building and breaking block chains
play

Building and Breaking Block Chains Merlin Corey Pandoblox Engineer - PowerPoint PPT Presentation

Oct 17, 2022 •6 likes •456 views

Building and Breaking Block Chains Merlin Corey Pandoblox Engineer Shellcon 2018 Who is that Merlin guy? Cryptography nerd Null Space Labs keyholder LayerOne Hardware Hacking Village Defcon Tamper Evident Village DC949

  1. Building and Breaking Block Chains Merlin Corey Pandoblox Engineer Shellcon 2018

  2. Who is that Merlin guy? ● Cryptography nerd ● Null Space Labs keyholder ● LayerOne Hardware Hacking Village ● Defcon Tamper Evident Village ● DC949 Alumni ● Startup Wizard at Pandoblox

  3. Assumptions ● Cryptographic fundamentals ● Vague ideas of what a cryptocurrency is ● Passing familiarity with Python or another language

  4. Cryptographic Fundamentals ● Hashing is most important concept ● One-way function ● Ideally – Large space – Randomized value – No collisions

  5. Vague ideas of Cryptocurrency ● Magical internet currency ● The future of everything ● Really slow database ● Pyramid scheme?

  6. Basic programming ● TrackA = Room(‘pufferfish’) ● Merlin = Speaker() ● For each Attendee in TrackA.attendees() – Attendee.ListenTo(Merlin) ● Print(‘Now you know Python’)

  7. Building Basic Blockchain: Prior Art ● https://github.com/dvf/blockchain ● https://github.com/zack-bitcoin/basiccoin

  8. Building Basic Blockchain: Challenge ● How hard could it be?

  9. Building Basic Blockchain: Challenge ● How hard could it be? – Pretty hard, honestly

  10. Building Basic Blockchain: Challenge ● How hard could it be? – Pretty hard, honestly – But we’ll keep it as simple as possible

  11. Building Basic Blockchain: High level Components ● Transaction ● Block ● Blockchain ● Node ● Network

  12. Building Basic Blockchain: High level Components ● Transaction – Inputs – Outputs – Coinbase

  13. Building Basic Blockchain: High level Components ● Block – Transactions ● Merkle Root – Proof – Parent block

  14. Building Basic Blockchain: High level Components ● Blockchain – Blocks connected by parent blocks – Block #0 ● Block #1 (Child of #0) – Block #2 (Child of #1) ● Block #3 (Child of #2) ● Block #4 (Child of #3) ● Block #5 (Child of #4) ● … ● Block #N (Child of #N-1)

  15. Building Basic Blockchain: High level Components ● Node – Miner – Wallet

  16. Building Basic Blockchain: High level Components ● Network – Nodes – Blocks – Protocol

  17. Build Basic Block Chain: Transaction Input

  18. Build Basic Block Chain: Transaction Output

  19. Build Basic Block Chain: Transaction

  20. Build Basic Block Chain: Special Transactions

  21. Building Basic Blockchain: Hashing ● Exploring hashing with live code

  22. Build Basic Blockchain: Hashing

  23. Build Basic Blockchain: Merkle Tree T op Hash Hash 0 hash( ) + Hash 1 Hash Hash 0 1 Hash 0-0 Hash 1-0 hash( ) hash( ) + + Hash 0-1 Hash 1-1 Hash Hash Hash Hash 0-0 0-1 1-0 1-1 hash(L1) hash(L2) hash(L3) hash(L4) Data L1 L2 L3 L4 Blocks

  24. Build Basic Block Chain: Merkle Root

  25. Building Basic Blockchain: Block Helpers

  26. Building Basic Blockchain: Genesis Block

  27. Building Basic Blockchain: Blockchain ● Exploring blockchain with live code

  28. Building Basic Blockchain: Virtual Machine ● Transaction outputs are scripts

  29. Building Basic Blockchain: Virtual Machine ● Transaction outputs are scripts ● Breathe a sigh of relief

  30. Building Basic Blockchain: Virtual Machine ● Transaction outputs are scripts ● Breathe a sigh of relief – We won’t be implementing all that today! ● Listen to Merlin ramble on about it, anyway

  31. Breaking Basic Blockchain ● What is controllable ● How is a 51% attack executed?

  32. Breaking Production Blockchains: Smart Contracts ● There are many attacks against smart contracts

  33. Breaking Production Blockchains: Smart Contracts ● There are many attacks against smart contracts – Underflow and Overflow are the most basic

  34. Breaking Production Blockchains: Smart Contracts ● Understanding the DAO hack

  35. Breaking Production Blockchains: Smart Contracts ● Understanding the DAO hack – Recursive function calls are dangerous

  36. Breaking Production Blockchains: Smart Contracts ● Understanding the DAO hack – Recursive function calls are dangerous – Especially when you do work on either side of them

  37. Breaking Production Blockchains: Smart Contracts ● Understanding the DAO hack

  38. Breaking Production Blockchains: Smart Contracts ● ERC20 Short Address Attack – Generate address with trailing zero – Send to address without trailing zero

  39. Protecting Production Blockchains: Nodes and Wallets ● Private keys – Passphrases – Cold storage ● RTFM your configuration ● Firewalls ● Monitoring and Alerting

  40. Protecting Production Blockchains: Network ● Economic feasibility of 51% attacks ● Like any other software: patches

  41. Protecting Production Blockchains: Network ● Economic feasibility of 51% attacks ● Like any other software: patches – Bitcoin DoS [patch] ● Bitcoin Infinite Inflation? ● Notice of Vulnerability ● CVE-2018-17144

  42. Protecting Production Blockchains: Smart Contracts in Solidity ● Avoid reentrancy issues ● Be careful of overflows and underflows ● Use a library – Like SafeMath ● Check lengths of addresss and other data ● Use EthFiddle and test

  43. Protecting Production Blockchains: Smart Contracts in Solidity ● Avoid reentrancy issues ● Be careful of overflows and underflows ● Use a library – Like SafeMath ● Check lengths of addresss and other data ● Use EthFiddle and test – Test

  44. Protecting Production Blockchains: Smart Contracts in Solidity ● Avoid reentrancy issues ● Be careful of overflows and underflows ● Use a library – Like SafeMath ● Check lengths of addresss and other data ● Use EthFiddle and test – Test ● Test!

  45. Questions and Contact ● Any questions? – If you’re still awake, that is ● Want to talk to Merlin? – Come check out NSL 4.0 starting late October! – Hang out on EFNet in #NSL – Hand him a drink at any conference!

Recommend

Introducing EF Block TM Introduction to EF Block Building Materials Overview of EF

Introducing EF Block TM Introduction to EF Block Building Materials Overview of EF

Introducing EF Block TM Introduction to EF Block Building Materials Overview of EF Block and the competition The EF Block System Proprietary (Patent Pending) Plant, Product and Processes of the EF Block system Homes

792 views • 34 slides
Track sponsored by Breaking the Chains of Price/Convenience with Experience Steve Lovell, Head

Track sponsored by Breaking the Chains of Price/Convenience with Experience Steve Lovell, Head

Track sponsored by Breaking the Chains of Price/Convenience with Experience Steve Lovell, Head of Retail Dev Laura Long, SVP , Adore Me Brand Edelman Laura Davis-Taylor, Co-Founder, John Greening, Associate Professor HighStreet Collective

270 views • 11 slides
The Matrix Geometric/Analytic Methods for Structured Markov Chains Markov chains whose transition

The Matrix Geometric/Analytic Methods for Structured Markov Chains Markov chains whose transition

William J. Stewart Department of Computer Science N.C. State University The Matrix Geometric/Analytic Methods for Structured Markov Chains Markov chains whose transition matrices have a special block structure. Example: B 00 B 01 0

1.89k views • 177 slides
Canadas Parliament Buildings Centre Block - circa 1900 Centre Block - Today Sir John A.

Canadas Parliament Buildings Centre Block - circa 1900 Centre Block - Today Sir John A.

Canadas Parliament Buildings Centre Block - circa 1900 Centre Block - Today Sir John A. Macdonald Building Sir John A. Macdonald Building Wellington Building Government Conference Centre Visitor Welcome Centre West Block Interim House of

643 views • 28 slides
Containerization as the Building Block for Datacenter

Containerization as the Building Block for Datacenter

Containerization as the Building Block for Datacenter Applications GOTO Amsterdam June 19, 2015 Benjamin Hindman @benh an emerging trend

1.82k views • 171 slides
Learning Goals [CT Building Block] Define spam, phishing schemes, and cookies and give

Learning Goals [CT Building Block] Define spam, phishing schemes, and cookies and give

Learning Goals [CT Building Block] Define spam, phishing schemes, and cookies and give examples of each [CT Building Block] Tell whether a communication technology (Internet, radio, LAN, etc.) is synchronous or asynchronous [CT

639 views • 39 slides
Breaking The FF3 Format- Preserving Encryption Standard Over Small Domains F. Betl Durak

Breaking The FF3 Format- Preserving Encryption Standard Over Small Domains F. Betl Durak

Breaking The FF3 Format- Preserving Encryption Standard Over Small Domains F. Betl Durak Serge Vaudenay 1 Block Ciphers {0,1} 128 0x149E00A50F0F00D6 K AES {0,1} 128 0xA4F22C1B78HE90A9 2 Block Ciphers {0,1} 128

1.32k views • 91 slides
FinChain Financial Markets Re-engineered By Steve Fernandez FinChain Topology Satellite Chains

FinChain Financial Markets Re-engineered By Steve Fernandez FinChain Topology Satellite Chains

FinChain Financial Markets Re-engineered By Steve Fernandez FinChain Topology Satellite Chains Block Chain Master Replication Nodes Block Chain Database Regulator Smart Autonomous Contracts Replication Primary dB dB [secondary]

306 views • 12 slides
Agenda Some attacks against the IP Brief introduction to IPSec Building Block: Security

Agenda Some attacks against the IP Brief introduction to IPSec Building Block: Security

IP Security Cunsheng Ding HKUST, Kong Kong, China C. Ding - COMP4631 - L21 1 Agenda Some attacks against the IP Brief introduction to IPSec Building Block: Security Association Building Block: Security Association Database

694 views • 33 slides
Needs-driven capacity building for sustainable fisheries trade and value chains 2 nd Ocean Forum

Needs-driven capacity building for sustainable fisheries trade and value chains 2 nd Ocean Forum

Needs-driven capacity building for sustainable fisheries trade and value chains 2 nd Ocean Forum on Trade related aspects of SDG14, 17 July 2018, Daniel Kachelriess, Marine Species Officer CITES is a multilateral agreement Operates through

536 views • 15 slides
Industrial Robots Industrial Robots Kinematic chains Kinematic chains Kinematic chains Kinematic

Industrial Robots Industrial Robots Kinematic chains Kinematic chains Kinematic chains Kinematic

Industrial Robots Industrial Robots Kinematic chains Kinematic chains Kinematic chains Kinematic chains Basilio Bona 1 ROBOTICA 03CFIOR Readings & prerequisites Chapter 2 (prerequisites) Reference systems Vectors Matrices

948 views • 49 slides
Breaking out of the box Understanding rela5onships between learning and assessment Breaking

Breaking out of the box Understanding rela5onships between learning and assessment Breaking

Dr Nick Saville Breaking out of the box Understanding rela5onships between learning and assessment Breaking out of the box - a metaphor for thinking about rela5onships and interpreta5ons breaking out breaking out of the box of the

895 views • 68 slides
YouthBuild: Breaking the Cycle of Poverty First building rehabbed by YouthBuild, in East Harlem

YouthBuild: Breaking the Cycle of Poverty First building rehabbed by YouthBuild, in East Harlem

YouthBuild: Breaking the Cycle of Poverty First building rehabbed by YouthBuild, in East Harlem YouthBuild is A Model of Social Innovation Going to Scale 92,000 young people have built 19,000 units of affordable housing in 273 of

906 views • 11 slides
Building Biomass Supply Chains Key Elements in Performing Transportation Due Diligence Advanced

Building Biomass Supply Chains Key Elements in Performing Transportation Due Diligence Advanced

Building Biomass Supply Chains Key Elements in Performing Transportation Due Diligence Advanced Biofuels Symposium July 23 2015 1 Current demand and market outlook Global wood pellet consumption grew from 1.7M tons to 25.1M tons per year

483 views • 16 slides
Best Practices From Across The Country Morning Session 2014 NCWBA Summit Breaking Barriers

Best Practices From Across The Country Morning Session 2014 NCWBA Summit Breaking Barriers

Breaking Barriers & Building Bridges Best Practices From Across The Country Morning Session 2014 NCWBA Summit Breaking Barriers & Building Bridges Programs/Practices to Break Barriers or Build Bridges Division for Bar Services of

491 views • 20 slides
Breaking Ground and Barriers: COMMUNITY LEADERSHIP CENTER Building a Legacy of Excellence Gloria

Breaking Ground and Barriers: COMMUNITY LEADERSHIP CENTER Building a Legacy of Excellence Gloria

Breaking Ground and Barriers: COMMUNITY LEADERSHIP CENTER Building a Legacy of Excellence Gloria Bonilla-Santiago Ph.D., Board of Governors Distinguished Service Professor of the Graduate Department of Public Policy and Administration at

622 views • 35 slides
Two ways of building round functions for block ciphers Joan Daemen Radboud University ibenik

Two ways of building round functions for block ciphers Joan Daemen Radboud University ibenik

Two ways of building round functions for block ciphers Joan Daemen Radboud University ibenik summer school 2016 1 / 44 Outline 1 Block ciphers and statistical attacks 2 Correlation basics 3 Wide trail strategy: strongly-aligned flavor

620 views • 59 slides
Building and Breaking the Browser Window Snyder Mike Shaver Overview Who the @#&^@#$ are

Building and Breaking the Browser Window Snyder Mike Shaver Overview Who the @#&^@#$ are

Building and Breaking the Browser Window Snyder Mike Shaver Overview Who the @#&^@#$ are we? A security process tested by millions Lies, damned lies, and statistics New security goodies in future Firefoxen Tools you can use About

900 views • 71 slides
QI TALK TIME Building an Irish Network of Quality Improvers TEAMS: The fundamental Building block

QI TALK TIME Building an Irish Network of Quality Improvers TEAMS: The fundamental Building block

QI TALK TIME Building an Irish Network of Quality Improvers TEAMS: The fundamental Building block to improvement Speaker: Dr David Vaughan 10 th Oct 2017 1-2 pm Connect Improve Innovate Dr David Vaughan Director of Quality and Patient Safety,

869 views • 48 slides
MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models Enrico

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models Enrico

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models Enrico Mariconti , Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross, Gianluca Stringhini. NDSS 2017, 28-02-2017 Motivation: Android

1.21k views • 37 slides
A photolabile amino acid building block based on a new fluorescent functionalised

A photolabile amino acid building block based on a new fluorescent functionalised

[a001] A photolabile amino acid building block based on a new fluorescent functionalised coumarin-6-yl-alanine Andrea S. C. Fonseca, M. Sameiro T. Gonalves and Susana P. G. Costa* Centro de Qumica, Universidade do Minho, Campus de Gualtar,

89 views • 7 slides
Cure My FEVER: Building, Breaking, and Fixing Models for Fact-Checking Christopher Hidey Tuhin

Cure My FEVER: Building, Breaking, and Fixing Models for Fact-Checking Christopher Hidey Tuhin

Cure My FEVER: Building, Breaking, and Fixing Models for Fact-Checking Christopher Hidey Tuhin Chakrabarty Tariq Alhindi Siddharth Varia Kriste Krstovski Mona Diab Smaranda Muresan Automated Fact-checking and Related Tasks Source

382 views • 36 slides
Monotonicity, Convexity and Comparability of Some Functions Associated with Block-Monotone Markov

Monotonicity, Convexity and Comparability of Some Functions Associated with Block-Monotone Markov

Monotonicity, Convexity and Comparability of Some Functions Associated with Block-Monotone Markov Chains and Their Applications to Queueing Systems Hai-Bo Yu College of Economics and Management Beijing University of Technology, Beijing, China

338 views • 23 slides
Imperial Innovations Group plc Creating, building and investing in ground-breaking technology

Imperial Innovations Group plc Creating, building and investing in ground-breaking technology

Imperial Innovations Group plc Creating, building and investing in ground-breaking technology opportunities addressing large international markets Imperial Innovations creates, builds and invests in pioneering technology opportunities

382 views • 20 slides

More recommend