Monday, September 2
|8:45 - 9:00||Opening Remarks|
|9:00 - 9:30||Blockchain in the City of Vienna: Technology of an Innovative Administration (Brigitte Lutz)|
|9:30 - 10:00||Building Blocks for Blockchains and Distributed Systems (Philipp Schindler)|
|10:00 - 10:30||Security and Privacy for Payment-Channel Networks (Pedro Moreno-Sanchez)|
|10:30 - 11:00||Break sponsored by Bitpanda|
|11:00 - 12:30||A Primer on Economics for Cryptocurrencies (Rainer Böhme)|
|12:30 - 14:00||Lunch|
|14:00 - 15:30||NOCUST - A Securely Scalable Commit-Chain (Arthur Gervais)|
|15:30 - 16:00||Break sponsored by Liquidity Network|
|16:00 - 17:30||Hackathon: Liquidity Network|
|17:30 - 17:45||Break|
|17:45 - 19:00||Poster Session|
Tuesday, September 3
|9:00 - 10:30||Foundations of Distributed Trust (Christian Cachin)|
|10:30 - 11:00||Break sponsored by VCLA|
|11:00 - 12:30||Permissioned Blockchains: What, Why, How (Angelo De Caro)|
|12:30 - 14:00||Lunch|
|14:00 - 15:30||Coins, Clubs, and Crowds: Scaling and Decentralization in Next-Generation Blockchains and Cryptocurrencies (Bryan Ford)|
|15:30 - 16:00||Break sponsored by NuCypher|
|16:00 - 17:30||Lightning Talks|
|17:30 - 17:45||Break|
|17:45 - 18:05||Bitpanda and Pantos: The Future of Tokenization and Blockchain Interoperability (Benedikt Angerer)|
Wednesday, September 4
|9:00 - 10:30||Towards an Open-source and Off-chain Financial System (Patrick McCorry)|
|10:30 - 11:00||Break sponsored by BOLT Labs|
|11:00 - 12:30||Off-Chain Protocols (Sebastian Faust)|
|12:30 - 14:00||Lunch|
|14:00 - 15:30||Designing a Usable Cryptocurrency for the Web - Nimiq (Pascal Berrang)|
|15:30 - 16:00||Break sponsored by Nimiq|
|16:00 - 17:30||Hackathon: Nimiq|
|17:30 - 18:15||Break|
|18:15 - open||Social Event|
Thursday, September 5
|9:00 - 10:30||Practical Safety Certification of Ethereum Smart Contracts (Hubert Ritzdorf)|
|10:30 - 11:00||Break|
|11:00 - 12:30||Proof Systems for Sustainable Blockchains: How to Prove You Waste Space and Time (Krzysztof Pietrzak)|
|12:30 - 14:00||Lunch|
|14:00 - 15:30||Algorand: A Secure, Scalable and Decentralized Blockchain (Jing Chen)|
|15:30 - 16:00||Break sponsored by Research Institute|
|16:00 - 16:45||Panel Discussion: Hype or Digital-Social Revolution? Academic and Industry Perspectives|
|16:50 - 17:00||Concluding Remarks|
Blockchain in the City of Vienna - Technology of an Innovative Administration
Brigitte Lutz (Stadt Wien)
The City of Vienna sees opportunities and chances for the future of the administrative administration in the much discussed blockchain technology. Transparency, openness and participation are the leading motifs for our thoughts and actions concerning the digitization of the city. These so-called ‘Viennese principles’ are supported by the use of blockchain technology. The City of Vienna has therefore decided to use blockchain technology actively and has implemented some blockchain pilots. The technological development is promoted within the framework of the “DigitalCity.Wien”.
Brigitte Lutz works in the CIO office of the City of Vienna, in the executive group for process management and ICT strategy of the Vienna. She is an ICT expert in various fields, including e-government, and previously worked as a project manager, as well as senior process manager (SPcM). Currently, she is the data governance coordinator of the City of Vienna, and she is responsible for the IT-project portfolio-management and the coordination of the Open Government competence center of the City of Vienna, as well as for national and international cooperations.
Building Blocks for Blockchains and Distributed Systems
Philipp Schindler (SBA Research)
In this talk, we introduce two underlying technologies supporting the operation and the setup of modern blockchain and distributed systems protocols: Randomness Beacons and Distributed Key Generation.
A reliable source of randomness is not only an essential building block in various cryptographic, security, and distributed systems protocols, but also plays an integral part in the design of many new blockchain proposals. Consequently, the topic of publicly-verifiable, bias-resistant and unpredictable randomness has recently enjoyed increased attention. In particular random beacon protocols, aimed at continuous operation, can be a vital component for current Proof-of-Stake based distributed ledger proposals. In this presentation, we introduce the key properties expected from randomness beacons, outline existing protocols designs and highlight the advantages and drawbacks of these approaches.
Recently, the surge in interest for blockchain technologies, and in particular the quest for developing scalable protocol designs, has renewed and strengthened the need for efficient and practical DKG schemes. Surprisingly, given the broad range of applications and available body of research, fully functional and readily available DKG protocol implementations still remain limited. In this talk, we present the fundamentals of DKG protocols and our approach to close the gap between theory and practice: ETHDKG, an open source, fully functional, well documented, and economically viable DKG implementation that employs Ethereum’s smart contract platform as a communication and verification layer.
Security and Privacy for Payment-Channel Networks
Pedro Moreno-Sanchez (TU Wien)
The rapid growth in cryptocurrency usage is exposing the scalability issues inherent to permissionless blockchain technology. Payment-channel networks (PCNs) have emerged as the most widely deployed approach to mitigate this problem, allowing the bulk of payments between two users to be carried out off-chain. We will shortly analyze the security and privacy guarantees offered by current PCNs, highlighting vulnerabilities and pitfalls we recently discovered on popular PCNs. We will then turn our attention to new cryptographic protocols to achieve strong security and privacy guarantees in PCNs, including instantiations based on ECDSA signatures that are thus compatible with cryptocurrencies supporting a restricted scripting language (e.g., Bitcoin).
Pedro Moreno-Sanchez is a postdoc at the Security and Privacy Research Division at TU Wien and currently leads the Blockchain Research Lab. His research interests span networked systems, information security, applied cryptography and privacy. His work aims at developing and evaluating cryptographic solutions for secure, privacy-preserving networked systems. His current research focuses on the interoperability of payment networks such as credit networks (Ripple, Stellar), cryptocurrencies (Bitcoin, Monero, Zcash) and smart contracts (Ethereum).
A Primer on Economics for Cryptocurrencies
Rainer Böhme (University of Innsbruck)
Money is a core interest of economics, and cryptocurrencies rely on protocols designed with economic incentives in mind. In this lecture, I review selected principles of economics and apply them to problems in the cryptocurrency space. Specifically, I first talk about individual rationality and incentive compatibility as an opportunity (and perhaps red herring) in protocol design. Then I recall the efficient market hypothesis and apply it to proof-of-work mining and exchange rates. Finally, I introduce the concept of market power and show how it can stifle growth. This leads us to interpret mining pools as cartels, which has direct implications on transaction supply (and fees) and potential implications on the competition between cryptocurrencies. The bigger insight here is that the economics of decentralized systems often support outcomes that are the opposite of what a system promised to deliver: while designed to be decentralized, Bitcoin’s operation is in the hands of a few powerful parties. To manage expectations: the selection of topics is far from comprehensive (for instance, I exclude the quantitative theory of money, network economics, crime, and privacy), and in the presentation I strive for the beauty of arguments over completeness. My objective with this lecture it to allow the attendees of the summer school to understand, appreciate, and critically reflect on economic reasoning; and, more broadly, to facilitate a dialogue between engineers and social scientists studying the same or very similar phenomena.
Rainer Böhme is professor of computer science at the University of Innsbruck, Austria. His research interests include the economics of security and privacy. He has first published on Bitcoin in 2012, taught a class on Bitcoin in early 2013 (each student had to bring 1 BTC to solve assignments), co-founded the first academic workshop on “Bitcoin and Blockchain” research at Financial Cryptography in 2014, and co-authored the much-cited introduction to cryptocurrencies for economists in the Journal of Economic Perspectives in 2015. He has advised on cryptocurrency regulation, for example in the final recommendation of the BITCRIME research project that he coordinated from 2014 to 2017. Two recent foci of his research related to cryptocurrencies are forensics and privacy.
NOCUST - A Securely Scalable Commit-Chain
Arthur Gervais (Imperial College London and Liquidity Network)
To scale permissionless blockchains, one potential approach known as Layer 2 scaling is to off-load transactions from the blockchain. The Blockchain is then used only as a resource, in case of disputes. Commit-chains are layer 2 solutions that as opposed to side-chains do not require any additional consensus mechanism to operate. Therefore, it inherits security from the parent blockchain. This talk will cover NOCUST, a securely scalable commit-chain construction. We will show how NOCUST can grow in practice to over one billion users with small operating costs. We will demonstrate how the system can function securely while users stay custodian of their assets entirely. Further, Layer 2 is an excellent opportunity to fix some of the significant issues with blockchain’s user experience. Currently, transactions are slow to process, require block confirmations and users need to pay complex gas fees. With NOCUST, transactions are confirmed almost instantly and do not expect any gas fees to be paid. This presentation is relevant for hackers and developers because it will provide the tools, such as the NOCUST SDK, for them to build scalable blockchain applications with the enhanced user experience.
Arthur Gervais is an Assistant Professor of Computer Science at Imperial College London and Lecturer at the University of Applied Sciences in Lucerne. Gervais received his PhD on the topic of “Proof of Work Blockchain Security, Privacy and Scalability” from ETH Zurich. Gervais’s research focuses on applied cryptography, network and distributed ledger security, privacy as well as their scalability properties. He was the first to objectively compare the security properties of different proof of work blockchains, outlining the tensions between scalability and security. With “Do you need a Blockchain?”, he built the first objective framework to evaluate whether a blockchain is the appropriate technical solution to a problem. Gervais co-founded two startups in the blockchain space. Liquidity Network, where he acts as CEO, develops a second layer scaling solution to enable higher transaction throughputs on existing blockchains. As ChainSecurity co-founder, Gervais helped to design the first automated formal smart contract security verification tool Securify. Gervais served on many program committees including top-tier security conferences such as ACM CCS. Gervais co-organized the inaugural CryptoValley Conference, focused on blockchain research, which attracted 900 visitors in its first iteration in 2018, 1100 in 2019. He moreover served on the PC of several blockchain-focused research venues such as BITCOIN, BPASE, IEEE Security and Privacy on the Blockchain and the CBT workshop. Gervais was reviewer for ERC Advanced Grant proposals 2018 and advises the blockchain observatory forum of the European Union.
Foundations of Distributed Trust
Christian Cachin (University of Bern)
Although practical Byzantine fault-tolerant (BFT) consensus protocols have been available for two decades, they have never been deployed in production until very recently. The widespread interest in cryptocurrencies and blockchains has changed this. BFT consensus protocols are at the heart of many current blockchain platforms, which run without a central authority.
This presentation will explore the foundations of BFT consensus, such as quorum systems, reliable broadcasts, and protocols for storing data. Furthermore, the talk also discusses protocols with asymmetric trust. By letting nodes express their subjective assumptions of whom they trust and by how much, this model bridges between standard BFT consensus and decentralized blockchains. The approach is related to consensus in the Ripple and Stellar blockchains, which have introduced similar ideas but only with a heuristic approach.
Christian Cachin is a professor of computer science at the University of Bern, where he leads the cryptology and data security research group since 2019. Prior to that he worked for IBM Research - Zurich during more than 20 years. He has held visiting positions at MIT and at EPFL and has taught at several universities during his career in industrial research. He graduated with a Ph.D. in Computer Science from ETH Zurich in 1997. An IEEE Fellow, ACM Distinguished Scientist, and recipient of multiple IBM Outstanding Technical Achievement Awards, he has also served as the President of the International Association for Cryptologic Research (IACR) from 2014-2019.
With a background in cryptography, he is interested in all aspects of security in distributed systems and especially in cryptographic protocols, consistency, consensus, blockchains, and cloud-computing security. He has developed many cryptographic protocols, particularly for achieving consensus and for executing distributed cryptographic operations over the Internet. In the area of cloud computing, he has contributed to standards in storage security and developed protocols for key management.
Permissioned Blockchains: What, Why, How
Angelo De Caro (IBM Research)
Permissioned blockchains allow a well identifiable set of participants to run blockchain technology in a setting where the involved parties require some means of identifying each other while not necessarily fully trusting the other members of the network. This represents an emerging alternative to permissionless blockchains (in which anybody can participate, e.g., Bitcoin, Ethereum) that better addresses the needs of business applications of blockchain technology and distributed ledgers. In this talk, we will explore permissioned blockchain technologies with a focus on the Hyperledger Project, a prominent open-source initiative under the patronage of the Linux Foundation, dedicated to bringing blockchain technologies to businesses.
Angelo De Caro joined the Storage Systems group of IBM Research – Zurich in May 2015. His research is focused on the Hyperledger fabric and the privacy and cryptography of the blockchain. Angelo received his PhD in Computer Science in 2013 from the University of Salerno, in Italy, under the supervision of Prof. Carlo Blundo and Prof. Giuseppe Persiano. After his PhD, he worked with Dr. Tatsuaki Okamoto at NTT, Japan, in 2013 and with Prof. Michel Abdalla at École normale supérieure, France, in 2014-2015. Angelo has been also engaged in several EU projects including ECRYPTII (European Network of Excellence in Cryptology II) and TREDISEC (Trust-aware, REliable and Distributed Information SEcurity in the Cloud). His research interests are in theoretical cryptography and its applications to the blockchain and the cloud.
Coins, Clubs, and Crowds: Scaling and Decentralization in Next-Generation Blockchains and Cryptocurrencies
Bryan Ford (EPFL)
Building secure systems from independent, mutually distrustful parties is an old topic in computer science. But despite its attendant hype and misinformation, today’s “blockchain bandwagon” has successfully brought the gospel of decentralization - both a realization of its possibility and an appreciation for its value - to mainstream society. Currently-deployed blockchains, however, are slow, unscalable, weakly consistent, profligate in energy use, and have effectively re-centralized due to market pressures. We will explore challenges and some areas of ongoing progress in rethinking blockchain architecture to improve scalability, efficiency, functionality, privacy, and decentralization. We will explore how decentralized building blocks such as collective signatures and scalable distributed randomness enable architecturally modular solutions to challenges such as scalable Byzantine consensus, horizontal sharding, proof-of-stake, and blockchain-managed secrets. Finally, we explore challenges in fairness and democratization in decentralized systems, and the goal of creating a secure “one-person-one-vote” foundation for decentralization.
Prof. Bryan Ford leads the Decentralized/Distributed Systems (DEDIS) research laboratory at the Swiss Federal Institute of Technology in Lausanne (EPFL). Ford focuses broadly on building secure decentralized systems, touching on topics including private and anonymous communication, scalable decentralized systems, blockchain technology, Internet architecture, and operating systems. Ford earned his B.S. at the University of Utah and his Ph.D. at MIT, then joined the faculty of Yale University where his work received the Jay Lepreau Best Paper Award and grants from NSF, DARPA, and ONR, including the NSF CAREER award. His continuing work receives support from EPFL, the AXA Research Fund, and numerous industry partners. He has served on numerous prestigious advisory boards including on the DARPA Information Science and Technology (ISAT) study group and the Swiss FinTech Innovations (SFTI) advisory board.
Bitpanda and Pantos: The Future of Tokenization and Blockchain Interoperability
Benedikt Angerer (Bitpanda)
Ever since the introduction of Bitcoin in 2009, many new blockchain-based projects have been launched. The recent surge of these alternatives indicates a movement away from a single cryptocurrency focus to a variety of cryptocurrency-based applications built on top of blockchain-based technology. However, with the current lack of interoperability between blockchains projects risk ending up as separate islands, which ultimately slows down mass adoption of blockchain technology.
Interoperability between blockchains remains an open problem with current interoperability approaches providing very limited means of cross-blockchain interaction. In particular, current solutions for cross-blockchain token transfers suffer from limitations such as excessive synchronization of any balance change across blockchains. To overcome these limitations, Bitpanda and the TU Wien joined forces to work on enabling decentralized cross-blockchain applications such as cross-blockchain token transfers.
In our talk we will dive into the future of tokenization, what role Bitpanda and Pantos will play in this and how we are working on improving blockchain interoperability.
After his time at university, Benedikt built his own business. He then was invited to join Bitpanda in December 2017 to play a pivotal role in the rapid 2018 expansion. His knowledge of the company and the industry around it has allowed him to help build up the Business Development Department and command public engagement.
Towards an Open-source and Off-chain Financial System
Patrick McCorry (King's College London)
Cryptocurrencies do not scale. Fundamentally, there is a tradeoff between the network’s throughput and the diversity of peers who can verify transactions in real time (and thus hold the block producers accountable). In this talk, we provide an overview of an alternative scaling approach, off-chain protocols, that lets parties transact (or execute the terms of a smart contract) locally amongst themselves instead of the global network. Off-chain is remarkable as in the best case it lets parties bypass all network fees and blockchain latency. We’ll cover the two leading approaches, channel-based networks and commit-chains, that together is leading to the emergence of a global, off-chain and permissionless financial system. Finally we discuss a new security assumption introduced by off-chain protocols, the always online assumption, and how the the community are trying to alleviate it.
Patrick McCorry works on the open-source project PISA. He was previously an Assistant Professor at King’s College London. His focus is cryptocurrencies, smart contracts, cryptography and decentralised systems. Patrick is the UK’s first PhD graduate in Cryptocurrencies and his work has recently appeared at Devcon3 and 4, Scaling Bitcoin 2017, Breaking Bitcoin 2017 and BPASE 2018 alongside numerous academic venues.
Sebastian Faust (TU Darmstadt)
A promising approach to improve scalability of blockchains are off-chain protocols. Off-chain protocols work by building a second layer network over the blockchain, thereby allowing that the massive amount of transactions is carried out directly between the involved users. There has recently been a plethora of different constructions for off-chain protocols proposed by industry and academia. One of the main types of off-chain protocols are state-channel networks such as Counterfactual and Perun. In this talk, we will present some of the main concepts of designing off-chain protocols with a focus on state-channel networks.
Sebastian Faust is a professor at the Department of Computer Science at TU Darmstadt. Currently, his main topics of interest are securing cryptographic implementations and developing new blockchain technology for improving scalability and security. He is a co-founder of the Perun Network which is supported by the Ethereum Foundation, Robert Bosch GmbH and the BMBF StartUpSecure program.
Designing a Usable Cryptocurrency for the Web - Nimiq
Pascal Berrang (Nimiq)
Most of today’s blockchain and cryptocurrency systems are very technical, hard to use by non-experts and require users to download large amounts of data, providing a high barrier of entry. Thus, non-technical users often trade in security for usability, for example by choosing centralized, custodial services over decentralized, non-custodial alternatives.
The presentation will go into the technical depths of our current blockchain implementation and planned improvements. We will introduce our novel consensus algorithm called Albatross. We will also give an overview of Nimiq OASIS, an open scheme for atomic asset swaps. In collaboration with a bank, this will allow atomically swapping fiat currencies like the Euro with Hashed Timelock-compatible cryptocurrencies like Nimiq – without introducing additional trusted parties.
Pascal Berrang is a Blockchain Researcher and Developer at Nimiq. He obtained his PhD from CISPA, Saarland University on the topic of biomedical data privacy in 2018. For his thesis, he received the Dr.-Eduard-Martin award. He is also a member of the saarsec CTF team, regularly finishing those hacking competitions in the top 3. His interests lie in the areas of IT-security, privacy and scalability with a focus on distributed ledgers.
Practical Safety Certification of Ethereum Smart Contracts
Hubert Ritzdorf (ChainSecurity)
Certification of smart contracts is a pressing security concern. Today, billions worth of USD are controlled by smart contracts, and only in the past few years, millions of these have been lost by exploiting subtle flaws found in the code of these contracts. To prevent these exploits, we need to formalize and verify the contract’s requirements before its deployment on the blockchain. Temporal safety properties are a natural fit for capturing custom requirements of smart contracts: the functions of the contract are executed in an infinite loop, processing a new transaction at each iteration, and its requirements typically specify which sequences of states are considered valid.
In this talk, we will overview the landscape of existing security tools for automated testing (e.g. fuzzing) and security analysis (e.g. based on symbolic execution, static analysis, and interactive theorem provers). I will explain how these techniques differ in terms of the guarantees they provide and the level of automation they can achieve.
Given this background, we will also present opportunities to build next-generation automated security tools which are capable to verify the safety of smart contracts with little manual effort. We will demonstrate that a careful combination of techniques, such as predicate abstraction, is practical and useful, by demo-ing how it is used to verify properties for popular libraries, such as ERC20 and SafeMath implementations.
Dr. Hubert Ritzdorf is the CTO and co-founder of ChainSecurity. He earned his PhD from ETH Zurich in 2018, working on the security of cloud and blockchain services for 5+ years. During his research he proposed novel protocols and analysed existing ones.
At ChainSecurity, Hubert leads the auditing and designs new analysis tools that make audits faster and more secure. He has audited the smart contracts of over 40 clients which raised hundreds of million Dollars in their ICOs and in the process has found countless critical vulnerabilities that would have allowed an attacker to steal or divert funds. Hubert has also provided design consultation for blockchain-based systems and has reviewed several high-level protocols built around smart contracts.
Proof Systems for Sustainable Blockchains: How to Prove You Waste Space and Time
Krzysztof Pietrzak (IST Austria)
The security of Bitcoin’s blockchain requires that honest miners constantly dedicate more computational power towards securing the blockchain than is available to a potential adversary. This leads to a massive waste of energy; at its hitherto peak, the electricity used for Bitcoin mining equaled the electricity consumption of Austria. In this lecture I will discuss how disk-space, instead of computation, can be used as a resource to construct a more sustainable blockchain. We will discuss definitions and constructions of “proofs of space” and “verifiable delay functions”, and how they can be used to construct a Blockchain with similar dynamics and security properties as the Bitcoin blockchain.
Krzysztof Pietrzak is a cryptographer and since 2011 professor at the Institute of Science and Technology Austria (IST Austria). His research spans theoretical and applied aspects of information security, more recently also in the blockchain space. He is the recipient of an ERC starting and consolidator grant and three Eurocrypt best paper awards.
Algorand: A Secure, Scalable and Decentralized Blockchain
Jing Chen (Stony Brook University)
Blockchains stand to revolutionize the way a modern society operates. They can secure all kinds of traditional transactions, such as payments, in the exact order in which the transactions occur; and enable totally new transactions, such as cryptocurrencies and smart contracts. They can remove intermediaries and usher in a new paradigm for trust. As currently implemented, however, blockchains scale poorly and cannot achieve their enormous potential. Algorand is the first blockchain that is truly secure, scalable and decentralized. It is permissionless and works in a highly asynchronous environment. It dispenses with “proof of work” and “miners” and requires only a negligible amount of computation. Moreover, its transaction history does not “fork”, guaranteeing immediate finality of a transaction the moment the transaction enters the blockchain.
Jing Chen is Chief Scientist and Head of Theory Research at Algorand, and Assistant Professor in the Computer Science Department at Stony Brook University. Her main research interests are distributed ledgers, game theory, and algorithms. Jing received her bachelor and master’s degrees in computer science from Tsinghua University, and her PhD in computer science from MIT. She did a one-year postdoc at the Institute for Advanced Study, Princeton. Jing received the NSF CAREER Award in 2016.
Guillaume Felley (Liquidity Network)
Nimiq provides two kinds of integrations:
- Core Client API: A low-level API to interact directly with the blockchain, accounts and transactions programmatically (browser and NodeJS)
- Nimiq Hub API: A high-level API to create beautiful checkout and signature requests for your users (browser only)
We will show how you can connect to the blockchain in 3 lines of code and further interact with addresses and transactions programmatically. We’ll also show how to easily request payments in your webapp or webshop, and how to interact directly with your users’ Nimiq accounts to sign transactions and messages.
We will prepare a few simple app ideas to quickly try out your newfound knowledge! Our API documentation and tutorials are available at https://nimiq.com/developers.
Requirements: It would be good for the participants to bring their laptop to get some hands-on experience.