStored) { return (_digests[digest] > 0); } function store(uint256 digest) public returns (bool isAlreadyStored) { bool isRes = _digests[digest] > 0; if (!isRes) { _digests[digest] = block.number; } return (isRes); } } Save the block number at the time for the registered digest Blockchain : What For? — 2020-06-25 – p.24/28
  22. Graduation Certificate (SBEVBUJPO$FSUJpDBUF DFMFNFOUBTBXIPMF JEJE OBNF ௒ଠ࿠ OBNF TDIPPM ௒େֶ

    TDIPPM QSFTJEFOU Ԟग़௚ਓ QSFTJEFOU EBUFEBUF DPVSTF ୈҰظʢ ೥౓ʣDPVSTF %JHFTUPG (SBEVBUJPO$FSUJpDBUF $BMDVMBUFE BGUFS DPODBUJOBUJPO EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU 5IFEJHFTUJTDPNQVUFEGPSFBDITFDUJPOTPUIBUJUDBOCFQSPWFEFWFOJGQBSUJBMMZDPODFBMFE 'PSFYBNQMF JOUIFDBTFXIFSFUIFSFJTBDFSUJpDBUFIBWJOHNVMUJQMFOBNFFMFNFOUTBTJTUIFDBTFGPS.FUB6OJWFSTJUZ UIFDFSUJpDBUFNBZCFQSPWFEXJUIPVUEJTDMPTJOHUIFOBNFTPGPUIFSQFSTPOT JFJGPUIFSTOBNFFMFNFOUTBSFQSPWJEFEJOEJHFTUT  %JHFTUJTBWBMVFDBMDVMBUFECZBDSZQUPHSBQIJDIBTIGVODUJPO  4)"UIJTUJNF *GUIFPSJHJOBMEBUBEJ⒎FSTFWFOCZKVTUCJU UIFSFUVSOFEWBMVFJTDPNQMFUFMZEJ⒎FSFOU BOEUIFPSJHJOBMEBUB DBOOPUCFJOGFSSFEGSPNUIFEJHFTU Blockchain : What For? — 2020-06-25 – p.25/28
  23. Proof Using a Merkle Tree and Its Subtrees EJQMPNB 

    EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU EVQMJDBUFJO DBTFPGPEE OVNCFS 6QPOSFDFJWJOHEJQMPNB "MJDFBMTPSFDFJWFTEJHFTUTTIPXOJOCMVFBOEXIFUIFSUIFZBSFPOUIFMFGUPSSJHIU 4UBSUJOHXJUIUIFEJHFTUPGEJQMPNB "MJDFXJMMLOPXUIFTFSJFTPGEJHFTUTUPCFDPODBUFOBUFE TPTIFDBOSFQSPEVDFUIFDBMDVMBUJPOTVQUP UIF.BSLMFSPPUBOEDPOpSNUIBUUIFSFTVMUJOH.BSLMFSPPUNBUDIFTUIFWBMVFSFDPSEFEJOUIF&UIFSFVNTNBSUDPOUSBDU ##D"ODIPSTPM  IUUQTFHCFZPOECMPDLDIBJOPSHNFUBVOJWTFSWJDFEPFTUIFNBUIGPSZPV BOZPOFDBOSFQSPEVDFJUJGUIFZVOEFSTUBOEUIFQSJODJQMFBOEIBWFJOGPSNBUJPO  SFDPSE DBOSFUSJFWFJOGPSNBUJPO *OGPSNBUJPOEJTDMPTFE UPQFSTPOTSFRVJSJOH HSBEVBUJPODFSUJpDBUJPO "MUIPVHI##DTUPSFTUIJT TUSVDUVSF ##DJTOPUSFRVJSFE GPSQSPPGCFDBVTFBMMTVCUSFFTIBWF BMSFBEZCFFOQBTTFEUPHSBEVBUFT BT63-T QVCMJDJOGPSNBUJPO .FSLMFSPPU .FSLMFUSFF LFQUCZ.FUB6OJWFSTJUZ BOETFOUQBSUJBMMZUPFBDIHSBEVBUF ʜʜ ʜʜ ʜʜ ʜʜ ʜʜ EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU EJHFTU &UIFSFVNCMPDLDIBJO ʜ ʜ 4USVDUVSFJTDSFBUFECZ ##D-JCSBSZ  $FSUJpDBUFTTBNQMF"QQ EJQMPNB  EJQMPNB  EJQMPNB  EJQMPNB O Blockchain : What For? — 2020-06-25 – p.26/28
  24. F.A.Q. (although never been asked by anyone) Doesn’t Ethereum ever

    stop or discontinue? ⇒ Even if it is stopped or discontinued, as long as there is a copy of the Ethereum blockchain somewhere in the world, you can read from it Can we renew or cancel a certificate? ⇒ BBc-1 library (bbc1-lib-registry) being used has a mechanism to update certificates Don’t you need a digital signature? ⇒ Good question! This time, handling key pairs would be cumbersome, so we omitted it, but BBc-1 allows “a signature by someone in a specific role” (in this case, president or university), or “verification of the signature by someone with the role at some point in the past” · Past digital signatures are generally difficult to verify, given possible leakage of private keys and obsolescence of technology, but BBc-1 presents a design that addresses and solves these challenges If it’s not digitally signed, can’t anyone forge it using the same mechanism? ⇒ Good question again! So we have published the Merkle root for Meta Univ. 2019 graduation : 93565db44ffeeb2945e97695265c0578ad2c9e75b958344cb5b8dfa9615d2bc6 (hexadecimal) Blockchain : What For? — 2020-06-25 – p.27/28