Seventh lesson for the Bitcoin and Blockchain Technology course of Milano Bicocca University (2017)
Video (in Italian) available at https://goo.gl/oQDNeS
Exploring the Future Potential of AI-Enabled Smartphone Processors
Bitcoin, Blockchain, and Distributed Ledger Technology: Hype or Reality?
1. Bitcoin and Blockchain Technology
Bitcoin, Blockchain, and Distributed Ledger Technology: Hype or Reality?
ferdinando@ametrano.net
https://github.com/fametrano
https://twitter.com/Ferdinando1970
https://speakerdeck.com/nando1970
https://www.reddit.com/user/Nando1970/
https://www.slideshare.net/Ferdinando1970
https://it.linkedin.com/in/ferdinandoametrano
https://www.youtube.com/c/FerdinandoMAmetrano
2. Table of Contents
1. Blockchain Without Bitcoin
2. Finance and Blockchain
3. Timestamping, Notarization, and Anchoring
4. Smart Contracts
5. The Distributed Ledger Technology Chimera
2/72
3. Understanding Lags Well Behind The Hype
Understanding of the technology however lags well
behind the hype, amongst practitioners, policy makers
and industry commentators alike. ‘Blockchain’
technology seems to promise major change for capital
markets and other financial services – some say it may
ultimately prove to be as important an innovation as
the internet itself – but few can say exactly how or why.
Michael Mainelli, Alistair Milne (2016)
The Impact and Potential of Blockchain on the Securities Transaction Lifecycle
http://ssrn.com/abstract=2777404
3/72
4. Why Bitcoin Is Hard To Understand
At the crossroads of:
1. Game theory
2. Cryptography
3. Computer networking and data transmission
4. Economic and monetary theory
Mainly not a technology,
a cultural paradigm shift instead
4/72
5. What Makes Bitcoin Special?
• Digital and scriptural: it only exists as validated transaction
• Asset, not a liability
• Bearer instrument
• Scarce in digital realm, as nothing else before
• It can be transferred but not duplicated
(i.e. it can be spent, but not double-spent)
• Mimicking gold monetary policy
Bitcoin is digital gold
this is the brilliant groundbreaking achievement by Satoshi Nakamoto
5/72
6. “Blockchain –
not bitcoin –
will prove
revolutionary
in banking”
http://www.economist.com/news/leaders/21677198-technology-behind-bitcoin-could-transform-how-economy-works-trust-machine
6/72
7. What is The Blockchain?
[A hash pointer linked list of blocks]
• An append-only sequential data structure
• New blocks can only be appended at the end of
the chain
• To change a block in the middle of the chain, all
subsequent blocks need to be changed
• Very inefficient compared to a relational database
7/72
8. Blockchain:
A Distributed Transaction Ledger
• Every block contains multiple transactions
• Massively duplicated across network nodes
• Shared with a P2P file transfer protocol
• Updated by peculiar nodes, known as miners,
appending new blocks of transactions
8/72
9. A Distributed Back-office
• All network nodes perform transaction validation
• Miners perform the additional work required for clearing
and settlement
• How do they reach consensus on the transaction history?
• Consensus in a distributed network with faulty (or
malicious) nodes is a very hard problem known as
Byzantine General Problem
9/72
10. Nakamoto Consensus
• Nakamoto achieves Byzantine Fault Tolerant Consensus
using (game theory) economic incentive for the mining
nodes to be honest
– solves double spending without a central trusted party
– can resist attacks of malicious agents, as long as they do not
control network majority
• Miners are compensated for their proof-of-work using
seigniorage revenues, i.e. with issuance of new bitcoins
• Seigniorage revenues subsidize the network, making
transaction almost free
Ferdinando Ametrano 2017 10/57
11. Blockchain Without Bitcoin
Does it make sense?
No bitcoin
No asset available to reward miners
Appointed validator officials required
Central governance is required!
Why should validators use a blockchain,
i.e. a subpar data structure, instead of a database?
11/72
12. Blockchain Needs A Native Digital Asset
https://www.finextra.com/videoarticle/1241/blockchain-needs-a-native-digital-asset
Ferdinando Ametrano, Head of
Blockchain and Virtual
Currencies, Intesa Sanpaolo,
discusses the relationship
between bitcoin and
blockchain, and outlines how
banks can stay ahead of this
evolving landscape.
12/72
13. Table of Contents
1. Blockchain Without Bitcoin
2. Finance and Blockchain
3. Timestamping, Notarization, and Anchoring
4. Smart Contracts
5. The Distributed Ledger Technology Chimera
13/72
14. Why is finance fascinated with blockchain?
Blockchain transactions are immediately validated
and cleared, then settled shortly thereafter,
automatically without a central authority
• In the financial world, cash transactions only are
cleared and settled automatically without a
central authority
14/72
15. Consensus by reconciliation
• Financial transactions that take milliseconds to
execute, clear and settle in days
• Not a technological problem
• Consensus by reconciliation of multiple
independent ledgers: a checks and balances
system that allows for prescriptions,
corrections, and restrictions
15/72
16. Instant Settlement
• If it is really instant and final, what about the
mandatory recourse mechanism and rules?
• It would reduce liquidity making leverage,
short selling and netting almost impossible
• It costs: who should pay for it?
16/72
17. Central Bank Digital Currency
“[… it] is appealing […] it would mean people have
direct access to the ultimate risk-free asset [...] it
could exacerbate liquidity risk by lowering the
frictions involved in running to central bank money
[...] it could fundamentally and perhaps abruptly re-
shape banking”
Mark Carney, Governor of the Bank of England, June 2016
http://www.bankofengland.co.uk/publications/Documents/speeches/2016/speech914.pdf
17/72
18. Central Bank Digital Currency
“Allowing the public to hold claims on the central bank might
make their liquid assets safer, because a central bank cannot
become insolvent. This is an feature which will become
relevant especially in times of crisis – when there will be a
strong incentive for money holders to switch bank deposits
into the official digital currency simply at the push of a button.
But what might be a boon for savers in search of safety might
be a bane for banks, as this makes a bank run potentially even
easier.”
Jens Weidmann, President of Bundesbank, June 2017
https://www.ft.com/content/414072b7-0de5-3864-9493-14438eab30ae
18/72
19. Cash On The Ledger:
Imperative for Delivery vs Payment
• Hardly provided by Central Banks
• IMF sponsored blockchain tokens might replace Special
Drawing Rights: unrealistic as it would severely
undermine US dollar predominance
• absent from the agenda of prominent players
promising DLT solutions
• A free instantaneous P2P payment network is a great
opportunity for retail banks (probably worth a
consortium)
19/72
20. DLT for Derivatives Clearing
• collateral amount calculation is computationally
intensive: not clear which agent would perform it, its
economic incentive, which models it should use
• variation margin automated payments: programmatic
access to payment funds entails huge operational risks
• the default of counterparty would leave the other
party exposed to the market risks usually covered by
initial margin: i.e. initial margin are still required
20/72
21. The Mirage of Low Operational Costs
• If one takes into account the seigniorage revenues
invested, each transaction on the bitcoin blockchain
has a cost of about 10USD
• Cheaper forms of consensus have not been proven yet
• Even in the case of basic bilateral consensus through
digital signatures (something hardly innovative or
disruptive...) the integration cost in the existing
infrastructure is not going to be irrelevant
21/72
22. Single Shared Data Set
• Single data source, avoiding reconciliation
• Without a central governing node how to manage
priorities between conflicting updates? Which
consensus model?
• Bilateral consensus? Really?!?!?
• Central governance: back to DB admin
• What if the single authoritative data source is
hacked? Which reference can be used to fix it?
22/72
23. New Regulatory Framework?
• Public permissionless blockchains are not aiming for regulation
• Private permissioned DLTs are supposedly being built from the
ground up according to regulatory compliance guidelines
• Regulators should examine DLT under the light of the existing
regulatory framework
• To regulate in advance on the basis of vague ephemeral discussions
about DLT would be problematic and might stifle innovation.
• The necessity for ad-hoc regulation is not evident yet, and there has
not been a motivated explicit request for it.
23/72
24. Table of Contents
1. Blockchain Without Bitcoin
2. Finance and Blockchain
3. Timestamping, Notarization, and Anchoring
4. Smart Contracts
5. The Distributed Ledger Technology Chimera
24/72
25. Non Monetary Applications
The special Bitcoin Script operator OP_RETURN can be
used to store in the blockchain arbitrary data
25/72
26. Timestamping
• Providing a relevant document with a certain
sure date, e.g. postmark
• Law requires dates to be certified by public
officials and notary services
• For digital documents, timestamping is based
on digital signature by certification authority
26/72
27. Blockchain Timestamping
• A generic data file can be hashed to producing a short unique identifier, equivalent to its
digital fingerprint
• Such a fingerprint can be associated to a bitcoin transaction (irrelevant amount) and hence
registered on the blockchain
• Blockchain immutability provides time-stamping, proving data the file existence at that
moment in time in that specific status
27/72
BTC Transaction
data
file
t3 t4t0 t1 t2
Genesis block
Hash function Hash value
610b0a4b2769898674a2624e9330fbd60bbee200db2b57514be49d9a8b63dc25
27
28. Time-stamping is Notarization
• An unlimited number of documents can (should) be organized
in a Merkle Tree and timestamped with a single transaction
• Calendar services can provide aggregation and attestation
• The process has been standardized to allow for third party
auditability, making it suitable for regulatory prescriptions
28/72
30. OpenTimestamps: Scalable, Trustless,
Distributed Timestamping with Bitcoin
https://petertodd.org/2016/opentimestamps-announcement
• Trust — OpenTimestamps uses decentralized, publicly auditable, blockchains,
removing the need for trusted authorities; OpenTimestamps’s architecture is
designed to support multiple, cross-checked, notarization methods
• Cost — OpenTimestamps scales indefinitely, allowing timestamps to be created for
free by combining an unlimited number of timestamps into one blockchain
transaction.
• Convenience — OpenTimestamps can create a third-party-verifiable timestamp in
about a second; you don’t need to wait for a blockchain confirmation.
30/72
32. A Notable Use Case
• Broker-dealers have started using notarization to satisfy the
regulatory prescriptions for storing required records
exclusively in non-rewriteable and non-erasable electronic
storage media.
• WORM (write once read many) optical media has been used
so far, but it is quite impractical, especially for large data set
• Compliance can be achieved anchoring rewritable data
sources to the blockchain, providing accurate and secure
time-stamping resilient to manipulation
http://www.coindesk.com/intesa-sanpaolo-trade-data-bitcoin-blockchain/
https://www2.deloitte.com/it/it/pages/financial-services/articles/l_integrita-dei-dati-di-trading---deloitte-italy---financial-ser.html
https://drive.google.com/drive/folders/0B8tGDTaBY4-Nb3ZuRmgzRXJXOUk
32/72
33. Anchoring: A New Security Paradigm
• Bitcoin blockchain network security is preserved by a
computation power unparalleled in human history
• Other transactional networks can tap into this security via
anchoring (i.e. periodic time-stamping of the network
status)
• Any “stateful system with global memory” can outsource its
security to the bitcoin network, piggybacking its resilience
• Bitcoin miners as global outsourced decentralized security
of the future
33/72
34. Digital Gold Jewelry
• What jewelry is for gold, timestamping and
notarization could be for bitcoin, the digital equivalent
of gold: not essential, but effective at leveraging its
beauty
• Bitcoin has appreciated more than 1,000 times in the
last six years: if a similar pattern will apply in the next
5-10 years the gift of its seigniorage revenues might be
the discriminating factor for security of all transactional
networks
34/72
35. Table of Contents
1. Blockchain Without Bitcoin
2. Finance and Blockchain
3. Timestamping, Notarization, and Anchoring
– Digital Signature Hardening
4. Smart Contracts
5. The Distributed Ledger Technology Chimera
35/72
36. Digital Signature
What if a signing private key is stolen?
• The key revocation certificate is issued and signatures after the theft are
considered invalid
WRONG!!
• Every signature performed with that key must be considered invalid
because the thief can backdate documents
🔑 X 🔑 X🔑
36/72
37. Timestamping To Avoid Backdating
Traditional timestamping relies on a third-party central authority
signing with its private key
What if the timestamper’s private key is stolen?
Every timestamp created by that key must be considered invalid
because the thief can backdate timestamps
🔑
🕐
🔑
🕐 X🔑🕐X
37/72
38. Blockchain Hardened Digital Signature
Blockchain notarization is an effective hardening approach
Blockchain timestamps cannot be backdated!
🔑
🕐
🔑
🕐 X🔑🕐✓
38/72
40. Table of Contents
1. Blockchain Without Bitcoin
2. Finance and Blockchain
3. Timestamping, Notarization, and Anchoring
4. Smart Contracts
5. The Distributed Ledger Technology Chimera
40/72
41. Smart Contract: Nick Szabo 1994
A smart contract is a computerized transaction protocol that
executes the terms of a contract.
The general objectives are to:
• satisfy common contractual conditions (such as payment
terms, liens, confidentiality, and even enforcement),
• minimize exceptions both malicious and accidental, and
• minimize the need for trusted intermediaries.
Related economic goals include lowering fraud loss, arbitrations
and enforcement costs, and other transaction costs 41/72
42. Smart Contract: Nick Szabo 1997
• Smart contracts combine protocols with user interfaces to
formalize and secure relationships over computer networks.
• Objectives and principles for the design of these systems are
derived from legal principles, economic theory, and theories
of reliable and secure protocols.
• By using cryptographic and other security mechanisms, they
can secure many algorithmically specifiable relationships from
breach by principals, and from eavesdropping or malicious
interference by third parties
http://firstmonday.org/ojs/index.php/fm/article/view/548/469
42/72
43. Smart Contract: The Basic Idea
• Embed contractual clauses in hardware and
software, in such a way as to make breach of
contract economically disadvantageous
(prohibitively expensive) and technically hard
• Math-based contracts with automated
software settlement, with no legal systems or
human actions required
43/72
44. Smart Properties
Digital token programmatically exchanged using smart
contracts:
• “the program runs this code and at some point it
automatically validates a condition and it
automatically determines whether the asset should go
to one person or back to the other person, or whether
it should be immediately refunded to the person who
sent it or some combination thereof” Vitalik Buterin
44/72
45. Protocols for Smart Contracts
should be structured in such a way as to make
their contracts
• robust against naive vandalism, and
• robust against sophisticated, incentive
compatible (rational) breach
45/72
47. Autonomous Agents
• Autonomous agents: software programs
created for specific tasks, able to make and
receive payments using cryptocurrencies
• Decentralized Autonomous Organization
(DAO)
47/72
48. The DAO
• The DAO: the main Ethereum project, it raised about $160m
as leaderless Venture Capital
• The terms of The DAO are set forth in the smart contract code
[…] Nothing […] may modify or add any additional obligations
or guarantees beyond those set forth in The DAO’s code
• Based on its self-executing nature an agent diverted about
$50m from The DAO to its own child-DAO start-up
• Ethereum code base was changed to invalidate this single
transaction
48/72
49. Improved Automation: Smart Contracts
• If code is law, the DAO incident was not a
theft: it is a feature
• Improved automation is OK
• Beware of extreme automation!
49/72
50. Table of Contents
1. Blockchain Without Bitcoin
2. Finance and Blockchain
3. Timestamping, Notarization, and Anchoring
4. Smart Contracts
5. The Distributed Ledger Technology Chimera
50/72
51. DLT or Blockchain
• R3 has been recently trying to distance itself from blockchain
moving firmly in the DLT camp (posts from its CEO and Head of
Research; removing blockchain reference from its Twitter account)
• Vitalik Buterin, the creator of Ethereum:
– “pretty sure that ‘blockchain’ and ‘DLT’, as used in real life in the
‘permissioned’ space, are basically synonyms.”
– “it's not about some silly ‘sequential data structure’ (as if future versions of
blockchain tech will even look like that). It's about stateful decentralized
applications [...] giving [...] networks global persistent memory.”
https://www.reddit.com/r/ethereum/comments/5lzzfu/2017_will_prove_blockchain_was_a_bad_idea/
51/72
52. Distributed Ledger Technology
• private permissioned shared ledger
• permissioned access reserved only to vetted nodes
• observed by multiple parties
• without native digital asset or cryptocurrencies
• privacy-preserving (transactions transparent only to relevant
parties)
• using cryptographic means to verify that an implicit database
has reached the consensus status agreed between the parties
52/72
53. Distributed Ledger Technology:
The Potential
• Save billions of costs in the financial markets
• Enable innovation in supply chain
• Improve power grid management
• Secure nuclear weapons
• Preserve ownership title registry
• Empower digital ID
Blockchain is Coming and It Could Save Lives, Davos
2017 World Economic Forum
https://www.youtube.com/watch?v=AyOotqcEwSA
53/72
54. Real Use Cases Are Still Missing
Questions to be answered:
• Can be achieved with a database?
• What consensus is required? (distributed,
bilateral, centralized)
• What kind of security is required: preventive,
detective, or corrective? (ok / yes today, probably
not in the future/ no)
54/72
55. Blockchain and Database
• blockchain can be seen as the log of sequential updates
that have been applied to an originally empty database
• This ordered sequence of updates can be
independently performed by anyone, achieving a
database status that is considered the current shared
consensus between network nodes
• In the bitcoin case, we are referring to the UTXO
(Unspent Transaction Output) database, technically
implemented using a LevelDB database
55/72
56. DLT Initiatives
• R3
• Digital Asset Holding
• Hyperledger
• Ethereum Enterprise Alliance
• Tapscott’s Research Initiative
56/72
58. R3 Corda
• according to the R3 CTO, Gendal Brown, Corda is “heavily inspired by and
captures the benefits of blockchain systems, without the design choices
that make blockchains inappropriate for many banking scenarios.
• our starting point is individual agreements between firms […] legal prose is
considered from the start […] there will always be disputes and we specify
how they will be resolved […] we need more than just a consensus system.
We need to make it easy to write business logic and integrate with existing
code; we need to focus on interoperability
http://r3cev.com/blog/2016/4/4/introducing-r3-corda-a-distributed-ledger-designed-for-financial-services
58/72
59. R3 Corda
• ”Corda has a really innovative design here, allowing multiple Consensus
Services on the same network, including consensus service clusters running
different consensus algorithms.”
• “[consensus is reached] using pluggable notaries. A single Corda network
may contain multiple notaries that provide their guarantees using a variety
of different algorithms. Thus Corda is not tied to any particular consensus
algorithm.”
Consensus algorithm is missing!!!
• “In theory at least, Corda can happily use Bitcoin to do its coordination, if
you write the appropriate notary interface.”
Ian Grigg
http://financialcryptography.com/mt/archives/001606.html
59/72
60. Corda nodes are backed
by a relational database!!
Corda differs from other platforms in numerous
ways, but one of the most visible is our usage of
relational database technology […] Corda nodes
are backed by a relational database
Mike Hearn, R3 Lead Platform Engineer
https://www.corda.net/2017/06/corda-sql-nosql/
60/72
61. R3 Corda
• It looks like a revamped SWIFT protocol
on cryptographic proof steroids
• Goldman Sachs, Santander, Morgan
Stanley, JP Morgan, et al. have left R3
61/72
62. Ethereum Enterprise Alliance
Ethereum technology is “viewed as being harder to
corrupt or hack because of its reliance on many
people rather than a single authority.”
• Major failure of the DAO hack
• Benevolent dictatorship of Buterin
• Multiple voluntary and accidental hard forks
• Persistent Distributed Denial of Service attacks
62/72
64. Digital Asset Holding
Blythe Masters, CEO of Digital Asset Holding:
• distributed consensus is not needed when working
with a central counterparty (only legitimate consensus
authority allowed to provide cryptographic evidence of
transactions and events)
• for the DAH business the main Nakamoto’s
contribution is just making evident how useful a shared
ledger can be
64/72
65. Digital Asset Holding
• Distributed databases with data replication protocols might be a
better solution, but without detailed case-by-case analysis the
verdict is still out
• After successful proof-of-concept for financial repurchase
agreement transactions using DLT, DAH and the Depository Trust &
Clearing Corporation (DTCC) are progressing with leading market
participants to a second phase. This is expected to be completed by
June 2017 at which time DTCC will determine whether to move
ahead with the actual development phase
• Similarly, DAH has committed to deliver a post-trade solution to the
Australian Stock Exchange (ASX) by the end of this year
65/72
66. Digital Asset Holding
A lesson to be learned in the DLT space:
• abandon deceptive blockchain marketing
• assemble a solid tech team through acquisitions
• rely on centralized consensus
• focus on well defined use cases
• work primarily for your own investors (both DTCC and ASX
invested in DAH)
• commit to measurable deliveries with near deadlines
• deliver effective databases on crypto-steroids
66/72
67. Permissioned Distributed Ledgers
• Incremental evolution, not disruptive innovation
• Small impact, if any
• In the disruptive bitcoin nuclear explosion, applied
cryptography is the radioactive fallout driving evolutionary
database technology
• A private blockchain is an intranet, and a public blockchain is
the internet. The world was changed by the internet, not a
bunch of intranets. Where companies will be disrupted the
most is not by private blockchains, but public ones
Brian Forde, MIT, former senior adviser for mobile and data innovation at the White House
https://bitcoinmagazine.com/articles/mit-s-brian-forde-companies-will-be-disrupted-the-most-by-public-blockchains-1466028606
67/72
68. Insecure Snake-Oil Sold To Bank
https://twitter.com/aantonop/status/702307516739428353
68/72
69. Disruptive Innovation
• Did not understand it:
• Have used it to build new business:
• The entertainment industry has wasted its
resources fighting MP3 and illegal p2p sharing
• We now buy music and movies from iTunes,
Google Play, and Amazon… NOT from Sony or
Universal
69/72
70. The Shifting Narrative
2014 bitcoin
2015 blockchain technology
2016 distributed ledgers
2017 DBs with cryptographic proofs (and smart contracts)
2018 bitcoin, again
70/72
71. Bibliography
• F. Ametrano, E. Barucci, D. Marazzina, S. Zanero
Answer to ESMA call for opinion on DLT for Securities Markets (2016)
https://drive.google.com/drive/folders/0B8tGDTaBY4-
Nb3ZuRmgzRXJXOUk
• F. Ametrano, Bitcoin, Blockchain and the DLT Chimera (2016)
https://www.swiftinstitute.org/newsletters/guest-article-bitcoin-
blockchain-and-the-dlt-chimera/
• F. Ametrano, Missing the Point About Bitcoin (2017)
http://www.coindesk.com/2017-will-prove-blockchain-bad-idea/
• F. Ametrano, Bitcoin, Blockchain and Distributed Ledger Technology: Hype
or Reality? (2017)
https://goo.gl/Z9OeHt
71/72
72. Conclusions
• Blockchain needs a native digital asset such as bitcoin;
• Bitcoin is digital gold and can be as relevant as physical gold
for the history of money, finance, and civilization
• Timestamping and anchoring are promising applications
• Unrealistic expectations arise from distributed ledger hype: no
reference implementation has emerged yet
• Instant settlement, cash on the ledger, shared data set, and
extreme automation are not easy to obtain
• For the time being, better if smart contracts are not too smart
• Hardly disruptive, DLT might be evolutionary DB tech
72/72