Blockchain at Cyber Security Meetup Berlin

Slide 1

Slide 1 text

Blockchain: Trust, securely decentralized Stefan Tilkov  [email protected]  @stilkov Cyber Security Meetup Berlin

Slide 2

Slide 2 text

Slide 3

Slide 3 text

Bitcoin • Practical application of cryptography to • maintain a pseudonymous, global history of transactions • with guaranteed consistency • without centralization or intermediaries • resistant to forgery and fraud • Created in 2009 by Satoshi Nakamoto • Most successful crypto-currency to date

Slide 4

Slide 4 text

Cryptography?  Oh no! Don’t worry.

Slide 5

Slide 5 text

Hashing Hashing Algorithm 0100101001001 01011111100101 0010101001010 11010101001011 1000100101001 00101011111100 12CA0219FABC1236

Slide 6

Slide 6 text

Hashing Algorithm 0100101001001 01011111101101 0010101001010 11010101001011 1000100101001 00101011111100 ABC8329FF129878E Hashing

Slide 7

Slide 7 text

0100101001001 01011111100101 0010101001010 11010101001011 1000100101001 00101011111100 12CA0219FABC1236 Hashing

Slide 8

Slide 8 text

Public & Private Keys Private Key Public Key Derive

Slide 9

Slide 9 text

Public & Private Keys Private Key Public Key Derive Sign 0100101001001 01011111100101 0010101001010 11010101001011 1000100101001 00101011111100 12CA0219FABC1236 Private Key Public Key Derive

Slide 10

Slide 10 text

Sign 0100101001001 01011111100101 0010101001010 11010101001011 1000100101001 00101011111100 12CA0219FABC1236 Private Key Public Key Validate Derive Public & Private Keys

Slide 11

Slide 11 text

Bitcoin: Vocabulary Transaction Block Wallet Address Node Blockchain Private Key Public Key maintains copy of creates consists of inputs encumbered with derived from derived from maintains validated by includes creates references previous Bitcoin contains

Slide 12

Slide 12 text

Bitcoin • The technology • The currency • Created via “mining” (coinbase tx) • 1 Bitcoin (BTC) = 1,000 mBTC = 1,000,000 μBTC = 100,000,000 Satoshi • Coins are maintained as part of transactions Transaction Block Wallet Address Node Blockchain Private Key Public Key maintains copy of creates consists of inputs encumbered with derived from maintains validated by includes creates references previous Bitcoin contains

Slide 13

Slide 13 text

Bitcoin: Wallet • Maintains private keys, public keys, addresses • Used to sign transactions (sort of) • Implementations for mobile devices, Mac, Windows, Linux • “Online wallets” a.k.a. “a very bad idea” • Hardware & offline wallets Transaction Block Wallet Address Node Blockchain Private Key Public Key maintains copy of creates consists of inputs encumbered with derived from derived from maintains validated by includes creates references previous Bitcoin contains

Slide 14

Slide 14 text

Bitcoin: Transactions • Multiple inputs (unspent transaction output, UTXO) • Inputs can only be spent by owner • Multiple outputs • “Unspent” outputs are “encumbered” with recipient key • Can be sent to any node • Will be included in (validated by) block Transaction Block Wallet Address Node Blockchain Key Public Key maintains copy of creates consists of inputs encumbered with derived from maintains validated by includes creates references previous

Slide 15

Slide 15 text

Bitcoin: Blocks • Reference transactions • Include proof of work • Reference previous block • Number of blocks relate to level of trust Transaction Block Wallet Address Node Blockchain maintains copy of creates consists of inputs encumbered with maintains validated by includes creates references previous

Slide 16

Slide 16 text

Bitcoin: Mining & proof of work • Proof: Find a SHA256 input that meets network “difficulty target” • Cheaper to play by the rules than to cheat • Difficulty adjusted over time • Only way for new bitcoins to get introduced • Optional transaction fee

Slide 17

Slide 17 text

Bitcoin: Nodes • Form a peer-to-peer network • Relay messages • Validate transactions and blocks • Maintain a copy of the blockchain Block Address Node Blockchain maintains copy of creates consists of encumbered with validated by references previous

Slide 18

Slide 18 text

Bitcoin: Blockchain • Linked list of all blocks ever created • Can and will be validated by every node • History of every transaction ever performed • Not actually a ledger Block Address Node Blockchain maintains copy of creates consists of encumbered with validated by references previous

Slide 19

Slide 19 text

Bitcoin: Validation/Consensus • Blocks chain – the more blocks reference a block, the better • Transactions considered immutable after 6 blocks • Consensus by means of “longest chain”

Slide 20

Slide 20 text

Bitcoin: Script • Intentionally limited scripting • P2SH (“pay to script hash”) address  (as opposed to P2PKH) • Usage e.g. for multi-signature (joint accounts) • Challenge: To spend, provide valid input to script • Base script: Ensure recipient has private key matching a public key

Slide 21

Slide 21 text

Slide 22

Slide 22 text

Ethereum vs. Bitcoin • Blockchain as technical basis • Currency: Ether • 1 Block approx. every minute • Currently proof of work, change to proof of stake planned • Platform for arbitrary contracts • State as part of the blockchain

Slide 23

Slide 23 text

Ethereum: Contracts & Code • Accounts can externally owned • Accounts can be embodied by code (“contract account”) • Contracts specify rules for interactions

Slide 24

Slide 24 text

“Here, run that code  for me, will ya?”

Slide 25

Slide 25 text

Ethereum: Gas • Computation requires payment (“gas”) • Amount determined by caller • Execution of instructions consumes gas

Slide 26

Slide 26 text

Ethereum: Programming • Low-level byte code: EVM • Multiple languages • LLL (Lisp-like, low-level) • Serpent (Pythonesque) • Solidity (similar to JavaScript, but statically typed) • Executed by every node mining or validating blocks

Slide 27

Slide 27 text

3. Alternatives

Slide 28

Slide 28 text

Alternative approaches • Altcoins (Litecoin, Namecoin, Dogecoin, Devcoin, Bytecoin, …) • Colored coin • Metacoin • Sidechains

Slide 29

Slide 29 text

Private (“permissioned”) ledgers • Used internally or with trusted partners • Lots of startups: clearmatics, Eris, Peernova, BigchainDB, … • OSS initiative: HyperLedger (Fabric, Sawtooth Lake)

Slide 30

Slide 30 text

4. What’s cool about it?

Slide 31

Slide 31 text

Distributed Consensus • Trustable, secure • Immediate • (Mostly) Unbreakable

Slide 32

Slide 32 text

Open access • Anyone can participate • No centralized control • Globalized • Detour: Politics

Slide 33

Slide 33 text

Disrupting intermediaries • Intermediaries provide consistency as a service • Risk of monopolies • Expensive • Possibly influenced by politics • Blockchain cuts out the middle man

Slide 34

Slide 34 text

Cost reduction for clearing • Collaborations rely on clearing e.g. in finance, logistics, energy • Reduced cost due to “permissioned” model (more trust)

Slide 35

Slide 35 text

5. Use Cases

Slide 36

Slide 36 text

Property Management • Record (partial) ownership • Trade property/shares • Identity • DRM • Access Control • Digital Assets

Slide 37

Slide 37 text

Obligations • Emission fees • Debt • Clean energy fares

Slide 38

Slide 38 text

Distributed Autonomous Organizations • Complex interactions among participants • Multi-tiered • Corporation contracts as code

Slide 39

Slide 39 text

Other use cases • Fully automated payment (Charging, Usage fees “Maut”) • Public records of GPS tracking • Safe auditing with legitimate (limited) law enforcement access

Slide 40

Slide 40 text

Common problem: Commercialization

Slide 41

Slide 41 text

7. Summary (a.k.a. what I believe today)

Slide 42

Slide 42 text

Trusted, distributed, decentralized platforms will play a significant role in many industries

Slide 43

Slide 43 text

Don’t dismiss Bitcoin, Ethereum or public, permissionless blockchains in general just yet

Slide 44

Slide 44 text

Permissioned ledgers may be the future – or just an intermediate step to a new shared platform  (similarly to the Internet)

Slide 45

Slide 45 text

The barrier to entry has never been this low – commercially as well as from a technical perspective

Slide 46

Slide 46 text

Disrupt or be disrupted :-)

Slide 47

Slide 47 text

Stefan Tilkov @stilkov  [email protected]  Phone: +49 170 471 2625 innoQ Deutschland GmbH Krischerstr. 100 40789 Monheim am Rhein Germany Phone: +49 2173 3366-0 innoQ Schweiz GmbH Gewerbestr. 11 CH-6330 Cham Switzerland Phone: +41 41 743 0116 www.innoq.com Ohlauer Straße 43 10999 Berlin Germany Phone: +49 2173 3366-0 Ludwigstr. 180E 63067 Offenbach Germany Phone: +49 2173 3366-0 Kreuzstraße 16  80331 München Germany Phone: +49 2173 3366-0 @stilkov That’s all I have.  Thanks for listening! Questions?

Slide 48

Slide 48 text

www.innoq.com About INNOQ • Offices in Monheim (near Cologne), Berlin, Offenbach, Munich, Zurich • ~125 employees • Core competencies: software architecture consulting and software development • Privately owned, vendor-independent • Clients in finance, telecommunications, logistics, e- commerce; Fortune 500, SMBs, startups