DOCSLIB.ORG

Cryptocurrencies with Security Policies and Two-Factor Authentication

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cryptocurrencies with Security Policies and Two-Factor Authentication Cryptocurrencies with Security Policies and Two-Factor Authentication Florian Breuer∗ Vipul Goyal Giulio Malavolta∗ KIT NTT Research and CMU MPI-SP Abstract—Blockchain-based cryptocurrencies offer an ap- their decentralized and borderless nature make them pealing alternative to Fiat currencies, due to their decen- appealing substitutes for Fiat currencies, a burning tralized and borderless nature. However the decentralized problem with this approach is the lack of a recovery settings make the authentication process more challenging: mechanism if something goes wrong. What happens if Standard cryptographic methods often rely on the ability of one user’s key is lost or stolen? There is no bank to users to reliably store a (large) secret information. What call and no authority to rely upon to get your funds happens if one user’s key is lost or stolen? Blockchain back. Indeed, the number of such high profile attacks systems lack of fallback mechanisms that allow one to on cryptocurrencies has been rising steadily. Famous recover from such an event, whereas the traditional banking incidents like the Mt. Gox hack [14], the coincheck system has developed and deploys quite effective solutions. hack [2], and the Parity Technology code deletion [3] In this work, we develop new cryptographic techniques saw funds upwards of several hundred million dollars to integrate security policies (developed in the traditional being lost or stolen. The well-known DAO hack [32] banking domain) in the blockchain settings. We propose forced Ethereum to adopt a hard fork which created a system where a smart contract is given the custody of two version of the currency: Ethereum and Ethereum the user’s funds and has the ability to invoke a two-factor classic. To deal with such problems in future, Ethereum authentication (2FA) procedure in case of an exceptional developers have proposed EIP 867. An ethereum improvement protocol (EIP) is the process by which event (e.g., a particularly large transaction or a key recovery code changes get accepted onto the Ethereum platform. request). To enable this, the owner of the account secret- However EIP 867 has proven to be controversial since it shares the answers of some security questions among a will again bifurcate the currency into two versions, the committee of users. When the 2FA mechanism is triggered, very problem it was trying to solve. the committee members can provide the smart contract The problems of attackers stealing money or losing with enough information to check whether an attempt was credentials are of course not unique to blockchain-based successful, and nothing more. cryptocurrencies. The (traditional) banking industry has We then design a protocol that securely and efficiently been dealing with such issues for decades where a number implements such a functionality: The protocol is round- of mitigating approaches have worked pretty effectively. optimal, is robust to the corruption of a subset of committee Examples of common security policies to deal with such members, supports low-entropy secrets, and is concretely attacks include: A waiting period (say 24 hours) for efficient. As a stepping stone towards the design of this transferring money to a new recipient and an overall daily protocol, we introduce a new threshold homomorphic en- outgoing transfer limit. Bypassing these restrictions could cryption scheme for linear predicates from bilinear maps, either require additional verifications (such as two-factor which might be of independent interest. authentication), or may not be allowed at all. Different To substantiate the practicality of our approach, we im- banks could follow different security policies which might plement the above protocol as a smart contract in Ethereum also vary depending on the type of account (business vs and show that it can be used today as an additional safe- personal) and by the state/region and the local laws. This guard for suspicious transactions, at minimal added cost. We motivates the following question: also implement a second scheme where the smart contract Can we take the lessons learnt in the traditional additionally requests a signature from a physical hardware banking domain, and apply them fruitfully to token, whose verification key is registered upfront by the blockchain-based systems, without compromis- owner of the funds. We show how to integrate the widely ing their decentralized nature? used universal two-factor authentication (U2F) tokens in blockchain environments, thus enabling the deployment of 1.1. System Architecture our system with available hardware. We propose a system where each user has the opportu- 1. Introduction nity to delegate the custody of its funds to a smart contract. The security policy (which can be specified by the user Bitcoin and blockchain-based cryptocurrencies itself) is hardwired in the smart contract and it governs its brought us at the brink of a technological revolution: decision. All funds transfer will go through the approval These systems allow us to bypass the need for centralized of such a smart contract, which has the power to accept trusted entities to run currencies on a large-scale. While or reject (or even set on hold) each transaction, depending on the specified policy. In case of an exceptional event, ∗Work done in part while at CMU such as key theft, or as an additional security safeguard in case of particularly large transactions or transactions to then broadcasts a message to all committee members, who new addresses, the smart contract will require additional perform some computation locally and output a partial verification via two-factor authentication (2FA). We stress response tied to the transaction τ. The smart contract that one does not need to authenticate all transactions but then collects sufficiently many responses and publicly only a carefully chosen set, at the discretion of the policy checks whether the authentication was successful. If this specified by the owner of the funds. is the case the smart contract allows τ to go through, In this work we implement the above idea by develop- otherwise it rejects it. In terms of security, we require ing solutions for 2FA mechanisms that can coexist with that the above process does not reveal anything beyond the decentralized nature of blockchain-based currencies. whether the user’s guess was correct or not, even if the To be aligned with the philosophy of decentralized system, attacker corrupts a certain subset of committee members. our solutions are guided by the following design princi- Henceforth, we refer to this procedure as a distributed ples. zero-tester (DZT).1 Distributed Trust. The 2FA must not rely on the ex- We also consider an alternative setup where we lever- istence of a trusted authority. Instead we propose to age a physical two-factor authentication token. As an leverage a hardware token or distribute the trust among example, universal two-factor authentication (U2F) tokens a (reasonably-sized) set of parties, which are asked to in- allow a user to sign any message by querying the token. tervene in case of exceptional event. The members of such With this tool at hand, authentication is done as follows: a committee can be chosen by the users or can be selected The smart contract hardwires the verification key of the through a consensus protocol (e.g., the miners themselves U2F token and, when the 2FA mechanism is invoked, can play this role). Security must be guaranteed even if a sends the user a nonce. The authentication is successful subset of the committee members behaves maliciously. if the user provides a correct signature on the nonce. Reliability and Guaranteed Output Delivery. We re- quire the 2FA mechanism to be resilient against (benign) 1.3. Security Policies disconnections and (malicious) denial of service attacks. That is, even if part of the members of the committee go Our system is completely flexible in the policy that is offline or become corrupted, one should still be able to enforced by the smart contract, which can be specified by complete the authentication procedure (given that the set the owner of the address. A more conservative usage of of online parties is large enough). our system is just as an additional safeguard mechanism: Low Latency. In distributed environments communication Suspicious transactions (e.g., unusually large amounts or is typically expensive, as messages have to be broadcasted transactions to a new address) can trigger the 2FA mech- to all users in the network. For this reason it is of central anism and force the user to provide (human-memorable) importance to minimize the rounds of communication of answers to some security questions or a signature from a 2FA mechanism. a physical token. This gives an additional line of defense Computational Efficiency. General purpose crypto- even against the catastrophic event where an attacker steals graphic solutions are very powerful but are often com- a user signing key. putationally intensive. We aim to build a solution based On the other side of the spectrum, one user may on well-established cryptographic components which is want to set the policy such that some transactions are efficient enough to be integrated in real-life systems. allowed given only the 2FA, i.e., they are not required to be digitally signed. This can be useful in scenarios where 1.2. Two-Factor Authentication Mechanisms a user has lost the signing key for an address and wants to recover the funds: Answering some security questions A popular approach to 2FA in the traditional banking allows him to transfer the coins to a fresh address (with system is that of security questions: When the 2FA is a newly sampled signing key). However this liberal usage triggered, the user is prompted to answer a personal of our system requires careful thoughts. While on the one question and the verification process succeeds if the user’s hand it improves the usability of the currency, on the other answer is correct.
Load more

Recommended publications
  • Crypto-Asset Markets: Potential Channels for Future Financial Stability
    Crypto-asset markets Potential channels for future financial stability implications 10 October 2018 The Financial Stability Board (FSB) is established to coordinate at the international level the work of national financial authorities and international standard-setting bodies in order to develop and promote the implementation of effective regulatory, supervisory and other financial sector policies. Its mandate is set out in the FSB Charter, which governs the policymaking and related activities of the FSB. These activities, including any decisions reached in their context, shall not be binding or give rise to any legal rights or obligations under the FSB’s Articles of Association. Contacting the Financial Stability Board Sign up for e-mail alerts: www.fsb.org/emailalert Follow the FSB on Twitter: @FinStbBoard E-mail the FSB at: [email protected] Copyright © 2018 Financial Stability Board. Please refer to: www.fsb.org/terms_conditions/ Contents Executive Summary ................................................................................................................... 1 1. Introduction ......................................................................................................................... 3 2. Primary risks in crypto-asset markets ................................................................................. 5 2.1 Market liquidity risks ............................................................................................... 5 2.2 Volatility risks .........................................................................................................
    [Show full text]
  • An Anonymous Trust-Marking Scheme on Blockchain Systems
    An Anonymous Trust-Marking Scheme on Blockchain Systems Teppei Sato Keita Emura Tomoki Fujitani Kazumasa Omote University of Tsukuba National Institute of University of Tsukuba University of Tsukuba Japan Information and National Institute of National Institute of Communications Technology Information and Information and Japan Communications Technology Communications Technology Japan Japan Abstract—During the Coincheck incident, which recorded During the Coincheck incident, which recorded the largest the largest damages in cryptocurrency history in 2018, it was damages in cryptocurrency history in 2018, some volun- demonstrated that using Mosaic token can have a certain effect. teers tracked leaked New Economy Movement (NEM) cryp- Although it seems attractive to employ tokens as countermea- sures for cryptocurrency leakage, Mosaic is a specific token tocurrencies using Mosaic, which is a NEM-specific fea- for the New Economy Movement (NEM) cryptocurrency and ture allowing a self-made token to be sent on the NEM is not employed for other blockchain systems or cryptocurren- blockchain. These volunteers sent Mosaic to addresses that cies. Moreover, although some volunteers tracked leaked NEM received leaked NEMs from Coincheck addresses and warned using Mosaic in the CoinCheck incident, it would be better the recipients that these should not be exchanged for other to verify that the volunteers can be trusted. Simultaneously, if someone (e.g., who stole cryptocurrencies) can identify the cryptocurrencies or legal currencies. A criminal can discard volunteers, then that person or organization may be targets of such marked addresses, so it can be seen as a cat-and- them. In this paper, we propose an anonymous trust-marking mouse game.
    [Show full text]
  • Blockchain in Japan
    Blockchain in Japan " 1" Blockchain in Japan " "The impact of Blockchain is huge. Its importance is similar to the emergence of Internet” Ministry of Economy, Trade and Industry of Japan1 1 Japanese Trade Ministry Exploring Blockchain Tech in Study Group, Coindesk 2" Blockchain in Japan " About this report This report has been made by Marta González for the EU-Japan Centre for Industrial Cooperation, a joint venture between the European Commission and the Japanese Ministry of Economy, Trade and Industry (METI). The Centre aims to promote all forms of industrial, trade and investment cooperation between Europe and Japan. For that purpose, it publishes a series of thematic reports designed to support research and policy analysis of EU-Japan economic and industrial issues. To elaborate this report, the author has relied on a wide variety of sources. She reviewed the existing literature, including research papers and press articles, and interviewed a number of Blockchain thought leaders and practitioners to get their views. She also relied on the many insights from the Japanese Blockchain community, including startups, corporation, regulators, associations and developers. Additionally, she accepted an invitation to give a talk1 about the state of Blockchain in Europe, where she also received input and interest from Japanese companies to learn from and cooperate with the EU. She has also received numerous manifestations of interest during the research and writing of the report, from businesses to regulatory bodies, revealing a strong potential for cooperation between Europe and Japan in Blockchain-related matters. THE AUTHOR Marta González is an Economist and Software Developer specialized in FinTech and Blockchain technology.
    [Show full text]
  • CRYPTO CURRENCY Technical Competence & Rules of Professional Responsibility
    CRYPTO CURRENCY Technical Competence & Rules of Professional Responsibility Marc J. Randazza Rule 1.1 Comment 8 To maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology, engage in continuing study and education and comply with all continuing legal education requirements to which the lawyer is subject. Crypto Currency 1. What is Crypto Currency? 2. How does it work? 3. How could you screw this up? Blockchain •Decentralized •Transparent •Immutable Blockchain Blockchain • Time-stamped series of immutable records of data • Managed by a cluster of de-centralized computers • Each block is secured and bound to another, cryptographically • Shared • Immutable • Open for all to see – how you keep it honest Blockchain Blockchain • Transparent but also pseudonymous • If you look on the ledger, you will not see “Darren sent 1 BTC to Trixie” • Instead you will see “1MF1bhsFLkBzzz9vpFYEmvwT2TbyCt7NZJ sent 1 BTC” • But, if you know someone’s wallet ID, you could trace their transactions Crypto Roller Coaster – 5 years Crypto Roller Coaster – 1 day How can you screw this up? Quadriga You can lose it & Bankruptcy Your mind • C$190 million turned to digital dust • Thrown away with no back up • Death of CEO turned death of • $127 million in the trash – gone business • 7,500 BTC – Fluctuates WILDLY Ethical Considerations You might be surprised at what violates Rule 1.8 Which Rules? Rule 1.2 (d) – Criminal or Fraudulent Activity Rule 1.5 (a) – Reasonable Fee Rule 1.6 – Confidentiality Rule 1.8 (a) – Business Dealings With Clients Rule 1.8(f) – Compensation From Other Than Your Client Rule 1.15 (a) – Safekeeping Property Rule 1.15 (c) – Trust Accounts Rule 1.2(d) – Criminal or Fraudulent Activity • Crypto *can* be used for criminal activity • Tends to be difficult, but not A lawyer shall not ..
    [Show full text]
  • Towards Secure Blockchains
    Towards Secure Blockchains Concepts, Requirements, Assessments | EDITORIAL Editorial Blockchain is currently one of the most widely Consequently, the analysis on the following discussed topics in the area of information pages presents blockchain technology in detail technology. This technology for distributed data and extensively studies its aspects relevant to IT storage originated from the cryptocurrency security. It also assesses to what extent blockchain Bitcoin, which became famous especially due to technology is able to achieve the security prop- the record highs its market value attained in 2017. erties ascribed to it and how it may be evaluated Based on its promise of preventing manipulation within the current legal framework. of data on a purely technical level using its decen- tralised structure, offering maximum transpar- This document thus supports developers and ency and replacing intermediaries within business potential users of blockchain solutions in per- processes, many ideas for applying blockchain forming a well-founded assessment of risks technology in fairly different areas have been and in taking IT security into account from the developed in recent years. start. Furthermore, the dynamic development of blockchain technology offers the possibility Politics has also increasingly taken up blockchain of using the results of this analysis as a basis for technology. For instance, the term blockchain is future discussions on both the national and inter- used several times within the coalition agreement national level. With blockchain—as with other of the 19th election period of the German parlia- topics in IT security—the BSI thus strives to shape ment dating from 2018, and the German federal information security for government, business government has set itself the target of developing and society.
    [Show full text]
  • TOKYO, September 1, 2020 – Coincheck, Inc., a Subsidiary of Monex Group, Inc., Issued the Following Press Release Today
    Announcement of Subsidiary’s Release TOKYO, September 1, 2020 – Coincheck, Inc., a subsidiary of Monex Group, Inc., issued the following press release today. Attachment: Summary of Coincheck, Inc. press release Coincheck Will Start New Cryptocurrency Trading of IOST on September 8, 2020 Contact: Akiko Kato Yuki Nakano, Minaka Aihara Corporate Communications Office Investor Relations, Financial Control Department Monex Group, Inc. Monex Group, Inc. +81-3-4323-8698 +81-3-4323-8698 This material is an English translation of a Japanese announcement made on the date above. Although the Company intended to faithfully translate the Japanese document into English, the accuracy and correctness of this English translation is not guaranteed and thus you are encouraged to refer to the original Japanese document. This translation was made as a matter of record only and does not constitute an offer to sell or to solicit an offer to buy securities in the U.S. [Press Release] September 1, 2020 Coincheck, Inc. Coincheck Will Start New Cryptocurrency Trading of IOST on September 8, 2020 Coincheck, Inc. (Head office: Shibuya-ku, Tokyo, President: Satoshi Hasuo, hereinafter referred to as "Coincheck") announces that it will start new trading of IOST, a cryptocurrency, on September 8, 2020 (planned). Coincheck will be the first domestic cryptocurrency exchange for trading IOST. Coincheck is focusing on expanding the number of cryptocurrency offerings as one of the important strategies for its business expansion, and as of September 1, 2020, offers the most number of cryptocurrencies for trading among Japanese cryptocurrency exchanges. Coincheck will continue to add new cryptocurrency offerings, improve the usability of its services, and create new services with a mission to make the exchange of new values easier.
    [Show full text]
  • Coincheck Adopts Sumo Logic to Bolster Security for Its Virtual Currency Trading Service
    Coincheck Adopts Sumo Logic to Bolster Security for its Virtual Currency Trading Service March 5, 2020 Japan’s Leading Cryptocurrency Exchange Leverages Sumo Logic Continuous Intelligence Platform™ to Quickly Detect and Respond to Potential Threats REDWOOD CITY, Calif., March 05, 2020 (GLOBE NEWSWIRE) -- Sumo Logic, the leader in continuous intelligence, today announced that Coincheck, Inc, one of Japan’s premier cryptocurrency exchanges, has chosen Sumo Logic Cloud SIEM to centralize its log monitoring system and bolster the security of its virtual currency trading service infrastructure. Through Sumo Logic’s Continuous Intelligence Platform, Coincheck is able to detect early warning signs of illegal access of its systems allowing the company to quickly respond to potential threats, while adhering to strict data compliance regulations. Coincheck is a Bitcoin wallet that operates exchanges between Bitcoin, Ether and Fiat currencies in Japan and other countries. After an undetected security breach, the company was looking to improve its business management and internal control postures, while improving technological safety with the assistance of outside experts. Coincheck decided to rebuild their systems from the infrastructure up with the goal of fortifying security. After an extensive vendor selection process, Coincheck selected Sumo Logic’s Cloud SIEM solution to support their cloud security strategy. With Sumo Logic, Coincheck gained the ability to monitor and analyze logs from cloud servers, on-premises network security devices and end-point terminals in one central location allowing teams to leverage real-time security intelligence to identify potential threats and vulnerabilities and give them time to resolve these issues before it can be exploited.
    [Show full text]
  • Asia's Crypto Landscape
    A MESSARI REPORT Asia’s Crypto Landscape The key exchanges, funds, and market makers that define crypto in China, Japan, Korea, Hong Kong, Singapore, and Southeast Asia, with commentary on regulatory and investment trends. SPONSORED BY Author Mira Christanto RESEARCH ANALYST AT MESSARI Mira is a Research Analyst at Messari. Previously, she was a Senior Portfolio Manager at APG Asset Management, managing a US $7 billion fund focused on Real Estate equity investments across Asia Pacific. Prior to APG, Mira worked at $15 billion hedge fund TPG-Axon Capital Management, an affiliate of Texas Pacific Group, where she was a private and public market investor across multiple sectors and geographies. Before that, Mira was in Credit Suisse’s Investment Banking Division in the Leveraged Finance and Restructuring group in New York and worked on a variety of mergers & acquisitions, leveraged buyouts and restructuring deals. She received a BA in Economics and Mathematical Methods in the Social Sciences from Northwestern University. Never miss an update Real-time monitoring and alerts for all the assets you support Built for: • Funds • Exchanges • Custodians • Infrastructure Providers Learn More Asia’s Crypto Landscape 2 © 2021 Messari Table of Contents Introduction 5 SBI Group 67 SBI Virtual Currencies Trade 68 1.0 The Countries 8 TaoTao 69 GMO Coin 69 China 8 Bitpoint 69 Hong Kong 13 DMM Bitcoin 69 Japan 15 Rakuten Wallet 70 LVC (BITMAX) 70 South Korea 20 B Dash Ventures & B Cryptos 71 Singapore 23 Rest of Southeast Asia 25 South Korea 72 Philippines
    [Show full text]
  • 51188210Valderrama John Dexter
    Graduate School of Public Policy The University of Tokyo Philippines’ Cryptocurrency Governance and Regulation Learnings from Japan’s Experience Research Paper John Dexter C. Valderrama 51-188210 Kawai Yoshihiro Academic Adviser Table of Contents I. Introduction ....................................................................................................... - 1 - II. Understanding Cryptocurrency through Bitcoin ................................................. - 2 - III. International Cryptocurrency Regulatory Initiatives and other Issuances ............ - 3 - IV. Coincheck Heist and Japan’s Supervisory Action ............................................... - 5 - V. Cryptocurrency in the Philippines ...................................................................... - 7 - VI. Conclusion ......................................................................................................... - 8 - VII. References ......................................................................................................... - 11 - I. Introduction Cryptocurrency1 has been a hot topic since its emergence in the global market in 2007; and both the investors and the government can no longer ignore the continuing growth of this decentralized finance. This cryptographic token has promised to become a hard and non-manipulatable money; and its advocates see a future wherein it will substitute fiat money and create the first free and hard world currency. This virtual asset has attracted much attention for its technological implication; however,
    [Show full text]
  • Initial Coin Offerings This Paper Examines Initial Coin Offerings and the Evolving Regulatory Landscape Governing Offerings of Digital Assets
    Initial Coin Offerings This paper examines initial coin offerings and the evolving regulatory landscape governing offerings of digital assets. An initial coin offering (“ICO”) is the process by which an organization creates and issues crypto-coins, also referred to as tokens, that are necessary to fund and operate a specific blockchain-based application developed and run by an entity. Unlike traditional virtual currencies such as Bitcoin and Ether, crypto- coins that are offered as part of an ICO generally are not intended to be used as currency, but rather as tokens that are linked to tangible assets in the form of either (1) access to the protocols or utility of a new application, or (2) an investment/quasi-ownership stake in the application. A central question in connection with ICOs is whether the digital asset being offered constitutes a security, making the ICO subject to the federal securities laws. The Securities and Exchange Commission (the “SEC”) has been increasingly focused on ICOs and made it clear that unregistered offerings of crypto-coins that constitute securities may be subject to enforcement action. As described below, digital assets may also be regulated as commodities by the Commodities Futures Trading Commission (“CFTC”). The Case of The DAO The SEC first articulated its framework for regulation of digital assets in the case of a decentralized autonomous organization called “The DAO,” which was launched via ICO on the Ethereum network in 2016. The decentralized autonomous organization had been heralded as the “dream use case” of decentralized applications that could do away with organizational hierarchy, power “leaderless” organizations, and revolutionize crowdfunding and venture capital industries.
    [Show full text]
  • Nation State Involvement in Cryptocurrency and the Impact to Economic Sanctions
    La Salle University La Salle University Digital Commons Economic Crime Forensics Capstones Economic Crime Forensics Program Spring 5-20-2019 Nation State Involvement in Cryptocurrency and the Impact to Economic Sanctions Thomas Clautice La Salle University, [email protected] Follow this and additional works at: https://digitalcommons.lasalle.edu/ecf_capstones Part of the International Law Commons Recommended Citation Clautice, Thomas, "Nation State Involvement in Cryptocurrency and the Impact to Economic Sanctions" (2019). Economic Crime Forensics Capstones. 43. https://digitalcommons.lasalle.edu/ecf_capstones/43 This Thesis is brought to you for free and open access by the Economic Crime Forensics Program at La Salle University Digital Commons. It has been accepted for inclusion in Economic Crime Forensics Capstones by an authorized administrator of La Salle University Digital Commons. For more information, please contact [email protected]. 1 NORTH KOREA, SANCTIONS, AND CRYPTOCURRENCY Nation State Involvement in Cryptocurrency and the Impact to Economic Sanctions Thomas Clautice La Salle University MS Economic Crime Forensics Capstone Spring 2019 Special thanks to my academic advisor Dean Henry and the program director Margaret McCoey for their continued support and encouragement throughout the Economic Crime Forensics (M.S.) program at La Salle University. 2 NORTH KOREA, SANCTIONS, AND CRYPTOCURRENCY Contents Executive Summary .....................................................................................................................................
    [Show full text]
  • Journal Paper Format
    International Journal of Control and Automation Vol. 13, No. 2, (2020), pp. 852 - 861 Blockchain-based Wallet System using Virtual Digital Wallet Amit Chaurasia1* Nainka Jain1 Nikhil Varshney1 Hritik Tiwari1 Vivek Kumar1 1Department of Computer Engineering & Application, GLA University Mathura – 281406, Uttar Pradesh. INDIA Abstract In today’s world, virtual currency is something that people always carry with themselves because of security. Security is the main issue in virtual money. So, in this paper, we have discussed such an application which deals with security, privacy, and virtual currency. The application is basically being for online payment. This application uses the concept of Blockchain and Cryptography. Blockchain makes this application decentralized and cryptography provides the security. It is peer-to-peer digital cash that allows online payments to be sent directly from one party to another without going through a financial institution. We have provided a comprehensive description of the details that make this College Wallet an interesting research topic. Keywords: BlockChain, HashCode, Virtual Currency, Android Application. 1. Introduction Virtual currencies have been defined in 2009 by an anonymous person named Satoshi Nakamoto as a decentralized digital peer to peer payment system [1]. Based on this concept we have created an application named - College Wallet. It is an online payment application which is based on the concept of the Blockchain Technology and cryptography system. Keeping liquor money especially while traveling is not saving in today’s world. Nowadays people try to carry virtual money instead of liquor due to any kind of criminality. In banking system, they provide facility online transactions but with charges and they are not enough safe [2].
    [Show full text]