snappy
play

Snappy Fast On-chain Payments with Practical Collaterals Vasilios - PowerPoint PPT Presentation

Dec 08, 2022 •783 likes •1.37k views

Snappy Fast On-chain Payments with Practical Collaterals Vasilios Mavroudis * , Karl Wst , Aritra Dhar Kari Kostiainen , Srdjan Capkun * University College London ETH Zurich 1 Cryptocurrencies s bas based on on pe

  1. Snappy Fast On-chain Payments with Practical Collaterals Vasilios Mavroudis * , Karl Wüst † , Aritra Dhar † Kari Kostiainen † , Srdjan Capkun † * University College London † ETH Zurich 1

  2. Cryptocurrencies s bas based on on pe permiss ssionless blo blockchains cou ould ❖ Decentralize the global financial system ❖ Reduce trust assumptions ❖ Increase operational transparency ❖ Improve user privacy 2

  3. Open Challenges Centralized Permissionless Processors Blockchains Thousands Tenths Throughput of txs/sec of txs/sec Confirmation Minutes to Latency in <3 sec finality Trusted third [0, full privacy) Privacy party needed 3

  4. Open Challenges Centralized Permissionless Processors Blockchains Thousands Tenths Throughput of txs/sec of txs/sec Confirmation Minutes to Latency in <3 sec finality Trusted third [0, full privacy) Privacy • Retail Payments party needed • Point-of-Sale Purchases • Time-critical Transactions 4

  5. On-chain Improvements ➢ e.g., Proof-of-Stake, Sharding ➢ Improve the throughput of the blockchain. ➢ Improve latency only under a relaxed threat model. 5

  6. On-chain Improvements ➢ e.g., Proof-of-Stake, Sharding ➢ Improve the throughput of the blockchain. ➢ Improve latency only under a relaxed threat model. No improvement in latency under the original threat model. 6

  7. Layer 2 Protocols ➢ Move transactions off the chain. ➢ Use the blockchain only when necessary. ➢ High-throughput and low-latency. 7

  8. Layer 2 Protocols ➢ Move transactions off the chain. ➢ Use the blockchain only when necessary. ➢ High-throughput and low-latency. Payment channels ❖ Large amount of locked-in funds for customers. ❖ Require a separate deposit for each channel. ❖ Pre-deposit their future expenditure. 8

  9. Layer 2 Protocols ➢ Move transactions off the chain. ➢ Use the blockchain only when necessary. ➢ High-throughput and low-latency. Payment channels ❖ Large amount of locked-in funds for customers. ❖ Require a separate deposit for each channel. ❖ Pre-deposit their future expenditure. Payment networks , Payment hubs, Side-chains ❖ Incompatible with the unilateral nature of retail payments (no rebalancing). ❖ Additional trust assumptions. 9

  10. Snappy ➢ Low latency (<2 secs) suitable for retail payments. ➢ Operates on top of low-throughput and high-latency blockchains. ➢ Future on top of high-throughput and high/mid-latency blockchains. 11

  11. Snappy ➢ Low latency (<2 secs) suitable for retail payments. ➢ Operates on top of low-throughput and high-latency blockchains. ➢ Future on top of high-throughput and high/mid-latency blockchains. Key Features ❖ No changes to the underlying consensus protocol. ❖ No additional trust assumptions. ❖ No additional operational requirements. 12

  12. Snappy ➢ Low latency (<2 secs) suitable for retail payments. ➢ Operates on top of low-throughput and high-latency blockchains. ➢ Future on top of high-throughput and high/mid-latency blockchains. Key Features ❖ No changes to the underlying consensus protocol. ❖ No additional trust assumptions. ❖ No additional operational requirements. ❖ Small opportunity cost. ❖ Requires smartcontract language. 13

  13. Snappy Application scenarios ❖ A large number of users (e.g., 1,000,000 customers). ❖ A moderate set of recipients (e.g., 100 merchants). 14

  14. Snappy Application scenarios ❖ A large number of users (e.g., 100,000 customers). ❖ A moderate set of recipients (e.g., 100 merchants). ❖ Users pay the recipients. ❖ Small- to mid-value transactions. 15

  15. Snappy Application scenarios ❖ A large number of users (e.g., 100,000 customers). ❖ A moderate set of recipients (e.g., 100 merchants). ❖ Users pay the recipients. ❖ Small- to mid-value transactions. ❖ The recipients give the products, once they receive the funds. 16

  16. How does latency occur? ❖ Block interval (e.g., ~13 seconds for Ethereum) ❖ Probabilistic finality (>1 confirmations) ❖ The number of confirmations, depends on the transaction value 17

  17. How does latency occur? ❖ Block interval (e.g., ~13 seconds for Ethereum) ❖ Probabilistic finality (>1 confirmations) ❖ The number of confirmations, depends on the transaction value Can we do zero-confirmation txs? c m 18

  18. How does latency occur? ❖ Block interval (e.g., ~13 seconds for Ethereum) ❖ Probabilistic finality (>1 confirmations) ❖ The number of confirmations, depends on the transaction value Can we do zero-confirmation txs? c m 19

  19. Trivial Solutions ❖ Convince your supermarket to trust you? ❖ Pre-deposit funds to your local supermarket? ❖ Try to catch double-spending early? 20

  20. Trivial Solutions ❖ Convince your supermarket to trust you? ❖ Pre-deposit funds to your local supermarket? ❖ Try to catch double-spending early? Can we do better? ❖ Customers keep their money in their wallet. ❖ Merchants guaranteed to get their money. ❖ No trust to/reliance on third parties. 21

  21. Idea: Collaterals 1. Customer places collateral (e.g., $100) on a smartcontract. 2. Victim merchants can claim funds if the customer cheats. Arb c m 22

  22. Idea: Collaterals 1. Customer places collateral (e.g., $100) on a smartcontract. 2. Victim merchants can claim funds if the customer cheats. Arb c m A settlement “claim” requires ❖ The payment transaction (given to the merchant by the customer). ❖ Its conflicting transaction (from the blockchain). ❖ In Ethereum, conflicting transactions share the same nonce. The collateral is used only when doublespending! 23

  23. Triple-spending Attack Arb m 1 c m 2 Scaling collaterals to multiple merchants ❖ Need to keep track of “pending” transactions. ❖ Merchants accept payment, if the collateral suffices for everyone. 24

  24. Proposal #1: Trusted Merchants 25

  25. Proposal #1: Trusted Merchants 26

  26. Proposal #1: Trusted Merchants 27

  27. Proposal #1: Trusted Merchants 28

  28. Proposal #1: Trusted Merchants 29

  29. Proposal #1: Trusted Merchants 30

  30. Proposal #1: Trusted Merchants 31

  31. Proposal #1: Trusted Merchants Drawbacks ❖ Assumes all merchants are trustworthy. ❖ Requires 100% availability of all merchants. Side-chain variant ❖ Additional trust assumptions ❖ e.g., BFT -> 1/3 malicious merchants 32

  32. Proposal #2: Trusted Third Party 34

  33. Proposal #2: Trusted Third Party 35

  34. Proposal #2: Trusted Third Party 36

  35. Proposal #2: Trusted Third Party 37

  36. Proposal #2: Trusted Third Party Drawbacks - What if the statekeeper equivocates? - What if the statekeeper colludes with customers? 38

  37. Proposal #3: Untrusted Third Party ❖ Almost the same as before ❖ Statekeeper places collateral per merchant. ❖ If the customer’s collateral get depleted, the statekeeper’s collateral is used. 41

  38. Proposal #3: Untrusted Third Party ❖ Almost the same as before ❖ Statekeeper places collateral per merchant. ❖ If the customer’s collateral get depleted, the statekeeper’s collateral is used. Drawbacks - We still rely on a third party. 42

  39. Snappy: Statekeeping Merchants 44

  40. Snappy: Statekeeping Merchants 45

  41. Snappy: Statekeeping Merchants 46

  42. Snappy: Statekeeping Merchants 47

  43. Snappy: Statekeeping Merchants 48

  44. Snappy: Statekeeping Merchants 49

  45. Snappy: Statekeeping Merchants 50%+1 Approvals 50

  46. Snappy: Statekeeping Merchants 50%+1 Approvals Approval: “I haven’t approved another transaction from c 1 with the same index number.” 51

  47. Snappy: Statekeeping Merchants 52

  48. Snappy: Statekeeping Merchants 53

  49. Proof of Merchant Equivocation 54

  50. Proof of Merchant Equivocation 55

  51. Proof of Merchant Equivocation 56

  52. Approval Protocol c m s 1 s 2 s l ... S c, INT c 1. The customer initializes the payment. 1 2 Cust Eval 2. Merchant verifies the collateral suffices. INT c 3. Payment approval (50%+1). Payment Approval 3 3 4. Statekeeper evaluation. >k/2 5. Signature aggregation (e.g., BLS). 4 Sk Eval 5 SigAggr 6. Customer signs final transaction. Α 7. Merchant verifies and completes checkout. 6 Tx Fin τ c m 8. Transaction logged in blockchain and 7 τ c m 8 by the smartcontract. Blockchain 57

  53. Approval Protocol c m s 1 s 2 s l ... S c, INT c 1. The customer initializes the payment. 1 2 Cust Eval 2. Merchant verifies the collateral suffices. INT c 3. Payment approval (50%+1). Payment Approval 3 3 4. Statekeeper evaluation. >k/2 5. Signature aggregation (e.g., BLS). 4 Sk Eval 5 SigAggr 6. Customer signs final transaction. Α 7. Merchant verifies and completes checkout. 6 Tx Fin τ c m 8. Transaction logged in blockchain and 7 τ c m 8 by the smartcontract. Blockchain 58

  54. Scalability: Latency 64

  55. Scalability: Small Collaterals ❖ Only need to cover the expenditure within the latency period. ❖ Reusable. ❖ Flexible. ❖ Independent of the number of customers. 65

  56. Takeaways ❖ An honest merchant never loses funds. ❖ Deployable on top of existing blockchains (e.g.,Ethereum). ❖ No additional trust assumptions. ❖ Small amount of locked in funds. ❖ Very low latency. 66

Recommend

Annoying trailers: http://www.youtube.com/user/NathanDunfield/ http://snappy.computop.org People

Annoying trailers: http://www.youtube.com/user/NathanDunfield/ http://snappy.computop.org People

Annoying trailers: http://www.youtube.com/user/NathanDunfield/ http://snappy.computop.org People who heard this talk also viewed: J. Aaber and N. Dunfield Closed surface bundles of least volume arXiv:1002.3423 Hyperbolically twisted

432 views • 19 slides
Annoying trailers: http://snappy.computop.org http://www.youtube.com/user/NathanDunfield/ People

Annoying trailers: http://snappy.computop.org http://www.youtube.com/user/NathanDunfield/ People

Annoying trailers: http://snappy.computop.org http://www.youtube.com/user/NathanDunfield/ People who heard this talk also viewed: J. Aaber and N. Dunfield Closed surface bundles of least volume arXiv:1002.3423 Hyperbolically twisted

228 views • 22 slides
Finding Diagrams Ken Baker Department of Mathematics University of Miami Coral Gables, FL

Finding Diagrams Ken Baker Department of Mathematics University of Miami Coral Gables, FL

Finding Diagrams Ken Baker Department of Mathematics University of Miami Coral Gables, FL Perspectives on Dehn Surgery, ICERM July 15, 2019 Ken Baker Finding Diagrams Tools: Two Programs SnapPy: http://SnapPy.CompuTop.org Written by

669 views • 55 slides
http://snap.stanford.edu/snappy CS224W, Fall 2019 Introduction to SNAP Snap.py for Python

http://snap.stanford.edu/snappy CS224W, Fall 2019 Introduction to SNAP Snap.py for Python

http://snap.stanford.edu/snappy CS224W, Fall 2019 Introduction to SNAP Snap.py for Python Network analytics CS224W, Fall 2019 S tanford N etwork A nalysis P latform (SNAP) is a general purpose, high-performance system for analysis

622 views • 46 slides
Snappy Ubuntu Core Enabling secure devices with app stores We are the company behind Ubuntu.

Snappy Ubuntu Core Enabling secure devices with app stores We are the company behind Ubuntu.

Snappy Ubuntu Core Enabling secure devices with app stores We are the company behind Ubuntu. Canonical and Ubuntu | Best of both worlds CANONICAL Ubuntu Commercial backing #1 Linux Desktop for the #1 general purpose Linux OS: #1 Cloud OS

1.41k views • 26 slides
Writing Home 9: Writing a Newspaper Report Th The 5Ws and H: The newspaper report should

Writing Home 9: Writing a Newspaper Report Th The 5Ws and H: The newspaper report should

Writing Home 9: Writing a Newspaper Report Th The Headline Your headline should be short and snappy. It should be large and bo bold. d. Use exciting words, alliteration or rhyming words to catch the reader's attention. Your

262 views • 4 slides
Taming Failures by Partitioning Time and Space Sadek Drobi prismic.io CEO &amp; Co-founder

Taming Failures by Partitioning Time and Space Sadek Drobi prismic.io CEO &amp; Co-founder

Taming Failures by Partitioning Time and Space Sadek Drobi prismic.io CEO &amp; Co-founder Playframework Co-creator @sadache prismic.io, a snappy tour Building a Website with dynamic content is a pain No content Use a visual builder Use

760 views • 43 slides

More recommend