Digital Currencies Modified from Murtuza Jadliwala, Ivan Rubinić, David V Duccini, Amir Houmansadr, Sascha Boehme, Jason Madden

Introduction: What is Money? Physical or Electronic Tokens or Commodities that can be have the following properties: Unit of Account  defined value Medium of Exchange  acceptability Store of Value  non-perishable

What is Electronic Money? Narrow View of Term: Tokens of Exchange transacted only electronically Examples: Facebook Gold, Digital Gold Currency, BitCoin, and other electronic currencies Broad Usage of Term includes Both: Electronic Payment Authorization  Credit cards Value Holding Electronic Tokens A currency has value by it being widely used. Bitcoin is a startup currency with a deflationary bootstrapping economy

Overview: Early Money Early Intermediary Tokens of Exchange Commodities or Objects of Perceived Worth Minted Coins  standardized units of metal Code of Hammurabi: legal debt payment Trade Bills  credit certificate for production Led to Local Merchant Banks for redemption Goldsmiths  demand deposits & promissory notes

Beginnings of Modern Money Private Bank Notes Loans based on deposits on account Beginning of Fractional Banking National Currencies from Central Reserve Banks backed by Gold or Silver Legal Tender for Payments

Electronic Currency by Jason Madden Saturday, April 27, 2019 Modern Fiat Money World War 1 & End of Gold Standard Scarcity of Gold Reserves with Enlarging Circulation Bank Notes no longer redeemable for gold Floating value in exchange market Money by Decree of Government Backed by issuers ability to repay debts Susceptible to public distrust Possible uncontrolled inflation or deflation

Types of Electronic Money Private Currency  free banking Community Currency local acceptability World Currency  trade reference Hard Currency  non-reversible Soft Currency  allows payment disputes

Private Currency Free Banking  No Central Reserve Bank Free Entry into Banking Industry Freedom to Issue Notes, Accept Deposits, and Collect Checks for Payment Freedom to Borrow Money on Term Deposit Freedom to Lend Money & Invest Assets

Community Currency Ithaca HOURS BerkShares Toronto Dollar Ithaca, NY http://www.ithacahours.org/#whatareithacahours BerkShares Berkshire, MS http://www.berkshares.org/whatareberkshares.htm Toronto Dollar Toronto, Ontario http://torontodollar.com/aboutus/index.php

World Currency Global Trade Reference Gold, British Pound, US Dollar, Euro, Yen Private Complementary Currency efforts International Monetary Fund (IMF) Special Drawing Rights (SDR) Supplementary Reserve Assets

What are CryptoCurrencies? According to Merriam-Webster dictionary:

A cryptocurrency is based on Derives trust from NOT from legal tender statutes NOT from chemical/physical properties mathematical properties based on established, trusted, cryptographic principles cryptographic hashing digital signatures public key infrastructure

E-Cash Crypto Protocols Chaum82: blind signatures for e-cash Chaum88: retroactive double spender identification Brandis95: restricted blind signatures Camenisch05: compact offline e-cash Various practical issues: Need for trusted central party Computationally expensive Etc.

Some requirements for online cash Protection against double-spending Should work in an offline fashion Free-floating that acquires real value Anonymity (for both spender and recipient) Decentralized Bootstrapping an online cash (currency) that satisfies some or all of these requirements will require a clever amalgamation of well-known cryptographic primitives and computing paradigms! Thus the name: Crypto + Currencies

Cryptocurrency: Challenges Creation of a virtual coin/note How is it created in the first place? How do you prevent inflation? (What prevents anyone from creating lots of coins?) Validation Is the coin legit? (proof-of-work) How do you prevent a coin from double-spending? Buyer and Seller protection in online transactions Buyer pays, but the seller doesn’t deliver Seller delivers, buyer pays, but the buyer makes a claim. Trust on third-parties Rely on proof instead of trust Verifiable by everyone No central bank or clearing house

Security in Cryptocurrency Authentication Am I paying the right person? Not some other impersonator? Integrity Is the coin double-spent? Can an attacker reverse or change transactions? Availability Can I make a transaction anytime I want? Confidentiality Are my transactions private? Anonymous?

Security in Cryptocurrency Authentication  Public Key Crypto: Digital Signatures Am I paying the right person? Not some other impersonator? Integrity  Digital Signatures and Cryptographic Hash Is the coin double-spent? Can an attacker reverse or change transactions? Availability Broadcast messages to the P2P network Can I make a transaction anytime I want? Confidentiality Pseudonymity Are my transactions private? Anonymous?

Cryptocurrency Validation Creation of a virtual coin/note Is the coin legit? (proof-of-work)  Use of Cryptographic Hashes How do you prevent a coin from double-spending?  Broadcast to all nodes Creation of a virtual coin/note How is it created in the first place?  Provide incentives for miners How do you prevent inflation? (What prevents anyone from creating lots of coins?)  Limit the creation rate of the BitCoins

Bitcoin terminology Bitcoin The protocol / technology bitcoins The currency / coin / unit of account Transaction Transfer of a coin from one owner to the next, signed cryptographically Public/Private key The receiver’s public key is his Bitcoin address The sender’s private key is used to digitally sign the transaction Block Validated collection of transactions over 10 minutes, created through mining Mining Generates a block and validates transactions through proof-of-work, creating new bitcoins in the process Blockchain Timestamped sequence of linked blocks The public ledger

Distributed Consensus What are Blockchains? Blockchain is a Distributed, Secure, Logfile … …… …… Distributed Consensus All parties participate in the blockchain (consensus) protocol. Everybody has a local view of the blockchain. Maintained/generated by a blockchain protocol which is run jointly by many parties. The goal of all parties is to maintain a globally consistent ordered set of records. (A blockchain protocol is a distributed consensus protocol.) …… …… ……

to connect to previous block What are Blockchains? …… …… A blockchain is basically an ordered sequence of blocks, where each block contains some information/record. Maintained/generated by a blockchain protocol which is run jointly by many parties. The goal of all parties is to maintain a globally consistent ordered set of records. (A blockchain protocol is a distributed consensus protocol.) “Header” “Records” to connect to previous block

Applications: Cryptocurrencies Decentralized, no trusted server A digital currency is the first demonstrable use of blockchain Central Trusted Authority Public Ledger Traditionally, for establishing a currency, we assume existence of a central authority which can be trusted to provide paper currency, keep records and authenticate digital transfers.

Applications: Cryptocurrencies “Stake” “A transfers 2 coins to B.” In cryptocurrencies, each party has a non-negative stake/balance, and records are simply transactions between parties (which are verified by signatures). SKA …… “Records”

How to Generate New Blocks? Block generation is like election/ puzzle-solving race Different ideologies Proof-Of-Work (POW) Proof-Of-Stake (POS) … Solve moderately hard “puzzles” Vote ∝ compute power One could visualize it as randomized leader election process. Vote ∝ stake

Chain Properties Chain Consistency: Honest parties agree on all but last ℓ blocks Chain Quality: # of blocks mined by honest parties ∝ to their voting power (any ℓ consecutive blocks) …… Last ≤ ℓ inconsistent ……

Bitcoin Whitepaper – 2008.10.31

BitCoin It is simply a means of sending and receiving numbers to and from "addresses" Described by Satoshi Nakamoto in 2008 Introduced as open-source software in 2009 An Open-Source Peer-To-Peer Payment Network Payments are recorded in a public ledger Using Digital Signatures & Encryption decentralization is the basis for Bitcoin's security and freedom

Bitcoin A protocol that supports a decentralized, pseudo-anonymous, peer-to-peer digital currency A publicly disclosed linked ledger of transactions stored in a blockchain A reward driven system for achieving consensus (mining) based on “Proofs of Work” for helping to secure the network A “scare token” economy with an eventual cap of about 21M bitcoins

Bitcoin Governance - an open source community of developers backed by the Bitcoin Foundation. Democratic - if you don't like one of the changes, you are more than welcome to fork the chain and implement your own rules Money Creation - is given to the people, not to the central bankers. Deflationary by design - money supply cannot be manipulated and is fixed at 21 million coins, each divisible up to 8 decimal

Features of Bitcoin Is “deflationary” – the reward is cut in half every four years, and tokens can be irrevocably destroyed Nearly infinitely divisible currency units supporting eight decimal places 0.00000001 (known as a Satoshi) Nominal transaction fee’s paid to the network Same cost to send $.01 as $1,000,000 Consensus driven – no central authority Counterfeit resilient Cannot add coins arbitrarily Cannot be double-spent No recourse and no one to appeal to return sent tokens

Brief history of bitcoin 18.8.2008 Bitcoin is registered 31.10.2008 Bitcoin design paper published 3.1.2009 The Genesis Block is mined (18:15:05 GMT) 12.1.2009 First Bitcoin transaction 5.10.2009 An exchange rate is established 6.2.2010 A currency exchange is born 17.7.2010 MtGox is established 15.8.2010 A vulnerability in the system is exploited to generate 184 billion Bitcoins 18.9.2010 First collective mining starts 29.9.2010 Another exploit discovered 28.10.2010 First short sale 2011 Silk Road opens for business 28.1.2011 25% of total Bitcoins generated 9.2.2011 Bitcoin reaches parity with USD (1:1) 12.4.2011 First put option sold 13.7.2011 25,000 BTC theft reported 19.7.2011 Major breach at MtGox 6.9.2011 Creation of physical Bitcoins 13.2.2012 Second largest Bitcoin exchange shuts down 28.3.2013 Market cap reaches $ 1 billion 1.5.2013 Gaming company caught secretly mining Bitcoins from customer computers 2.5.2013 First Bitcoin ATM (San Diego) 6.8.2013 Bitcoin ruled currency by Texas judge 2.10.2013 FBI shuts down Silk Road (3.6 milllion USD seized) 19.11.2013 Bitcoin goes above $ 1000 http://historyofbitcoin.org/

Number of Transactions per Day https://www.blockchain.com/charts

Hash Rate

Market Price

Transaction Fees

The Bitcoin Startup Ecosystem: Six Different Bitcoin Company Categories Exchanges Wallets Universal Payment Processing Financial Services Mining

Legality of Bitcoin by country https://map.bitlegal.io/

Why Bitcoin became the pioneer in virtual currency Financial crisis caused meltdown of the economy in 2008-2009 Caused a transfer of assets form real-estate and financial sphere to investment into commodities that are traditionally considered as a stable store of values Historically, Gold is best known commodity of that type because quantity of this metal is limited and, therefore, it is great way how to hedge your portfolio in times when usage of expansive monetary policy is highly likely Bitcoin is similar to gold (except there is no intrinsic value) and when the value of gold started to decrease due to the price roof that it had reached and partial recovery of financial market, value of bitcoin soared because it was cleverly designed financial product with finite quantity

How it works The block chain is the fundamental data structure of the Bitcoin protocol It's a single data file participants pass around to each other It allows them to know who owns what Anyone can change it to send money to someone else Other users mathematically verify the transaction to ensure it's validity

How It Works It's essentially an accounting ledger: 3/3/13 Sally found : $15.00 3/3/13 Sally -> Bob : $10.00 3/4/13 Bob -> Jimmy : $4.00 3/4/13 Sally -> Barb : $4.00 3/4/13 Jimmy -> Sally : $2.00 How much money does Sally have in her wallet? Sally had $15, then gave $10 to Bob, then $4 to Barb, then was given $2 from Jimmy. Sally has $3 as of right now.

Decentralized The “digital wallet” operates in a peer to peer mode When it starts it bootstraps to find other wallets Originally it used the Internet Relay Chat (IRC) network Now based on DNS and “seed nodes” The wallet will synchronize with the network by downloading ALL of the transactions starting from the GENESIS block if necessary 572,061 blocks at time of slide prep Over 210 GB Using a “gossip protocol” the wallets share all transaction information with their peers

Coins flow from Inputs to Outputs A coin owner transfers coins by digitally signing (via ECDSA) a hash digest of the previous transaction and the public key of the next owner. This signature is then appended to the end of the coin.

Transactions Input contains 1) A public key that belongs to the redeemer of the output transaction. 2) An ECDSA hash over a hash of the transaction. Output contains 1) The actual amount being sent to the recipient. 2) The change amount being sent back to the original sender (if any) 3) The voluntary transaction fee attached to the output (if any). The block chain prevents the double spend attack by giving other nodes the power to verify that transaction inputs were not already spent somewhere else.

Pseudo Anonymous Using public key cryptography, specifically Elliptic Curve Cryptography due to its key strength and shorter keys Transactions are sent to public key “addresses” 1AjYPi8qryPCJu6xgdJuQzVnWFXLmxq9s3 1Give4dbry2pyJihnpqV6Urq2SGEhpz3K

Addresses are like Accounts The wallet listens for transactions addressed to any of its public keys and in theory is the only node that is able to decrypt and accept the transfer “Coins” are “sent” by broadcasting the transaction to the network which are verified to be viable and then added to a block Keys can represent a MULTI-SIG address that requires a N of M private keys in order to decrypt the message

Arriving at Consensus Although the accepted chain can be considered a list, the block chain is best represented with a tree The longest path represents the accepted chain A participant choosing to extend an existing path in the block chain indicates a vote towards consensus on that path The longer the path, the more computation was expended building it

Consensus Process = Mining Originally the digital wallet could also participate in the consensus process by attempting to secure the network directly This process is known as “mining” Mining involves attempting to find a numerical value, known as a “nonce” that when combined with all open transactions can be “hashed” into a value that satisfies a certain “difficulty” Custom, purpose built-hardware has long since replaced the function such that its no longer productive for simple CPU based systems to compete in the mining process, and thus it was removed

Mining Miners collect the transactions on the network into large bundles called blocks like "Alice pays Karim 10 bitcoins" and "Liam pays Sofia 8.3 bitcoins". These blocks are strung together into one continuous, authoritative record called the block chain, which doesn't permit any conflicting transactions. lets you know for sure exactly which transactions count and can be trusted (no double spending!). https://www.bitcoinmining.com/

Block Chain Bitcoin makes sure there is only one block chain by making blocks really hard to produce miners have to compute a cryptographic hash of the block that meets certain criteria difficulty of the criteria for the hash is adjusted based on how frequently blocks are appearing also carefully validate all the transactions that go into their blocks Successful miners are rewarded some bitcoins according to a preset schedule

Fraud prevention Users can trust the block chain that was most difficult to produce longest chain wins If there was a "fake" blockchain competing with the real ones the fraudster would have to do as much work as the rest of the network to make their block chain look as trustworthy intense work that goes into finding blocks through hashing secures the network against fraud

BitCoin Mining Collects transactions from the network Validates them, and doesn't allow conflicting ones Puts them into large bundles called blocks Computes cryptographic hashes over and over until if finds one "good enough to count" Then submits the block to the network, adding it to the block chain and earning a reward in return

Bitcoin Security An attacker with > 50% of hash power can Bitcoin addresses are RACE Integrity Primitives Evaluation Message Digest RIPEMD-160 of SHA-256 of an Elliptic Curve Digital Signature Algorithm public key any vulnerabilities in the algorithms would constitute a vulnerability in bitcoin itself An attacker with > 50% of hash power can Double spend: Reverse transactions that he sends while he's in control Prevent some or all transactions from gaining any confirmations Prevent some or all other generators from getting any generations

Alternates to Bitcoin aka Altcoins “Good artists copy. Great artists steal.” The first alternate blockchain was Namecoin Early attempts to “re-level the playing field” were made by changing the hashing function from SHA256 to SCRYPT SCRYPT is a “memory intensive” function that was thought to be resistant to customized hardware (false)

Alternates to Bitcoin aka Altcoins Changes to the block emit time target were also changed from Bitcoins 10 minutes to 2.5 minutes to increase the velocity Newer ALTS incorporate every escalating hash functions, chained together in novel ways to resist giving purpose built hardware an advantage over CPU based mining

A Babel of Altcoins Now well over 2,000 “alternate” coins to Bitcoin 99.99% of them are simply brands / clones Most tinker with: the total coin supply the hashing functions (SHA256, SCRYPT, X11 et al) block emit time targets Proof of Something (Proof of Work, Proof of Stake) Ethereum, Ripple, Bitcoin Cash, EOS, Litecoin, … Total Market Cap: $ 177 billion (Bitcoin is 92.7B) https://coinmarketcap.com/

Issues against bitcoin usage New and uninvestigated financial product History is full of illegal and questionable activity Absence of relevant theoretical background Highly volatile value and an unknown issuer Undefined legal status Unregulated commodity and absence of consumer protection Anonymity and blurry taxation status Illegal or undefined in most countries of the world

Bad Uses for Good Technology Bitcoin has had its fair share of “bad press” Silk Road An online anonymous marketplace for “censorship-free” commerce Bitinstant Charlie Shrem plead guilty to aiding money laundering MT-GOX aka “Magic The Gathering Online eXchange” 700,000 coins “missing”

The Silk Road case Silk Road had an estimated $200 million in sales. 95% of which for drugs. In October 2013 Silk Road was shut down

The Mt. Gox case Mt.Gox was the worst scandal in Bitcoin history and precipitated the burst of the bubble in early 2014. An estimated $500 million in bitcoins were lost.

Price of bitcoin has fluctuated wildly Extreme volatility deters the mainstream from holding bitcoins as a store of value And makes it unsuitable as a unit of account Merchants instantly exchange bitcoins for fiat

USD/Bitcoin Weighted Price (Volatility) China restricted Bitcoin exchange for local RMB Russia defined Bitcoin as dubios activity MtGox filed for bankruptcy (theft of 477 million USD in BTC) Soaring caused by wide acceptance of Bitcoin

Bitcoin Concerns Wallet Vulnerable To Theft Tracing a coin's history Packet sniffing Sybil attack (cancer nodes) No authentication for IP transfers This attack is likely if you're using VPN/Tor Denial of Service (DoS) attacks Illegal content in the block chain Energy Consumption

Hashcash (Or How to Pay a Byzantine Generals Salary) Like many great ideas to become realized, it takes a confluence of other great ideas Based on the idea of HashCash, a Proof of Work concept invented by Adam Back in 1997 (http://www.hashcash.org/papers/hashcash.pdf) Originally proposed as an anti-spam throttling mechanism The core idea is that before accepting a transaction, the sender must first demonstrate a “cost” via a computationally “hard” problem that can simultaneously be easily verified. This generally referred to as a “Proof of Work”

“The Quick Brown Fox Jumped Over the Lazy Dog” The Role of Hashing A hash function is any function that can be used to map digital data of arbitrary size to digital data of fixed size, with slight differences in input data producing very big differences in output data. MD5, SHA1, SHA256 For example, the MD5 hashes of ‘abc’ compared to ‘abC’ abc 0bee89b07a248e27c83fc3d5951213c1 abC 2217c53a2f88ebadd9b3c1a79cde2638 “The Quick Brown Fox Jumped Over the Lazy Dog” 2dfd75162490ed3b4c893141f9ab37cf

Proof of Work A publicly auditable cost-function can be efficiently verified by any third party without access to any trapdoor or secret information. A fixed cost cost-function takes a fixed amount of resources to compute. The fastest algorithm to mint a fixed cost token is a deterministic algorithm. A probabilistic cost cost-function is one where the cost to the client of minting a token has a predictable expected time, but a random actual time as the client can most efficiently compute the cost-function by starting at a random start value. Sometimes the client will get lucky and start close to the solution.

The Hash Lottery Hashing is straightforward, but not challenging Unless the goal is to say, find me a hash value that satisfies a certain level of “difficulty” For example, let’s say the challenge is find a hash-value that begins with a number of zeros, for a given input The Proof of Work comes from finding a number (known as a NONCE) that when added to the input changes the output of the hash value to satisfy the difficulty. In the Bitcoin world this is what “mining” is and in effect is little more than a lot of hash-power spent on guessing winning lottery numbers that satisfy the difficulty of the problem in order to obtain the reward from the network

The Payout The node that finds the best solution to the challenge is provisionally granted a reward Originally in Bitcoin it was 50 new coins Competing solutions are evaluated based on which node offers the higher number of transactions included in the candidate block as well as the level of over-satisfying the difficulty. For example, if two nodes offer a solution to the challenge and both have the same number of transactions, the reward will go to the node that found a NONCE that beat the challenge E.G. Find a hash that begins with 4 zeros The node that supplies a hash that has 5 zeros beats the node that only finds the minimum

Transaction Confirmation Having a transaction provisionally accepted into a candidate block signals that the network has verified that the inputs were viable Every new block accepted into the chain after the transaction was accepted is considered a confirmation Coins are not considered mature until there have been 6 confirmations (basically an hour assuming a 10 minute block cadence) New Coins created by the mining process are not valid until about 120 confirmations This is to assure that a node with more than 51% of the total hash-power does not pull off fraudulent transactions

Why 51% Matters “When does 1 + 1 = 3 ?” * In the case of Bitcoin “consensus” goes to the chain with the highest number of blocks Not just in theory, but in practice several large mining pools have generated six blocks in a row To date the network has voluntarily shifted its mining power around or faced Distributed Denial of Service attacks * When everyone says it does!

Ethereum.org Turing complete contracts on a blockchain. Contracts are the main building blocks of Ethereum. A contract is a computer program that lives inside the distributed Ethereum network and has its own ether balance, memory and code. Every time you send a transaction to a contract, it executes its code, which can store data, send transactions and interact with other contracts. Contracts are maintained by the network, without any central ownership or control. Contracts are written in languages instantly familiar to any programmer and powered by Ether, Ethereum's cryptofuel.