6. Ledgers in regular databases
Account number Balance
04823872 £ 229.94
20956298 £ 431.05
38103749 £ 183.67
7. Ledgers in blockchains
Public key hash Balance
13B9cMd5Ch9fu6qU4
94gHTfAPFQfq3ZSGx
£ 229.94
1FRZvSBc1cRFbmwbz
NhhaQTyRJXRujN2Sq
£ 431.05
1HDxhfeoSQmVNzTnZ
RLe2Z6nJ1LLAuGWpa
£ 183.67
8. Ledgers in blockchains
Public key hash Balance
13B9cMd5Ch9fu6qU4
94gHTfAPFQfq3ZSGx
£ 229.94
1FRZvSBc1cRFbmwbz
NhhaQTyRJXRujN2Sq
£ 146.83
1FRZvSBc1cRFbmwbz
NhhaQTyRJXRujN2Sq
£ 284.22
Multiple entries for one account ⇒
concurrent distributed transactions
9. Internal risks: regular node
• What can a bad regular node do?
⤫ Spend somebody else’s money
⤫ Create more money
⤫ Spend own money twice
⤫ Flood the network (denial of service)
⤫ Censor transactions
• Why are we so confident?
ü 7 years of bitcoin history
10. Internal risks: validator node
• What can a bad validator node do?
⤫ Spend somebody else’s money
⤫ Create more money
⤫ Spend own money twice
⤫ Flood the network (denial of service)
⤫ Censor transactions
ü Delay transaction confirmation
ü Resolve conflicts with bias
11. Internal risks: validator majority
• What can a bad validator majority do?
⤫ Spend somebody else’s money
⤫ Create more money
⤫ Spend own money twice
⤫ Flood the network (denial of service)
ü Censor transactions
ü Delay transaction confirmation
ü Resolve conflicts with bias
12. External risks: network violation
⤫ Denial of service
– Peer-to-peer resilience
⤫ Wiretapping
– Handshaking with digital signatures
– Extend to encrypted communication
⤫ Spoofing / Man-in-the-middle
– Impossible without key compromise
– Transaction source irrelevant anyway
14. Mitigation: Cold storage
• Offline “cold” private key (air gapped)
– Most funds stored in cold address
– Refill “hot” address as necessary
http://bitcoingarden.tk/trezor-the-
hardware-bitcoin-wallet/
15. Mitigation: Multisignature
• Lock funds under n different keys
– Stored on different nodes/devices
• Require m of those keys to spend
– Special type of ledger entry
• Variations:
– 1 of 2 for key loss
– 2 of 2 for host security
– 2 of 3 for escrow