blockchain overview, use cases, implementations and challenges

Blockchain:Overview, Use Cases and ChallengesSebastien Tandel [email protected]

March 2017

Agenda

– Blockchain a Trend?– Blockchain Explained

– Overview– Use Cases & Implementations– Challenges

–Take Aways

Blockchain a Trend?

3

as a Trend

Blockchain by numbers

2015: 42 systemic financial institutions in a consortium 2016: $1.4+ billion invested in Blockchain

By 2022: Blockchain business worth $10B✽

✽ Gartner Top Predictions 2017

Blockchain Explained

6

Blockchain 101

Alice agreed on a transaction with Bob

The transaction is signed and a block is created to represent that transaction

The block is broadcast and validated by the blockchain network

The block is added to the chain, providing a permanent non-repudiable and transparent record of the transaction

Blockchain 101 : What the hell is a Blockchain?

–Blockchain is a database that is–De-centralized–Append-only (entries are immutable)–Recording transactions between 2+ parties (Alice & Bob)–Which parties trust because of a distributed consensus protocol–Achieved by a network of (untrusted) participants–And ultimately secured through some cryptographic work

Blockchain 101: OK, got it… but why?

centralizedledger

de-centralizedledger

Santander : by 2022, could cut banks infrastructure costs by $15-20bn a year for cross-border payments, securities trading and regulatory compliance

What is a block?

BLOCKBlocks are units of the Blockchain

HEADER

Version

Merkle Root

Difficulty

Previous Block Hash

Timestamp

Nonce

TRANSACTION COUNT

BLOCK CONTENT

Coinbase TX Bitcoin TX

Total Bitcoin + Coinbase TX

How a block is added to blockchain?

Proof Of Work : “mining” in bitcoin world• Participants create one block from the current transactions• and tries to solve a complex challenge:

• hash of block header with X leading 0s, varying “nonce”Ø hard to compute, very easy to verify

• Each 10 minutes (avg time for 1 node to find a valid hash), the block is added to the chain

Ø Challenge Complexity is periodically adjusted to maintain the 10 minutes constant


HEADER

Version

Merkle Root

Difficulty

Previous Block Hash

Timestamp

Nonce

TRANSACTION COUNT

BLOCK CONTENT



Why is there any participant at all?

–Indeed LOT of resources wasted to solve the challenge of 1 block–Keep in mind everyone competes on the same block, to get only 1 winner !

–Why would anyone participate? Economics! Well... money J–In Bitcoin world, the winning miner is awarded some coinbase

–in 2015, it was 25BTC and worth US$6900 ; 2017, 12.5 BTC–Owner of a transaction may also give a tip to the winner.

Why is this secure?

1. Transactions are cryptographically signed• To ensure/verify ownership of a transaction!Owner 1’s

Public Key

Transaction

Owner 0’s Signature

Owner 1’s Private Key

Hash

Transaction


Owner 2’s Public Key


Hash

Transaction




Hash

Why is this secure?

1. Transactions are cryptographically signed• To ensure/verify ownership of a transaction!Owner 1’s

Public Key

Transaction



Hash

Transaction




Hash

Transaction




Hash

Better not lose that key or being stolen. This is what defines ownership of a transaction.

Why is this secure?

1. Transactions are cryptographically signed2. Transactions encoded into a Merkle Tree

• IOW, If you modify one bit of a transaction, “root hash” would change

BLOCK

Hash1

HEADER

Version

Merkle Root

Previous Block Hash

Timestamp

Nonce

TX1

Hash2

Difficulty

Hash3 Hash4

TX2

Hash12

TX3 TX4

Hash34

Why is this secure?

1. Transactions are cryptographically signed2. Transactions encoded into a Merkle Tree3. Mining challenge based hashing block header

• which includes the merkle tree root hash

BLOCK

HEADER

Version

Merkle Root

Difficulty

Previous Block Hash

Timestamp

Nonce

TRANSACTION COUNT

BLOCK CONTENT



Why is this secure?


• which includes the merkle tree root hash• AND previous block header hash

• hash chaining: with age, block becomes more secure

BLOCK

HEADER

Version

Merkle Root

Difficulty

Previous Block Hash

Timestamp

Nonce

TRANSACTION COUNT

BLOCK CONTENT



moresecure

Why is this secure?


4. Easy to validate and check integrity based on computed hashes and signatures• When a block is broadcast, all nodes verify

its validity and integrity. If not valid, reject.

BLOCK

HEADER

Version

Merkle Root

Difficulty

Previous Block Hash

Timestamp

Nonce

TRANSACTION COUNT

BLOCK CONTENT



moresecure

Blockchain Implementations & Use Cases

Blockchain Ecosystem for Financial Services

Blockchain Ecosystem for Non-Financial Services

Blockchain Implementations

Bitcoin 101 : Ecosystem

A bitcoin client is used togenerate addresses (keys)& performing transactions (purchases)

Pool of bitcoin miners

Businesses can accept bitcointo sell to their customersthrough bitcoin addresses (keys)

Market exchangesto sell/buy bitcoinsfor usual currencies

global peer-to-peer decentralized network

Bitcoin 101 : Transaction

Each transaction is a (list of) Bitcoin payment(s)


HEADER

Version

Merkle Root

Difficulty

Previous Block Hash

Timestamp

Nonce

TRANSACTION COUNT

BLOCK CONTENT



Transaction

TECHNICAL DATA

Version

#inputs

Lock Time (delay)

#outputs

INPUTS

OUTPUT

Script Len Lock Script

Previous TX Hash / Output Index

Unlock ScriptScript Len

Amount

Bitcoin 101: UTXO (Unspent Transaction Output)

Transaction TX0

Input0

Output0

Output1

100ksatoshis

40ksatoshis

50ksatoshis

Transaction TX1

Input0

Output0

Transaction TX2

Input0

Output0

Output1

20kUTXO

Transaction TX3

Input0

Output0

Transaction TX4

Input0

Output0

20ksatoshis

20ksatoshis

10kUTXO

Bitcoin Blockchain Challenges

– Transaction Rate– Bitcoin block limited to 1MB, limiting #tx/block & 1 block added each 10min, limiting #tx/sec

– Oh right, and what about forks?– All miners compete to solve the same Proof of Work. Forks happen when 2 miners solve it at the same time.

– Largest chain is considered the one to be used by miners– Usually, it’s considered forks are solved by consensus within 6 blocks after the fork. (theoretical)

Bitcoin 7 tx/secVISA avgVISA peak

2000 tx/sec56K tx/sec

confirmedtx

settledtx

verifiedtx

on avg

10 min

60 min

43 min

Note: Some transactions remain permanently unverified (dependency on fee paid)


– The previous consensus of selecting the longest chain is subject to 51% attack– If anyone controls more than 51% of total capacity Proof of Work power, she could alter the integrity of the blockchain

ØLarge number of participants is critical for these blockchains based on Proof of Work– Currently for Bitcoin, it is admitted that not even governments could afford to build infrastructure able to represent

51% of the compute power of miners

– HOWEVER, mining competition is harsh:–5 largest mining orgs >75% of total mining capacity (~1517 petahash/sec)– Main hashing power in China! ; What-if collusion?


– Decreasing Profits for miners– ~= 545 million revenue a year for miners– Miner profits fall as the blockchain network expands.– New block reward cut in half every 210,000 blocks (~4 years)

– Since transaction fees are presently around 50 times smaller than the block reward, reducing the block reward by half cuts total mining revenues if the bitcoin transaction fees and price remain unchanged

– Some companies already filed bankruptcy last year because of that.Ø careful to the 51% attack …

Ethereum : Generalizing Bitcoin Blockchain

– Step back to Bitcoin– Transactions authenticated through Lock/Unlock Scripts.– These are scripts running on top of a stack-based interpreter !– Scripting language is pretty powerful BUT

1. not Turing-complete,2. although could be used for other purpose, mainly there to validate monetary transactions

– Ethereum generalizes Bitcoin initial concept of these scripts with a proposal of– providing a Turing-complete scripting language– enabling other use cases than crypto-currency!

– Smart Contracts are born !

Ethereum : Smart Contracts

• Transaction: An Ether payment transaction can be sent from one address to another address like in Bitcoin

• Achieves 1 tx each 14sec !

• Contract: Insert code into transaction Data field, and send to null address – mined as a Contract

• Contract is addressable (like call to execute a function)

• Compute: On-chain calculations can be performed and data stored but costs Ether (measured in Gas)

• Accounts: No UTXO, state stores a list of accounts (addresses), where each account has a balance

• Balance: Transaction is valid if sender account has balance, then sending account debited and receiving credited

Ethereum Transaction

TECHNICAL DATA

To (Null for Contract)

Gas Price

Ether to Transfer

Start Gas

DATA

Smart Contract Code for Execution on Chain

General Text

Nonce Signature

Blockchain Implementations Comparison

Blockchain Purpose Peer-to-peer(decentralized)

Public/privatemining

Cryptographictrust

Permissionless Centralizedcontrol

Bitcoin DecentralizedMoney

Yes Public Yes Yes No

Ethereum Decentralized Apps

Yes Public Yes Yes No

Ripple DecentralizedPayments

Yes Private Yes No Yes

Hyperledger DecentralizedApps

Yes Private Yes No Yes

Blockchain Use Cases

Blockchain for a Liquid Democracy

–Vote through your own (or a public) smartphone, laptop, desktop, …

– Accounts and Votes are put on the blockchain

– Votes are public and can be consulted by anybodyØAnybody can verify vote count of candidatesØprivacy preserved ‘cause no public association between public key à WHO voted (but for you).

– Estimated cost reduction for 100M voters:– Blockchain voting costs: $50M (EC2 calculator)– Ballot based election: $2 per person => $200MØ$150M vs $600M for USØ$100M vs $400M for Brazil

34

Blockchain for Supply Chain

–Provide ability to track/trace any operation done in a supply chain–Giving ability to trace product from inception : what, who, where, when, …?ØDetect (decrease) frauds,ØDetect stolen merchandise,ØEnsure no counterfeit,ØEnsure no slavery used, …

– Everledger : track supply chain of diamonds ... 800.000 tracked to date.

– BlockVerify : verify medicine authenticity by scanning QR code on a box

– Kuovola Innovation: platform for smart “tendering”. Pallet with RFID tags to move from A to B... Companies bidding and one selected with blockchain as intermediate.

35

Blockchain for Sharing Economy

–Creation of decentralized and “dematerialized” organizations–Sharing Economy on Blockchain governed by and for the people

–Uber: why would Uber takes the largest share of profits generated?–Solution -> decentralized carpooling platforms (Lazooz, ArcadeCity)

–Warning (food for thoughts):–30 years ago: Internet was announced to get rid of all intermediates–Today: Never in Human history, such level of centralization has been reached with a few big

giants controlling large chunks of the Internet (and real) economy at “planet-scale”–Google, Apple, Facebook, Amazon, Uber, ...

36

Blockchain for Digital Identity

–Secure and efficient tracking and management of Digital Identities (& docs)–Digital Identities, passports, e-residency, birth certificates, wedding certificates, online

account logins, …

ØResults in seamless sign-ons and reduced frauds

–One step further for brazilian:ØImagine a world without “cartorios” ... What a dream! J

37

Blockchain for IoT

Yesterday:closed and centralized

Today:open and in the cloud

Tomorrow:open and decentralized

Blockchain for IoT

– Decentralization of IoT networks : current client/server architecture won’t scale in future

– Filament– Autonomous mesh networks for data collection and asset monitoring– Blockchain to identify and authenticate devices

– Chain of Things: Explore blockchain for scale and security issues in IoT– Hackathon related to solar energy in which they provide reliable and verifiable renewable data, speeding up incentive

settlements and reducing opportunities for fraud

– Company?– Connected cars exchanging traffic information between themselves

Decentralized Autonomous Organization

miners validate

smart permit regulatesrelease & reporting

smart permit automatically notifies government and records all activitieson blockchain

Firm is granteda permit

IoT sensors monitorand record releasesand variances

smart permit is distributed via blockchain automatic warning

or enforcement action

Blockchain Still Some Challenges Ahead

Blockchain Challenges cont’d

– Security– Incidents:

– Bitcoin:– 2013, man threw away his hard drive with his private key to unlock his wallet worth $7.5M– 2014: Mt Gox got robbed of $350M– 2016 study claims that between 2009 & 2015, 33% of Bitcoin exchanges have been hacked!

– DAO: June 2016, organization drained of $60M of Ether.

– DDoS on exchanges and mining pools– 51% attack still a real concern– Data integrity:

– malleability attack where an attacker intercepts, modifies and rebroadcasts a transaction, causing the transaction issuer to believe that the original transaction was not confirmed.

– Some have been able to attack Bitcoin wallets in practice, requiring some modification in their implementation.– Authentication & Cryptography issues:

– Private keys stored by Mt Gox stolen … sic.– Proposal to use 2-factor authentication to increase authentication levels.

– Issue : successful attacks on 2-factor authentication have already appeared a while ago.


– Proof of Work = Tremendous Waste of Energy – Estimated to $15M a day => 5.5B a year !

– Proof of Stake has been proposed (and implemented)– which does not require to waste that much energy but smartly use bitcoins owned by miners– Also accelerate the time to add a block to the block chain

– Proof of Stake still not used by Bitcoin and Ethereum though.


– Bitcoin Blockchain Size:– 01/2015 : 30GB– 01/2016 : 50 GB– 01/2017 : 100GB

– And all miners must download the whole blockchain…– potential solutions: hierarchy of chains or regional blockchains

– Be careful of the 51% attack though.

– Ethereum blockchain size is 17GB (as of May 2016)– Smaller than Bitcoin although it’s only after 9 months of existence and way less users than Bitcoin network!– proposed a lighweight node model (for lightweight devices such as smartphones) to be able to add blocks to the

blockchain without downloading the blockchain.


45

Blockchain Challenges cont’d : “Peak of Inflated Expectations”

46

Take Aways

– Blockchain creates trust between untrusted parties willing to agree on some kind of transactions– No intermediate required (note: does not mean they won’t exist anymore!)– Every transaction is authenticated– State changes are transparent– No single point of failure

– Blockchain generalization with Smart Contracts creates a global trust shared execution environment

– Potential to disrupt many businesses, from retail to govts, from finances to health care ($10B+ by 2022)– Already huge investments from largest financial institutions to disrupt financial use cases. ($1.5B+ in 2016)

– Exciting technology to investigate although:– Still exist some pretty tricky challenges to overcome, both technological and legal– Still placed at Peak of Inflated Expectations in the Gartner hype cycle 2016

References

References– Blockchain 101:

– When do you Need Blockchain?– Magic of Mining, The Economist– Bitcoin, Blockchain and the design elements explained– http://www.gartner.com/newsroom/id/3482117– Banks seek the key to Blockchain, Financial Times

– Blockchain Implementations:– A Beginner’s guide to Ethereum– Gentle Introduction to Smart Contracts– Ethereum whitepaper– Dragonchain: Disney’s blockchain– Hyperledger– Bitcoin stack machine scripts interpreter

References– Blockchain Use Cases:

– Securing IoT with Blockchain– For Insurers, #blockchain is the New Black– Blockchain Voting System– Blockchain to Revolutionize Supply Chain– Smart Contracts: Innovation across Manufacturing Value Chains– What Blockchain means for Sharing Economy?

– Blockchain Challenges:– 51% attack– Declining Profitability for New Bitcoin Miners– Alternatives for Proof of Work, Part 1– Top 10 mistakes in Enterprise Blockchain Projects– Bitcoin blockchain transaction delays– Where is Current Research on Blockchain Technology – A Systematic Review