Authenticated Dynamic Dictionaries, with Applications to Cryptocurrencies

20 February 2017 Alexander Chepurnoy 3 mins read

Our paper "Improving Authenticated Dynamic Dictionaries, with Applications to Cryptocurrencies" will appear at the Financial Cryptography 2017 conference in Malta in April. It was also presented at the Real World Crypto 2017 conference in New York and I highly recommend watching the impressive presentation from Leonid Reyzin, professor of computer science at Boston University and one of the four authors of the paper.

Some background. Previously I worked for the Nxt platform which has assets and many more cool features. The problem is, the blockchain processing becomes incredibly heavyweight (considering the pretty low number of transactions, in comparison with Bitcoin) with new features added. The same problem with Ethereum these days - after the attacks in autumn, it is nearly impossible to wait until processing being finished on an ordinary laptop.

The problem is in a state (e.g. UTXO set in Bitcoin) persistence. Once it hits a secondary storage (HDD or SSD), processing becomes very slow.

Thus two considerations behind our work on AVL+ trees and a proposed scheme for cryptocurrencies:

  • It should be feasible to run a full-node (maybe not a mining node) on commodity hardware

  • Initial blockchain processing, and then block processing must use RAM only

As commodity hardware is pretty limited in RAM, the idea is not to store the state for full-nodes at all. The scheme is as follows:

  1. The state is authenticated with the help of a 2-party dynamic authenticated dictionary.

  2. A mining node is storing the whole state. When packing transactions into a block, it generates proofs of the authenticated state transformations and announces a new root hash after the transformations being done in a blockheader. Proofs are to be included into the block.

  3. A full-node receiving the block checks that 1) Transactions are correct (format and signatures are correct etc) 2) State transformation operations derived from the transactions are corresponding to the proofs 3) Proofs are correct 4) Resulting roothash (a verifier is getting it just by processing proofs) is the same as the announced one. Thus the node is checking everything, but without holding the state (e.g. UTXO set).

Then the paper is about to find a most efficient structure out of many candidates (and the winner is custom-tailored authenticated AVL+ trees).

Not mentioned in the paper but worth mentioning is that proofs in a block could be authenticated themselves (with the help of a Merkle tree which is perfect for static data) with a root hash included in a blockheader. Then if node is holding the state it could skip downloading proofs from the network, also there is possibility to prune them in the future (this scheme reminds me of the SegWit proposal for Bitcoin).

Proofs are adding a significant burden regarding block size (actually a proof can be longer than the corresponding transaction), so decreased throughput is to be considered seriously.

The code had been released on GitHub during RealWorldCrypto – see the section on authenticated data structures. There are some possible further minor optimizations (possibly reducing proof size by few percent in total) we are now discussing.

A Proof-of-Stake lecture at Oxford university

16 February 2017 Jane Wild 3 mins read

A Proof-of-Stake lecture at Oxford university - Input Output

A Proof-of-Stake lecture at Oxford university

Mathematicians with a curiosity about the algorithms behind blockchain came to hear Aggelos Kiayias speak at Oxford university’s Mathematical Institute on Wednesday. Professor Kiayias, Chief Scientist at IOHK, had been invited to the university to give a talk on his work on Ouroboros, a provably secure Proof-of-Stake algorithm for blockchain.

It the first time such a cryptographic protocol has been devised and is significant because its use would enable blockchains to process many more transactions, giving the technology the muscle that would scale it up for far wider use than at present.

“Bitcoin is slow,” he said in the presentation, in an outline of the problem. “The transactions per second of Visa are in the order of many thousands, for Paypal in the order of hundreds, and Bitcoin is far less than that – clearly that’s something that can’t scale to a global level.”

In addition to the much greater efficiency of Ouroboros, Prof Kiayias explained a novel reward mechanism for incentivising the protocol and used game theory to show why attacks such as selfish mining and block withholding would be neutralised.

A Nash equilibrium is a prescription of a strategy for each rational player, with the property that if other players follow it, it does not make sense for a rational player to deviate from it.

Prof Kiayias described how Ouroboros can be proven to be an approximate Nash equilibrium, thus distinguishing this blockchain system from Bitcoin, which is known to be not incentive compatible.

The Ouroboros paper was first published last December with Alexander Russel, Bernardo David and Roman Oliynykov and Prof Kiayias presented the work at the Alan Turing Institute in London last year.

A new version of the Ouroboros technical report will be available as early as next week, and will contain updated benchmarks that illustrate the performance benefits of the protocol.

Among the audience was Hayyu Imanda, whose desire to specialise in cryptography for her PhD studies brought her to hear the presentation. The 22-year-old is currently in a class of 26 students at Oxford university studying for an MSc in Mathematics and Foundations of Computer Science.

“I come from a pure maths background and I find cryptography very interesting, in that it was relatively recently founded and there is so much research happening,” she says. “I see it as a bridge from pure maths into real life, with many uses in terms of security, and it’s going to be a growing field.”

Shanghai, New York and a hot pink rabbit: January IOHK news round-up

3 February 2017 Jane Wild 4 mins read

Shanghai, New York and a hot pink rabbit January IOHK news round-up - Input Output

Winter School on blockchain

The year got off to an invigorating start for IOHK when a team of its researchers arrived in a chilly Shanghai for the first ever Winter School on cryptocurrency and blockchain technologies.

The 121-year-old Jiao Tong University – one of China’s leading institutions with alumni including the former president of China Jiang Zemin – hosted the conference in step with a rising interest in blockchain in China, including in its capital of commerce, Shanghai. The winter school follows a similar event in Greece last year, the first Bitcoin Summer School, run by the International Association for Cryptologic Research.

The main hall at the university’s technology building was packed for the three-day event, with a cast of renowned cryptographers on the stage, including IOHK chief scientist Aggelos Kiayias. Professor Kiayias presented a double session on his work on proving the security of blockchain protocols. Jonathan Katz from the University of Maryland spoke on game theory, as well as chairing the event.

IOHK researcher [Alex Chepurnoy](/team/alexander-chepurnoy/ "Alex Chepurnoy, IOHK") gave a talk on [Scorex](/projects/scorex/ "Scorex, IOHK Project"), the prototype cryptocurrency he is working on with fellow IOHK developers [Dmitry Meshkov](/team/dmitry-meshkov/ "Dmitry Meshkov, IOHK") and [Jan Kotek](/team/jan-kotek/ "Jan Kotek, IOHK"). The project is open source, like all of IOHK’s projects, and it aims to speed up the development of blockchains.

A lively panel debate on bitcoin, blockchain and their future, saw IOHK co-founder Charles Hoskinson take to the stage with his former collaborator at Ethereum, Vitalik Buterin.

Other speakers included Andrew Miller from the University of Illinois, Loi Luu from the National University of Singapore, Joseph Bonneau from Stanford University, Vassilis Zikas from Rensselaer Polytechnic Institute and Hong-Sheng Zhou from Virginia Commonwealth University.

During a break in programming the IOHK delegation honed their taxi hailing techniques (Shanghai’s cabs may be empty but that doesn’t mean they will stop) to travel across town for filming. See the videos here.

Cryptography comes out of the classroom

Even earlier than Shanghai, IOHK researchers were already busy this January, at Real World Crypto in New York. The aim of the annual conference is to strengthen the links between academics and developers in the hope of bringing the latest research into commercial applications in areas such as the internet, the cloud and embedded devices.

Prof Kiayias, who is chair of Cyber Security and Privacy at the University of Edinburgh, is an organiser and member of the steering committee.

From its beginnings as a gathering of some 150 specialists a few years ago, the audience at Real World Crypto has now grown to almost four times that size.

“We’ve seen more people come each year,” says Prof Kiayias. “Our audience considers this to be the one of the primary events they go to, to get information about the applied aspects of cryptography.”

Alex Chepurnoy speaking

Russia-based Alex Chepurnoy also flew to the US for the conference for a presentation on a co-authored paper on blockchain efficiency.

The work, Improving Authenticated Dynamic Dictionaries, is written with Leonid Reyzin, Dmitry Meshkov, Alex and Sasha Ivanov.

Topics tackled at the conference included passwords, blockchain, and TLS, the transport layer protocol through which data is exchanged on the internet.

Designing a brand

A leaping rabbit coloured in shades from hot pink to electric blue was the unlikely contender in the shortlist to become the logo for Deadalus, the wallet currently being put together by IOHK developers. Eight choices remain after designs were put to a popular vote. Designers took inspiration from locks, keys, and mazes in their draft visualisations of the Daedalus logo, referencing the high security of the wallet provided by Haskell code and the [Greek myth of Daedalus](https://en.wikipedia.org/wiki/Daedalus "Greek myth of Daedalus, Wikipedia") – father of Icarus and creator of the Labyrinth in Crete where the Minotaur was held.

Vote for the winner in our public poll

Links

Visit the ADA faucet to join development on our test net: tada.iohk.io

Read about Cardano SL: cardano-docs.iohk.io

Download the Daedalus wallet, available soon for OSX & Linux: daedaluswallet.io

Smart contracts will use code to reshape law

20 January 2017 Jane Wild 2 mins read

Smart contracts will use code to reshape law - Input Output

Smart contracts will use code to reshape law

On a frosty Friday morning in Switzerland’s commercial centre of Zurich, an audience arrived early at the university to learn about the emerging field of smart contracts in a presentation given by Charles Hoskinson. A completely new way of quantifying concepts like trust, reputation and ambiguity, smart contracts are a digital legal system – a computer protocol that facilitates, verifies or enforces the negotiation or performance of a contract.

The idea is now gaining new momentum from ventures including Cardano, and academic papers are also providing a driving force behind the development. These contracts aren’t written in legalese, but in computer code, and that gives them the flexibility to quickly adapt to society’s needs in a way legislation cannot.

Charles outlined the five elements needed for smart contracts:

1. A secure distributed system


Who gets to design the protocol is an important question. Useful resources are offered in work by Tim Swanson, who has written a lot about private/public blockchains. Rich Hickey’s lecture, the Value of Values, is worth watching on YouTube.


2. A language in which to write the contracts


Cardano’s researchers have conceived Plutus to write its smart contracts. Creating a language is the easy part, but the question of how you deal with ambiguity must be addressed; who would you go to if there is a problem?


3. A secure way of performing computation


“Verifiable computing” is the concept to explore here. There is a debate about hardware versus software – how can you be sure the system has had no backdoor installed?


4. A method of representing assets and value


This could be done by creating a token that is pegged to a value-stable currency such as the dollar. Another matter to consider is what jurisdiction the digital asset falls under.


5. Trustworthy data feeds


In traditional finance this might be supplied by a Bloomberg terminal. A smart contract needs a similar source, but there is no equivalent yet in this field to provide the necessary information stream.



This reimagining of how legal processes can work has the potential to solve some problems of current legal systems, offering a clarity of code in place of ambiguous legal clauses. If needed, a layer can be added to the protocol to allow for human judgement and arbitration. This all combines to sharply bring down the cost of legal services.

Introducing The Grothendieck Team

10 December 2016 Alan McSherry 4 mins read

Introducing The Grothendieck Team

The Grothendieck Team

Hi everyone, it's my pleasure to officially announce the new team known as The Grothendieck Team! The team has been named after Alexander Grothendieck, a German-born French mathematician who became a leading figure in the creation of modern algebraic geometry. They have been committed to Ethereum Classic by IOHK in order to build a Scala client for ETC based on IOHK's Scorex framework. Plans are in place to bring the team on "Let's Talk ETC!" to discuss the roadmap and development timeframe for ETC in 2017 (after they have properly reviewed the ETC documentation). Links to the IOHK website, Scorex page, Let's Talk ETC! youtube channel and ETC blog are posted below.

  • www.iohk.io
  • Github.com/ScorexFoundation
  • Let's Talk ETC! on youtube.com
  • Ethereumclassic.github.io/blog

Also, we would love to know more about how the community would like to get updates from the new ETC developers. Please let us know what you might like to see moving forward, post your thoughts in the brainstorming thread below or contact us on Slack, Twitter or Facebook.

  • www.reddit.com

Alan McSherry : Dublin, Ireland

Ethereum Classic Developer Team Grothendieck Manager

Alan McSherry graduated with a degree in Computer Engineering from Limerick University In Ireland and has spent well over a decade at the cutting edge of technology as a developer, CTO, consultant, entrepreneur and everything in between. A strong interest in the nature of money and the positive disruption technology can bring means he is currently having a ball writing blockchain code in scala!

Alan Verbner : Buenos Aires, Argentina

Ethereum Classic Developer Team Grothendieck/Atix

Alan Verbner is a computer engineer graduated from the Engineering University of Buenos Aires (Argentina). He has been developing software for about 10 years with special inerest in criptocurrency space. Four years ago he Co-Founded Atixlabs, a software lab that has been helping other companies to make their ideas come true as great high quality products. They are located in the Buenos Aires Bitcoin Embassy.

Nicolas Tallar : Buenos Aires, Argentina

Ethereum Classic Developer Team Grothendieck/Atix

Nicolas Tallar has a background on Computer Science and he is about to get his degree from University Of Buenos Aires (Argentina). He is a passionate functional programmer with special interest in image processing and robot controlling algorithms.

Jan Ziniewicz : Warsaw, Poland

Ethereum Classic Developer Team Grothendieck

I’ve been working in IT industry since 2004. Apart from being a functional programmer I also was a project manager, system designer and administrator. In free time I am rock climber, cyclist, RPG player, and of course Clojure / Scala coder.

Lukasz Gasior : Rumia, Poland

Ethereum Classic Developer Team Grothendieck/ScalaC

I’m a passionate Scala developer and a big fan of Domain Driven Design. For the past 3 years I’ve been working on various sized commercial (and non-commercial) Scala projects. I’m a cryptocurrency and blockchain technology enthusiast. Privately I like to travel and taste craft beer.

Adam Smolarek : Warsaw, Poland

Ethereum Classic Developer Team Grothendieck/ScalaC

I’ve been working as software developer since 2010, both fornt and back-end, I was also team leader and arhitect. Hobby: digital drawing, rock climbing, skateboarding, IoT (did master thesis in realated topic), cryptography (ECC).

Radek Tkaczyk : Warsaw, Poland

Ethereum Classic Developer Team Grothendieck/ScalaC

I’ve been developing in Scala since 2012 for a number of commercial clients. Having started my adventure with programming at the age of 13 this was a natural choice of a career path. However I’ve always had a fondness for abstract and pure ideas which is why I’m especially keen on working in a field so heavily reliant on mathematics. Outside of work I actively enjoy various sports, especially cycling and fitness as well as those for the mind like chess and - my latest passion - cue sports.

Links To Our Community

ETC Website

ETC Reddit

ETC Twitter

ETC Facebook

ETC Slack

ETC-IOHK Team