SLIDE 1
ETH Zurich – Distributed Computing Group
Roger Wattenhofer
Cryptocurrencies bitcoin, blockchain & beyond Roger Wattenhofer - - PowerPoint PPT Presentation
Cryptocurrencies bitcoin, blockchain & beyond Roger Wattenhofer - - PowerPoint PPT Presentation
Cryptocurrencies bitcoin, blockchain & beyond Roger Wattenhofer ETH Zurich Distributed Computing Group Cryptocurrencies What is Bitcoin? = + + Technology The Bank of Bitcoin The Bank of Bitcoin User Balance A 2 B 5 C 8
SLIDE 2
SLIDE 3
Cryptocurrencies
SLIDE 4
SLIDE 5
What is Bitcoin?
+ + =
SLIDE 6
Technology
SLIDE 7
The Bank of Bitcoin
SLIDE 8
The Bank of Bitcoin
User Balance A 2 B 5 C 8
SLIDE 9
The Bank of Bitcoin
User Balance A 2 B 5 C 8
TX B − → A
SLIDE 10
The Bank of Bitcoin
TX B − → A
User Balance A 2 4 B 5 3 C 8
SLIDE 11
Opening an Account in Bitcoin
Private Key Public Key Address
SLIDE 12
Transferring Bitcoins
TX: 41b221
SLIDE 13
Transferring Bitcoins
TX: 41b221 B
0.1
SLIDE 14
Transferring Bitcoins
TX: 41b221 B
0.1
A
4.798
A
4.899
SLIDE 15
Transferring Bitcoins
TX: 41b221 B
0.1
A
4.798
A
4.899
SLIDE 16
Transferring Bitcoins
TX: 41b221 B
0.1
A
4.798
A
4.899
Inputs Outputs
SLIDE 17
Transferring Bitcoins
TX: 41b221 B
0.1
A
4.798
A
4.899
Inputs Outputs Fee
0.001
SLIDE 18
Transferring Bitcoins
TX: 41b221 B
0.1
A
4.798
A
4.899
Inputs Outputs Fee
0.001
- Prev. TX:
a1a53743
4.899
C
... 1
| Outputs
SLIDE 19
Distributing the Bank
User Balance A 2 B 5 C 8
TX
SLIDE 20
Distributing the Bank
SLIDE 21
Distributing the Bank
TX
SLIDE 22
Distributing the Bank
TX
SLIDE 23
Distributing the Bank
SLIDE 24
Distributing the Bank
SLIDE 25
Let’s Buy a Snack
[Bamert, Decker, Elsen, W, Welten, 2013]
SLIDE 26
Doublespending
TX A
1 1
Inputs
SLIDE 27
Doublespending
TX A
1 1
Inputs TX’
1
SLIDE 28
Doublespending
TX A
1 1
Inputs TX’
1
✓
SLIDE 29
Transaction Conflicts
SLIDE 30
Transaction Conflicts
TX TX
SLIDE 31
Transaction Conflicts
TX TX
SLIDE 32
Transaction Conflicts
SLIDE 33
Resolving Conflicts
SLIDE 34
Resolving Conflicts
Green!
SLIDE 35
Resolving Conflicts
SLIDE 36
How to Choose a Leader?
SLIDE 37
Proof-of-Work
TX TX TX TX
SLIDE 38
Proof-of-Work
Block TX TX TX TX
SLIDE 39
Proof-of-Work
Block H(Previous Block) TX TX TX TX
SLIDE 40
Proof-of-Work
Block H(Previous Block) TX TX TX TX
I H(Block) → fd2e2055f117bfa261b5a6c7e11df367. . .
SLIDE 41
Proof-of-Work
Block H(Previous Block) TX TX TX TX Nonce
I H(Block|0) → 094d66aa7c844a9dbb516a41259b5877. . .
SLIDE 42
Proof-of-Work
Block H(Previous Block) TX TX TX TX Nonce
I H(Block|0) → 094d66aa7c844a9dbb516a41259b5877. . . I H(Block|1) → f2496854af8bf989171587a9259f634f. . .
SLIDE 43
Proof-of-Work
Block H(Previous Block) TX TX TX TX Nonce
I H(Block|0) → 094d66aa7c844a9dbb516a41259b5877. . . I H(Block|1) → f2496854af8bf989171587a9259f634f. . . I H(Block|2) → aec87c0ca2e5eb3f23111092f1089ada. . .
SLIDE 44
Proof-of-Work
Block H(Previous Block) TX TX TX TX Nonce
I H(Block|0) → 094d66aa7c844a9dbb516a41259b5877. . . I H(Block|1) → f2496854af8bf989171587a9259f634f. . . I H(Block|2) → aec87c0ca2e5eb3f23111092f1089ada. . . I H(Block|3) → 777f75b2a8ecfdc8026c236fc1d2ffa0. . .
. . .
I H(Block|961127) → 0000014823419622d4c133672a7d657e. . .
SLIDE 45
The Blockchain
Time
SLIDE 46
The Blockchain
Time
SLIDE 47
Is Bitcoin stable?
SLIDE 48
The Blockchain
Time
SLIDE 49
The Blockchain
Time
SLIDE 50
Propagation Speed
[Decker, W, 2013] http://bitcoinstats.com
SLIDE 51
Propagation Speed
[Decker, W, 2013] http://bitcoinstats.com
SLIDE 52
Blockchain Forks
1.69% [Decker, W, 2013]
SLIDE 53
Aside: Mining Evolution
SLIDE 54
Aside: Mining Evolution
SLIDE 55
Aside: Mining Evolution
SLIDE 56
500 MW
SLIDE 57
Summary
TX Green! Block H(Previous Block) TX TX TX TX Nonce Time SLIDE 58
Stories
SLIDE 59
How to Lose 500M
SLIDE 60
Addressing Transaction Malleability: MtGox has detected unusual activity on its Bitcoin wallets and performed investigations during the past weeks.
SLIDE 61
The MtGox Incident
I July 2010: First trade on MtGox I May 2011: Transaction malleability identified as low priority issue I February 7, 2014: MtGox halts withdrawals I February 10, 2014: MtGox announces loss of 850,000 bitcoins (620
millio USD) and cites transaction malleability as root cause
I February 28, 2014: MtGox files for bankruptcy I March 7 2014: MtGox finds 200,000 bitcoins I August 2015: MtGox CEO is arrested
SLIDE 62
Signatures
61 af bb 4d e9 f8 b8 74 86 1e
SLIDE 63
Signatures
00 00 61 af bb 4d e9 f8 b8 74 86 1e There are multiple ways to serialize a signature:
I Multiple push operations (1 byte, 2 byte, 4 byte) I Non-canonical DER encodings I Padding I . . .
SLIDE 64
Transaction Malleability Attack
SLIDE 65
Transaction Malleability Attack
TX TX SLIDE 66
Transaction Malleability Attack
TX TX TX SLIDE 67
Transaction Malleability Attack
SLIDE 68
Transaction Malleability Attack
Red! TX?
SLIDE 69
Transaction Malleability Attack
Refund
SLIDE 70
Incident Timeline
[Decker, W, 2014]
SLIDE 71
Incident Timeline
386 BTC [Decker, W, 2014]
SLIDE 72
SLIDE 73
Is Bitcoin Secure?
SLIDE 74
Securing Your Bitcoins
[Bamert, Decker, W, 2013]
SLIDE 75
Does Bitcoin Scale?
SLIDE 76
The Bitcoin Ecosystem is Growing
SLIDE 77
Scalability Limits
I Disk space: < 500 transactions per second
SLIDE 78
Scalability Limits
I Disk space: < 500 transactions per second I Processing power: < 200 transactions per second
SLIDE 79
Scalability Limits
I Disk space: < 500 transactions per second I Processing power: < 200 transactions per second I Network bandwidth: < 100 transactions per second
SLIDE 80
Scalability Limits
I Disk space: < 500 transactions per second I Processing power: < 200 transactions per second I Network bandwidth: < 100 transactions per second I Artificial 1MB limit: < 3 transactions per second
SLIDE 81
Scalability Limits
I Disk space: < 500 transactions per second I Processing power: < 200 transactions per second I Network bandwidth: < 100 transactions per second I Artificial 1MB limit: < 3 transactions per second
Today:
I Bitcoin: 1 transaction per second I Credit Cards: > 10, 000 transactions per second
SLIDE 82
Payment Network
SLIDE 83
Payment Network
SLIDE 84
Payment Network
SLIDE 85
Micropayment Channels
5
SLIDE 86
Micropayment Channels
5 5
SLIDE 87
Micropayment Channels
5 5 T=100 5
SLIDE 88
Micropayment Channels
5 5 T=100 5
SLIDE 89
Micropayment Channels
5 5 T=100 5
SLIDE 90
Micropayment Channels
5 5 T=100 5 5
SLIDE 91
Micropayment Channels
5 5 T=100 5 5 4 1
SLIDE 92
Micropayment Channels
5 5 T=100 5 5 4 1 3 2
SLIDE 93
Micropayment Channels
5 5 T=100 5 5 4 1 3 2
SLIDE 94
Duplex Micropayment Channels
Setup Invalidation Tree Micropayment ChannelsT = 100 T = 100 T = 100 T = 99 T = 100 T = 100 T = 99 T = 100 T = 99
SLIDE 95
Summary
Red! TX? Refund T = 100 T = 100 T = 100 T = 99 T = 100 T = 100 T = 99 T = 100 T = 99 SLIDE 96
Economy
SLIDE 97
BTC in USD
SLIDE 98
Inflation
SLIDE 99
Fungibility
=
?
SLIDE 100
Improving Bitcoin?
saver miner payer payee relay
SLIDE 101
What is Money?
SLIDE 102
What is Money?
SLIDE 103
Summary
SLIDE 104
Thank You!
Questions & Comments?
www.disco.ethz.ch
Thanks to my co-author Christian Decker