Day 2 Blockchain Platforms and Architectures
Part V: Ethereum
- Basics
- Mechanism and Protocol
- Smart Contracts
Part VI: The Blockchain World
- Other Blockchains
- Blockchain Interoperability
Part VII: Practical Exercises
- Ethereum Wallet
- Smart Contract
Part VIII: Blockchain Evaluations (Technical View, mainly)
- To Blockchain or not to Blockchain
- Comparisons and Assessment
- Challenges and Risks
- Expected Impacts and Conclusions
Part V: Ethereum
Ethereum Basics
Issues with Bitcoin :
- Bitcoin Script limited
- Slow development, implementing new features difficult
- SegWit vs. BTU (segregated witness vs. increasing block size voting)
Ethereum:
- «General-purpose» blockchain (loops, arithemitcs, etc.)
- White paper released in December 2013
- Protocols designed from scratch (not like Bitcoin forks)
- Ethereum foundation located in Zug (initiators known) – non-profit foundation
- Mining ~ block every ~14s – ~2 (“always” Bitcoin’s ~21m reward ETH ( always , unlike Bitcoin s BTC limit)
Olympic (past) – released 09.05.2015
EthereumReleases :
St Petersburg changed the reward from 3 to 2 ETH
Ethereum Stats :
- 2nd in market cap ~ 50b USD
- 112mio ETH supply
- Transactions (highest ~15.5 TPS) now ~1mio per day
- Node count (~9’000 nodes)
- Blocksize ~40KB
- Accounts (113mio)
Mining Mechanisms : Proof-of-work – Increasing difficulty
51% Attack in Ethereum / Bitcoin : If a majority of CPU power is controlled by honest nodes, the honest chain will grow the fastest and outpace any competing chains.
NiceHash : check how expensive is a 51% attack on a specific blockchain, possibility to purchase an attack !
Ethereum classic suffered multiple 51% attack this year. In august and september 2020
In case of 51% attack, the longest chain survices.
Double spend : rollback transactions
- X is an exchange address
- Mine secretly, Y is attacker address
- X arrived – miner does payout USD (wait 2
block conf.) - You mine faster as you have 51%, broadcast
secret chain - Tx F→X: 15 never happened, goes to Y, but
attacker already got the USD - Attacker can spend the 15 coins again (double
spend)
Transaction Time and Costs
Gas
Recap: Ethereum needs a lot of energy – proof-of-work – Miners are rewarded with 2 ETH – 900USD
Miner also gets TX fee :
- Bitcoin (simple TX)~ 3USD
- Ethereum (simple TX) ~ 2USD
How much do I need to pay?
- Bitcoin easy, proportional to size: 300 bytes = 0.0003BTC, 600b = 0.0006BTC
- Ethereum can have loops, so 300 bytes script may run forever -> Solution: pay per instruction → gas
Blocktime and Gas
Every instruction is paid for in gas
Issue transaction: specify how much gas you want to use ( max) and gas price -> If you run out of gas, state is reverted, ETH gone
Gas Price also set by Miner, around 375 gwei
if Gas price too low, longer waiting time until TX will be included
Smart Contracts
- Ethereum Virtual Machine runs instructions
- Computation on EVM is “very expensive“: every contract is run on every full Ethereum node
- Global computer, always running, always correct
- Result on every node is the same
- Coin flip is not easy – no random number generator in Ethereum
Scripts / Opcodes / Smart Contracts
- Ivy – a non Turing complete higher-level language that compiles to Bitcoin Script (experimental)
- Rootstock : smart contract platform with a turing complete VM for bitcoin
- Simplicity : a typed, combinator-based, functional language, definition fits on a t shirt
- Miniscript : language for writing Bitcoin scripts in a structured way
- and.. solidity !
Solidity language
https://solidity.readthedocs.io
JavaScript-like language
Statically typed that compiles to EVM bytecode
Solidity: Constructor / Function Calls
- The constructor is run only once, i.e., when the contract is created!
- Smart contract function can call another smart contract function
- Initiator always needs to be an external account (smart contract can have account)
- But smart contract can never initiate a transaction on its own
Solidity: Version, Mapping
/*Specifies what versions of Solidity
*a source file can work on
*/
pragma solidity ^0.7.1;
contract Notary {
mapping (address => mapping (bytes32 => uint256)) stamps;
}
Mapping of address, of mapping of hash, and timestamp
Example Solidity Contract : Notary contract
pragma solidity ^0.7.1;
contract Notary {
mapping (address => mapping (bytes32 => uint256)) stamps;
function store(bytes32 hash) public {
stamps[msg.sender][hash] = block.timestamp;
}
function verify(address recipient, bytes32 hash)
public view returns (uint256) {
return stamps[recipient][hash];
}
}To push the code : You use a compiler then Remix then MEtamask
or
Compiler, terminal -> instructions -> local ethereum node
Metamask
- Browser plugin to ease Ethereum transactions in browsers
- Manage your key pairs and sign blockchain transactions
- MetaMask injects javascript library – web3.js
- Uses infura
Remix IDE : https://remix.ethereum.org to compile and deploy the .sol smart contract
Create Contract
Connect to MetaMask
- Injected Web3
- If you see your accounts, good!
Create contract! : add address to the code (manually)
Store value : 0x654cf88c4cff3e62696f7cbb55fbba922b2a7589
7a010347e371e9398b658c4affa611aa
Hash is : 0x4cff3e62696f7cbb55fbba922b2a75897a010347
e371e9398b658c4affa611aa
First four bytes of the Keccak (SHA-3) hash of the signature of the function.
Run it!
Yarn install and then open browser http://localhost:8080/
ERC20
- ERC20 is a technical standard for smart contracts on the Ethereum blockchain for implementing tokens.
- Proposed on November 10, 2015
- Sep 2020 : around 290’000 ERC20 Token contracts : EOS, Tether, DCHF..
ERC20 Token (simplified)
- No allowance/approval/transferFrom, also no Approval event
- Creator gets 1000 coins
- Using SafeMath (always use it)
contract SimpleERC20 {
function totalSupply() public view returns (uint256);
function balanceOf(address who) public view returns (uint256);
function transfer(address to, uint256 value) public returns (bool);
event Transfer(address indexed from, address indexed to, uint256 value);
}
string public constant name = "CAS-UZH-TOKEN";
string public constant symbol = "CUT";
uint8 public constant decimals = 18;
using SafeMath for uint256;
mapping(address => uint256) balances;
uint256 totalSupply_;
constructor() public {
totalSupply_ = 1000 * (10**18);
balances[msg.sender] = totalSupply_;
}
Security Considerations
List of the top smart contract vulnerabilities
- Reentrancy (DAO 3.5M)
- Access Control (Parity 150K)
- Arithmetic Issues (DAO)
- Unchecked return values for low level calls
- Denial of service (parity 500K)
- Bad randomness (400K)
- Front running
- Time manipulation – a malicious miner sets own timestamp
Random numbers
- Every EVM needs to come to the same result
- Random numbers from Oracle
Commitment schemes : Commit to a hashed random number, reveal later, punish if not revealed
Or: use future blockhash
- Only up to 256 blockhashes from the past can be accessed.
- Deduct / add tokens/ETH from the past address
- Miner can influence the random value -e.g., don’t publish block if random value not in favor
Multiple Exchanges Suspend ERC20 Token Trading Due To Potential BatchOverflow Bug
- Integer overflows in multiple contracts
- Poloniex suspended all ERC20 token deposits and withdrawals,
- OKEX’s decision to halt ERC20 deposits
Part VI: The Blockchain World
App. 6500 different ones are listed at coinmarketcap.com
Libra
- URL: https://libra.org
- BC type: Permissioned
- Node types: Participant and Validators
- Token type: Currency
- Account model: Account-based
- Consensus mechanism: LibraBFT
- Variation of the HotStuff protocol
- • Leader-based Byzantine fault-tolerant replication protocol for the
- partially synchronous model
- Works at the pace of actual (vs. maximum) network delay -> Property “responsiveness”
- About 100 founding members as Validators
Major characteristics
- Mining scheme used: Dedicated protocol based on trusted Validators
- Block size: There is no concept of a block of transactions
- Transaction size: 5 KByte
- Transaction rate: 1,000 tx/s
- Security features: Proof of authority, cryptographically authenticated database, memory-safe using Rust
- Smart Contract : “Move” Programming Language. Implemented using modules containing code values and resources containing data values.
Libra Economics
- Cryptocurrency: Yes, Libra Coins
- Details: New coins are minted and excess is burnt
• Value of the coin will be tightly bound to the global economy - Exchange rates to fiat: Stable (planned for)
- Transaction fees: Low fees, variable according to gas price
- Wallet : not yet available
- Listed on crypto exchanges : not yet
- Market cap : stablecoin will be released in 2020
Libra Organization
- Developer community: Libra Association
- Country of origin: Switzerland
- SDKs: Not available yet
- Blockchain explorer: Yes, http://libra-explorer.net (testnet)
- Full or light client: Testnet only, https://developers.libra.org
- Known vulnerabilities and attacks: Double spending attack avoided by using the LibraBFT
- Major application domain(s) : Financial services, payments, e-commerce
Libra Overall Evaluation
Scalability
- Initial set-up at 1,000 tx/s for a set of 100 validator nodes
- Plans to become permisionless as technology matures
Centralization degree
- 50%, partial decentralization
Energy efficiency
- Projected to use energy more like current data centers
Security level
- Designed to deal with most-common attacks (e.g., double spending) and tolerate faults within the Validator network,
- Not storing any personal data of users plan)
Monero
- URL: https://getmonero.org
- BC type: Public
- Token type: Currency
- Account model: UTXO
- Consensus mechanism: Proof-of-Work (PoW) >: Block size changes based on the transaction volume
- Additional mechanisms: Pruning, ASIC-resistance PoW
Monero Characteristics
– Mining scheme used: Proof-of-Work
– Block size: Variable
• Defined according the previous 100 blocks
• Storage efficiency: 1,883,942 (block height)
– ~ 72 GB (full node)
– Transaction size: ~ 14 KByte
– Transaction rate: ~ 7 tx/s (1,700 tx/s estimated)
– Security features: ring signatures, ring confidential transactions
(RingCT), and stealth addresses
• All transactions on the network are private by mandate
• Pseudo-anonymous
Monero Economics
Cryptocurrency: Yes, XMR
– Exchange rates to fiat: Unstable
– Transaction fees: Variable : Based on transaction priority, $0.021 USD (average)
Wallet
– Reference implementation in Javascript, https://mymonero.com
– API: JSON RPC Interface
Listed on crypto exchange(s)
– https://localmonero.co, https://anycoindirect.eu
Market capitalization (as of July 31, 2019) : 1,388,479,350 USD
Monero Organization
Developer community: Monero Team
– Country of origin: N/A
– SDKs: Daemon RPC, Wallet RPC
– Blockchain explorer: https://moneroblocks.info
– Full or light client: Both, https://getmonero.org/downloads
Known vulnerabilities and attacks:
– Zero-amount miner TX, DDoS risk, Traceable transactions
– Incident Response Team and community of developers work
on reported bugs/vulnerabilities
Major application domain(s)
Cryptocurrency with a focus on private and censorship-resistant transactions
Monero Overall Evaluation
Scalability
– Large size of the blockchain, poorly scalable
Centralization degree
– 100%, fully decentralized
Energy efficiency
– 645.62 GWh of eletricity (higher than a country like Haiti)
Security level
– 100% privacy-driven project
EOS
URL: https://eos.io/
BC type: dApp Ecosystem
– Node types: block producers, backup block
producers, api nodes, seed nodes, validators
Token type: Utility
Account model: Account (name in a human readable format)
Consensus mechanism: BFT-dPoS
– 21 allowed block producers → centralization
– EOS holders vote for block producers, EOS tokens for votes
Additional mechanisms:
– Free of charge for users
– Contracts mutable, freezing accounts possible
Major characteristics
– Mining scheme used: BFT-dPoS
– Block size: limited by network capacity
• Storage efficiency: 4 TB after 8 months of operation
– Transaction size: N/A, max 30 ms for execution
– Transaction rate: max 3,996 tx/s
– Security features: SHA 256 is used to generate the digest and
ECDSA to sign the block
– Smart Contract
• Supported binaries Web Assembly (WASM/ABI files), Turing-complete
• Supported Languages: C++
• Other languages that produce WASM code: RUST, Python, Solidity
EOS Economics
Cryptocurrency: No
– Utility token to acquire EOS CPU/RAM to run dApps
– Exchange rates to fiat: floating, “rather” stable
– Transaction fees: free of charge for users, accounts with dApps need to
stake EOS tokens against EOS CPU and trade EOS tokens against EOS RAM
Wallet
– Reference implementation C++, Cleos, Nodeos, Keosd
https://github.com/EOSIO/eos and API in C++
Listed on crypto exchange(s)
• Bitfinex, Binance, Kraken, HitBTC, Liqui, Gate.io, EtherDelta, Kucoin,
Mercatox, Exrates, Livecoin, IDEX, COSS, TIDEX
Market capitalization (as of August 15, 2019) : 3,780,703,585 USD
EOS Organization
Developer community: 188 developers (GitHub)
– Country of origin: Cayman Islands
• Deployment needs: depending on the role, i.e., block producers,
backup block producers, api nodes, seed nodes
– SDK: Jeos (Java), Eospy (Python)
– Blockchain explorer: Yes, https://bloks.io
– Full or light client: Full https://github.com/EOSIO/eos
Known vulnerabilities and attacks:
– Against dApps: Numerical Overflows, Authorization Checks,
Apply Checks, Transfer Error Prompt, Random Number Practice, Rollback Attack
Major application domain(s)
– SC-based distributed Applications (dApps
EOS Overall Evaluation
Scalability : High: both horizontal and vertical scaling
Centralization degree : Centralized among block producers
Energy efficiency : High
Security level : Pseudo anonymous, Smart Contract mutability, account
freezing, account code change
HyperLedger
No currency
Private distributed ledger
Umbrella Project
– Fabric: Platform for building blockchain-based products
– Composer: tools to build, test, and operate a blockchain
– Cello: allows Blockchain-as-a-Service (BaaS)
– Explorer: dashboard for blockchain monitoring
– Burrow: Ethereum Smart Contracts execution
– Sawtooth: modular enterprise-level blockchain
– Caliper: blockchain benchmarking tool
Active Hyperledger Projects
Open source effort created to advance cross-industry
Distributed Ledger Technologies (DLT) hosted by “The
Linux Foundation”
– https://www.hyperledger.org
Active HL projects include
– HL Fabric a general-purpose, permissioned DL
– HL Indy a special-purpose, permissioned DL
• Focusing on decentralized identity management
– HL Iroha is a permissioned DL
• Tailored for digital asset management
– HL Sawtooth a general-purpose general purpose, permissioned or
permissionless DL
Hyperledger Fabric
Hyperledger Fabric (HLF) initialized by IBM
HLF implemented in Golang
– Smart contracts in Go, JavaScript, or Java
– SDKs exist in Node.js, Java, Go, REST and Python
Network roles and components of HLF
– Channels for complete data isolation b/w a set of participants
– Private data collections enable transactions between
participants on the same ledger, but keep data private to a
subset of transactors
• Private data is shared peer-to-peer, with only hashes stored on the
shared ledger as – Identity Mixer for anonymity of transaction submitters
Hyperledger Indy
Hyperledger Indy focused on identity management
– DIDs (Decentralized Identifiers) without
requiring central resolution authorities.
• Verifiable claims are an interoperable format for the exchange of digital
identity attributes and relationships
– Currently in the W3C standardization pipeline
Zero Knowledge Proofs enable that some or all of the data in a set of
claims is true without leaking any additional information, including the
identity of the prover
HL Indy is independent, but commonly associated with
“The Sovrin Foundation”, which offers a public utility for
identity built on top of Indy’s codebase
Hyperledger Iroha
Hyperledger Iroha is written in C++, initially developed by a group of Japanese developers, who built their own BC for mobile use cases
BFT Consensus algorithm called YetAnotherConsensus (YAC)
– Iroha offers ready-to-use set of commands and queries, as
well as multi-signature transactions
Digital asset management capabilities
– E.g., create digital assets, register accounts, and transfer
assets between accounts.
– Robust permission system, allowing permissions to be set for
all commands, queries, and joining of the network
Hyperledger Sawtooth
Hyperledger Sawtooth initialized by Intel
Permissioned and permissionless deployment possible
Proof-of-Elapsed-Time (PoET) consensus algorithm
– Dependent on Intel’s Software Guard Extensions (SGX) to
elect leaders to cut blocks based on random wait times.
– Peers have access to all transaction data, unlike in Fabric,
where “private” channels can be established Smart contract capabilities
– SDK for Python, Javascript, Go, and Rust
– Ethereum contract compatibility is provided with Seth, enabling the deployment of Sawtooth contracts to Ethereum
NEO
URL: https://neo.org
BC type: Public
Node types: Participants, Validators, Speakers
Token type: Currency, Utility
Account model: UTXO
Consensus mechanism: dBFT 2.0
Decision on consensus nodes for next round by voting
Users only need to wait for one confirmation (15 s)
Additional mechanisms:
Digital Identity based on KYC (Know Your Customer)
“Roll back the chain” with consensus
NEO Characteristics
Major characteristics
Mining scheme used: dBFT 2.0
Block size: ~ 5 KB (average)
Storage efficiency: 4,038,763 (block index)
Transaction size: ~ 200 Byte
Transaction rate: 1,000 tx/s (10,000 tx/s theoretically)
Security features: Anti-quantum cryptography mechanism
(NeoQS), digital certificate
Smart Contract
Language: .Net, Java, C, C#, Go, Python, Kotilin, Javascript
Key details: Turing-complete, support concurrent operation, sharding, and unlimited scalability, when running in NeoVM
All operations have GAS costs, but, the first 10 GAS are for free
NEO Economics
Cryptocurrency: Yes
Details: 100 millions NEO created in the Genesis Block
Exchange rates to fiat: Unstable
Transaction fees: Variable based on operations (GAS)
Wallet
Reference implementation in Javascript
https://docs.neo.org/docs/en-us/node/gui/wallet.html
API: RPC, Smart Contract Framework
Listed on crypto exchange(s)
https://coinall.com, https://etoro.com
capitalization (as July 31 © 2020 UZH, CSG@IfI 62
Market of 31, 2019) : $807,485,181 USD
NEO Organization
Developer community: NEO Contributors
Country of origin: China
SDKs: NEO SDK (current version: 2.9.0)
Blockchain explorer: https://neotracker.io
Full or light client: both, https://neo.org/client
Known vulnerabilities and attacks:
NEO Vulnerability Bounty Program paid up to $10,000 USD
per vulnerability reported
Major application domains:
Smart economy, digital assets, digital identity
NEO Overall Evaluation
Scalability
Theoretically, NEO achieves infinite scalability with NEOVM
Centralization degree
50%, centralization of control
Energy efficiency
Lower electricity costs and attendant carbon footprints
Security level
Uses digital identity to link accounts to real life identity, traceable, assets protection
Other dimensions of importance
Peer-to-peer networking, cross-chain interoperability
THETA
URL: https://www.thetatoken.org/
BC type: Public
– Node types: Validators, Guardian, Normal
Token type: Currency and Utility
Account model: Account/Balance
Consensus mechanism: PoS/BFT
– 10-20 validators
– Guardian nodes finalize blocks
Additional mechanisms
– Blockchain pruning, off-chain payments
THETA Characteristics
Major characteristics
– Mining scheme used: Multi-Level BFT
– Block size: up to 8,192 tx per block
Storage efficiency: N/A
– Transaction size: N/A
– Transaction rate: > 1,000 tx/s
– Security features: Pseudo-anonymous addresses
– Smart Contract
Language: Solidity
Key details: Ethereum-based Smart Contracts, Turing-complete,
Ethereum Virtual Machine
THETA Economics
Cryptocurrency: Yes
– Details: THETA and TFuel (related to gas in Ethereum)
– Exchange rates to fiat: unstable
– Transaction fees: variable on transaction size (gas)
Wallet
– Reference implementation in Go,
https://github.com/thetatoken/theta-protocol-ledger
– API: Web, Command-line only
Listed on crypto exchange(s)
– Binance, https://www.binance.com
Market capitali ation (as of J l 24 © 2020 UZH, CSG@IfI 67
capitalization July 24, 2019) – 101,154,392 USD
THETA Organization
Developer community: 10 (Theta Developer Team)
– Country of origin: United States of America (U.S.A.)
– Deployment needs: Theta Ledger Node
– SDKs: Android SDK, REMIX
– Blockchain explorer: https://explorer.thetatoken.org/
– Full or light client: Full https://github.com/thetatoken/thetaprotocol-
ledger
Known vulnerabilities and attacks:
– 51% Attacks (Expensive, but doable)
Major application domain(s)
Streaming – Video Streaming, Live TV
THETA Overall Evaluation
Scalability – High
Centralization degree
– 10-20 Validators (small number)
– Limited number of Guardian nodes
Energy efficiency – Energy-efficient (BFT-based)
Security level – Standard BC-security
Other dimensions of importance
– Plans to reduce dependency from Content Delivery Networks
Aelf
URL: https://aelf.io/
BC type: multi-purpose chain
– Node types: Participant and Miner (stake)
Token type: Currency
Account model: Account-based
Consensus mechanism:
– Delegated Proof-of-Stake (dPoS)
– Token holders cast votes to elect nodes that produce blocks
Additional mechanisms:
– Cross-chain communication
Major characteristics
– Mining scheme used: DPoS
– Block size: making use of side-chains
•Storage efficiency: N/A
– Transaction size: variable
– Transaction rate: 14,968 tx/s*
– Security features: N/– Smart Contract
Language: N/A
Aelf Economics
Cryptocurrency: Yes (ELF)
– Details: multi-chain (and multi-purpose) blockchain
– Exchange rates to fiat: unstable
– Transaction fees: variable based on the market perception
Wallet
– Reference implementation: Coinomi
– Also available on Android, iOS, Windows, Linux and MacOS
Listed on crypto exchange(s)
– Binance, BitMex, Poloniex
Market capitalization (as of July 31, 2019) $60 977 204 USD
Aelf Organization
Developer community: 34 contributors on GitHub
– Country of origin: China
– Deployment needs: Wallet
– SDKs: Docker, Java, C#, JavaScript, Lua
– Blockchain explorer: https://explorer.bitcoin.com/bch
– Full or light client: full
– Known vulnerabilities and attacks:
• Heavy centralization due to DPoS
• 51% Attack, i.e., single organization holds 51% of the mining capacity
and may censor transactions
Major application domain(s)
– General purpose applications
Aelf Overall Evaluation
Scalability – High
Centralization degree – Partially Decentralized
Energy efficiency – High
Security level – Immutable, transparent
Other dimensions of importance – Enable cross-chain communications
Polkadot
URL: https://polkadot.network
BC type: interoperability platform
– Network roles: Validators, Collators and Nominators
– Network structure: Parachains, Relay chains and Bridge
chains
Token type: Utility (DOT) tokens
Consensus mechanism: Hybrid GRANDPA/BABE
– GHOST-based Recursive Ancestor Deriving Prefix
Agreement/Blind Assignment for Blockchain Extension
– Hybrid and variant of Proof-of-Stake consensus
Major characteristics
– Heterogeneous multichain with scalable security and an
interoperability protocol
– Central chain of Polkadot termed relay-chain
On which all validators are staked on with DOT tokens.
– Polkadot network based on parachains
Parallelizable blockchains comprising the Polkadot network
Each parachain can have a unique architecture
All parachains are connected and secured by the relay chain
– Hybrid consensus mechanism
Splits up the finality gadget (GRANDPA) from the block production
(BABE) mechanism of the relay-chain
• BABE runs b/w validator nodes and determines authors of new blocks
Polkadot Economics
Cryptocurrency: Yes
– Details: Native DOT tokens are used for 4 purposes
Used for governance of the network
Staked for operation of the network
Bonded to connect a chain to Polkadot as a parachain
Enabling interoperability between blockchains
Multiple wallets in active development
Not yet listed on crypto exchanges
– First ICO raked in $144 million
– Second ICO may be launched
Market valuation – ~1$ billion USD (as of August 15, 2019)
Polkadot Organization
Polkadot is a project of the Web3 Foundation
– Sponsoring community development and software services
Web3 Foundation is based in Switzerland, Zug
– SDKs: Substrate framework
– Blockchain explorer available: https://telemetry.polkadot.io/
Major application domain
– Easy deployment of public or private parachains
– Enabling interoperability between those parachains
– Using “Bridges” to interact with other Blockchains
Such as Ethereum or Bitcoin
Bazo
Bazo is a permissionless blockchain for research
– Its not an ICO, not looking for funding, but for ideas
– Testing of new ideas, new mechanisms, new algorithms
Blockchain from scratch at CSG and now HSR
– Started with simple PoW, a solid, well-tested mechanism
– Gradually extended with new ideas and concepts
– Now with unique feature proposals/ideas
Self-contained proofs
Sharding
Pruning
Smart Contracts with only big-ints
– https://github.com/bazo-blockchain
Bazo Functionality (as of March 2020)
PoW consensus mechanism initially
– PoS consensus mechanism later + cryptographic proof
– Progressive Web App (PWA)-based Mobile Wallet for Bazo
– Blockchain Explorer for Bazo
– Mobile Light Client for Bazo
– Pruning in Bazo and self-contained proofs
– Bazo Smart Contracts
– Sharding (in progress)
Application
– Oysy (Aduno) BC-based loyalty system
With Self-contained Proofs (SCPs) a user has to provide all required proofs in the transaction in order for validators to verify a transaction independent of the blockchain
Each blockchain (6500+) has its pros and cons
- Transparency vs privacy
- Transaction fees, speed of transaction confirmation
Interoperable chains enable several opportunities
- Move assets between different platforms
- Access information from one chain inside other chain
- Different payment schemes
- Allowing to choose the best alternative BC possible
V. Buterin :
In the longer term, building interoperable applications is something that should be done on a basis of responding to actual need; while the underlying technology can certainly be developed in the abstract, it would likely to be a waste of resources to try to build applications that connect chains without a clear understanding on the reasons driving the use case.”
Types of Interoperable Chains
Notary schemes :
- One or more trusted parties validate events on another chain
- Ease of implementation: medium
Sidechains/relays
- The chain validate events on external chains as part of validating local events
- Ease of implementation: hard
Hash-locking
- Events on different chains are unlocked using a secret value
- Ease of implementation: easy
Projects that use or provide a platform for interoperable chains include:
Origintrail.io
Type: Sidechain/Relay
Description:
- Blockchain-agnostic protocol for asset tracking in supply-chain
- Provide a cost-effective solution to store sensitive data in a secure manner through a blockchain-agnostic approach
Herdius
Type: Notary-scheme
Description:
• Build a highly performant decentralized financial platform enablin
users to transact assets between different chains
Aion
Type: Hash-locking
– Description:
• A multi-tier blockchain system designed to address unsolved
questions of scalability, privacy, and interoperability in blockchain
networks.
Crowdmachine
Type: Sidechain/Relay
– Goals:
- Enable any mobile device or computer owner to allow the spare capacity of their device to function as a member of a global network to run
apps, and be rewarded for the use of their device; and - Allow developers and non-developers to create apps, without writing a line of code, that run on that global network and be rewarded every time
the app is used.
Blockstack
– Type: Side-chain/Relay
– Description:
• Digital Identity service. Instead of relying on remote, third party servers for access to data and the Internet, Blockstack aims to remove those trust points and give them back to the users via blockchains.
BC4CC Interoperability API
Enable the interaction with multiple blockchains : Supporting different logistic chains
Provide a blockchain interoperability
- Relying in a Notary Scheme
- Central solution managing transactions
Allow transparent blockchain interaction : Technical details hidden from users
Requirement: storage of arbitrary data – E.g., character strings
Applicability Scenario – Coldchain
Medical drug companies :
- Standards compliance
- Store: drug quality
Transportation service
- Temperature monitoring
- Store: sensor readings
Final destination and authorities
- Standards verification
- Data auditing
- Retrieve: quality and temperature readings
Interoperability API – Workflow
API entry point :
- No technical details
- Implementation hidden
Credentials DB
Pub/Private key
Transactions DB
- Hash
- Timestamp
- Blockchain ID
Specialized adapters
- BC-specific functions
API Implementation
User Entry-Point Example
Interfaces implemented in the API
Store data interface :
Retrieve data interface
Functions implemented in each blockchain adapter
Impact of Blockchain Heterogeneity
UTXO and Account-based blockchains
- Bitcoin Transactions != Ethereum Transactions
- Each BTC transactions must have an input transaction to
- verify if the address has funds or not (unspent)
- Whereas, Ethereum is Account-based, i.e., an account holds
- the funds, and is updated on sending/receiving of coins
Many other technical differences
- Address generation mechanisms, fees, data structure
- RPC IP, port number, communication protocol, authentication
Need for specialized blockchain adapters !
Blockchain adapters
Specialized adapters must implement :
- Transaction creation function
- Transaction signing function
- Communication with RPC function
Currently implemented :
Ethereum adapter – Transaction creation :
Ethereum adapter -Transaction Signing :
Transaction Confirmation
Transactions (tx) might not be processed
- Refused by the network due to low fees
- May remain in the tx pool for unknown duration
Tx finality
- Number of blocks that a tx is considered immutable
- I.e., the probability of a 51% attack is close to zero
Solution
Wait for X amount of time before confirming tx : Value of X depends on the blockchain in use (Bitcoin requires 6 blocks to ensure finality.
Replace tx with increased tx fees -> Tx rebroadcast to increse the system’s robustness
Data Size
Blockchains not designed as a database!
- Data size is limited (i.e., non-transaction related data)
- Possible solution: rely on off-chain storage, e.g., IPFS
Private Keys
Blockchains based on public/private key cryptography
Private key required to sign a transaction : Different address for each BC → several private keys
Private key never leaves the server
– RPC node receives a signed raw transaction
Basic Comparison
Part VII: Practical Exercise
Exercise : Focus on Ethereum blockchain
- Ethereum Basics and Geth Commands here
- Connecting to your Node
- Connecting to a Blockchain Network
Practical Exercises
- Create an account, check balance, and receive Ethers
- Transfer Ethers
- Interact with a Smart Contract
Ethereum basics – Recall
Ethereum is a general purpose blockchain
- Support the execution of complex Smart Contracts (SC)
- Empowered the blockchain beyond financial applications
An Ethereum Virtual Machine (EVM) processes and executes smart contracts.
- Abstraction layer: the EVM connects requests (transactions) to and from the network
- SC operations requires Gas
• Mathematical operations, write data
• Table EVM OP costs
Geth Client
Go implementation of the Ethereum Protocol
- CLI (Command Line Interface) client
- Entry point to the main, test and private networks
Management APIs
Personal API:
– personal.newAccount() // create a new acc.
Eth API:
– eth.accounts[0] //returns the first created acc.
– eth.sendTransaction({from:acc, to:acc, value:ethers}) //send transaction to acc.
Miner API:
– miner.setEtherBase(account) // define which account to receive ethers Geth Commands
Geth Options
Blockchain Testbed Overview
Nodes host a web-based shell: https://blockchain.csg.uzh.ch/student1…12
Access the Summer School Etherpad in your browser
Blockchain initialization
Step 1: Type: sh init‐blockchain.sh
Step 2: Type: sh start‐blockchain.sh
If the blockchain is syncing you will see this type of information:
You can also see the blocks being appended
Interacting with the Blockchain
Open a new shell to your node in a new tab:
Create a new account (do not forget your password):
Set the new account as your geth main account:
Unlock your account to send Ethers:
#Check your Balance eth.getBalance(eth.accounts[0]) #Value returned in “wei”, which is the smallest unit in Ethereum #If you want to see your balance in Ether balance = eth.getBalance(eth.accounts[0]) web3.fromWei(balance, "ether")
Transfer Ethers to another account
On geth console type:
sender = eth.accounts[0]
receiver = "<account from colleague>"
valueEth = web3.toWei(0.5, "ether")
eth.sendTransaction({from: sender , to: receiver, value: valueEth, gas:21000})Interacting with a Smart Contract (SC)
What data does this SC stores? : List of IDs and Account (Example)
Interacting with a Smart Contract (SC) :
On geth console type
loadScript(‘initContract.js’) example.getAccount(0)
Part VIII: Blockchain Evaluations (Technical View, Mainly …)
Choosing a Blockchain :
Myriad of facets/parameters :
- Marketcap : Value to buy all shares at today’s market value
- Community involvment : Telegram chats, discussion channels
- Full Node/Miners Geolocation : Politics, possibility of centralization
- Technical concerns : Transactions per second, implementation language, design choices
- Security : Hashing algorithm, possible attack vectors
Trust derived from network’s protocol transparency and the assurance of immutable blocks protected by cryptographic mechanisms
- Trust included into every single transaction
- All parties have access to a “single” shared copy
Personal, persisten, digital, ID ownership-enabled, which supports licensing of owned “information”
- Higher security, better cost efficiency, optimized reconciliation process
Cost reductions expected due to SCs automated execution on the BC (no intermediaries needed)
Application domains “not” limited as such, But, digital assets used determine a major application advantage
FinTech :
- Reduction of transaction costs for financial transactions, such as within e-payment systems
- Potential participation of many participants in financial economy
Rights Protection : Immutable blocks (world wide distributed) complicates fraud on digital data, such as stealing or misuse of land titles, Intellectual property
Supply chain : Persisting of production, transport, and delivery characteristics
Public-private key pairs :
Two public-private keys may be the same : Probability of that “astronomically low), but not 0
Mining:
Probability of winning block race proportional to computational power of participants, time restriction on block mining; bitcoinm set to the block time: 10 min
Computational, hashing power increase -> Chance of discovering a new block under 10 min increases -> increase target value
Centralized mining with unfairness and 51% attack : Incentives to “combine” miner into pools and Chances to take over a BC from a country with “many” miners
Consensus mechanisms (distributed) : Randomness for multiple parties trying to come to agreement
PoS: selection of subcommittee -> unbiasable? Not possible!
Stakeholders (maliciously behaving trusted nodes) : Probabilities of an internal attacker within a given private BC
Permissions (write/read)
- Fully: everyone in the world can participate (W/R)
- Partially: selected public can participate (W/R)
Transparency
- Fully: all members access the history of transactions
- Partially: some members access the history of transactions
Permanent storage, i.e, immutability
- Transactions cannot be removed
Level of decentralization
- Fully:consensus with elected leader
- Partially : consensus with selected leaders
- Distributed control based on elected leader (e.g., PoW)
- Partially based on selected leaders (e.g., PoA, PBFT)
- Centralized Control based on trust (e.g., traditional databases)
Trust : (depends on consensus mechanism, cryptography), auditability, traceability for data of a transaction
Decentralization : full autonomy, immutability, no single point of failure
Integrity : State of trx cryptographically secured, privacy depends on handling of the blocks
Sustainability : depending on the consensus mechanism
- Bitcoin Cash : 615s
- Bitcoin : 504s
- Litecoin : 135
- Ethereum : 15s
- Ripple : 4s
- EOS : 1.5s
- How to handle reliably tangible (non-digital) assets in BC?
- Sustainability: Energy efficiency of consensus mechanisms?
- Scalability: BC throughput as a number of transactions per second, volume of data persisted in Mega (?) bytes, costs?
- Identity management (users, objects) and anonymity
- Standardized APIs for switching BCs for BC-based dApps
- Many economic effects of BC-based cryptocurrencies unknown
- Legal/regulative compliance, societal/governmental acceptance
- BCs’ “true semantics” depend on the input received!
- BCs’ security, privacy, and reliability
- Networking infrastructure’s reliability (critical infrastructures)
- Economic/legal risks (cryptocurrency/tokens/coins, BC)
- How to handle reliably tangible (non-digital) assets in BC?
- Sustainability: Energy efficiency of consensus mechanisms!
- Scalability: BC throughput as a number of transactions per second, volume of data persisted in “any” volume
- Service offered: trusted third party time stamping service
- BCs’ security, privacy, and reliability
- Discontinuation of “cash” and replacement with a cryptocurrency – loss of any anonymity?
- Cryptocurrencies only – failure of energy supply? Sustainability? Payments made with empty battery?
- Decentralization of token handling – full control of the individual? No central “CRM” for sure
- Reliability of IT systems
Trade-offs based on technical BC characteristics :
- Distributed vs. centralized control
- Performance vs. reliability
- Privacy vs. transparency
Moore’s Law: The number of transistors doubles every 18 month
Hard to maintain Moore’s law, processing hashing limited ?
Nielsen’s Law: A high-end user’s connection speed grows by 50% per year
However, bandwidth grows slower than compute power
Kryder’s Law: Disk density doubles every 13 month
CONCLUSIONS
- Blockchains do show a logical evolution of linked lists, however, public BCs “exaggerate” processing demands – By design: Proof-of-Work (PoW), but this ensures immutability
- Blockchains do not have a relevant impact on general networking, however, unreliable networks do have an impact on the BC
- Blockchains do not have a relevant impact on distributed systems, however, the full decentralization is very costly (PoW) or still not secure (other PoX)
- Blockchains do not solve the media break, this, leading to a lack of trust for tangible assets, key : trust in “sensor”
- the tehnical future of blockchains is still based on security ingredients of today’s technology, however, long term security management is key
- Blockchains show no revolution, but a typical Computer Science evolution of linked lists
