CESC 2018 - Introducing the Speakers
Conference: All Things SF Blockchain Week
CESC 2018 is coming up and SF Blockchain Week is ecstatic to be hosting some of the greatest thinkers in the blockchain space! In this article, we’ll be previewing some of these speakers by reviewing protocols or papers they’ve written or are involved with.
Sunny is a researcher and core developer at Tendermint-Cosmos, focusing on proof of stake and blockchain interoperability. He also co-founded Blockchain at Berkeley and co-hosts the Epicenter podcast. Sunny has contributed significantly to the space through Cosmos, which is a decentralized network of independent parallel blockchains, each powered by classical BFT consensus algorithms like Tendermint.
Although there are many pieces to Cosmos, the most important thing to understand is that it allows for different blockchains to connect and interoperate with each other. The network does this through other building blocks like Tendermint and the Interblockchain Communication Protocol (IBC), which respectively allow for instant finality and inter-blockchain exchange of value. Cosmos itself is a hub that allows different zones to interact with each other, while the Cosmos SDK is a generalized framework that allows developers to build applications on top of Tendermint. In a sense, every piece of the Cosmos network is a tool that enables developers to easily build blockchains (including application-specific ones) and thus, a greater ecosystem of blockchains. You can learn more about Cosmos’s value proposition here.
Sarah is a PhD candidate in Computer Science at University College London, working under the supervision of Dr Sarah Meiklejohn. Her research interests are in Applied Cryptography, Distributed Systems and Game Theory.
In her paper, “Betting on Blockchain Consensus with Fantomette”, co-written with fellow CESC speaker Patrick McCorry, Sarah addresses the issues of leader selection in consensus protocols and incentivization of participants without relying on resource-intensive proof of work. They propose Fantomette, a new blockchain-based consensus protocol that fully incorporates incentive design to prove security properties in a setting that considers both rational and Byzantine adversaries. They also propose Caucus, a leader selection protocol specifically designed for open blockchains, which satisfies traditional notions of security and ensures that leaders are revealed only when they take action, thus preventing them from being subject to DoS attacks possible when eligibility is revealed ahead of time. Most existing protocols for non-PoW blockchain consensus protocols provide basic game-theoretic analysis but do not consider more advanced analyses that tolerate the presence of Byzantine adversaries. In the their opinion, Fantomette is the first one to place incentivization at the core of its security.
Joseph does research spanning cryptography, security protocol design, security economics, and human factors in security. He co-authored the Princeton textbook on Bitcoin and Cryptocurrencies.
In “Provisions: Privacy-preserving proofs of solvency for Bitcoin exchanges”, Bonneau, alongside other researchers, introduces Provisions, a privacy-preserving proof of solvency whereby an exchange does not have to disclose its Bitcoin address, total holdings or liabilities, or any information about its customers. Provisions consists of three primary protocols: proof of assets, proof of liabilities, and proof of solvency. In the proof of solvency protocol, the exchange uses the commitments to its total assets and liabilities produced by proof of assets and proof of liabilities and homomorphically computes a commitment to their difference and proves in zero-knowledge that this final commitment is a commitment to zero, thereby proving that total assets equals to total liabilities. The protocol maintains enough efficiency for exchanges to be able to conduct a daily proof of solvency. Given the significantly larger market size of cryptocurrency markets and the gradual path towards financial regulation in these markets, tools like Provisions have an important role in ensuring the solvency of these trading institutions
For everyone in the blockchain space, Vitalik needs no introduction. For those unfamiliar, he is the co-founder of Ethereum and now leads Ethereum's research team, working on future versions of the Ethereum protocol.
One of Vitalik’s important contributions to Ethereum, and by extension blockchain, is Casper the Friendly Finality Gadget. Casper FFG is a proof of stake-based finality system which overlays an existing proof of work blockchain. As an overlay on top of a proposal mechanism, Casper is responsible for finalizing blocks, essentially selecting a unique chain which represents the canonical transactions of the ledger. While Casper provides safety, liveness depends on the chosen proposal mechanism.
The most notable property of Casper is that it is impossible for conflicting checkpoints to be finalized without > 1/3 of the validators violating one of the two Casper slashing conditions. The two slashing conditions for Casper are that a validator must not publish two distinct votes for the same target height and that a validator must not vote within the span of its other votes. Finally, Casper introduces a novel, correct by construction, fork choice rule: follow the chain containing the justified checkpoint of the greatest height. This rule is correct by construction, because of the plausible liveness proof, which states that it’s always possible to finalize a new checkpoint on top of the justified checkpoint with the greatest height.
Christian is a cryptographer and computer scientist interested in distributed computing, cryptographic protocols, and security. He currently works on consensus protocols and on the Hyperledger Fabric blockchain platform.
Fabric is a modular and extensible open-source system for deploying and operating permissioned blockchains. It is the first blockchain that runs applications written in standard, general-purpose programming languages, without systemic dependency on a native cryptocurrency. The architecture of Fabric follows a novel execute-order-validate paradigm for distributed execution of untrusted code in an untrusted environment. This is in contrast with most blockchains, which operate on a order-execute architecture, and allows Fabric to execute transactions before reaching final agreement on order.
Fabric also utilizes a hybrid replication design, which mixes passive and active replication in the Byzantine model. Fabric uses passive replication with middleware-based asymmetric update processing, in which every transaction is executed only by a subset of peers. Meanwhile, it incorporates active replication in the sense that the transaction’s effects on the ledger state are only written after reaching consensus on a total order among them, in the deterministic validation step executed by each peer individually. The execute-order-validate architecture and hybrid replication design are the main innovations in Hyperledger Fabric.
Alessandro is a faculty member at UC Berkeley's EECS department (theory, cryptography, security). He is an author of libsnark, a C++ library for zkSNARKs, and a co-inventor of the Zerocash protocol. He is co-founder of StarkWare Industries and Zcash.
In a recent paper, Chiesa describes a new system called “DIZK: a Distributed Zero Knowledge Proof System”. DIZK distributes the zero knowledge proof across machines in a complete cluster, thus enabling it to leverage the aggregated cluster’s memory and computation resources. This allows DIZK to support circuits with billions of gates (100x larger than previous techniques) at a cost of 10µs per gate (100x faster than previous techniques). Overall, DIZK is important, because it enlarges the class of applications that are feasible for zk-snarks.
Jeremy is an assistant professor at the Concordia Institute for Information Systems Engineering. His research interests include cryptocurrencies and deploying financial technology on blockchain-based systems like Ethereum.
In his paper, “A first look at browser-based cryptojacking,” Clark explores the story behind the rejuvenation of browser-based mining. Cryptojacking is the invisible use of a vulnerable user’s computation resources to mine cryptocurrencies. There have been multiple instances of websites like The Pirate Bay experimenting with browser-based mining. Conducting an analysis on how many websites were using Coinhive, the dominant website offering in-browser mining, Clark found that over 30,000 websites were using the coinhive.min.js library. They finish their report by discussing the ethics of browser-based mining, noting that unauthorized mining is clearly unethical whereas user-authorized mining is a more grey area due to the lack of complete information on the side of the user.
Mo is a co-founder of Celer Network and received his Ph.D. from UIUC. He was a founding engineer and product manager at Veriflow, working on network formal verification. He is an expert in applying algorithmic game theory to protocol design, and teaches full-stack smart contract courses.
Celer Network is an Internet-scale, trust-free, and privacy-preserving platform in which everyone can build, operate, and use highly scalable dApps. It is not a standalone blockchain but rather a networked system running on top of existing and future blockchains. Its technology stack includes cChannel (generalized state channel and side chain suite), cRoute (provably optimal value transfer routing), and cOS (development framework and runtime for off-chain enable applications).
Celer introduces several cryptoeconomics mechanisms: Proof of Locked Commitment, Liquidity Backing Auction, and State Guardian Network. In PoLC, users that commit their idle liquidity to the off-chain platform are rewarded with CELR tokens. LiBA allows off-chain service providers to solicit liquidity through “crowd lending” with negotiated interest rates. Finally, the SGN is a special compact sidechain that guards the states when users are offline such that users’ states are always available for dispute.
Abeer is a second year PhD student at the University of London. Currently she is working on analysing the dynamics of Bitcoin and cryptocurrencies market, how competition arose and consensus emerges within these systems.
For her paper “Machine Learning the Cryptocurrency Market,” ElBahraway and her team analyzed daily data for 1,681 cryptocurrencies for the period between November 2015 and April 2018 and found that simple trading strategies supported by machine learning algorithms outperformed standard benchmarks. They test the performance of three models in predicting daily cryptocurrency price: two based upon gradient boosting decision trees and one based upon long short-term memory recurrent neural networks. All models perform better than a baseline simple moving average model in which a currency’s price is predicted as the average price across the preceding days; the method based on LSTM recurrent neural networks performs the best.
Arthur obtained his PhD from ETH Zurich on blockchain security. He is co-founder of the smart contract formal verification tool securify.ch and co-founder of Liquidity.Network, the first bi-directional off-chain wallet for Ethereum.
In his paper, “XCLAIM: Interoperability with Cryptocurrency-Backed Tokens,” Gervais and his team propose XCLAIM, a protocol for issuing, trading, and redeeming tokens on a cryptocurrency A backed by units of another cryptocurrency B. Currently, decentralized exchanges do not offer trades across blockchains. XCLAIM is, to the best of their knowledge, the first protocol for issuing, trading, and redeeming cryptocurrency-backed tokens without necessitating full trust in a centralized entity. They discuss a variety of sub-protocols: Issue, Trade, Redeem, and Replace. These sub-protocols are used by XCLAIM to e.g. create Bitcoin-backed tokens on Ethereum.
Steven is a PhD candidate at Princeton University. He works at the intersection of crypto(graphy) and crypto(currencies) and is a co-author of the leading textbook on cryptocurrencies.
In the paper, “When the cookie meets the blockchain: Privacy risks of web payments via cryptocurrencies,” Goldfeder and his team demonstrate that online trackers are able to see sensitive details of payment flows, such as the identities and prices of items added to shopping carts. Often times, this information is enough to link it uniquely to a transaction on the Bitcoin blockchain. In their research, they compiled a list of 130 websites that accepted Bitcoin and found that at least 53/130 of merchants leak payment to a total of at least 40 third parties. They also found that unique linkage is possible in over 60% of cases and that for the vast majority of cases, the anonymity size set is 5 or less. Analyzing 78,697 CoinJoin transactions on the Bitcoin blockchain over a two-year period, they discovered that if a victim employs 3 rounds of CoinJoin but the adversary observes two of the victim’s payments, the adversary can link them back to the victim’s payments with 98% accuracy.
Yoichi works on Ethereum Virtual Machine and some proof-of-stake protocols as a formal verification engineer.
In the paper, “Defining the Ethereum Virtual Machine for Interactive Theorem Provers,” Hirai and his team define the EVM in Lem, which can be translated into popular interactive theorem provers like Isabelle/HOL. They give a formal specification of the interface between a smart contract execution and the rest of the world. The team also tested executable part of their EVM definition against the VM test suite, which validates existing Ethereum node implementations. In doing so, they found unsearched corner cases in the test suite. They demonstrated that formal executable specification is effective for verifying smart contracts, for testing the specification, and for measuring code coverage of virtual machine tests. The team expects this development to be a basis for more sophisticated smart contract verification frameworks and for verified compilers from/to EVM bytecode.
Stephanie is a Founding Economist at Prysm Group, a firm that specializes in economic and governance design for blockchain companies, institutions, and governments.
In the work, “Blockchain Upgrade as a Coordination Game,” Stephanie and her colleagues discuss the importance and challenges of establishing a governance system for a blockchain when hard forking is an option for part of the community. They find that when choosing among policies in a governance setting, an individual’s preferred policy depends not only on what the individual wants, but what the other individuals on the chain want. This complexity of preferences cannot be captured by commonly advocated voting procedures, leading to problematic outcomes when those voting procedures are used. One critical observation is that, as blockchain governance processes are developed, blockchain developers may wish to encourage frequent, incremental proposals rather than infrequent, radical proposals in order to maintain a single community. Given the complexity of governing a blockchain, they anticipate that blockchain developers will end up designing new and unique governance mechanisms. Some open questions to consider include what to use as the social planner’s objective, whether and when to try to prevent hard forks, and how to design a policy proposal process that works in harmony with the chosen governance.
Ari is a Professor at the Jacobs Institute, Cornell Tech, in NYC and Co-Director of the Initiative for CryptoCurrencies and Contracts (IC3). He was previously Chief Scientist of RSA.
In the work, “PIEs: Public Incompressible Encodings for Decentralized Storage,” Ari and his team present the first provably secure, practical technical tool to proving file replication in distributed storage networks: a public incompressible encoding (PIE), thus enabling detection of servers that fail to use adequate storage. All DSNs pose a fundamental technical challenge: proving data is stored robustly. Whereas in convention cloud storage, users trust providers to faithfully replicate files, decentralized systems involved untrusted peers that must prove they have done so. PIEs solve this problem by preventing an adversary from undetectably compressing G by more than a tiny amount. Any adversary challenged by a verifier to produce a randomly selected block of G will with a certain probability need to perform a long sequential computation, which delays the response and allows the verifier to detect him. In DSNs, a provider is monetarily rewarded for periodically proving retention of an encoded file G and delivering it on demand. In such settings, a PIE is sufficient to ensure that an economically rational provider will correctly and fully store G.