Beyond Bitcoin

Bitcoin and
Blockchain Technology
Beyond Bitcoin: Timestamping and DLT
v2019.04.03
Comments, corrections, and questions: https://drive.google.com/open?id=12jGsSBY5sMwgRQwvjwlnG6J9xOxi0P0Z
© 2019 Digital Gold Institute

View Slide

Understanding Lags Well Behind The Hype
Understanding of the technology however lags well behind the
hype, amongst practitioners, policy makers and industry
commentators alike. ‘Blockchain’ technology seems to promise
major change for capital markets and other financial services –
some say it may ultimately prove to be as important an innovation
as the internet itself – but few can say exactly how or why.
Michael Mainelli, Alistair Milne (2016)
The Impact and Potential of Blockchain on the Securities
Transaction Lifecycle
http://ssrn.com/abstract=2777404
© 2019 Digital Gold Institute 2/122

View Slide

Bitcoin Is Hard to Understand
At the crossroads of:
1. Cryptography
2. Computer networking and distributed systems
3. Game theory
4. Monetary theory
Mainly not a technology,
a cultural paradigm shift instead

View Slide

▪ Digital and scriptural: it only exists as validated transaction
▪ Asset, not liability
▪ Bearer instrument
▪ It can be transferred but not duplicated
(i.e. it can be spent, but not double-spent)
▪ Scarce in digital realm, as nothing else before
▪ Mimicking gold monetary policy
Bitcoin is digital gold
this is the groundbreaking achievement by Satoshi Nakamoto
▪ More a crypto-commodity then a crypto-currency
What Makes Bitcoin Special?
4/122

View Slide

Blockchain: A Distributed Transaction Ledger
▪ Every block contains multiple transactions
▪ Massively duplicated across network nodes
▪ Shared with a P2P file transfer protocol
▪ Updated by peculiar nodes, known as miners, appending new
blocks of transactions

View Slide

A Distributed Back-office
▪ All network nodes validate and clear all transactions
▪ Mining nodes provides also the additional computational power
required for settlement
▪ Without a central trusted party, how do they reach consensus
on the transaction history?
▪ Consensus in a distributed network with faulty (or malicious)
nodes is a very hard problem

View Slide

Mining
▪ Miners compete to validate a new block of transactions
▪ The winner providing proof-of-work for the finalization of a new
block is rewarded with the issuance of new bitcoins in a special
coinbase transaction included in that same block
▪ Miners solve the double spending problem:
− transactions spending the same coins would invalidate the
block
− an invalid block would be rejected from the network
− the bitcoin reward would be removed from transaction history
− The winning miner would have wasted his work

View Slide

Nakamoto Distributed Consensus
▪ Practical Byzantine Fault Tolerant (PBFT) distributed consensus
is achieved using (game theory) economic incentive for the
mining nodes to be honest
▪ Double spending is solved without a central trusted party
▪ Bitcoin can resist attacks of malicious agents, as long as they do
not control network majority
▪ Miners are compensated for their proof-of-work using
seigniorage revenues, i.e. with issuance of new bitcoins
▪ Seigniorage revenues subsidize the network

View Slide

Table of Contents
1. Smart Contracts
2. Other Cryptocurrencies
3. Ethereum
4. Initial Coin Offering
5. Tokenization
6. Blockchain Without Bitcoin
7. Distributed Ledger Technology
8. Timestamping and Anchoring

View Slide

Smart Contract: Nick Szabo 1994
A smart contract is a computerized transaction protocol that
executes the terms of a contract.
▪ The general objectives are to:
▪ satisfy common contractual conditions (such as payment terms,
liens, confidentiality, and even enforcement),
▪ minimize exceptions both malicious and accidental, and
▪ minimize the need for trusted intermediaries.
Related economic goals include lowering fraud loss, arbitrations
and enforcement costs, and other transaction costs

View Slide

Smart Contract: Nick Szabo 1997
▪ Smart contracts combine protocols with user interfaces to
formalize and secure relationships over computer networks.
▪ Objectives and principles for the design of these systems are
derived from legal principles, economic theory, and theories of
reliable and secure protocols.
▪ By using cryptographic and other security mechanisms, they
can secure many algorithmically specifiable relationships from
breach by principals, and from eavesdropping or malicious
interference by third parties
http://firstmonday.org/ojs/index.php/fm/article/view/548/469

View Slide

Smart Contract: The Basic Idea
▪ Math-based contracts with automated software settlement: no
legal systems or human actions required
▪ Embed contractual clauses in hardware and software to make
the contract robust against naive vandalism and sophisticated,
incentive compatible (rational) breach
▪ The breach of the contract must be
− economically disadvantageous (prohibitively expensive)
− technically hard

View Slide

Smart Properties
Digital token programmatically exchanged using smart contracts:
“the program runs this code and at some point it automatically
validates a condition and it automatically determines whether the
asset should go to one person or back to the other person, or
whether it should be immediately refunded to the person who sent
it or some combination thereof”
Vitalik Buterin

View Slide

Oracles

View Slide

Autonomous Agents
▪ Autonomous agents: software programs created for specific
tasks, able to make and receive payments using
cryptocurrencies
▪ Decentralized Autonomous Organization (DAO)

View Slide

The DAO
▪ The DAO: the main Ethereum project, it raised about $160m as
leaderless Venture Capital
▪ The terms of The DAO are set forth in the smart contract code
[…] Nothing […] may modify or add any additional obligations or
guarantees beyond those set forth in The DAO’s code
▪ Based on its self-executing nature an agent diverted about
$50m from The DAO to its own child-DAO start-up
▪ Ethereum code base was changed to invalidate this single
transaction

View Slide

Improved Automation: Smart Contracts
▪ If code is law, the DAO incident was not theft: it was just a
contractual feature being applied
▪ Improved automation is OK
▪ Beware of extreme automation!

View Slide

Table of Contents
1. Smart Contracts
3. Ethereum
5. Tokenization
7. Finance and Blockchain

View Slide

Bitcoin 2.0 ?
▪ If the first attempt at digital gold will rust, no solid guarantees
could be provided for a second attempt
▪ The sustainability of the digital scarcity paradigm rejects
solution of continuity, must favor evolutionary paths

View Slide

Missed Boats, Pump & Dump
▪ With bitcoin, if it is digital gold, nobody has missed the boat yet
▪ There is no reason to invest on alternative penny stock coins
▪ Markets are heavily manipulated, with fraudsters pumping coin
prices just to dump them later to latecomers

View Slide

The Insignificance of Coin Market Cap
▪ 1 billion ScroogeCoins are created
▪ Scrooge sells 1 coin to Goofy for 10USD
▪ ScroogeCoin capitalization is now USD10b
▪ Is ScroogeCoin really worth USD10b?
Traded volume (on reputable exchanges)
is a much more relevant metric

View Slide

Alt(ernative) Coins
https://coinmarketcap.com/

View Slide

Tether (USDT)
▪ Slow fiat currency wire transfer is the main obstacle for price
arbitrages across different exchange
▪ Tether anchors/tethers the value of the coin to 1USD
▪ Tether is the most widely integrated digital-to-fiat currency
▪ Likely, it has been used to manipulate prices of other coins
▪ Launched by Bitfinex, it is supposedly 100% backed 1-to-1 by
traditional currency held in reserves
▪ Many are skeptical about this unproved claim: professional
auditors have refused to certify reserve holding
▪ Considering the fate of Liberty Dollar and eGold, Tether
sustainability might be hard

View Slide

Other Stable Coins
▪ Failed: BitShares, NuBits
▪ Just launched: Basecoin, GeminiUSD, Coinbase/Circle stable coin, etc.
▪ USD pegging is not really “stability”: USD has lost 98% of its
purchasing power since 1913
▪ Basecoin
− SEC filing shows it has raised $125 million by way of a Simple
Agreement from 225 investors between March 22 and April 3
− Basecoin token aims to avoid price volatility by pegging its value to
a group of other digital assets
− Oracles would monitor the prices of these assets
− The network's protocol would add or remove tokens to ensure that
basecoin's price remains stable
− It is also developing "base bonds" and "base shares," or
cryptocurrencies that will serve to underpin basecoin

View Slide

Hayek Money – Dual Asser Ledger
▪ No proper implementation yet
▪ It is about entrepreneurial monetary engineering: investors
must risk their capital and will gain if the coin is useful and
successful
▪ Based on crypto reserves
▪ Fiduciary implementation are possible, DAO is probably not
really feasible yet

View Slide

Alt(ernative) Coins
Mostly frauds and pump&dump
▪ Ripple: the financial institution friendly cryptocurrency
▪ Litecoin: basically a “bitcoin testnet”
▪ Monero, Zcash: more privacy than bitcoin
▪ Bitcoin Cash: bitcoin knock-off, trying to have more on-chain
transactions

View Slide

Table of Contents
1. Smart Contracts
3. Ethereum
5. Tokenization

View Slide

Ethereum
▪ A global computer with rich statefulness and global persistent
memory
▪ Provides uncensorable computation: the Ether (ETH) coin is
used as fuel for the computations
▪ Has a rich programming language to express smart contracts
and create smart assets
▪ ETH can be cash-on-the-ledger for smart asset delivery-vs-
payment

View Slide

Use case: Crypto Kitties
https://www.cryptokitties.co/
29/122

View Slide


View Slide

Locked Up Funds? Parity Wallet!
▪ A vulnerability found within the popular wallet has frozen
513,774.16 ETH (about $169m)
▪ A user going by the handle of devopps199 accidentally created a
corrupted wallet, which then had a cascading effect across
Parity's user base, locking people out of recently created multi-
signature collections

View Slide

Vlad Zamfir, consensus algorithm researcher
with the Ethereum Foundation

View Slide

Ethereum
present
▪ Blockchain > 1TB
▪ Uncertain Monetary Policy
▪ Unreliable and
unsustainable virtual
machine
▪ Playground for script kiddies
future
▪ Sharding
▪ Proof-of-Stake
▪ New virtual machine
▪ ?

View Slide

Table of Contents
1. Smart Contracts
3. Ethereum
5. Tokenization

View Slide

Ethereum Request for Comment n. 20
▪ ERC20 is the technical standard used for smart contracts on the
Ethereum blockchain for implementing tokens
▪ ERC20 defines a common list of rules that an Ethereum token
has to implement, giving developers the ability to program how
new tokens will function within the Ethereum ecosystem.
▪ These rules include how the tokens are transferred between
addresses and how data within each token is accessed
▪ This token protocol became popular with crowdfunding
companies working on initial coin offering

View Slide

ERC20 Token
Functions:
▪ totalSupply()
▪ balanceOf(address _owner)
▪ transfer(address _to, amount)
▪ transferFrom(address _from, address _to, amount)
▪ approve(address _spender, amount)
[Allow _spender to withdraw from your account up to the _value
amount.]
▪ allowance(address *_owner*, address *_spender*)
[Returns the amount which _spender is still allowed to withdraw
from_owner]
Events:
▪ Transfer(address indexed _from, address indexed _to, amount)
▪ Approval(address indexed _owner, address indexed _spender,
amount)

View Slide

ERC223
▪ Backward compatible with ERC20, it improves on it
▪ With ERC20, if someone send his/her token into a contract that
has not allowed anyone to use it, the token will simply be locked
and can never leave that contract. Because of this, hundreds of
thousands of dollars’ worth of ERC20 token has been locked up
▪ ERC223 does not allow tokens to be transferred to a contract
that does not allow tokens to be withdrawn

View Slide

Initial Coin Offering
▪ Crowdfunding using cryptocurrencies: new crowdfunded
cryptocurrency is sold to investors in the form of "tokens", in
exchange for legal tender or other cryptocurrencies such as
bitcoin or ether
▪ Tokens are promoted as future functional units of currency if or
when the ICO's funding goal is met and the project launches
▪ Alternative investment approach, disintermediating Venture
Capital
▪ Easy and liquid secondary market for the investment

View Slide

Initial Coin Offering
▪ ICOs provide a means by which startups avoid costs of
regulatory compliance and intermediaries, such as venture
capitalists, bank and stock exchanges
▪ ICOs may fall outside existing regulations or are banned
altogether in some jurisdictions (e.g. China, South Korea)
▪ Increased investors’ risk: scams and securities law violations;
almost half of ICOs sold in 2017 failed by February 2018
▪ Facebook, Twitter, Google, and MailChimp have banned
advertisements for ICOs (as well as for cryptocurrencies)

View Slide

The Main ICO Platform: Ethereum
▪ Ethereum itself was an ICO: collected bitcoin (BTC), issued
ether (ETH)
▪ ETH is the cash-on-the-ledger of the Ethereum platform
▪ Initial coin offering: collect ETH, issue coins

View Slide

Tezos
▪ 2017: $232 million
▪ Funds frozen by the ICO special purpose vehicle
▪ Allegations of fraud, three class actions

View Slide

Locked-up ICO Funds
▪ Unable to move funds to the banking system
▪ Funds unavailable, as having been collected by the ICO special
purpose vehicle
▪ Merge the main company into the ICO one?

View Slide

App Coin
▪ Does the app-coin (token):
− Have intrinsic scarcity?
− Have any utility in the app?
− Have any peculiarity making bitcoin or ether unfit for the
task?

View Slide

Caveat Emptor
▪ If the company fails and the coin value goes to zero, does the
entrepreneur suffer the same consequences?
▪ Extremely promising and powerful, it has been so far mostly
used for frauds

View Slide

SEC
▪ ICOs can be securities offerings: in this case they fall under the SEC’s
jurisdiction of enforcing federal securities laws.
▪ ICOs that are securities most likely need to be registered with the SEC or fall
under an exemption to registration.
▪ ICOs can be called a variety of names, but merely calling a token a “utility”
token or structuring it to provide some utility does not prevent it from being
a security.
▪ ICOs may pose substantial risks. While some ICOs may be attempts at
honest investment opportunities, many may be frauds, separating you from
your hard-earned money with promises of guaranteed returns and future
fortunes. They may also present substantial risks for loss or manipulation,
including through hacking, with little recourse for victims after-the-fact.
▪ If you invest in these products, please ask questions and demand clear
answers.
https://www.sec.gov/ICO

View Slide

HoweyCoin (1/2)
http://www.howeycoins.com/index.html
46/122

View Slide

HoweyCoin (2/2)
http://www.howeycoins.com/index.html
47/122

View Slide

TL;DR

View Slide

Table of Contents
1. Smart Contracts
3. Ethereum
5. Tokenization
7. Finance and Blockchain

View Slide

Cash On The Ledger:
Imperative for Delivery vs Payment
▪ Hardly provided by Central Banks
▪ IMF sponsored blockchain tokens might replace Special Drawing
Rights: unrealistic as it would severely undermine US dollar
predominance
▪ absent from the agenda of prominent players promising DLT
solutions
▪ A free instantaneous P2P payment network is a great opportunity
for retail banks (probably worth a consortium)

View Slide

(Land, Car) Registry Titles
▪ Use blockchain transparency and immutability to improve
registry titles (and fight corruption)
▪ What does happen if/when the possession token (i.e. the private
key) is lost?

View Slide

Blockchain Exchange
▪ Bearer securities without KYC?
▪ If KYC is introduced, what would be the recourse system?
▪ What does happen if/when the possession token (i.e. the private
key) is lost?

View Slide

Digital ID
▪ Multiple electronic digital ID are possible: a private key is a
digital ID!
▪ If the ID has attached rights (e.g. voting, welfare) these
originates from a central governance entitled in ID management
▪ What does happen if/when the ID token (i.e. the private key) is
lost?

View Slide

Token and Securities
Is a blockchain token a security? Howey test!
A transaction is an investment contract if:
▪ It is an investment of money
▪ There is an expectation of profits from the investment
▪ The investment of money is in a common enterprise
▪ Any profit comes from the efforts of a promoter or third party
Does the token represent rights (or even obligations)?
Alternatively, is a blockchain token a utility token?

View Slide

Table of Contents
1. Smart Contracts
3. Ethereum
5. Tokenization

View Slide

“Blockchain – not bitcoin – will prove
revolutionary in banking”
“When a wise man points at the moon
the fool examines the finger.”
(Confucius)
“When a wise man points at the bitcoin
the fool examines the blockchain.”
(Ametrano)
http://www.economist.com/news/leaders/21677198-technology-behind-bitcoin-could-transform-how-economy-
works-trust-machine

View Slide

“Bitcoin in 2014 Is Like Internet in 1994:
Weird and Scary” (Marc Andreessen)
American entrepreneur, investor, and software engineer; coauthor
of Mosaic, cofounder of Netscape
https://twitter.com/pmarca/status/67765884450
4436737

View Slide

The Walled Garden Model
▪ Controlled access to web contents and services
▪ Offered in the late ‘90s and early ‘00s by Compuserve, AOL (and
to some extent MSN)
▪ Corporates wanted to go online, but not in the wild unregulated
internet, populated by anonymous agents
▪ They eventually realized that perceived risks, which are real, are
outweighed by benefits

View Slide

What is The Blockchain?
[A hash pointer linked list of blocks]
▪ An append-only sequential data structure
▪ New blocks can only be appended at the end of the chain
▪ To change a block in the middle of the chain, all subsequent
blocks need to be changed
▪ Very inefficient compared to a relational database

View Slide

Blockchain Without Bitcoin
Blockchain without an intrinsic native digital asset
Does it make sense?
▪ No bitcoin
▪ No asset available to reward miners
▪ Appointed validator officials required
Central governance is required!
Why should validators use a blockchain,
i.e. a subpar data structure, instead of a database?

View Slide

Blockchain Needs A Native Digital Asset
https://www.finextra.com/videoarticle/1241/blockchain-needs-a-native-digital-asset

View Slide

Why is finance fascinated with blockchain?
Blockchain transactions are immediately validated and cleared,
then settled shortly thereafter,
automatically without a central authority
▪ In the financial world, cash transactions only are cleared and
settled automatically without a central authority

View Slide

Consensus by reconciliation
▪ Financial transactions that take nanoseconds to execute, clear
and settle in days
▪ Not a technological problem
▪ Consensus by reconciliation of multiple independent ledgers: a
checks and balances system that allows for prescriptions,
corrections, and restrictions

View Slide

Instant Settlement
▪ If it is really instant and final, what about the mandatory
recourse mechanism and rules?
▪ It would reduce liquidity making leverage, short selling and
netting almost impossible

View Slide

Central Bank Digital Currency
“[… it] is appealing […] it would mean people have direct access to
the ultimate risk-free asset [...] it could exacerbate liquidity risk by
lowering the frictions involved in running to central bank money
[...] it could fundamentally and perhaps abruptly re-shape
banking”
Mark Carney, Governor of the Bank of England, June 2016
http://www.bankofengland.co.uk/publications/Documents/speeches/2016/speech914.pdf

View Slide

Central Bank Digital Currency
“Allowing the public to hold claims on the central bank might make
their liquid assets safer, because a central bank cannot become
insolvent. This is an feature which will become relevant especially
in times of crisis – when there will be a strong incentive for money
holders to switch bank deposits into the official digital currency
simply at the push of a button. But what might be a boon for
savers in search of safety might be a bane for banks, as this makes
a bank run potentially even easier.”
Jens Weidmann, President of Bundesbank, June 2017
https://www.ft.com/content/414072b7-0de5-3864-9493-14438eab30ae

View Slide

Cash On The Ledger:
Imperative for Delivery vs Payment
▪ Hardly provided by Central Banks
▪ IMF sponsored blockchain tokens might replace Special Drawing
Rights: unrealistic as it would severely undermine US dollar
predominance
▪ absent from the agenda of prominent players promising DLT
solutions
▪ A free instantaneous P2P payment network is a great
opportunity for retail banks (probably worth a consortium)

View Slide

DLT for Derivatives Clearing
▪ collateral amount calculation is computationally intensive: not
clear which agent would perform it, its economic incentive,
which models it should use
▪ variation margin automated payments: programmatic access to
payment funds entails huge operational risks
▪ the default of counterparty would leave the other party exposed
to the market risks usually covered by initial margin: i.e. initial
margin are still required

View Slide

The Mirage of Low Operational Costs
▪ If one takes into account the seigniorage revenues invested,
each transaction on the bitcoin blockchain has a cost of about
10USD
▪ Cheaper forms of consensus have not been proven yet
▪ Even in the case of basic bilateral consensus through digital
signatures (something hardly innovative or disruptive...) the
integration cost in the existing infrastructure is not going to be
irrelevant

View Slide

Shared Ledger, Single Data Set
▪ Single data source, avoiding reconciliation
▪ Without a central governing node how to manage priorities
between conflicting updates? Which consensus model?
▪ Bilateral consensus? Really?!?!?
▪ Central governance: back to DB admin
▪ What if the single authoritative data source is hacked? Which
reference can be used to fix it?

View Slide

New Regulatory Framework?
▪ Public permissionless blockchains are not aiming for regulation
▪ Private permissioned DLTs are supposedly being built from the
ground up according to regulatory compliance guidelines
▪ Regulators should examine DLT under the light of the existing
regulatory framework
▪ To regulate in advance on the basis of vague ephemeral
discussions about DLT would be problematic and might stifle
innovation.
▪ The necessity for ad-hoc regulation is not evident yet, and there
has not been a motivated explicit request for it.

View Slide

Cryptography, Not Blockchain
▪ In the nuclear explosion of bitcoin, applied cryptography is the
radioactive fallout
▪ It can be used to harden existing business processes
Databases on cryptographic steroids
Evolutionary, non-disruptive, technology

View Slide

Disruptive Innovation
▪ Did not understand it:
▪ Have used it to build new business:
▪ The entertainment industry has wasted its resources fighting
MP3 and illegal p2p sharing
▪ We now buy music and movies from iTunes, Google Play, and
Amazon… NOT from Sony Universal

View Slide

Table of Contents
1. Smart Contracts
3. Ethereum
5. Tokenization

View Slide

DLT or Blockchain
▪ R3 has distanced itself from blockchain moving firmly in the DLT
camp (posts from its CEO and Head of Research; removing
blockchain reference from its Twitter account)
▪ Vitalik Buterin, the creator of Ethereum:
− “pretty sure that ‘blockchain’ and ‘DLT’, as used in real life in
the ‘permissioned’ space, are basically synonyms.”
− “it's not about some silly ‘sequential data structure’ (as if
future versions of blockchain tech will even look like that). It's
about stateful decentralized applications [...] giving [...]
networks global persistent memory.”
https://www.reddit.com/r/ethereum/comments/5lzzfu/2017_will_prove_blockchain_was_a_bad_idea/

View Slide

Distributed Ledger Technology
▪ private permissioned shared ledger
▪ permissioned access reserved only to vetted nodes
▪ observed by multiple parties
▪ without native digital asset or cryptocurrencies
▪ privacy-preserving (transactions should be transparent only to
relevant parties and auditors)
▪ using cryptographic means to verify that an implicit database
has reached the consensus status agreed between the parties

View Slide

Distributed Ledger Technology:
The Potential
▪ Save billions of costs in the financial markets
▪ Enable innovation in supply chain
▪ Improve power grid management
▪ Secure nuclear weapons
▪ Preserve ownership title registry
▪ Empower digital ID
Blockchain is Coming and It Could Save Lives, Davos
2017 World Economic Forum
https://www.youtube.com/watch?v=AyOotqcEwSA

View Slide

Real Use Cases Are Still Missing
Questions to be answered:
▪ Can be achieved with a database?
▪ What consensus is required? (distributed, bilateral, centralized)
▪ What kind of security is required: preventive, detective, or
corrective? (ok / yes today, probably not in the future/ no)

View Slide

Blockchain and Database
▪ Blockchain can be seen as the log of sequential updates that
have been applied to an originally empty database
▪ This ordered sequence of updates can be independently
performed by anyone, achieving a database status that is
considered the current shared consensus between network
nodes
▪ In the bitcoin case, we are referring to the UTXO (Unspent
Transaction Output) database, technically implemented using a
LevelDB database

View Slide

DLT Initiatives
▪ R3
▪ Digital Asset Holding
▪ Hyperledger
▪ Ethereum Enterprise Alliance
▪ Tapscott’s Research Initiative
▪ Blockchain Insurance Industry Initiative

View Slide

R3 Corda (1/3)
▪ Originally touted as “a project intended to bring blockchains to
finance”, R3 proprietary platform is named Corda: “a distributed
ledger platform […] not […] a blockchain”
▪ according to the R3 CTO, Gendal Brown, Corda is “heavily
inspired by and captures the benefits of blockchain systems,
without the design choices that make blockchains inappropriate
for many banking scenarios”
▪ “our starting point is individual agreements between firms […]
legal prose is considered from the start […] there will always be
disputes and we specify how they will be resolved […] we need
more than just a consensus system. We need to make it easy to
write business logic and integrate with existing code; we need
to focus on interoperability”
http://r3cev.com/blog/2016/4/4/introducing-r3-corda-a-distributed-ledger-designed-for-financial-services
81/122

View Slide

R3 Corda (2/3)
▪ ”Corda has a really innovative design here, allowing multiple
Consensus Services on the same network, including consensus
service clusters running different consensus algorithms.”
▪ “[consensus is reached] using pluggable notaries. A single
Corda network may contain multiple notaries that provide their
guarantees using a variety of different algorithms. Thus Corda is
not tied to any particular consensus algorithm.”
Consensus algorithm is missing!!
▪ “In theory at least, Corda can happily use Bitcoin to do its
coordination, if you write the appropriate notary interface.”
Ian Grigg
http://financialcryptography.com/mt/archives/001606.html

View Slide

R3 Corda (3/3)
▪ According to Mike Hearn, R3 Lead Platform Engineer: “Corda
differs from other platforms in numerous ways, but one of the
most visible is our usage of relational database technology […]
Corda nodes are backed by a relational database”
https://www.corda.net/2017/06/corda-sql-nosql/
▪ Corda looks like the SWIFT protocol on cryptographic proof
steroids
▪ Goldman Sachs, Santander, Morgan Stanley, JP Morgan,
Unicredit, et al. have left R3

View Slide

Ethereum Enterprise Alliance
Ethereum technology is “viewed as being harder to corrupt or hack
because of its reliance on many people rather than a single
authority.”
▪ Major failure of the DAO hack
▪ Benevolent dictatorship of Vitalik Buterin
▪ Multiple voluntary and accidental hard forks
▪ Persistent Distributed Denial of Service attacks

View Slide

Digital Asset Holding
Blythe Masters, CEO of Digital Asset Holding:
▪ distributed consensus is not needed when working with a
central counterparty (only legitimate consensus authority
allowed to provide cryptographic evidence of transactions and
events)
▪ for the DAH business the main Nakamoto’s contribution is just
making evident how useful a shared ledger can be

View Slide

▪ Distributed databases with data replication protocols might be a
better solution, but without detailed case-by-case analysis the
verdict is still out
▪ After successful proof-of-concept for financial repurchase
agreement transactions using DLT, DAH and the Depository
Trust & Clearing Corporation (DTCC) are progressing with
leading market participants to a second phase. This is expected
to be completed by June 2017 at which time DTCC will
determine whether to move ahead with the actual development
phase
▪ Similarly, DAH has committed to deliver a post-trade solution to
the Australian Stock Exchange (ASX) by the end of this year

View Slide

A lesson for the DLT space from DAH:
▪ abandon deceptive blockchain marketing
▪ assemble a solid tech team through acquisitions
▪ rely on centralized consensus
▪ focus on well defined use cases
▪ work primarily for your own investors (both DTCC and ASX
invested in DAH)
▪ commit to measurable deliveries with near deadlines
▪ deliver effective databases on crypto-steroids

View Slide

Permissioned Distributed Ledgers
▪ Incremental evolution, not disruptive innovation
▪ Small impact, if any: in the disruptive bitcoin nuclear explosion,
applied cryptography is the radioactive fallout driving
evolutionary database technology
“A private blockchain is an intranet, and a public blockchain is the
internet. The world was changed by the internet, not a bunch of
intranets. Where companies will be disrupted the most is not by
private blockchains, but public ones”
Brian Forde, MIT, former senior adviser for mobile and data
innovation at the White House
https://bitcoinmagazine.com/articles/mit-s-brian-forde-companies-will-be-disrupted-the-most-by-public-blockchains-1466028606

View Slide

Insecure Snake-Oil Sold To Bank
https://twitter.com/aantonop/status/702307516739428353
89/122

View Slide

The Shifting Narrative
▪ 2014 bitcoin
▪ 2015 blockchain technology
▪ 2016 distributed ledger chimera
▪ 2017 ICO and smart contracts
▪ 2018 ICO and stable coins
▪ ….
▪ 2019 bitcoin, again!

View Slide

Table of Contents
1. Smart Contracts
3. Ethereum
5. Tokenization

View Slide

Blockchain Beyond Bitcoin
There is no blockchain without bitcoin
There is blockchain beyond bitcoin
Andreas Antonopoulos

View Slide

Blockchain Graffiti
Bitcoin Script operator OP_RETURN can be used to write 80 bytes
of arbitrary data in the blockchain using a bitcoin transaction
93/122

View Slide

▪ A timestamp proves that some data existed prior to some point
in time, providing a relevant document with a certain sure date,
e.g. postmark
▪ Law requires dates to be certified by public officials and notary
services
▪ For digital documents, timestamping is based on digital
signature by certification authority
Timestamp

View Slide

Hash Function
▪ A function that maps input data of arbitrary length to a hash
value, i.e. an output data of a fixed length
− Non-invertible (one-way: input data can not be regenerated
from the output hash value)
− Collision-resistant: computationally unfeasible to find 2 inputs
that produce the same output
▪ The resulting hash value is a reliably unique identifier for
any input data: it can be considered its unique digital fingerprint
▪ The hash value does not reveal the input data
▪ Bitcoin uses the (Secure Hash Algorithm) SHA256 that
generates a fixed size 256-bit (32-byte) output

View Slide

Blockchain as
Timestamping Certification Authority
▪ A generic data file can be hashed to produce a short unique identifier,
equivalent to its digital fingerprint
▪ Such a fingerprint can be associated to a bitcoin transaction (irrelevant
amount) and hence attested on the blockchain
▪ Blockchain immutability provides time-stamping, proving the data file
existence at that moment in time in that specific status
BTC Transaction
t3 t4
Genesis
block
t0 t1 t2
Hash function
Hash value
610b0a4b2769898674a2624e9330fbd60bbee200db2b57514be4
9d9a8b63dc25
Timestamped at t2
data file
96/122

View Slide

Blockchain Timestamping
Pros:
▪ Digital public proof, easily auditable by everyone
▪ The proof cannot be faked, manipulated, or removed
▪ Certification authority cannot be bribed
▪ Can be used along with regulatory timestamping prescription
Cons:
▪ Not efficient (one transaction per document)
▪ Lack of standardization

View Slide

Open standard
consisting in a set of operations
for creating provable blockchain timestamps
that can be independently audited and verified
The OpenTimestamps Standard

View Slide

OpenTimestamps: Distributed, Trust-
minimizing, Scalable, Convenient
▪ Trust Minimizing: OpenTimestamps uses decentralized, publicly
auditable, blockchains, removing the need for trusted authorities;
OpenTimestamps’s architecture is designed to support multiple,
cross-checked, notarization methods
▪ Scalability: OpenTimestamps scales indefinitely, allowing
timestamps to be created for free by combining an unlimited
number of timestamps into one blockchain transaction by
leveraging Merkle-tree
▪ Convenience: OpenTimestamps can create a third-party-
verifiable timestamp in about a second; you don’t need to wait
for a blockchain confirmation
https://petertodd.org/2016/opentimestamps-announcement

View Slide

OpenTimestamps: Trust Minimizing
▪ Decentralized, independent, uncensorable, cross-jurisdictional
▪ Third party auditable (suitable for regulatory prescriptions)
▪ Blockchain agnostic
Please note that a timestamp is as reliable as the used blockchain:
▪ very reliable when using Bitcoin because that blockchain is
secured by huge computational power (proof-of-work)
▪ much less reliable with other public permissionless blockchain
▪ when used with private permissioned blockchain its reliability
depends on the reliability of the chain governance: in that case
traditional certification authorities are probably better

View Slide

OpenTimestamps: Scalability
A single blockchain transaction timestamps an unlimited number of
documents
An OpenTimestamps calendar server provides “aggregation before
attestation”:
1. aggregation of multiple documents in a Merkle tree data
structure
2. attestation of the Merkle tree root in a single blockchain
transaction, achieving implicit attestation of all documents
included in the tree

View Slide

Merkle Tree: Hash Pointer Binary Tree
▪ Merkle tree can efficiently summarize
large sets of data into one single hash
1. Hash all documents
2. Calculate the hash of the HA
||HB
concatenation to obtain HAB
, the
next level of the tree
3. Iterate the process
▪ The membership proof is O(log N): to
prove that DOCB
is in the tree only 2
data are needed: HA
and HCD
▪ Timestamp the tree root only
Root H =
hash(HAB
||HCD
)
Merkle root
DOC A DOC B DOC C DOC D
HA
=
hash(A)
HB
=
hash(B)
HC
=
hash(C)
HD
=
hash(D)
HAB
=
hash(HA
||HB
)
HCD
=
hash(HC
||HD
)
HA
=
hash(A)
HCD
=
hash(HC
||HD
)
102/122

View Slide

OpenTimestamps: Convenience
▪ OpenTimestamps is a public format: no vendor lock-in
▪ An OpenTimestamps calendar server can offer its services to
multiple remote OpenTimestamps clients
▪ While anyone can timestamp with permissionless blockchain(s)
by paying the transaction fees, OpenTimestamps provides free
to use public servers without any registration or API key
▪ Verifiable timestamp are created in about a second
▪ Independently verifiable: no need for calendar server after
timestamping

View Slide


View Slide

What Timestamping is Not Good For
It should be obvious, but it is worth mentioning that timestamping:
▪ can be selectively revealed to show convenient evidence and
hiding inconvenient evidence (e.g. timestamping a bet on a
given outcome and its opposite, later revealing only the realized
one)
▪ does not prove authorship (that should be proved with a digital
signature)
▪ can be repudiated (“it was not me…”) if not digitally signed
▪ does not ensure veracity, validity, correctness, or accuracy of
the timestamped document

View Slide

The Foolish Blockchain Certification
▪ IBM Food Trust
▪ EY Wine Blockchain
▪ Carrefour chicken
▪ etc.
just dishonest marketing gimmick,
i.e. misleading advertising.
© 2019 Digital Gold Institute https://www.ametrano.net/2018/10/11/Not-a-blockchain/ 109/122

View Slide

Use Case 1: Digital Signature
without Timestamping
▪ What if a signing private key
is stolen?
▪ The key revocation certificate
is issued to signal that
signatures after the theft
should be considered invalid
WRONG!!
▪ Every signature performed
with that key should be
considered invalid because
the thief can backdate
documents

Time
X
✓
T0 T1

X
110/122

View Slide

with Timestamping
▪ Traditional timestamping
relies on a third-party central
authority signing with its
private key
▪ What if the timestamper’s
private key is stolen?
▪ Every timestamp created by
that key must be considered
invalid because the thief can
backdate timestamps

X

Time
X
T0 T1
111/122

View Slide

with Blockchain Timestamping
▪ Blockchain notarization is an
effective hardening approach
▪ What if the traditional
timestamper’s private key is
stolen?
Blockchain timestamps
cannot be backdated!

✓

Time
X
T0 T1
112/122

View Slide

Use Case 1: Digital Signature Hardening
Hardened digital
signature

Timestamping
that cannot be
backdated
https://gist.github.com/RCasatta/6824c80e3de137f0d8d230f622e4bbaa
113/122

View Slide

Use Case 2: Timestamp Internet
▪ OpenTimestamps is used to timestamp the whole Internet
Archive https://archive.org/
▪ This has been possible thanks to the high scalability of the
OpenTimestamps protocol
▪ For the first time historical archived data cannot be altered
without being noticed
http://nova.ilsole24ore.com/progetti/la-blockchain-da-il-tempo-al-web/

View Slide

Use Case 3: Regulatory Compliance
▪ Broker-dealers have started using notarization to satisfy the
regulatory prescriptions for storing required records exclusively
in non-rewriteable and non-erasable electronic storage media.
▪ WORM (write once read many) optical media has been used so
far, but it is quite impractical, especially for large data set
▪ Compliance can be achieved anchoring rewritable data sources to
the blockchain, providing accurate and secure time-stamping
resilient to manipulation
http://www.coindesk.com/intesa-sanpaolo-trade-data-bitcoin-blockchain/
https://www2.deloitte.com/it/it/pages/financial-services/articles/l_integrita-dei-dati-di-trading---deloitte-italy---financial-ser.html
https://drive.google.com/drive/folders/0B8tGDTaBY4-Nb3ZuRmgzRXJXOUk

View Slide

Use Case 4: Publicly Verifiable Certificates
It is easy to verify documents:
▪ signed by the issuer
▪ timestamped on blockchain
It would be easy to provide public web-portals for drag-and-drop
verification

View Slide

Blockchain Certification: the Italian Law
▪ AGID will have to provide technical specification
▪ Let’s hope for the best…
https://www.agendadigitale.eu/documenti/al-via-la-blockchain-revolution-ecco-tutte-le-novita-e-cosa-si-potra-fare/

View Slide

Anchoring: A New Security Paradigm
▪ Bitcoin blockchain network security is preserved by a
computation power unparalleled in human history
▪ Other networks can tap into this security via anchoring (i.e.
periodic time-stamping of their network status)
▪ Any “stateful system with global memory” can outsource its
security to the bitcoin network, piggybacking its resilience
▪ Bitcoin seigniorage revenues might provide security for all
transactional networks
▪ Bitcoin mining as global outsourced decentralized security

View Slide

Digital Gold Jewelry
What jewelry is for gold,
notarization could be for bitcoin:
not essential
but effective at leveraging its beauty

View Slide

Bibliography
▪ A. Narayanan, et al., “Bitcoin and Cryptocurrency Technologies”
http://bitcoinbook.cs.princeton.edu/
− Chapter 9 «Bitcoin as a Platform»
− Chapter 10 «Altcoins and the Cryptocurrency Ecosystem»
− Chapter 11 «Decentralized Institutions: The Future of
Bitcoin?»
▪ Pedro Franco, “Understanding Bitcoin”, Wiley
− chapter 4 «Business applications»
− chapter 11 «Alt(ernative) Coins»
− chapter 12 «Contracts»

View Slide

Bibliography
▪ F. Ametrano, E. Barucci, D. Marazzina, S. Zanero
Answer to ESMA call for opinion on DLT for Securities Markets
(2016)
https://drive.google.com/drive/folders/0B8tGDTaBY4-
Nb3ZuRmgzRXJXOUk
▪ F. Ametrano, Bitcoin, Blockchain and the DLT Chimera (2016)
https://www.swiftinstitute.org/newsletters/guest-article-bitcoin-
blockchain-and-the-dlt-chimera/
▪ F. Ametrano, Missing the Point About Bitcoin (2017)
http://www.coindesk.com/2017-will-prove-blockchain-bad-idea/
▪ F. Ametrano, Bitcoin, Blockchain and Distributed Ledger
Technology: Hype or Reality? (2017)
https://goo.gl/Z9OeHt

View Slide

Takeaways
▪ Timestamping and anchoring are promising applications
▪ For the time being, better if smart contracts are not too smart
▪ Alt-coins and tokens are hardly relevant, Ethereum is mostly a
geek playground, ICOs so far have been frauds
▪ Blockchain needs a native digital asset such as bitcoin
▪ Unrealistic expectations arise from distributed ledger hype
▪ Instant settlement, cash on the ledger, shared data set, and
extreme automation are not easy to obtain
▪ Hardly disruptive, DLT might be evolutionary DB tech

View Slide

Ferdinando M. Ametrano
Executive Director
[email protected]
Paolo Mazzocchi
Chief Operating Officer
[email protected]
www.github.com/dginst
www.facebook.com/DigitalGoldInstitute
www.twitter.com/DigitalGoldInst
www.dgi.org/feed.xml
[email protected]
www.dgi.io
www.linkedin.com/company/digital-gold-institute
"Scarcity in the Digital Realm"

View Slide

Beyond Bitcoin

Beyond Bitcoin

Ferdinando M. Ametrano

More Decks by Ferdinando M. Ametrano

Other Decks in Technology

Featured

Transcript