SlideShare a Scribd company logo

Blockchain and Cryptocurrency for Dummies

Narudom Roongsiriwong, CISSP
Narudom Roongsiriwong, CISSP

Blockchain technology is a distributed ledger platform that provides open and transparent transaction information with integrity and non-repudiation based on modern cryptography. It is also the technology behind many cryptocurrencies. This presentation will give fundamental knowledge on how blockchain works, its cryptography implementation, cryptocurrency definition and related terms and also blockchain use cases.

Technology
1 of 65
Download to read offline
Blockchain and Cryptocurrency for DummiesBlockchain and Cryptocurrency for Dummies Narudom Roongsiriwong, CISSPNarudom Roongsiriwong, CISSP June 21, 2018June 21, 2018
WhoAmI ● Lazy Blogger – Japan, Security, FOSS, Politics, Christian – http://narudomr.blogspot.com ● Head of IT Security, Kiatnakin Bank PLC (KKP) ● Consultant for OWASP Thailand Chapter ● Committee Member of Cloud Security Alliance (CSA), Thailand Chapter ● Committee Member of Thailand Banking Sector CERT (TB-CERT) ● Technical Team Member for National Digital ID project ● Contact: narudom@owasp.org
Blockchain Blockchain OverviewBlockchain Overview
Blockchain Timeline The Potential of Blockchain Technology, Pioneers Discover https://www.slideshare.net/Pioneers_io/the-potential-of-blockchain-technology-72277655
Blockchain at a Glance Shared Ledger of transactions Anyone can inspect the transactions No single entity controls
Public vs Consortium vs Private Blockchain Public No Centralized Management Consortium Multiple Organizations Private Single Organization Participants Permissionless ● Anonymous ● Could be malicious Permissioned ● Identified ● Trusted ● Could misbehave Permissioned ● Identified ● Trusted Consensus Mechanisms Proof of Work, Proof of Stake, etc.. ● Large energy consumption ● No finality ● 51% attack Voting or multi-party consensus algorithm ● Lighter ● Faster ● Low energy consumption Pre-approved participants ● Lighter ● Faster ● Low energy consumption ● Cheaper Transaction Approval Freq. Long Bitcoin: 10 min or more Depends on number of nodes but faster than public blockchain Short 100x msec
Bitcoin https://bitcoin.org/bitcoin.pdf
Ethereum ● A blockchain platform that runs smart contracts ● Using Ether as a mean of payment (Cryptocurrency) but is listed in Cryptocurrency Exchange as “Ethereum” ● Ethereum allows different digital assets (tokens) which may be used in conjunction with Ether ● ERC-20 is one of the most significant token standards of all for Ethereum
Hyperledger ● The most well-known private blockchain frameworks intend for business ● Hosted by Linux Foundation ● Under the name Hyperledger, there are many frameworks and tools inside for different purposes
Blockchain Basic Cryptography in BlockchainBasic Cryptography in Blockchain
Cryptography Definitions & Concepts ● The process of converting ordinary plain text into unintelligible text and vice-versa ● Modern cryptography concerns with: – Confidentiality - Information cannot be understood by anyone – Integrity - Information cannot be altered. – Non-repudiation - Sender cannot deny his/her intentions in the transmission of the information at a later stage – Authentication - Sender and receiver can confirm each ● Modern cryptography mainly based on mathematical theory and computer science practice Mandatory concerns in Blockchain
Types of Cryptography Mandatory algorithms in Blockchain
 Any function that can be used to map data of arbitrary size to data of a fixed size.  The value returned by a hash function is called hash  In the other hand, the hash is a fingerprint of the message  Well-know hash functions: SHA-1, SHA-2 Hash Function Message or data block M (variable length) H h Hash value (fixed length) h = H(M)
Encryption Encryption is a method of transforming readable data, called plain text, into a form that appears to be random and unreadable, which is called cipher text. Plain text is in a form that can be understood either by a person (a document) or by a computer (executable code). Once it is transformed into cipher text, neither human nor machine can properly process it until it is decrypted.
Asymmetric Cryptography ● Aka “Public Key Cryptography” ● Two related keys (public and private key) are used – Public key may be freely distributed while its paired private key remains a secret – Either of the keys can be used to encrypt a message; the opposite key is used for decryption ● If a public key is authentic (belongs to the person or entity claimed) and that it has not been tampered with or replaced by a malicious third party, asymmetric encryption will deliver – Confidentiality – Integrity – Authenticity – Non-repudiation
Two Usage of Asymmetric Encryption Encrypt Confidentiality assurance in asymmetric key cryptography Bob’s Private KeyBob’s Public Key Anyone Decrypt Bob Nobody can read encrypted message except Bob. Proof of origin assurance in asymmetric key cryptography Encrypt Anyone Bob’s Public Key Decrypt Bob’s Private Key Bob Everyone can read encrypted message with Bob’s public key and know it is from Bob. Mandatory usage in Blockchain
Digital Signature
Blockchain Blockchain BasicsBlockchain Basics
Blockchain Distinction Blockchain technology must consist of these 3 properties – A chain of blocks that metadata (or header) in each block contain the result from hash function of the previous block data except the Genesis block – Decentralization with proven mechanism to ensure every node will obtain the same data during block creation process (consensus). – Open and transparent execution For public blockchains, balance benefit and incentive model must be declared
Chain of Hashes Block 0 Nonce Tx Tx ... Block 1 Previous Hash Nonce Tx Tx ... Hash(Block0) Block 2 Previous Hash Nonce Tx Tx ... Hash(Block1) Hash(Block2)
Consensus Protocols ● Proof of Work (PoW) – Concept: Who can solve the problem first will get the incentive (mining) and choose which transactions to be in the next block. – Implementation: Bitcoin, Ethereum (current) – Attack Resistance: Attacker must have more than 50% of the whole network computing power ● Proof of Stake (PoS) – Concept: Who has the most of stakes (rich) can choose which transactions to be in the next block. – Implementation: Peercoin, Ethereum (planned) – Attack Resistance: Attacker must have more than 50% of the whole network stakes
Consensus Protocols (cont’d) ● Practical Byzantine Fault Tolerance (PBFT) – Concept: No mining, we vote a leader every time with the same rule and the leader will set parameters for the next block. – Implementation: Hyperledger – Attack Resistance: Attacker must have more than 1/3 of total nodes to stop block creation and 2/3 to manipulate transactions ● Hybrid – Concept: Each protocol has different strength, can we take the best of two or more protocols? – Implementation: Tendermint (PBFT+PoS) – Attack Resistance: Depends on which protocols
Open and Transparent Execution ● Designs and algorithms must be declared to public to verify ● Source code must be able to be audited in order to prove that declared designs and algorithms are implemented ● All transactions are traceable, and permanently stored in the blockchain network.
Smart Contract ● A computer code running on top of a blockchain containing a set of rules under which the parties to that smart contract agree to interact with each other. ● If and when the pre-defined rules are met, the smart contract will auto execute the transaction. ● The Ethereum project introduced the idea of decoupling the contract layer from the blockchain layer. ● A smart contract can only be as smart as the people coding taking into account all available information at the time of coding.
Smart Contract Examples Source: PricewaterhouseCoopers http://usblogs.pwc.com/emerging-technology/how-smart-contracts-automate-digital-business/
Typical Blockchain Technology Stack Blockchain: A Beginners Guide, BlockchainHub
Fork ● Regular Fork ● Hard Fork Rare Extended Forking Normal Occasional Forking block0 block1 Header Hash block2 block2 block3 block4 block5 block6 block3 block4 block5 block2 block5 block1 block2 block4 block5block0 Header Hash block3 block6 A Hard Fork: Non-Upgraded Nodes Reject The New Rules, Diverging The Chain Blocks From Upgraded Nodes Blocks From Non- Upgraded Nodes Follows Old Rules Follows Old Rules Follows Old Rules Follows New Rules Follows Old Rules Follows New Rules Follows New Rules Follows New Rules
Distributed Ledger Technology (DLT) ● Distributed ledgers use independent computers (referred to as nodes) to record, share and synchronize transactions in their respective electronic ledgers ● Blockchain technology can be used as DLT
Blockchain Cryptocurrency Definition & Related TermsCryptocurrency Definition & Related Terms
Definition#1 https://www.investopedia.com/terms/c/crypto-token.asp A cryptocurrency is a standard currency which is used for the sole purpose of making or receiving payments on the blockchain. For instance, the most popular cryptocurrency is Bitcoin. Investopedia
Definition#2 Cryptocurrency is a form of digital money that is designed to be secure and, in many cases, anonymous. It is a currency associated with the internet that uses cryptography, the process of converting legible information into an almost uncrackable code, to track purchases and transfers. The Telegraph https://www.telegraph.co.uk/technology/0/cryptocurrency/
Definition from Thailand’s SEC “Cryptocurrency” means an electronic data unit built on an electronic system or network which is created for the purpose of being a medium of exchange for the acquisition of goods, services, or other rights, including the exchange between digital assets. ● Why not refer to blockchain? – There are some reasons for regulation Source: Summary of the Royal Decree on the Digital Asset Businesses B.E. 2561, The Securities Exchange Commission http://www.sec.or.th/TH/SECInfo/LawsRegulation/Documents/Act_Royal_Enactment/enactment_digital_2561_summary_en.pdf
Source: CoinMarketCap, June 20, 2018, https://coinmarketcap.com/
Source: CoinMarketCap, June 20, 2018, https://coinmarketcap.com/
Cryptocurrency in Japan Bitcoin and digital currencies is officially a method of payment (not currencies) since April 1, 2017 Exempt from Japan’s Consumption Tax (JCT; equivalent to VAT) Now Bitcoin are accepted at >260,000 stores in Japan
Digital Tokens ● Forms of digital tokens – Cryptocurrency: a digital medium of exchange – Utility tokens: provide a right to use a product or service – Asset tokens: provide for rights to obtain assets – Security tokens: entitle holders to voting rights and/or rights to profits/losses ● However, the distinction between types of tokens can oftentimes be blurry ● Digital tokens are often built on a blockchain Source: Cryptocurrencies: Time to consider plan B:, PricewaterhouseCoopers
Digital Assets (Tokens) Definition from SEC Source: รรรู้จจัก พ.ร.ก. สสินทรจัพยย์ดสิจสิทจัล - ภาพรวม, The Securities Exchange Commission
Mining ● Cryptocurrency mining includes two functions: – Adding transactions to the blockchain (securing and verifying) – Releasing new currency. Individual blocks added by miners should contain a proof-of-work, or PoW. ● Mining needs a computer and a special program for miners to compete with their peers in solving complicated mathematical problems. ● The problem (for Bitcoin) is to zero in on a hash value less than the target and the first to crack it would be considered as the one who mined the block and is eligible to get a rewarded.
Mining Rig
Mining: Bitcoin Hash Rate Distribution An estimation of hash rate distribution amongst the largest mining pools on last 24 hours. Snapshot on June 19, 2018
Wallet ● A cryptocurrency wallet is a software program that stores or manage private and public keys and interacts with one or more cryptocurrencies to enable users to send and receive cryptocurrency and monitor their balance. ● Cryptocurrencies don’t get stored in any single location or exist anywhere in any physical form. All that exists are records of transactions stored on the blockchain.
Different Types of Cryptocurrency Wallets ● Desktop: Software wallet installed on single PC ● Online: Wallets store your private keys online and are controlled by a third party ● Mobile: Wallets run on an app on your phone ● Hardware: A hardware device like a USB to store a user’s private keys ● Paper: A physical copy or printout of your public and private keys
Are Wallets Secure? ● The level of security depends on the type of wallet you use (desktop, mobile, online, paper, hardware) and the service provider. ● Online wallets can expose users to possible vulnerabilities in the wallet platform which can be exploited by hackers to steal your funds. ● Offline wallets, on the other hand, cannot be hacked but easy to be lost. ● Remember that no matter which wallet you use, losing your private keys will lead you to lose your money.
Double Spending ● A double spend is an attack where the given set of coins is spent in more than once. There are a couple main ways to perform a double spend: – Send two conflicting transactions in rapid succession into the cryptocurrency network. This is called a race attack. – Pre-mine one transaction into a block and spend the same coins before releasing the block to invalidate that transaction. This is called a Finney attack. – Own 51+% of the total computing power of the cryptocurrency network to reverse any transaction you feel like, as well as have total control of which transactions appear in blocks. This is called a 51% attack. ● To prevent damages – Race attack - wait for one confirmation to appear on a given transaction. – Finney attack - wait for 6 confirmations to appear on a transaction, or less if the transaction is small (but still require at least 1) – 51% attack: don’t worry
Premined Coins/Tokens ● A premine is where a developer allocates a certain amount of currency credit to a particular address before releasing the source code to the open community. ● For example, Ethereum’s Ether generation – 60 million Ether created to contributors of the presale – 12 Million (20% of the above) were created to the development fund, most of it going to early contributors and developers and the remaining to the Ethereum Foundation
ICO: Initial Coin Offering Similar in theory to an Initial Public Offering (IPO) of a stock, an ICO occurs when someone plans to raise funds by creating a certain amount of a digital token and sells it to the public, usually in exchange for other cryptocurrencies such as Bitcoin or Ether. Crowdfunding Blockchain Cryptocurrency Innovator/ Entrepreneur of a project with good idea Trusted platform that enforces contract/rules Programmable & Independent payment channel, accessible globally
ICO Benefit ● To the issuer: – Access to seed funding, much faster and with fewer restrictions than via the venture capital route – The opportunity to create new, decentralized business models – A base of participants incentivized to use and test the service, and a boot-strapped ecosystem – No loss of equity in the project (unless the tokens stipulated ownership sharing) – A faster funding process – More arbitrary limits to the amounts collected ● To the token holder: – Access to an innovative service – Possible gain through an increase in the token's price – Participation in a new concept, a role in developing a new technology
ICO Risks ● For the issuer: – Uncertain regulation (possible post-issue clamp-down, fine or even sentencing) – Unstable investment (a sell-off by disgruntled users could affect the token price and the viability of the project) – Little idea of who the token holders are (unlike shareholders) ● For the holder: – No guarantee the project will get developed – No regulatory protection (investment at risk) – Often scant information about underlying fundamentals – Little transparency on token holding structure
Cryptocurrency Scams ● Shady Exchanges – Lure trade on the exchange ● Pyramid and Ponzi Schemes ● Pump and Dump – artificially inflating the price of a less-popular coin ● Scam ICO ● Coin Doesn’t Exist
Common Security Concerns Source: CoinDesk https://www.coindesk.com/bithumb-exchanges-31-million-hack-know-dont-know/ Ripple
“Modern-day cybercriminals are increasingly using the dark web to facilitate cryptocurrency theft on a large scale.” Carbon Black Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
Loss from Cryptocurrency-Related Crimes Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
Most Often Targeted by Cryptocurrency-Related Attacks Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
Top Targeted Currency Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
Key Tactics, Techniques, and Procedures (TTPs) Most Favored by Cybercriminals Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
Blockchain Blockchain Use CasesBlockchain Use Cases
National Digital Identity Platform (NDID) ● The Digital Identity Platform is intended to provide a flexible and highly secured method of self- identification for any individual person and juristic person. ● Leverage any reliable identity the user currently holds. Examples of reliable identity could be, for example, Citizen ID, Bank Accounts, Passport Number, Tax ID, Biometric Data.
NDID Terms ● RP (Relying Party) – An entity that relies upon the subscriber’s authenticator(s) and credentials or a verifier’s assertion of a claimant’s identity, typically to process a transaction or grant access to information or a system. ● IdP (Identity Provider) – An entity that creates, maintains, and manages identity information for principals while providing authentication services to relying party applications within a distributed network ● AS (Authoritative Source) – An entity that provides the truth of information related to each principal when that principal makes a consent. – An entity that has access to, or verified copies of, accurate information from an issuing source during identity proofing.
NDID Platform Interconnection National Digital ID Platform DoingBusinessPortal Federated Proxy Government as RP/AS/IdP Registrar AS เชชชื่อมผผ่าน Federated Proxy อยยยู่ภายใตต้วงเงงินของ Doing Business Portal วงเงงิน 4,000 ลบ. เอกชนรผ่วมลงเงงินกกัน เพชชื่อสรร้าง Digital ID Platform โดย บรงิษกัท National Digital ID จจากกัด ททุนจด ทะเบบียนเรงิชื่มตร้น 100 ลบ. หนผ่วยงานภาคเอกชนทบีชื่ ตร้องการเชชชื่อมผผ่าน Federated Proxy ลงททุนเอง หนผ่วยงาน เอกชน ลงททุนเอง AS Proxy IdP Proxy RP Proxy IdPRP เชชชื่อมตผ่อเขร้า DIDP โดยตรง ASIdPRP
NDID Overview Architecture
NDID Node (ZMQ) (Blockchain)
NDID Communication Blockchain
Trade Finance Blockchain BasedBlockchain Based Letter of GuaranteeLetter of Guarantee (LG)(LG) Source: Use Cases for Blockchain Technology in Energy & Commodity Trading, PricewaterhouseCoopers https://www.pwc.com/gx/en/industries/assets/blockchain-technology-in-energy.pdf
Thailand Blockchain Community Initiative ● Cooperation among 14 banks & 7 large corporations ● The blockchain-based LG service is the first project
Blockchain and Cryptocurrency for Dummies

Recommended

Blockchain basics
Blockchain basicsBlockchain basics
Blockchain basicsRomit Bose
 
Smart Contract & Ethereum
Smart Contract & EthereumSmart Contract & Ethereum
Smart Contract & EthereumAkshay Singh
 
Blockchain Study(1) - What is Blockchain?
Blockchain Study(1) - What is Blockchain?Blockchain Study(1) - What is Blockchain?
Blockchain Study(1) - What is Blockchain?Fermat Jade
 
Understanding Blockchain
Understanding BlockchainUnderstanding Blockchain
Understanding BlockchainOgilvy Consulting
 
Blockchain
BlockchainBlockchain
BlockchainMohit Singh
 
Blockchain consensus algorithms
Blockchain consensus algorithmsBlockchain consensus algorithms
Blockchain consensus algorithmsAnurag Dashputre
 
How does blockchain work
How does blockchain workHow does blockchain work
How does blockchain workShishir Aryal
 
Blockchain concepts
Blockchain conceptsBlockchain concepts
Blockchain conceptsMurughan Palaniachari
 

Recommended

Blockchain basics
Blockchain basicsBlockchain basics
Blockchain basicsRomit Bose
 
Smart Contract & Ethereum
Smart Contract & EthereumSmart Contract & Ethereum
Smart Contract & EthereumAkshay Singh
 
Blockchain Study(1) - What is Blockchain?
Blockchain Study(1) - What is Blockchain?Blockchain Study(1) - What is Blockchain?
Blockchain Study(1) - What is Blockchain?Fermat Jade
 
Understanding Blockchain
Understanding BlockchainUnderstanding Blockchain
Understanding BlockchainOgilvy Consulting
 
Blockchain
BlockchainBlockchain
BlockchainMohit Singh
 
Blockchain consensus algorithms
Blockchain consensus algorithmsBlockchain consensus algorithms
Blockchain consensus algorithmsAnurag Dashputre
 
How does blockchain work
How does blockchain workHow does blockchain work
How does blockchain workShishir Aryal
 
Blockchain concepts
Blockchain conceptsBlockchain concepts
Blockchain conceptsMurughan Palaniachari
 
Blockchain
BlockchainBlockchain
BlockchainAmit Kumar
 
Blockchain
BlockchainBlockchain
BlockchainLiam Moore
 
Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain TechnologyRashi Singh
 
Ethereum
EthereumEthereum
EthereumNexThoughts Technologies
 
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Edureka!
 
Blockchain
BlockchainBlockchain
BlockchainSai Nath
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to BlockchainJordan Harris
 
Blockchain and Bitcoin
Blockchain and BitcoinBlockchain and Bitcoin
Blockchain and BitcoinHugo Rodrigues
 
Understanding Proof of Work (PoW) and Proof of Stake (PoS) Algorithms
Understanding Proof of Work (PoW) and Proof of Stake (PoS) AlgorithmsUnderstanding Proof of Work (PoW) and Proof of Stake (PoS) Algorithms
Understanding Proof of Work (PoW) and Proof of Stake (PoS) AlgorithmsGautam Anand
 
blockchain .technology.pptx
blockchain .technology.pptxblockchain .technology.pptx
blockchain .technology.pptxAmit Kumar
 
Smart contract
Smart contractSmart contract
Smart contractAkhmad Daniel Sembiring
 
BLOCKCHAIN
BLOCKCHAINBLOCKCHAIN
BLOCKCHAINNitish sharma
 
Asset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerAsset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerJongseung Kim
 
Crypto Wallet Types Explained
Crypto Wallet Types ExplainedCrypto Wallet Types Explained
Crypto Wallet Types Explained101 Blockchains
 
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...Edureka!
 
Examples of Smart Contracts
Examples of Smart ContractsExamples of Smart Contracts
Examples of Smart Contracts101 Blockchains
 
What's cryptocurrency ?
What's cryptocurrency ?What's cryptocurrency ?
What's cryptocurrency ?Everythingcrypto
 
An Introduction to Blockchain
An Introduction to BlockchainAn Introduction to Blockchain
An Introduction to BlockchainNexThoughts Technologies
 
Crypto wallets
Crypto walletsCrypto wallets
Crypto walletsChristian Kameir
 
BITCOIN EXPLAINED
BITCOIN EXPLAINEDBITCOIN EXPLAINED
BITCOIN EXPLAINEDMurlidhar Sarda
 
Blockchain data structures and fundamental
Blockchain data structures and fundamentalBlockchain data structures and fundamental
Blockchain data structures and fundamentalCodium Club
 
chapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptxchapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptxAschalewAyele2
 

More Related Content

What's hot

Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain TechnologyRashi Singh
 
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Edureka!
 
Blockchain
BlockchainBlockchain
BlockchainSai Nath
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to BlockchainJordan Harris
 
Blockchain and Bitcoin
Blockchain and BitcoinBlockchain and Bitcoin
Blockchain and BitcoinHugo Rodrigues
 
Understanding Proof of Work (PoW) and Proof of Stake (PoS) Algorithms
Understanding Proof of Work (PoW) and Proof of Stake (PoS) AlgorithmsUnderstanding Proof of Work (PoW) and Proof of Stake (PoS) Algorithms
Understanding Proof of Work (PoW) and Proof of Stake (PoS) AlgorithmsGautam Anand
 
blockchain .technology.pptx
blockchain .technology.pptxblockchain .technology.pptx
blockchain .technology.pptxAmit Kumar
 
Asset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerAsset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerJongseung Kim
 
Crypto Wallet Types Explained
Crypto Wallet Types ExplainedCrypto Wallet Types Explained
Crypto Wallet Types Explained101 Blockchains
 
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...Edureka!
 
Examples of Smart Contracts
Examples of Smart ContractsExamples of Smart Contracts
Examples of Smart Contracts101 Blockchains
 

What's hot (20)

Blockchain
BlockchainBlockchain
Blockchain
 
Blockchain
BlockchainBlockchain
Blockchain
 
Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain Technology
 
Ethereum
EthereumEthereum
Ethereum
 
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
Blockchain Explained | Blockchain Simplified | Blockchain Technology | Blockc...
 
Blockchain
BlockchainBlockchain
Blockchain
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to Blockchain
 
Blockchain and Bitcoin
Blockchain and BitcoinBlockchain and Bitcoin
Blockchain and Bitcoin
 
Understanding Proof of Work (PoW) and Proof of Stake (PoS) Algorithms
Understanding Proof of Work (PoW) and Proof of Stake (PoS) AlgorithmsUnderstanding Proof of Work (PoW) and Proof of Stake (PoS) Algorithms
Understanding Proof of Work (PoW) and Proof of Stake (PoS) Algorithms
 
blockchain .technology.pptx
blockchain .technology.pptxblockchain .technology.pptx
blockchain .technology.pptx
 
Smart contract
Smart contractSmart contract
Smart contract
 
BLOCKCHAIN
BLOCKCHAINBLOCKCHAIN
BLOCKCHAIN
 
Asset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerAsset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game Changer
 
Crypto Wallet Types Explained
Crypto Wallet Types ExplainedCrypto Wallet Types Explained
Crypto Wallet Types Explained
 
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...
Blockchain 101 | Blockchain Tutorial | Blockchain Smart Contracts | Blockchai...
 
Examples of Smart Contracts
Examples of Smart ContractsExamples of Smart Contracts
Examples of Smart Contracts
 
What's cryptocurrency ?
What's cryptocurrency ?What's cryptocurrency ?
What's cryptocurrency ?
 
An Introduction to Blockchain
An Introduction to BlockchainAn Introduction to Blockchain
An Introduction to Blockchain
 
Crypto wallets
Crypto walletsCrypto wallets
Crypto wallets
 
BITCOIN EXPLAINED
BITCOIN EXPLAINEDBITCOIN EXPLAINED
BITCOIN EXPLAINED
 

Similar to Blockchain and Cryptocurrency for Dummies

Blockchain data structures and fundamental
Blockchain data structures and fundamentalBlockchain data structures and fundamental
Blockchain data structures and fundamentalCodium Club
 
chapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptxchapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptxAschalewAyele2
 
chapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptxchapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptxAschalewAyele2
 
Blockchain in the Heart of Digital Transformation
Blockchain in the Heart of Digital TransformationBlockchain in the Heart of Digital Transformation
Blockchain in the Heart of Digital TransformationDr. Mohamed Torky
 
Blockchain Technology and Its Application in Libraries
Blockchain Technology and Its Application in LibrariesBlockchain Technology and Its Application in Libraries
Blockchain Technology and Its Application in LibrariesNabi Hasan
 
Crypto 101 and a bit more [Sep-2022]
Crypto 101 and a bit more [Sep-2022]Crypto 101 and a bit more [Sep-2022]
Crypto 101 and a bit more [Sep-2022]Ido Green
 
BLOCKCHAIN TECHNOLOGY.ppt
BLOCKCHAIN TECHNOLOGY.pptBLOCKCHAIN TECHNOLOGY.ppt
BLOCKCHAIN TECHNOLOGY.pptjishnub8
 
Blockchain Presentation
Blockchain PresentationBlockchain Presentation
Blockchain PresentationZied GUESMI
 
Blockchain and BPM - Reflections on Four Years of Research and Applications
Blockchain and BPM - Reflections on Four Years of Research and ApplicationsBlockchain and BPM - Reflections on Four Years of Research and Applications
Blockchain and BPM - Reflections on Four Years of Research and ApplicationsIngo Weber
 
Blockchain Glossary.docx
Blockchain Glossary.docxBlockchain Glossary.docx
Blockchain Glossary.docxCosVM
 
A Technological Perspective of Blockchain Security
A Technological Perspective of Blockchain SecurityA Technological Perspective of Blockchain Security
A Technological Perspective of Blockchain SecurityRagaviRaghavan
 
The Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other CryptocurrenciesThe Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other CryptocurrenciesApondi Kevin Omondi
 
Quantum Secured Blockchain
Quantum Secured BlockchainQuantum Secured Blockchain
Quantum Secured Blockchainravi sahal
 
Blockchain mechanism for IET Mauritius Network
Blockchain mechanism for IET Mauritius NetworkBlockchain mechanism for IET Mauritius Network
Blockchain mechanism for IET Mauritius Networkcharles okaformbah
 
Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain TechnologyNimmy Solomon
 

Similar to Blockchain and Cryptocurrency for Dummies (20)

Blockchain data structures and fundamental
Blockchain data structures and fundamentalBlockchain data structures and fundamental
Blockchain data structures and fundamental
 
chapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptxchapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptx
 
chapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptxchapter 4 Selected Topics in computer.pptx
chapter 4 Selected Topics in computer.pptx
 
blockchain.pptx
blockchain.pptxblockchain.pptx
blockchain.pptx
 
Blockchain in the Heart of Digital Transformation
Blockchain in the Heart of Digital TransformationBlockchain in the Heart of Digital Transformation
Blockchain in the Heart of Digital Transformation
 
Blockchain Technology and Its Application in Libraries
Blockchain Technology and Its Application in LibrariesBlockchain Technology and Its Application in Libraries
Blockchain Technology and Its Application in Libraries
 
Crypto 101 and a bit more [Sep-2022]
Crypto 101 and a bit more [Sep-2022]Crypto 101 and a bit more [Sep-2022]
Crypto 101 and a bit more [Sep-2022]
 
BLOCKCHAIN TECHNOLOGY.ppt
BLOCKCHAIN TECHNOLOGY.pptBLOCKCHAIN TECHNOLOGY.ppt
BLOCKCHAIN TECHNOLOGY.ppt
 
Blockchain
BlockchainBlockchain
Blockchain
 
Blockchain Presentation
Blockchain PresentationBlockchain Presentation
Blockchain Presentation
 
Blockchain and BPM - Reflections on Four Years of Research and Applications
Blockchain and BPM - Reflections on Four Years of Research and ApplicationsBlockchain and BPM - Reflections on Four Years of Research and Applications
Blockchain and BPM - Reflections on Four Years of Research and Applications
 
Blockchain Glossary.docx
Blockchain Glossary.docxBlockchain Glossary.docx
Blockchain Glossary.docx
 
03 blockchain transactions
03 blockchain transactions03 blockchain transactions
03 blockchain transactions
 
A Technological Perspective of Blockchain Security
A Technological Perspective of Blockchain SecurityA Technological Perspective of Blockchain Security
A Technological Perspective of Blockchain Security
 
The Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other CryptocurrenciesThe Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other Cryptocurrencies
 
crypto ppt.ppt
crypto ppt.pptcrypto ppt.ppt
crypto ppt.ppt
 
Blockchain for business
Blockchain for businessBlockchain for business
Blockchain for business
 
Quantum Secured Blockchain
Quantum Secured BlockchainQuantum Secured Blockchain
Quantum Secured Blockchain
 
Blockchain mechanism for IET Mauritius Network
Blockchain mechanism for IET Mauritius NetworkBlockchain mechanism for IET Mauritius Network
Blockchain mechanism for IET Mauritius Network
 
Blockchain Technology
Blockchain TechnologyBlockchain Technology
Blockchain Technology
 

More from Narudom Roongsiriwong, CISSP

How Good Security Architecture Saves Corporate Workers from COVID-19
How Good Security Architecture Saves Corporate Workers from COVID-19How Good Security Architecture Saves Corporate Workers from COVID-19
How Good Security Architecture Saves Corporate Workers from COVID-19Narudom Roongsiriwong, CISSP
 
Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryNarudom Roongsiriwong, CISSP
 
Application Security Verification Standard Project
Application Security Verification Standard ProjectApplication Security Verification Standard Project
Application Security Verification Standard ProjectNarudom Roongsiriwong, CISSP
 
Top 10 Bad Coding Practices Lead to Security Problems
Top 10 Bad Coding Practices Lead to Security ProblemsTop 10 Bad Coding Practices Lead to Security Problems
Top 10 Bad Coding Practices Lead to Security ProblemsNarudom Roongsiriwong, CISSP
 

More from Narudom Roongsiriwong, CISSP (20)

Biometric Authentication.pdf
Biometric Authentication.pdfBiometric Authentication.pdf
Biometric Authentication.pdf
 
Security Shift Leftmost - Secure Architecture.pdf
Security Shift Leftmost - Secure Architecture.pdfSecurity Shift Leftmost - Secure Architecture.pdf
Security Shift Leftmost - Secure Architecture.pdf
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat Modeling
 
Security Patterns for Software Development
Security Patterns for Software DevelopmentSecurity Patterns for Software Development
Security Patterns for Software Development
 
How Good Security Architecture Saves Corporate Workers from COVID-19
How Good Security Architecture Saves Corporate Workers from COVID-19How Good Security Architecture Saves Corporate Workers from COVID-19
How Good Security Architecture Saves Corporate Workers from COVID-19
 
Secure Software Design for Data Privacy
Secure Software Design for Data PrivacySecure Software Design for Data Privacy
Secure Software Design for Data Privacy
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101
 
National Digital ID Platform Technical Forum
National Digital ID Platform Technical ForumNational Digital ID Platform Technical Forum
National Digital ID Platform Technical Forum
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment Industry
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSM
 
Application Security Verification Standard Project
Application Security Verification Standard ProjectApplication Security Verification Standard Project
Application Security Verification Standard Project
 
Coding Security: Code Mania 101
Coding Security: Code Mania 101Coding Security: Code Mania 101
Coding Security: Code Mania 101
 
Top 10 Bad Coding Practices Lead to Security Problems
Top 10 Bad Coding Practices Lead to Security ProblemsTop 10 Bad Coding Practices Lead to Security Problems
Top 10 Bad Coding Practices Lead to Security Problems
 
OWASP Top 10 Proactive Control 2016 (C5-C10)
OWASP Top 10 Proactive Control 2016 (C5-C10)OWASP Top 10 Proactive Control 2016 (C5-C10)
OWASP Top 10 Proactive Control 2016 (C5-C10)
 
Securing the Internet from Cyber Criminals
Securing the Internet from Cyber CriminalsSecuring the Internet from Cyber Criminals
Securing the Internet from Cyber Criminals
 
Secure Code Review 101
Secure Code Review 101Secure Code Review 101
Secure Code Review 101
 
Secure Software Development Adoption Strategy
Secure Software Development Adoption StrategySecure Software Development Adoption Strategy
Secure Software Development Adoption Strategy
 
Secure PHP Coding
Secure PHP CodingSecure PHP Coding
Secure PHP Coding
 
Application Security: Last Line of Defense
Application Security: Last Line of DefenseApplication Security: Last Line of Defense
Application Security: Last Line of Defense
 

Recently uploaded

Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 

Recently uploaded (20)

Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 

Blockchain and Cryptocurrency for Dummies

  • 1. Blockchain and Cryptocurrency for DummiesBlockchain and Cryptocurrency for Dummies Narudom Roongsiriwong, CISSPNarudom Roongsiriwong, CISSP June 21, 2018June 21, 2018
  • 2. WhoAmI ● Lazy Blogger – Japan, Security, FOSS, Politics, Christian – http://narudomr.blogspot.com ● Head of IT Security, Kiatnakin Bank PLC (KKP) ● Consultant for OWASP Thailand Chapter ● Committee Member of Cloud Security Alliance (CSA), Thailand Chapter ● Committee Member of Thailand Banking Sector CERT (TB-CERT) ● Technical Team Member for National Digital ID project ● Contact: narudom@owasp.org
  • 4. Blockchain Timeline The Potential of Blockchain Technology, Pioneers Discover https://www.slideshare.net/Pioneers_io/the-potential-of-blockchain-technology-72277655
  • 5. Blockchain at a Glance Shared Ledger of transactions Anyone can inspect the transactions No single entity controls
  • 6. Public vs Consortium vs Private Blockchain Public No Centralized Management Consortium Multiple Organizations Private Single Organization Participants Permissionless ● Anonymous ● Could be malicious Permissioned ● Identified ● Trusted ● Could misbehave Permissioned ● Identified ● Trusted Consensus Mechanisms Proof of Work, Proof of Stake, etc.. ● Large energy consumption ● No finality ● 51% attack Voting or multi-party consensus algorithm ● Lighter ● Faster ● Low energy consumption Pre-approved participants ● Lighter ● Faster ● Low energy consumption ● Cheaper Transaction Approval Freq. Long Bitcoin: 10 min or more Depends on number of nodes but faster than public blockchain Short 100x msec
  • 8. Ethereum ● A blockchain platform that runs smart contracts ● Using Ether as a mean of payment (Cryptocurrency) but is listed in Cryptocurrency Exchange as “Ethereum” ● Ethereum allows different digital assets (tokens) which may be used in conjunction with Ether ● ERC-20 is one of the most significant token standards of all for Ethereum
  • 9. Hyperledger ● The most well-known private blockchain frameworks intend for business ● Hosted by Linux Foundation ● Under the name Hyperledger, there are many frameworks and tools inside for different purposes
  • 10. Blockchain Basic Cryptography in BlockchainBasic Cryptography in Blockchain
  • 11. Cryptography Definitions & Concepts ● The process of converting ordinary plain text into unintelligible text and vice-versa ● Modern cryptography concerns with: – Confidentiality - Information cannot be understood by anyone – Integrity - Information cannot be altered. – Non-repudiation - Sender cannot deny his/her intentions in the transmission of the information at a later stage – Authentication - Sender and receiver can confirm each ● Modern cryptography mainly based on mathematical theory and computer science practice Mandatory concerns in Blockchain
  • 13.  Any function that can be used to map data of arbitrary size to data of a fixed size.  The value returned by a hash function is called hash  In the other hand, the hash is a fingerprint of the message  Well-know hash functions: SHA-1, SHA-2 Hash Function Message or data block M (variable length) H h Hash value (fixed length) h = H(M)
  • 14. Encryption Encryption is a method of transforming readable data, called plain text, into a form that appears to be random and unreadable, which is called cipher text. Plain text is in a form that can be understood either by a person (a document) or by a computer (executable code). Once it is transformed into cipher text, neither human nor machine can properly process it until it is decrypted.
  • 15. Asymmetric Cryptography ● Aka “Public Key Cryptography” ● Two related keys (public and private key) are used – Public key may be freely distributed while its paired private key remains a secret – Either of the keys can be used to encrypt a message; the opposite key is used for decryption ● If a public key is authentic (belongs to the person or entity claimed) and that it has not been tampered with or replaced by a malicious third party, asymmetric encryption will deliver – Confidentiality – Integrity – Authenticity – Non-repudiation
  • 16. Two Usage of Asymmetric Encryption Encrypt Confidentiality assurance in asymmetric key cryptography Bob’s Private KeyBob’s Public Key Anyone Decrypt Bob Nobody can read encrypted message except Bob. Proof of origin assurance in asymmetric key cryptography Encrypt Anyone Bob’s Public Key Decrypt Bob’s Private Key Bob Everyone can read encrypted message with Bob’s public key and know it is from Bob. Mandatory usage in Blockchain
  • 19. Blockchain Distinction Blockchain technology must consist of these 3 properties – A chain of blocks that metadata (or header) in each block contain the result from hash function of the previous block data except the Genesis block – Decentralization with proven mechanism to ensure every node will obtain the same data during block creation process (consensus). – Open and transparent execution For public blockchains, balance benefit and incentive model must be declared
  • 20. Chain of Hashes Block 0 Nonce Tx Tx ... Block 1 Previous Hash Nonce Tx Tx ... Hash(Block0) Block 2 Previous Hash Nonce Tx Tx ... Hash(Block1) Hash(Block2)
  • 21. Consensus Protocols ● Proof of Work (PoW) – Concept: Who can solve the problem first will get the incentive (mining) and choose which transactions to be in the next block. – Implementation: Bitcoin, Ethereum (current) – Attack Resistance: Attacker must have more than 50% of the whole network computing power ● Proof of Stake (PoS) – Concept: Who has the most of stakes (rich) can choose which transactions to be in the next block. – Implementation: Peercoin, Ethereum (planned) – Attack Resistance: Attacker must have more than 50% of the whole network stakes
  • 22. Consensus Protocols (cont’d) ● Practical Byzantine Fault Tolerance (PBFT) – Concept: No mining, we vote a leader every time with the same rule and the leader will set parameters for the next block. – Implementation: Hyperledger – Attack Resistance: Attacker must have more than 1/3 of total nodes to stop block creation and 2/3 to manipulate transactions ● Hybrid – Concept: Each protocol has different strength, can we take the best of two or more protocols? – Implementation: Tendermint (PBFT+PoS) – Attack Resistance: Depends on which protocols
  • 23. Open and Transparent Execution ● Designs and algorithms must be declared to public to verify ● Source code must be able to be audited in order to prove that declared designs and algorithms are implemented ● All transactions are traceable, and permanently stored in the blockchain network.
  • 24. Smart Contract ● A computer code running on top of a blockchain containing a set of rules under which the parties to that smart contract agree to interact with each other. ● If and when the pre-defined rules are met, the smart contract will auto execute the transaction. ● The Ethereum project introduced the idea of decoupling the contract layer from the blockchain layer. ● A smart contract can only be as smart as the people coding taking into account all available information at the time of coding.
  • 25. Smart Contract Examples Source: PricewaterhouseCoopers http://usblogs.pwc.com/emerging-technology/how-smart-contracts-automate-digital-business/
  • 26. Typical Blockchain Technology Stack Blockchain: A Beginners Guide, BlockchainHub
  • 27. Fork ● Regular Fork ● Hard Fork Rare Extended Forking Normal Occasional Forking block0 block1 Header Hash block2 block2 block3 block4 block5 block6 block3 block4 block5 block2 block5 block1 block2 block4 block5block0 Header Hash block3 block6 A Hard Fork: Non-Upgraded Nodes Reject The New Rules, Diverging The Chain Blocks From Upgraded Nodes Blocks From Non- Upgraded Nodes Follows Old Rules Follows Old Rules Follows Old Rules Follows New Rules Follows Old Rules Follows New Rules Follows New Rules Follows New Rules
  • 28. Distributed Ledger Technology (DLT) ● Distributed ledgers use independent computers (referred to as nodes) to record, share and synchronize transactions in their respective electronic ledgers ● Blockchain technology can be used as DLT
  • 29. Blockchain Cryptocurrency Definition & Related TermsCryptocurrency Definition & Related Terms
  • 30. Definition#1 https://www.investopedia.com/terms/c/crypto-token.asp A cryptocurrency is a standard currency which is used for the sole purpose of making or receiving payments on the blockchain. For instance, the most popular cryptocurrency is Bitcoin. Investopedia
  • 31. Definition#2 Cryptocurrency is a form of digital money that is designed to be secure and, in many cases, anonymous. It is a currency associated with the internet that uses cryptography, the process of converting legible information into an almost uncrackable code, to track purchases and transfers. The Telegraph https://www.telegraph.co.uk/technology/0/cryptocurrency/
  • 32. Definition from Thailand’s SEC “Cryptocurrency” means an electronic data unit built on an electronic system or network which is created for the purpose of being a medium of exchange for the acquisition of goods, services, or other rights, including the exchange between digital assets. ● Why not refer to blockchain? – There are some reasons for regulation Source: Summary of the Royal Decree on the Digital Asset Businesses B.E. 2561, The Securities Exchange Commission http://www.sec.or.th/TH/SECInfo/LawsRegulation/Documents/Act_Royal_Enactment/enactment_digital_2561_summary_en.pdf
  • 33. Source: CoinMarketCap, June 20, 2018, https://coinmarketcap.com/
  • 34. Source: CoinMarketCap, June 20, 2018, https://coinmarketcap.com/
  • 35. Cryptocurrency in Japan Bitcoin and digital currencies is officially a method of payment (not currencies) since April 1, 2017 Exempt from Japan’s Consumption Tax (JCT; equivalent to VAT) Now Bitcoin are accepted at >260,000 stores in Japan
  • 36. Digital Tokens ● Forms of digital tokens – Cryptocurrency: a digital medium of exchange – Utility tokens: provide a right to use a product or service – Asset tokens: provide for rights to obtain assets – Security tokens: entitle holders to voting rights and/or rights to profits/losses ● However, the distinction between types of tokens can oftentimes be blurry ● Digital tokens are often built on a blockchain Source: Cryptocurrencies: Time to consider plan B:, PricewaterhouseCoopers
  • 37. Digital Assets (Tokens) Definition from SEC Source: รรรู้จจัก พ.ร.ก. สสินทรจัพยย์ดสิจสิทจัล - ภาพรวม, The Securities Exchange Commission
  • 38. Mining ● Cryptocurrency mining includes two functions: – Adding transactions to the blockchain (securing and verifying) – Releasing new currency. Individual blocks added by miners should contain a proof-of-work, or PoW. ● Mining needs a computer and a special program for miners to compete with their peers in solving complicated mathematical problems. ● The problem (for Bitcoin) is to zero in on a hash value less than the target and the first to crack it would be considered as the one who mined the block and is eligible to get a rewarded.
  • 40. Mining: Bitcoin Hash Rate Distribution An estimation of hash rate distribution amongst the largest mining pools on last 24 hours. Snapshot on June 19, 2018
  • 41. Wallet ● A cryptocurrency wallet is a software program that stores or manage private and public keys and interacts with one or more cryptocurrencies to enable users to send and receive cryptocurrency and monitor their balance. ● Cryptocurrencies don’t get stored in any single location or exist anywhere in any physical form. All that exists are records of transactions stored on the blockchain.
  • 42. Different Types of Cryptocurrency Wallets ● Desktop: Software wallet installed on single PC ● Online: Wallets store your private keys online and are controlled by a third party ● Mobile: Wallets run on an app on your phone ● Hardware: A hardware device like a USB to store a user’s private keys ● Paper: A physical copy or printout of your public and private keys
  • 43. Are Wallets Secure? ● The level of security depends on the type of wallet you use (desktop, mobile, online, paper, hardware) and the service provider. ● Online wallets can expose users to possible vulnerabilities in the wallet platform which can be exploited by hackers to steal your funds. ● Offline wallets, on the other hand, cannot be hacked but easy to be lost. ● Remember that no matter which wallet you use, losing your private keys will lead you to lose your money.
  • 44. Double Spending ● A double spend is an attack where the given set of coins is spent in more than once. There are a couple main ways to perform a double spend: – Send two conflicting transactions in rapid succession into the cryptocurrency network. This is called a race attack. – Pre-mine one transaction into a block and spend the same coins before releasing the block to invalidate that transaction. This is called a Finney attack. – Own 51+% of the total computing power of the cryptocurrency network to reverse any transaction you feel like, as well as have total control of which transactions appear in blocks. This is called a 51% attack. ● To prevent damages – Race attack - wait for one confirmation to appear on a given transaction. – Finney attack - wait for 6 confirmations to appear on a transaction, or less if the transaction is small (but still require at least 1) – 51% attack: don’t worry
  • 45. Premined Coins/Tokens ● A premine is where a developer allocates a certain amount of currency credit to a particular address before releasing the source code to the open community. ● For example, Ethereum’s Ether generation – 60 million Ether created to contributors of the presale – 12 Million (20% of the above) were created to the development fund, most of it going to early contributors and developers and the remaining to the Ethereum Foundation
  • 46. ICO: Initial Coin Offering Similar in theory to an Initial Public Offering (IPO) of a stock, an ICO occurs when someone plans to raise funds by creating a certain amount of a digital token and sells it to the public, usually in exchange for other cryptocurrencies such as Bitcoin or Ether. Crowdfunding Blockchain Cryptocurrency Innovator/ Entrepreneur of a project with good idea Trusted platform that enforces contract/rules Programmable & Independent payment channel, accessible globally
  • 47. ICO Benefit ● To the issuer: – Access to seed funding, much faster and with fewer restrictions than via the venture capital route – The opportunity to create new, decentralized business models – A base of participants incentivized to use and test the service, and a boot-strapped ecosystem – No loss of equity in the project (unless the tokens stipulated ownership sharing) – A faster funding process – More arbitrary limits to the amounts collected ● To the token holder: – Access to an innovative service – Possible gain through an increase in the token's price – Participation in a new concept, a role in developing a new technology
  • 48. ICO Risks ● For the issuer: – Uncertain regulation (possible post-issue clamp-down, fine or even sentencing) – Unstable investment (a sell-off by disgruntled users could affect the token price and the viability of the project) – Little idea of who the token holders are (unlike shareholders) ● For the holder: – No guarantee the project will get developed – No regulatory protection (investment at risk) – Often scant information about underlying fundamentals – Little transparency on token holding structure
  • 49. Cryptocurrency Scams ● Shady Exchanges – Lure trade on the exchange ● Pyramid and Ponzi Schemes ● Pump and Dump – artificially inflating the price of a less-popular coin ● Scam ICO ● Coin Doesn’t Exist
  • 50. Common Security Concerns Source: CoinDesk https://www.coindesk.com/bithumb-exchanges-31-million-hack-know-dont-know/ Ripple
  • 51. “Modern-day cybercriminals are increasingly using the dark web to facilitate cryptocurrency theft on a large scale.” Carbon Black Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
  • 52. Loss from Cryptocurrency-Related Crimes Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
  • 53. Most Often Targeted by Cryptocurrency-Related Attacks Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
  • 54. Top Targeted Currency Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
  • 55. Key Tactics, Techniques, and Procedures (TTPs) Most Favored by Cybercriminals Source: Cryptocurrency Gold Rush on the Dark Web, Carbon Black, June 2018
  • 57. National Digital Identity Platform (NDID) ● The Digital Identity Platform is intended to provide a flexible and highly secured method of self- identification for any individual person and juristic person. ● Leverage any reliable identity the user currently holds. Examples of reliable identity could be, for example, Citizen ID, Bank Accounts, Passport Number, Tax ID, Biometric Data.
  • 58. NDID Terms ● RP (Relying Party) – An entity that relies upon the subscriber’s authenticator(s) and credentials or a verifier’s assertion of a claimant’s identity, typically to process a transaction or grant access to information or a system. ● IdP (Identity Provider) – An entity that creates, maintains, and manages identity information for principals while providing authentication services to relying party applications within a distributed network ● AS (Authoritative Source) – An entity that provides the truth of information related to each principal when that principal makes a consent. – An entity that has access to, or verified copies of, accurate information from an issuing source during identity proofing.
  • 59. NDID Platform Interconnection National Digital ID Platform DoingBusinessPortal Federated Proxy Government as RP/AS/IdP Registrar AS เชชชื่อมผผ่าน Federated Proxy อยยยู่ภายใตต้วงเงงินของ Doing Business Portal วงเงงิน 4,000 ลบ. เอกชนรผ่วมลงเงงินกกัน เพชชื่อสรร้าง Digital ID Platform โดย บรงิษกัท National Digital ID จจากกัด ททุนจด ทะเบบียนเรงิชื่มตร้น 100 ลบ. หนผ่วยงานภาคเอกชนทบีชื่ ตร้องการเชชชื่อมผผ่าน Federated Proxy ลงททุนเอง หนผ่วยงาน เอกชน ลงททุนเอง AS Proxy IdP Proxy RP Proxy IdPRP เชชชื่อมตผ่อเขร้า DIDP โดยตรง ASIdPRP
  • 63. Trade Finance Blockchain BasedBlockchain Based Letter of GuaranteeLetter of Guarantee (LG)(LG) Source: Use Cases for Blockchain Technology in Energy & Commodity Trading, PricewaterhouseCoopers https://www.pwc.com/gx/en/industries/assets/blockchain-technology-in-energy.pdf
  • 64. Thailand Blockchain Community Initiative ● Cooperation among 14 banks & 7 large corporations ● The blockchain-based LG service is the first project