Breaking and Fixing Gridcoin Martin Grothe, Tobias Niemann, Juraj Somorovsky and Jörg Schwenk
Source: http://gaincryptocurrency.altervista.org/alterpages/10710353_865938750143391_6543553170888387417_o.jpg Bitcoin Bitcoin
Block chain - details
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header
Hash prev. block header
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header
Hash prev. block header
Block
Transaction TransactionTransaction TransactionTransaction Transaction Y Public key Z PublicTransaction key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header
Hash prev. block header
Compressed transactions
Block
Transaction TransactionTransaction TransactionTransaction Transaction Y Public key Z PublicTransaction key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header Block header Hash prev. block header
Compressed transactions
Block
Transaction TransactionTransaction TransactionTransaction Transaction Y Public key Z PublicTransaction key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header Block header
Hash prev. block header Hash prev. block header
Compressed transactions
Block
Transaction TransactionTransaction TransactionTransaction Transaction Y Public key Z PublicTransaction key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header Block header
Hash prev. block header Hash prev. block header
Compressed transactions
Block Block Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header Block header
Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions
Block Block Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header Block header Block header
Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions
Block Block Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions
Block Block Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions
Block Block Block Transaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y PublicTransaction key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key T Public key R Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature S Signature T Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain - details
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions Compressed transactions
Block Block Block Transaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y PublicTransaction key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key T Public key R Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature S Signature T Signature
Breaking and fixing Gridcoin 3 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work
Breaking and fixing Gridcoin 4 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work . Solving a computational moderately hard problem . Solution allows to append a block to chain
Breaking and fixing Gridcoin 4 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work . Solving a computational moderately hard problem . Solution allows to append a block to chain . Hash2(MerkleTreeHash||…||nonce) < 0x00000000||FE32…9AB
Breaking and fixing Gridcoin 4 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work . Solving a computational moderately hard problem . Solution allows to append a block to chain . Hash2(MerkleTreeHash||…||nonce) < 0x00000000||FE32…9AB . Genesis block: 0000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f . Recent block: 00000000000000000217084a9362676393abd073f4123a67b0a54b9cc86c0a03
Breaking and fixing Gridcoin 4 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work . Solving a computational moderately hard problem . Solution allows to append a block to chain . Hash2(MerkleTreeHash||…||nonce) < 0x00000000||FE32…9AB . Genesis block: 0000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f . Recent block: 00000000000000000217084a9362676393abd073f4123a67b0a54b9cc86c0a03 . Reward for new block . Creates a race
Breaking and fixing Gridcoin 4 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations
Breaking and fixing Gridcoin 5 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size
Breaking and fixing Gridcoin 5 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size . Limiting the number of transactions per block
Breaking and fixing Gridcoin 5 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size . Limiting the number of transactions per block . What if you want to change bitcoin’s protocol . Different hash algorithm
Breaking and fixing Gridcoin 5 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size . Limiting the number of transactions per block . What if you want to change bitcoin’s protocol . Different hash algorithm . Etc.
Breaking and fixing Gridcoin 5 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size . Limiting the number of transactions per block . What if you want to change bitcoin’s protocol . Different hash algorithm . Etc.
Source code is public, let‘s modify it!
Breaking and fixing Gridcoin 5 Martin Grothe, Tobias Niemann, Juraj Somorovsky Altcoin Altcoins
Overview
Breaking and fixing Gridcoin 7 Martin Grothe, Tobias Niemann, Juraj Somorovsky Altcoins
Overview . Are modified versions of bitcoins source code
Breaking and fixing Gridcoin 7 Martin Grothe, Tobias Niemann, Juraj Somorovsky Altcoins
Overview . Are modified versions of bitcoins source code . All proof-of-work schemes waste energy
Breaking and fixing Gridcoin 7 Martin Grothe, Tobias Niemann, Juraj Somorovsky Altcoins
Overview . Are modified versions of bitcoins source code . All proof-of-work schemes waste energy
Breaking and fixing Gridcoin 7 Martin Grothe, Tobias Niemann, Juraj Somorovsky Altcoins
Overview . Are modified versions of bitcoins source code . All proof-of-work schemes waste energy
Breaking and fixing Gridcoin 7 Martin Grothe, Tobias Niemann, Juraj Somorovsky Altcoins
Overview . Are modified versions of bitcoins source code . All proof-of-work schemes waste energy
Breaking and fixing Gridcoin 7 Martin Grothe, Tobias Niemann, Juraj Somorovsky Altcoins
Overview . Are modified versions of bitcoins source code . All proof-of-work schemes waste energy
Breaking and fixing Gridcoin 7 Martin Grothe, Tobias Niemann, Juraj Somorovsky Altcoins
Overview . Are modified versions of bitcoins source code . All proof-of-work schemes waste energy . There are alternatives like coin age or activity
Breaking and fixing Gridcoin 7 Martin Grothe, Tobias Niemann, Juraj Somorovsky Altcoins
Overview . Are modified versions of bitcoins source code . All proof-of-work schemes waste energy . There are alternatives like coin age or activity . But can we make computations meaningful? . First approaches: . Burstcoin – Storage space . DDosCoin – DoS = PoW (WOOT’16) . Namecoin – distributed DNS . Gridcoin – Utilize BOINC for meaningful computations
Breaking and fixing Gridcoin 7 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin Gridcoin
Overview
Breaking and fixing Gridcoin 9 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Overview . Actively developed since 2013
Breaking and fixing Gridcoin 9 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Overview . Actively developed since 2013 . In the TOP 100 of valuable coins . Market cap. > 12 million euros
Breaking and fixing Gridcoin 9 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Overview . Actively developed since 2013 . In the TOP 100 of valuable coins . Market cap. > 12 million euros . Combines different existing techniques
Breaking and fixing Gridcoin 9 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Overview . Actively developed since 2013 . In the TOP 100 of valuable coins . Market cap. > 12 million euros . Combines different existing techniques . Peercoin – Coin possession instead PoW . BOINC – Meaningful computation . Has computing power of 1.6 PetaFLOPS
Breaking and fixing Gridcoin 9 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Overview . Actively developed since 2013 . In the TOP 100 of valuable coins . Market cap. > 12 million euros . Combines different existing techniques . Peercoin – Coin possession instead PoW . BOINC – Meaningful computation . Has computing power of 1.6 PetaFLOPS . Ca. 80k lines of code (c++) . No documentation
Breaking and fixing Gridcoin 9 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC
Breaking and fixing Gridcoin 10 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC . Software system . Volunteer participate to computational projects
Breaking and fixing Gridcoin 10 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC . Software system . Volunteer participate to computational projects . Solving chunks of scientific problems, e.g.: . Searching for extraterrestrial intelligence in radio signals (Seti@Home)
Breaking and fixing Gridcoin 10 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC . Software system . Volunteer participate to computational projects . Solving chunks of scientific problems, e.g.: . Searching for extraterrestrial intelligence in radio signals (Seti@Home) . Protein folding (Folding@Home) . Find prime numbers (PrimeGrid)
Breaking and fixing Gridcoin 10 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC . Software system . Volunteer participate to computational projects . Solving chunks of scientific problems, e.g.: . Searching for extraterrestrial intelligence in radio signals (Seti@Home) . Protein folding (Folding@Home) . Find prime numbers (PrimeGrid)
Open problem, how to efficient add meaningful computation to the block chain.
Breaking and fixing Gridcoin 10 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC - Details . Correct solution
. 푃퐼퐷 = 푀퐷5(푟푎푛푑||푒푚푎푖푙) . Statistical websites list #credit for every CPID
Breaking and fixing Gridcoin 11 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC - Details . Correct solution
. 푃퐼퐷 = 푀퐷5(푟푎푛푑||푒푚푎푖푙) . Statistical websites list #credit for every CPID
Breaking and fixing Gridcoin 11 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC - Details . Correct solution volunteer gets reward
. 푃퐼퐷 = 푀퐷5(푟푎푛푑||푒푚푎푖푙) . Statistical websites list #credit for every CPID
Breaking and fixing Gridcoin 11 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC - Details . Correct solution volunteer gets reward . Reward = credits (imaginary) . Increases competition
. 푃퐼퐷 = 푀퐷5(푟푎푛푑||푒푚푎푖푙) . Statistical websites list #credit for every CPID
Breaking and fixing Gridcoin 11 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
푀퐷 5 푀푀퐷퐷 푀퐷 5 5 푀퐷 5 (푟푟푎푎푛푛푑푑||푒푒푚푚푎푎푖푖푙푙) BOINC - Details volunteer gets reward . Correct solution . Reward = credits (imaginary) . Increases competition . Every volunteer has a unique ID . CPID (cross project id)
. 퐶푃퐼퐷 = 푀퐷5(푟푎푛푑||푒푚푎푖푙) . Statistical websites list #credit for every CPID
Breaking and fixing Gridcoin 11 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
푀퐷 5 푀푀퐷퐷 푀퐷 5 5 푀퐷 5 (푟푟푎푎푛푛푑푑||푒푒푚푚푎푎푖푖푙푙) BOINC - Details volunteer gets reward . Correct solution . Reward = credits (imaginary) . Increases competition . Every volunteer has a unique ID . CPID (cross project id) . Statistical websites list #credit for every CPIDStatistical websites list #credit for every CPID
Breaking and fixing Gridcoin 11 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
푀퐷 5 푀푀퐷퐷 푀퐷 5 5 푀퐷 5 (푟푟푎푎푛푛푑푑||푒푒푚푚푎푎푖푖푙푙) BOINC - Details volunteer gets reward . Correct solution . Reward = credits (imaginary) . Increases competition . Every volunteer has a unique ID . CPID (cross project id) . Statistical websites list #credit for every CPIDStatistical websites list #credit for every CPID Why not transform credits to coins?
Breaking and fixing Gridcoin 11 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Block chain – BOINC integration
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions Compressed transactions
Block Block Block
Transaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y PublicTransaction key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key T Public key R Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature S Signature T Signature
Breaking and fixing Gridcoin 12 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Block chain – BOINC integration
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions Compressed transactions
Block Block Block
Transaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y PublicTransaction key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key T Public key R Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash HashBOINC Hash Hash Hash Hash Hash Hash Hash Hash Hash StringHash Hash X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature S Signature T Signature
Breaking and fixing Gridcoin 12 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Block chain – BOINC integration
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions Compressed transactions
Block Block Block
Transaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y PublicTransaction key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key T Public key R Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash HashBOINC Hash HashBOINC Hash Hash Hash Hash Hash Hash Hash StringHash Hash X Signature Y Signature X SignatureString Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature S Signature T Signature
Breaking and fixing Gridcoin 12 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Block chain – BOINC integration
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions Compressed transactions
Block Block Block
Transaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y PublicTransaction key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key T Public key R Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash HashBOINC Hash HashBOINC Hash HashBOINC Hash Hash Hash Hash Hash StringHash Hash String X Signature Y Signature X SignatureString Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature S Signature T Signature
Breaking and fixing Gridcoin 12 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Block chain – BOINC integration
Breaking and fixing Gridcoin 13 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Block chain – BOINC integration BOINC CPID … Project name … Recent Average Credit … GRC address
Breaking and fixing Gridcoin 13 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Block chain – BOINC integration . BOINC volunteers = researchers BOINC . Without BOINC = investor CPID . 2 possibilities to gain reward … Project name … Recent Average Credit … GRC address
Breaking and fixing Gridcoin 13 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Block chain – BOINC integration . BOINC volunteers = researchers BOINC . Without BOINC = investor CPID . 2 possibilities to gain reward … . Proof-of-Stake (coin possession) Project name . Reward without BOINC = 16,68 coins … Recent Average Credit … GRC address
Breaking and fixing Gridcoin 13 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Block chain – BOINC integration . BOINC volunteers = researchers BOINC . Without BOINC = investor CPID . 2 possibilities to gain reward … . Proof-of-Stake (coin possession) Project name . Reward without BOINC = 16,68 coins … . Proof-of-Research Recent Average Credit … . Reward with BOINC = 16,68 + X coins GRC address . 0 < X < 50 based on BOINC work done
Breaking and fixing Gridcoin 13 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC / Gridcoin infrastructure
Gridcoin block Block header chain
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC / Gridcoin infrastructure
Gridcoin block Block header chain
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin infrastructure
Gridcoin block Block header chain
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin User entry infrastructure email:= [email protected] rand = AB1…93BF CPID = MD5(rand||email) Credit = 100,000 RAC = 100
Gridcoin block Block header chain
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin User entry infrastructure email:= [email protected] rand = AB1…93BF CPID = MD5(rand||email) Credit = 100,000 RAC = 100
Gridcoin block Block header chain 1. Does BOINC work
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain 1. Does BOINC work
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain 1. Does BOINC Block work …
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain 1. Does BOINC Block work …
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header Block header chain 1. Does Block BOINC Block work …
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header Block header chain 1. Does Block BOINC Block BOINC work CPID, … … GRC address
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header Block header chain 1. Does Block BOINC Block BOINC work CPID, … … GRC address
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
BOINC project A Statistical website BOINC / Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header Block header chain 5.Request 1. Does Block BOINC BOINC Block BOINC information work CPID, … … GRC address
Gridcoin users
Breaking and fixing Gridcoin 14 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Challange
Identity proof
Breaking and fixing Gridcoin 15 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Challange
Identity proof . Problem: . Copy CPID from block chain
Breaking and fixing Gridcoin 15 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Challange
Identity proof . Problem: . Copy CPID from block chain . Steal rewards from researchers
Breaking and fixing Gridcoin 15 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Challange
Identity proof . Problem: . Copy CPID from block chain . Steal rewards from researchers . How to prove miner = researcher?
Breaking and fixing Gridcoin 15 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Challange
Identity proof . Problem: . Copy CPID from block chain . Steal rewards from researchers . How to prove miner = researcher? . Gridcoins solution:
Breaking and fixing Gridcoin 15 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Challange
Identity proof . Problem: . Copy CPID from block chain . Steal rewards from researchers . How to prove miner = researcher? . Gridcoins solution: CPIDv2
Breaking and fixing Gridcoin 16 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Challange
Identity proof BOINC . Problem: . Copy CPID from block chain CPID CPIDv2 Steal rewards from researchers . Recent Average Credit . How to prove miner = researcher? … . Gridcoins solution: CPIDv2 Project name … GRC address
Breaking and fixing Gridcoin 16 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Challange
Identity proof BOINC . Problem: . Copy CPID from block chain CPID CPIDv2 Steal rewards from researchers . Recent Average Credit . How to prove miner = researcher? … . Gridcoins solution: CPIDv2 Project name … GRC address
Breaking and fixing Gridcoin 16 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof . Problem: . Copy CPID from block chain . Steal rewards from researchers . How to proof miner = researcher? . Gridcoins Solution:
Breaking and fixing Gridcoin 17 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof . Problem: . Copy CPID from block chain . Steal rewards from researchers . How to proof miner = researcher? . Gridcoins solution: CPIDv2 . Reminder:
. CPID := MD5(rand||email address) . rand = iCPID
Breaking and fixing Gridcoin 18 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof BOINC Problem: CPID . CPIDv2 . Copy CPID from block chain Recent Average Credit Project name . Steal rewards from researchers GRC address . How to proof miner = researcher? . Gridcoins solution: CPIDv2 . Reminder:
. CPID := MD5(rand||email address) . rand = iCPID
Breaking and fixing Gridcoin 18 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof BOINC Problem: CPID . CPIDv2 . Copy CPID from block chain Recent Average Credit Project name . Steal rewards from researchers GRC address . How to proof miner = researcher? . Gridcoins solution: CPIDv2
. Reminder: Last block hash Email address iCPID
. CPID := MD5(rand||email address) . rand = iCPID
Breaking and fixing Gridcoin 18 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof BOINC Problem: CPID . CPIDv2 . Copy CPID from block chain Recent Average Credit Project name . Steal rewards from researchers GRC address . How to proof miner = researcher? . Gridcoins solution: CPIDv2
. Reminder: Last block hash Email address iCPID
. CPID := MD5(rand||email address)
. rand = iCPID X
Breaking and fixing Gridcoin 18 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof BOINC Problem: CPID . CPIDv2 . Copy CPID from block chain Recent Average Credit Project name . Steal rewards from researchers GRC address . How to proof miner = researcher? . Gridcoins solution: CPIDv2
. Reminder: Last block hash Email address iCPID
. CPID := MD5(rand||email address)
. rand = iCPID X
CPIDv2
Breaking and fixing Gridcoin 18 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof . Problem: . Copy CPID from block chain . Steal rewards from researchers . How to proof miner = researcher? . Gridcoins solution: CPIDv2 . Reminder:
. CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain . Steal rewards from researchers . How to proof miner = researcher? . Gridcoins solution: CPIDv2 . Reminder:
. CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain MD . Steal rewards from researchers 5 . How to proof miner = researcher? . Gridcoins solution: CPIDv2 . Reminder:
. CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain MD || . Steal rewards from researchers 5 . How to proof miner = researcher? . Gridcoins solution: CPIDv2 . Reminder:
. CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain MD || . Steal rewards from researchers 5 . How to proof miner = researcher? . Gridcoins solution: CPIDv2 Get next char . Reminder:
. CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain MD || . Steal rewards from researchers 5 . How to proof miner = researcher? . Gridcoins solution: CPIDv2 Get next char Get next char . Reminder:
. CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain MD || . Steal rewards from researchers 5 . How to proof miner = researcher? . Gridcoins solution: CPIDv2 Get next char Get next char . Reminder: + . CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain MD || . Steal rewards from researchers 5 . How to proof miner = researcher? . Gridcoins solution: CPIDv2 Get next char Get next char . Reminder: + . CPID := MD5(rand||email address)
Append hex value
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain MD || . Steal rewards from researchers 5 . How to proof miner = researcher? . Gridcoins solution: CPIDv2 Get next char Get next char . Reminder: + . CPID := MD5(rand||email address)
Append hex value
CPIDv2
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain MD || . Steal rewards from researchers 5 . How to proof miner = researcher? . Gridcoins solution: CPIDv2 Get next char Get next char . Reminder: . CPID := MD (rand||email address) + 5 repeat repeat
Append hex value
CPIDv2
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Identity proof Last block hash Email address iCPID . Problem: . Copy CPID from block chain MD || . Steal rewards from researchers 5 . How to proof miner = researcher? . Gridcoins solution: CPIDv2 Get next char Get next char . Reminder: . CPID := MD (rand||email address) + 5 repeat repeat
Append hex value
CPIDv2 obfuscation
Breaking and fixing Gridcoin 19 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID The security flaw CPIDv2 Recent Average Credit Identity proof Project name GRC address . Problem:
. Copy CPID from block chain Last block hash Email address rand
. Steal rewards from researchers . How to proof miner = researcher? X . Gridcoins solution: CPIDv2 . Reminder: CPIDv2
. CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 20 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID The security flaw CPIDv2 Recent Average Credit Identity proof Project name GRC address . Problem:
. Copy CPID from block chain Last block hash Email address rand
. Steal rewards from researchers . How to proof miner = researcher? X . Gridcoins solution: CPIDv2 . Reminder: CPIDv2
. CPID := MD5(rand||email address) Y
Breaking and fixing Gridcoin 20 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID The security flaw CPIDv2 Recent Average Credit Identity proof Project name GRC address . Problem:
. Copy CPID from block chain Last block hash Email address rand
. Steal rewards from researchers . How to proof miner = researcher? X . Gridcoins solution: CPIDv2 . Reminder: CPIDv2
. CPID := MD5(rand||email address) Y
MD5
Breaking and fixing Gridcoin 20 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID The security flaw CPIDv2 Recent Average Credit Identity proof Project name GRC address . Problem:
. Copy CPID from block chain Last block hash Email address rand
. Steal rewards from researchers . How to proof miner = researcher? X . Gridcoins solution: CPIDv2 . Reminder: CPIDv2
. CPID := MD5(rand||email address) Y
MD5
CPID?
Breaking and fixing Gridcoin 20 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash Email address iCPID
MD5 ||
Get next char Get next char
+ repeat repeat
Append hex value
CPIDv2 X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash Email address iCPID
MD5 ||
Get next char Get next char
+ repeat repeat
Append hex value
CPIDv2 X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash CPIDv2 Last block hash Email address iCPID
MD5 ||
Get next char Get next char
+ repeat repeat
Append hex value
CPIDv2 X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash CPIDv2 Last block hash Email address iCPID
MD5 MD5 ||
Get next char Get next char
+ repeat repeat
Append hex value
CPIDv2 X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash CPIDv2 Last block hash Email address iCPID
MD5 MD5 ||
Get next char Get next char Get next char Get next char
+ repeat repeat
Append hex value
CPIDv2 X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash CPIDv2 Last block hash Email address iCPID
MD5 MD5 ||
Get next char Get next char Get next char Get next char
- + repeat repeat
Append hex value
CPIDv2 X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash CPIDv2 Last block hash Email address iCPID
MD5 MD5 ||
Get next char Get next char Get next char Get next char
- + repeat repeat
Append hex value Append hex value
CPIDv2 X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash CPIDv2 Last block hash Email address iCPID
MD5 MD5 ||
Get next char Get next char Get next char Get next char
- + repeat repeat repeat repeat
Append hex value Append hex value
CPIDv2 X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash CPIDv2 Last block hash Email address iCPID
MD5 MD5 ||
Get next char Get next char Get next char Get next char
- + repeat repeat repeat repeat
Append hex value Append hex value
Email address iCPID CPIDv2 X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Last block hash CPIDv2 Last block hash Email address iCPID
MD5 MD5 ||
Get next char Get next char Get next char Get next char
- + repeat repeat repeat repeat
Append hex value Append hex value
Email address iCPID CPIDv2 Y: deobfuscation X: obfuscation
Breaking and fixing Gridcoin 21 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID CPIDv2 Recent Average Credit Project name The security flaw GRC address
Identity proof Last block hash Email address rand
. Problem: . Copy CPID from block chain X . Steal rewards from researchers
. How to proof miner = researcher? CPIDv2 . Gridcoins solution: CPIDv2 . Reminder:
. CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 22 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID CPIDv2 Recent Average Credit Project name The security flaw GRC address
Identity proof Last block hash Email address rand
. Problem: . Copy CPID from block chain X . Steal rewards from researchers
. How to proof miner = researcher? CPIDv2 . Gridcoins solution: CPIDv2
. Reminder: X-1
. CPID := MD5(rand||email address)
Breaking and fixing Gridcoin 22 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID CPIDv2 Recent Average Credit Project name The security flaw GRC address
Identity proof Last block hash Email address rand
. Problem: . Copy CPID from block chain X . Steal rewards from researchers
. How to proof miner = researcher? CPIDv2 . Gridcoins solution: CPIDv2
. Reminder: X-1
. CPID := MD5(rand||email address) Email address iCPID
Breaking and fixing Gridcoin 22 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID CPIDv2 Recent Average Credit Project name The security flaw GRC address
Identity proof Last block hash Email address rand
. Problem: . Copy CPID from block chain X . Steal rewards from researchers
. How to proof miner = researcher? CPIDv2 . Gridcoins solution: CPIDv2
. Reminder: X-1
. CPID := MD5(rand||email address) Email address iCPID
Breaking and fixing Gridcoin 22 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID CPIDv2 Recent Average Credit Project name The security flaw GRC address
Identity proof Last block hash Email address rand
. Problem: . Copy CPID from block chain X . Steal rewards from researchers
. How to proof miner = researcher? CPIDv2 . Gridcoins solution: CPIDv2
. Reminder: X-1
. CPID := MD5(rand||email address) Email address iCPID
MD5
Breaking and fixing Gridcoin 22 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID CPIDv2 Recent Average Credit Project name The security flaw GRC address
Identity proof Last block hash Email address rand
. Problem: . Copy CPID from block chain X . Steal rewards from researchers
. How to proof miner = researcher? CPIDv2 . Gridcoins solution: CPIDv2
. Reminder: X-1
. CPID := MD5(rand||email address) Email address iCPID
MD5
Breaking and fixing Gridcoin 22 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID CPIDv2 Recent Average Credit Project name The security flaw GRC address
Identity proof Last block hash Email address rand
. Problem: . Copy CPID from block chain X . Steal rewards from researchers
. How to proof miner = researcher? CPIDv2 . Gridcoins solution: CPIDv2
. Reminder: X-1
. CPID := MD5(rand||email address) Email address iCPID
MD5
CPID?
Breaking and fixing Gridcoin 22 Martin Grothe, Tobias Niemann, Juraj Somorovsky BOINC CPID CPIDv2 Recent Average Credit Project name The security flaw GRC address
Identity proof Last block hash Email address rand
. Problem: . Copy CPID from block chain X . Steal rewards from researchers
. How to proof miner = researcher? CPIDv2 . Gridcoins solution: CPIDv2
. Reminder: X-1
. CPID := MD5(rand||email address) Email address iCPID
MD5
CPID?
Breaking and fixing Gridcoin 22 Martin Grothe, Tobias Niemann, Juraj Somorovsky Implications
• No security at all: 1. Now we can steal email addresses 2. We can steal BOINC work from others . Get higher reward for free
Breaking and fixing Gridcoin 23 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC / Gridcoin infrastructure
Gridcoin block chain
Gridcoin users
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure
Gridcoin block chain
Gridcoin users
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure
Gridcoin block chain Block header
Block
…
Gridcoin users
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure
Gridcoin block chain Block header
Block
…
Gridcoin users
Victim Attacker Other user
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure
Gridcoin block chain Block header Block header
Block Block
… …
Gridcoin users
Victim Attacker 1. Creates a new block Other user
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure
Gridcoin block chain Block header Block header Block header
Block Block Block
… … …
Gridcoin users
Victim Attacker 1. Creates a new block Other user
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure 2. Search for potential victims
Gridcoin block chain Block header Block header Block header
Block Block Block
… … …
Gridcoin users
Victim Attacker 1. Creates a new block Other user
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure 2. Search for potential victims
Gridcoin block chain Block header Block header Block header
Block Block Block
… … …
3. Crawl block Gridcoin users chain for BOINC entries Victim Attacker 1. Creates a new block Other user
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure 2. Search for potential victims
Gridcoin block chain Block header Block header Block header
Block Block Block
… … …
3. Crawl block Gridcoin users chain for BOINC entries Victim Attacker 1. Creates a new block 4. Deobfuscate CPIDv2s: get iCPID and email Other user address … … … … … … … …
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure 2. Search for potential victims
Gridcoin block Block header chain Block header Block header Block header Block Block Block Block BOINC CPID, … … … … GRC address
3. Crawl block 5. Create/send new block Gridcoin users chain for with values of the victim BOINC entries (CPIDv2, CPID, email- Victim address, iCPID, RAC, Total Credit, etc.) Attacker 1. Creates a new block 4. Deobfuscate CPIDv2s: get iCPID and email Other user address … … … … … … … …
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure 2. Search for potential victims
Gridcoin block Block header chain Block header Block header Block header Block Block Block Block BOINC CPID, … … … … GRC address
3. Crawl block 5. Create/send new block Gridcoin users chain for with values of the victim BOINC entries (CPIDv2, CPID, email- Victim address, iCPID, RAC, Total Credit, etc.) Attacker 1. Creates a new block 4. Deobfuscate CPIDv2s: 6. Download new block get iCPID and email Other user address … … … … … … … …
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky Steal the block reward
BOINC Statistical website BOINC / Gridcoin infrastructure 2. Search for potential victims
Gridcoin block Block header chain Block header Block header Block header Block Block Block Block BOINC CPID, … … … … GRC address
3. Crawl block 5. Create/send new block 7. Check and validate Gridcoin users chain for with values of the victim BOINC entries (CPIDv2, CPID, email- Victim address, iCPID, RAC, Total Credit, etc.) Attacker 1. Creates a new block 4. Deobfuscate CPIDv2s: 6. Download new block get iCPID and email Other user address … … … … … … … …
Breaking and fixing Gridcoin 24 Martin Grothe, Tobias Niemann, Juraj Somorovsky The security flaw
Proof of Concept . Verified our assumptions . Created a victim . Participate in BOINC (SETI@home) . We implemented an attacker . Stole 72.4 Gridcoins from our victim . Block Numbers: . 614249 . 615189 . … . 622658
Breaking and fixing Gridcoin 25 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Fix
For the 2. Attack
Breaking and fixing Gridcoin 26 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Fix
For the 2. Attack . Allows special transactions (beacons) . We use this beacons
Breaking and fixing Gridcoin 26 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Fix
For the 2. Attack . Allows special transactions (beacons) . We use this beacons . Tie CPID to public key
Breaking and fixing Gridcoin 26 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Fix
For the 2. Attack . Allows special transactions (beacons) . We use this beacons . Tie CPID to public key . Mining requires advertising the CPID beforehand
Breaking and fixing Gridcoin 26 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Fix
For the 2. Attack . Allows special transactions (beacons) . We use this beacons . Tie CPID to public key . Mining requires advertising the CPID beforehand . Reward requires signature from corr. private key
Breaking and fixing Gridcoin 26 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Fix
For the 2. Attack . Allows special transactions (beacons) . We use this beacons . Tie CPID to public key . Mining requires advertising the CPID beforehand . Reward requires signature from corr. private key . Beacon is valid for 6 months
Breaking and fixing Gridcoin 26 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Fix
For the 2. Attack . Allows special transactions (beacons) . We use this beacons . Tie CPID to public key . Mining requires advertising the CPID beforehand . Reward requires signature from corr. private key . Beacon is valid for 6 months
Breaking and fixing Gridcoin 26 Martin Grothe, Tobias Niemann, Juraj Somorovsky The Fix
For the 2. Attack . Allows special transactions (beacons) . We use this beacons . Tie CPID to public key . Mining requires advertising the CPID beforehand . Reward requires signature from corr. private key . Beacon is valid for 6 months
Breaking and fixing Gridcoin 26 Martin Grothe, Tobias Niemann, Juraj Somorovsky Responsible disclosure
. 1. responsible disclosure (design vuln) . Informed developer on 09/14/2016 . Supplied our attacks and fixes (see the paper) . Quickly got a responded (1 day) . First, they did not understand the fix . In the end they fixed it in version 3.5.8.7 . released on 03/26/2017
Breaking and fixing Gridcoin 27 Martin Grothe, Tobias Niemann, Juraj Somorovsky Responsible disclosure
. Gridcoin developer != secure coder or protocol security experts . They included new implementation vulnerabilities with their new version . We tried to fix the new vulnerabilities . Developer never answered to our 2. responsible disclosure . See gridcoin-attacks.org for these 0-days . Result: do not use Gridoin anymore, it is insecure!
Breaking and fixing Gridcoin 28 Martin Grothe, Tobias Niemann, Juraj Somorovsky Conclusion
Breaking and fixing a cryptocurrency Martin Grothe, 29 Tobias Niemann, Juraj Somorovsky Conclusion
1. We still can steal reward and get the email addresses of many Gridcoin BOINC user 2. Security researcher look @ Altcoins, there are plenty of them • Altcoins TOP 11 to 847 are worth > $16 billion 3. Still hard challenge: • Create cryptocurrency with generic meaningful computations as PoW 4. Gridcoin is totally vulnerable and probably will never achieve better security • See gridcoin-attacks.org
Breaking and fixing Gridcoin 30 Martin Grothe, Tobias Niemann, Juraj Somorovsky
Contact
Martin Grothe | Twitter: @ashitaka007 | gridcoin-attacks.org
Chair for Network and Data Security Horst-Görtz Institut Ruhr-Universität Bochum www.nds.rub.de/mgrothe www.nds.rub.de/jsomorovsky www.nds.rub.de/joerg-schwenk
Breaking and fixing Gridcoin 32 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / Gridcoin infrastructure
Gridcoin block chain Block header
Gridcoin users
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / Gridcoin infrastructure
Gridcoin block chain Block header
Gridcoin users
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin infrastructure
Gridcoin block chain Block header
Gridcoin users
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry infrastructure email:= [email protected] rand = AB1…93BF CPID = MD5(rand||email) Credit = 100,000 RAC = 100
Gridcoin block chain Block header
Gridcoin users
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry infrastructure email:= [email protected] rand = AB1…93BF CPID = MD5(rand||email) Credit = 100,000 RAC = 100
Gridcoin block chain Block header 1. Creates BOINC account @ project A
Gridcoin users
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block chain Block header 1. Creates BOINC account @ project A
Gridcoin users
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block chain Block header 1. Creates BOINC account @ project A
Gridcoin users
3. Creates the beacon Beacon : Sig ( Input) || Input sk1
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block chain Block header 1. Creates BOINC account @ project Block
A …
Gridcoin users
3. Creates the beacon Beacon : Sig ( Input) || Input sk1
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block chain Block header 1. Creates BOINC account @ project Block
A …
Gridcoin users
3. Creates the beacon Beacon : Sig ( Input) || Input sk1
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain Block header 1. Creates BOINC Block account @ project Block
A …
Gridcoin users
3. Creates the beacon Beacon : Sig ( Input) || Input sk1
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain Block header 1. Creates BOINC Block account @ project Block BOINC CPID, … A … GRC address
Gridcoin users
3. Creates the beacon Beacon : Sig ( Input) || Input sk1
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain Block header 1. Creates BOINC Block account @ project Block BOINC CPID, … A … GRC address
Gridcoin users
3. Creates the beacon Beacon : Sig ( Input) || Input sk1
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain Block header 1. Creates BOINC Block account @ project Block BOINC CPID, … A … GRC address
Gridcoin users 6. Check and Add beacons to database
3. Creates the beacon Beacon : Sig sk1 ( Input) || Beacon : Sig ( Input) || Input Input sk1
Breaking and fixing Gridcoin 33 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header
Hash prev. block header
Compressed transactions
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header
Hash prev. block header
Compressed transactions
Block
Transaction TransactionTransaction TransactionTransaction Transaction Y Public key Z PublicTransaction key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Hash Hash Hash Hash HashBOINC BeaconHash BeaconHash StringHash X Signature Y Signature 1 X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header
Hash prev. block header
Compressed transactions
Block
Transaction TransactionTransaction TransactionTransaction Transaction Y Public key Z PublicTransaction key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Hash Hash Hash Hash HashBOINC BeaconHash BeaconHash StringHash X Signature Y Signature 1 X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature
Check/Add Beacon 1 to Database
• SK1 and PK1 to H(CPIDX) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header
Hash prev. block header
Compressed transactions
Block
Transaction TransactionTransaction TransactionTransaction Transaction Y Public key Z PublicTransaction key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Hash Hash Hash Hash HashBOINC BeaconHash BeaconHash StringHash X Signature Y Signature 1 X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature
Check/Add Beacon 1 to Database
• SK1 and PK1 to H(CPIDX) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header Block header
Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions
Block
Transaction TransactionTransaction TransactionTransaction Transaction Y Public key Z PublicTransaction key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Hash Hash Hash Hash HashBOINC BeaconHash BeaconHash StringHash X Signature Y Signature 1 X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature
Check/Add Beacon 1 to Database
• SK1 and PK1 to H(CPIDX) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header Block header
Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions
Block
Transaction TransactionTransaction TransactionTransaction Transaction Y Public key Z PublicTransaction key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Hash Hash Hash Hash HashBOINC BeaconHash BeaconHash StringHash X Signature Y Signature 1 X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature
Check/Add Beacon 1 to Database
• SK1 and PK1 to H(CPIDX) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header Block header
Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions
Block Block
Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key Hash Hash Hash Hash Hash Hash Hash Hash HashBOINC BeaconHash HashBOINC Hash BeaconHash Hash StringHash Hash X Signature Y Signature 1 X SignatureString Y Signature X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature
Check/Add Beacon 1 to Database
• SK1 and PK1 to H(CPIDX) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header Block header
Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions
Block Block
Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key Hash Hash Hash Hash Hash Hash Hash Hash HashBOINC BeaconHash HashBOINC Hash BeaconHash Hash StringHash Hash X Signature Y Signature 1 X SignatureString Y Signature X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature
Check/Add Beacon 1 to Database
• SK1 and PK1 to H(CPIDX) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions Compressed transactions
Block Block
Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key Hash Hash Hash Hash Hash Hash Hash Hash HashBOINC BeaconHash HashBOINC Hash BeaconHash Hash StringHash Hash X Signature Y Signature 1 X SignatureString Y Signature X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature
Check/Add Beacon 1 to Database
• SK1 and PK1 to H(CPIDX) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions Compressed transactions
Block Block
Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key Hash Hash Hash Hash Hash Hash Hash Hash HashBOINC BeaconHash HashBOINC Hash BeaconHash Hash StringHash Hash X Signature Y Signature 1 X SignatureString Y Signature X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature
Check/Add Beacon 1 to Database
• SK1 and PK1 to H(CPIDX) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions Compressed transactions
Block Block Block
Transaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y PublicTransaction key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key T Public key R Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash HashBOINC BeaconHash HashBOINC Hash HashBOINC Hash BeaconHash Hash Hash Hash StringHash Hash String X Signature Y Signature 1 X SignatureString Y Signature X Signature Y Signature X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature S Signature T Signature
Check/Add Beacon 1 to Database
• SK1 and PK1 to H(CPIDX) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
Block header Block header Block header
Hash prev. block header Hash prev. block header Hash prev. block header
Compressed transactions Compressed transactions Compressed transactions
Block Block Block
Transaction Transaction Transaction TransactionTransaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Transaction TransactionTransaction Transaction Transaction Transaction Y PublicTransaction key Z PublicTransaction key Y Public key Z PublicTransaction key Y PublicTransaction key Z PublicTransaction key Y Public key Z Public key YTransaction Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key Y Public key Z Public key B Public key C Public key T Public key R Public key Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash Hash HashBOINC BeaconHash HashBOINC Hash HashBOINC Hash BeaconHash Hash Hash Hash StringHash Hash String X Signature Y Signature 1 X SignatureString Y Signature X Signature Y Signature X Signature Y Signature 1 X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature X Signature Y Signature A Signature B Signature S Signature T Signature
Check/Add Beacon 1 to Database Check/Add Beacon 4 to Database
• SK1 and PK1 to H(CPIDX) • SK4 and PK4 to H(CPIDG) Check/Add Beacon 2 to Database
• SK2 and PK2 to H(CPIDY) Check/Add Beacon 3 to Database
• SK3 and PK3 to H(CPIDZ)
Breaking and fixing Gridcoin 34 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / Gridcoin infrastructure
Gridcoin block chain Block header
Gridcoin users
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / Gridcoin infrastructure
Gridcoin block chain Block header
Gridcoin users
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin infrastructure
Gridcoin block chain Block header
Gridcoin users
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry infrastructure email:= [email protected] rand = AB1…93BF CPID = MD5(rand||email) Credit = 100,000 RAC = 100
Gridcoin block chain Block header
Gridcoin users
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry infrastructure email:= [email protected] rand = AB1…93BF CPID = MD5(rand||email) Credit = 100,000 RAC = 100
Gridcoin block chain Block header 1. Does BOINC work and gets credits
Gridcoin users
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block chain Block header 1. Does BOINC work and gets credits
Gridcoin users
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block chain Block header 1. Does BOINC work and gets credits
Gridcoin users
3. Creates block and reward signature Sig (Block header) ||CPID sk1
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block chain Block header 1. Does BOINC work and gets credits Block
…
Sig ( H(b
Gridcoin users
3. Creates block and reward signature Sig (Block header) ||CPID sk1
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block chain Block header 1. Does BOINC work and gets credits Block
…
Sig ( H(b
Gridcoin users
3. Creates block and reward signature Sig (Block header) ||CPID sk1
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain Block header 1. Does BOINC work Block and gets credits Block
…
Sig ( H(b
Gridcoin users
3. Creates block and reward signature Sig (Block header) ||CPID sk1
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain Block header 1. Does BOINC work Block and gets credits Block BOINC CPID, … … GRC address Sig ( H(b
Sig (Block header) ||CPID sk1
Gridcoin users
3. Creates block and reward signature Sig (Block header) ||CPID sk1
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain Block header 1. Does BOINC work Block and gets credits Block BOINC CPID, … … GRC address Sig ( H(b
Sig (Block header) ||CPID sk1
Gridcoin users
3. Creates block and reward signature Sig (Block header) ||CPID sk1
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header chain Block header 1. Does BOINC work Block and gets credits Block BOINC CPID, … … GRC address Sig ( H(b
Sig (Block header) ||CPID sk1
Gridcoin users 6. Check reward signature by checking H(CPID)
3. Creates block and reward signature Sig (Block header) ||CPID sk1
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header Block header chain 5.Request 1. Does BOINC work Block BOINC and gets credits Block BOINC information CPID, … … GRC address Sig ( H(b
Sig (Block header) ||CPID sk1
Gridcoin users 6. Check reward signature by checking H(CPID)
3. Creates block and reward signature Sig (Block header) ||CPID sk1
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Fixing Gridcoin with the beacon system
BOINC / BOINC project A Statistical website Gridcoin User entry User entry infrastructure email:= [email protected] Projekt A rand = AB1…93BF 2. Credit information sync CPID CPID = MD5(rand||email) Credit = 100,000 Credit = 100,000 RAC = 100 RAC = 100
Gridcoin block Block header Block header chain 5.Request 1. Does BOINC work Block BOINC and gets credits Block BOINC information CPID, … … GRC address Sig ( H(b
Sig (Block header) ||CPID sk1
Gridcoin users 6. Check reward signature by checking H(CPID)
3. Creates block and reward signature 7. Check rest of the block Sig (Block header) ||CPID • Accept/Reject block sk1
Breaking and fixing Gridcoin 35 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin Bitcoin
History
Breaking and fixing Gridcoin 37 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
History . 2008 paper published on cryptography mailinglist . By Satoshi Nakamoto (?) . Jan. 2009 source code released . Soon used for trading
Breaking and fixing Gridcoin 37 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
History . 2008 paper published on cryptography mailinglist . By Satoshi Nakamoto (?) . Jan. 2009 source code released . Soon used for trading
Breaking and fixing Gridcoin 37 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
History . 2008 paper published on cryptography mailinglist . By Satoshi Nakamoto (?) . Jan. 2009 source code released . Soon used for trading
Breaking and fixing Gridcoin 37 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
History . 2008 paper published on cryptography mailinglist . By Satoshi Nakamoto (?) . Jan. 2009 source code released . Soon used for trading
Breaking and fixing Gridcoin 37 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
History . 2008 paper published on cryptography mailinglist . By Satoshi Nakamoto (?) . Jan. 2009 source code released . Soon used for trading
Breaking and fixing Gridcoin 37 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
History . 2008 paper published on cryptography mailinglist . By Satoshi Nakamoto (?) . Jan. 2009 source code released . Soon used for trading
10,000 bitcoin = 41$ (22.10.2010)
Breaking and fixing Gridcoin 37 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
History . 2008 paper published on cryptography mailinglist . By Satoshi Nakamoto (?) . Jan. 2009 source code released . Soon used for trading
10,000 bitcoin = 41$ (22.10.2010) 10,000 bitcoin = 11,35 million € (27.04.2017)
Breaking and fixing Gridcoin 37 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
How to get Bitcoins?
Breaking and fixing Gridcoin 38 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
How to get Bitcoins? . Exchange places
Breaking and fixing Gridcoin 38 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
How to get Bitcoins? . Exchange places . Person to Person
Breaking and fixing Gridcoin 38 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
How to get Bitcoins? . Exchange places . Person to Person . Bitcoin ATMs
Breaking and fixing Gridcoin 38 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Imagine: . Money is a string of bits . “Alice pay Bob 1 bitcoin”
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Imagine: Alice Bob . Money is a string of bits . “Alice pay Bob 1 bitcoin”
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions Alice pay Bob 1 bitcoin . Imagine: Alice Bob . Money is a string of bits . “Alice pay Bob 1 bitcoin”
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions Alice pay Bob 1 bitcoin . Imagine: Alice Bob . Money is a string of bits . “Alice pay Bob 1 bitcoin” . Problem: Eavesdrop (steal)
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions Alice pay Bob 1 bitcoin . Imagine: Alice Bob . Money is a string of bits . “Alice pay Bob 1 bitcoin” . Problem: Eavesdrop (steal) Alice Bob . Solution: Signature
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions Alice pay Bob 1 bitcoin . Imagine: Alice Bob . Money is a string of bits . “Alice pay Bob 1 bitcoin” Alice pay Bob 1 bitcoin S . Problem: Eavesdrop (steal) Alice Bob . Solution: Signature
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions Alice pay Bob 1 bitcoin . Imagine: Alice Bob . Money is a string of bits . “Alice pay Bob 1 bitcoin” Alice pay Bob 1 bitcoin S . Problem: Eavesdrop (steal) Alice Bob . Solution: Signature . Problem: Repeating Alice Bob
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions Alice pay Bob 1 bitcoin . Imagine: Alice Bob . Money is a string of bits . “Alice pay Bob 1 bitcoin” Alice pay Bob 1 bitcoin S . Problem: Eavesdrop (steal) Alice Bob . Solution: Signature
. Problem: Repeating Alice pay Bob 1 bitcoin 000174 S . Solution: Serial number Alice Bob
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions Alice pay Bob 1 bitcoin . Imagine: Alice Bob . Money is a string of bits . “Alice pay Bob 1 bitcoin” Alice pay Bob 1 bitcoin S . Problem: Eavesdrop (steal) Alice Bob . Solution: Signature
. Problem: Repeating Alice pay Bob 1 bitcoin 000174 S . Solution: Serial number Alice Bob . Problem: . Uniqueness of serial number
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions Alice pay Bob 1 bitcoin . Imagine: Alice Bob . Money is a string of bits . “Alice pay Bob 1 bitcoin” Alice pay Bob 1 bitcoin S . Problem: Eavesdrop (steal) Alice Bob . Solution: Signature
. Problem: Repeating Alice pay Bob 1 bitcoin 000174 S . Solution: Serial number Alice Bob . Problem: . Uniqueness of serial number . Solution: Public ledger
Source/Very good Howto: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 39 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions . Collect them in blocks . All blocks are chained together
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Collect them in blocks Transaction 1 . Transaction 2 . All blocks are chained together Transaction 3
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Collect them in blocks Transaction 1 . Transaction 2 . All blocks are chained together Transaction 3
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Block (i+1) Collect them in blocks Transaction 1 Transaction 5 . Transaction 2 Transaction 7 . All blocks are chained together Transaction 3 Transaction 9
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Block (i+1) Collect them in blocks Transaction 1 Transaction 5 . Transaction 2 Transaction 7 . All blocks are chained together Transaction 3 Transaction 9
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Block (i+1) Block (i+2) Collect them in blocks Transaction 1 Transaction 5 Transaction 11 . Transaction 2 Transaction 7 Transaction 13 . All blocks are chained together Transaction 3 Transaction 9 Transaction 14
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Block (i+1) Block (i+2) Collect them in blocks Transaction 1 Transaction 5 Transaction 11 . Transaction 2 Transaction 7 Transaction 13 . All blocks are chained together Transaction 3 Transaction 9 Transaction 14
. Problem: Double spending
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Block (i+1) Block (i+2) Collect them in blocks Transaction 1 Transaction 5 Transaction 11 . Transaction 2 Transaction 7 Transaction 13 . All blocks are chained together Transaction 3 Transaction 9 Transaction 14
. Problem: Double spending
Account 1 20 BTC Mallory
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Block (i+1) Block (i+2) Collect them in blocks Transaction 1 Transaction 5 Transaction 11 . Transaction 2 Transaction 7 Transaction 13 . All blocks are chained together Transaction 3 Transaction 9 Transaction 14
. Problem: Double spending
Account 1 Alice 20 BTC Mallory
Bob
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Block (i+1) Block (i+2) Collect them in blocks Transaction 1 Transaction 5 Transaction 11 . Transaction 2 Transaction 7 Transaction 13 . All blocks are chained together Transaction 3 Transaction 9 Transaction 14
. Problem: Double spending
Account 1 Alice 20 BTC Mallory Account 2 Bob creates 0 BTC
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Block (i+1) Block (i+2) Collect them in blocks Transaction 1 Transaction 5 Transaction 11 . Transaction 2 Transaction 7 Transaction 13 . All blocks are chained together Transaction 3 Transaction 9 Transaction 14
. Problem: Double spending
Account 1 20 BTC Alice 20 BTC
Mallory 20 BTC Account 2 Bob creates 0 BTC 20 BTC
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Transactions . Every user keeps track of all transactions Block i Block (i+1) Block (i+2) Collect them in blocks Transaction 1 Transaction 5 Transaction 11 . Transaction 2 Transaction 7 Transaction 13 . All blocks are chained together Transaction 3 Transaction 9 Transaction 14
. Problem: Double spending
. Solution: Proof-of-Work Account 1 20 BTC Alice 20 BTC
Mallory 20 BTC Account 2 Bob creates 0 BTC 20 BTC
Source: http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/
Breaking and fixing Gridcoin 40 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work
Breaking and fixing Gridcoin 41 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work . Solving a computational moderately hard problem . Solution allows to append a block to chain
Breaking and fixing Gridcoin 41 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work . Solving a computational moderately hard problem . Solution allows to append a block to chain . Hash(transactions||…||nonce) < 0x0000000||FE32…9AB
Breaking and fixing Gridcoin 41 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work . Solving a computational moderately hard problem . Solution allows to append a block to chain . Hash(transactions||…||nonce) < 0x0000000||FE32…9AB . Genesis block: 0000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f . Current block: 00000000000000000217084a9362676393abd073f4123a67b0a54b9cc86c0a03
Breaking and fixing Gridcoin 41 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Proof-of-Work . Solving a computational moderately hard problem . Solution allows to append a block to chain . Hash(transactions||…||nonce) < 0x0000000||FE32…9AB . Genesis block: 0000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f . Current block: 00000000000000000217084a9362676393abd073f4123a67b0a54b9cc86c0a03 . Reward for new block . Creates a race
Breaking and fixing Gridcoin 41 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain fork . Block get’s broadcasted into the bitcoin network . What, if two blocks are created at the same time?
Breaking and fixing Gridcoin 42 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain fork . Block get’s broadcasted into the bitcoin network . What, if two blocks are created at the same time?
Block i Block (i+1)
Transaction 1 Transaction 5 Transaction 2 Transaction 7 Transaction 3 Transaction 9
Breaking and fixing Gridcoin 42 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain fork . Block get’s broadcasted into the bitcoin network . What, if two blocks are created at the same time?
Block (i+2)
Transaction 11 Transaction 13 Block i Block (i+1) Transaction 14
Transaction 1 Transaction 5 Transaction 2 Transaction 7 Transaction 3 Transaction 9 Block (i+2)
Transaction 10 Transaction 12 Transaction 17
Breaking and fixing Gridcoin 42 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain fork . Block get’s broadcasted into the bitcoin network . What, if two blocks are created at the same time?
Block (i+2)
Transaction 11 Transaction 13 Block i Block (i+1) Transaction 14
Transaction 1 Transaction 5 Transaction 2 Transaction 7 Transaction 3 Transaction 9 Block (i+2) Block (i+3)
Transaction 10 Transaction 21 Transaction 12 Transaction 23 Transaction 17 Transaction 24
Breaking and fixing Gridcoin 42 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain fork . Block get’s broadcasted into the bitcoin network . What, if two blocks are created at the same time?
Block (i+2)
Transaction 11 Transaction 13 Block i Block (i+1) Transaction 14
Transaction 1 Transaction 5 Transaction 2 Transaction 7 Transaction 3 Transaction 9 Block (i+2) Block (i+3)
Transaction 10 Transaction 21 Transaction 12 Transaction 23 Transaction 17 Transaction 24
Breaking and fixing Gridcoin 42 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Block chain fork . Block get’s broadcasted into the bitcoin network . What, if two blocks are created at the same time?
Block (i+2)
Transaction 11 Transaction 13 Block i Block (i+1) Transaction 14
Transaction 1 Transaction 5 Transaction 2 Transaction 7 Transaction 3 Transaction 9 Block (i+2) Block (i+3) Block (i+4)
Transaction 10 Transaction 21 Transaction 29 Transaction 12 Transaction 23 Transaction 31 Transaction 17 Transaction 24 Transaction 34
Breaking and fixing Gridcoin 42 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Confirmed Transactions
Breaking and fixing Gridcoin 43 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Confirmed Transactions . Transactions are confirmed . If they were included 5 blocks before the current one
Breaking and fixing Gridcoin 43 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Confirmed Transactions . Transactions are confirmed . If they were included 5 blocks before the current one
Block i Block (i+5)
Transaction 1 … … … Transaction 29 Transaction 2 Transaction 31 Transaction 3 Transaction 34
Breaking and fixing Gridcoin 43 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Confirmed Transactions . Transactions are confirmed . If they were included 5 blocks before the current one
6
Block i Block (i+5)
Transaction 1 … … … Transaction 29 Transaction 2 Transaction 31 Transaction 3 Transaction 34
Breaking and fixing Gridcoin 43 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i)
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Alice‘s Public key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Alice‘s Public key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Alice‘s Public key
Hash
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Alice‘s Public key
Hash
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Alice‘s Public key
Hash
Jensen‘s Signature
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Alice‘s Public key
Hash
Jensen‘s Signature
Alice‘s Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Alice‘s Public key
Hash
Jensen‘s Signature
Alice‘s Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Alice‘s Bob‘s Public key Public key
Hash
Jensen‘s Signature
Alice‘s Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Alice‘s Bob‘s Public key Public key
Hash Hash
Jensen‘s Signature
Alice‘s Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Alice‘s Bob‘s Public key Public key
Hash Hash
Jensen‘s Signature
Alice‘s sign Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Alice‘s Bob‘s Public key Public key
Hash Hash
Jensen‘s Alice‘s Signature Signature
Alice‘s sign Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Alice‘s verify Bob‘s Public key Public key
Hash Hash
Jensen‘s Alice‘s Signature Signature
Alice‘s sign Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Transaction (i+2) Alice‘s verify Bob‘s Public key Public key
Hash Hash
Jensen‘s Alice‘s Signature Signature
Alice‘s sign Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Transaction (i+2) Alice‘s verify Bob‘s Charlies Public key Public key Public key
Hash Hash Hash
Jensen‘s Alice‘s Signature Signature
Alice‘s sign Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Transaction (i+2) Alice‘s verify Bob‘s Charlies Public key Public key Public key
Hash Hash Hash
Jensen‘s Alice‘s Signature Signature
Alice‘s sign Bob‘s sign Privat key Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Transaction (i+2) Alice‘s verify Bob‘s Charlies Public key Public key Public key
Hash Hash Hash
Jensen‘s Alice‘s Bob‘s Signature Signature Signature
Alice‘s sign Bob‘s sign Privat key Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Transaction (i+2) Alice‘s verify Bob‘s verify Charlies Public key Public key Public key
Hash Hash Hash
Jensen‘s Alice‘s Bob‘s Signature Signature Signature
Alice‘s sign Bob‘s sign Privat key Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Gridcoin
Transaction - details
Transaction (i) Transaction (i+1) Transaction (i+2) Alice‘s verify Bob‘s verify Charlies Public key Public key Public key
Hash Hash Hash
Jensen‘s Alice‘s Bob‘s Signature Signature Signature
Alice‘s sign Bob‘s sign Charlies Privat key Privat key Privat key
Breaking and fixing Gridcoin 44 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Double Spending . Security of bitcoin PoW . total computational power of the honest user . Double spending still possible . Attack has 15% success rate with 30% hash rate of network . Attack has 100% success rate with 51% hash rate of network
Breaking and fixing Gridcoin 45 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Mining
Breaking and fixing Gridcoin 46 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Mining . Every time a block is mined . Miner get’s bitcoin reward
Breaking and fixing Gridcoin 46 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Mining . Every time a block is mined . Miner get’s bitcoin reward . Via special transaction (coinbase transaction) . Current 12 BTC . Halved approx. every 4 years
Breaking and fixing Gridcoin 46 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Mining . Every time a block is mined . Miner get’s bitcoin reward . Via special transaction (coinbase transaction) . Current 12 BTC . Halved approx. every 4 years
Breaking and fixing Gridcoin 46 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Mining . Every time a block is mined . Miner get’s bitcoin reward . Via special transaction (coinbase transaction) . Current 12 BTC . Halved approx. every 4 years
Breaking and fixing Gridcoin 46 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Mining . Every time a block is mined . Miner get’s bitcoin reward . Via special transaction (coinbase transaction) . Current 12 BTC . Halved approx. every 4 years
Breaking and fixing Gridcoin 46 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Mining . Every time a block is mined . Miner get’s bitcoin reward . Via special transaction (coinbase transaction) . Current 12 BTC . Halved approx. every 4 years
Breaking and fixing Gridcoin 46 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Bitcoin value over time . Huge success
Breaking and fixing Gridcoin 47 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Bitcoin value over time . Huge success
Breaking and fixing Gridcoin 47 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Bitcoin value over time . Huge success
Breaking and fixing Gridcoin 47 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Bitcoin value over time . Huge success
Breaking and fixing Gridcoin 47 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Bitcoin value over time . Huge success
Breaking and fixing Gridcoin 47 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Bitcoin value over time . Huge success
Breaking and fixing Gridcoin 48 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Bitcoin value over time . Huge success
Breaking and fixing Gridcoin 49 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Bitcoin value over time . Huge success
Breaking and fixing Gridcoin 49 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Bitcoin value over time . Huge success
Breaking and fixing Gridcoin 49 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Mining . Huge success
Breaking and fixing Gridcoin 50 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Mining . Huge success
Breaking and fixing Gridcoin 51 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations
Breaking and fixing Gridcoin 52 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size . Limiting the number of transactions per block
Breaking and fixing Gridcoin 52 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size . Limiting the number of transactions per block . What if you want to change bitcoin’s protocol . Different hash algorithm
Breaking and fixing Gridcoin 52 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size . Limiting the number of transactions per block . What if you want to change bitcoin’s protocol . Different hash algorithm . Etc.
Breaking and fixing Gridcoin 52 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size . Limiting the number of transactions per block . What if you want to change bitcoin’s protocol . Different hash algorithm . Etc.
Breaking and fixing Gridcoin 52 Martin Grothe, Tobias Niemann, Juraj Somorovsky Bitcoin
Limitations . Developer regulates block size . Limiting the number of transactions per block . What if you want to change bitcoin’s protocol . Different hash algorithm . Etc.
Source code is public, let‘s modify it!
Breaking and fixing Gridcoin 52 Martin Grothe, Tobias Niemann, Juraj Somorovsky Sources
Slide 1: • startin-slide-picture-cryptocurrency.jpg http://gaincryptocurrency.altervista.org/alterpages/10710353_865938750143391_6543553170888387417_o.jpg Slide 4: • fiat-logo.png https://en.wikipedia.org/wiki/File:Fiat_Logo.svg • euro.jpg https://www.bpb.de/cache/images/5/220135-3x2-article620.jpg?FF353 Slide 5: • altcoin-chips.png https://i2.wp.com/www.altcointoday.com/wp-content/uploads/2015/10/coins.png Slide 6: • Examples for trading https://www.slideshare.net/jonwaller0/what-isbitcoinen (Slide 13) • Benefits of Cryptocurrencies http://www.huffingtonpost.com/ameer-rosic-/7-incredible-benefits-of-_1_b_13160110.html • skeptical-kid-blank.jpeg https://img.memesuper.com/fc693ae7e695c4eea4034dc354bc356d_-kid-meme-blank-skeptical-meme-skeptical_305-305.jpeg Slide 8: • Bitcoin Pizzas forum entry https://bitcointalk.org/index.php?topic=137 • BC_Logo.png https://en.bitcoin.it/wiki/File:BC_Logo_.png • Pizza.jpg http://heliacal.net/~solar/bitcoin/pizza/ Slide 9: • Bitcoin_exchange.jpg https://www.coinbase.com/ • bitcoin-atm.jpg https://cache.caricoin.com/wp-content/uploads/38937_01_los_angeles_receives_first_bitcoin_atm_machines_in_the_united_states_full-1080x675.jpg • withdraw-bitcoin-to-usd-1024x502.jpg http://cashinbitcoin.com/wp-content/uploads/2017/02/withdraw-bitcoin-to-usd-1024x502.jpg
Breaking and fixing Gridcoin 53 Martin Grothe, Tobias Niemann, Juraj Somorovsky Sources
Slide 10-13: • Idea/approach adapted from http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-actually-works/ Slide 14: • Success for double spending based on hash rate https://arxiv.org/pdf/1402.2009.pdf Slide 16: • bitcoin-mining-asics.jpg https://i.ytimg.com/vi/SNB11HPv_lo/maxresdefault.jpg • bitcoin-mining-fpga.jpg http://cdn5.thinkcomputers.org/wp-content/uploads/2014/02/mining-rig-26.jpg • bitcoin-mining-farm.jpg https://cdn.static-economist.com/sites/default/files/images/print-edition/20150110_WBP001_0.jpg • bitcoin-cpu-cluster.jpg http://bedroombitcoinbeast.blogin.com.au/tag/bitcoin-mining/ Slide 17: • bitcoin-price-rate-2010-2012.png https://99bitcoins.com/price-chart-history/ Slide 18: • bitcoin-price-rate-2010-2012.png https://99bitcoins.com/price-chart-history/ • happy-kid.jpg http://www.relatably.com/m/img/skeptical-african-kid-meme-9gag/c9acfd4d17a9ba06203d833739b482a1.jpg Slide 19: • bitcoin-price-rate-chart-all-time.png https://99bitcoins.com/price-chart-history/ Slide 20: • wolf-of-wallstreet-fist-bite.jpeg http://img.pandawhale.com/159212-Leo-Dicaprio-biting-knucle-mem-29ZB.jpeg Slide 21: • wolf-of-wall-street-laugh.jpg https://ewedit.files.wordpress.com/2015/01/wolf-of-wall-street-leonardo-dicaprio1.jpg?w=612
Breaking and fixing Gridcoin 54 Martin Grothe, Tobias Niemann, Juraj Somorovsky Sources
Slide 22: • jackie-chan-why-blank.jpg https://houseofgeekery.files.wordpress.com/2012/08/jackie-chan-whut.jpg Slide 24: • altcoin-chips.png https://i2.wp.com/www.altcointoday.com/wp-content/uploads/2015/10/coins.png Slide 25: • bitcoin-energy-consumption.png https://www.iea.org/publications/freepublications/publication/KeyWorld2016.pdf • Ddoscoin https://github.com/ewust/DDoSCoin • Burstcoin https://www.burst-team.us/ • Namecoin https://namecoin.org/ Slide 27: • boinc_600.jpg https://boinc.berkeley.edu/logo/boinc_600.jpg • peercoin-logo.svg https://peercoin.net/assets/img/logos/peerunity.svg Slide 28: • broadband_rfi1.jpg https://setiathome.berkeley.edu/sah_glossary/images/broadband_rfi1.jpg • folding-at-home.jpg http://images.bit-tech.net/content_images/2009/06/what-is-folding-and-why-does-it-matter/fold1.jpg Slide 35: • lock-hit-by-bullet.jpg http://media.coindesk.com/uploads/2016/08/lock-broken-728x485.jpg Slide 37: • breaking-gridcoin.jpg http://cdn23.us1.fansshare.com/photos/breakingbad/ndqzmjm-mzuz-disea-la-intro-de-tus-series-favoritas-breaking-bad-logo-642337318.jpg Slide 39: • skeptical-baby.png http://i0.kym-cdn.com/entries/icons/original/000/008/402/Screen_shot_2012-01-18_at_5.28.23_PM.png
Breaking and fixing Gridcoin 55 Martin Grothe, Tobias Niemann, Juraj Somorovsky Sources
Slide 45: • Steve-Carell-Facepalm.gif http://gif-finder.com/wp-content/uploads/2015/02/Steve-Carell-Facepalm.gif • fence-fails.jpg https://s-media-cache-ak0.pinimg.com/564x/4b/c8/af/4bc8afa3a8bb0735fc703736aa7c986f.jpg Slide 46: • make-money-memes-money-meme_300-300.jpeg https://img.memesuper.com/9bc3ddad6db0f1757f2a02d7ffad7500_make-money-memes-money-meme_300-300.jpeg
Breaking and fixing Gridcoin 56 Martin Grothe, Tobias Niemann, Juraj Somorovsky Cryptocurrency
In general . Only digital
Breaking and fixing Gridcoin 57 Martin Grothe, Tobias Niemann, Juraj Somorovsky Cryptocurrency
In general . Only digital . Based on cryptography . Asym. cryptography . Hash functions
Breaking and fixing Gridcoin 57 Martin Grothe, Tobias Niemann, Juraj Somorovsky Cryptocurrency
In general . Only digital . Based on cryptography . Asym. cryptography . Hash functions . Decentralized (Peer-to-Peer network)
Breaking and fixing Gridcoin 57 Martin Grothe, Tobias Niemann, Juraj Somorovsky Cryptocurrency
In general . Only digital . Based on cryptography . Asym. cryptography . Hash functions . Decentralized (Peer-to-Peer network) . Finite supply
Breaking and fixing Gridcoin 57 Martin Grothe, Tobias Niemann, Juraj Somorovsky Cryptocurrency
In general . Only digital . Based on cryptography . Asym. cryptography . Hash functions . Decentralized (Peer-to-Peer network) . Finite supply . Pseudonym/anonym
Breaking and fixing Gridcoin 57 Martin Grothe, Tobias Niemann, Juraj Somorovsky Breaking and fixing a cryptocurrency 58 Martin Grothe, Tobias Niemann, Juraj Somorovsky