Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Introduction to Bitcoin and Blockchain Technology

Ferdinando M. Ametrano
February 22, 2019
3.3k

Introduction to Bitcoin and Blockchain Technology

Introductory lesson for the Bitcoin and Blockchain Technology course of Milano-Bicocca and Politecnico di Milano

www.ametrano.net/bbt/

2017 Video (in Italian) available at https://www.youtube.com/watch?v=Ef3d1N4Ogxw&list=PLrVvuryXHYTdzvtpzrj4wvYEhCwF6G82b&index=1

Ferdinando M. Ametrano

February 22, 2019
Tweet

Transcript

  1. Bitcoin and Blockchain Technology An Introduction v2019.04.03 Comments, corrections, and

    questions: https://drive.google.com/open?id=1FpudunEQrBY8WLTSLzwThOoFxMKGTCho © 2019 Digital Gold Institute
  2. Understanding Lags Well Behind the Hype “Understanding of the technology

    however lags well behind the hype, amongst practitioners, policy makers and industry commentators alike. ‘Blockchain’ technology seems to promise major change for capital markets and other financial services – some say it may ultimately prove to be as important an innovation as the internet itself – but few can say exactly how or why.” Michael Mainelli, Alistair Milne (2016) The Impact and Potential of Blockchain on the Securities Transaction Lifecycle http://ssrn.com/abstract=2777404 © 2019 Digital Gold Institute 2/127
  3. Bitcoin Is Hard to Understand At the crossroads of: ▪

    Cryptography ▪ Computer networking and distributed systems ▪ Game theory ▪ Monetary theory With relevant cultural and political implications Mainly not a technology, a cultural paradigm shift instead © 2019 Digital Gold Institute 3/127
  4. The Information Economy ▪ Data is transferred with zero marginal

    cost ▪ Why pay a fee to move bytes representing wealth? ▪ Why only 9-5, Monday-Friday, two days settlement? ▪ Who (and when) will gift humanity with a global instantaneous free p2p payment network? BANK © 2019 Digital Gold Institute 4/127
  5. Reliable Internet eCash Will Be Developed “The one thing that's

    missing, but that'll soon be developed, is a reliable eCash, a method whereby on the internet you can transfer funds from A to B, without A knowing B or B knowing A, the way I can take a 20 Dollar bill and hand it over to you” Milton Friedman, 1999 https://www.youtube.com/watch?v=ZoaXLzFhWIw © 2019 Digital Gold Institute 5/127
  6. Table of Contents 1. Internet Money 2. Bitcoin Transactions 3.

    About Money 4. Private Money and the Centralization Dilemma 5. The Double Spending Problem 6. Bitcoin as Digital Gold 7. Bitcoin as Investment Asset 8. Blockchain Without Bitcoin 9. Blockchain Beyond Bitcoin: Timestamping and Anchoring © 2019 Digital Gold Institute 6/127
  7. ▪ Decentralized digital currency ▪ Not backed by any government

    or organization ▪ No need for trusted third party ▪ Instantaneous peer-to-peer transactions ▪ Cryptographic security ▪ Synergic economic incentives ▪ Efficient low-cost banking for everybody everywhere https://bitcoin.org/en/faq http://www.coindesk.com/information/ © 2019 Digital Gold Institute 7/127
  8. The Bitcoin Announcement From: Satoshi Nakamoto <satoshi <at> vistomail.com> Subject:

    Bitcoin P2P e-cash paper Newsgroups: gmane.comp.encryption.general (The Cryptography Mailing List) Date: 2008-10-31 18:10:00 GMT I've been working on a new electronic cash system that's fully peer-to-peer, with no trusted third party. The paper is available at: http://www.bitcoin.org/bitcoin.pdf The main properties: Double-spending is prevented with a peer-to-peer network. No mint or other trusted parties. Participants can be anonymous. New coins are made from Hashcash style proof-of-work. The proof-of-work for new coin generation also powers the network to prevent double-spending. Bitcoin: A Peer-to-Peer Electronic Cash System Abstract. A purely peer-to-peer version of electronic cash […] http://article.gmane.org/gmane.comp.encryption.general/12588/ © 2019 Digital Gold Institute 9/127
  9. Satoshi Nakamoto ▪ Worked on Bitcoin since 2007 ▪ Published

    the paper in 2008 ▪ Released the code in January 2009 ▪ Stopped involvement mid-2010 ▪ Unknown identity: pseudonymous person or group? ▪ He owns about 1M bitcoins, never spent http://mag.newsweek.com/2014/03/14/bitcoin-satoshi-nakamoto.html https://www.wired.com/2016/05/craig-wright-privately-proved-hes-bitcoins-creator/ http://www.bbc.com/news/technology-36168863 © 2019 Digital Gold Institute 10/127
  10. Nakamoto Timeline ▪ 2008-08-18 bitcoin.org registered ▪ 2008-10-31 Bitcoin design

    paper published http://article.gmane.org/gmane.comp.encryption.general/12588/ ▪ 2008-11-09 Bitcoin project registered at SourceForge.net ▪ 2009-01-03 Genesis block established at 18:15:05 GMT https://blockchain.info/block/000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f ▪ 2009-01-09 Bitcoin v0.1 released and announced on the cryptography mailing list http://www.mail-archive.com/[email protected]/msg10142.html ▪ 2009-01-12 First bitcoin transaction, in block 170, from Satoshi to Hal Finney https://blockchain.info/block/00000000d1145790a8694403d4063f323d499e655c83426834d4ce2f8dd4a2ee © 2019 Digital Gold Institute 11/127
  11. Nakamoto's Political Motivations ▪ "Yes, [we will not find a

    solution to political problems in cryptography,] but we can win a major battle in the arms race and gain a new territory of freedom for several years. Governments are good at cutting off the heads of a centrally controlled networks like Napster, but pure P2P networks like Gnutella and Tor seem to be holding their own." ▪ "[Bitcoin is] very attractive to the libertarian viewpoint if we can explain it properly. I'm better with code than with words though." ▪ In the Bitcoin's transaction database, the first entry has a note by Nakamoto: "The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" © 2019 Digital Gold Institute 12/127
  12. Source Code License Bitcoin was released under the MIT license,

    so it is: ▪ open source; cryptographic software’s source code must be available to allows public inspection (absence of backdoor and security vulnerabilities) ▪ free software; the user the right to use, copy, modify, and redistribute the software Instead, proprietary software is almost always close source and it only grants the right to use © 2019 Digital Gold Institute 13/127
  13. ▪ Decentralized: no central authority, no intermediaries ▪ Permissionless: no

    regulator ▪ Censorship resistant: no frozen funds ▪ Open-access: no discrimination, no amount limits, 24/7/365 ▪ Free: negligible transaction costs ▪ Borderless: no geographic limits ▪ Transnational: no specific jurisdiction applies ▪ Secure: non-falsifiable, non-repudiable transactions ▪ Resilient: nothing has been able to stop it or break it © 2019 Digital Gold Institute 14/127
  14. December 2013: China Crackdown ▪ People’s Bank of China crackdown:

    − prohibits financial institutions from trading, underwriting, or offering insurance in bitcoins or any other digital currency − bitcoin is not to be considered a currency − owning bitcoins is not outlawed or prohibited ▪ As of December 2013 China was world's largest Bitcoin market ▪ In January 2014 Alibaba, China's top Internet retailer, banned bitcoin on its platform https://www.reuters.com/article/us-china-bitcoin/alibaba-division-bans-bitcoin-after-china-crackdown-as-ipo-looms-idUSBREA070F620140108 © 2019 Digital Gold Institute 15/127
  15. February 2014: Mt Gox Bankruptcy ▪ As of January 2014

    Mt Gox (Magic The Gathering Online eXchange) was world's largest Bitcoin exchange ▪ In February 2014 it filed for bankruptcy protection from creditors ▪ About 850,000 bitcoins belonging to customers and the company were missing and likely stolen, an amount valued at more than $450 million at the time ▪ Fraud or theft? © 2019 Digital Gold Institute 16/127
  16. Silk Road ▪ Online market, operated as a Tor hidden

    service ▪ Online users were able to buy illicit goodies using bitcoins, while browsing it anonymously and securely without potential traffic monitoring ▪ Launched in Feb 2011, shut down in Oct 2013 ▪ Ross William Ulbricht, alleged to be the owner of Silk Road has been sentenced to life in prison ▪ Other black markets have filled in as successors © 2019 Digital Gold Institute 17/127
  17. Bitcoin Used by Terrorists Europol, January 2016: “Despite third party

    reporting suggesting the use of anonymous currencies like Bitcoin by terrorists to finance their activities, this has not been confirmed by law enforcement” https://www.europol.europa.eu/sites/default/files/publications/changes_in_modus_operandi_of_is_in_terrorist_attacks.pdf © 2019 Digital Gold Institute 18/127
  18. Money Laundering and Terrorism Financing https://www.gov.uk/government/publications/uk-national-risk-assessment-of-money-laundering-and-terrorist-financing https://www.gov.uk/government/publications/national-risk-assessment-of-money-laundering-and-terrorist-financing-2017 UK HM Treasury,

    October 2015: “The money laundering risk associated with digital currencies is low, though if the use of digital currencies was to become more prevalent in the UK this risk could rise” UK HM Treasury, October 2017: “There remains little evidence of digital currencies being used as an established tool for money laundering, and the money laundering risk is therefore still assessed to be low. […] While digital currencies could in theory be used to facilitate and finance terrorist activity, the lack of evidence of this occurring and the greater attractiveness of other methods mean that digital currencies continue to be assessed as low risk for terrorist financing” © 2019 Digital Gold Institute 19/127
  19. Ransomware ▪ A malware propagated via infected email attachments and

    botnets ▪ When activated, it encrypts files stored on local and mounted network drives ▪ Then it displays a message which offers to decrypt the data if a bitcoin payment is made © 2019 Digital Gold Institute 20/127
  20. Bitcoin Resilience Is there anything else in financial world: ▪

    Just 10 years old ▪ Without government or corporation backing ▪ That can lose its main (China) market ▪ Fraud/theft at its main reference exchange (Mt Gox) ▪ With such a bad reputation (Silk Road, Money Laundering, Terrorism, Ransomware) That could be still alive and kicking? © 2019 Digital Gold Institute 22/127
  21. Table of Contents 1. Internet Money 2. Bitcoin Transactions 3.

    About Money 4. Private Money and the Centralization Dilemma 5. The Double Spending Problem 6. Bitcoin as Digital Gold 7. Bitcoin as Investment Asset 8. Blockchain Without Bitcoin 9. Blockchain Beyond Bitcoin: Timestamping and Anchoring © 2019 Digital Gold Institute 23/127
  22. Bitcoin: A Protocol and a Currency ▪ Bitcoin: protocol, software,

    and community ▪ bitcoins: units of the currency bitcoins are sent using the Bitcoin protocol ▪ bitcoins are the native digital asset intrinsic to the Bitcoin protocol © 2019 Digital Gold Institute 24/127
  23. Bitcoin: The Protocol ▪ Distributed public ledger of transactions ▪

    Shared with peer-to-peer technology ▪ Massively duplicated across network nodes ▪ Allowing ownership transfer of a native digital scriptural asset ▪ Whose native “digital token” can be exchanged, but not duplicated ▪ Keeps records of every transaction forever © 2019 Digital Gold Institute 25/127
  24. Bitcoins: The Currency ▪ Only exist as public ledger documented

    transactions ▪ Are associated to public address(es) like 1FEz167JCVgBvhJBahpzmrsTNewhiwgWVG ▪ the bitcoin distributed public ledger certifies for everybody how many bitcoins are associated to any address https://blockstream.info/address/1FEz167JCVgBvhJBahpzmrsTNewhiwgWVG It is mine; you are REALLY encouraged to tip © 2019 Digital Gold Institute 26/127
  25. Pseudonymity, Anonymity Bitcoin is pseudonymous, not anonymous: ▪ The bitcoin

    address does not provide direct information about the actual bitcoin owner ▪ All transactions are transparent to everybody’s inspection. ▪ Perfect persistent public account history: the public ledger is forever https://blockstream.info https://blockchain.info/ http://blockexplorer.com/ © 2019 Digital Gold Institute 27/127
  26. Asymmetric Cryptography: Public/Private Key Pair Two mathematically linked keys perform

    opposite digital signature functions: ▪ The private (secret) key used to generate the signature ▪ The public key used by anyone to verify the signature ▪ The public key derives from the private key, but the private key cannot be derived from the public one © 2019 Digital Gold Institute 28/127
  27. Asymmetric Cryptography: Public/Private Key Pair ▪ A bitcoin address is

    derived from a public key, but the public key cannot be derived from the address ▪ Private key → public key → bitcoin address ▪ The private key allows spending from the corresponding address https://www.bitaddress.org © 2019 Digital Gold Institute 29/127
  28. A Bitcoin Transaction: From Alice’s Address to Bob’s Address ▪

    Transaction: amount + Bob’s address (+ Alice’s public key) ▪ Alice’s private key digitally signs the transaction ▪ The transaction is broadcasted to the network ▪ With Alice’s public key any network node can verify that: − The amount is at Alice’s address disposal − The digital signature is valid, i.e. the transaction message has not been tampered or modified and it is signed by the private key associated to Alice’s address ▪ The transaction is then published to the public ledger ▪ Everybody knows Bob’s address has received the amount © 2019 Digital Gold Institute 30/127
  29. Transactions Cannot Be Altered, They Could Be Censored ▪ Transactions

    cannot be altered ▪ Bitcoins cannot be redirected ▪ Transactions could only be censored, as if they never happened © 2019 Digital Gold Institute 31/127
  30. Bitcoin Safe Custody ▪ Bitcoins are effectively owned by whoever

    can spend them ▪ Securing private keys is crucial for safe storage ▪ Software (and hardware) wallets can be used to manage keys and addresses: − Desktop client: Bitcoin Core, Electrum − Mobile client: Samurai Wallet (Android), GreenBits (iOS / Android), BreadWallet (iOS), Bitcoin Wallet (Android), Copay (iOS / Android) − Hardware wallet: Trezor, Ledger − Cold storage: never exposed to Internet, stored away © 2019 Digital Gold Institute 32/127
  31. Table of Contents 1. Internet Money 2. Bitcoin Transactions 3.

    About Money 4. Private Money and the Centralization Dilemma 5. The Double Spending Problem 6. Bitcoin as Digital Gold 7. Bitcoin as Investment Asset 8. Blockchain Without Bitcoin 9. Blockchain Beyond Bitcoin: Timestamping and Anchoring © 2019 Digital Gold Institute 33/127
  32. Money As A Social Relation Instrument ▪ Human beings are

    born into a gift economy ▪ Enlarged relationship circle requires exchange economy ▪ Barter economy: coincidence of wants ▪ Trade economy: money as medium of exchange ▪ Global information economy: supranational digital money © 2019 Digital Gold Institute 34/127
  33. Trade Economy: From Gold Standard to Fiat Money ▪ Gold:

    the commodity money standard − scarce − pleasant color, i.e. resistant to corrosion and oxidation − high malleability − relative easiness of its purity assessment ▪ Gold purity certification ▪ Representative money ▪ Fractional receipt money ▪ Fiat money and legal tender © 2019 Digital Gold Institute 35/127
  34. Take Money out of the Hands of Government “I don't

    believe we shall ever have a good money again before we take the thing out of the hands of government, that is, we can't take them violently out of the hands of government, all we can do is by some sly roundabout way introduce something that they can't stop.” F. A. Hayek https://youtu.be/EYhEDxFwFRU?t=19m23s © 2019 Digital Gold Institute 37/127
  35. USD has lost 96% of its Purchasing Power since Federal

    Reserve establishment in 1913 $0.00 $0.10 $0.20 $0.30 $0.40 $0.50 $0.60 $0.70 $0.80 $0.90 $1.00 US Dollar Purchasing Power © 2019 Digital Gold Institute 39/127
  36. Friedrich August von Hayek “Denationalisation of Money” ▪ history of

    coinage is an almost uninterrupted story of debasements; history is largely a history of inflation engineered by governments for their gain ▪ why government monopoly of the provision of money is regarded as indispensable? It deprived public of the opportunity to discover and use a better reliable money “Blessed will be the day when it will no longer be from the benevolence of the government that we expect good money but from the regard of the banks for their own interest” A Free-Market Monetary System, Gold and Monetary Conference, New Orleans, Nov. 1977, https://mises.org/daily/3204 Denationalisation of Money, The Institute of Economic Affairs, http://www.mises.org/books/denationalisation.pdf © 2019 Digital Gold Institute 40/127
  37. Table of Contents 1. Internet Money 2. Bitcoin Transactions 3.

    About Money 4. Private Money and the Centralization Dilemma 5. The Double Spending Problem 6. Bitcoin as Digital Gold 7. Bitcoin as Investment Asset 8. Blockchain Without Bitcoin 9. Blockchain Beyond Bitcoin: Timestamping and Anchoring © 2019 Digital Gold Institute 41/127
  38. Permissionless Innovation: Gentle, Fast, and Effective Permissionless innovation: no centralized

    security mechanism, no barrier to enter, no editorial control − Email has not been designed by a consortium of postal agencies − Internet has not been developed by a consortium of telcos Will a new money and its decentralized transactional network be designed by a consortium of banks? © 2019 Digital Gold Institute 42/127
  39. Private Monies ▪ A widely accepted medium of exchange or

    payment − issued by a non-governmental body − without legal privileges ▪ Private monies do not have to be generally acceptable; they must be accepted in a given economic community ▪ Public demand for private currencies: − hold them in the expectation that they will not diminish in purchasing power as state money has − wish to be part of a movement against increasing state control of economic and personal behavior − conduct illegal activity − just want better money © 2019 Digital Gold Institute 43/127
  40. A Cypherpunk’s Manifesto “Privacy in an open society also requires

    cryptography […] We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy out of their beneficence. […] We must defend our own privacy if we expect to have any. […] We are defending our privacy with cryptography, […] with digital signatures, and with electronic money” Eric Hughes, A Cypherpunk's Manifesto https://www.activism.net/cypherpunk/manifesto.html Cryptography is the slingshot that David, the little man, can use to kill Goliath, the dystopian Big Brother © 2019 Digital Gold Institute 44/127
  41. Bitcoin Precursors ▪ Ecash, David Chaum, 1982 (blind signature) ▪

    Hashcash, Adam Back, 1997 (Proof-of-Work) ▪ B-money, Wei Dau, 1998 (distributed database) ▪ Bit gold, Nick Szabo, 1998 (distributed database, sequential money creation) ▪ Anonymous Electronic Cash, Tomas Sander and Amnon Ta- Shma, 1999 (anonymity) ▪ Reusable Proof-of-Work, Hal Finney, 2004 © 2019 Digital Gold Institute 45/127
  42. Liberty Dollar: 1998-2009 ▪ Private mint that issued gold and

    silver coins; also issued notes redeemable in precious metals ▪ Periodically revalued against USD: the value of the latter fell over time against precious metals ▪ Specifically designed to function in parallel with and in competition to USD ▪ Never marketed or represented as official US currency ▪ Highly successful: second most popular currency in the US ▪ Its use declared a federal crime by the US government ▪ Its founders convicted for counterfeiting, fraud and conspiracy against the United States © 2019 Digital Gold Institute 46/127
  43. E-gold: 1996-2007 ▪ Digital payment system with gold as unit

    of account ▪ User accounts backed by gold reserves ▪ By 2005, e-gold was second only to PayPal in the online payments industry: 1.2M accounts and $1.5B transactions ▪ Indicted in April 2007 by US law enforcement services ▪ Charges: unlicensed money-transmitting entity and a means of moving the proceeds of illegal activities ▪ Never proven and even the judge expressed major doubts ▪ ‘Offshore’ payment system rather than a money transmitter or bank as defined under then-existing regulations, not least because gold was not legally ‘money’ © 2019 Digital Gold Institute 47/127
  44. The Centralization Dilemma ▪ To remove the weakness of a

    central point of failure, distributed technologies seemed promising (e.g. BitTorrent) ▪ Anyway, in digital cash schemes a single digital token, being just a file that can be duplicated, can be spent twice: a centralized trusted party is required to avoid double spending © 2019 Digital Gold Institute 48/127
  45. Table of Contents 1. Internet Money 2. Bitcoin Transactions 3.

    About Money 4. Private Money and the Centralization Dilemma 5. The Double Spending Problem 6. Bitcoin as Digital Gold 7. Bitcoin as Investment Asset 8. Blockchain Without Bitcoin 9. Blockchain Beyond Bitcoin: Timestamping and Anchoring © 2019 Digital Gold Institute 49/127
  46. Double Spending Problem ▪ To securely transfer value using digital

    means has been possible for decades ▪ In digital cash schemes, a single digital token, being just a file that can be duplicated, can be spent twice ▪ How can we forbid Alice from spending the same bitcoins a second time to Carol’s address? Which transaction should be valid: the one to Bob’s address or Carol’s address? ▪ A centralized trusted party has always been required to prevent double spending © 2019 Digital Gold Institute 50/127
  47. Bitcoin Network: A Distributed Back-office ▪ All network nodes validate

    and clear all transactions ▪ Mining nodes provide the additional computational power required for transaction settlement ▪ Without a central trusted party, how do they reach distributed consensus on the transaction history? ▪ Consensus in a distributed asynchronous network with faulty (or malicious) nodes is a very hard problem: Computer Science even provides impossibility results © 2019 Digital Gold Institute 51/127
  48. The Byzantine Generals' Problem ▪ Generals must decide unanimously whether

    to attack ▪ They can communicate using messengers, but cannot have a summit ▪ There are traitors amongst them ▪ Success (i.e. fault tolerance) is achieved if the loyal generals agree on their strategy, whatever it might be © 2019 Digital Gold Institute 52/127
  49. Bitcoin's Public Ledger: A Chain of Blocks ▪ Transactions are

    bundled in blocks (about one block every 10 minutes) and sequentially chained ▪ The cryptographic link between blocks requires computing power to be created ▪ A block is valid only if it includes valid transactions © 2019 Digital Gold Institute 53/127
  50. Mining ▪ Miners compete to finalize (settle) a new block

    of transactions ▪ The winner providing proof-of-work for the finalization of a new block is rewarded with the issuance of new bitcoins in a special coinbase transaction included in that same block ▪ Miners solve the double spending problem: − A double spending transaction would invalidate the block − an invalid block would be rejected from the network − the bitcoin reward would be removed from transaction history − the winning miner would have wasted his work © 2019 Digital Gold Institute 54/127
  51. Hash Function ▪ A function that maps input data of

    arbitrary length to a hash value, i.e. an output data of a fixed length − Non-invertible (one-way: input data can not be regenerated from the output hash value) − Collision-resistant: computationally unfeasible to find 2 inputs that produce the same output ▪ The resulting hash value is a reliably unique identifier for any input data: it can be considered its unique digital fingerprint ▪ The hash value does not reveal the input data ▪ Bitcoin uses the (Secure Hash Algorithm) SHA256 that generates a fixed size 256-bit (32-byte) output © 2019 Digital Gold Institute 55/127
  52. Hash Puzzle: Find a Result with Four Zeros ▪ SHA256(“Hello,

    world!”) = 315f5bdb76d078c43b8ac0064e4a0164612b1fce77c869345bfc94c75894edd3 ▪ SHA256(“Hello, world!0”) = 1312af178c253f84028d480a6adc1e25e81caa44c749ec81976192e2ec934c64 ▪ SHA256(“Hello, world!1”) = e9afc424b79e4f6ab42d99c81156d3a17228d6e1eef4139be78e948a9332a7d8 ▪ …… ▪ SHA256(“Hello, world!4249”) = c004190b822f1669cac8dc37e761cb73652e7832fb814565702245cf26ebb9e6 ▪ SHA256(“Hello, world!4250”) = 0000c3af42fc31103f1fdc0151fa747ff87349a4714df7cc52ea464e12dcd4e9 © 2019 Digital Gold Institute 56/127
  53. Proof-of-Work ▪ A new block is added with a mathematical

    proof-of-work based on SHA256 hashing. Find a nonce for a given block such that: ▪ SHA256(previous block hash, transactions, nonce) <= target ▪ The lower the target, the higher the difficulty ▪ The longer chain (more precisely, the one with more work) is the consensus chain © 2019 Digital Gold Institute 57/127
  54. Ledger Immutability ▪ Because of the proof-of-work, the chances of

    a block being altered decrease exponentially with the number of blocks chained after it ▪ The chain of blocks is a history of transactions resilient to network attackers because it cannot be altered without huge resources ▪ Computing power is measured in hash/s, hash being the basic operation needed for validation © 2019 Digital Gold Institute 58/127
  55. Nakamoto Distributed Consensus Practical Byzantine Fault Tolerant (PBFT) distributed consensus

    is achieved using (game theory) economic incentive for the mining nodes to be honest ▪ Double spending is solved without a central trusted party ▪ Bitcoin can resist attacks of malicious agents, as long as they do not control network majority ▪ Miners are compensated for their proof-of-work using seigniorage revenues, i.e. issuance of new bitcoins ▪ Seigniorage revenues subsidize the network © 2019 Digital Gold Institute 59/127
  56. Seigniorage Revenues Cover Consensus Cost ▪ Seigniorage revenues subsidize the

    network, making transactions cheap ▪ 144 block/day, 365 day/year, 12.5 BTC/block ▪ About $7 billions per year (as of November 2017, BTC=$10,000) © 2019 Digital Gold Institute 60/127
  57. http://bitcoin.sipa.be/speed-lin-ever.png Hash-rate (computational power) 100,000s times more powerful than the

    combined world top 500 supercomputers To manipulate blocks 51% of the hash-rate is required (actually 33%) Total Network Hashing Rate © 2019 Digital Gold Institute 61/127
  58. Mining Hardware Driven by the search of lower power consumption

    and higher hashing rate: ▪ CPUs (Computer Processing Unit) were used in 2009 ▪ GPUs (Graphical Processing Unit) proved to perform better in 2010 Moving later to special purpose energy-efficient hardware: ▪ FPGAs (Field Programmable Gate Array) were programmed for SHA256 hashing and surpassed GPU in 2011 ▪ ASICs (Application Specific Integrated Circuit), designed and manufactured for the specific purpose of SHA256 computations, were introduced in 2013 for Bitcoin and are now the standard © 2019 Digital Gold Institute 63/127
  59. Proof-of-Work ▪ Resources consumed as proof-of-work make bitcoin valuable ▪

    Miners are willing to destroy resources to acquire bitcoins: they are the first to recognize bitcoin value! © 2019 Digital Gold Institute 65/127
  60. Table of Contents 1. Internet Money 2. Bitcoin Transactions 3.

    About Money 4. Private Money and the Centralization Dilemma 5. The Double Spending Problem 6. Bitcoin as Digital Gold 7. Bitcoin as Investment Asset 8. Blockchain Without Bitcoin 9. Blockchain Beyond Bitcoin: Timestamping and Anchoring © 2019 Digital Gold Institute 66/127
  61. Validation Process: Block Generation The proof-of-work difficulty is adapted about

    every 2 weeks (2015 blocks) to the overall available computing power ensuring about one block every 10 minutes © 2019 Digital Gold Institute 67/127
  62. Bitcoin Monetary Rule ▪ 2009: 50BTC per block, every 10

    minutes − halving every 4Y ▪ This is the only way new bitcoins are released ▪ It is called mining because of its similarity with the progressive scarcity of gold extraction ▪ Supply is free of discretionary intervention © 2019 Digital Gold Institute 68/127
  63. Bitcoin Inelastic Supply: Deterministic Decreasing Rate 2029: 96.88% of all

    BTC issued 2141: last satoshi (0.00000001 BTC) will be issued © 2019 Digital Gold Institute 69/127
  64. What after 2141? ▪ We are all dead ;-) ▪

    Gradually switch over to a fee-based system: as block space is limited, market is already requiring a growing satoshi/byte fee for transactions to be included into a block. After all it is only natural that transacting on the most secure network in the world will command high fees ▪ Switch to a different paradigm? We have about 120 years to evaluate alternative solutions © 2019 Digital Gold Institute 70/127
  65. What Makes Bitcoin Special? ▪ Digital and scriptural: it only

    exists as validated transaction ▪ Asset, not liability ▪ Bearer instrument ▪ It can be transferred but not duplicated (i.e. it can be spent, but not double-spent) ▪ Scarce in digital realm, as nothing else before ▪ It mimics gold monetary policy of decreasing incremental extraction © 2019 Digital Gold Institute 71/127
  66. What Makes Bitcoin Special? Bitcoin is digital gold with a

    secure uncensorable embedded settlement network ▪ More a crypto-commodity then a crypto-currency ▪ This is the groundbreaking achievement by Satoshi Nakamoto, not blockchain “technology” © 2019 Digital Gold Institute 72/127
  67. Bitcoin Relevance If one thinks about the role of physical

    gold in the history of civilization, money, and finance the digital equivalent of gold could be disruptive in the current digital civilization and the future of money and finance Bitcoin can be the new global reserve asset It is disconcerting that people are still, continuously, underestimating bitcoin © 2019 Digital Gold Institute 73/127
  68. Explain Money to an Alien Traditional (fiat) money ▪ No

    intrinsic value (social contract) ▪ Currency security based on paper/ink ▪ Discretionary governance ▪ Wicksellian interest-rate approach ▪ Coerced upon everybody with legal tender bitcoin ▪ No intrinsic value (digital gold) ▪ Currency security based on math/cryptography ▪ Algorithmic governance ▪ Deterministic supply ▪ Available as free non- binding choice © 2019 Digital Gold Institute 74/127
  69. Different Opinions Alan Greenspan “It’s a bubble. It has to

    have intrinsic value: you have to really stretch your imagination to infer what the intrinsic value of Bitcoin is. I haven’t been able to do it. Maybe somebody else can. I do not understand where the backing of Bitcoin is coming from” Lloyd Blankfein “The list of things that are conventional today that I use every day that I thought would never make it is a very long list. If bitcoin works, I say to myself… 'Hmmm, maybe that was a natural progression from hard money to fiat money to consensus money.' So who's to say…” © 2019 Digital Gold Institute 75/127
  70. The Schelling Point of Consensus Money ▪ In game theory

    Schelling point is: “focal point[s] for each person’s expectation of what the other expects him to expect to be expected to do” ▪ E.g. two people unable to communicate are urged to select a square among a series of similar squares and rewarded only if they select the same one ▪ They will look for a choice that might seem more natural, special, or relevant: the red one Bitcoin is the Schelling point of consensus money! © 2019 Digital Gold Institute 76/127
  71. Bitcoin Transactions Are Not Taking Off ▪ There is evidence

    that bitcoin is not really used for transactions ▪ Max number of transactions per second − VISA: 60,000 tx/sec − Bitcoin: 7 tx/sec ▪ Bitcoin can only scale with second layer solutions, e.g. Lightning Network, Sidechain (Liquid) © 2019 Digital Gold Institute 77/127
  72. The Ultimate Fate of Bitcoin: To Serve as a Reserve

    Currency https://bitcointalk.org/index.php?topic=2500.msg34211#msg34211 Hal Finney (1956–2014) was a noted cryptographic activist. He was the second PGP Corporation developer hired after Phil Zimmermann. He created the first reusable proof-of-work. He was an early bitcoin user and received the first bitcoin transaction from bitcoin's creator Satoshi Nakamoto. © 2019 Digital Gold Institute 79/127
  73. Unit of Account: Money as Numeraire ▪ Money is the

    unit of account against which the value of every other good is measured ▪ The price system measures the value of goods relative to the value of money Good money should provide stable prices to best perform its role as unit of account © 2019 Digital Gold Institute 80/127
  74. Money Comparison Medium of Exchange Store of Stable Value Unit

    of Account Live cattle Diamonds Gold Fiat coins and notes Bitcoin • swappable • fungible • portable • divisible • recognizable • resistant to counterfeiting • reliably saved, stored, and retrieved • retain usefulness over time • Maintain its storage properties • non-perishable or with low preservation cost • relative worth unit of measure • stable value for stable price comparison • supply must be controlled in some way © 2019 Digital Gold Institute 81/127
  75. Bitcoin is Digital Gold, Not a Good Unit of Account

    ▪ no salaries, no mortgages, no stable purchasing power ▪ successful at getting rid of a centralized monetary authority, bitcoin has given up the flexibility of an elastic supply of money © 2019 Digital Gold Institute 82/127
  76. Bitcoin as (Digital) Gold in the History of (Crypto)Money gold

    ▪ Its adoption was not centrally planned ▪ For centuries it has been the most successful form of money ▪ It has bootstrapped all monetary systems we know of ▪ It has been surpassed by other kind of money without becoming obsolete bitcoin ▪ Its adoption has not been centrally planned ▪ It is the most successful form of cryptocurrency ▪ It is bootstrapping new monetary systems ▪ It might be surpassed by more advanced type of cryptocurrencies without becoming obsolete © 2019 Digital Gold Institute 83/127
  77. Bitcoin Is Not Loved… Gold Too! ▪ 1933 Gold Act

    "forbidding the hoarding of gold coin, gold bullion, and gold certificates within the continental United States". ▪ 1966 Greenspan: “This is the shabby secret of the welfare statists' tirades against gold. Deficit spending is simply a scheme for the confiscation of wealth. Gold stands in the way of this insidious process. It stands as a protector of property rights. If one grasps this, one has no difficulty in understanding the statists' antagonism toward the gold standard.” ▪ 1972 Nixon shock: unilateral cancellation of the convertibility of the United States dollar to gold. © 2019 Digital Gold Institute 84/127
  78. Hayek Money: A New Generation of Cryptocurrencies ▪ The cryptocurrency

    monetary standard of elastic non- discretionary supply ▪ Price stability paradigm with respect to a given reference basket ▪ Bitcoin can be used as reserve asset ▪ Concurrent cryptocurrencies competing in monetary policy definition and reference basket choices ▪ Private monies competing with legal tender monies: separation of Money and State? © 2019 Digital Gold Institute 85/127
  79. Table of Contents 1. Internet Money 2. Bitcoin Transactions 3.

    About Money 4. Private Money and the Centralization Dilemma 5. The Double Spending Problem 6. Bitcoin as Digital Gold 7. Bitcoin as Investment Asset 8. Blockchain Without Bitcoin 9. Blockchain Beyond Bitcoin: Timestamping and Anchoring © 2019 Digital Gold Institute 86/127
  80. BTC/USD Exchange Rate BTC Market Cap: about $60B (USD M0

    1959-2017 average has been 680) http://bitcoincharts.com/charts/bitstampUSD#tgWzm1g10zm2g25 Price dynamic is the discovery process of value: volatility is physiologic when it comes to assess the fair value of something so controversial as the digital equivalent of gold © 2019 Digital Gold Institute 87/127
  81. Comparison with Amazon The value of digital gold is as

    hard to grasp today as the value of e- commerce in the 90s. Bitcoin worst drawdown has been 93.07%; Amazon worst drawdown has been 94.40%% when the dot-com bubble burst © 2019 Digital Gold Institute 88/127
  82. 0.10 1.00 10.00 100.00 1,000.00 10,000.00 100,000.00 Bitcoin USD log

    prices Exponential Growth Exponential trendline with a 2 of 86.9% 89 Yearly lows 2012: $4 2013: $65 2014: $200 2015: $185 2016: $365 2017: $780 2018: $3,200 2019: $3,400
  83. High Return: the Compensation for High Risk Bitcoin risks are

    an order of magnitude greater than other asset classes © 2019 Digital Gold Institute 90/127
  84. High Return: the Compensation for High Risk Bitcoin has volatility

    and worst draw-down similar to VIX; anyway, VIX is anticorrelated with equities, Bitcoin is decorrelated © 2019 Digital Gold Institute 91/127
  85. A New Uncorrelated Asset Class Bitcoin provides a huge diversification

    to an investment portfolio © 2019 Digital Gold Institute 92/127
  86. Bitcoin: CAPM Diversification For conservative risk levels, optimal CAPM diversification

    suggests to invest in Bitcoin up to 5% of the portfolio Bitcoin increases expected return for a given level of risk, e.g. • at 4% volatility, return increases more than 140bps • at 10% return, volatility decreases from 8.60% to 2.90% © 2019 Digital Gold Institute 93/127
  87. Bitcoin Potential Upside ▪ Asset Under Management, Worldwide: $100T −

    If 2% is invested in BTC, price should be $100,000 ▪ Gold capitalization: $8T − if BTC reaches a similar level, its price should be $400,000 ▪ Metcalfe's law: the value of a network is proportional to the square of the number of users − Estimated BTC investors is about 50 millions; with a forecast to 350 millions price might increase x49 © 2019 Digital Gold Institute 94/127
  88. Alt(ernative) Coins Mostly frauds and pump&dump; the least despicable ones:

    ▪ Ethereum: basically a global computer with rich statefulness and global persistent memory. The coin is used as fuel for the computations. It provides uncensorable computation ▪ Monero, Grin, Zcash: more privacy than bitcoin ▪ Litecoin: basically a bitcoin testnet ▪ Ripple: the financial institution friendly cryptocurrency © 2019 Digital Gold Institute 95/127
  89. Initial Coin Offering ▪ App-coin, mostly released on Ethereum (ERC20

    Standard) ▪ Alternative investment approach, disintermediating Venture Capital ▪ Extremely promising and powerful, it has been so far mostly used for frauds ▪ Does the app-coin (token): − Have intrinsic scarcity? − Have any utility in the app? − Have any peculiarity making bitcoin or ether unfit for the task? ▪ If the company fails and the coin value goes to zero, does the entrepreneur suffer the same consequences? © 2019 Digital Gold Institute 97/127
  90. Bitcoin CME Futures Cash settled with reference price from these

    exchanges: Bitstamp, Kraken, itBit, Coinbase Pro © 2019 Digital Gold Institute 100/127
  91. Bakkt Futures ▪ Physically delivered daily futures contracts on Bitcoin

    traded in BTC/USD (almost a spot market) ▪ ICE Futures U.S., trades are cleared and guaranteed by ICE Clearing US, the central counterparty for all ICE cleared forex futures trades. ▪ Bitcoin are physically delivered in ICE’s regulated Digital Asset Warehouse © 2019 Digital Gold Institute 101/127
  92. Bitcoin Investing ▪ Bitcoins are easy to buy on exchanges,

    but to leave them there has proved to be unsafe (multiple hacks and incidents) ▪ If you do not own your bitcoins’ private key, then those bitcoins are not yours: they are owned by whoever can effectively spend them ▪ Bitcoin financial sovereignty: be your own bank! Unfortunately… ▪ Bitcoin safe storage is quite technical, for the time being mostly a geeky thing © 2019 Digital Gold Institute 102/127
  93. Bitcoin for Institutional Investors and HNWI ▪ Institutional investors: safe

    custody of digital assets is not their business and/or core competence ▪ High net worth individuals: their threat model (coercion, violence, ramson, etc.) suggests shielded possession ▪ The need for digital gold intermediaries and vaults is exploding: funds and custodians ▪ Professional intermediaries can be better equipped at efficient custodian selection © 2019 Digital Gold Institute 103/127
  94. Blockchain and Finance ▪ Finance does not need blockchain ▪

    The blockchain economy needs financial services ▪ Futures, Options, Custodian Services, ETF, etc. © 2019 Digital Gold Institute 104/127
  95. Disruptive Innovation ▪ Did not understand it: ▪ Have used

    it to build new business: ▪ The entertainment industry has wasted its resources fighting MP3 and illegal p2p sharing ▪ We now buy music and movies from iTunes, Google Play, and Amazon… NOT from Sony Universal © 2019 Digital Gold Institute 105/127
  96. Table of Contents 1. Internet Money 2. Bitcoin Transactions 3.

    About Money 4. Private Money and the Centralization Dilemma 5. The Double Spending Problem 6. Bitcoin as Digital Gold 7. Bitcoin as Investment Asset 8. Blockchain Without Bitcoin 9. Blockchain Beyond Bitcoin: Timestamping and Anchoring © 2019 Digital Gold Institute 106/127
  97. “Blockchain – not bitcoin – will prove revolutionary in banking”

    “When a wise man points at the moon the fool examines the finger.” (Confucius) “When a wise man points at the bitcoin the fool examines the blockchain.” (Ametrano) http://www.economist.com/news/leaders/21677198-technology-behind-bitcoin-could-transform-how-economy-works-trust-machine © 2019 Digital Gold Institute 107/127
  98. “Bitcoin in 2014 Is Like Internet in 1994: Weird and

    Scary” (Marc Andreessen) American entrepreneur, investor, and software engineer; coauthor of Mosaic, cofounder of Netscape https://twitter.com/pmarca/status/677658844504436737 © 2019 Digital Gold Institute 108/127
  99. The Walled Garden Model ▪ Controlled access to web contents

    and services ▪ Offered in the late ‘90s and early ‘00s by Compuserve, AOL (and to some extent MSN) ▪ Corporates wanted to go online, but not in the wild unregulated internet, populated by anonymous agents ▪ They eventually realized that perceived risks, which are real, are outweighed by benefits © 2019 Digital Gold Institute 109/127
  100. What is The Blockchain? [A hash pointer linked list of

    blocks] ▪ An append-only sequential data structure ▪ New blocks can only be appended at the end of the chain ▪ To change a block in the middle of the chain, all subsequent blocks need to be changed ▪ Very inefficient compared to a relational database © 2019 Digital Gold Institute 110/127
  101. Blockchain Without Bitcoin Blockchain without an intrinsic native digital asset

    Does it make sense? ▪ No bitcoin ▪ No asset available to reward miners ▪ Appointed validator officials required Central governance is required! Why should validators use a blockchain, i.e. a subpar data structure, instead of a database? © 2019 Digital Gold Institute 111/127
  102. Why is finance fascinated with blockchain? ▪ Blockchain transactions are

    immediately validated and cleared ▪ then settled shortly thereafter, ▪ automatically without a central authority ▪ In the financial world, only cash transactions are cleared and settled automatically without a central authority © 2019 Digital Gold Institute 113/127
  103. Consensus by reconciliation ▪ Financial transactions that take nanoseconds to

    execute, then clear and settle in days ▪ Not a technological problem ▪ Consensus by reconciliation of multiple independent ledgers: a checks and balances system that allows for prescriptions, corrections, and restrictions © 2019 Digital Gold Institute 114/127
  104. The Mirage of Low Operational Costs ▪ If one considers

    the seigniorage revenues invested, bitcoin blockchain transactions cost about 10USD each ▪ Cheaper forms of consensus have not been proven yet ▪ Even in the case of basic bilateral consensus through digital signatures (something hardly innovative or disruptive) the integration cost in the existing infrastructure is not going to be irrelevant © 2019 Digital Gold Institute 115/127
  105. Shared Ledger, Single Data Set ▪ Single data source, avoiding

    reconciliation ▪ Without a central governing node how to manage priorities between conflicting updates? Which consensus model? ▪ Bilateral consensus? Really?!?!? ▪ Central governance: back to DB admin ▪ What if the single authoritative data source is hacked? Which reference can be used to fix it? © 2019 Digital Gold Institute 116/127
  106. Cryptography, Not Blockchain ▪ In the nuclear explosion of bitcoin,

    applied cryptography is the radioactive fallout ▪ It can be used to harden existing business processes Databases on cryptographic steroids Evolutionary, non-disruptive, technology © 2019 Digital Gold Institute 117/127
  107. Table of Contents 1. Internet Money 2. Bitcoin Transactions 3.

    About Money 4. Private Money and the Centralization Dilemma 5. The Double Spending Problem 6. Bitcoin as Digital Gold 7. Bitcoin as Investment Asset 8. Blockchain Without Bitcoin 9. Blockchain Beyond Bitcoin: Timestamping and Anchoring © 2019 Digital Gold Institute 118/127
  108. Blockchain Beyond Bitcoin There is no blockchain without bitcoin There

    is blockchain beyond bitcoin Andreas Antonopoulos © 2019 Digital Gold Institute 119/127
  109. ▪ A timestamp proves that some data existed prior to

    some point in time, providing a relevant document with a certain sure date, e.g. postmark ▪ Law requires dates to be certified by public officials and notary services ▪ For digital documents, timestamping is based on digital signature by certification authority Timestamp © 2019 Digital Gold Institute 120/127
  110. Blockchain as Timestamping Certification Authority ▪ A generic data file

    can be hashed to produce a short unique identifier, equivalent to its digital fingerprint ▪ Such a fingerprint can be associated to a bitcoin transaction (irrelevant amount) and hence attested on the blockchain ▪ Blockchain immutability provides time-stamping, proving the data file existence at that moment in time in that specific status BTC Transaction t3 t4 Genesis block t0 t1 t2 Hash function Hash value 610b0a4b2769898674a2624e9330fbd60bbee200db2b57514be49d9a8b63dc25 Timestamped at t2 data file © 2019 Digital Gold Institute 121/127
  111. OpenTimestamps Standard ▪ Notarization has been standardized to allow for

    third party auditability ▪ Suitable for regulatory prescriptions ▪ A single blockchain transaction can timestamp an unlimited number of documents. Calendar services provide: − aggregation of documents (in a Merkle tree) − attestation (of their Merkle tree root) in a single blockchain transaction © 2019 Digital Gold Institute 122/127
  112. Anchoring: A New Security Paradigm ▪ Bitcoin blockchain network security

    is preserved by a computation power unparalleled in human history ▪ Other networks can tap into this security via anchoring (i.e. periodic time-stamping of their network status) ▪ Any “stateful system with global memory” can outsource its security to the bitcoin network, piggybacking its resilience ▪ Bitcoin seigniorage revenues might provide security for all transactional networks ▪ Miners as global outsourced decentralized security © 2019 Digital Gold Institute 123/127
  113. Digital Gold Jewelry What jewelry is for gold, notarization could

    be for bitcoin: not essential but effective at leveraging its beauty © 2019 Digital Gold Institute 124/127
  114. Bibliography ▪ Nick Szabo, Shelling Out: The Origins of Money

    (2002) https://nakamotoinstitute.org/shelling-out/ ▪ Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System (2008) https://bitcoin.org/bitcoin.pdf ▪ Hayek Money: the Cryptocurrency Price Stability Solution (2014), http://ssrn.com/abstract=2425270 ▪ Bitcoin, Blockchain and Distributed Ledger Technology: Hype or Reality? (2017) https://ssrn.com/abstract=2832249 ▪ Saifedean Ammous, The Bitcoin Standard: The Decentralized Alternative to Central Banking (2018) ▪ Bitcoin as Digital Gold (2018), United Nations Department of Economic and Social Affairs; video: https://goo.gl/NkEC9w; slides: https://goo.gl/szzBXh ▪ Blockchain Needs A Native Digital Asset, https://www.finextra.com/videoarticle/1241/blockchain-needs-a-native- digital-asset ▪ Comprehensive YouTube playlist: https://goo.gl/qDvKXi © 2019 Digital Gold Institute 125/127
  115. Bibliografia (ITA) ▪ Le Iene (Mediaset): video-intervista https://www.mediasetplay.mediaset.it/video/leiene/ferdinando- ametrano_FD00000000028448 ▪

    Il Foglio: Tenete il resto della rivoluzione Bitcoin https://www.ilfoglio.it/economia/2018/11/11/news/tenete-il-resto- della-rivoluzione-bitcoin-223164 ▪ IlSole24Ore 2017: Il Far West dell’oro digitale, http://bit.ly/2qjpvzr ▪ Milano Bicocca 2017: Tre lezioni dal corso Bitcoin and Blockchain Technology https://www.youtube.com/playlist?list=PLrVvuryXHYTdzvtpzrj4wvYEh CwF6G82b ▪ Playlist YouTube completa: https://www.youtube.com/playlist?list=PLrVvuryXHYTdKXzpIx7aYAzq AiRpaebWp ▪ Intervista Bitcoin: oro digitale, finanza e tulipani (2018), https://goo.gl/eyjDJ2 © 2019 Digital Gold Institute 126/127
  116. Takeaways ▪ Bitcoin (and blockchain): not a technology, a cultural

    paradigm shift instead ▪ Bitcoin solves the double spending problem (distributed consensus), allowing for the decentralization paradigm ▪ Bitcoin is the digital equivalent of gold: − as relevant as gold for the history of civilization and the future of money and finance; it is already bootstrapping new monetary systems − no correlation with other asset classes: bitcoin investing is rational diversification ▪ Blockchain is mostly just hype, there is no blockchain without bitcoin ▪ There is a blockchain beyond bitcoin: notarization ▪ The blockchain economy needs financial services for its digital gold ▪ Be your own bank, if you can; else resort to reputed professionals for intermediation and custody © 2019 Digital Gold Institute 127/127
  117. Ferdinando M. Ametrano Executive Director [email protected] Paolo Mazzocchi Chief Operating

    Officer [email protected] www.github.com/dginst www.facebook.com/DigitalGoldInstitute www.twitter.com/DigitalGoldInst www.dgi.io/feed.xml [email protected] www.dgi.io www.linkedin.com/company/digital-gold-institute "Scarcity in the Digital Domain"