peer to peer affine commitment using bitcoin
play

Peer-to-peer Affine Commitment using Bitcoin Karl Crary and Michael - PowerPoint PPT Presentation

Mar 01, 2023 •470 likes •1.02k views

Peer-to-peer Affine Commitment using Bitcoin Karl Crary and Michael J. Sullivan Carnegie Mellon University PLDI 15, Portland June 17, 2015 Massively Multiplayer Online Linear Logic Karl Crary and Michael J. Sullivan Carnegie Mellon

  1. Peer-to-peer Affine Commitment using Bitcoin Karl Crary and Michael J. Sullivan Carnegie Mellon University PLDI ’15, Portland June 17, 2015

  2. Massively Multiplayer Online Linear Logic Karl Crary and Michael J. Sullivan Carnegie Mellon University PLDI ’15, Portland June 17, 2015

  3. Typecoin ◮ A general peer-to-peer commitment mechanism - using the language of linear logic ◮ Implemented on top of the Bitcoin network ◮ With applications for proof-carrying authorization

  4. Proof-carrying authorization ◮ Idea: represent authorization as logical propositions (Appel and Felten 1999)

  5. Proof-carrying authorization ◮ Idea: represent authorization as logical propositions (Appel and Felten 1999) ◮ ... in a logic with a notion of affirmation ◮ � K � A means “the principal K says A ”

  6. Proof-carrying authorization ◮ Alice wants to give access to a file, so affirms: ◮ � Alice � may-read ( Bob , file ) ◮ � Alice � may-read ( Charlie , file )

  7. Proof-carrying authorization ◮ Alice wants to give access to a file, so affirms: ◮ � Alice � may-read ( Bob , file ) ◮ � Alice � may-read ( Charlie , file ) � Alice � may-read ( Bob , file )

  8. Proof-carrying authorization ◮ Alice wants to give access to a file, so affirms: ◮ � Alice � may-read ( Bob , file ) ◮ � Alice � may-read ( Charlie , file ) � Alice � may-read ( Bob , file ) file contents

  9. Proof-carrying authorization - higher order use ◮ Much more flexible policies are possible: � Alice �∀ K . � Registrar � in-Alice’s-class ( K ) ⊃ may-read ( K , file )

  10. Proof-carrying authorization - higher order use ◮ Much more flexible policies are possible: � Alice �∀ K . � Registrar � in-Alice’s-class ( K ) ⊃ may-read ( K , file ) ◮ Then can derive: ∀ K . � Registrar � in-Alice’s-class ( K ) ⊃ � Alice � may-read ( K , file )

  11. Implementing proof-carrying authorization ◮ Straightforward to make work even in a decentralized/peer-to-peer system ◮ Proofs are self-contained ◮ Digital signatures used for affirmation

  12. Consumable credentials What if we want one time use authorization?

  13. Linear logic ◮ Garg et al. 2006; linear proof-carrying authorization ◮ Linear logic treats hypotheses as scarce resources that must be used once For logicians Linear logic allows exchange , but not weakening or contraction

  14. Linear logic ◮ Garg et al. 2006; linear proof-carrying authorization ◮ Linear logic treats hypotheses as scarce resources that must be used once ◮ Good for modeling state change: bread ⊗ ham ⊸ ham sandwich ∀ i . counter ( i ) ⊸ counter ( i + 1) For logicians Linear logic allows exchange , but not weakening or contraction

  15. Linear authorization � Alice � may-take ( Bob , MilkDuds )

  16. Linear authorization � Alice � may-take ( Bob , MilkDuds ) � Alice � may-take ( Bob , MilkDuds ) ◮ How to ensure that a resource isn’t used multiple times? ◮ Need a mechanism to irreversibly commit to a state change

  17. Bitcoin ◮ On a completely different note: consider designing a decentralized digital currency

  18. Bitcoin ◮ On a completely different note: consider designing a decentralized digital currency ◮ A coin is a chain of digital certificates ◮ A coin is spent by signing it over to somebody else 1’s pubkey 0’s signature

  19. Bitcoin ◮ On a completely different note: consider designing a decentralized digital currency ◮ A coin is a chain of digital certificates ◮ A coin is spent by signing it over to somebody else 1’s pubkey 2’s pubkey 0’s signature 1’s signature

  20. Bitcoin ◮ On a completely different note: consider designing a decentralized digital currency ◮ A coin is a chain of digital certificates ◮ A coin is spent by signing it over to somebody else 1’s pubkey 2’s pubkey 3’s pubkey 0’s signature 1’s signature 2’s signature

  21. Bitcoin - the catch 1’s pubkey 0’s signature ◮ But how do we prevent an owner from spending a coin multiple times?

  22. Bitcoin - the catch 2’s pubkey 1’s pubkey 1’s signature 0’s signature ◮ But how do we prevent an owner from spending a coin multiple times?

  23. Bitcoin - the catch 2’s pubkey 1’s pubkey 3’s pubkey 1’s signature 0’s signature 1’s signature ◮ But how do we prevent an owner from spending a coin multiple times?

  24. Bitcoin - the catch 2’s pubkey 1’s pubkey 3’s pubkey 1’s signature 0’s signature 1’s signature ◮ But how do we prevent an owner from spending a coin multiple times? ◮ Need a mechanism to irreversibly commit to a state change

  25. Bitcoin implementation ◮ Bitcoin (Nakamoto 2008) does this with a global ledger of all transactions - the “blockchain” ◮ Ledger maintained by distributed process called “mining”

  26. From Bitcoin to Typecoin 5 9 4

  27. From Bitcoin to Typecoin bread cook ham sandwich ham

  28. From Bitcoin to Typecoin - transactions a 1 b 1 I 1 O 1 . . . . . . I m a m O n b n ◮ a 1 + · · · + a m = b 1 + · · · + b n

  29. From Bitcoin to Typecoin - transactions A 1 B 1 I 1 O 1 . . . . . M . I m O n A m B n ◮ ⊢ M : ( A 1 ⊗ · · · ⊗ A m ) ⊸ ( B 1 ⊗ · · · ⊗ B n ) ◮ Carry linear logic 1 propositions instead of numbers 1 actually affine logic

  30. Authorization example

  31. Authorization example � Alice � may-take ( Bob , MilkDuds ) sign

  32. Authorization example � Alice � may-take ( Bob , MilkDuds ) ... sign � Alice � may-take ( Bob , MilkDuds )

  33. Authorization example � Alice � may-take ( Bob , MilkDuds ) ... sign � Alice � may-take ( Bob , MilkDuds )

  34. Authorization example � Alice �∀ K . may-take ( K , MilkDuds ) ... sign � Alice � may-take ( Bob , MilkDuds ) ◮ Quantification allows transferable permissions

  35. Authorization example � Alice �∀ K . may-take ( K , MilkDuds ) & may-take ( K , Hershey ′ s ) ... sign � Alice � may-take ( Bob , MilkDuds ) ◮ Quantification allows transferable permissions ◮ External choice (“with”) allows choice

  36. Declarations ◮ Where do may-take , MilkDuds , etc. come from?

  37. Declarations ◮ Where do may-take , MilkDuds , etc. come from? ◮ Transactions can declare types and propositions : principal → candy → prop may-take

  38. Building a new currency ◮ Can turn Typecoin back into a currency (S-coins) : nat → prop coin : ∀ N , M : nat . merge coin N ⊗ coin M ⊸ coin N + M : ∀ N , M , P : nat . split coin N + M ⊸ coin N ⊗ coin M

  39. Central banking ◮ Need some way to mint a new S-coin : nat → prop print : ∀ N :nat . � Janet � ( print N ) ⊸ coin N issue

  40. How to implement? ◮ We could build Typecoin in a standalone way ◮ Use adapted versions of the Bitcoin mining algorithms and protocol ◮ Could typecheck transactions before they enter the chain

  41. How to implement? ◮ How to incentivize people to mine on a Typecoin chain? ◮ Bitcoin already has a lot of mining power ◮ Typechecking transactions in the chain not an obvious win: proofs might be big or not public

  42. Overlaying on Bitcoin ◮ New plan: actually overlay on top of Bitcoin A 1 B 1 I 1 O 1 . . . . . M . I m O n A m B n

  43. Overlaying on Bitcoin ◮ New plan: actually overlay on top of Bitcoin   A 1 B 1 I 1 O 1 . . . . hash  . M .    I m O n A m B n a 1 b 1 I 1 O 1 . . . . . . a m I m O n b n ◮ Embed a hash in the metadata of the Bitcoin transaction ◮ Send the Typecoin transactions to interested parties

  44. Metadata in Bitcoin ◮ Bitcoin historically lacked a nice place to put metadata - on principle ◮ (Nodes would not forward transactions that used the straightforward methods) ◮ Paper describes a somewhat hacky workaround

  45. Metadata in Bitcoin ◮ Bitcoin historically lacked a nice place to put metadata - on principle ◮ (Nodes would not forward transactions that used the straightforward methods) ◮ Paper describes a somewhat hacky workaround ◮ But the Bitcoin developers have since caved

  46. Receipts ◮ Receipts that attest to outputs: receipt( A ։ addr ) � Alice � (receipt( coin (5) ։ Alice ) ⊸ ∀ K . may-take ( K , MilkDuds ))

  47. Expiration/revocation ◮ Conditional modality permits revocation and expiration: if(before(July 10)) , may-write ( Alice , POPL-paper ))

  48. Implementation ◮ Implemented in Standard ML ◮ With a new Bitcoin client, in SML

  49. Related Work ◮ Bowers et al. 2007; consumable credentials ◮ Rosenfeld 2013; colored coins ◮ Wood 2014; Ethereum

  50. Conclusion ◮ Typecoin is a flexible peer-to-peer logical commitment mechanism ◮ Based on generalizing Bitcoin to carry logical propositions ◮ Actually implemented on top of Bitcoin ◮ Details on the logic are in the paper

  51. Thank you!

  52. Why not linear? ◮ Typecoin sort of fundamentally affine - can always throw away an output ◮ Allowing rule declarations in signatures makes it trivial ◮ trash : ⊤ ⊸ 1

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Anonymity in the Bitcoin Peer-to-Peer Network Shaileshh Bojja Venkatakrishnan, Giulia Fanti,

Anonymity in the Bitcoin Peer-to-Peer Network Shaileshh Bojja Venkatakrishnan, Giulia Fanti,

Anonymity in the Bitcoin Peer-to-Peer Network Shaileshh Bojja Venkatakrishnan, Giulia Fanti, Pramod Viswanath Untraceable Bitcoin https://www.youtube.com/watch?v=k8LqlMzEe-I This is false. Blockchain sd93fjj2 Bitcoin Primer

284 views • 26 slides
Bitcoin: A Peer-to-Peer Electronic Cash System Paper review Bea Botyanszki The original bitcoin

Bitcoin: A Peer-to-Peer Electronic Cash System Paper review Bea Botyanszki The original bitcoin

Bitcoin: A Peer-to-Peer Electronic Cash System Paper review Bea Botyanszki The original bitcoin paper Published on The Cryptography Mailing list, in 2008 By Satoshi Nakamoto Identity unknown, but probably not a single person, but a

312 views • 9 slides
Bitcoin: A Peer-to-Peer Electronic Cash System By Dhruv Krishnan and Priya Holani Bitcoin: A

Bitcoin: A Peer-to-Peer Electronic Cash System By Dhruv Krishnan and Priya Holani Bitcoin: A

Bitcoin: A Peer-to-Peer Electronic Cash System By Dhruv Krishnan and Priya Holani Bitcoin: A Peer-to-Peer Electronic Cash System By Dhruv Krishnan and Priya Holani Introduction Traditional Transaction Model Bob Bank Alice Problems with

910 views • 34 slides
Anonymity in the Bitcoin Peer-to-Peer Network Shaileshh Bojja Venkatakrishnan, Giulia Fanti,

Anonymity in the Bitcoin Peer-to-Peer Network Shaileshh Bojja Venkatakrishnan, Giulia Fanti,

Anonymity in the Bitcoin Peer-to-Peer Network Shaileshh Bojja Venkatakrishnan, Giulia Fanti, Andrew Miller, Pramod Viswanath Why do People Use Cryptocurrencies? Technical Properties/ Currency Stability Investment Ideology Untraceable

692 views • 58 slides
Hakim Khalafi Fall 2013 Project Class: Peer -to-peer networking" Instructor: Dario Rossi

Hakim Khalafi Fall 2013 Project Class: Peer -to-peer networking" Instructor: Dario Rossi

Hakim Khalafi Fall 2013 Project Class: Peer -to-peer networking" Instructor: Dario Rossi Bitcoin becoming very popular! Most studies focus on either Bitcoin transaction graph (Harrigan et. al) Bitcoin mining weaknesses (Barber

404 views • 13 slides
A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital

A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital

A Technical Introduction to Bitcoin Niklas Fors, 2018-02-20 Bitcoin Decentralized digital currency Anyone can be part of the network Global distributed ledger called blockchain First Appearance Bitcoin: A Peer-to-Peer Electronic

4.02k views • 48 slides
Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol

Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol

Ethereum and Solidity Prof. Tom Austin San Jos State University Bitcoin (BTC) Protocol designed by Satoshi Nakamoto in 2008 https://bitcoin.org/bitcoin.pdf First Bitcoin client launched in 2009 Peer-to-peer no centralized

501 views • 31 slides
Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg Peer-to-Peer Networking Facts Hostile environment - Legal situation - Egoistic

882 views • 57 slides
Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector

Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector

Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector Garcia-Molina Pure peer-to-peer systems are hard to scale Gnutella Look at hybrids between p2p and server-client Presented by Marco Barreno Servers

282 views • 6 slides
PEER UNIVERSITY COMPARISON All subcommittees were engaged in reviewing peer & exemplary

PEER UNIVERSITY COMPARISON All subcommittees were engaged in reviewing peer & exemplary

PEER UNIVERSITY COMPARISON All subcommittees were engaged in reviewing peer & exemplary universities in their areas CLIMATE ACTION COMMITMENT UPDATE PROCESS SPRING 2020 PURPOSE & FOCUS Review climate actions of peer and exemplary

343 views • 6 slides
A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Network Muoi Tran , Inho Choi, Gi

A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Network Muoi Tran , Inho Choi, Gi

IEEE Symposium on Security and Privacy ( IEEE S&P ) 2020 https://erebus-attack.comp.nus.edu.sg/ A Stealthier Partitioning Attack against Bitcoin Peer-to-Peer Network Muoi Tran , Inho Choi, Gi Jun Moon, Anh V. Vu, Min Suk Kang May 2020

814 views • 18 slides
THE PEER-TO-PEER NETWORK JOHN NEWBERY @jfnewbery github.com/jnewbery THE PEER-TO-PEER NETWORK

THE PEER-TO-PEER NETWORK JOHN NEWBERY @jfnewbery github.com/jnewbery THE PEER-TO-PEER NETWORK

THE PEER-TO-PEER NETWORK JOHN NEWBERY @jfnewbery github.com/jnewbery THE PEER-TO-PEER NETWORK Introduction Types of nodes Message format Control messages Transaction propagation Block propagation THE PEER TO PEER

767 views • 38 slides
Blockchain 2.0 Opportunities and Risks Patrick Valduriez The Hype 2 Bitcoin Bitcoin: A

Blockchain 2.0 Opportunities and Risks Patrick Valduriez The Hype 2 Bitcoin Bitcoin: A

Blockchain 2.0 Opportunities and Risks Patrick Valduriez The Hype 2 Bitcoin Bitcoin: A Peer-to-Peer Electronic Cash System Satoshi Nakamoto (pseudo), Oct. 31, 2008 (Halloween) Cryptocurrency and payment system Blockchain is the

551 views • 44 slides
Serverless networking (peer-to-peer computing) Peer-to-peer models Client-server computing

Serverless networking (peer-to-peer computing) Peer-to-peer models Client-server computing

5/7/08 Serverless networking (peer-to-peer computing) Peer-to-peer models Client-server computing servers provide special services to clients clients request service from a server Pure peer-peer computing all systems have equivalent

586 views • 20 slides
On the Privacy Provisions of Bloom Filters in Lightweight Bitcoin Clients Arthur Gervais, Ghassan

On the Privacy Provisions of Bloom Filters in Lightweight Bitcoin Clients Arthur Gervais, Ghassan

On the Privacy Provisions of Bloom Filters in Lightweight Bitcoin Clients Arthur Gervais, Ghassan O. Karame, Damian Gruber, Srdjan apkun ETH Zurich, NEC Research ACSAC 2014 Bitcoin Bitcoin Peer-to-peer decentralized currency

1.06k views • 74 slides
SMART CITIES Conference What is Bitcoin and how does it work? Matej Petkovi Abelium

SMART CITIES Conference What is Bitcoin and how does it work? Matej Petkovi Abelium

SMART CITIES Conference What is Bitcoin and how does it work? Matej Petkovi Abelium Introduction Bitcoin is a cryptocurrency Advantages: Aanonymity No provisions Peer-to-peer system Disadvantages: High volatility

233 views • 11 slides
BLOCKCHAIN The foundation behind Bitcoin Sourav Sen Gupta Indian Statistical Institute, Kolkata

BLOCKCHAIN The foundation behind Bitcoin Sourav Sen Gupta Indian Statistical Institute, Kolkata

BLOCKCHAIN The foundation behind Bitcoin Sourav Sen Gupta Indian Statistical Institute, Kolkata CRYPTOGRAPHY Backbone of Blockchain Technology Component 1 : Cryptographic Hash Functions HASH FUNCTIONS Map variable-length input to

1.96k views • 100 slides
BIT COIN Reference Bitcoin and Cryptocurrency Technologies By Arvind Narayanan, Joseph Bonneau,

BIT COIN Reference Bitcoin and Cryptocurrency Technologies By Arvind Narayanan, Joseph Bonneau,

BIT COIN Reference Bitcoin and Cryptocurrency Technologies By Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, Steven Goldfeder References Main reference: Bitcoin and Cryptocurrency Technologies, By Arvind Narayanan, Joseph

1.46k views • 77 slides
Cryptocurrency Brings New Battles into the Currency Market Yingjie Zhao Betreuer: Heiko

Cryptocurrency Brings New Battles into the Currency Market Yingjie Zhao Betreuer: Heiko

Lehrstuhl Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen Cryptocurrency Brings New Battles into the Currency Market Yingjie Zhao Betreuer: Heiko Niedermayer Content Brief introduction to

444 views • 15 slides
The Age of Cryptocurrencies: Bitcoin and Sisters Ghada Almashaqbeh Columbia University April

The Age of Cryptocurrencies: Bitcoin and Sisters Ghada Almashaqbeh Columbia University April

The Age of Cryptocurrencies: Bitcoin and Sisters Ghada Almashaqbeh Columbia University April 2019 Outline Motivation. Main concepts. Operation; transactions, mining, blockchain, consensus. Main problems and potential

550 views • 32 slides
A Perspective on Cryptocurrencies BART PRENEEL IMEC-COSIC KU LEUVEN

A Perspective on Cryptocurrencies BART PRENEEL IMEC-COSIC KU LEUVEN

A Perspective on Cryptocurrencies BART PRENEEL IMEC-COSIC KU LEUVEN BART.PRENEEL(AT)ESAT.KULEUVEN.BE 4 SEPTEMBER 2017 1 Currencies = maintaining memory Envelope and contents from Susa, Iran, ca 3300 BCE Each lenticular disc stands

685 views • 55 slides
Introducing Blockchain Oct. 12, 2017 12 p.m. EDT www.thecompanydime.com Questions? Click

Introducing Blockchain Oct. 12, 2017 12 p.m. EDT www.thecompanydime.com Questions? Click

Introducing Blockchain Oct. 12, 2017 12 p.m. EDT www.thecompanydime.com Questions? Click the chat icon at right or email us: team@thecompanydime.com Hosts Jay Campbell The Company Dime Journalist, Co-Founder David Jonas The Company Dime

812 views • 17 slides
Cryptographic Currency Dr George Danezis University College London <gdanezis@ucl.ac.uk>

Cryptographic Currency Dr George Danezis University College London <gdanezis@ucl.ac.uk>

The Irresistible Rise of Cryptographic Currency Dr George Danezis University College London <gdanezis@ucl.ac.uk> Payment Instruments and Currencies Payment Instruments: Mechanism of how we transfer value. Cash. Letters of

504 views • 23 slides
CS425/ECE428 Distributed Systems Spring 2013 2011-12-01

CS425/ECE428 Distributed Systems Spring 2013 2011-12-01

CS425/ECE428 Distributed Systems Spring 2013 2011-12-01 Nikita Borisov - UIUC 1 Two problems Unforgeable electronic currency Secure, globally unique

641 views • 28 slides

More recommend