6th September, 2018

Session 1

What is money?
-Money is memory
-More precisely, it is collective memory
-What both examples—and numerous additional ones that could be listed—illustrate is how
important “myth,” unquestioned belief, is in monetary matters.
-Bitcoin can be thought of as a virtual gold - money that requires minimal trust

Blockchain: provides cryptographic integrity

Byzantine failures​​ are defined as arbitrary deviations of a process from its assumed behavior
based on the algorithm it is supposed to be running and the inputs it receives. Such ​failures
can occur, e.g., due to a software bug, a (transitional or permanent) hardware malfunction, or a
malicious attack

Fault Tolerance with low trust

-Multiple copies of the data(ledger)
-Digital Signatures
-Cryptographic hashes to detect corrupted ledger

Simplified version of Block

-Timestamp
-Dr A/c
-Cr A/c
-Amount
-Hash of Previous Row

Features of Blockchain:
-Organizationally decentralized but logically centralized
-A full audit trail is available to everyone: every node verifies this trail
-Cryptographic integrity checks make the blockchain tamper proof

Benefits and problems of blockchain

-Disintermediation by reducing or eliminating the need for trusted third parties
-Lower transaction costs and reconciliation costs
-Improved market access
-Greater resilience to cyber threats because there is no single point of failure
-Efficiency and speed from use of smart contracts
-Inefficient compared to traditional centralised models
-Still developing
7th September, 2018
Session 2

Cryptographic Goals: Physical Solutions

Confidentiality - locked complaint box

Data Integrity - thin film with holographic image stuck on a document: removing the foil destroys
the image.

Entity Authentication - Identity Card

Message authentication (with repudiability) - Oral face to face conversation

Non-repudiation - handwritten signature on a cheque

Timestamping - Scribbling a message in the white space in a printed newspaper versus

publishing a classified advertisement in a newspaper.

Anonymity - “Across the middle of it a single sentence had been formed by the expedient of
pasting printed words upon it: ​As you value your life or your reason keep away from the moor”. -
Hound of Baskervilles

The broader environment

● Communication channel security

○ Can others hear/read the message while in transit?
○ Can others alter the message while in transit?
● Is there a trusted third party (TTP_?
○ Certification
○ Witnessing
○ Revocation
● How do the “messages” relate to the physical world?
○ Ownership: A title deed represents ownership of a piece of land
○ Authorization: A search warrant issued by a court gives authorization to a police
officer to search a suspect’s house.
○ Access Control:

Cryptographic Primitives

● Encryption
● Public Key Infrastructure
 ● Cryptographic hashes
● Digital signatures
● Cryptographically secure pseudo random number generators (CSPRNG).

A Naive Encryption Algorithm

● Caesar cipher
○ Encryption Algorithm: Shift every letter 3 places to the left
○ Decryption Algorithm: Shift every letter 3 places to the right
● Caesar cipher + keys = Vigenere cipher

Encryption Algorithms with Keys

● Modern cryptography conforms to Kerchoffs’s principle that the keys are secret but the
cryptographic system is not secret.

Public Key Infrastructure

Public and Private Keys

Trapdoor Functions: Discrete Logarithm
Duffie-Hillman key exchange and EIGamal PKI
What is a hash?
-A hash function h maps a message of arbitrary finite length to a string of fixed length, say n
bits.
Digital Signature
Certifying Authority

Session 3
12th September, 2018

Payment & Settlement Systems

There are two kind of payment systems:

● RTGS - Real Time Gross Settlement, through central bank has a complicated electronic
system. Has to deal with liquidity problem. Liquidity requirement is very high. Sometimes
it neither happens in real time nor it is gross in nature.
○ Large Value transactions.
○ DNS net settlement will also happen on RTGS.
○ Fund settlement of securities settlement
■ Is given priority over normal payment settlements
■ In this case liquidity credit is doubly automatic because it is extremely
time critical, bank is not given the option to use your collateral
 ○ Domestic Currency settlement of foreign exchange trades
○ Ways to manage Liquidity
■ Intra-day or Day Light Credit
● Provided Automatically but only provided against collateral
typically against government bonds which is given to central bank
right at the outset
■ Sometimes liquidity is constrained due to collateral overutilization
● To tackle it there is Urgent (for time critical operations) and
Regular Queue. Some Central Banks also have Very Urgent,
Urgent and Not Urgent. If something is stuck in the queue for a
long time then how does the queue speeds up then optimization
algorithm (Net Settlement happens and is used to clear payments
which are circular in fashion between multiple banks) is run in
regular queue.
● Other ways of how optimization algorithm works - block of
transactions are done and if net liquidity is not enough then
transactions are dropped by both time and priority. Newest and
low priority transactions are first dropped and retested for liquidity.
Nothing is queued beyond end of day.
○ Required to be extraordinarily reliable. Central banks want to use blockchain for
RTGS because it has potential to offer more reliability because of more no. of
nodes which will lead to more resilience. Current Disaster Recovery programs for
RTGS is way more advanced and expensive than regular corporate disaster
recovery programs.

● DNS - Deferred Net Settlement (e.g. NEFT and it operates in hourly batches). It solves
the liquidity problem. Credit Risk.

Retail cross border payment

● SWIFT (Society for Worldwide Financial Telecommunication) - Computer network

created to exchange messages in secure manner means it will require public keys/digital
signatures. SWIFT created the network and also issued the digital signatures as a
certifying authority. AMLCFT has led to banks in small and problem countries to not
having any correspondent banks in USA, so they have to accept payments in bitcoin.

Session 4
14th September, 2018

Fx payments:
● Dollar settles on dollar RTGS and EURO settles on Euro RTGS, problem is with time
zones.
● There is a time window when all Central bank RTGS globally is open. 7 am to 9 am
central Europe time.
● CLS Bank (Continuous Link Settlement) - Their sole purpose is Fx transactions. CLS
receives money from both parties in different currencies and only and only when it
receives payment from both parties it transfers it to respective parties simultaneously.
Exposed to trade risk between transaction and settlement time but not exposed to
principal risk. This is called PvP.
○ Both transacting parties have accounts at CLS. It also has account at FED and
ECB. Example being trade between J.P. Morgan and Deutsche Bank of Dollars
and EURO.
○ A has no account at the FED. A uses a correspondent bank which has account
with CLS.
○ Distinction between Funding and Settlement: CLS bank asks for funding on net
basis but settlement is gross. This creates huge liquidity requirement for CLS
Bank. So CLS has Liquidity arrangements through Swap arrangements which
exposes it to market risk. Gross settlements are happening through liquidity
arrangements.
○ In/Out Swap

● Securities Settlement:
○ Trading - Matching buyer and seller, happens at extremely low latency
○ Clearing - a lot of Netting happens in multiple ways, obligation is bunch of Pay-In
(funds and securities) and Pay-out obligations, works in a similar fashion as CLS.
■ At Exchange level
■ At broker level
■ Delivery vs Payment
● Gross
● Net
○ Settlement
■ Funds via Central Bank or Commercial Bank
■ Securities via Depository
■ Operational issues can be involved
● Derivatives Settlement
○ Mark to Market (issues: Price feed and computations)
○ Collateral management
■ Pricing
■ Haircuts
○ Risk Management System
Session 5
19th September, 2018

Bitcoin doesn’t maintain an account. It maintains transactions. Inputs and Outputs (Spent and
Unspent). Only transactions reside on blockchain.Transactions are processed from genesis
block onwards to form UTXO database and the software which is running it can store UTXO
Database anywhere it prefers such as Oracle or Spreadsheet. Bitcoin is not fungible.

For every input is checked against UTXO database to see if input is unspent.

UTXO = Unspent Transaction Outputs (It resides nowhere.)

Bitcoin public key is not a key but its a script. In general, this is what the script says ‘Verify this
public key against this.’

Script provides hash of public key:

● Verify hash of public key
● Verify digital signature

Scripts allow flexibility to form different rules such as joint accounts or authority check.
Programming language is different from other languages, it is not a turing complete language.
Ethereum is a turing complete language.

What does public key mean?

It has the hash of the public key script.

Signature Script Data will contain Public Key and Digital Signature.

How Bitcoins work?

● Blocks are chained using hashes → Not blocks but blockheaders are chained using
hashes. How is integrity of the blockheaders ensured? Merkle tree is used.
○ Uses Binary Hash Tree.
○ Contains root hash of Merkle Tree of transaction
○ Contains hash of previous block header

Solving the problem of Double Spending:

Block Header:
● Merkle Root
● Previous block header
● Nonce - It doesn’t mean anything, its there only to meet some other requirement.
When the blockheader is hashed, it must begin with ‘x’ no. of zeroes. Keep changing the nonce
such that the condition is met. First miner who finds the right nonce wins or validates the
transaction. This requires huge computational power.

How is the x decided?

X depends on every block is created every 10 mins. X is dynamic. Every two weeks it is
recalibrated based on flow of computing into bitcoin network.

ASIC bitcoin mining chips are used to mine bitcoin. Arrival of transactions is a Poisson
distribution.

Session 6
20th September, 2018

Refer to: ​https://www.blockchain.com/

Lightning Network - Really fast and low transaction cost called SegWit in Bitcoin.

m of n signatures ​- Bob is going to buy from Charlie and the problem is that Bob would of
course like to get the goods and verify that goods are of good quality and Charlie would like to
first get the BTC. Supposed transactions don’t happen simultaneously and they do not trust
each other. Alice is the arbitrator. Bob says that he will put money in 2 of 3 multi-sig (Alice, Bob
and Charlie). At least two signatures required to get payment.

Precursor of Lightning Network: Transaction Malleability required.

Example of net settlement (DNS)

Alice Bob

Transfers lump sum amount to 2 of 2 multisig

Right at the outset full refund transaction

signed by both to Bob on locktime

Bob Signs modified refund transaction with

$5 to Alice and $95 to Bob

Process goes on so forth

Locktime: Similar to a post dated cheque, transaction will accepted only pre mentioned time.
Session 8
27th September, 2018

Smart Contracts: They are not restricted to blockchain. Can be implemented without even
computers. When put on open internet then requirement of following comes into picture:

-Secure Data/Trust
-Secure Computing/Trust

It's more a question of trust than security. Because trust is primary prerequisite before people
start using it. Bitcoin scripting language is crippled on purpose to remove any kind codes which
run loops. Ethereum has turing complete scripting language.

Smart Contracts should receive Money and Messages. Smart contracts are self-enforced which
means ‘Code is Law’.

Auction Process:
-Bid Start Time
-Bid Stop Time
-Open Bid or Closed Bid (have to check if someone is bidding has money or not then you ask
them deposit money along with the bid, then question of trust arises about safe return of money,
built in towards end of the bid)

(Public bid option)

Refund incoming bid if it <= highest bid else
Refund existing highest bid & incoming bid becomes highest bid

Still requires offline/off-chain jurisprudence as in case of delivery of physical good, a custodian

will need to be appointed whom most people trust.

Closed bid option

Hash of the bid is sent between bid start and bid end time.

At the end of bid time, a time window is provided to submit bid in plain text.

3 problems can arise:

-No plain text submission
-Plain text submitted but amount mismatch
-Plain text submitted but bid amount is highest

Losing valid bids refunded

Invalid bids refunded after deducting penalty
What happens to penalty? - Give all to seller,

Session 9
28th September, 2018

Ethereum: Platform for smart contracts

Turing Complete - Can run arbitrary code

Fuel for ethereum is gas. You have to burn gas to run a computation and store data. Cost
everything in terms of gas, for every operation there is cost involved expressed in terms of units
of gas.

Ether is currency on the chain to pay for gas. Link between Ether and gas (?) Don’t know cost of
computation will evolve. This cost will be market determined cost. Each miner will say how ether
and gas equate, so market determined cost of gas.

Transaction stops when fees associated with it gets over. So you would estimate for gas
required plus also cost of gas in ether that day. You are always better paying estimating slightly
higher so that operation is complete and balance of gas is refunded otherwise gas gets wasted
without operation being completed.

Storage(variables)
“State”
Accounts & Balances (instead of UTXOs for Bitcoin)
-Two kinds of accounts
-Normal Accounts
-Contracts

Idea of account is that some human being owns the account. External owned accounts.

Contract can also have an Ether balance. It is completely autonomous as in once it is set up, it
is just the code and only code is the law.

How to Store State?

1. Merkle - Patricia Trie (for each account and for a global account which has values
pointing to individual accounts):
a. Key = value pairs
b. Hashed → Root Hash

● 10 mins too long(problem with bitcoin idea implementation for Ether because messages
will be exchanged frequently)
 ● block every 15 secs ( a lot of blocks will be orphaned, ​Uncle/Ommer: a child of a parent
of a parent of a block that is not the parent, or more generally a child of an ancestor
that is not an ancestor. If A is an uncle of B, B is a nephew of A. ​To help reward
miners for when duplicate block solutions are found because of the shorter block
times of Ethereum (compared to other cryptocurrency). An uncle is a smaller reward
than a full block. (And if they are submitted later than the next block, the reward
rapidly diminishes, ending at zero after seven blocks later.))

Miner of ommer block gets 7/8th of ommer reward if it gets placed on the new block
being created on top accepted block by network and the guy who includes hash of
ommer block gets 1/8th of the ommer reward.

Inclusion of ommer blocks doesn’t alter the length of the chain but changes its weight
as it includes orphaned blocks. Heaviest chain instead of longest is the most
validated one called GHOST (Greedy heaviest observed subtree).

● Memory intensive Proof of Work

● Proof of Stake: Attack called ‘Nothing at Stake’ by forking from the previous block
after which ether was spent. To solve ‘Nothing at Stake’ idea of registering as Voter
with blocked Ether in escrow. Not implemented yet.

To monetise Ethereum while keeping it open source:

● Genesis is block - Can do a lot of mining in genesis block itself. Genesis block is
unique. Lots of coins issued in genesis block. Allow people to buy Ether in initial
sale. Ether coins priced in terms of bitcoin in initial offering, bitcoin was highly liquid
when Ethereum was launched. Almost like an IPO called ICO(Initial Coin Offering).