# HG changeset patch # User Christian Urban # Date 1416537557 0 # Node ID 8c07340af3b9eccdf0d177f4e3db0e6e8aef0045 # Parent 250fd40211c708ee56306f6ec79e83ea9b815462 update diff -r 250fd40211c7 -r 8c07340af3b9 handouts/ho08.pdf Binary file handouts/ho08.pdf has changed diff -r 250fd40211c7 -r 8c07340af3b9 handouts/ho08.tex --- a/handouts/ho08.tex Fri Nov 21 01:20:51 2014 +0000 +++ b/handouts/ho08.tex Fri Nov 21 02:39:17 2014 +0000 @@ -131,7 +131,7 @@ \begin{itemize} \item Bob asks the bank whether the Bitcoin with that serial - number belongs to Alice and Alice hasn’t already spent + number belongs to Alice and Alice hasn't already spent this Bitcoin. \item If yes, then Bob tells the bank he accepts this Bitcoin. The bank updates the records to show that the Bitcoin @@ -238,7 +238,7 @@ transaction from Charles over 4 Bitcoins to Alice split in such a way that Alice receives 1 Bitcoin and Emily sends the remaining 3 Bitcoins ``back'' to herself. In this case she -would now be in the ``posession'' of two unspend Bitcoin +would now be in the ``possession'' of two unspend Bitcoin transactions, one over 3 Bitcoins and the independent one over 6 Bitcoins. Or, Emily could combine both transactions (one over 4 Bitcoins from Charles and the independent one over 6 @@ -516,7 +516,122 @@ \subsubsection*{Bitcoins for Real} +\ldots +\lstinputlisting[language=Scala]{../slides/msg} + +\noindent +The hash in Line 1 is the has of all the data that follows. It +is a kind of serial number for the transaction. Line 2 +contains a version number. Line 3 and 4 specify how many +incoming transactions are combined and how many outgoing +transactions there are. In our example there are 1 each. Line +5 specifies a lock time for when the transaction is supposed +to become active---this is usually set to 0 to become active +immediately. Line 6 specifies the size of the message; it has +nothing to do with the Bitcoins that are transferred. Lines 7 +to 11 specify where the Bitcoins in the transaction are coming +from. The has in line 9 specifies the incoming transaction and +the \pcode{n} in Line 10 specifies which output of the +transaction is referred to. The signature in line 11 specifies +the address (public key $K^{pub}$) from where the Bitcoins are +taken and the digital signature of the address, that is +$\{K^{pub}\}_{K^{priv}}$. Lines 12 to 15 specify the value of +the first outgoing transaction. In this case 0.319 Bitcoins. +The hash in Line 14 specifies the address to where the +Bitcoins are transferred. + +\ldots + +\subsubsection*{Anonymity and Government Meddling} + +One question one often hears is how anonymous is it actually +to pay with Bitcoins? Paying with paper money in the past was +quite an anonymous act (unlike paying with creditcards), but +this has changed nowadays. You cannot come to a bank anymore +with a suitcase full of money and try to open a bank account. +Strict money laundering and taxation laws mean that not even +Swiss banks are prepared to take such money and open a bank +account. With Bitcoins the situation is different, but I fully +agree with the statement by Nielsen from the blog article I +referenced at the beginning: + +\begin{quote}\it{}``Many people claim that Bitcoin can be used +anonymously. This claim has led to the formation of +marketplaces such as Silk Road (and various successors), which +specialize in illegal goods. However, the claim that Bitcoin +is anonymous is a myth. The block chain is public, meaning +that it’s possible for anyone to see every Bitcoin transaction +ever. Although Bitcoin addresses aren't immediately associated +to real-world identities, computer scientists have done a +great deal of work figuring out how to de-anonymise +`anonymous' social networks. The block chain is a marvellous +target for these techniques. I will be extremely surprised if +the great majority of Bitcoin users are not identified with +relatively high confidence and ease in the near future.'' +\end{quote} + +\noindent The only thing I can add is that with Bitcoins we +will have even more fun with many more confessions like the +infamous ``I did not +inhale''.\footnote{\url{www.youtube.com/watch?v=Bktd_Pi4YJw}} +The whole point of the blockchain is that it public and will +always be. There are some precautions that are suggested, like +to use a new public-private key pair for every new transaction +or access Bitcoin only through the Tor network. But the +transactions in Bitcoins are designed such that they allow one +to combine incoming transactions. In such cases we know they +must have been made by the single person who new the +corresponding private keys. So using different public-private +keys for each transaction, might not make the de-anonymisation +task much harder. And the point about de-anonymising +`anonymous' social networks is that the information is +embedded into the structure of the transition graph. And this +cannot be erased with Bitcoins. + +Finally, what are the options for a typical western government +to meddle with Bitcoins? This is of course one feature the +proponents of Bitcoins tout: namely that there aren't any +options. In my opinion this is too naive and far from the +truth. Let us assume some law enforcement agencies would not +have been able to uncover the baddies from Silk Road 2.0 (they +have done so by uncovering the Tor network, and incredible +feat on its own). Would a government have stopped? + +\begin{itemize} +\item The government could compel ``mayor players'' to + blacklist Bitcoins (for example at exchanges). This + would impinge on what is called \emph{fungibility} of + Bitcoins and make them much less attractive to baddies. + This blacklisting can be easily done ``whole-sale'' and + therefore be really be an attractive target for + governments \& Co. +\item They could attempt to coerce developer community of the + Bitcoin tools. While this might be a bit harder, we know + certain governments are ready to take such actions (we + have seen this with Lavabit, just that the developers + there refused to play ball and shut down their complete + operation). +\item The government could also put pressure on mining pools + in order to blacklist transactions from baddies. Or be + big a miner itself. Given the gigantic facilities that + are built for institutions like the NSA + + \begin{center} + \includegraphics[scale=0.04]{../pics/nsautah1.jpg} + \hspace{3mm} + \includegraphics[scale=0.031]{../pics/nsautah2.jpg} + \end{center} + + this would not be such a high bar to jump over. +\end{itemize} + +\noindent Finally the government would potentially not need to +follow up with such threads. Just the rumour that it would, +could be enough to get the Bitcoin-house-of-cards to tumble. +Because of all this I would not have too much hope that +Bitcoins are free from government \& Co interference when it +will stand in its way. \end{document}