The summer school will take place from September 2nd, 2019 to including September 5th, 2019.
Details about the social event are currently being finalized.
A Primer on Economics for Cryptocurrencies
Money is a core interest of economics, and cryptocurrencies rely on protocols designed with economic incentives in mind. In this lecture, I review selected principles of economics and apply them to problems in the cryptocurrency space. Specifically, I first talk about individual rationality and incentive compatibility as an opportunity (and perhaps red herring) in protocol design. Then I recall the efficient market hypothesis and apply it to proof-of-work mining and exchange rates. Finally, I introduce the concept of market power and show how it can stifle growth. This leads us to interpret mining pools as cartels, which has direct implications on transaction supply (and fees) and potential implications on the competition between cryptocurrencies. The bigger insight here is that the economics of decentralized systems often support outcomes that are the opposite of what a system promised to deliver: while designed to be decentralized, Bitcoin’s operation is in the hands of a few powerful parties. To manage expectations: the selection of topics is far from comprehensive (for instance, I exclude the quantitative theory of money, network economics, crime, and privacy), and in the presentation I strive for the beauty of arguments over completeness. My objective with this lecture it to allow the attendees of the summer school to understand, appreciate, and critically reflect on economic reasoning; and, more broadly, to facilitate a dialogue between engineers and social scientists studying the same or very similar phenomena.
Rainer Böhme is professor of computer science at the University of Innsbruck, Austria. His research interests include the economics of security and privacy. He has first published on Bitcoin in 2012, taught a class on Bitcoin in early 2013 (each student had to bring 1 BTC to solve assignments), co-founded the first academic workshop on “Bitcoin and Blockchain” research at Financial Cryptography in 2014, and co-authored the much-cited introduction to cryptocurrencies for economists in the Journal of Economic Perspectives in 2015. He has advised on cryptocurrency regulation, for example in the final recommendation of the BITCRIME research project that he coordinated from 2014 to 2017. Two recent foci of his research related to cryptocurrencies are forensics and privacy.
NOCUST - A Securely Scalable Commit-Chain
To scale permissionless blockchains, one potential approach known as Layer 2 scaling is to off-load transactions from the blockchain. The Blockchain is then used only as a resource, in case of disputes. Commit-chains are layer 2 solutions that as opposed to side-chains do not require any additional consensus mechanism to operate. Therefore, it inherits security from the parent blockchain. This talk will cover NOCUST, a securely scalable commit-chain construction. We will show how NOCUST can grow in practice to over one billion users with small operating costs. We will demonstrate how the system can function securely while users stay custodian of their assets entirely. Further, Layer 2 is an excellent opportunity to fix some of the significant issues with blockchain’s user experience. Currently, transactions are slow to process, require block confirmations and users need to pay complex gas fees. With NOCUST, transactions are confirmed almost instantly and do not expect any gas fees to be paid. This presentation is relevant for hackers and developers because it will provide the tools, such as the NOCUST SDK, for them to build scalable blockchain applications with the enhanced user experience.
Arthur Gervais is an Assistant Professor of Computer Science at Imperial College London and Lecturer at the University of Applied Sciences in Lucerne. Gervais received his PhD on the topic of “Proof of Work Blockchain Security, Privacy and Scalability” from ETH Zurich. Gervais’s research focuses on applied cryptography, network and distributed ledger security, privacy as well as their scalability properties. He was the first to objectively compare the security properties of different proof of work blockchains, outlining the tensions between scalability and security. With “Do you need a Blockchain?”, he built the first objective framework to evaluate whether a blockchain is the appropriate technical solution to a problem. Gervais co-founded two startups in the blockchain space. Liquidity Network, where he acts as CEO, develops a second layer scaling solution to enable higher transaction throughputs on existing blockchains. As ChainSecurity co-founder, Gervais helped to design the first automated formal smart contract security verification tool Securify. Gervais served on many program committees including top-tier security conferences such as ACM CCS. Gervais co-organized the inaugural CryptoValley Conference, focused on blockchain research, which attracted 900 visitors in its first iteration in 2018, 1100 in 2019. He moreover served on the PC of several blockchain-focused research venues such as BITCOIN, BPASE, IEEE Security and Privacy on the Blockchain and the CBT workshop. Gervais was reviewer for ERC Advanced Grant proposals 2018 and advises the blockchain observatory forum of the European Union.
Foundations of Distributed Trust
Although practical Byzantine fault-tolerant (BFT) consensus protocols have been available for two decades, they have never been deployed in production until very recently. The widespread interest in cryptocurrencies and blockchains has changed this. BFT consensus protocols are at the heart of many current blockchain platforms, which run without a central authority.
This presentation will explore the foundations of BFT consensus, such as quorum systems, reliable broadcasts, and protocols for storing data. Furthermore, the talk also discusses protocols with asymmetric trust. By letting nodes express their subjective assumptions of whom they trust and by how much, this model bridges between standard BFT consensus and decentralized blockchains. The approach is related to consensus in the Ripple and Stellar blockchains, which have introduced similar ideas but only with a heuristic approach.
Christian Cachin is a professor of computer science at the University of Bern, where he leads the cryptology and data security research group since 2019. Prior to that he worked for IBM Research - Zurich during more than 20 years. He has held visiting positions at MIT and at EPFL and has taught at several universities during his career in industrial research. He graduated with a Ph.D. in Computer Science from ETH Zurich in 1997. An IEEE Fellow, ACM Distinguished Scientist, and recipient of multiple IBM Outstanding Technical Achievement Awards, he has also served as the President of the International Association for Cryptologic Research (IACR) from 2014-2019.
With a background in cryptography, he is interested in all aspects of security in distributed systems and especially in cryptographic protocols, consistency, consensus, blockchains, and cloud-computing security. He has developed many cryptographic protocols, particularly for achieving consensus and for executing distributed cryptographic operations over the Internet. In the area of cloud computing, he has contributed to standards in storage security and developed protocols for key management.
Permissioned Blockchains: What, Why, How
Permissioned blockchains allow a well identifiable set of participants to run blockchain technology in a setting where the involved parties require some means of identifying each other while not necessarily fully trusting the other members of the network. This represents an emerging alternative to permissionless blockchains (in which anybody can participate, e.g., Bitcoin, Ethereum) that better addresses the needs of business applications of blockchain technology and distributed ledgers. In this talk, we will explore permissioned blockchain technologies with a focus on the Hyperledger Project, a prominent open-source initiative under the patronage of the Linux Foundation, dedicated to bringing blockchain technologies to businesses.
Angelo De Caro joined the Storage Systems group of IBM Research – Zurich in May 2015. His research is focused on the Hyperledger fabric and the privacy and cryptography of the blockchain. Angelo received his PhD in Computer Science in 2013 from the University of Salerno, in Italy, under the supervision of Prof. Carlo Blundo and Prof. Giuseppe Persiano. After his PhD, he worked with Dr. Tatsuaki Okamoto at NTT, Japan, in 2013 and with Prof. Michel Abdalla at École normale supérieure, France, in 2014-2015. Angelo has been also engaged in several EU projects including ECRYPTII (European Network of Excellence in Cryptology II) and TREDISEC (Trust-aware, REliable and Distributed Information SEcurity in the Cloud). His research interests are in theoretical cryptography and its applications to the blockchain and the cloud.
Towards an Open-source and Off-chain Financial System
Cryptocurrencies do not scale. Fundamentally, there is a tradeoff between the network’s throughput and the diversity of peers who can verify transactions in real time (and thus hold the block producers accountable). In this talk, we provide an overview of an alternative scaling approach, off-chain protocols, that lets parties transact (or execute the terms of a smart contract) locally amongst themselves instead of the global network. Off-chain is remarkable as in the best case it lets parties bypass all network fees and blockchain latency. We’ll cover the two leading approaches, channel-based networks and commit-chains, that together is leading to the emergence of a global, off-chain and permissionless financial system. Finally we discuss a new security assumption introduced by off-chain protocols, the always online assumption, and how the the community are trying to alleviate it.
Patrick McCorry works on the open-source project PISA. He was previously an Assistant Professor at King’s College London. His focus is cryptocurrencies, smart contracts, cryptography and decentralised systems. Patrick is the UK’s first PhD graduate in Cryptocurrencies and his work has recently appeared at Devcon3 and 4, Scaling Bitcoin 2017, Breaking Bitcoin 2017 and BPASE 2018 alongside numerous academic venues.
Designing a Usable Cryptocurrency for the Web - Nimiq
Most of today’s blockchain and cryptocurrency systems are very technical, hard to use by non-experts and require users to download large amounts of data, providing a high barrier of entry. Thus, non-technical users often trade in security for usability, for example by choosing centralized, custodial services over decentralized, non-custodial alternatives.
The presentation will go into the technical depths of our current blockchain implementation and planned improvements. We will introduce our novel consensus algorithm called Albatross. We will also give an overview of Nimiq OASIS, an open scheme for atomic asset swaps. In collaboration with a bank, this will allow atomically swapping fiat currencies like the Euro with Hashed Timelock-compatible cryptocurrencies like Nimiq – without introducing additional trusted parties.
Pascal Berrang is a Blockchain Researcher and Developer at Nimiq. He obtained his PhD from CISPA, Saarland University on the topic of biomedical data privacy in 2018. For his thesis, he received the Dr.-Eduard-Martin award. He is also a member of the saarsec CTF team, regularly finishing those hacking competitions in the top 3. His interests lie in the areas of IT-security, privacy and scalability with a focus on distributed ledgers.
Practical Safety Certification of Ethereum Smart Contracts
Certification of smart contracts is a pressing security concern. Today, billions worth of USD are controlled by smart contracts, and only in the past few years, millions of these have been lost by exploiting subtle flaws found in the code of these contracts. To prevent these exploits, we need to formalize and verify the contract’s requirements before its deployment on the blockchain. Temporal safety properties are a natural fit for capturing custom requirements of smart contracts: the functions of the contract are executed in an infinite loop, processing a new transaction at each iteration, and its requirements typically specify which sequences of states are considered valid.
In this talk, we will overview the landscape of existing security tools for automated testing (e.g. fuzzing) and security analysis (e.g. based on symbolic execution, static analysis, and interactive theorem provers). I will explain how these techniques differ in terms of the guarantees they provide and the level of automation they can achieve.
Given this background, we will also present opportunities to build next-generation automated security tools which are capable to verify the safety of smart contracts with little manual effort. We will demonstrate that a careful combination of techniques, such as predicate abstraction, is practical and useful, by demo-ing how it is used to verify properties for popular libraries, such as ERC20 and SafeMath implementations.
Dr. Hubert Ritzdorf is the CTO and co-founder of ChainSecurity. He earned his PhD from ETH Zurich in 2018, working on the security of cloud and blockchain services for 5+ years. During his research he proposed novel protocols and analysed existing ones.
At ChainSecurity, Hubert leads the auditing and designs new analysis tools that make audits faster and more secure. He has audited the smart contracts of over 40 clients which raised hundreds of million Dollars in their ICOs and in the process has found countless critical vulnerabilities that would have allowed an attacker to steal or divert funds. Hubert has also provided design consultation for blockchain-based systems and has reviewed several high-level protocols built around smart contracts.
Proof Systems for Sustainable Blockchains: How to Prove You Waste Space and Time
The security of Bitcoin’s blockchain requires that honest miners constantly dedicate more computational power towards securing the blockchain than is available to a potential adversary. This leads to a massive waste of energy; at its hitherto peak, the electricity used for Bitcoin mining equaled the electricity consumption of Austria. In this lecture I will discuss how disk-space, instead of computation, can be used as a resource to construct a more sustainable blockchain. We will discuss definitions and constructions of “proofs of space” and “verifiable delay functions”, and how they can be used to construct a Blockchain with similar dynamics and security properties as the Bitcoin blockchain.
Krzysztof Pietrzak is a cryptographer and since 2011 professor at the Institute of Science and Technology Austria (IST Austria). His research spans theoretical and applied aspects of information security, more recently also in the blockchain space. He is the recipient of an ERC starting and consolidator grant and three Eurocrypt best paper awards.
Algorand: A Secure, Scalable and Decentralized Blockchain
Blockchains stand to revolutionize the way a modern society operates. They can secure all kinds of traditional transactions, such as payments, in the exact order in which the transactions occur; and enable totally new transactions, such as cryptocurrencies and smart contracts. They can remove intermediaries and usher in a new paradigm for trust. As currently implemented, however, blockchains scale poorly and cannot achieve their enormous potential. Algorand is the first blockchain that is truly secure, scalable and decentralized. It is permissionless and works in a highly asynchronous environment. It dispenses with “proof of work” and “miners” and requires only a negligible amount of computation. Moreover, its transaction history does not “fork”, guaranteeing immediate finality of a transaction the moment the transaction enters the blockchain.
Jing Chen is Chief Scientist and Head of Theory Research at Algorand, and Assistant Professor in the Computer Science Department at Stony Brook University. Her main research interests are distributed ledgers, game theory, and algorithms. Jing received her bachelor and master’s degrees in computer science from Tsinghua University, and her PhD in computer science from MIT. She did a one-year postdoc at the Institute for Advanced Study, Princeton. Jing received the NSF CAREER Award in 2016.
Building Privacy-Preserving Dapps with NuCypher
NuCypher develops cryptographic solutions for privacy management and data governance, including the NuCypher Network, the leading privacy management layer for blockchain and Ethereum, and NuFHE, the fastest available fully homomorphic encryption library.
Nimiq provides two kinds of integrations:
- Core Client API: A low-level API to interact directly with the blockchain, accounts and transactions programmatically (browser and NodeJS)
- Nimiq Hub API: A high-level API to create beautiful checkout and signature requests for your users (browser only)
We will show how you can connect to the blockchain in 3 lines of code and further interact with addresses and transactions programmatically. We’ll also show how to easily request payments in your webapp or webshop, and how to interact directly with your users’ Nimiq accounts to sign transactions and messages.
We will prepare a few simple app ideas to quickly try out your newfound knowledge! Our API documentation and tutorials are available at https://nimiq.com/developers.
Requirements: It would be good for the participants to bring their laptop to get some hands-on experience.