DOCSLIB.ORG

Data Analytics and Consensus Mechanisms in Blockchains

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Data Analytics and Consensus Mechanisms in Blockchains PhD-FSTM-2020-43 The Faculty of Sciences, Technology and Medicine DISSERTATION Defence held on 24/09/2020 in Esch-sur-Alzette to obtain the degree of DOCTEUR DE L’UNIVERSITÉ DU LUXEMBOURG EN INFORMATIQUE by Dániel FEHÉR Born on 5 March 1993 in Miskolc, (Hungary) DATA ANALYTICS AND CONSENSUS MECHANISMS IN BLOCKCHAINS Dissertation defence committee Dr Alex Biryukov, dissertation supervisor Professor, Université du Luxembourg Dr Paulo Esteves-Veríssimo, Chairman Professor, Université du Luxembourg Dr Volker Müller, Vice Chairman Associate Professor, Université du Luxembourg Dr Rainer Böhme Professor, Universität Innsbruck Dr Ghassan Karame Head of Security Research, NEC Laboratories Europe iii Abstract Blockchains, and especially Bitcoin have soared in popularity since their inceptions. This thesis furthers our knowledge of blockchains and their uses. First, we analyze transaction linkability in the privacy preserving cryptocur- rency Zcash, based on the currency minting transactions (mining). Using pre- dictable usage patterns and clustering heuristics on mining transactions, an attacker can link to publicly visible addresses in over 84% of the privacy pre- serving transactions Then, we further analyze privacy issues for the privacy-oriented cryptocur- rency Zcash. We study privacy preserving transactions and show ways to finger- print user transactions, including active attacks. We introduce two new attacks, which we call the Danaan-gift attack and the Dust attack. Then, we investigate the generic landscape and hierarchy of miners as ex- emplified by Ethereum and Zcash. Both chains used application-specific inte- grated circuit (ASIC) resistant proofs-of-work which favor GPU mining in order to keep mining decentralized. This, however, has changed with the introduction of ASIC miners for these chains. This transition allows us to develop methods that might detect hidden ASIC mining in a chain (if it exists), and to study how the introduction of ASICs affects the decentralization of mining power. Fi- nally, we describe how an attacker might use public blockchain information to invalidate miners' privacy, deducing the mining hardware of individual miners and their mining rewards. Then, we analyze the behavior of cryptocurrency exchanges on the Bitcoin blockchain, and compare the results to the exchange volumes reported by the same exchanges. We show, that in multiple cases these two values are close to each other, which confirms the integrity of their reported volumes. Finally, we present a heuristic to try to classify large clusters of addresses in the blockchain, and whether these clusters are controlled by an exchange. Finally, we describe how to couple reputation systems with distributed con- sensus protocols to provide a scalable permissionless consensus protocol with a low barrier of entry, while still providing strong resistance against Sybil attacks for large peer-to-peer networks of untrusted validators. We introduce the repu- tation module ReCon, which can be laid on top of various consensus protocols such as PBFT or HoneyBadger. The protocol takes external reputation rank- ing as input and then ranks nodes based on the outcomes of consensus rounds run by a small committee, and adaptively selects the committee based on the current reputation. v Acknowledgements This dissertation would not be possible without the support and help from many people. First of all, I would like to thank my supervisor, Prof. Alex Biryukov, for leading my research and providing me with the freedom to choose many topics. I would like to thank my thesis supervision committee members, Prof. Paulo Esteves Verissimo, and Prof. Volker M¨uller,for following my research and giving valuable advice. I am grateful to Prof. Rainer B¨ohmeand to Dr. Ghassan Karame for agreeing to serve on my defense as jury members. I would like to thank the University of Luxembourg and the Interdisciplinary Centre for Security, Reliability and Trust for providing me an excellent research environment. I am thankful to all my colleagues at CryptoLUX and at the University for the happy years and the countless conversations we had during our coffee breaks. My greatest gratitude is to my family and friends who have always supported me in every decision I took in my life. vii Contents Abstract iii Acknowledgementsv List of Figures xi List of Tables xiii List of Abbreviations xv 1 Introduction1 1.1 Currencies..............................1 1.1.1 Main Challenges of Digital Currencies..........2 1.1.2 Digital Currencies......................4 1.2 Bitcoin................................4 1.2.1 Transaction Structure...................4 1.2.2 Blocks............................6 1.2.3 Proof-of-Work Protocol...................7 1.2.4 Mining Hardware......................9 1.2.5 Mining Pools........................ 10 1.2.6 Network Communication.................. 11 1.2.7 Security of Bitcoin..................... 12 1.2.8 Advantages and Disadvantages.............. 13 1.2.9 Main Actors in Bitcoin................... 14 1.3 Scalability of Cryptocurrencies................... 15 1.4 Privacy in Cryptocurrencies.................... 16 1.4.1 Privacy-oriented Cryptocurrencies............. 17 1.5 Contributions............................ 19 I Data Analytics in Blockchains 21 2 Deanonymizing Miners in Zcash 23 2.1 Zcash................................. 23 2.1.1 Notation........................... 26 2.2 Analytics tool for Zcash...................... 27 2.3 Related Work............................ 28 2.4 Deanonymizing The Miners.................... 29 2.4.1 Pattern T Mining Pools.................. 29 2.4.2 Pattern Z Mining Pools.................. 30 viii 2.4.3 Results of the Heuristics.................. 32 2.4.4 Accuracy of the Heuristics................. 33 2.4.5 Comparison of results to previous work.......... 34 2.4.6 Inflation of results..................... 35 2.5 Summary and Conclusions..................... 35 3 Further Transaction Linking in Zcash 37 3.1 Linking with Transaction Values.................. 37 3.1.1 Direct Value Linking Including Transaction Fees..... 38 3.1.2 Subset sum......................... 39 3.1.3 Fingerprinted Values.................... 39 3.1.4 Further Results....................... 41 3.2 The Model for the Probability of Fingerprint Survival...... 42 3.2.1 Experimental results.................... 44 3.2.2 Notation........................... 44 3.2.3 Sapling Transactions Dataset............... 45 3.3 Danaan-Gift Attack (Malicious Value Fingerprinting)...... 48 3.4 Dust Attack............................. 49 3.4.1 Official Linux Command-line Zcash Wallet........ 50 3.4.2 GUI-based Sapling-supporting Wallets.......... 50 3.4.3 Combining Danaan and Dust Attacks........... 51 3.5 Usage of zk-SNARKs........................ 51 3.5.1 Interaction Between Sapling and Sprout Transactions.. 51 3.6 Summary and Conclusions..................... 52 4 Privacy of Miners in Zcash and Ethereum 53 4.1 Terminology............................. 54 4.2 Background and Related Work................... 55 4.3 Mining Landscape.......................... 55 4.3.1 Ethereum.......................... 56 4.3.2 Zcash............................ 57 4.3.3 GPU Mining........................ 58 4.3.4 GPU vs ASIC mining.................... 60 4.4 Detecting ASIC miners....................... 60 4.4.1 Fraction of large miners in the mining power....... 60 4.4.2 Mining Software Developer Fees.............. 61 4.4.3 Public Introduction of ASICs............... 63 4.5 Mining Centralization....................... 64 4.6 Privacy of Miners.......................... 65 4.6.1 Linkability of Mining rewards............... 65 4.6.2 Countermeasures...................... 66 4.7 Summary and Conclusions..................... 67 5 Estimating Exchange Traffic 69 5.1 Evaluating Identified Clusters................... 70 5.2 Classifying Large Clusters..................... 75 5.3 Summary and Conclusions..................... 77 ix II Consensus Protocols in Blockchains 79 6 ReCon 81 6.0.1 Related Work........................ 83 6.1 Existing Consensus Protocols................... 83 6.1.1 Proof-of-Work........................ 83 6.1.2 Proof-of-Stake........................ 85 6.1.3 Byzantine Agreement.................... 85 6.1.4 Hybrid Protocols...................... 86 6.2 Preliminaries of Our Protocol................... 87 6.2.1 Generic........................... 87 6.2.2 Assumptions......................... 88 6.2.3 Nodes............................ 89 6.3 Reputation module......................... 89 6.3.1 External Reputation.................... 90 6.3.2 Committee selection.................... 91 6.3.3 Rewards and penalties................... 92 6.3.4 Probability of a forgery................... 93 6.3.5 Types of Blocks....................... 95 6.3.6 Source of randomness.................... 96 6.3.7 Fairness........................... 96 6.3.8 Dealing with forks..................... 97 6.3.9 Convergence......................... 97 6.3.10 Pseudocode......................... 98 6.4 Simulation Results......................... 98 6.4.1 External reputation: discrete (no information)...... 99 6.4.2 External reputation with normal distribution....... 100 6.4.3 External reputation with exponential distribution.... 101 6.5 Attacks and their mitigation.................... 101 6.5.1 Botnet takeover....................... 101 6.5.2 Sybil attack: saturation.................. 102 6.5.3 Sybil attack: lie and wait strategy............. 102 6.5.4 Attacks on randomness................... 102 6.5.5 Honest majority....................... 103 6.5.6 Detection
Load more

Recommended publications
  • Characterizing Ethereum's Mining Power Decentralization at a Deeper
    Characterizing Ethereum’s Mining Power Decentralization at a Deeper Level Liyi Zeng∗§, Yang Chen†§, Shuo Chen†, Xian Zhang†, Zhongxin Guo†, Wei Xu∗, Thomas Moscibroda‡ ∗Institute for Interdisciplinary Information Sciences, Tsinghua University †Microsoft Research ‡Microsoft Azure §Contacts: [email protected], [email protected] Abstract—For proof-of-work blockchains such as Ethereum, than 50% of the total power has grown from several the mining power decentralization is an important discussion hundred to several thousand. Overall, the power is more point in the community. Previous studies mostly focus on the decentralized at the participant level than 4 years ago. aggregated power of the mining pools, neglecting the pool participants who are the source of the pools’ power. In this paper, However, we also find that this number varied signif- we present the first large-scale study of the pool participants icantly over time, which means it requires continuous in Ethereum’s mining pools. Pool participants are not directly tracking. Additionally, as our current data and method- observable because they communicate with their pools via private ology cannot de-anonymize the participants, it’s possible channels. However, they leave “footprints” on chain as they that some participants split themselves into many smaller use Ethereum accounts to anonymously receive rewards from mining pools. For this study, we combine several data sources ones for various reasons, which could make our estima- to identify 62,358,646 pool reward transactions sent by 47 tion inaccurate if not completely off the target. Further pools to their participants over Ethereum’s entire near 5-year study to improve the estimation accuracy is important.
    [Show full text]
  • Crypto Research Report ‒ April 2019 Edition
    April 2019 Edition VI. “When the Tide Goes Out…” Investments: Gold and Bitcoin, Stronger Together Technical Analysis: Spring Awakening? Cryptocurrency Mining in Theory and Practice Demelza Kelso Hays Mark J. Valek We would like to express our profound gratitude to our premium partners for supporting the Crypto Research Report: www.cryptofunds.li Contents Editorial ............................................................................................................................................... 4 In Case You Were Sleeping: When the Tide Goes Out…............................................................... 5 Back to the Roots ............................................................................................................................................. 6 How Long Will This Bear Market Last .............................................................................................................. 7 A Tragic Story Traverses the World ................................................................................................................. 9 When the tide goes out… ............................................................................................................................... 10 A State Cryptocurrency? ................................................................................................................................ 12 Support is Increasing ..................................................................................................................................... 14
    [Show full text]
  • Asymmetric Proof-Of-Work Based on the Generalized Birthday Problem
    Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem Alex Biryukov Dmitry Khovratovich University of Luxembourg University of Luxembourg [email protected] [email protected] Abstract—The proof-of-work is a central concept in modern Long before the rise of Bitcoin it was realized [20] that cryptocurrencies and denial-of-service protection tools, but the the dedicated hardware can produce a proof-of-work much requirement for fast verification so far made it an easy prey for faster and cheaper than a regular desktop or laptop. Thus the GPU-, ASIC-, and botnet-equipped users. The attempts to rely on users equipped with such hardware have an advantage over memory-intensive computations in order to remedy the disparity others, which eventually led the Bitcoin mining to concentrate between architectures have resulted in slow or broken schemes. in a few hardware farms of enormous size and high electricity In this paper we solve this open problem and show how to consumption. An advantage of the same order of magnitude construct an asymmetric proof-of-work (PoW) based on a compu- is given to “owners” of large botnets, which nowadays often tationally hard problem, which requires a lot of memory to gen- accommodate hundreds of thousands of machines. For prac- erate a proof (called ”memory-hardness” feature) but is instant tical DoS protection, this means that the early TLS puzzle to verify. Our primary proposal Equihash is a PoW based on the schemes [8], [17] are no longer effective against the most generalized birthday problem and enhanced Wagner’s algorithm powerful adversaries.
    [Show full text]
  • Zcash Protocol Speci Cation
    Zcash Protocol Specication Version 2018.0-beta-14 Daira Hopwood† Sean Bowe† — Taylor Hornby† — Nathan Wilcox† March 11, 2018 Abstract. Zcash is an implementation of the Decentralized Anonymous Payment scheme Zerocash, with security xes and adjustments to terminology, functionality and performance. It bridges the exist- ing transparent payment scheme used by Bitcoin with a shielded payment scheme secured by zero- knowledge succinct non-interactive arguments of knowledge (zk-SNARKs). It attempts to address the problem of mining centralization by use of the Equihash memory-hard proof-of-work algorithm. This specication denes the Zcash consensus protocol and explains its differences from Zerocash and Bitcoin. Keywords: anonymity, applications, cryptographic protocols, electronic commerce and payment, nancial privacy, proof of work, zero knowledge. Contents 1 1 Introduction 5 1.1 Caution . .5 1.2 High-level Overview . .5 2 Notation 7 3 Concepts 8 3.1 Payment Addresses and Keys . .8 3.2 Notes...........................................................9 3.2.1 Note Plaintexts and Memo Fields . .9 3.3 The Block Chain . 10 3.4 Transactions and Treestates . 10 3.5 JoinSplit Transfers and Descriptions . 11 3.6 Note Commitment Trees . 11 3.7 Nullier Sets . 12 3.8 Block Subsidy and Founders’ Reward . 12 3.9 Coinbase Transactions . 12 † Zerocoin Electric Coin Company 1 4 Abstract Protocol 12 4.1 Abstract Cryptographic Schemes . 12 4.1.1 Hash Functions . 12 4.1.2 Pseudo Random Functions . 13 4.1.3 Authenticated One-Time Symmetric Encryption . 13 4.1.4 Key Agreement . 13 4.1.5 Key Derivation . 14 4.1.6 Signature . 15 4.1.6.1 Signature with Re-Randomizable Keys .
    [Show full text]
  • Understanding the Motivations, Challenges and Needs of Blockchain Software Developers: a Survey
    Empirical Software Engineering manuscript No. (will be inserted by the editor) Understanding the Motivations, Challenges and Needs of Blockchain Software Developers: A Survey Amiangshu Bosu · Anindya Iqbal · Rifat Shahriyar · Partha Chakroborty Received: November 6, 2018 / Accepted: March 19, 2019 Abstract The blockchain technology has potential applications in various areas such as smart-contracts, Internet of Things (IoT), land registry, supply chain man- agement, storing medical data, and identity management. Although the Github currently hosts more than six thousand active Blockchain software (BCS) projects, few software engineering research has investigated these projects and its' contrib- utors. Although the number of BCS projects is growing rapidly, the motivations, challenges, and needs of BCS developers remain a puzzle. Therefore, the primary objective of this study is to understand the motivations, challenges, and needs of BCS developers and analyze the differences between BCS and non-BCS development. On this goal, we sent an online survey to 1,604 active BCS developers identified via mining the Github repositories of 145 popular BCS projects. The survey received 156 responses that met our criteria for analysis. The results suggest that the majority of the BCS developers are experienced in non-BCS development and are primarily motivated by the ideology of creating a decentralized financial system. Although most of the BCS projects are Open Source Software (OSS) projects by nature, more than 93% of our respondents found BCS development somewhat different from a non-BCS development as BCS projects have higher emphasis on security and reliability than most of the non- BCS projects. Other differences include: higher costs of defects, decentralized and hostile environment, technological complexity, and difficulty in upgrading the soft- ware after release.
    [Show full text]
  • Coinbase Explores Crypto ETF (9/6) Coinbase Spoke to Asset Manager Blackrock About Creating a Crypto ETF, Business Insider Reports
    Crypto Week in Review (9/1-9/7) Goldman Sachs CFO Denies Crypto Strategy Shift (9/6) GS CFO Marty Chavez addressed claims from an unsubstantiated report earlier this week that the firm may be delaying previous plans to open a crypto trading desk, calling the report “fake news”. Coinbase Explores Crypto ETF (9/6) Coinbase spoke to asset manager BlackRock about creating a crypto ETF, Business Insider reports. While the current status of the discussions is unclear, BlackRock is said to have “no interest in being a crypto fund issuer,” and SEC approval in the near term remains uncertain. Looking ahead, the Wednesday confirmation of Trump nominee Elad Roisman has the potential to tip the scales towards a more favorable cryptoasset approach. Twitter CEO Comments on Blockchain (9/5) Twitter CEO Jack Dorsey, speaking in a congressional hearing, indicated that blockchain technology could prove useful for “distributed trust and distributed enforcement.” The platform, given its struggles with how best to address fraud, harassment, and other misuse, could be a prime testing ground for decentralized identity solutions. Ripio Facilitates Peer-to-Peer Loans (9/5) Ripio began to facilitate blockchain powered peer-to-peer loans, available to wallet users in Argentina, Mexico, and Brazil. The loans, which utilize the Ripple Credit Network (RCN) token, are funded in RCN and dispensed to users in fiat through a network of local partners. Since all details of the loan and payments are recorded on the Ethereum blockchain, the solution could contribute to wider access to credit for the unbanked. IBM’s Payment Protocol Out of Beta (9/4) Blockchain World Wire, a global blockchain based payments network by IBM, is out of beta, CoinDesk reports.
    [Show full text]
  • La Criptomoneda
    LA CRIPTOMONEDA LA CRIPTOMONEDA 1 LA CRIPTOMONEDA CONTENIDO 1. ¿Cuál es la criptomoneda más rentable para invertir? …………… Pág.6 2. NEO (NEO; antes AntShares) …………………………………………Pág.7 3. NEM (XEM) ……………………………………………………………….Pág.8 4. Ripple (XRP) ……………………………………………………………. Pág.9 5. Stellar (XLM) ……………………………………………………………. Pág.10 6. Ethereum (ETH) ………………………………………………………… Pág.11 7. Dash (Dash; antes Darkcoin o XCoin) ………………………………. Pág.12 8. Tron (TXR) ………………………………………………………………. Pág.13 9. Litecoin (LTC) ……………………………………………………………Pág.14 10. Cardano (ADA) …………………………………………………………. Pág.15 11. Monero (XMR) …………………………………………………………… Pág.16 12. Iota (Miota) ……………………………………………………………… Pág.17 13. Bitcoin (BTC) ……………………………………………………………. Pág.19 14. Bitcoin Cash (BCH)………………………………………………………. Pág. 21 15. Qué es una ICO: la ‘bolsa’ basada en las criptomonedas………… Pág.23 16. Qué es una ICO ………………………………………………………… Pág.24 2 LA CRIPTOMONEDA 17. Cómo se compra una ICO ……………………………………………... Pág. 26 18. ¿QUÉ ES LA MINERÍA DE BITCOINS (CRIPTOMONEDAS)?.......... Pág.28 19. MINERÍA BITCOIN ………………………………………………………. Pág.29 20. ¿CÓMO MINAR CRIPTOMONEDAS? …………………………………Pág.32 21. PRUEBA DE TRABAJO (PROOF-OF-WORK) ………………………. Pág.33 22. Minero ASIC de Bitcoin con fuente de 1.300 vatios ………………… Pág. 35 23. PRUEBA DE PARTICIPACIÓN (PROOF-OF-STAKE) ………………. Pág.38 24. Votación de delegados para forging en Lisk. ………………………. Pág.40 25. GRUPOS DE MINERÍA (MINING POOLS) ……………………………Pág.42 26. Participación de mercado de grupos de minería de Bitcoin. …….. Pág.46 27. MINERÍA EN LA NUBE (CLOUD MINING) …………………………... Pág. 48 28. Minería de criptomonedas para novatos ……………………………. Pág. 50 29. ORIGEN DEL VALOR …………………………………………………... Pág.52 30. HARDWARE NECESARIO ……………………………………………….Pág.57 31. ASPECTOS A TENER EN CUENTA PARA HARDWARE …………..Pág. 60 32. GPU ……………………………………………………………………….. Pág. 63 33. ELEGIR UNA CRIPTOMONEDA PARA CRIPTOMINAR …………….Pág. 67 34. CONSUMO ELÉCTRICO …………………………………………………Pág.74 3 LA CRIPTOMONEDA 35.
    [Show full text]
  • A Survey on Consensus Mechanisms and Mining Strategy Management
    1 A Survey on Consensus Mechanisms and Mining Strategy Management in Blockchain Networks Wenbo Wang, Member, IEEE, Dinh Thai Hoang, Member, IEEE, Peizhao Hu, Member, IEEE, Zehui Xiong, Student Member, IEEE, Dusit Niyato, Fellow, IEEE, Ping Wang, Senior Member, IEEE Yonggang Wen, Senior Member, IEEE and Dong In Kim, Fellow, IEEE Abstract—The past decade has witnessed the rapid evolution digital tokens between Peer-to-Peer (P2P) users. Blockchain in blockchain technologies, which has attracted tremendous networks, especially those adopting open-access policies, are interests from both the research communities and industries. The distinguished by their inherent characteristics of disinterme- blockchain network was originated from the Internet financial sector as a decentralized, immutable ledger system for transac- diation, public accessibility of network functionalities (e.g., tional data ordering. Nowadays, it is envisioned as a powerful data transparency) and tamper-resilience [2]. Therefore, they backbone/framework for decentralized data processing and data- have been hailed as the foundation of various spotlight Fin- driven self-organization in flat, open-access networks. In partic- Tech applications that impose critical requirement on data ular, the plausible characteristics of decentralization, immutabil- security and integrity (e.g., cryptocurrencies [3], [4]). Further- ity and self-organization are primarily owing to the unique decentralized consensus mechanisms introduced by blockchain more, with the distributed consensus provided by blockchain networks. This survey is motivated by the lack of a comprehensive networks, blockchains are fundamental to orchestrating the literature review on the development of decentralized consensus global state machine1 for general-purpose bytecode execution. mechanisms in blockchain networks. In this survey, we provide a Therefore, blockchains are also envisaged as the backbone systematic vision of the organization of blockchain networks.
    [Show full text]
  • Altcoins, Ethereum Projects, and More – Bonus Content
    Altcoins, Ethereum projects, and More – Bonus Content Welcome to the bonus online content for Mastering Blockchain – Third Edition! This content complements the main text, with the intention to enhance the reader learning experience. The material covered here has not been included in the core book for reasons of brevity and scope, but it contains valuable information, and has thus been included here for reference and further learning. We'll list and briefly describe the topics covered in these pages here, as an idea of what will be covered in this package. The topics are best read in conjunction with the chapters specified here, but can also be accessed as a reference guide for various topics at any point! • Bitcoin forks: It is recommended that this topic is read after Chapter 7, Bitcoin Network and Payments. It covers alternative Bitcoin projects such as Bitcoin Cash and Bitcoin Unlimited. • Alternative coins: This is intended to be read in conjunction with Chapter 9, Alternative Coins. This topic covers some important cryptocurrency projects such as Zcash and Primecoin. We cover in detail, among other things, how various clients can be installed, and how mining can be performed. • Ethereum networks, trading and investment: It's recommended to read this material with Chapter 11, Ethereum 101. This topic briefly introduces the different types of Ethereum networks and some technical details. Also, we introduce some basics regarding the trading and investment of ether, the Ethereum cryptocurrency. • Ethereum EVM opcodes: This topic should be read in conjunction with Chapter 12, Further Ethereum. Here, we list all EVM opcodes, with descriptions and some technical details, such as their opcode representation and gas consumption.
    [Show full text]
  • Zcash Protocol Speci Cation
    Zcash Protocol Specication Version 2016.0-beta-1.10 as intended for the Zcash release of autumn 2016 Daira Hopwood Sean Bowe — Taylor Hornby — Nathan Wilcox October 30, 2016 Contents 1 1 Introduction 4 1.1 Caution . .4 1.2 High-level Overview . .4 2 Notation 5 3 Concepts 7 3.1 Payment Addresses and Keys . .7 3.2 Notes...........................................................7 3.2.1 Note Plaintexts and Memo Fields . .8 3.3 Transactions, Blocks, and the Block Chain . .8 3.4 JoinSplit Transfers and Descriptions . .9 3.5 Note Commitment Tree . .9 3.6 Nullier Set . 10 3.7 Block Subsidy and Founders’ Reward . 10 3.8 Coinbase Transactions . 10 4 Abstract Protocol 10 4.1 Abstract Cryptographic Functions . 10 4.1.1 Hash Functions . 10 4.1.2 Pseudo Random Functions . 10 4.1.3 Authenticated One-Time Symmetric Encryption . 11 4.1.4 Key Agreement . 11 1 4.1.5 Key Derivation . 12 4.1.6 Signatures . 12 4.1.7 Commitment . 13 4.1.8 Zero-Knowledge Proving System . 13 4.2 Key Components . 14 4.3 JoinSplit Descriptions . 14 4.4 Sending Notes . 15 4.4.1 Dummy Notes . 16 4.5 Merkle path validity . 16 4.6 Non-malleability . 17 4.7 Balance . 17 4.8 Note Commitments and Nulliers . 17 4.9 JoinSplit Statement . 17 4.10 In-band secret distribution . 18 4.10.1 Encryption . 19 4.10.2 Decryption by a Recipient . 19 5 Concrete Protocol 20 5.1 Caution . 20 5.2 Integers, Bit Sequences, and Endianness . 20 5.3 Constants .
    [Show full text]
  • Vývoj Elektronických Plateb Development of Electronic Payments
    Masarykova univerzita Ekonomicko-správní fakulta Studijní obor: Finance Vývoj elektronických plateb Development of Electronic Payments Diplomová práce Vedoucí diplomové práce: Autor: prof. Ing. Jiří DVOŘÁK, DrSc. Mgr. Bc. Lucia MOŤKOVÁ Brno, 2017 Jméno autora: Lucia Moťková Název diplomové práce: Vývoj elektronických plateb Název práce v angličtině: Development of Electronic Payments Katedra: Katedra financí Vedoucí diplomové práce: prof. Ing. Jiří Dvořák, DrSc. Rok obhajoby: 2017 Anotace Diplomová práce klasifikuje peníze a elektronické (digitální) peníze, mezi které řadí i pohledávky z vkladů na bankovních účtech a soukromé elektronické peníze, včetně kryptoměn (bitcoin). Popisuje aspekty elektronických peněz a různých způsobů provádění elektronických plateb i jejich současnou právní regulaci v České republice, s cílem vytvoření modelů vývoje elektronických peněz a elektronických plateb a modelu elektronického bankovnictví. Autorka dále uvádí některá doporučení: doporučení retailovým klientům bank ve vztahu k realizaci elektronických plateb, doporučení státu ve vztahu k zajištění možnosti sledování peněžních toků a konečně doporučení bankám ve vztahu k vylepšení stávajících produktů, zejména v souvislosti s autentizací elektronických plateb. Annotation The diploma thesis classifies money and electronic (digital) money, among which claims on deposit bank accounts and private electronic money, including cryptocurrencies (bitcoin), are also classified. The features of electronic money and various methods of the realization of electronic
    [Show full text]
  • 51% Attack” January 2019
    PHILIP OWRUTSKY, PH.D., CFA VICE PRESIDENT, INVESTMENT STRATEGIST, CLIENT ADVISORY VIEWPOINTS FROM THE ACADIAN TEAM CRYPTOS’ ACHILLES HEEL: THE RISE OF THE “51% ATTACK” JANUARY 2019 • As of January 8th, Ethereum Classic is experiencing a “51% attack,” whereby malicious agents have stolen over $1.1 million by assuming control of enough computing power to falsify the currency’s transaction history. During 2018, several other cryptocurrencies were subject to similar attacks that netted fraudsters over $20 million. • We believe that these attacks threaten the very core of an entire class of cryptocurrencies, those based on the “proof-of-work” paradigm, which includes Bitcoin. • Paradoxically, the threat to this class of currencies has been exacerbated by their very success; namely, their integration into mainstream financial institutional frameworks. Bitcoin and other cryptocurrencies that are based on As of this writing, such an attack is underway what is known as a “proof-of-work” paradigm1 represent against the Ethereum Classic cryptocurrency. This isn’t a valuable technological advancement. Their underlying the first currency to fall victim. In 2018, malicious agents methodology allows for the maintenance of a provably successfully attacked several other cryptocurrencies in correct public ledger of transactions without the need this manner, pocketing over $20 million in the process for a central, trusted party to maintain it. That ledger’s (Table 1). By securing majority computing power veracity, and, thus, these cryptocurrencies’ credibility, associated with a currency, the perpetrators have been depends on an inviolable condition: that no individual or able to “double-spend” coins by undoing their side of syndicate can control a majority of the computing power anonymous transactions, retaining both their coins and associated with the platform.
    [Show full text]