Easter blogging – Blockchain in examples

After the intro into the world of bitcoin and blockchain and then showing the link to financial services, now is (finally) time for my last post in the series and this time about real world applications of blockchain. Luckily the long wait till I finally write it down, came with new findings so it was worth the extra time.

 

If you remember some of the prominent use cases for blockchain were:

  • Identity – blockchain allows to safely store, confirm and distribute personal data which is applicable for KYC.
  • Registry – blockchain could keep track of records of ownership, enable exchange of ownership of physical assets for digital ones, or just store information for public or permissioned access.
  • Smart contracts – blockchain can create and execute autonomously financial contracts e.g. payouts.

And here are some interesting services that I found with time:

  • Notary services are offered by Bitproof, Blocksign, Stampd and others. In the core of the services, a digital version of a signed document is uploaded and the parties share their acknowledgement in the form of a video (or other means). This comes at a 99% less cost than a traditional service and goes at a price of around 10 cents (or less) in Stampd. Ironically, I have stored the links for this article for some months and the first 2 did not open today. Not sure if they are still live, and in addition a recent article cast doubt on the readiness of such solutions as they do not seem to ensure that it was you who signed the document and that all parties did so voluntarily.
  • KYC via ShoCard. ShoCard offers a digital identity solution that records your personal information and stores it on your mobile phone while keeping a hash of it on their servers. This allows to use your info in numerous places without having to repeatedly provide proof that this is you and you provide the correct information as it was already verified once. This is quite useful for speeding up the KYC procedure for financial institutions but can also go towards replacing your driving license with a digital proof and logging into websites with a fingerprint from your phone.
  • Peer to peer everything – Arcade City is the “Black Market” Uber. It came to light after Uber and Lyft had to shut down operations in Austin, Texas. The response from the community was to set up a FB group where rides are requested and drivers pick them up. Arcade City aims to build on this momentum and remove the middleman in ride-sharing by connecting riders and drivers directly by using blockchain. It wants to take a small cut of payments once the company finished building its app. The company has been very controversial as it seems to have missed on promises and features but the idea is mindblowing.
  • Decentralized asset exchanges and marketplaces with notable examples such as BitStampBitShares, RMG Royal Mint and BitBond. BitShares claims (full source):

a high-performance decentralized exchange, with all the features you would expect in a trading platform. It can handle the trading volume of the NASDAQ, while settling orders the second you submit them.

Decentralization gives BitShares robustness against failure. When a centralized exchange is compromised, millions of dollars and thousands of users are impacted all at once. In a decentralized system, any attack or failure impacts only a single user and their funds. Users are in control of their own security, which can be much better than any centralized entity.

With BitShares your trades execute in seconds, just like any centralized website interface. Unlike centralized exchanges, there can be no high-frequency trading, front running, or hidden orders. This puts all traders on a level playing field.

  • Distributed ledger as a platform – projects like Corda, Hyperledger Project and Ethereum have built the foundation for execution of smart contracts. Such platforms standardise the way to store, manage and automate legal agreements between businesses. For example, Corda is being developed by R3, a consortium of over 70 of the world’s largest financial institutions. Their mission is “the establishment of an open, enterprise-grade, shared platform to record financial events and execute smart contract logic” (source: Corda website).

Some of the listed apps and platforms are growing pretty fast and experiencing wide industry acceptance (e.g. Corda, Ethereum), others seem to be still defining their value proposition and in development. But all in all the blockchain market evolves with more services, platforms and currencies starting every year, and blockchain is here to stay.

And for those celebrating Easter. It’s a time for eating all the chocolate you can find with complete impunity!

Have a delicious Easter with your beloved ones!!!

Blockchain in the context of financial services

In my last post I put together a brief intro of bitcoin and its characteristics. This is how we reached the topic of blockchain which is behind bitcoin. In the context of financial services blockchain is a ledger or in other words it represents historical records of verifiable monetary stake. There is a wonderful demo what blockchain actually looks like on Anders Brownworth’s blog.

Knowing what blockchain is, why is it so useful in financial services?

Trustless exchange – Two parties are able to make an exchange without the oversight or intermediation of a third party, strongly reducing or even eliminating counterparty risk.

User control -users are in control of all their information and transactions e.g. physically may own it and provide a public token as reference to it.

Data integrity and quality – blockchain data is standardised, consistent, and widely available.

Reliability – due to its decentralized nature, blockchain does not have a central point of failure and is better able to withstand malicious attacks. With the reservation/pre-condition that the consensus process cannot be manipulated.

Transparency and immutability – changes to public blockchains are publicly viewable by everybody in the blockchain thus creating transparency, and all transactions cannot be altered or deleted. This is the equivalent of one single source of truth for all.

Ecosystem simplification – putting all transactions on a single public ledger, removes the complications of multiple ledgers and many parallel truths.

Faster transactions – nowadays interbank transactions can take days for clearing and final settlement, especially outside of working hours. Blockchain transactions can reduce transaction times to seconds (or minutes) and are processed 24/7.

Transaction costs – by eliminating  intermediaries and overhead costs for exchanging assets, blockchains have the potential to greatly reduce transaction fees.

Permissions and rich consensus process – a public blockchain is a blockchain that anybody in the world can read, can send transactions to and expect to see them included if they are valid. Also anybody in the world can participate in the consensus process – the process for determining what blocks get added to the chain and what the current state is. Consortium blockchains: a consortium blockchain is a blockchain where the consensus process is controlled by a pre-selected set of nodes; for example, one might imagine a consortium of 10 financial institutions, each of which operates a node and of which 7 must sign every block in order for the block to be valid. Fully private blockchains: a fully private blockchain is a blockchain where write permissions are kept centralized to one organization. Read permissions may be public or restricted to an arbitrary extent.

Original sources for the points above + my own commentary: Deloitte on blockchain technology/Ethereum blog

Blockchain has already been widely applied in financial services. In most cases we talk about proof of concept applications but there are already several exchanges running on blockchains and many other exciting applications (more on them in my next article). Organizations like R3 and Digital Asset Holdings have worked tirelessly to understand the market fit of blockchain and provide software kits which then to a great extent enabled the blockchain revolution.

Some of the most prominent use cases for blockchain are as follows:

  • Identity – blockchain allows to safely store, confirm and distribute personal data which is applicable for KYC.
  • Registry – blockchain could keep track of records of ownership, enable exchange of ownership of physical assets for digital ones, or just store information for public or permissioned access.
  • Smart contracts – blockchain can create and execute autonomously financial contracts e.g. payouts.

My post got pretty lengthy this time so let me stop here. In my next article I would like to share some really interesting real life applications of blockchain.

New year, new topics. Finally a bit about Blockchain

Well well, after months of research and talks with thought leaders and blockchain companies finally gained some confidence to bother you with my thoughts.

When talking about blockchain you cannot skip bitcoin on the way. So what is bitcoin and why is it relevant?

Bitcoin is a form of digital currency, created and held electronically. It is the first example of a growing category of money known as cryptocurrency. A software developer called Satoshi Nakamoto proposed bitcoin and the idea was to produce a currency independent of any central authority, transferable electronically, more or less instantly, with very low transaction fees. Bitcoin was introduced to a cryptography mailing list and released as open-source software in 2009.

The bitcoin protocol – the rules that make bitcoin work – say that only 21 million bitcoins can ever be created by miners. However, these coins can be divided into smaller parts (the smallest divisible amount is one hundred millionth of a bitcoin and is called a ‘Satoshi’, after the founder of bitcoin).

Source: Coindesk

Bitcoin is an application of blockchain and as such carries several very important characteristics:

It’s decentralized – The bitcoin network isn’t controlled by a central authority. Every machine that mines bitcoin and processes transactions makes up a part of the network, and decisions are taken based on consensus.

It’s transparent – Bitcoin stores details of every single transaction that ever happened in the network in a huge version of a general ledger, called the blockchain.

It’s non-repudiable – When bitcoins are sent, you cannot get them back. Unless the recipient returns them to you.

Some other characteristics are:

Transaction fees are miniscule – If a bank may charge you a EUR 10 fee for international transfers. In the case of Bitcoin we talk cents.

It’s fast – Money transfers arrive just few minutes later.

It’s easy to set up – You can set up a bitcoin address in seconds, no questions asked, and with no fees payable. Now think what it takes with your home bank.

It’s anonymous – Users can hold multiple bitcoin addresses, and they aren’t linked to names, addresses, or other personally identifying information.

Source: Coindesk

If this is not enough watch this cool bitcoin video. Something I find really entertaining is the mining industry behind bitcoin – take a look for some spicy details.

So what is blockchain?

Blockchain is a huge general ledger. And it has a killer application in the financial markets. More on the topic in the context of financial markets will follow in my next post in a week time.

This week: a lil teaser about Blockchain and how your Skype account got hacked

Skype spam messagesBlockchain is growing in importance with every day passing by. This is the reason why I plan dedicated posts, not mixed with the rest of my areas of interest. The series of posts that I prepare will follow a simple pattern:

 

  • The history of Blockchain and brief description of the technology
  • Application of Blockchain with financial services in focus
  • Overview of Blockchain projects, startups and ideas

Once I finally get the time to condense all the info I have collected into the planned brief blog posts, you will hear from me. But I do believe this will happen in the next 2 weeks.

Now about Skype. Few weeks ago I woke up late on a Sunday morning to find out that my Skype account has been sending spam messages to my contact list. That kinda hurt my feelings as I tend to have decent security in place and until then used to LOL on all skype accounts that sent me these messages.

It took me about 2 days to ping all my friends, colleagues, business contacts not to click these links (the screenshot above is real, unfortunately). Not surprisingly also changed my password, but I promised to myself to do some research.

There are several ways how the hackers could have guessed my password – brute force attack, getting the answer to my secret question, Microsoft leaking my password (Skype was acquired by MS). My password was a strong one (as usual), same with my secret question. The resulting research showed that other users had password of 15 chars and above, plus special chars, and still got hacked. And after changing their password, some of them got hacked again.

The anatomy of the hacking activity was well described in 2015. The hacker would search for an account with weak password, then break the password and start sending messages to all contacts of this account. The messages contain a seemingly legitimate link e.g. link from Baidu and when the link is clicked the URL will lead to the hackers site, record the username of the user that clicked and then forward to another site e.g. diet site. Thus the attacker knows that a skype ID is valid and in use (so it makes sense to break in and spam further). More than 1 year later Microsoft has still not taken sufficient action to prevent this from happening and this is all that Skype offers on the topic.

In case you have a Microsoft account things do not stop here. Apparently, after the acquisition, all Skype logins were merged into Microsoft’s own login system. This allows for the hackers to log in into an MS account with weak (or hacked) skype credentials, even bypassing enabled 2 factor authentication although it was configured for the initial MS account. Big thanks to Jukka-Pekka for summing it all up. And go check your MS account, you might have a ticking bomb there.

Bottom line, the hack seems to pass even one year after it was reported. A hacked account could send thousands of identical spam messages without the message being automatically blocked or flagged. All this is happening at the end of year 2016!

It is still unclear, how long and seemingly secure passwords have been repeatedly compromised. Looking forward to somebody finding the missing link e.g. if our Skype passwords were leaked.