An Overview of Blockchain Technologies and Uses (Day 2) Andy Dolan - - PowerPoint PPT Presentation

An Overview of Blockchain Technologies and Uses (Day 2)

Andy Dolan • Computer Science Department • Colorado State University

Last Time we Covered

• An Introduction to Bitcoin
• The Core Features: What is a Blockchain?
• Distributed Consensus

Image: Jay’s Brick Blog

Outline

• Identity in blockchain and anonymization
• Smart contracts
• Attacks against blockchain
• Interesting (non-cryptocurrency) blockchain use cases

Image: Jay’s Brick Blog

Identity in Blockchain

How do we manage who’s who?

Identity in Public Blockchain

• Public key, associated private key

○ If you have the private key, you have the associated transactions

• Beyond that, what identity exists?

○ Do you register for a Bitcoin account? ○ Where might your information be revealed?

Is Blockchain Anonymous?

• Cryptocurrencies can be traced back through

the ledger

• At some point, there is an exchange to a

product/service/currency

○ These might require some identity information

• Is this a privacy risk?

○ Or is this an advantage?

• Either way, users will want to make their

tokens anonymous

Token Tumbling

• Also called mixing, blending, cleaning
• Third-party services that will “clean” your

“tainted” tokens for you

• Put your tokens in a tumbler/mixer

○ This is still just a transaction ○ Is there a risk in doing this?

• Get some other tokens out that aren’t linked

to you

• Only misdirection, not true “cleaning”

Other Anonymization Efforts

• Use of zero-knowledge proofs to verify

transactions

• Built into the protocol of the particular chain
• Can end up being somewhat similar to mixing

○ Exchanging “real” coins for others

• Other implementations involve burning old

coins and then minting new ones

○ Zcoin

Burning Tokens

• Some systems use the concept of

“destroying” tokens

• Often dubbed “sending to an

impossible/unspendable address”

• Control of currency supply
• Proof of burn
• Is there a risk here?

○ Is the address really unspendable?

Permissioned Blockchain

• Stronger concept of identity

○ Use of PKI

• Only certain participants can join
• Stronger trust model?
• Advantages, disadvantages
• Use cases

○ Supply chain in a particular market ○ Record keeping between key stakeholders ○ Public read-only, permissioned writes

Questions/Comments?

Introduction to Smart Contracts

Automated trust, or millions of costly bugs?

Smart Contracts

• Distributed pieces of code associated with

blockchain transactions

• Executions that define how a transaction is

carried out

• “Smart” because the contract is automatically

enforced by the system

• Usually simple, sometimes complex
• Now present in most blockchain

implementations

A Simple Implementation: Bitcoin

• Every Bitcoin transaction has a script

○ Written in Script

• Super, super simple
• List of instructions for how the next person

wanting to spend coins can gain access to them

○ If the script returns TRUE, you have access to the funds

• Can be just about anything

Typical Bitcoin Script

• Requires two things:
• Public key that hashes to destination address
• f transaction

○ The recipient of coins

• Signature to prove ownership of the private

key corresponding to the public key

○ The recipient provides this ○ Only the owner of the right private key can get the coins

More Unique Bitcoin Scripts

• Freezing funds until a future date
• Creating a mini proof-of-work puzzle that

anyone can solve

• Incentivized finding of SHA1 hash collisions

○ Created in 2013, donation based ○ Solved, reward claimed in February 2017 shortly after SHA1 was broken ○ A little over 2 bitcoin claimed

Ethereum and Smart Contracts

• Arguably the biggest smart contract platform
• Turing-complete smart contract language:

Solidity

• Opens up lots of different possibilities for

○ Applications ○ Tokens (and how they operate)

• More complexity can be problematic

Where Smart Contracts go Wrong

• What problems can slip through with a more

complex smart contract?

• The DAO attack

○ A bug in the code with huge consequences: hard fork ○ Creation of Ethereum Classic

• Updating a deployed contract can be…

complicated

Questions/Comments?

Security Aspects of Blockchain

Attacks against blockchain technologies

Additional Reading

Attacking Consensus

• Majority attacks

○ Proof of Work ○ Proof of Stake

• Compromised centralized “leader” in PBFT
• Consensus delays
• Selfish mining

○ Similar to majority attack ○ Try to trick the network by maintaining a parallel chain

Attacking the Network

• Traditional network attacks to mislead or

disable nodes

• DDoS, DNS attacks, routing attacks
• Spam transactions, slow/limited propagation
• Limit availability

Questions/Comments?

Other Use Cases

Less cryptocurrency-centric applications of blockchain

Supply Chain

• A ledger of how supply changes ownership

throughout its lifecycle

• BeefChain
• Lettuce from Walmart
• What issues are solved by blockchain?
• How does this model differ from

cryptocurrencies?

Blockchain for IoT

• Improving security of IoT devices with a

blockchain platform

• IoT device identity
• IoT device and service permissions
• Storage on an immutable ledger

IoT for Blockchain

• IoTa: Ledger technologies built for IoT
• Attempting to make blockchain more efficient

to be able to run on IoT devices at scale

• Consensus algorithms optimized for

hardware

• Network architecture to accommodate for IoT

capabilities

Storage??

• Again, this is really just a database
• However, it’s append only
• What about use cases that require a lot of

record changes?

• Does it scale?

○ Bitcoin: about 200 GB total ○ Ethereum: about 200 GB total

Voting, Elections

Other Questions?

Conclusion

• Blockchain is cool
• But needs to be used carefully
• Design is critical
• It really isn’t the answer for most problems

Thank you