Professional Documents
Culture Documents
Developing Blockchain Software PDF
Developing Blockchain Software PDF
1
About Me
David Schwartz
Chief Cryptographer at Ripple
2
Global Leader in Distributed
Financial Technology
3
135
Team members
Our Experience
Financial Services
J.P. Morgan
Citi
Merrill Lynch
Technology
Google
Apple
Yahoo
Regulation
Federal Reserve
SEC
DTCC
BlackRock Bloomberg NSA
Visa NASA
⅔ engineering talent Fiserv
Paypal
Prosper
4 4
Sample of our Customers and Partners
Banking Partners
Consulting Partnerships
Technology Partnerships
5
Blockchains
6
What is a blockchain and what is one good for?
7
What is a blockchain and what is one good for?
8
So it’s just a database?
9
What is a blockchain and what is one good for?
Double Spending
If Alice has $10, she can send it to Bob
10
What is a blockchain and what is one good for?
11
What is a blockchain and what is one good for?
Before blockchains:
Hashcash: Currency generated by proof of work
12
Bitcoin
13
What is a blockchain and what is one good for?
Bitcoin
The first blockchain
14
What is a blockchain and what is one good for?
UTXO Model
UTXO = Unspent transaction output
15
What is a blockchain and what is one good for?
Fungible
Divisible
Durable
Transferable
16
What is a blockchain and what is one good for?
Bitcoin Mining
Mining generates bitcoins
17
What is a blockchain and what is one good for?
Bitcoin
Currency plus payment system
18
What is a blockchain and what is one good for?
Bitcoin
Rules are notionally set in stone
UTXO model
19
Ripple
A platform for issuing, holding, transferring, and
trading arbitrary assets.
20
Ripple
A platform for issuing, holding, transferring, and trading arbitrary assets.
Some history
Began in 2011
21
Ripple
A platform for issuing, holding, transferring, and trading arbitrary assets.
Ledger
Ledger replaces UTXO
22
Ripple
A platform for issuing, holding, transferring, and trading arbitrary assets.
Ledger
Contains transactions
Contains metadata
23
Ripple
A platform for issuing, holding, transferring, and trading arbitrary assets.
Consensus
Distributed agreement protocol similar to PBFT
24
Ripple
A platform for issuing, holding, transferring, and trading arbitrary assets.
All honest servers place a high value on agreement, second only to correctness
25
Consensus
Establishes transaction ordering
26
Consensus
Establishes transaction ordering
27
Consensus
Establishes transaction ordering
Avalanche to consensus
28
Consensus
Establishes transaction ordering
Valid transactions that do not get into the consensus set will be voted into the
next set by all honest validators
29
Ripple
A platform for issuing, holding, transferring, and trading arbitrary assets.
Advantages of consensus
No rotating dictators
Fast
30
Ripple
A platform for issuing, holding, transferring, and trading arbitrary assets.
Advantages of ledgers
Reliable agreement on network state
31
Ripple
A platform for issuing, holding, transferring, and trading arbitrary assets.
Key Features
Open source, ISC license
32
How RCL Works
33
How RCL Works
Arbitrary assets
Assets are identified by issuer and currency
34
Accounts
Identities in the network
Dave Edward
35
Trust Lines
A directed graph
Dave Edward
36
Balances
Having money
$100
Physical World
Alice Bob
37
Balances
Having money
$100
Physical World
Alice Bob
38
Issuance
Digitizing money
$100
Physical World
Alice Bob
39
Issuance
Digitizing money
$100
Physical World
Alice Bob
40
Transfer
Payments work
$100
Alice Bob
Charlie
41
Transfer
Payments work
Alice Bob
Charlie
42
Transfer
Payments work
Alice Bob
Charlie
43
Usability?
Not so much
Dave Edward
44
Gateways
Hubs of trust
45
Gateways
Islands of trust
46
Gateways
Islands of trust
Offers
47
How RCL Works
Arbitrary assets
Money does not really move
48
How RCL Works
Social credit
Instead of borrowing money, exchange IOUs of equal value
49
Allowance
Social credit
$100
$100
50
Allowance
Social credit
$100
$100
51
Allowance
Social credit
$100
$40
52
How RCL Works
Social credit
Works on RCL today
53
Private Blockchains
54
Why would anyone want a private blockchain?
Private blockchains
Participants are controlled
55
Why would anyone want a private blockchain?
Private blockchains
Attacks can be mitigated
Can be managed
56
Why would anyone want a private blockchain?
Private blockchains
Good for organizations of frenemies
Redundancy is built in
Can be self-governing
57
One Ledger to Rule Them All
58
One Ledger to Rule Them All
59
One Ledger to Rule Them All
60
61
Ledgers track accounts and balances
Ledger
Sender (Alice) Recipient (Bob)
62
But not everyone is on the same ledger
63
Connectors relay money
64
Connectors relay money
Chloe 100
100 100
Chloe 0
65
What if the connector drops it?
66
Money would be lost
100
Chloe 100
67
Escrow provides security
68
Ledger-provided escrow reduces risk
Escrow 0 Escrow 0
69
Funds are escrowed from left to right
Escrow
70
Sender puts funds into escrow
Alice 100
100
71
Connector put funds into escrow
Chloe 100
100
72
Transfers are executed right to left
Execution
73
Recipient signs receipt
74
Receipt releases funds from escrow
Escrow 100
100
75
Receipt releases funds from escrow
Bob 100
76
How does the connector get reimbursed?
77
Connector gets receipt from ledger
78
Connector passes on the receipt
79
Receipt releases funds from escrow
Escrow 100
100
80
Payment is complete
Chloe 100
81
Transfers are escrowed L2R, executed R2L
Escrow
Execution
82
Interledger
The ledger just needs to support two operations
83
Interledger
Cryptoconditions specify the release rules
84
Interledger
Leverages the trust that already exists
85
Bob
86
Bob
Does not want Alice to have proof of payment unless he is assured funds
87
Alice
88
Alice
Does not want to lose funds without a receipt Bob must honor
89
Chloe
90
Chloe
91
Mission Accomplished!
Escrow
Execution
92
Is it really that simple?
93
Sometimes
94
Sender puts funds into escrow
Alice 100
100
95
Release condition is payment to recipient
Alice 100
100
96
But what is the failure condition?
Alice 100
100
97
Failure conditions
Connector cannot meet payment terms
98
Failure conditions
Sender wants fast release
99
Low-value payments
You can use a release time
100
High-value payments
Must ensure agreement on transaction success or failure
101
Byzantine Generals
102
Byzantine Generals Problem
Each side should commit if, and only if, the other side will
But that will never happen unless one side commits irrevocably first
But we cannot commit irrevocably until we know the other side has
103
PBFT
Byzantine agreement protocol
104
Byzantine Generals Problem
High-value payments in ILP is a BG problem
Consensus is a BG problem
105
Byzantine Generals in ILP
Very easy to solve
106
What about blockchains?
Easy for private blockchains
107
Now that we’re all experts
108
Development Challenges
109
Attack surface
Public APIs
110
Blockchain development challenges
Resource Management
We have to keep up with the network
We have to cache
111
Data Representation
Binary Formats
Transactions need to be signed
112
Data Representation
Binary Formats
Non-binary representations are convenient too
113
Blockchain development challenges
Performance
Some tasks are embarrassingly parallel
It is all important
114
Blockchain development challenges
Isolation
Transaction operations must be deterministic
115
Meeting challenges with C++
116
C++ features
Move semantics
Expensive types can have value semantics
117
C++ features
Lambdas
Enables visitor patterns
118
C++ features
Compile-time polymorphism
Polymorphic code gets fully-optimized
119
C++ features
Type composition
Write code once
boost::optional
std::shared_ptr / std::weak_ptr
120
C++ features
Code isolation
Namespaces
121
C++ features
Mature tools
We have at least three solid compilers
122
C++ features
Hand-optimized primitives
Very little code is worth hand-optimizing
124
C++ features
Slicing Problem
Had to include one bad thing
125
Slicing
Unique pointers
Shared pointers
Clone idiom
126
Slicing
127
Winning
128
#Winning
129
Caching
Use pins an item in the cache, good things happen for free
130
Caching
131
NuDB
132
NuDB
133
NuDB
134
NuDB
Tradeoffs
Assumes caching is useless
135
NuDB
Tradeoffs
What is the best you can do?
136
NuDB
Design features
Data is append only
137
NuDB
Design features
Index consists of hash buckets
138
NuDB
C++ features
Header only
Templated visitor
Compile-time asserts
139
NuDB
Templated visitor
template <class Codec, class Function>
bool
visit(
std::size_t read_size,
Function&& f)
{
140
NuDB
Static assert
using hash_t = uint48_t;
static_assert(field<hash_t>::size<=sizeof(std::size_t),"");
141
Using C++
Beast
Header only
142
Using C++
Beast
143
Using C++
144
Using C++
Solution: templates
Concepts are light
145
Using C++
Solution: templates
template <class TIn, class TOut>
class TOfferStreamBase
...
protected:
147