Crypto Wallet Main Net Testing When Wallet 2

When Wallet?

Cryptocurrency Wallet When Wallet 2

When Universal Cryptocurrency Wallet?

At Ethos we take our community questions, concerns and inquiries very seriously. So in transparent fashion we wanted to write an article to directly address a common question about the Ethos Universal Cryptocurrency Wallet that’s been popping up on our social channels, “When wallet?”

Unlike many dapps being launched in the blockchain industry, Ethos has thousands of global users ready to download and use the app upon its immediate release. In fact, Ethos already has well over 100,000 people pre-registered for the Ethos Universal Cryptocurrency Wallet, from over 40-countries.

Due to the large-scale support and anticipation of our upcoming wallet release, we have to undergo a very specialized type of load testing, to ensure that we can on-board our users seamlessly.

Below is a summary of the status of our Universal Cryptocurrency Wallet Release.

A Scalable Decentralized Architecture

The Ethos Universal Cryptocurrency Wallet design is unique in that, 1) it is intended to create a massively decentralized architecture that enables self-custody of assets. And 2) that it can sync with generalized abstracted blockchains. This scale architecture has turned out to be a massive undertaking (good thing we didn’t know when we started), but one that we believe has profound implications for cryptocurrency, blockchain and traditional finance.

Let’s take a specific example and say you want to store your own Ethereum. You don’t want to synchronize your mobile device with the 100+ gigabytes of data in the Ethereum blockchain. Rather, you just want to know which transactions are yours and be able to broadcast, sign and approve transactions related to your device. We built this through an open API architecture, Ethos Bedrock.

The maxim held true, “the last 10% takes 90% of the time”. But the result entails a scalable architecture we can continue to utilize for future upgrade iterations of our technology.

Ethos Universal Cryptocurrency Wallet is Testing on Mainnet

Our Ethos developers and internal team members are now testing the Ethos Universal Crypto Wallet on Mainnet using crypto connected to the blockchain.

The blockchains of various cryptocurrencies are syncing properly with the Ethos Universal Cryptocurrency Wallet. Ethos is finalizing certain elements of our charting and Watchfolio functionalities for various cryptocurrencies to optimize our real-time analytics.

There were a few delays but all bugs have been resolved, none of which pertain to security vulnerabilities.

Ethos Universal Cryptocurrency Wallet has Passed All Security Check Milestones

While the on-boarding of a multitude of cryptocurrencies has taken some time, the Ethos wallets inside of the application have passed all security check milestones.

We are extremely proud of how secure and battle-tested our application will be at the time of launch, as we have been exhaustive in this process.

While we completely understand the frustration with the length of time it’s taken for us to release our dapp – we felt it imperative to ensure that our features are flawless and that security – our top priority – is failsafe.

To be clear, we are finalizing testing. There are no security issues or security flaws affecting the wallet and holding back its release.

Ethos Product Council & Genesis Release

Ethos is excited to welcome over 2,200+ community members to be the first to use, test and report their Universal Cryptocurrency Wallet experience to Ethos.

The Product Council members received the invite to download the app on the Android and iOS app store. They are actively using the app on Mainnet, performing tons of transactions in real-time with Bitcoin, Ethereum and a large variety of ERC-20 tokens.

So far the feedback has been resoundingly positive, especially regarding the intuitive and friendly UI. This is a major milestone for the Universal Wallet, as we are flushing out any performance abnormalities to make sure it’s fully optimized for our global release.

The Ethos Universal Cryptocurrency Wallet Released to Specific Countries in Batches

In order to assure a smooth on-boarding of users to the Ethos Universal Crypto Wallet, we will be announcing its release to specific countries in batches. During our release campaign, we will be spontaneously announcing the UW Release in specific countries on a nearly daily basis.

We anticipate to on-board as many, but not limited to, 5 countries a week. Please stay tuned for our announcement for when your country will be set to receive the Universal Wallet.

The Ethos Universal Cryptocurrency Wallet will be Released on Android & iOS App Stores

When the wallet is ready for its release – the Ethos Universal Cryptocurrency Wallet will be released directly for download on the Android & iOS app Stores.

Similar to downloading any traditional app, all you will have to do is visit the app store and click download to start the process of activating your Universal Wallet and creating your first SmartKeys and Watchfolios.

Ethos Announces Partnership with Fusion Financial Advisors

Ethos has confirmed a partnership with Fusion Financial Advisors, LLC.

“We are thrilled to announce that Fusion Financial Advisors, LLC (“Fusion”) is now one of the first federally registered investment advisors regulated in the United States, offering diversified portfolios consisting of cryptocurrencies.”

Read the full article on Medium Here

So, When Wallet?

As a team, we wish that we could answer that question with full transparency and accuracy to give everyone a clear expectation on the wallet’s release. However, due to the pending tasks outlined above, we cannot at this time provide exact timing.

We can assure you that the app is nearing its release and we are in the homestretch. You should expect the Ethos Universal Wallet in select app-stores soon.

The Ethos Universal Wallet is testing wonderfully and we are confident that it will be released with more enhanced features than any other app with similar functionality.

We appreciate your patience. Stay tuned, the future is bright!


Ethos Universal Cryptocurrency Wallet is Now Testing on Mainnet!

Ethos Universal Multi Cryptocurrency Wallet is Now Testing on Mainnet!

Ethos has now migrated its Universal Multi Cryptocurrency Wallet from its preliminary testing on test-net, to its operational testing on Mainnet.

 

We know many of you are asking the precise date of when the Universal Coin Wallet will be Released. While we cannot share an exact date, this is a critical step on the path of its release to the app-store for iOS and Android.

Security and streamlined functionality are the #1 priority of the Ethos Team and by being fully operational on Mainnet – all security features can be confirmed as being fail-safe.

Last week, Ethos on-boarded over 2,000 qualified, international individuals to their Product Council for testing of the Ethos Universal Wallet. The Product Council went through a very thorough approval process, and we thank them for their effort in completing the process.They will be on-boarded into the app soon.

The members of the Product Council are providing feedback on…

  • Reporting bugs in the Ethos Bug Bounty Program.
  • Creating new wallets for various coins.
  • Sending and receiving crypto from wallet to wallet.
  • And giving feedback on the overall user experience of the Ethos Universal Wallet.

Ethos is now in the process of on-boarding and training these product testers, and receiving their responses to iterate and make necessary improvements. While the existing Product Council is currently operating on Test-Net, the existing Product Council and all 2,000 new Product Council users will go directly to testing on Mainnet at the same time.

The migration to Mainnet means that the the Ethos Core-Team is actively testing all of the features the app will have at its release, using a variety of cryptocurrencies. This will be followed by the Product Council testing the app directly on Mainnet as well.

Ethos Universal Cryptocurrency Wallet Features at Release Include, but are not Limited to…

  • Creating you Smart Key for your Universal Crypto Wallet
  • Creating Wallets for Specific Coins
  • Implementing self-custody your coins
  • Sending & receiving cryptocurrency within your wallets
  • Charts and portfolio management

Want to take a look inside the Universal Cryptocurrency Wallet?

Here is a video one of our initial Product Council testers created! A Big Thank You to @Stagea76 on Telegram for creating this!(Disclaimer: This video was done while Ethos was still in Testnet – although Mainnet Testing is Active)

We are excited to be announcing this major step for the Ethos Universal Crypto Wallet – and offer a big thank you and welcome to our highly-engaged community who are now helping us test the Universal Wallet.

Stay tuned for more announcements from the Ethos Team!


Cryptocurrency Wallet Annoucement Netherlands

Recap: Crypto Crow’s Live Exclusive Interview with Shingo Lavine

Ethos CEO Shingo Lavine joined the charismatic Crypto Crow (Jason Appleton) via live stream on Monday to make three special announcements. The days leading up to the interview, it was hinted that Shingo might reveal which country would be first to receive the Universal Wallet and…

*drum roll*

Instantly, the comments about which country would be next started to pour in on social media! Will it be Germany? Italy? USA?

So it’s a good thing Shingo’s also announced our forthcoming Ethos Global Rollout Page. It’s here that we’ll track the journey of the Universal Wallet as it become available across the world. We anticipate WhenWallet-ers will be hitting refresh on this page often. Stay close with us on social and check your inbox for the official launch date of our Global Rollout Page.

Until then, here’s a sneak peek:

Finally, in response to the growing and glowing community support we’ve received since the East Coast Ethos Summit last month, we are so pleased to introduce our Ambassador Program. This is an opportunity for our extended Ethos family around the world to host events and spread crypto and blockchain awareness through an Ethos lens. More on the Ambassador Program to come!

In the meantime and because we know you don’t want to miss a beat, you can watch the Crypto Crow interview again here!

 

 

Pre-Register for Ethos Universal Wallet!
Pre-register today and find out first when the app is ready for wide release! Plus to say thanks for all the passion and support, we'll be rewarding our pre-registered community with some pretty awesome perks.
Sign Up
Sign up for Ethos News!
Stay in the know with latest updates – and sign up for our Blockchain Finance or Knowledge Base content series.
Sign Up


Blockchains Technology Computers

Blockchains from a Distributed Computing Perspective

Blockchains from a Distributed Computing Perspective by Maurice Herlihy, Brown University


1 INTRODUCTION

Bitcoin first appeared in a 2008 white paper authored by someone called Satoshi Nakamoto [15], the mysterious deus abscondidus of the blockchain world. Today, cryptocurrencies and blockchains are very much in the news. Much of this coverage is lurid, sensationalistic, and irresistible: roller-coaster prices and instant riches, vast sums of money stolen or inexplicably lost, underground markets for drugs and weapons, and promises of libertarian utopias just around the corner.

This article is a tutorial on the basic notions and mechanisms underlying blockchains, colored by the perspective that much of the blockchain world is a disguised, sometimes distorted, mirror-image of the distributed computing world.

This article is not a technical manual, nor is it a broad survey of the literature (both widely available elsewhere). Instead, it attempts to explain blockchain research in terms of the many similarities, parallels, semi-reinventions, and lessons not learned from distributed computing. This article is intended mostly to appeal to blockchain novices, but perhaps it will provide some insights to those familiar with blockchain research but less familiar with its precursors.

 

2 THE LEDGER ABSTRACTION

The abstraction at the heart of blockchain systems is the notion of a ledger, an invention of the Italian Renaissance originally developed to support double-entry bookkeeping, a distant precursor of modern cryptocurrencies. For our purposes, a ledger is just an indelible, append-only log of transactions that take place between various parties. A ledger establishes which transactions happened (“Alice transferred 10 coins to Bob”), and the order in which those transactions happened (“Alice transferred 10 coins to Bob, and then Bob transferred title to his car to Alice”). Ledgers are public, accessible to all parties, and they must be tamper-proof: no party can add, delete, or modify ledger entries once they have been recorded. In short, the algorithms that maintain ledgers must be fault-tolerant, ensuring the ledger remains secure even if some parties misbehave, whether accidentally or maliciously.

 

2.1 Blockchain Ledger Precursors

It is helpful to start by reviewing a blockchain precursor, the so-called universal construction for lock-free data structures [12].

Alice runs an online news service. Articles that arrive concurrently on multiple channels are placed in an in-memory table where they are indexed for retrieval. At first, Alice used a lock to synchronize concurrent access to the table, but every now and then, the thread holding the lock would take a page fault or a scheduling interrupt, leaving the articles inaccessible for too long. Despite the availability of excellent textbooks on the subject [13], Alice was uninterested in customized lock-free algorithms, so she was in need of a simple way to eliminate lock-based vulnerabilities.

She decided to implement her data structure in two parts. To record articles as they arrive, she created a ledger implemented as a simple linked list, where each list entry includes the article and a link to the entry before it. When an article arrives, it is placed in a shared pool, and a set of dedicated threads, called miners (for reasons to be explained later), collectively run a repeated protocol, called consensus, to select which article to append to the ledger. Here, Alice’s consensus protocol can be simple: each thread creates a list entry, then calls a compare-and-swap instruction to attempt to make that entry the new head of the list.

Glossing over some technical details, to query for a recent article, a thread scans the linked-list ledger. To add a new article, a thread adds the article to the pool, and waits for for a miner to append it to the ledger.

This structure may seem cumbersome, but it has two compelling advantages. First, it is universal: it can implement any type of data structure, no matter how complex. Second, all questions of concurrency and fault-tolerance are compartmentalized in the consensus protocol.

A consensus protocol involves a collection of parties, some of whom are honest, and follow the protocol, and some of whom are dishonest, and may depart from the protocol for any reason. Consensus is a notion that applies to a broad range of computational models. In some contexts, dishonest parties might simply halt arbitrarily (so-called crash failures), while in other contexts, they may behave maliciously (so-called Byzantine failures). In some contexts, parties communicate through objects in a shared memory, and in others, they exchange messages. Some contexts restrict how many parties may be dishonest, some do not.

In consensus, each party proposes a transaction to append to the ledger, and one of these proposed transaction is chosen. Consensus ensures: (1) agreement: all honest parties agree on which transaction was selected„ (2) termination: all honest parties eventually learn the selected transaction, and (3) validity: the selected transaction was actually proposed by some party.

Consensus protocols have been the focus of decades of research in the distributed computing community. The literature contains many algorithms and impossibility results for many different models of computation (see surveys in [1, 13]).

Because ledgers are long-lived, they require the ability to do repeated consensus to append a stream of transactions to the ledger. Usually, consensus is organized in discrete rounds, where parties start round r + 1 after round r is complete.

Of course, this shared-memory universal construction is not yet a blockchain, because although it is concurrent, it is not distributed. Moreover, it does not tolerate truly malicious behavior (only crashes). Nevertheless, we have already introduced the key concepts underlying blockchains.

 

2.2 Private Blockchain Ledgers

Alice also owns a frozen yogurt parlor, and her business is in trouble. Several recent shipments of frozen yogurt have been spoiled, and Bob, her supplier, denies responsibility. When she sued, Bob’s lawyers successfully pleaded that not only had Bob never handled those shipments, but they were spoiled when they were picked up at the yogurt factory, and they were in excellent condition when delivered to Alice’s emporium.

Alice decides it is time to blockchain her supply chain. She rents some cloud storage to hold the ledger, and installs internet-enabled temperature sensors in each frozen yogurt container. She is concerned that sensors are not always reliable (and that Bob may have tampered with some), so she wires the sensors to conduct a Byzantine fault-tolerant consensus protocol [4], which uses several rounds of voting to ensure that temperature readings cannot be distorted by a small number of of faulty or corrupted sensors. At regular intervals, the sensors reach consensus on the current temperature. They timestamp the temperature record, and add a hash of the prior record, so that any attempt to tamper with earlier records will be detected when the hashes do not match. They sign the record to establish authenticity, and then append the record to the cloud storage’s list of records.

Each time a frozen yogurt barrel is transferred from Carol’s factory to Bob’s truck, Bob and Carol sign a certificate agreeing on the change of custody. (Alice and Bob do the same when the barrel is delivered to Alice.) At each such transfer, the signed change-of-custody certificate is timestamped, the prior record is hashed, the current record is appended to the cloud storage’s list.

Alice is happy because she can now pinpoint when a yogurt shipment melted, and who had custody at the time. Bob is happy because he cannot be blamed if the shipment had melted before he picked it up at the factory, and Carol is similarly protected.

Here is a point that will become important later. At every stage, Alice’s supply-chain blockchain includes identities and access control. The temperature sensors sign their votes, so voter fraud is impossible. Only Alice, Bob, and Carol (and the sensors) have permission to write to the cloud storage, so it is possible to hold parties accountable if someone tries to tamper with the ledger.

In the shared-memory universal construction, a linked list served as a ledger, and an atomic memory operation served as consensus. Here, a list kept in cloud storage serves as a ledger, and a combination of Byzantine fault-tolerant voting and human signatures serves as consensus. Although the circumstances are quite different, the “ledger plus consensus” structure is the same.

 

3 PUBLIC BLOCKCHAIN LEDGERS

Alice sells her frozen yogurt business and decides to open a restaurant. Because rents are high and venture capitalists rapacious, she decides to raise her own capital via an intriguing coupon offering (ICO): she sells digital certificates redeemable for discount meals when the restaurant opens. Alice hopes that her ICO will go viral, and soon people all over the world will be clamoring to buy Alice’s Restaurant’s coupons (many with the intention of reselling them at a markup).

Alice is media-savvy, and she decides that her coupons will be more attractive if she issues them as cryptocoupons on a blockchain. Alice’s cryptocoupons have three components: a private key, a public key, and a ledger entry (see sidebar). Knowledge of the private key confers ownership: anyone who knows that private key can transfer ownership of (“spend”) the coupon. The public key enables proof of ownership: anyone can verify that a message encrypted with the private key came from the coupon’s owner. The ledger conveys value: it establishes the link between the public key and the coupon with an entry saying: “Anyone who knows the secret key matching the following public key owns one cryptocoupon”.

Suppose Bob owns a coupon, and decides to transfer half of it to Carol, and keep the other half for himself. Bob and Carol each generates a pair of private and public keys. Bob creates a new ledger entry with his current public key, his new public key, and Carol’s public key, saying: “I, the owner of the private key matching the first public key, do hereby transfer ownership of the corresponding coupon to the owners of the private keys matching the next two public keys”. Spending one of Alice’s cryptocoupons is like breaking a $20-dollar bill into two $10-dollar bills: the old coupon is consumed and replaced by two distinct coupons of smaller value. (This structure is called the unspent transaction output (UTXO) model in the literature.)

Next, Alice must decide how to manage her blockchain. Alice does not want to do it herself, because she knows that potential customers might not trust her. She has a clever idea: she will crowdsource blockchain management by offering additional coupons as a fee to anyone who volunteers to be a miner, that is, to do the work of running a consensus protocol. She sets up a shared bulletin board (sometimes called a peer-to-peer network) to allow coupon aficionados to share data. Customers wishing to buy or sell coupons post their transactions to this bulletin board. A group of volunteer miners pick up these transactions, batch them into blocks for efficiency, and collectively execute repeated consensus protocols to append these blocks to the shared ledger, which is itself broadcast over the bulletin board. Every miner, and everyone else who cares, keeps a local copy of the ledger, kept more-or-less up-to-date over the peer-to-peer bulletin board.

Alice is still worried that crooked miners could cheat her customers. Most miners are probably honest, content to collect their fees, but there is still a threat that even a small number of dishonest miners might collude with one another to cheat Alice’s investors. Alice’s first idea is have miners, identified by their IP addresses, vote via the Byzantine fault-tolerant consensus algorithm [4] used in the frozen yogurt example.

Alice quickly realizes this is a bad idea. Alice has a nemesis, Sybil, who is skilled in the art of manufacturing fake IP addresses. Sybil could easily overwhelm any voting scheme simply by flooding the protocol with “sock-puppet” miners who appear to be independent, but are actually under Sybil’s control.

We noted earlier that the frozen yogurt supply chain blockchain was not vulnerable to this kind of “Sybil attack” because parties had reliable identities: only Alice, Bob, and Carol were allowed to participate, and even though they did not trust one another, each one knew they would be held accountable if caught cheating. By contrast, Alice’s Restaurant’s cryptocoupon miners do not have reliable identities, since IP addresses are easily forged, and a victim would have no recourse if Sybil were to steal his coupons.

Essentially the same problem arises when organizing a street gang: how to ensure that someone who wants to join the gang is not a plain-clothes police officer, newspaper reporter, or just a freeloader? One approach is what sociologists call costly signaling [21]: the candidate is required to do something expensive and hard to fake, like robbing a store, or getting a gang symbol tattoo.

In the public blockchain world, the most common form of costly signaling is called proof of work (PoW). In PoW, consensus is reached by holding a lottery to decide which transaction is appended next to the ledger. Here is the clever part: buying a lottery ticket is a form of costly signaling because, well, it is costly: expensive in terms of time wasted and electricity bills. Sybil’s talent for impersonation is useless to her if each of her sock puppet miners must buy an expensive, long-shot lottery ticket.

Specifically, in the PoW lottery, miners compete to solve a useless puzzle, where solving the puzzle is hard, but proving one has solved the puzzle is easy (see sidebar). Simplifying things for a moment, the first miner to solve the puzzle wins the consensus, and gets to choose the next block to append to the ledger. That miner also receives a fee (another coupon), but the other miners receive nothing, and must start over on a new puzzle.

As hinted, the previous paragraph was an oversimplification. In fact, PoW consensus is not really consensus. If two miners both solve the puzzle at about the same time, they could append blocks to the blockchain in parallel, so that neither block precedes the other in the chain. When this happens, the blockchain is said to fork. Which block should subsequent miners build on? The usual answer is to build on the block whose chain is longest, although other approaches have been suggested [19].

As a result, there is always some uncertainty whether a transaction on the blockchain is permanent, although the probability that a block, once on the blockchain, will be replaced decreases exponentially with the number of blocks that follow it [8]. If Bob uses Alice’s cryptocoupons to buy a car from Carol, Carol would be prudent to wait until Bob’s transaction is fairly deep in the blockchain to minimize the chances that it will be displaced by a fork.

Although PoW is currently the basis for the most popular cryptocurrencies, it is not the only game in town. There are multiple proposals where cryptocurrency ownership assumes the role of costly signaling, such as Ethereum’s Casper [2] or Algorand [9]. Cachin and Vukolic [3] give a comprehensive survey of blockchain consensus protocols.

 

3.1 Discussion

The distinction between private (or permissioned) blockchain systems, where parties have reliable identities, and only vetted parties can participate, and public (or permissionless) blockchain systems, where parties cannot be reliably identified, and anyone can participate, is critical for making sense of the blockchain landscape.

Private blockchains are better suited for business applications, particularly in regulated industries, like finance, subject to know-your-customer and anti-money-laundering regulations. Private blockchains also tend to be better at governance, for example, by providing orderly procedures for updating the ledger protocol [11]. Most prior work on distributed algorithms has focused on systems where participants have reliable identities.

Public blockchains are appealing for applications such as Bitcoin, which seek to ensure that nobody can control who can participate, and participants may not be eager to have their identities known. Although PoW was invented by Dwork and Naor [6] as a way to control spam, Nakamoto’s application of PoW to large-scale consensus was a genuine innovation, one that launched the entire blockchain field.

 

4 SMART CONTRACTS

Most blockchain systems also provide some form of scripting language to make it easier to add functionality to ledgers. Bitcoin provides a rudimentary scripting language, while Ethereum [7] provides a Turing-complete scripting language. Such programs are often called smart contracts (or contracts) (though they are arguably neither smart nor contracts).

Here are some examples of simple contract functionality. A hashlock h prevents an asset from being transferred until the contract receives a matching secret s, where h = H(s), for H a cryptographic hash function (see sidebar). Similarly, a timelock t prevents an asset from being transferred until a specified future time t.

Suppose Alice wants to trade some of her coupons to Bob in return for some bitcoins. Alice’s coupons live on one blockchain, and Bob’s Bitcoin live on another, so they need to devise an atomic cross-chain swap protocol to consummate their deal. Naturally, neither one trusts the other.

Here is a simple protocol. Let us generously assume 24 hours is enough time for anyone to publish a smart contract on either blockchain, and for the other party to detect that that contract has been published.

• Alice creates a secret s, h = H(s), and publishes a contract on the coupon blockchain with hashlock h and timelock 48 hours in the future, to transfer ownership of some coupons to Bob.

• When Bob con rms that Alice’s contract has been published on the coupon blockchain, he publishes a contract on the Bitcoin blockchain with the same hashlock h but with timelock 24 hours in the future, to transfer his bitcoins to Alice.

• When Alice confirms that Bob’s contract has been published on the Bitcoin blockchain, she sends the secret s to Bob’s contract, taking possession of the bitcoins, and revealing s to Bob.

• Bob sends s to Alice’s contract, acquiring the coupons and completing the swap.

function withdraw(uint amount) {

client = msg.sender;

if (balance[ client ] >= amount} {

if (client.call.sendMoney(amount)){

balance[ client ] −= amount;

}}}

Fig. 1. Pseudocode for DAO-like contract

function sendMoney(unit amount) {

victim = msg.sender;

balance += amount;

victim . withdraw(amount)

}

Fig. 2. Pseudocode for DAO-like exploit

• Bob sends s to Alice’s contract, acquiring the coupons and completing the swap.

If Alice or Bob crashes during steps one or two, then the contracts time out and refund their assets to the original owners. If either crashes during steps three and four, then only the party who crashes ends up worse off. If either party tries to cheat, for example, by publishing an incorrect contract, then the other party can simply halt and its asset will be refunded. Alice’s contract needs a 48-hour timelock to give Bob enough time to react when she releases her secret before her 24 hours are up.

This example illustrates the power of smart contracts. There are many other uses for smart contracts, including offchain transactions [16], where assets are transferred back and forth off of the blockchain for efficiency, using the blockchain only to settle balances at infrequent intervals.

 

4.1 Smart Contracts as Objects

A smart contract resembles an object in an object-oriented programming language. A contract encapsulates long-lived state, a constructor to initialize that state, and one or more functions (methods) to manage that state. Contracts can call one another’s functions.

In Ethereum, all contracts are recorded on the blockchain, and the ledger includes those contracts’ current states. When a miner constructs a block, if fills that block with smart contracts and executes them one-by-one, where each contract’s final state is the next contract’s initial state. These contract executions occur in order, so it would appear that there is no need to worry about concurrency.

 

4.2 Smart Contracts as Monitors

The Decentralized Autonomous Organization (DAO) was an investment fund set up in 2016 to be managed entirely by smart contracts, with no direct human administration. Investors could vote on how the fund’s funds would be invested. At the time, there were breathless journalistic accounts explaining how the DAO wold change forever the shape of investing [17, 20].

Figure 1 shows a fragment of a DAO-like contract, illustrating a function that allows an investor to withdraw funds. First, the function extracts the client’s address (Line 2), then checks whether the client has enough funds to cover the withdrawal (Line 3). If so, the funds are sent to the client through an external function call (Line 4), and if the transfer is successful, the client’s balance is decremented (Line 5).

This code is fatally flawed. In June 2016, someone exploited this function to steal about $50 million funds from the DAO. As noted, the expression in Line 3 is a call to a function in the client’s contract. Figure 2 shows the client’s code. The client’s contract immediately calls withdraw() again (Line 4). This re-entrant call again tests whether the client has enough funds to cover the withdrawal (Line 3), and because withdraw() decrements the balance only after the nested call is complete, the test erroneously passes, and the funds are transferred a second time, then a third, and so on, stopping only when the call stack overflows.

This kind of re-entrancy attack may at first glance seem like an exotic hazard introduced by a radically new style of programming, but if we change our perspective slightly, we can recognize a pitfall familiar to any undergraduate who has taken a concurrent programming course.

First, some background. A monitor is a concurrent programming language construct invented by Hoare [14] and Brinch Hansen [10]. A monitor is an object with a built-in mutex lock, which is acquired automatically when a method is called and released when the method returns. (Such methods are called synchronized methods in Java.) Monitors also provide a wait () call that allows a thread to releases the monitor lock, suspend, eventually awaken, and reacquire the lock. For example, a thread attempting to consume an item from an empty bu er could call wait () to suspend until there was an item to consume.

The principal tool for reasoning about the correctness of a monitor implementation is the monitor invariant, an assertion which holds whenever no thread is executing in the monitor. The invariant can be violated while a thread is holding the monitor lock, but it must be restored when the thread release the lock, either by returning from a method, or by suspending via wait () .

If we view smart contracts through the lens of monitors and monitor invariants, then the re-entrancy vulnerability looks very familiar. An external call is like a suspension, because even though there is no explicit lock, the call makes it possible for a second program counter to execute that contract’s code concurrently with the first program counter. The DAO-like contract shown here implicitly assumed the invariant that each client’s entry in the balance table reflects its actual balance. The error occurred when the invariant, which was temporarily violated, was not restored before giving up the (virtual) monitor lock by making an external call.

Here is why the distributed computing perspective is valuable. When explained in terms of monitors and monitor invariants, the reentrancy vulnerability is a familiar, classic concurrency bug, but when expressed in terms of smart contracts, it took respected, expert programmers by surprise, resulting in substantial disruption and embarrassment for the DAO investors, and required essentially rebooting the Ethereum currency itself [5].

 

4.3 Smart Contracts as Read-Modify-Write Operations

The ERC20 token standard is the basis for many recent initial coin offerings (ICOs), a popular way to raise capital for an undertaking without actually selling ownership. The issuer of an ERC20 token controls token creation. Tokens can be traded or sold, much like Alice’s Restaurant’s coupons discussed earlier. ERC20 is a standard, like a Java interface, not a particular implementation.

An ERC20 token contract keeps track of how many tokens each account owns (the balances mapping at Line 3), and also how many tokens each account will allow to be transferred to each other account (the allowed mapping at Line 5). The approve() function (Lines 9-13) adjusts the limit on how many tokens can be transferred at one time to another account. It updates the allowed table (Line 10), and generates a blockchain event to make these changes easier to track (Line 11). The allowance () function queries this allowance (Lines 14-16).

The transferFrom function (Lines 17-23) transfers tokens from one account to another, and decreases the allowance by a corresponding amount. This function assumes the recipient has su cient allowance for the transfer to occur.

Here is how this specification can lead to undesired behavior. Alice calls approve() to authorize Bob to transfer as many as 1000 tokens from her account to his. Alice has a change of heart, and issues a transaction to reduce Bob’s allowance to a mere 100 tokens. Bob learns of this change, and before Alice’s transaction makes it onto the blockchain, Bob issues a transferFrom () call for 1000 tokens to a friendly miner, who makes sure that Bob’s transaction precedes Alice’s in the next block. In this way, Bob successfully withdraws his old allowance of 1000 tokens, setting his authorization to zero, and then, just to spite Alice, he withdraws his new allowance of 100 tokens. In the end, Alice’s attempt to reduce Bob’s allowance from 1000 to 10 made it possible for Bob to withdraw 1100 tokens, which was not her intent.

In practice, ERC20 token implementations often employ ad-hoc workarounds to avoid this vulnerability, the most common being to redefine the meaning of allow () so that it will reset an allowance from a positive value to zero, and in a later call, from zero to the new positive value, but will fail if asked to reset an allowance from one positive value to another.

The problem is that approve() blindly overwrites the old allowance with the new allowance, regardless of whether the old allowance has changed. This practice is analogous to trying to implement an atomic decrement as shown in Figure 4. Here, the decrement method reads the shared counter state into a local variable (Line 4), increments the local variable (Line 5), and stores the result back in the shared state (Line 6). It is not hard to see that this method is incorrect if it can be called by concurrent threads, because the shared state can change between when it was read at Line 4 and when it was written at Line 6. When explained in terms of elementary concurrent programming, this concurrency flaw is obvious, but when expressed in terms of smart contracts that ostensibly do not need a concurrency model, the same design flaw was immortalized in a token standard with a valuation estimated in billions of dollars.

 

4.4 Discussion

We have seen that the notion that smart contracts do not need a concurrency model because execution is single-threaded is a dangerous illusion. Sergey and Hobor [18] give an excellent survey of pitfalls and common bugs in smart contracts that are disguised versions of familiar concurrency pitfalls and bugs. Atzei et al. provide a comprehensive survey of vulnerabilities in Ethereum’s smart contract design.

 

5 CONCLUSIONS

Radical innovation often emerges more readily from outside an established research community than from inside. Would Nakamoto’s original Bitcoin paper have been accepted to one of the principal distributed conferences back in 2008? We will never know, of course, but the paper’s lack of a formal model, absence of rigorous proofs, and lack of performance numbers would have been a handicap.

Today, blockchain research is one of the more vibrant areas of computer science, with the potential of revolutionizing how our society deals with trust. The observation that many blockchain constructs have underacknowledged doppelgängers (or at least, precursors) is not a criticism of either research community, but rather an appeal to each side to pay more attention to the other.

 

6 SIDEBAR: PUBLIC AND PRIVATE KEYS

Modern cryptography is based on the notions of matching public and private keys. Any string encrypted by one can be decrypted by the other. Encrypting a message with Alice’s public key yields a message only Alice can read, and encrypting a message with Alice’s private key yields a digital signature, a message everyone can read but only Alice could have produced.

 

7 SIDEBAR: CRYPTOGRAPHIC HASH FUNCTION

A cryptographic hash function H(·) has the property that for any value v, it is easy to compute H (v ), but it is infeasible to discover a v′ ≠ v such that H(v′) = H(v).

 

8 SIDEBAR: PROOF OF WORK PUZZLES

Here is puzzle typical of those used in PoW implementations. Let b be the block the miner wants to append to the ledger, H(·) a cryptographic hash function, and “·” concatenation of binary strings. The puzzle is to find a value c such that H(b · c) < D, where D is a difficulty setting (the smaller D, the more difficult). Because H is difficult to invert, there is no way to find c substantially more efficient than exhaustive search.

contract ERC20Example {

// Balances for each account

mapping(address=>uint256) balances;

// Owner of account approves the transfer of an amount to another account

mapping(address=>mapping(address=>uint256)) allowed;

// other fields omitted

...

// Allow spender to withdraw from your account , multiple times, up to the amount .

function approve(address spender, uint amount) public returns (bool success) { allowed[msg.sender][spender] = amount; // alter approval Approval(msg.sender, spender, amount); // blockchain event

return true;

}

function allowance(address tokenOwner, address spender) public returns ( uint remaining) {

return allowed[tokenOwner][spender]; }

function transferFrom(address from, address to, uint tokens) public (bool success) { balances[from] = balances[from].sub(tokens );

allowed[from][msg.sender] = allowed[from][msg.sender].sub(tokens );

balances[to] = balances[to].add(tokens);

Transfer(from, to, tokens);

return true; }

... // other functions omitted

}

Fig. 3. ERC20 Token example

class Counter {

 private int counter;

 public void dec() {

  int temp = counter;
   temp = temp + 1;
   counter = temp; 

 }
 …

}

Fig. 4. An incorrect atomic decrement operation 

To view the original PDF of this article including References, click here.

https://upscri.be/27f3c1/


How Ethos Cryptocurrency Wallet Smart Keys Keep Money Secure

Ethos Smart Keys: How Cryptocurrency Enables Consumers to Protect and Own Their Money

Ethos Cryptocurrency Wallet Smart Keys

How the Universal Cryptocurrency Wallet Smart Keys Enables Consumers to Protect and Own Their Money

Introduction

Cryptocurrencies, such as Bitcoin and Ethereum, bring unique benefits to the world of personal finance by pairing the ability to own and store your digital assets in a cryptocurrency wallet, with the ability to cheaply, securely and almost instantly transfer them to others.

A blockchain, simply put, is an open record keeping system that’s maintained by a peer-to-peer network where everyone has access to read and potentially write data. Because of the open nature of blockchain, it’s absolutely necessary that all the data on the chain is verifiable as authentic and can’t be manipulated after the fact. To guarantee that all of our transactions are authentic, we turn to cryptography which gives us the ability to generate digital signatures and fingerprints.

The Ethos Cryptocurrency Wallet Smart Key is a unique digital signature that is used to verify the authenticity of transactions originating from your wallet. Any time a digital asset is transferred out of your Ethos Universal Multi Cryptocurrency Wallet, your Smart Keys will provide the authorization needed to execute the transaction. Ethos Keys are “Smart” because your one key represents all of your funds, regardless of what form of cryptocurrency you are using. This allows you to backup and restore all of your wallets with a single key phrase.

How safe is it?

Ethos leverages well-tested cryptographic standards and methods to ensure that your Universal Wallet uses an extremely high degree of security. The passphrase is 24 words (vs the 12 word standard used in many wallets) and the keys themselves are 256 bit, meaning uncrackable.

As discussed in the next few sections, the bulk of the security offered by the Ethos Universal Cryptocurrency Wallet and Smart Keys comes from modern cryptographic techniques, such as public-key and elliptic-curve cryptography, and their ability to generate secure and verifiable digital signatures and fingerprints. Let’s first consider some background to fully understand the mathematical magnitude of the protection.

Ciphers, Hashes, and Digital Fingerprints

The concept of a cipher is fundamental to cryptography. The roots of cryptographic hashing go back to 50 BC, during the reign of Julius Caesar and the Roman Empire. At that time, the official means of communication was a courier service that was highly vulnerable to espionage and interception. To throw off their enemies, the emperor and his consul would communicate by scrambling the letters of their messages before sending them. Upon receipt of a message, the letters would have to be unscrambled to reveal the original message.

One method of doing this was to shift every letter over by one, so that every instance of the letter ‘a’ would be replaced by ‘b’, ‘b’ would be replaced by ‘c’, and so on. This now commonly referred to as a Caesar Cipher, or a Shift Cipher, because the method to conceal the message is simply shifting each letter over one.

In this case the message ‘hello’ would become ‘ifmmp’ and the courier tasked with delivering it would ideally not be aware of the method used to scramble the message. Anyone who intercepted this message would also not know what to make of the seemingly nonsensical message. The “key” in this example is the method of encoding the message.

Over the next two thousand years, this idea of a cipher was further developed into that of a cryptographic hash, which in simple terms is a more sophisticated way of scrambling a message so that it’s very difficult to reverse. Hashes also have the property of, given some data, being able to reliably create a unique digital fingerprint of that data.

Everytime you submit a transaction to the blockchain, a fingerprint of your transaction is created and used to link the blocks in the blockchain, ensuring that the data in each block hasn’t been manipulated. For example, if you spend one bitcoin and someone tries to go back and manipulate the record to say you spent 10 bitcoin, it would invalidate all of the fingerprints in the blockchain leading back to that transaction.

Digital Signatures

Public Key Cryptography

Equally fundamental to the field of modern cryptography is the concept of Public Key Cryptography. In Public Key Cryptography there is the notion of a shared public-key that can be used by anyone to encrypt a message; then only you, with the corresponding private-key can decrypt to read the original message.

One of the most important properties of Public Key Cryptography is that, given a key-pair, its possible to generate a signature, digital proof of ownership of addresses that derive from your key. So whenever you send a transaction to the blockchain, it includes a signature proving that you are the owner of that address and therefore authorized to make that transaction. If the signature doesn’t match the public wallet address, the transaction is deemed to be unauthorized and is rejected by the network.

Elliptic Curve Cryptography

Elliptic Curve Cryptography is a type of Public Key Cryptography that makes private and public key generation even more secure due to the mathematical properties of elliptic curves that make it extremely difficult to reverse engineer the private key from the public keys.

Ethos Smart Keys are created from a cryptographically random number known as a seed. Sometimes seeds are created by a random number generator. However, this isn’t 100 percent secure because sometimes a hacker can re-generate a random number by knowing when it was generated and using a timestamp.

To ensure a higher degree of randomness, you generate your seed with a combination of a random number and another random number created by shaking your phone the first time you open the app. The unique signal from this process ensures that no one will be able to guess a non-random seed like your birthday, phone number, or a timestamp.

This seed is then used to generate private and public key-pairs on a secp256k1 Elliptic Curve, the results of which are hashed several times and encoded to reveal your public wallet addresses. By creating your Smart Keys this way, you can safely share your public keys and rest assured that only you have access to spend the funds in those wallets with your private key.

A Brave New World

Now that you know a little bit about the technology we use to secure your Universal Cryptocurrency Wallet, you might want to know exactly what we’re protecting you against. The follow are the most common exploits that are used by “bad actors” to gain control of your funds.

Jailbreaking and Mobile Security

Jailbreaking is a popular method of unlocking non-standard features on your mobile device. While this can be an easy and fun way to personalize your phone, doing so goes around some very important security features of your phone, and can give unauthorized apps the ability to snoop around your phone and potentially sniff out your keys.

While the Ethos Universal Cryptocurrency Wallet does everything it can to secure your keys on your phone, it’s very important that you never jailbreak your phone or install apps that aren’t approved by the app store. We can’t emphasize enough how important it is that you never use the Ethos Universal Wallet on a jailbroken phone.

Dictionary Attacks: Cracking Passwords

Someone who wants to gain unauthorized access to your cryptocurrency funds is going to be most interested in finding out your private key. To crack a password, or in this case a key, a hacker would typically use a “brute force” method and employ what is commonly known as a “Dictionary Attack.” This method involves a linear search through a dictionary of common words, comparing passwords systematically against each word until a match is found. While this may sound like a lot of work, remember that an average computer alone can execute billions of operations per second.

Hypothetically, say someone were to chose the very insecure password “castle”. A dictionary attack on this password would take about 3 seconds, which is the time it would take a computer to try all of the words in the dictionary before “castle” is found as a possible password.

Let’s add a little bit more complexity to this password by adding a random number to the end of it, for example, “castle123”. This seemingly more complex password still takes only 27 seconds to hack.

Stringing together dictionary words, ie, “castleone” would take considerably more time to hack (11 days, 8 hours) but still within the realm of possibility for a properly motivated hacker with the right equipment.

 

 

Good News: There’s Safety in Numbers

As demonstrated, adding just one additional word to a password provides an exponential increase in its security. If we take this idea to the next level, we can quickly generate a password that would take an unimaginable amount of time and energy to guess, with even the most sophisticated computers available.

 

 

Even considering that every 18-months, new computers with twice the computational power are released at half the price, a 12-word password will still be secure for generations to come. And to be extra secure, Ethos uses 24-word passwords.

Introducing the Ethos Cryptocurrency Wallet Smart Keys

An Ethos SmartKey is a unique 256-bit key signature that is yours and yours only. It is generated and secured on your mobile device, and should also be written down on a piece of paper, aka “paper wallet”, and stored in a safe place or memorized.

 

 

When you open the Ethos Universal Multi Cryptocurrency Wallet App for the first time, you are asked to shake your phone to create your first wallet. The shaking motion generates a random number that is impossible to recreate, and your key is generated on your phone based on that random number.

Your key is then automatically mapped to a 24 word phrase that gives you the convenience of backing up and restoring your wallets with an easy to read mnemonic. It’s very important that you physically write this phrase down and keep it in a safe place in case you lose your phone. When you get a new phone you can restore all of your wallets easily by entering the backup-phrase.

 

Important SmartKey Safety Tips

  • Write your backup phrase down in a private place away from any cameras or windows.
  • Never copy / paste your private key, always type it in.
  • Do not store private keys on services like Google Drive or Dropbox
  • Never share your private keys.
  • Reputable firms will never ask for your private keys via email, phone or chat.

How many SmartKeys are there?

SmartKeys are generated with a unique 256-bit signature. There are over 340 trillion trillion trillion different possible SmartKey combinations. To put this number in perspective, that’s more than the number grains of sand on Earth. That’s even more than the number of known stars in our universe. That’s over forty-five octillion possible SmartKeys for every man, woman and child on planet earth; So there are plenty to go around.

SmartKeys and Hierarchical Deterministic Wallets

Under the hood, the Ethos Universal Wallet is built on the BIP-32: Hierarchical Deterministic Wallet specification developed by the Bitcoin developer community. While many Bitcoin exchanges have been hacked, generally with phishing or database hacks, no one has yet to mathematically break or reverse engineer a BIP-32 wallet despite hundreds of billions of dollar equivalent as bait. The underlying algorithms have been battle-tested with trillions of dollars of transactions. In other words, its among the most secure cryptographic standards on earth.

Features

Ethos Universal Cryptocurrency Wallet and Smart Keys:

  • Generates an astronomically complex, and cryptographically secure key that prevents anyone from spending from your wallet.
  • Maps this key to a set of 24 words enabling you to restore your wallet easily.
  • Stores multiple types of digital assets including Bitcoin, Ethereum and ERC20 Tokens.

Conclusion

The Ethos Universal Cryptocurrency Wallet is designed for you to store and secure a wide variety of coins/tokens with a single Smart Key and backup-phrase. We leverage decades of cryptographic research in addition to widely used industry standards that enable the self-custody of your assets, as well as their safe transmission and backwards compatibility with popular devices such as the Ledger Nano S and Trezor hardware wallets.


Ethos Summit Recap!

Ethos Summit Recap!

The First Ever Ethos Summit

Saturday April 14th, 2018 was hands down one for the books. It was not only the day Beyonce took over Coachella but it also marks the very same day our beloved team held our first ever Ethos Summit. Beyonce couldn’t wait to hit the stage after a year on mat leave and we couldn’t wait to share our vision in-person and via live stream! Who could ask for a more perfect alignment of groundbreaking events?

Left to right: Kevin Pettit (Chief Product Officer), Dan Caley (Director of Portfolio Management), Derek Barrera (Core Engineer)

But in case you missed it (aka what were you thinking?!), we’ve put together this nifty recap of the Ethos Summit for your enjoyment.

One of the most exciting elements of the Summit was that some our team members were able to connect in person for the very first time. Countless hours, days and months of virtual team meetings courtesy of video hangouts, screen shares and on Slack channels finally came together to real life fruition in Providence, Rhode Island.

To kick off the live talks, we first welcomed to the stage our fearless leader Shingo Lavine. His keynote mapped out the origins of crypto and went on to explain how Ethos will launch a blockchain platform that will truly be open, safe and fair for everyone. In doing so, even crypto newbies would understand the motivation to build a distributed ledger in a personal device.

Shingo also highlighted the Ethos commitment to nurturing communities through education – a key missing ingredient to decentralizing crypto and bringing it to a wider audience.

 

 

It became obvious that the positivity that fuels the Ethos movement has reached contagion-level momentum. The Summit was an opportunity to meet international community members from far and wide. We shook hands and chatted with attendees from Poland, Venezuela, Japan and beyond. Each guest had a story or use case to share, emphasizing the need to create a decentralized financial ecosystem.

 

 

Some of the Ethos team also took the stage, delighted to offer an inside scoop on the vibrant Ethos work culture – as well as addressing the ever-present anticipation around, what is now known as, #WhenWallet.

 

Panelists, left to right: Ellen Jiang, Gloria Feng (UI/UX Designers), Laura Lee Boykins (Lead UI/UX Designer), Derek Barrera (Core Engineer), Kevin Pettit (Chief Product Officer) and Dan Caley (Director of Portfolio Management)

 

The team examined the processes involved with bringing such a complex system and breaking it down into beautiful, usable pieces for the everyday user.

Some of the Summit attendees even had the opportunity to take the latest version of the app for a test drive! Pro-Tip: On the off chance you haven’t already, you probably want to pre-register for our Universal Wallet.

 

 

 

 

Later in the day we caught up with Blockchain and Smart Contract Technology expert Maurice Herlihy who demystified blockchain technology by exploring ICOs, self-custody and mining. Maurice was followed by a virtual visit from our Chief Investment Officer Vishal Karir who hung a light on correlations, diversifications and trends.

 

 

From top to bottom, the first ever Ethos Summit was a massive hit. We are so pleased with the level of engagement and curiosity of our community and the crypto industry at large.

 

 

We look forward to the many questions and conversations yet to come, so in the meantime (what are you waiting for?!) here are ways to keep up to date and in touch with us:

 

Telegram
Twitter
Facebook
Trello

We’ll be chopping up the video from the Summit and posting the program as segments, but in the meantime, feel free to take it in in full! Here’s the recording of the live stream:


Ethos Dev Update + Genesis Build Demo

Multi Cryptocurrency Wallet Dev Update + Genesis Build Demo

Hey Ethos Fam!

KDP here to announce three major updates to get you excited for the Universal Multi Cryptocurrency Wallet launch.

  1. A SNEAK PEEK OF THE ETHOS GENESIS BUILD!
  2. Next steps from Release Candidate to Global Product Launch.
  3. Ethos Trello board to track our progress.

You asked and we listened. We want to unveil all the hard work we have been doing and create a system to keep you informed of our progress every step of the way.

1. Preview of the Universal Multi Cryptocurrency Wallet Genesis Build

Today we gathered some of our rockstar engineers and a few members of the leadership team to shoot a demo of the genesis build! Light hearted and panel style, we took a deep breath to look up from our computers, reflect on the journey thus far and share our progress with you all. I hope you gain insight from the diverse perspectives that helped shaped the app and learn about some of the core Universal Multi Cryptocurrency Wallet features.

You can also check out our new Universal Wallet feature page for an overview of the rich app features by clicking here.

Enjoy! Let the feedback flow free. We hold your opinion in high regard.

2. The Path from Release Candidate to Global Launch

What next?

We are hard at work to get the wallet in your hands as quickly as possible. As you can see, we are really close, but it needs a little bit more polish. We are at the last part of the development cycle for the Universal Wallet!

What does that mean?

Well, here’s exactly what we’re working on:

Scalability

Optimizing our databases, services, caching and queries so that we can accommodate a global user base.

Security

Testing, code reviews, penetration tests, and hardening the technology stack. We cannot confidently release a product like this without extensive and exhaustive security and external audits.

Internationalization

Building the app infrastructure to easily support multiple languages from day one. People have signed up for Universal Wallet from literally all over the world – we want to make it available to everyone in their first language as quickly as possible.

Push Notifications

Event listeners integrated with push notifications to keep you informed of all your blockchain transactions.

Data Integrity

Sniffing out and eliminating data quality issues and data inconsistencies.

Biometric/PIN Authentication

Enabling native biometric authentication layered with a PIN to add an additional layer of security and encryption to protect you.

Design Polish

Checking every pixel to give you the easy and beautiful aesthetic experience that you deserve.

Coin Coverage

Expanding the supported coins within the app to make it truly universal.

 

Now that we have unveiled the Genesis build we are no longer holding back! We are happy to send you frequent GIF updates on the small wins we make every day as we progress towards launch.

3. The Ethos Trello Board

All of the tasks above, including coin integrations, feature enhancements, partnerships, airdrop updates, and release milestones are available on our Ethos Trello Board. We hope to answer many of your questions by increasing the transparency. The Board will be a great way for us to communicate updates and gather your feedback.

 

https://trello.com/b/uCJJgPjM/ethos-trello-board

 

Sit tight, get excited! Every member on the team is right there with you, counting down the days until we can delete all other wallet apps and watchlists and use the Universal Wallet. We appreciate your support and encouragement to help push us across the finish line!

With much aloha,
KDP


How Secure Is Blockchain Technology

Just How Secure is Blockchain Technology?

Just How Secure is Blockchain Technology? by Gregory Rocco

What is Blockchain Technology?

Blockchain technology is best known for both its security and immutability. In a blockchain ledger, blocks act as a living record of transactional flow and are secured through heavily incentivized consensus mechanisms. These consensus mechanisms are incentivized due to the distributed nature of the system and anonymous participants. Its underpinnings have been around for several years but it wasn’t until the creation of bitcoin that the first example of a successful implementation of a decentralized ledger was deployed in a secure fashion.

 

Bitcoin and Asymmetrical Cryptography

The Bitcoin network relies on what’s called “public key cryptography,” where both a “public key” and a “private key” are used to transact. A public key is the equivalent of your address, or rather, where you will receive cryptocurrency. In the case of bitcoin, when transacting, ownership rights of the bitcoin in question are signed off on by using a private key to do so.

 

 

For example, let’s say Alice wants to send Bob one bitcoin. Alice will create a transaction to be sent to Bob’s address, and in doing so, she is giving Bob the right to transfer that bitcoin. Both her transaction and Bob’s future transactions involve proving ownership using their keys. The public key acts as ownership proof on the network while the private key exists to sign off on transactions.

It is important to remember that private keys should never be given out, as it is what keeps your funds secure. Giving away your private key is the equivalent of giving away access to your bank account – you wouldn’t want it falling into anyone’s hands. However, a public key must be given to any party wishing to send funds to your wallet. A recommended security practice to protect one’s privacy is to never reuse public keys and to instead generate a new one for each transaction.

 

 

 

The public key is derived from the private key, and both are required in the movement of value on the network. After the transaction is sent, it is then relayed to the network and included in the next block on the blockchain to eventually be mined and secured on the ledger.

 

How Bitcoin is Secured Through Proof of Work

Consensus algorithms are a key component in distributed computing systems, and “proof of work” is the consensus algorithm the bitcoin network utilizes to both confirm transactions and add blocks. By that point, proof of work was also the first consensus mechanism to be deployed in a blockchain network.

In a proof of work system, individuals are pointing computing power to the network to solve a cryptographic equation and find what’s called a “hash.” Once solved, they have the chance to mine the next block, which contains a bundle of recent transactions that have yet to be secured on the ledger. As the network grows, so does the difficulty of solving that equation which leads to more computational power being added to secure the network.  

Related to security, each new block hash contains the hash of the previous block which allows the longest chain to continue to grow. Once mined, transactions in the block are now considered to be confirmed.

The mining incentive to secure bitcoin’s blockchain is what’s called a “block reward.” The first miner to solve the required computation correctly and mine the next block is rewarded with a fixed amount of bitcoin which “halves” after a certain period. This is to ensure that miners are paid for adding their power to secure the network, and to keep bitcoin with a controlled supply. The current block reward is 12.5 bitcoin.

Imagine the case of a horse race occurring on average every ten minutes. The gun fires, and the first horse to cross the finish line earns the bitcoin and transaction fees associated with each block. The race then resets in perpetuity. The process itself is like finding a needle in a haystack – with enough computational power and generation, the answer is bound to be found eventually. The block reward is what keeps miners incentivized to continually try to find a solution to the puzzle and lend their computational power to the network.

Over time, the bitcoin network has experienced an exponential amount of hashrate being added at the cost of the centralization of mining. Over 75 percent of the mining is currently controlled by five large pools, each containing both large organizations and individual miners contributing their hashing power. All of this has effectively led to a form of delegated proof of work in which hashing power is delegated to larger pools due to efficiency rather than individual miners each competing for the block reward at the expense of their computing power.

Although this has added plenty of hashing power to the network and allowed individuals to be granted fractions of a block reward otherwise unobtainable, this does leave the network open to threats due to its concentration. However, incentive mechanisms inherent to the blockchain makes the risk of attacking the network not worth the reward.

 

 

Attacking the Network

Distributed ledgers aren’t necessarily free from malicious actors, but incentive systems exist within the networks to keep participants in line. There are a few ways in which disruptors could potentially wreak havoc on the network, with one of the major attack vector being a 51 percent attack.

A 51 percent attack is where an entity controlling a majority of the network hashrate can take control by preventing new transactions from confirming and modifying the history of the ledger. However, the cost of acquiring the computational power necessary to assume that level of control is immense, considering the current hashing power of the network.

Malicious actors are also incentivized to stay in-line due to market effects. If users of the bitcoin network knew that the network was compromised, a mass exodus would occur, dramatically dropping the price of bitcoin which would effectively leave the miners with less than what they spent to control the majority of the hashing power. Information leading to this conclusion is public, as network hashrate distribution can be found with a simple search.

 

Other Consensus Models

Bitcoin’s proof of work isn’t the only consensus algorithm that secures distributed networks. Another popular type of consensus mechanism is proof of stake, which involves individuals “staking” their cryptocurrency to potentially be selected to create the next block. In this system, blocks aren’t “mined” through hashing power, but “forged” or “created” by participants. This eliminates the arms-race involved in proof of work systems to secure the most computational power, and is a greener consensus mechanism due to reduced emissions.

An argument in favor of a proof of stake consensus mechanism relates to a deeper conversation, specifically on ethics. As we’re tapping into a financial goldmine and securing a network, how can we best protect that which is inherent and has been slowly drained in the background due to increased energy consumption? Methods of liberating those in financial need should also best-serve their surroundings as well.

The likelihood of an individual being selected to create the next block is directly dependent on how much of that cryptocurrency they own. Although the consensus could be affected by a smaller group of large holders due to the increased likelihood of them being selected, they are incentivized to act efficiently, as the value of their holdings are proportional to the success of the network. In the future, Ethereum will be switching to a proof of stake system to replace their existing proof of work consensus.

Some platforms even use a combination of both proof of work and staking to both have a form of block reward to secure the network and using the latter for network maintenance. One example of hybrid system is DASH where typical proof of work mining is deployed but nodes staking DASH participate in its governance.

New blockchain consensus mechanisms are being explored every day to bring higher levels of efficiency and security to distributed systems. Considering how far we’ve come from an original proof of work deployment in a short span of time, the innovation soon to come will be incredible.

 

https://upscri.be/27f3c1/


Announcing the Ethos Summit! Ethos, Blockchain & The New Economy

Announcing the Ethos East Coast Summit

Join us for the first ever Ethos East Coast Summit on April 14th! The Ethos team and community will be gathering in Ethos’ birthplace – beautiful Providence, Rhode Island – for a day of ideas, discussion and networking with like-minded people passionate about Ethos, blockchain and unlocking the New Economy!

https://upscri.be/27f3c1/


Universal Coin Wallet Genesis

Ethos announces upcoming Genesis release of Universal Wallet for final testing

Ethos announces upcoming Genesis release of Universal Coin Wallet for final testing

Ethos Universal Coin Wallet

It begins. We’ve all been waiting patiently (and working feverishly!) for the Ethos Coin Universal Wallet to see the light of day. That time is fast approaching. But like most things, we’re doing things our own way. Universal Wallet is an incredibly ambitious project – and ensuring everything is rock solid and secure is our highest priority. So, this is how it’s going to work.

First of all, we want to express our deep gratitude to the entire global Ethos family for your support, encouragement and energy. It has fuelled our growth and been an incredible source of inspiration and energy for our entire team! So, thank you all. You have and will continue to play a role in unlocking the future of finance, and we’re honoured to be serving you. It’s pretty unbelievable what we’ve built in 8 short months! If that’s not people power, we don’t know what is.

Now, it’s time to stick the landing. And we need your help. We are nearing the Genesis build of the app, and it’s beautiful. But before we send it off to hopefully be a part of changing the world, we want to make sure it goes through the rigorous testing required to ensure it meets our high standard for quality and security. To get its feet wet. To warm up. To get even better.

So, the Ethos Universal Coin Wallet release rollout story starts like this.

In the coming week, the app will be go into limited release to some Ethos community members and Pre-Registered users who will be part of our final polish and testing process – so we can make sure the Ethos Universal Coin Wallet is as seamless and flawless as possible when it hits your pockets. This group will include:

  • Ethos Product Council members. They’ve been involved since the beginning and their feedback has been critical to building the app.
  • Top 100 Token Sale Contributors. Their support since day one has helped make this journey possible.
  • A randomly selected group of Pre-Registered community members. There are thousands upon thousands of you, and we love you all! A whole bunch of you are going to receive invites to join our Product Council and be part of the Genesis release. You’ll also need to be an ETHOS token holder to participate. So if you’re on the list, watch out for an invite! And if you’re not already pre-registered, get yourself on the list by clicking here!

Our Genesis release users will be an integral part of making sure the Ethos Universal Coin Wallet is battle-tested and ready for the instant global scale that awaits upon wide release. Genesis release users will also be rewarded for their efforts in finding any bugs or issues we haven’t already worked out – just another way for people power to play a role in building a financial ecosystem that is open, safe and fair for everybody.

You ready? We are.
Let’s go.

Team Ethos