标记为“比特币”的条目

第1页共2页

Blockchain and Trust

In his 2008white paper第一个提议比特币,the anonymous Satoshi Nakamoto concluded with: "We have proposed a system for electronic transactions without relying on trust."他指的是块链,the system behind bitcoin cryptocurrency.The circumvention of trust is a great promise,but it's just not true.对,比特币消除了信用卡等其他支付系统固有的某些可信中介机构。但你还是要相信比特币——以及它的一切。

Much has been written aboutblockchains它们是如何移动的,重塑,或者消除信任。But when you analyze both blockchain and trust,you quickly realize that there is much more hype than value.区块链解决方案往往比它们所取代的方案更糟糕。

第一,a caveat.通过区块链,I mean something very specific: the data structures and protocols that make up apublic块链。These have three essential elements.第一个是分布式(如多个副本)但是集中的(如只有一个)分类账,which is a way of recording what happened and in what order.这个分类帐是公开的,meaning that anyone can read it,不可变的,这意味着没有人能改变过去发生的事情。

第二个要素是共识算法,which is a way to ensure all the copies of the ledger are the same.这通常被称为采矿;系统的一个关键部分是任何人都可以参与。它也是分布式的,meaning that you don't have to trust any particular node in the consensus network.它也可能非常昂贵,在数据存储和energy requiredto maintain it.比特币拥有世界上最昂贵的共识算法,到目前为止。

Finally,the third element is the currency.这是一种有价值的公开交易的数字代币。Currency is a necessary element of a blockchain to align the incentives of everyone involved.涉及这些代币的交易存储在分类账上。

私有区块链完全没有意思。(By this,I mean systems that use the blockchain data structure but don't have the above three elements.) In general,它们对谁可以与区块链及其功能交互有一些外部限制。These are not anything new;它们是分布式的只附加数据结构,其中包含授权添加到其中的个人列表。Consensus protocols have been studied in distributed systems for more than 60 years.Append-only data structures have been similarly well covered.They're blockchains in name only,and -- as far as I can tell -- the only reason to operate one is to ride on the blockchain hype.

All three elements of a public blockchain fit together as a single network that offers new security properties.问题是:它真的有什么用吗?It's all a matter of trust.

Trust is essential to society.作为一个物种,humans are wired to trust one another.没有信任社会就不能运转,and the fact that we mostly don't even think about it is a measure of how well trust works.

The word "trust"is loaded with many meanings.有个人和亲密的信任。When we say we trust a friend,we mean that we trust their intentions and know that those intentions will inform their actions.还有不那么亲密的,less personal trust -- we might not know someone personally,或者知道他们的动机,but we can trust their future actions.Blockchain enables this sort of trust: We don't know any bitcoin miners,for example,但是我们相信他们会遵循挖掘协议,使整个系统工作。

大多数区块链爱好者对信任的定义都非常狭窄。他们喜欢这样的流行语in code we trust,“"in math we trust,“and "in crypto we trust”他说,“我想我应该去看看。”这是作为验证的信任。但是验证和信任不同。

2012年,I wrote a book about trust and security,骗子和局外人.In it,I listed four very general systems our species uses to incentivize trustworthy behavior.The first two are morals and reputation.问题是,它们只能扩展到一定的人口规模。Primitive systems were good enough for small communities,但更大的社区需要授权,更多的形式主义。

第三个是机构。Institutions have rules and laws that induce people to behave according to the group norm,imposing sanctions on those who do not.在某种意义上,laws formalize reputation.Finally,第四个是安全系统。这些是我们使用的各种各样的安全技术:门锁和高栅栏,报警系统和防护装置,取证和审计系统,and so on.

These four elements work together to enable trust.Take banking,for example.金融机构,merchants,and individuals are all concerned with their reputations,which prevents theft and fraud.The laws and regulations surrounding every aspect of banking keep everyone in line,including backstops that limit risks in the case of fraud.And there are lots of security systems in place,从防伪技术到互联网安全技术。

在他2018年的书中,Blockchain and the New Architecture of Trust,Kevin Werbach outlines four different "trust architectures."首先是点对点信任。这基本上符合我的道德和声誉体系:一对相互信任的人。第二个是利维坦信托公司,which corresponds to institutional trust.You can see this working in our system of contracts,which allows parties that don't trust each other to enter into an agreement because they both trust that a government system will help resolve disputes.His third is intermediary trust.信用卡系统就是一个很好的例子,这使得不可靠的买卖双方可以从事商业活动。他的第四个信任体系结构是分布式信任。This is emergent trust in the particular security system that is blockchain.

What blockchain does is转移一些信任in people and institutions to trust in technology.You need to trust the cryptography,协议,the software,the computers and the network.And you need to trust them absolutely,because they're often single points of failure.

When that trust turns out to be misplaced,there is no recourse.如果你的比特币兑换被黑客攻击,you lose all of your money.If your bitcoin wallet被黑客攻击,you lose all of your money.If you forget your login credentials,you lose all of your money.If there's a代码中的错误你的智能合约,you lose all of your money.If someone successfullyhacks the blockchain security,you lose all of your money.In many ways,trusting technology is harder than trusting people.你愿意相信一个人类的法律系统,还是你没有审计专业知识的一些计算机代码的细节?

区块链爱好者指出更传统的信托形式——银行手续费,for example -- as expensive.但是区块链信任也很昂贵;the cost is just hidden.比特币,这就是额外开采比特币的成本,交易费用,and the enormous environmental waste.

区块链并不能消除信任人类机构的必要性。There will always be a big gap that can't be addressed by technology alone.People still need to be in charge,而且总是需要在系统之外进行治理。This is obvious in the ongoing debate about更改比特币块大小,or in修复刀攻击反对Ethereum.总是需要推翻规则,and there's always a need for the ability to make permanent rules changes.As long as hard forks are a possibility -- that's when the people in charge of a blockchain step outside the system to change it -- people will need to be in charge.

Any blockchain system will have to coexist with other,more conventional systems.现代银行业,for example,is designed to be reversible.Bitcoin is not.这使得两者很难兼容,结果往往是不安全。Steve Wozniak was从7万美元中捞出来因为他忘了这个。

区块链技术通常是集中的。Bitcoin might theoretically be based on distributed trust,but in practice,这不是真的。Just about everyone using bitcoin has to trust one of the few available wallets and use one of the few available exchanges.People have to trust the software and the operating systems and the computers everything is running on.我们还看到了针对钱包和交易所的攻击。我们已经看到特洛伊木马、网络钓鱼和密码猜测。犯罪分子甚至利用人们用来修理手机偷比特币的系统缺陷。

Moreover,在任何分布式信任系统中,there are backdoor methods for centralization to creep back in.比特币,只有少数几个矿工有重大影响。有一家公司提供采矿硬件.只有少数几个主要的交易所。在大多数人与比特币互动的程度上,通过这些集中的系统。This also allows for attacks against blockchain-based systems.

这些问题不是当前区块链应用程序中的漏洞,they're inherent in how blockchain works.Any evaluation of the security of the system has to take the whole socio-technical system into account.Too many blockchain enthusiasts focus on the technology and ignore the rest.

To the extent that people don't use bitcoin,因为他们不相信比特币。That has nothing to do with the cryptography or the protocols.事实上,如果你忘记了你的钥匙或者下载了一个恶意软件,那么你可能会失去你的生活储蓄的系统就不是特别值得信赖了。No amount of explaining how SHA-256 works to preventdouble-spendingwill fix that.

Similarly,to the extent that people do use blockchains,it is because they trust them.人们要么拥有比特币,要么不以信誉为基础;即使是那些持有比特币的投机者也是如此,因为他们认为比特币会使他们迅速致富。People choose a wallet for their cryptocurrency,and an exchange for their transactions,基于声誉。We even evaluate and trust the cryptography that underpins blockchains based on the algorithms' reputation.

看看这怎么会失败,look at the varioussupply-chain security systemsthat are using blockchain.区块链不是其中任何一个的必要特征。他们成功的原因是每个人都有一个单一的软件平台来输入他们的数据。Even though the blockchain systems are built on distributed trust,people don't necessarily accept that.例如,some companiesdon't trust the IBM/Maersk systembecause it's nottheir块链。

不合理的?Maybe,但信任就是这样运作的。It can't be replaced by algorithms and protocols.比这更具社会性。

不过,the idea that blockchains can somehow eliminate the need for trust persists.最近,我收到了一家公司的电子邮件,该公司使用区块链实现了安全消息传递。It said,in part: "Using the blockchain,正如我们所做的,has eliminated the need for Trust."这种观点表明,作者误解了区块链的作用和信任的工作方式。

Do you need a public blockchain?The answer is almost certainly.A blockchain probably doesn't solve the security problems you think it solves.The security problems it solves are probably not the ones you have.(操纵审计数据可能不是你的主要安全风险。)对区块链的错误信任本身就是安全风险。The inefficiencies,尤其是在缩放时,are probably not worth it.我看过很多区块链applications,and all of them could achieve the same security properties without using a blockchain­ -- of course,then they wouldn't have the cool name.

Honestly,cryptocurrencies are useless.它们只被寻找快速财富的投机者使用,people who don't like government-backed currencies,and criminals who want a black-market way to exchange money.

要回答是否需要区块链的问题,ask yourself: Does the blockchain change the system of trust in any meaningful way,或者只是转移一下?Does it just try to replace trust with verification?Does it strengthen existing trust relationships,or try to go against them?在新制度下,如何滥用信任,and is this better or worse than the potential abuses in the old system?最后:如果你根本不使用区块链,你的系统会是什么样子?

If you ask yourself those questions,很可能你会选择不使用公共区块链的解决方案。这将是一件好事——尤其是当炒作消散时。

这篇文章以前出现过在wired.com上。

编辑添加(2/11):Two评论on my essay.

我想写这篇文章已经一年多了。The impetus to finally do it came from an invite to speak at the超级账本全球论坛12月。This essay is a version of the talk I wrote for that event,made more accessible to a general audience.

这似乎是区块链收购的季节。James Waldo has anexcellent essayin Queue.And Nicholas Weaver gavetalkat the Enigma Conference,summarized在这里.这是一个简短的版本this talk.

EDITED TO ADD (2/17): Redditthread.

EDITED TO ADD (3/1):Twomorearticles.

Posted on February 12,2019 at 6:25 AM查看评论

New Attack Against Electrum Bitcoin Wallets

Thisis clever:

How the attack works:

  • 攻击者向Electrum钱包网络添加了数十个恶意服务器。
  • Users of legitimate Electrum wallets initiate a Bitcoin transaction.
  • If the transaction reaches one of the malicious servers,these servers reply with an error message that urges users to download a wallet app update from a malicious website (GitHub repo).
  • 用户单击链接并下载malicious update.
  • 当用户打开恶意的Electrum钱包时,应用程序要求用户输入一个双因素认证(2FA)代码。This is a red flag,因为这些2FA代码只在发送资金之前被请求,而不是钱包启动时。
  • The malicious Electrum wallet uses the 2FA code to steal the user's funds and transfer them to theattacker's Bitcoin addresses.

The problem here is that Electrum servers are allowed to trigger popups with custom text inside users' wallets.

Posted on January 7,2019年上午6:13查看评论

Nicholas Weaver on Cryptocurrencies

This值得一读(非付费)版本).Here's the opening:

加密货币,虽然看起来很有趣,are simply not fit for purpose.它们不作为货币工作,they are grossly inefficient,而且它们在信任方面也没有意义上的分配。Risks involving cryptocurrencies occur in four major areas: technical risks to participants,参与者的经济风险,systemic risks to the cryptocurrency ecosystem,and societal risks.

关于加密货币我写得不多,but I share Weaver's skepticism.

编辑添加(8/2):保罗·克鲁格曼cryptocurrencies.

发表于7月24日,2018年上午6:29查看评论

调节比特币

罗斯·安德森有一篇关于加密货币兑换的新论文。从his blog:

Bitcoin Reduxexplains what's going wrong in the world of cryptocurrencies.The bitcoin exchanges are developing into a shadow banking system,which do not give their customers actual bitcoin but rather display a "balance"and allow them to transact with others.However if Alice sends Bob a bitcoin,他们都是同一交易所的客户,它只是调整它们的平衡,而不是在区块链上做任何事情。这是一个电子货币服务,according to European law,但是法律是强制执行的吗?不重要。We've been looking at the details.

Thepaper.

发布于6月5日,2018 at 6:32 AM查看评论

Tracing Stolen Bitcoin

罗斯·安德森有一个really interesting paperon tracing stolen bitcoin.From ablog post:

Previous attempts to track tainted coins had used either the "poison"or the "haircut"方法。假设我打开一个新地址,把三个偷来的比特币和七个新开采的比特币放进去。Then under poison,the output is ten stolen bitcoin,在剪头发的时候,有10比特币被偷了30%。经过数千个街区,poison tainting will blacklist millions of addresses,while with haircut the taint gets diffused,so neither is very effective at tracking stolen property.比特币尽职调查服务取代了用ai/ml进行理发污染跟踪,但结果仍然不令人满意。

We discovered that,回到1816年,the High Court had to tackle this problem in Clayton's case,其中包括破产银行的资产和负债。The court ruled that money must be tracked through accounts on the basis of first-in,先进先出(FIFO);一个账户的第一分钱用来支付第一笔提款,and so on.

Ilia Shumailov has written software that applies FIFO tainting to the blockchain and the results are impressive,精度大大提高。另外,FIFO taint tracking is lossless,unlike haircut;so in addition to tracking a stolen coin forward to find where it's gone,你可以从任何一个utxo开始,然后追溯到它的整个祖先。It's not just good law;it's good computer science too.

发表于3月28日,2018 at 6:30 AM查看评论

"Crypto"Is Being Redefined as Cryptocurrencies

我同意洛伦佐·弗朗西斯科·比奇耶莱的观点,"Cryptocurrencies aren't 'crypto'“:

最近在互联网上,people in the world of Bitcoin and other digital currencies are starting to use the word "crypto"as a catch-all term for the lightly regulated and burgeoning world of digital currencies in general,或者“加密货币”这个词-- which probably shouldn't even be called "currency,"by the way.

[...]

要说清楚,I'm not the only one who is mad about this.比特币和其他技术确实使用了密码技术:所有加密货币交易都由“公钥”保护。所有人都知道,还有一把“私钥”known only to one party­ -- this is the basis for a swath of cryptographic approaches (known as public key,or asymmetric cryptography) like PGP.但是密码学家说这并不是他们真正的特征。

“大多数加密货币与严重的密码术几乎没有任何关系。”Matthew Green,a renowned computer scientist who studies cryptography,told me via email.“除了数字签名和哈希函数的简单使用,这是个愚蠢的名字。”

It is a stupid name.

Posted on December 4,2017 at 9:14 AM查看评论

Building Smarter Ransomware

Matthew Green and students推测on what truly well-designed ransomware system could look like:

Most modern ransomware employs a cryptocurrency like Bitcoin to enable the payments that make the ransom possible.对于比特币这样的系统来说,这也许不是最有力的论据——但比特币似乎不太可能很快消失。If we can't solve the problem of Bitcoin,也许可以用比特币使“更可靠”ransomware.

[...]

Recall that in the final step of the ransom process,the ransomware operator must deliver a decryption key to the victim.This step is the most fraught for operators,since it requires them to manage keys and respond to queries on the Internet.如果运营商能够完全消除这一步骤,对他们来说不是更好吗?

[...]

At least in theory it might be possible to develop a DAO that's funded entirely by ransomware payments -- and in turn mindlessly contracts real human beings to develop better ransomware,deploy it against human targets,然后…冲洗重复。It's unlikely that such a system would be stable in the long run ­ humans are clever and good at destroying dumb things ­ but it might get a good run.

One of the reasons society hasn't destroyed itself is that people with intelligence and skills tend to not be criminals for a living.如果它成为一条可行的职业道路,we're doomed.

Posted on March 7,2017年上午8:15查看评论

IoT Ransomware against Austrian Hotel

攻击者拥有一个奥地利酒店网络for赎金,demanding $1,800 in bitcoin to unlock the network.除此之外,锁定的网络不允许任何客人打开酒店房间的门。

我预计物联网勒索将在未来几年成为犯罪的主要领域。我们还要多久才能看到这种对付汽车的策略?Against home thermostats?Within the year is my guess.只要赎金价格不太高,people will pay.

EDITED TO ADD: There seems to be a lot of confusion about exactly what the ransomware did.早期的报道说旅馆的客人被锁了insidetheir rooms,这当然是荒谬的。现在有报道说没有人被锁在他们的房间之外。

EDITED TO ADD (2/13): Moreinformation.

1月31日发布,2017年上午8:49查看评论

Sidebar photo of Bruce Schneier by Joe MacInnis.