SlideShare ist ein Scribd-Unternehmen logo

Some Thoughts On Bitcoin

Als PPTX, PDF herunterladen
Dan Kaminsky
Dan Kaminsky

Dan Kaminsky's thoughts on BitCoin

TechnologieBildung
1 von 22
Some Thoughts On Bitcoin Dan Kaminsky
If You’re Smart Leave the room right now “Bitcoin turns nerd forums into libertarian forums” This is true Bitcoin is a particularly effective DoS against security professionals Why?
Security Inversion Normal Code Looks like it might be OK up front Scratch the surface, it’s actually really bad BitCoin Looks really bad up front Scratch the surface, it’s actually surprisingly good We aren’t used to systems with these characteristics This code has the mark of having been audited by People Like Us And quants
The basic summary BitCoin is absolutely not anonymous BitCoin clearly does not scale In the long term It does work for now though This isn’t 0day stuff, this is basically declared almost entirely up front
What Is BitCoin A really strange use of cryptography “Strange” is not a sufficient, interesting, or even vaguely competent way to mark a system as insecure It’s a decent way to say “this is not the normal way things are put together” Two systems mated together A peer to peer network that does a best case effort to synchronize data (loose “transactions” and solved “blocks”) across as many nodes as possible A Chinese Lottery that canonicalizes subsets of synchronized data, using the difficulty of finding partial hash collisions
The Basic Idea (In A Nutshell) 1) I’m hearing about all these transactions going on – Alice is paying Bob, Bob is paying Charlie, etc 2) I hash all the transactions I’ve heard about, with some random information, and the hash of the last time someone did that, until there’s a partial collision First n bits equals 0 N is automatically determined based on how hard it has to be for one block to be found about every 10 minutes This is a block 3) I send everyone my “block” – transactions plus hash of previous block plus random data. This gives me 50 bitcoins (for now). 4) I can now “sign over” those bitcoins, from my private key, to other people’s (or my) public key. 5) Repeat until there’s lots of people with lots of BitCoins Possibly purchased instead of “mined”
Interesting Traits The basic concept is actually relatively solid Assuming partial collisions are predictably hard to find Assuming ECDSA works Basic Idea 1: Money can’t be created from nothing – hashing is needed Basic Idea 2: Transactions can’t be blocked or reversed by a central entity – “is none” It makes security engineers talk like monetary scientists That’s sort of OK, economists pretend to do that too… Seriously, that’s silly– lets just talk tech, OK?
Epic Scalability Quote 1(https://en.bitcoin.it/wiki/Scalability) “The core BitCoin network can scale to very high transaction rates assuming a distributed version of the node software is built. This would not be very complicated.” Because there’s nothing easier to do, than make a system distributed This is totally not one of the Hard Problems Of Computer Science By “Distributed” they mean “Centralized” WhyBitCoin is uniquely hard to audit It claims the advantages of its present architecture, and its future architecture, while rebutting the disadvantages of one with the advantages of the other Instead of saying, “We don’t do that”, they say “Something else could do that”
Scalability Costs: Network Bandwidth “Let's assume an average rate of 2000tps, so just VISA…. Shifting 60 gigabytes of data in, say, 60 seconds means an average rate of 1 gigabyte per second, or 8 gigabits per second.” :O
Up and Down Going up “Let's take 4,000 tps as starting goal. Obviously if we want BitCoin to scale to all economic transactions worldwide, including cash, it'd be a lot higher than that, perhaps more in the region of a few hundred thousand transactions/sec.”  And the need to be able to withstand DoS attacks (which VISA does not have to deal with) implies we would want to scale far beyond the standard peak rates. TB/sec Going down Even at 1/100th of VISA, that’s still 10MB/sec
Are There Future Optimizations? “Because nodes are very likely to have already seen a transaction when it was first broadcast, this means the size of a block to download would be trivial (80 bytes + 32 bytes per transaction). If a node didn't see a transaction broadcast, it can ask the connected node to provide it.” Potential 50% savings! Could go from 1GB to 500MB/sec
What About Storage? In order to validate a transaction, you need all blocks up to the present one Joining BitCoin today == downloading 200+MB history all the way to the start of time That only increases “ A 3 terabyte hard disk costs less than $200 today and will be cheaper still in future, so you'd need one such disk for every 21 days of operation (at 1gb per block).” So you get to participate directly in BitCoin, at the low low cost of $200 a month Assuming zero costs of running a storage array
CPU?  ”A network node capable of keeping up with VISA would need roughly 50 cores + whatever is used for mining (done by separate machines/GPUs).” In the long run, that’s what it takes to participate (assuming no DoS, which would take 5000 cores) (You actually need to validate all historical transactions too)
OK, so you end up with supernodes and normal nodes What are the characteristics of supernodes? They’re banks “Welcome to the new boss, who looks suspiciously like the old boss” I’m not saying banks are bad or anything The “peer to peer” model of BitCoin eventually goes away; as soon as the thing gets big, the entire thing switches to a banking model
Reality of Banking As the network gets bigger, fewer and fewer nodes can be banks Only so many parties can exchange a gigabyte a second. The 50% threshold is inevitable BitCoin banks still can’t gin up money BitCoin banks can’t forcibly take money Unless they hold the private keys for the user, which they might BitCoin banks can refuse to accept blocks with “undesirable” transactions Don’t need 50% -- just need enough to inconvenience 50% to accept your opinion Can block undesirable transactions Can recompute blocks w/o certain transactions (reversal) This offers a host of ugly semantics
Already Suffering This BitCoin’s security model is base on the idea that nobody can control more than 50% of the network Exact PetaFlop count unclear, but >40 and <200 Weird metric, given that crypto uses integer operations when FLOPS are floating point Several times more than largest supercomputer Pools are breaking this #1 pool has 41% #2 pool has 30% “Security through ostracism” to Pitchfork Security DDoS against #1 pool
Bad Choice Of Hash Standard Existing model can be accelerated massively with GPUs Just 2x SHA-256 Could have been bcrypt or the like, in which performance does not scale with pure processing speed Basically adds memory and serialization dependencies Wasn’t implemented, so now we have shortages of GPUs…
What About Anonymity? The full worldwide transaction history is stored and shared, forever and ever Everyone has names like: 1MQbbWUi2scKdZ4KtMMSUSvVmxi6XtEeaC How do you know who you’re paying? You don’t Everyone is encouraged to make up new names for every transaction Actually how you can tell why someone is paying you Out of band, you tell someone “to pay me, pay this address” When that address is paid, you can dereference to your own private transaction Do lots of random names equal anonymity?
Names Are Linkable (see blockexplorer.com) All FROM sources are effectively the same person (or linked IDs) Almost all TO destinations are payee and payor
Reality of Anonymity As BitCoin “fights fragmentation”, it merges identities As it merges identities, it…well, merges identities There are other models of using BitCoin in which money goes in, stays, and then presumably goes back out Again, it’s amazing how much this looks like a bank. Not saying banks are bad, just don’t tell me BitCoin doesn’t morph into the banking system
So, with this all being said BitCoin is working, today That counts for a lot It will not work this way forever It will not have today’s security properties forever If you define the loss of today’s properties a serious loss of value, then there are Ponzi-ish characteristics in plain view I’m not going to make that claim, however
Conclusion This was just a quick summary BitCoin is actually well designed, if you accept that anonymity and scaling forces the entire present model to be shifted into something that effectively looks like banking I’ll talk about more another time

Empfohlen

Blockchain for IoT - Smart Home
Blockchain for IoT - Smart HomeBlockchain for IoT - Smart Home
Blockchain for IoT - Smart HomeBiagio Botticelli
 
Future of Blockchain
Future of BlockchainFuture of Blockchain
Future of BlockchainMelanie Swan
 
Bitcoin A Peer-to-Peer Electronic Cash System
Bitcoin A Peer-to-Peer Electronic Cash SystemBitcoin A Peer-to-Peer Electronic Cash System
Bitcoin A Peer-to-Peer Electronic Cash SystemFlavio Vit
 
Global Future of Blockchain
Global Future of Blockchain Global Future of Blockchain
Global Future of Blockchain Melanie Swan
 
Bitcoin Final Year Seminar Report
Bitcoin Final Year Seminar ReportBitcoin Final Year Seminar Report
Bitcoin Final Year Seminar ReportShantanu Singh
 
Bitcoin Explained
Bitcoin ExplainedBitcoin Explained
Bitcoin ExplainedAlex Sousa
 
Seminar Report On Bitcoin
Seminar Report On BitcoinSeminar Report On Bitcoin
Seminar Report On BitcoinTouroxy
 
Bitcoin
BitcoinBitcoin
BitcoinFayoke banjo
 

Empfohlen

Blockchain for IoT - Smart Home
Blockchain for IoT - Smart HomeBlockchain for IoT - Smart Home
Blockchain for IoT - Smart HomeBiagio Botticelli
 
Future of Blockchain
Future of BlockchainFuture of Blockchain
Future of BlockchainMelanie Swan
 
Bitcoin A Peer-to-Peer Electronic Cash System
Bitcoin A Peer-to-Peer Electronic Cash SystemBitcoin A Peer-to-Peer Electronic Cash System
Bitcoin A Peer-to-Peer Electronic Cash SystemFlavio Vit
 
Global Future of Blockchain
Global Future of Blockchain Global Future of Blockchain
Global Future of Blockchain Melanie Swan
 
Bitcoin Final Year Seminar Report
Bitcoin Final Year Seminar ReportBitcoin Final Year Seminar Report
Bitcoin Final Year Seminar ReportShantanu Singh
 
Bitcoin Explained
Bitcoin ExplainedBitcoin Explained
Bitcoin ExplainedAlex Sousa
 
Seminar Report On Bitcoin
Seminar Report On BitcoinSeminar Report On Bitcoin
Seminar Report On BitcoinTouroxy
 
Bitcoin
BitcoinBitcoin
BitcoinFayoke banjo
 
Bitcoin
BitcoinBitcoin
BitcoinJoel John
 
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Edureka!
 
Blockchain: The Information Technology of the Future
Blockchain: The Information Technology of the FutureBlockchain: The Information Technology of the Future
Blockchain: The Information Technology of the FutureMelanie Swan
 
What is Block chain
What is Block chain What is Block chain
What is Block chain Aman Vats PMP®
 
What is Cryptocurrency
What is Cryptocurrency What is Cryptocurrency
What is Cryptocurrency James Travis
 
Tugas arsitektur dan organisasi komputer
Tugas arsitektur dan organisasi komputerTugas arsitektur dan organisasi komputer
Tugas arsitektur dan organisasi komputerMuhammad Najamuddin Jeneponto
 
Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Amir Rafati
 
Cryptocurrency seminar topic presentation using MSWord.
Cryptocurrency seminar topic presentation using MSWord.Cryptocurrency seminar topic presentation using MSWord.
Cryptocurrency seminar topic presentation using MSWord.Mohd Faiz
 
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Svetlin Nakov
 
Blockchain, cryptography, and consensus
Blockchain, cryptography, and consensusBlockchain, cryptography, and consensus
Blockchain, cryptography, and consensusITU
 
Introduction Bitcoin
Introduction BitcoinIntroduction Bitcoin
Introduction BitcoinChitpong Wuttanan
 
Blockchain Presentation
Blockchain PresentationBlockchain Presentation
Blockchain PresentationZied GUESMI
 
Blockchain Consensus Protocols
Blockchain Consensus ProtocolsBlockchain Consensus Protocols
Blockchain Consensus ProtocolsMelanie Swan
 
what is bitcoin, its history and detail
what is bitcoin, its history and detailwhat is bitcoin, its history and detail
what is bitcoin, its history and detailSelf-employed
 
Bitcoin: The Internet of Money
Bitcoin: The Internet of MoneyBitcoin: The Internet of Money
Bitcoin: The Internet of Moneywinklevosscap
 
Block chain 101 what it is, why it matters
Block chain 101 what it is, why it mattersBlock chain 101 what it is, why it matters
Block chain 101 what it is, why it mattersPaul Brody
 
Blockchain Payment Systems
Blockchain Payment SystemsBlockchain Payment Systems
Blockchain Payment SystemsMelanie Swan
 
Brand New Web3 Wallet
Brand New Web3 WalletBrand New Web3 Wallet
Brand New Web3 Walletssuser7259e6
 
Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...
Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...
Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...Stéphane Traumat
 
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart HomeBlockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart HomeKishor Datta Gupta
 
Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)Dan Kaminsky
 
Bitcoin story of programable currency
Bitcoin story of programable currencyBitcoin story of programable currency
Bitcoin story of programable currencyHossam Soffar
 

Weitere ähnliche Inhalte

Was ist angesagt?

Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Edureka!
 
Blockchain: The Information Technology of the Future
Blockchain: The Information Technology of the FutureBlockchain: The Information Technology of the Future
Blockchain: The Information Technology of the FutureMelanie Swan
 
What is Cryptocurrency
What is Cryptocurrency What is Cryptocurrency
What is Cryptocurrency James Travis
 
Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Amir Rafati
 
Cryptocurrency seminar topic presentation using MSWord.
Cryptocurrency seminar topic presentation using MSWord.Cryptocurrency seminar topic presentation using MSWord.
Cryptocurrency seminar topic presentation using MSWord.Mohd Faiz
 
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Svetlin Nakov
 
Blockchain, cryptography, and consensus
Blockchain, cryptography, and consensusBlockchain, cryptography, and consensus
Blockchain, cryptography, and consensusITU
 
Blockchain Presentation
Blockchain PresentationBlockchain Presentation
Blockchain PresentationZied GUESMI
 
Blockchain Consensus Protocols
Blockchain Consensus ProtocolsBlockchain Consensus Protocols
Blockchain Consensus ProtocolsMelanie Swan
 
what is bitcoin, its history and detail
what is bitcoin, its history and detailwhat is bitcoin, its history and detail
what is bitcoin, its history and detailSelf-employed
 
Bitcoin: The Internet of Money
Bitcoin: The Internet of MoneyBitcoin: The Internet of Money
Bitcoin: The Internet of Moneywinklevosscap
 
Block chain 101 what it is, why it matters
Block chain 101 what it is, why it mattersBlock chain 101 what it is, why it matters
Block chain 101 what it is, why it mattersPaul Brody
 
Blockchain Payment Systems
Blockchain Payment SystemsBlockchain Payment Systems
Blockchain Payment SystemsMelanie Swan
 
Brand New Web3 Wallet
Brand New Web3 WalletBrand New Web3 Wallet
Brand New Web3 Walletssuser7259e6
 
Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...
Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...
Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...Stéphane Traumat
 
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart HomeBlockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart HomeKishor Datta Gupta
 

Was ist angesagt? (20)

Bitcoin
BitcoinBitcoin
Bitcoin
 
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
 
Blockchain: The Information Technology of the Future
Blockchain: The Information Technology of the FutureBlockchain: The Information Technology of the Future
Blockchain: The Information Technology of the Future
 
What is Block chain
What is Block chain What is Block chain
What is Block chain
 
What is Cryptocurrency
What is Cryptocurrency What is Cryptocurrency
What is Cryptocurrency
 
Tugas arsitektur dan organisasi komputer
Tugas arsitektur dan organisasi komputerTugas arsitektur dan organisasi komputer
Tugas arsitektur dan organisasi komputer
 
Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)Blockchain and bitcoin fundamentals (usages and applications)
Blockchain and bitcoin fundamentals (usages and applications)
 
Cryptocurrency seminar topic presentation using MSWord.
Cryptocurrency seminar topic presentation using MSWord.Cryptocurrency seminar topic presentation using MSWord.
Cryptocurrency seminar topic presentation using MSWord.
 
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
 
Blockchain, cryptography, and consensus
Blockchain, cryptography, and consensusBlockchain, cryptography, and consensus
Blockchain, cryptography, and consensus
 
Introduction Bitcoin
Introduction BitcoinIntroduction Bitcoin
Introduction Bitcoin
 
Blockchain Presentation
Blockchain PresentationBlockchain Presentation
Blockchain Presentation
 
Blockchain Consensus Protocols
Blockchain Consensus ProtocolsBlockchain Consensus Protocols
Blockchain Consensus Protocols
 
what is bitcoin, its history and detail
what is bitcoin, its history and detailwhat is bitcoin, its history and detail
what is bitcoin, its history and detail
 
Bitcoin: The Internet of Money
Bitcoin: The Internet of MoneyBitcoin: The Internet of Money
Bitcoin: The Internet of Money
 
Block chain 101 what it is, why it matters
Block chain 101 what it is, why it mattersBlock chain 101 what it is, why it matters
Block chain 101 what it is, why it matters
 
Blockchain Payment Systems
Blockchain Payment SystemsBlockchain Payment Systems
Blockchain Payment Systems
 
Brand New Web3 Wallet
Brand New Web3 WalletBrand New Web3 Wallet
Brand New Web3 Wallet
 
Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...
Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...
Blockchain : qu'est ce que c'est, comment ça marche et quels usages dans l'av...
 
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart HomeBlockchain for IoT Security and Privacy: The Case Study of a Smart Home
Blockchain for IoT Security and Privacy: The Case Study of a Smart Home
 

Ähnlich wie Some Thoughts On Bitcoin

Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)Dan Kaminsky
 
Bitcoin story of programable currency
Bitcoin story of programable currencyBitcoin story of programable currency
Bitcoin story of programable currencyHossam Soffar
 
Bitcoin on Blockchain: Money 2.0
Bitcoin on Blockchain: Money 2.0Bitcoin on Blockchain: Money 2.0
Bitcoin on Blockchain: Money 2.0Salih Cenap Baydar
 
Bitcoin Breakthrough Training Guide.
Bitcoin Breakthrough Training Guide.Bitcoin Breakthrough Training Guide.
Bitcoin Breakthrough Training Guide.KepharsKunda
 
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...Bitcoin Wallet Canada
 
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad SarangNinad Sarang
 
What is the mechanism of Bitcoin?
What is the mechanism of Bitcoin? What is the mechanism of Bitcoin?
What is the mechanism of Bitcoin? Muhammad Mansha
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfTrading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfShreeharshaHegde7
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfTrading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfLeokas123
 
Bitcoin the_insider_guide_to_cryptocurrency_
Bitcoin the_insider_guide_to_cryptocurrency_Bitcoin the_insider_guide_to_cryptocurrency_
Bitcoin the_insider_guide_to_cryptocurrency_waseem nawaz
 
A beginners Guide to NFTs.pdf
A beginners Guide to NFTs.pdfA beginners Guide to NFTs.pdf
A beginners Guide to NFTs.pdfAkash Agrawal
 
Blockchain 101 - public, tokenized blockchains
Blockchain 101 - public, tokenized blockchainsBlockchain 101 - public, tokenized blockchains
Blockchain 101 - public, tokenized blockchainsBrett Colbert
 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the BankerBohdan Szymanik
 
Introduction to Bitcoin & Blockchain @ darefest16
Introduction to Bitcoin & Blockchain @ darefest16Introduction to Bitcoin & Blockchain @ darefest16
Introduction to Bitcoin & Blockchain @ darefest16Sam Wouters
 
BlockChain BreakDown
BlockChain BreakDownBlockChain BreakDown
BlockChain BreakDownChris Black
 
Bitcoin All The Way
Bitcoin All The WayBitcoin All The Way
Bitcoin All The WayAdmin SBS
 

Ähnlich wie Some Thoughts On Bitcoin (20)

Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)Black Ops of TCP/IP 2011 (Black Hat USA 2011)
Black Ops of TCP/IP 2011 (Black Hat USA 2011)
 
Bitcoin story of programable currency
Bitcoin story of programable currencyBitcoin story of programable currency
Bitcoin story of programable currency
 
Bitcoin on Blockchain: Money 2.0
Bitcoin on Blockchain: Money 2.0Bitcoin on Blockchain: Money 2.0
Bitcoin on Blockchain: Money 2.0
 
Bitcoin Breakthrough Training Guide.
Bitcoin Breakthrough Training Guide.Bitcoin Breakthrough Training Guide.
Bitcoin Breakthrough Training Guide.
 
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
Is It Safe To Invest In Bitcoin? Check Out How To Easily Buy Bitcoin In Canad...
 
Cryptocurrency
CryptocurrencyCryptocurrency
Cryptocurrency
 
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
 
Bitcoins introduction
Bitcoins introduction Bitcoins introduction
Bitcoins introduction
 
Bitcoin cash
Bitcoin cashBitcoin cash
Bitcoin cash
 
What is the mechanism of Bitcoin?
What is the mechanism of Bitcoin? What is the mechanism of Bitcoin?
What is the mechanism of Bitcoin?
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfTrading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
 
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdfTrading-CryptoCurrency-Advanced-Trading-Strategies.pdf
Trading-CryptoCurrency-Advanced-Trading-Strategies.pdf
 
Bitcoin the_insider_guide_to_cryptocurrency_
Bitcoin the_insider_guide_to_cryptocurrency_Bitcoin the_insider_guide_to_cryptocurrency_
Bitcoin the_insider_guide_to_cryptocurrency_
 
MythsandMisnomers
MythsandMisnomersMythsandMisnomers
MythsandMisnomers
 
A beginners Guide to NFTs.pdf
A beginners Guide to NFTs.pdfA beginners Guide to NFTs.pdf
A beginners Guide to NFTs.pdf
 
Blockchain 101 - public, tokenized blockchains
Blockchain 101 - public, tokenized blockchainsBlockchain 101 - public, tokenized blockchains
Blockchain 101 - public, tokenized blockchains
 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the Banker
 
Introduction to Bitcoin & Blockchain @ darefest16
Introduction to Bitcoin & Blockchain @ darefest16Introduction to Bitcoin & Blockchain @ darefest16
Introduction to Bitcoin & Blockchain @ darefest16
 
BlockChain BreakDown
BlockChain BreakDownBlockChain BreakDown
BlockChain BreakDown
 
Bitcoin All The Way
Bitcoin All The WayBitcoin All The Way
Bitcoin All The Way
 

Mehr von Dan Kaminsky

Bugs Aren't Random
Bugs Aren't RandomBugs Aren't Random
Bugs Aren't RandomDan Kaminsky
 
Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Dan Kaminsky
 
Move Fast and Fix Things
Move Fast and Fix ThingsMove Fast and Fix Things
Move Fast and Fix ThingsDan Kaminsky
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 
I Want These * Bugs Off My * Internet
I Want These * Bugs Off My * InternetI Want These * Bugs Off My * Internet
I Want These * Bugs Off My * InternetDan Kaminsky
 
Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Dan Kaminsky
 
Chicken Chicken Chicken Chicken
Chicken Chicken Chicken ChickenChicken Chicken Chicken Chicken
Chicken Chicken Chicken ChickenDan Kaminsky
 
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingShowing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingDan Kaminsky
 
Domain Key Infrastructure (From Black Hat USA)
Domain Key Infrastructure (From Black Hat USA)Domain Key Infrastructure (From Black Hat USA)
Domain Key Infrastructure (From Black Hat USA)Dan Kaminsky
 
232 md5-considered-harmful-slides
232 md5-considered-harmful-slides232 md5-considered-harmful-slides
232 md5-considered-harmful-slidesDan Kaminsky
 
Dmk sb2010 web_defense
Dmk sb2010 web_defenseDmk sb2010 web_defense
Dmk sb2010 web_defenseDan Kaminsky
 
Bh us-02-kaminsky-blackops
Bh us-02-kaminsky-blackopsBh us-02-kaminsky-blackops
Bh us-02-kaminsky-blackopsDan Kaminsky
 

Mehr von Dan Kaminsky (20)

Bugs Aren't Random
Bugs Aren't RandomBugs Aren't Random
Bugs Aren't Random
 
Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017
 
Move Fast and Fix Things
Move Fast and Fix ThingsMove Fast and Fix Things
Move Fast and Fix Things
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive Trickery
 
Chicken
ChickenChicken
Chicken
 
I Want These * Bugs Off My * Internet
I Want These * Bugs Off My * InternetI Want These * Bugs Off My * Internet
I Want These * Bugs Off My * Internet
 
Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)
 
Chicken Chicken Chicken Chicken
Chicken Chicken Chicken ChickenChicken Chicken Chicken Chicken
Chicken Chicken Chicken Chicken
 
Black ops 2012
Black ops 2012Black ops 2012
Black ops 2012
 
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingShowing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
 
Domain Key Infrastructure (From Black Hat USA)
Domain Key Infrastructure (From Black Hat USA)Domain Key Infrastructure (From Black Hat USA)
Domain Key Infrastructure (From Black Hat USA)
 
Interpolique
InterpoliqueInterpolique
Interpolique
 
232 md5-considered-harmful-slides
232 md5-considered-harmful-slides232 md5-considered-harmful-slides
232 md5-considered-harmful-slides
 
Confidence web
Confidence webConfidence web
Confidence web
 
Dmk sb2010 web_defense
Dmk sb2010 web_defenseDmk sb2010 web_defense
Dmk sb2010 web_defense
 
Interpolique
InterpoliqueInterpolique
Interpolique
 
Black opspki 2
Black opspki 2Black opspki 2
Black opspki 2
 
Bh us-02-kaminsky-blackops
Bh us-02-kaminsky-blackopsBh us-02-kaminsky-blackops
Bh us-02-kaminsky-blackops
 
Bh eu 05-kaminsky
Bh eu 05-kaminskyBh eu 05-kaminsky
Bh eu 05-kaminsky
 
Bh eu 05-kaminsky
Bh eu 05-kaminskyBh eu 05-kaminsky
Bh eu 05-kaminsky
 

Kürzlich hochgeladen

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 

Kürzlich hochgeladen (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 

Some Thoughts On Bitcoin

  • 1. Some Thoughts On Bitcoin Dan Kaminsky
  • 2. If You’re Smart Leave the room right now “Bitcoin turns nerd forums into libertarian forums” This is true Bitcoin is a particularly effective DoS against security professionals Why?
  • 3. Security Inversion Normal Code Looks like it might be OK up front Scratch the surface, it’s actually really bad BitCoin Looks really bad up front Scratch the surface, it’s actually surprisingly good We aren’t used to systems with these characteristics This code has the mark of having been audited by People Like Us And quants
  • 4. The basic summary BitCoin is absolutely not anonymous BitCoin clearly does not scale In the long term It does work for now though This isn’t 0day stuff, this is basically declared almost entirely up front
  • 5. What Is BitCoin A really strange use of cryptography “Strange” is not a sufficient, interesting, or even vaguely competent way to mark a system as insecure It’s a decent way to say “this is not the normal way things are put together” Two systems mated together A peer to peer network that does a best case effort to synchronize data (loose “transactions” and solved “blocks”) across as many nodes as possible A Chinese Lottery that canonicalizes subsets of synchronized data, using the difficulty of finding partial hash collisions
  • 6. The Basic Idea (In A Nutshell) 1) I’m hearing about all these transactions going on – Alice is paying Bob, Bob is paying Charlie, etc 2) I hash all the transactions I’ve heard about, with some random information, and the hash of the last time someone did that, until there’s a partial collision First n bits equals 0 N is automatically determined based on how hard it has to be for one block to be found about every 10 minutes This is a block 3) I send everyone my “block” – transactions plus hash of previous block plus random data. This gives me 50 bitcoins (for now). 4) I can now “sign over” those bitcoins, from my private key, to other people’s (or my) public key. 5) Repeat until there’s lots of people with lots of BitCoins Possibly purchased instead of “mined”
  • 7. Interesting Traits The basic concept is actually relatively solid Assuming partial collisions are predictably hard to find Assuming ECDSA works Basic Idea 1: Money can’t be created from nothing – hashing is needed Basic Idea 2: Transactions can’t be blocked or reversed by a central entity – “is none” It makes security engineers talk like monetary scientists That’s sort of OK, economists pretend to do that too… Seriously, that’s silly– lets just talk tech, OK?
  • 8. Epic Scalability Quote 1(https://en.bitcoin.it/wiki/Scalability) “The core BitCoin network can scale to very high transaction rates assuming a distributed version of the node software is built. This would not be very complicated.” Because there’s nothing easier to do, than make a system distributed This is totally not one of the Hard Problems Of Computer Science By “Distributed” they mean “Centralized” WhyBitCoin is uniquely hard to audit It claims the advantages of its present architecture, and its future architecture, while rebutting the disadvantages of one with the advantages of the other Instead of saying, “We don’t do that”, they say “Something else could do that”
  • 9. Scalability Costs: Network Bandwidth “Let's assume an average rate of 2000tps, so just VISA…. Shifting 60 gigabytes of data in, say, 60 seconds means an average rate of 1 gigabyte per second, or 8 gigabits per second.” :O
  • 10. Up and Down Going up “Let's take 4,000 tps as starting goal. Obviously if we want BitCoin to scale to all economic transactions worldwide, including cash, it'd be a lot higher than that, perhaps more in the region of a few hundred thousand transactions/sec.”  And the need to be able to withstand DoS attacks (which VISA does not have to deal with) implies we would want to scale far beyond the standard peak rates. TB/sec Going down Even at 1/100th of VISA, that’s still 10MB/sec
  • 11. Are There Future Optimizations? “Because nodes are very likely to have already seen a transaction when it was first broadcast, this means the size of a block to download would be trivial (80 bytes + 32 bytes per transaction). If a node didn't see a transaction broadcast, it can ask the connected node to provide it.” Potential 50% savings! Could go from 1GB to 500MB/sec
  • 12. What About Storage? In order to validate a transaction, you need all blocks up to the present one Joining BitCoin today == downloading 200+MB history all the way to the start of time That only increases “ A 3 terabyte hard disk costs less than $200 today and will be cheaper still in future, so you'd need one such disk for every 21 days of operation (at 1gb per block).” So you get to participate directly in BitCoin, at the low low cost of $200 a month Assuming zero costs of running a storage array
  • 13. CPU?  ”A network node capable of keeping up with VISA would need roughly 50 cores + whatever is used for mining (done by separate machines/GPUs).” In the long run, that’s what it takes to participate (assuming no DoS, which would take 5000 cores) (You actually need to validate all historical transactions too)
  • 14. OK, so you end up with supernodes and normal nodes What are the characteristics of supernodes? They’re banks “Welcome to the new boss, who looks suspiciously like the old boss” I’m not saying banks are bad or anything The “peer to peer” model of BitCoin eventually goes away; as soon as the thing gets big, the entire thing switches to a banking model
  • 15. Reality of Banking As the network gets bigger, fewer and fewer nodes can be banks Only so many parties can exchange a gigabyte a second. The 50% threshold is inevitable BitCoin banks still can’t gin up money BitCoin banks can’t forcibly take money Unless they hold the private keys for the user, which they might BitCoin banks can refuse to accept blocks with “undesirable” transactions Don’t need 50% -- just need enough to inconvenience 50% to accept your opinion Can block undesirable transactions Can recompute blocks w/o certain transactions (reversal) This offers a host of ugly semantics
  • 16. Already Suffering This BitCoin’s security model is base on the idea that nobody can control more than 50% of the network Exact PetaFlop count unclear, but >40 and <200 Weird metric, given that crypto uses integer operations when FLOPS are floating point Several times more than largest supercomputer Pools are breaking this #1 pool has 41% #2 pool has 30% “Security through ostracism” to Pitchfork Security DDoS against #1 pool
  • 17. Bad Choice Of Hash Standard Existing model can be accelerated massively with GPUs Just 2x SHA-256 Could have been bcrypt or the like, in which performance does not scale with pure processing speed Basically adds memory and serialization dependencies Wasn’t implemented, so now we have shortages of GPUs…
  • 18. What About Anonymity? The full worldwide transaction history is stored and shared, forever and ever Everyone has names like: 1MQbbWUi2scKdZ4KtMMSUSvVmxi6XtEeaC How do you know who you’re paying? You don’t Everyone is encouraged to make up new names for every transaction Actually how you can tell why someone is paying you Out of band, you tell someone “to pay me, pay this address” When that address is paid, you can dereference to your own private transaction Do lots of random names equal anonymity?
  • 19. Names Are Linkable (see blockexplorer.com) All FROM sources are effectively the same person (or linked IDs) Almost all TO destinations are payee and payor
  • 20. Reality of Anonymity As BitCoin “fights fragmentation”, it merges identities As it merges identities, it…well, merges identities There are other models of using BitCoin in which money goes in, stays, and then presumably goes back out Again, it’s amazing how much this looks like a bank. Not saying banks are bad, just don’t tell me BitCoin doesn’t morph into the banking system
  • 21. So, with this all being said BitCoin is working, today That counts for a lot It will not work this way forever It will not have today’s security properties forever If you define the loss of today’s properties a serious loss of value, then there are Ponzi-ish characteristics in plain view I’m not going to make that claim, however
  • 22. Conclusion This was just a quick summary BitCoin is actually well designed, if you accept that anonymity and scaling forces the entire present model to be shifted into something that effectively looks like banking I’ll talk about more another time