-
35c3 preroll music
-
Herald: I'm very happy to be allowed to
announce the following talk. It's called
-
"A Blockchain Picture Book" and it's held by
Alex. Blockchain is a topic we hear
-
constantly everywhere in the media. It's
sold as a solution for everybody and for
-
everything. Doesn't matter what. But how
it really works and what it really is...
-
...most people don't really have an idea. So,
today we got a beginner's introduction
-
with pictures. So, please welcome Alex on
stage with a big round of applause.
-
Applause
-
Alex: Hi. Yeah. My name is Alex and I'm
from the Technical University of
-
Brunswick. I'm working in the Institute of
application security. I suppose you're
-
here to see my blockchain picture book,
right? But right from the start, this talk
-
is not about the newest cryptocurrencies
out there and it's also not about in which
-
ICO should invest in. I'm absolutely
clueless about that topic. Sorry to
-
disappoint you, maybe. I'm here to give you
a very rough introduction to the idea and
-
the basics of this blockchain thing out
there. So, maybe you can judge by your own.
-
So. I hope there are no blockchain experts
in the audience, maybe. So this is a
-
foundation talk. That means I do not
expect any technical or mathematical
-
backgrounds at all. So, let's just give it
a try. Imagine the following situation.
-
Once upon a time, there were two people.
Let's call them "Mary", on the left, and "Alex",
-
on the right. They wanted to trade with
each other. Mary she wants to buy a house
-
from Alex. Thus , she brings the agreed
amount of money. And Alex – on the picture –
-
brings the keys for this house that
should be sold to Mary. But, since Mary and
-
Alex do not know each other, they do not
trust each other, as well. So, they set up a
-
contract for this trade. Just to be on the
safe side. Here on the right, you can see a
-
typical contract for trade, and it consists
of some important informations like a
-
description of the object that should be
sold: The house of Alex, maybe the address,
-
what's inside and stuff. the agreed amount
of money – let's say the house costs half a
-
million, whatever. The persons who are
involved in this trade – in this case Mary
-
and Alex. And of course the signatures. As
a final step, this contract must be
-
timestamp for being valid. So, nowadays
those kind of contracts usually exist as
-
digital documents. But for both the
digital and the analog document, if an evil
-
party gets hands on all copies of this
contract, he can modify it in a malicious
-
way. Let's say, removing the timestamp.
This can void the contract and thus make
-
the trade invalid. By the way, the evil
party can also be one of the persons
-
involved in this trade. So, let's say our
Alex – the evil one – he wants to take the
-
money from Marry but also keep the house.
Okay? This is our initial situation. So in
-
1990 Haber and Stornetta proposed in a
scientific paper a cryptographical
-
solution for binding a time stamp undevisably
to a digital document. What does
-
it mean? They both – the timestamp and the
digital document – are merged into a new
-
document and can't be separated from each
other without being damaged. So, we'll see
-
later how this exactly works. For now,
let's pretend this block, which you can see
-
here, contains our digital document and the
timestamp. And both are binded by some
-
mystical fancy cryptographic technique
which is represented by this blue frame.
-
Okay? So, unfortunately, we still face a
problem: That's our evil party – remember
-
Alex is the evil party? – He can just make
this contract and all copies disappear and
-
claim they never existed before. So, to
tackle this problem, Haber and Stornetta
-
and their paper further proposes a
chaining technique for those blocks. All
-
of which contains of course a different
contracts. So, the result is a chain of
-
blocks: The blockchain. Here we are. Hey!
And since this is a chain, it's not
-
possible to remove one of the blocks.
Removing a block from the inside of the
-
chain, will just break it completely, in a
way that you can't put it together anymore
-
without damaging it, as we will see later.
Okay? So, this doesn't prevent that anyone can
-
just make this whole chain disappear.
Maybe. So, but the longer the chain gets,
-
the more people are involved in this chain,
the higher the risk for evil parties
-
malicious task is discovered. OK? Clear so
far? Right. But the problem remains: This
-
chain has to be stored somewhere. You
remember it's digital? So let's say
-
another trusted party gets this task. So,
here we are. This is our trusted party
-
which is in charge for blockchain. But, the
thing is this trusted party can also fail
-
or become untrusted. And it doesn't have
to be malicious at all. It also may happen
-
that the storage for blockchain fails or
crashes or any data may be destroyed due to
-
any hardware failure, maybe, or a trusted
party just deleted accidentally. Maybe. So,
-
it's like with every centralized service
you have to trust. So, imagine your e-mail
-
provider just disappears tomorrow. How
many services are you using which depends
-
on the e-mail address? OK. So, for that
reason, the paper suggests to distribute
-
copies of our blockchain to a lot of other
parties. So, here we are. Here you see a
-
lot of other parties – whoever they are – who
owns a copy, an exact copy, of a blockchain.
-
Remember, this blue color represents
something cryptographical. OK. So, you can
-
see there is no centralized storage
anymore. Instead we have a large number of
-
participants which we can rely on. So,
let's call this a decentralized network.
-
Remember this term. It will get important
later. So, for now, even if some of those
-
parties fail, as long as the majority
stores are valid and of course the same
-
copy of a blockchain, we can keep going.
OK. You're still with me? Right. OK. So, the
-
question remains: How does mystical
cryptography thing, stuff, whatever works.
-
laughs
-
This is how such a block actually looks
like. And in fact, this is the first
-
blockchain block ever created. But, I
suppose you're not really interested in a
-
math lecture. OK. So, as I promised, let's
keep the mathematical details and stay
-
visual. But just for information: This
is a block. Okay. Let's pretend, we observe
-
another trade. Alice and Bob are doing a
trade and we can see, Alice wants to sell her
-
smartphone or whatever to Bob. So, do you
remember those polaroid cameras, where you
-
could take a picture and it was printed
instantly? You know them? I think they're
-
back in fashion now. So, while we observe the
situation, we take a polaroid picture of
-
it. It's printed, and this picture attests
this trade. So, we take this picture and
-
put it on a blackboard. Like this here. So,
let's say, this picture represents a block.
-
You remember these blue framed blocks like
we saw them before? OK. Somewhat later,
-
we observe another trade. Here, Charlie
wants to sell his car to Peter. And again,
-
we take a picture. But this time, we hold
the picture from before – the one, which is
-
already on the blackboard – into the
background of the situation. Like here. So,
-
now, we take the new Polaroid picture and
put it back to our blackboard. OK? So, what
-
do we see now? The first picture, which is
our first block, appears in the background
-
of the second picture, which is our second
block. So, let's say the second block is
-
chained to the first block. So, if someone
evil wants to change the content of the
-
first block, he must also change the
content of the second block. Which means
-
more effort for this evil party. Ok? So, of
course let's keep doing the same. And add
-
the third picture to the board. Here we
can see Eve and Alex, another Alex, trading
-
some goods. And in addition again we can
see the second picture. It's in the
-
background of this third picture, so it's
the same thing. The third is chained to the
-
second. OK. You're with me? Nice. And of
course for the sake of completeness we add
-
the fourth block where Armin and Ed are
trading. And this house is more expensive
-
this time. So again, we'll see the content
of the third block in the fourth block.
-
That's their chain. So now we can see the
big picture here. So if our evil party now
-
wants to change something on this first
trade on the first picture, that means he
-
must change the second and the third and
the fourth picture as well. Else this
-
modification is detectable. You agree? OK.
So one can say we created our very special
-
kind of blockchain here, consisting of
polaroid pictures, which represents blocks
-
of course. OK, so this effort can bring us
some fancy properties. And at this point
-
it's important to say that some of these
properties are optional. There are
-
different kinds of blockchain systems out
there and most of the properties depends
-
on what kind of blockchain is in use and of
course the use case. But let's just take a
-
look on some of the important properties,
in my opinion. So return to our blackboard
-
here, which we constructed earlier. So we
already observed this chaining mechanism.
-
This picture in a picture thing. You
remember. So this mechanism makes our
-
blocks immutable and thus the contracts
inside these blocks are immutable as well,
-
of course. So they can only be modified if
the complete chain is also modified. So
-
let's take our board and place it anywhere
in the public. This gives all the people
-
walking around the possibility to keep an
eye on everything happening on our chain
-
on the board, and maybe detect any
anomalies. So we can say, well, blockchain
-
is the coolest open source software,
maybe. Other parties who make up our
-
distributed network - you remember we
talked about that before - creates an exact
-
copy of our blackboard, and the updates,
they copy every time something new
-
is appended to the chain. So if the original
blockchain on this board becomes invalid
-
or disappears, or whatever, we can ask our
distributed network for the last valid
-
copy of this chain and put it back on the
board. But even if some of those parties
-
becomes malicious, as long as the majority
of all parties is honest and own valid
-
copy of our block chain we could prevent
fraud in it. And at least it's possible to
-
ensure anonymity for all involved parties.
Parties of our distributed network, as well
-
as the parties involved in the contracts
inside the blocks. OK, so in summary we can
-
say the contracts in our blockchain are
immutable. The control over the blockchain
-
is decentralized and it's really hard to
get the majority of the network to the bad
-
side, I suppose. Our block, our board and
thus the blockchain and side are exposed
-
to public scrutiny and it's not possible
to remove one of the blocks from inside
-
the chain without breaking it completely.
We can provide anonymity to our distributed
-
network and the parties
involved in the transactions or the
-
contracts inside the chain and at least we
don't have to be at the mercy of a single
-
institution, like a bank or government or
whatever. Okay, so looks like some fancy
-
properties. This are just some of a lot of
properties which we can achieve. So let's
-
take a closer look on a common blockchain
application. I suppose most of you here
-
heard of the so-called cryptocurrency
stuff, especially bitcoin. Maybe some of
-
you own some bitcoin. Of course there are
many more cryptocurrencies out there:
-
Woppercoin, OneCoin(?)... stuff. But
let's talk about financial transaction on
-
a blockchain in general. So this is a
classic German bank transfer form. Before
-
the times of online banking, this form was
used to transfer money from one bank
-
account to another. Maybe some of you
still remembered, you had to write
-
extremely clear - it was horrible - and you
filled out this form, gave it to your bank
-
and they take care of everything else. So
you can see some fields here: These are
-
the names of the sender and receiver of
the money. The sender is on the bottom.
-
Here you can see the account numbers. This
is the bank ID, and in this case you can
-
see it's the same bank. Of course the
amount of money and the signature of the
-
sender, as well as the date. So for
financial transactions via
-
cryptocurrencies like Bitcoin whatever, we
don't need that much information. The only
-
information we need here, are the sender's
and receiver's public keys. They are used
-
the same way as the account numbers, but
they're much longer, more cryptical.
-
Of course, still we need the amount of
money and the sender signature, which
-
also contains the timestamp. Remember this
stuff is digital. So back in the good old
-
days we just fill out this form, put it
into a special letter box in the bank and
-
forget about it. In cryptocurrencies, very
simply said, all commission transactions
-
like this here are collected by our
distributed network. So let's say our
-
distributed network collected seven
pending transactions. So, but these
-
transactions are not in our blockchain
yet. Let's get back to our blockchain.
-
We have five blocks currently with any
contracts or transactions inside. So now
-
we face the question which of those
transactions shall form our sixth block in
-
this chain. OK, you agree on this question.
Maybe some of you would say: Hey, we have
-
some timestamps in the transaction. Why
can't we use them. The thing is that our
-
distributor network is in different time
zones and, I don't know, network delays
-
and all this stuff. So we need another
solution for this question. I suppose some
-
of you already have an idea how to use
this. So if all involved parties follows a
-
rule on how to find an agreement on
something, whatever, we can call this a
-
consensus protocol. So maybe some of you
heard this term before. Okay, so remember
-
it. Let's replace transactions and
contracts with something much simpler.
-
Let's say some fancy symbols have been
proposed as candidates for our next block,
-
the red one in the chain. So our
distributed network, consisting of some
-
participants, now face the question. Which
of those symbols shall form the next
-
block. And there are different ways to
achieve this goal. So let's talk about the
-
best known consensus protocols. Maybe one
of the most popular used by the bitcoin
-
network, it's the proof of work protocol.
I see some people laughing. OK. So what
-
does it got to do with competition. Back
to our initial question, which of the
-
symbols shall form the next block. So very
simply said each time a new block shall be
-
created. And this means as long as there
are pending transactions we'll need new
-
blocks. Our network holds the public race
and everyone can take part in this race.
-
So the winner of the race can decide which
symbol gets into the new block. Looks
-
simply. And in this race we can see that
the winner party selects the heart symbol
-
for the next block. So it appears there.
So the outcome of this race is known to
-
our distributed network. So each of those
parties in this network appends the new
-
block into their own local blockchain copy
holding this heart symbol inside. OK?
-
Right. Unfortunately, as some of you may
know, this protocol has some drawbacks and
-
the most serious of these is probably the
negative impact on the environment. That
-
means holding such races consumes many
resources. And of course in reality not
-
motorcycles, but a very large number of
highly specialized, high performance
-
computers take part in these races. And of
course they need of a huge amount of power
-
which is not really great for environment.
So for last year it was estimated that the
-
bitcoin network needed, at annual rate, as
much power as the whole country of Denmark,
-
which is a lot. OK, so you don't like this
protocol. Let's take a look on another
-
one. So this protocol depends on the vote
of participants in the group. We call it
-
the consortium vote. This is one of the
names for this protocol. Back to our
-
initial question with the fancy symbols.
Which of them shall form the next block in
-
our chain? So instead of a huge network of
unknown participants driving motorcycles
-
and holding races, this time we invited
some parties in a fixed group. We called
-
this group consortium. So each time a new
block shall be created, the participants
-
of this consortium hold a vote. It's
similar to a democratic election. So the
-
symbol most parties voted for wins. It'
that simple. So in this round we can see
-
two parties voted for the circle two
parties voted for the heart and three
-
parties voted for a star symbol. So the
star is selected by the will of the people
-
and thus appears in the next block. You
agree? OK, so the outcome of this vote is
-
visible again to our distributed network
which holds copies of our blockchain. So
-
each party in a distributed network
appends a new block into their own local
-
copy holding the star symbol inside. So,
great, we see no environmental drawbacks
-
here. Maybe this is the best solution. OK,
some of you disagree. Yeah. Well the
-
topic here is the formation of the
consortium. This is one of the drawbacks.
-
We can't ensure that the invited parties
or participants of our consortium are
-
unbiased. Here we see a very huge doorman
and this doorman only allows participants
-
to our consortium party who promises to
vote for this circle symbol and nothing
-
else. So we can say he's kind of a filter.
So since there are only participants who
-
refers the circle symbol and a consortium
they also vote for it eventually. As you
-
can see here. So among all the drawbacks,
this protocol may be misused for
-
corruption or whatever. OK, you're still
with me? Nice. Okay let's check the last
-
consensus protocol, may we have more
success here. So this one depends on the
-
share or stake of the system that everyone
owns. This consensus protocol will be
-
called Proof of Stake. But what does it
have to do with randomness? Maybe you ask.
-
So one last time we repeat our question,
which of the symbols shall form the next
-
block in our chain? So let's pretend we
have any system, let's say all existing
-
symbols in this world form our system. We
can see the system. This is the circle on
-
the right side. And the whole system
belongs to five parties, which are on the
-
bottom left. This five color parties. So
this colored circle represents the stake
-
of each party on the system. So each round
these parties vote on which symbol shall
-
form the next block. But this time the
decision for who is the winner is made
-
randomly, taking into account the stake of
each party. So we can call this a weighted
-
randomness. OK, so how does this exactly
work? Let's imagine this roulette wheel. I
-
hope some of you know this kind of game.
OK. Usually you spin the wheel, you throw
-
a ball on it and some time the wheel stops
turning and the ball lands on any number
-
on this wheel and this number is the
winner then. But instead of numbers this
-
time we distribute the symbol candidates
on the wheel according of the stake of its
-
holder. OK, so let's play the game. That's
how our wheel looks like and we spin it
-
and throw a ball on it. It keeps rolling
and rolling and it stops at some point on
-
a symbol. Here it landed on the triangle.
So the triangle is the winner symbol for
-
our next block and appears there
eventually as you can see on the top
-
right. Okay? You're with me. All right. So
what happens when the stake of one of
-
these parties is significantly larger
than the stake of others? Here, our red
-
stakeholder is a very rich man and holds
the majority of the system, so as you can
-
imagine even if our system chooses
randomly, since this randomness is
-
weighted, his chance to be chosen is
significantly larger than the chance of
-
others. So, of course, there are even more
consensus protocols out there and you can
-
spend a few hours talking about them. But
to get to the point, every effort to reach
-
a fair consensus seems to come with
drawbacks and depending on our use case
-
and the blockchain system which we are
using those drawbacks can have negative
-
impacts. So why are we still putting all
this effort into this blockchain science,
-
you may ask. Let's get back to our initial
situation, where Mary and Alex traded and
-
Mary wanted to buy a house from Alex. You
remember? So here Mary has to trust Alex,
-
that the house he sells to her is really
his own property and that he won't revoke
-
the trade afterwards. On the other hand
Alex has to trust Mary that she gives him
-
the promised amount of money for this
house. So if a bank is involved in this
-
trade they both, Mary and Alex, have to
trust this bank for transferring the money
-
safely from Mary to Alex, and of course
the right amount of money and right
-
currency. And in big trades like house
selling, usually a notary is involved.
-
Mary and Alex have to trust this
notary to be impartial.
-
So we see, traditionally such
trades involves a lot of trust and
-
trusting in such things as trades is not
really popular as there has been a lot of
-
disappointments in the past. As you may
know. And all this blockchain science is
-
the most promising approach for mitigating
the need of this trust so far. But I think
-
we're still a long way from reaching this
goal. So let's see what the future may
-
bring us. Thanks for attention.
applause
-
Herald: Thank you very much for this nice
introduction. If you have questions please
-
go to the mics. There's three simple
rules to follow now. First, if you want to
-
ask a question, a question is normally one
sentence ended by a question mark. Nothing
-
else. Second if you speak into mic keep it
close to your mouth just like you would
-
like to bite into it. But please don't do
so. And third for everybody who is leaving
-
now, please do this quietly. Thank you very
much. So let's start with a question from
-
the Internet.
Q: Hi. There is a question from IoC. So
-
you talked about how blockchains provide
anonymity and could you explain what that
-
means in the context of a blockchain,
because after all it's like real people
-
having a transaction. So what is the
definition of anonymity in this context?
-
A: This is a very technical question, I
suppose. For the technical people
-
anonymity means we don't have names like
we've seen on the German bank transfer
-
form, where we can exactly see Mary and
Alex are trading. So you have the names
-
and you exactly know who those people are.
In the technical case, that means we use
-
public keys. And of course we can create
public keys without seeing the person
-
behind it. So in this case it's possible
to ensure anonymity, but as some of you may
-
know, comes some drawbacks. It's,
yeah, technical.
-
Herald: Microphone number three.
M3: You showed us different ways of
-
choosing which transaction is next. But I
don't know if there is a possibility that
-
some transaction will be lost? Like, you
know, it doesn't take -
-
A: You mean like one of the transactions
just disappears from this cloud thing?
-
M3: Yeah, because all others are chosen
before it.
-
Like - or how long does it take to do the
vote?
-
A: Oh that really depends on the protocol
as some of you may know in case of
-
blockchain which has this time minute
stuff. That means I think every 10 minutes
-
we'll do a new round because of this
cryptographical hash whatever, but it
-
absolutely depends on the protocol. As
this voting protocol works completely
-
different. So that's the reason why I
didn't want to go into details, because it
-
depends on the protocol. So we can talk
about it later if you want to but I think
-
this is out of scope here.
Herald: Microphone number two, please.
-
M2: Thanks for the talk. A lot of the
examples I see on blockchain are
-
basically database owned by one company.
So it doesn't really. So what is it for
-
you the most exciting usage of blockchain
that you see today?
-
A: I cannot answer this question because I
don't truly know what kind of solutions
-
are there. Of course I know the popular
stuff like hyper legend whatever. For me
-
personally the current solution are not
really cool, but because of technical
-
backgrounds. But I can imagine that the
distributed computing protocols behind
-
this blockchain thing can lead us to some
very cool stuff. But we need to put much
-
more science inside it and that means,
really science.
-
applause
-
Herald: We have another question at
microphone number two.
-
M2: Great talk. Yeah. For distributed
computation, there was already a lot of
-
work.
Herald: Sorry, can you go a bit closer to
-
the mic please?
M2: Sorry. If one of the most interesting
-
usage is distributed computation, there
was city at home there is a bunch of bla
-
bla bla at home so I'm not sure. Then
again, what's the competitive advantage
-
let's say of blockchain to those previous
distributed computation protocols?
-
A: I'm not sure if I understand your
question but do you ask, what exactly is
-
new about all
this thing?
-
M2: If the advantage is distributed
computation, that was done before. And I'm
-
not sure what's the advantage of doing it
by a blockchain.
-
A: Technically a blockchain is absolutely
nothing new. So distributed computing is a
-
quite old topic it's nothing else than
just a distributed database in fact with
-
some other properties which can be
combined. So that means blockchain is a
-
combination, for me personally, of a lot
of techniques. So I think we just should
-
use many more distributed computing
solutions for stuff like financial
-
transactions or smart contract stuff
whatever. So this blockchain term you must
-
be really careful with it.
Herald: That's a very nice warning. So
-
please give a warm round of applause for
Alex.
-
Applause
-
35c3 music
-
subtitles created by c3subtitles.de
in the year 2020. Join, and help us!
