David Stancel
Cryptocurrency Expert, Advisor, Lecturer, Author, & exCTO @ Fumbi
Workshop
David Stancel
A tamper-proof, shared digital append-only ledger that records transactions grouped into blocks in a decentralized peer-to-peer network. The permanent recording of transactions in the Blockchain stores permanently the history of asset exchanges that take place between the peers.
Updating the ledger (usually) requires solving Byzantine Agreements (hash) with economically incentivized participation, secured by cryptography
1. Nová tranzakcia je odoslaná do siete
2. Každý uzol v sieti zbiera tranzakcie do bloku
3. Pri každom kole /bloku/ náhodne vybraný uzol získa právo určiť "pravdu"
4. Ďalšie uzle v sieti akceptujú blok iba za definovaných podmienok (ak má validné podpisy a tranzakcie)
5. Akceptáciu bloku vyjadrujú zahrnutím jeho hashu do svojich ďalších blokov
Short range attack – attacker waits until merchant accepts payment as confirmed, than double- spends it by bribing validators to reorganize the chain
Long range attack – attacker with enough power can rebuild the chain as he choses, with the ability to build a blockchain however he desires
Coin accumulation – protocols which rely on the age of coins, where attacker could try to accumulate enough old coins to be able to reach a majority in voting
Denial of service – flooding nodes so that they can no longer relay transactions
Sybil attack – flooding the network with bad nodes that isolate good ones
Selfish mining – secretly building on a chain and publish it selectively in order to waste competitors resources
There are two major ways of controlling the network:
1. Controlling the information flow between peers
2. Controlling the computational power of the network – remember that decisions are based on consensus/majority.
An adversary that controls more than half of the network's computing power can effectively control the entire network.
While controlling the network, the attacker can:
However, the attacker cannot:
A denial of service (DoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic.
---> overloading a network/computer with requests above the capacity that the network/computer can handle.
In Blockchain, this can be achieved by sending lots of junk data to a node. The nodes under attack will not be able to process normal transactions.
a (bitcoin) node/peer:
--> a malicious user gains control over a node's access to information in the peer-to-peer network.
Three prerequisites:
If the above criteria are met then:
The Bitcoin network spans the globe --> nodes are in different time zones.
Time is extremely important --> determines the validity of new blocks.
When establishing new connections, the protocol forces nodes to exchange their system time.
Each node maintains a counter, which represents the median network time of its peers. The counter reverts to system time, if the median differs from it by more than 70 minutes.
By announcing inaccurate timestamps when connecting to a node, an attacker can alter a node's network time counter and deceive it into accepting an alternate blockchain.
--> increase the chances of a successful double-spend.
- process of sending thousands of nano-value transactions, in order to fill the blocks to the maximum size.
This will create delays to other legitimate transactions, thus delaying the whole network and increasing confirmation time for all transactions.
A flood attack is performed very easily, with the attacker just sending thousands of transactions to himself.
However, it is expensive to sustain for a long time, due to transaction fees.
The computing power of honest miners is wasted.
--> selfish miners increase the impact of their own mining power on the network and enjoy additional power and profits.
Selfish mining increases transaction confirmation times, because transactions confirmed by the selfish miner in private, are not broadcast to the public immediately.
Selfish mining also increases the threat of double spending, as both honest and selfish miners can add mutually exclusive transactions to the private and public chains.
May be possible with 1/3 of network (33% attack).
Zerocoin operates, roughly, as follows:
Zcash is a new blockchain that also aims at true cryptographic anonymity.
The principle is similar to Zerocoin, but the cryptography used is the current state-of- the-art, an evolution of zero-knowledge proof constructions, called zk-SNARKs.
It offers both so-called transparent transactions (t-addresses) like Bitcoin, and true anonymous transactions (z-addresses).
Transactions using z-addresses are hiding the source, destination and amount involved in the transaction, but they are still verifiable.
Processing Power - the more processing power your computer has, the more transactions it can process.
- mostly for verifying transactions using:
In theory, Bitcoin is able to verify approximately 4,000 transactions per second on an average CPU.In reality we cannot hope to scale beyond 200 transactions per second
Storage - Maintaining a full bitcoin node means storing every single transaction ever recorded on the blockchain.
As of December 2019, around 280Gb space and an additional 5Gb per month.
If the network grows to the size of competing networks, storage requirements will skyrocket:
For 200 transactions per second (tps) – a reasonable target, given PayPal's current rate of 100 tps –nodes would require an additional storage space of 3Tb per year.
Bandwidth - Assuming that a bandwidth of 10Mbits/s is available, the rate with which nodes can receive transactions is limited to approximately 2,000 transactions per second.
+ each node is informed about every transaction multiple times and that other non-transaction messages are broadcasted over the network
If bandwidth is not enough, peers won’t be able to receive and validate transactions in time, making them unable to synchronize with the rest of the network.
In fact, of the 231 PoCs Gartner reported on, only 14 have moved into a limited scale live-in production environment, reflecting the immaturity of the market we’re seeing today.
The same report estimates only 10% of these projects will make it to a fully-scaled business model by 2020. Given this predicament, it’s no surprise seeing enterprises employing stricter vetting processes and restricting spending on DLT projects overall.
https://www.gartner.com/doc/3869368/blockchain-trials-industries-market-transition
https://etherisc.com/
EY's report on blockchain in Insurance:
https://www.ey.com/Publication/vwLUAssets/EY-blockhain-in-insurance/$FILE/EY-blockhain-in-insurance.pdf
IBM Insurance Blockchain:
https://www.youtube.com/watch?time_continue=58&v=Mhpe0d-nE7k
https://www2.deloitte.com/content/dam/Deloitte/global/Documents/grid/trade-finance-placemat.pdf
September 2018, fifteen of the world’s largest banking and commodity companies announced the formation of komgo - a global blockchain-based trade financing platform.
Collaboration between: ABN AMRO, BNP Paribas, Citi, Crédit Agricole Group, Gunvor, ING, Koch Supply & Trading, Macquarie, Mercuria, MUFG Bank, Natixis, Rabobank, Shell, SGS and Société Génerale
While using ETHEREUM, it will launch with two initial products: a KYC process and a Letters of Credit product.
https://media.consensys.net/enterprise-blockchain-for-trade-financing-c005ec8fa079
Deloitte, 2015:
https://www2.deloitte.com/content/dam/Deloitte/us/Documents/strategy/us-cons-state-sponsored-cryptocurrency.pdf
Dutch Central Bank, 2016:
https://www.coindesk.com/dutch-central-bank-to-create-dnbcoin-prototype
FED, 2017:
https://www.cnbc.com/2017/11/29/federal-reserve-starting-to-think-about-its-own-digital-currency-dudley-says.html
Venezuela's Petro:
https://www.reuters.com/article/venezuela-economy-cryptocurrency/venezuela-oil-backed-cryptocurrency-to-launch-in-days-government-idUSL1N1OS1GY
Reserve Bank of New Zeland, 2018:
https://www.rbnz.govt.nz/-/media/ReserveBank/Files/Publications/Bulletins/2018/2018jun81-07.pdf
In March 2017 a group of 30 enterprises announced formation of Ethereum Enterprise Alliance, which has recently grown to more than 200 members, making it probably the largest blockchain consortium today.
EEA’s focus in bringing Ethereum to the enterprise environment, meaning moving from a public, permissionless to a private, permissioned setting, which means it will be easier to provide better support for privacy and performance. There are some plans to support anchoring on the public Ethereum network as a way to securely timestamp the chain state.
Text
First, ETH is turned into “wrapped ETH” (WETH), which is simply an ERC20 wrapping around ETH. This “tokenizes” ETH so it can be used like any other ERC20 token.
Next, WETH is turned into “pooled ETH” (PETH), which means it joins a large pool of Ethereum that is the collateral for all Dai created.
Once you have PETH, you can create a “collateralized debt position” (CDP), which locks up your PETH and allows you to draw Dai against your collateral, which is PETH.
As you draw out Dai, the ratio of debt in the CDP increases. There is a debt limit that sets a maximum amount of Dai you can draw against your CDP.
Once you have Dai, you can spend or trade it freely like any other ERC20 token.
If Dai < $1 USD, CDP owners can pay down their debt at a cheaper price!
fe. CDP with $1000 in ETH --> draw out 500 Dai
to close the position --> pay back 500 Dai (paying debt destroys Dai).
--> demand for Dai increases its price, until it approaches $1 USD.
If Dai stays below $1, CDP owners continue to pay down debt and remove Dai from the system.
--> When Dai goes above $1 USD, Dai is created to feed the demand. It is this push and pull, creation and destruction, supply and demand which ensures that Dai always matches the $1 USD peg.
stanceldavid.sk
My Book & Newsletter:
By David Stancel
NBS
Cryptocurrency Expert, Advisor, Lecturer, Author, & exCTO @ Fumbi