Notes
Lecture 20
----------
We've discussed blockchains & bitcoin
What's different with Ethereum?
- "smart contracts"
- distributed application running in VMs
- with a distributed, consistent data store
Key difference - who runs the code is determined by economics
- who is willing to pay
The infrastructure for running smart contracts doesn't have a lot
of resources left over for the actual contracts
- most goes to proof of work
So we have something like WebAssembly for running code on the nodes
- and this code can then interact with other Ethereum accounts,
and potentially other services that have interfaces into Ethereum
What does proof of work really buy you?
- compared to other systems we've discussed?
--------------
With blockchain technologies, we make a bargain:
- give up any notion of performance or efficiency
- proof of work consumes huge amounts of resources
- in exchange, no trusted third party
- but what do you have instead?
Instead, trust majority of computing power in the network + correctness/security of code, algorithms, & protocols
- why is this better than a third party?
What do you trust more, law/social arrangements or code?
- but this really isn't the choice
- because the code *will* have flaws, and then they'll be
addressed using laws & social arrangements
What is a fork?
- disagreement over what the "valid" chain is
- supposed to be the one with the most compute on it
- but really, could be any chain as long as everyone agrees
Realize the blockchain is just a consensus log
- canonical order of events (remember Delos)
Partitions are when consensus breaks down
- that's all a fork is
Note that with NFTs the things being traded aren't in the blockchain
- just the hash
Secure hashes have a few key properties
- If I have a hash, I can't create data that has that hash
(can't reverse it)
- Hashes of two sets of data won't be equal
- so different hashes => different data
(no collisions)
So, a hash can serve as an unforgeable identifier for digital data
That's why when you download programs they often post hashes of the files
- you can check to make sure your downloaded file has the same hash as posted on the website
- digital signatures are all based on secure hashes
If I "own" the hash of some data, that's equivalent to proving I
"own" the data
- but we can have a weird situation where I can prove ownership
of data nobody has ever seen
When you get rid of trusted third parties, nobody can step in when bad things happen
I think there is a future in blockchain technologies
- but it will be proof of stake or, more likely,
"permissioned" blockchains (i.e., with trusted third parties)
Trust is really about what happens when things break
- who is responsible
- who will fix it, or be punished for its failure
We aren't good at thinking about failure, particularly in an adversarial environment
What happens if someone finds a way to make collisions in SHA3 efficiently?
Is this unlikely?
- in my lifetime, MD5 & SHA1 went from being secure to
people finding collisions
Cryptographic primitives have NO PROOF of security
- block ciphers
- secure hashes
- public key cryptography
- MACs
Financial systems only work when people believe in them
- the moment that faith is lost the system breaks