Scribd
Upload
241 views36 pages

Cryptocurrency

This document provides an introduction to a course on smart contract security. The goals of the course are to gain hands-on experience with cryptocurrencies, blockchains, and cryptography; learn a new programming language for smart contracts; and be exposed to computer security concepts. It discusses why computer security is important given issues like data breaches. It then provides an overview of blockchains and cryptocurrencies like Bitcoin, discussing their technical underpinnings using public/private keys and how they work as a distributed system. Examples of smart contracts and applications beyond currency are also briefly introduced.

Uploaded by

Mohammed Adas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
241 views36 pages

Cryptocurrency

This document provides an introduction to a course on smart contract security. The goals of the course are to gain hands-on experience with cryptocurrencies, blockchains, and cryptography; learn a new programming language for smart contracts; and be exposed to computer security concepts. It discusses why computer security is important given issues like data breaches. It then provides an overview of blockchains and cryptocurrencies like Bitcoin, discussing their technical underpinnings using public/private keys and how they work as a distributed system. Examples of smart contracts and applications beyond currency are also briefly introduced.

Uploaded by

Mohammed Adas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 36

ECE398SC Spring 2018

Smart Contract Security


Lecture 1: Welcome & Intro to Cryptocurrencies
Prof. Andrew Miller (ECE)
Goals of this course:
- Hands on experience in cryptocurrency, blockchains, cryptography

- Develop the skill of learning and applying a new programming


language, and especially smart contract programming

- Early exposure to concepts and techniques in computer security


Why computer security?
- Everything we already depend on is terrifyingly broken

Increasing harm of data breaches, advanced persistent attackers

Systems traditionally built with security as an afterthought

- The security mindset: You need to be able to think like an attacker

To analyze the security of a system

To build more secure systems

“How can I make this system break? What’s the worst I can do to it?”
Data Breaches

http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
Information sharing poses a dilemma...
We want:
Digitization, automation of business processes
More information sharing between businesses

We also want:
Confidentiality & security against hacks/breaches
The Times 03/Jan/2009 Chancellor on
brink of second bailout for banks.
Virtual currencies are implemented
on top of a shared database
Alice: $10
$20 -10
Bob: $30
$20 +10

Give $10 Bob, you’ve


to Bob received $10

Alice Bob

Desired security properties:


- Consistency
- Availability
- Application-defined access controls (for writes/updates)
- Privacy
~10,000 reachable nodes http://bitnodes.earn.com/
https://etherscan.io/
Bitcoin has a
$160 Billion market cap

Source: coinmarketcap 11
Cryptocurrency mining (we’ll talk about it later)

~$1M per day of newly minted bitcoins awarded to miners


Why study blockchains and computer security?
Optimistic: a chance to build security into new platforms from the start

Realistic: Security hazards in blockchains are so blatant and visible on the


surface, they make for good learning examples!

Cryptocurrencies are open systems, exciting platforms for experimenting

Cryptocurrencies encourage DIY security, “be your own bank”


Bitcoin Paper Wallet
Private Key

Public Key
Public key / private key in bitcoin

- If someone has your public key (i.e. “address”, they can


send you money.

- If you lose your private key (i.e., “wallet”), you can’t


spend your money.

- If a thief gets your private key, they can steal your


money.
Private Key
Public Key
Alice and Bob are only identified
by public keys

Transfer 10 Bitcoins from me to Bob.

1BTC

Bitcoin Network 3BTC

1BTC

Alice
5BTC
Signed with Alice’s private key

(Public Key Digital Signature)


Bitcoin is the first and largest of hundreds of cryptocurrencies

https://coinmarketcap.com
Cryptocurrency exchange markets

Beware the middleman: Empirical analysis of Bitcoin-exchange risk


Tyler Moore and Nicolas Christin, Financial Crypto 2013
There’s a Bitcoin ATM in Champaign!
https://imgur.com/a/DRhWL
ATMs
More generally: “programmable money”
Digital currency is just one application on top of
a blockchain
Decentralized Consensus
Money “Blockchain”
Users
Account Balances
Alice: ฿10
Bob: ฿15
Carol: ฿120

27
Smart Contracts: user-defined programs running on
top of a blockchain
Decentralized Consensus
Money “Blockchain”
Users
Contracts
Storage
Code
Data

28
Smart Contract Example (very high level)
If GOOG rises to $1,000 by
30 June 2015, assign 10
shares from Alice to Bob and
pay Alice $10,000

Other examples abound:


Auctions, elections, lotteries, escrow, ...
https://www.sec.gov/ICO

Please be #craeful!!!

Only interaction with


testnet is required

Source: Business insider


Ethereum’s timeline has been pocked by failures
caused by buggy and insecure smart contracts
Homework: Choose your starting character

get testnet Ether from the faucet

Send some tETH (any amount) to me:


0x1B326Ad348e19ecFd1406C43D3bF7a95547AC55c

Introduce yourself on Piazza and post your address


A blockchain is a Distributed Trusted Computer

Ordinary databases:
- distributed within one company
- distributed for performance
and availability

Blockchain databases:
- distributed across multiple
entities
- distributed for privacy and
security against attacks
Permissioned Blockchains Public Blockchains

Open for participation by


AKA “Consortium blockchain” anyone
Nodes are run by well-known,
mostly trusted entities
More Resources

https://www.coursera.org/course/bitcointech

http://soc1024.ece.illinois.edu/teaching/ece598am/fall2016/

You might also like