diff --git a/assets/bib/refs.bib b/assets/bib/refs.bib index 5d9dfd5..d6992f1 100644 --- a/assets/bib/refs.bib +++ b/assets/bib/refs.bib @@ -103,3 +103,16 @@ @inproceedings{dwork_pricing_1993 pages = {139--147}, } +@Article{Decker2014, + author = {Christian Decker and Roger Wattenhofer}, + title = {Bitcoin Transaction Malleability and MtGox}, + year = {2014}, + month = mar, + archiveprefix = {arXiv}, + doi = {10.1007/978-3-319-11212-1_18}, + eprint = {1403.6676}, + file = {:http\://arxiv.org/pdf/1403.6676v1:PDF}, + keywords = {cs.CR, cs.CE}, + primaryclass = {cs.CR}, +} + diff --git a/assets/figures/malleability_attack.tex b/assets/figures/malleability_attack.tex new file mode 100644 index 0000000..54dafa4 --- /dev/null +++ b/assets/figures/malleability_attack.tex @@ -0,0 +1,34 @@ +%User + \node (AvatarUser) at (0,0) {\includegraphics[scale=0.05]{../assets/images/agents/agent_right}}; + \node (User)[below= 0.05cm of AvatarUser]{{\footnotesize User}}; + +%Mt.Gox + \node (CEX) [right =3cm of AvatarUser]{\includegraphics[scale=0.05]{../assets/images/agents/handing_money_left}}; + \node (Mt.Gox)[below= 0.05cm of CEX]{{\footnotesize Mt.Gox}}; + +%Connection + \only<1->{ + \draw[->, thick, dotted](AvatarUser) edge [out=-30, in=-150] node[midway,below] {{\scriptsize Withdrawal Request}} (CEX); + } + \only<2->{ + \draw[->, thick, dotted] (CEX) edge [out=-210, in=30] node[midway,above] {{\scriptsize $TXID_{a}$}} (AvatarUser); + } + +%Network nodes + \node (agenta) at (-1.5,1) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand3.png}}; + \node (agentb) at (-1.5,0) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand4.png}}; + \node (agentc) at (-1.5,-1) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand5.png}}; + \node (agentd) at (5.8,0.5) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand1.png}}; + \node (agente) at (5.8,-0.5) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand2.png}}; + +%Peer connections + \only<3->{ + \draw[->, thick, dotted] (AvatarUser.north west) -- (agenta.east) node[midway, above] {\scriptsize $TXID_{b}$}; + \draw[->, thick, dotted] (AvatarUser.west) -- (agentb.east); + \draw[->, thick, dotted] (AvatarUser.south west) -- (agentc.east); + } + +\only<2->{ + \draw[->, thick, dotted] (CEX.east) -- (agentd.west) node[midway, above= 3mm] {\scriptsize $TXID_{a}$}; + \draw[->, thick, dotted] (CEX.east) -- (agente.west) ; + } \ No newline at end of file diff --git a/assets/figures/output_origin.tex b/assets/figures/output_origin.tex new file mode 100644 index 0000000..1a13177 --- /dev/null +++ b/assets/figures/output_origin.tex @@ -0,0 +1,76 @@ + + \node[roundnode2] (nodeA) {\texttt{A}}; + \node[roundnode2] (nodeB) [below=8mm of nodeA] {\texttt{B}}; + \node[roundnode2] (nodeC) [below=8mm of nodeB] {\texttt{C}}; + \node[roundnode2] (nodeD) [below=8mm of nodeC] {\includegraphics[scale=0.025]{../assets/images/agents/intermediary_devil}}; + \node[roundnode2] (nodeE) [below=10mm of nodeD] {\texttt{E}}; + + \node[squarednode] (TRX1) [right =of nodeA] {\texttt{TRX1}}; + \node[squarednode] (TRX2) [below =17mm of TRX1] {\texttt{TRX2}}; + \node[squarednode] (TRX3) [right =8mm of nodeD] {\texttt{TRX3}}; + \node[squarednode] (TRX4) [right =of nodeE] {\texttt{TRX4}}; + + \node[roundnode2] (nodeF) [right =of TRX1] {\texttt{F}}; + \node[roundnode2] (nodeG) [right =of TRX2] {\texttt{G}}; + \node[roundnode2] (nodeI) [right =of TRX3] {\texttt{I}}; + \node[roundnode2] (nodeH) [above =4mm of nodeI] {\texttt{H}}; + \node[roundnode2] (nodeJ) [below =2mm of nodeI] {\texttt{J}}; + \node[roundnode2] (nodeK) [right =of TRX4] {\texttt{K}}; + + \node[squarednode] (TRX5) [right =of nodeF] {\texttt{TRX5}}; + \node[squarednode] (TRX6) [right =of nodeG] {\texttt{TRX6}}; + \node[squarednode] (TRX7) [right =of nodeK] {\texttt{TRX7}}; + + \node[roundnode1] (nodeO) [right =of TRX6] {\texttt{O}}; + \node[roundnode2] (nodeN) [above =3mm of nodeO] {\texttt{N}}; + \node[roundnode2] (nodeM) [above =3mm of nodeN] {\texttt{M}}; + \node[roundnode1] (nodeL) [above =1mm of nodeM] {\texttt{L}}; + \node[roundnode2] (nodeP) [below =4mm of nodeO] {\texttt{P}}; + \node[roundnode2] (nodeQ) [right =of TRX7] {\texttt{Q}}; + + \node[squarednode] (TRX9) [right = 48mm of nodeI] {\texttt{TRX9}}; + \node[squarednode] (TRX8) [above = 33mm of TRX9] {\texttt{TRX8}}; + + \node[roundnode1] (nodeS) [right =of TRX8] {\texttt{S}}; + \node[roundnode1] (nodeR) [above =2mm of nodeS] {\texttt{R}}; + \node[roundnode1] (nodeT) [below =2mm of nodeS] {\texttt{T}}; + \node[roundnode1] (nodeU) [right =of TRX9] {\texttt{U}}; + + + \draw[-] (nodeA) -- (TRX1); + \draw[-] (nodeB) -- (TRX2); + \draw[-] (nodeC) -- (TRX2); + \draw[-] (nodeD) -- (TRX3); + \draw[-] (nodeE) -- (TRX4); + + \draw[-] (TRX1) -- (nodeF); + \draw[-] (TRX2) -- (nodeG); + \draw[-] (TRX3) -- (nodeH); + \draw[-] (TRX3) -- (nodeI); + \draw[-] (TRX3) -- (nodeJ); + \draw[-] (TRX4) -- (nodeK); + + \draw[-] (nodeF) -- (TRX5); + \draw[-] (nodeG) -- (TRX6); + \draw[-] (nodeH) -- (TRX6); + \draw[-] (nodeJ) -- (TRX7); + \draw[-] (nodeK) -- (TRX7); + + \draw[-] (TRX5) -- (nodeL); + \draw[-] (TRX5) -- (nodeM); + \draw[-] (TRX6) -- (nodeN); + \draw[-] (TRX6) -- (nodeO); + \draw[-] (TRX6) -- (nodeP); + \draw[-] (TRX7) -- (nodeQ); + + \draw[-] (nodeM) -- (TRX8); + \draw[-] (nodeN) -- (TRX8); + \draw[-] (nodeP) -- (TRX9); + \draw[-] (nodeQ) -- (TRX9); + \draw[-] (nodeI) -- (TRX9); + + \draw[-] (TRX8) -- (nodeR); + \draw[-] (TRX8) -- (nodeS); + \draw[-] (TRX8) -- (nodeT); + \draw[-] (TRX9) -- (nodeU); + \ No newline at end of file diff --git a/assets/figures/silk_road.tex b/assets/figures/silk_road.tex new file mode 100644 index 0000000..5a994c0 --- /dev/null +++ b/assets/figures/silk_road.tex @@ -0,0 +1,12 @@ +\node (AgentSeller) {\includegraphics[scale=0.05]{../assets/images/agents/handing_right}}; + \node (Seller) [below= 0.05cm of AgentSeller] {Seller}; + + \node (Darknet) [right = 2cm of AgentSeller] {\includegraphics[scale=0.1]{../assets/images/darknet}}; + \node (Silkroad) [below= 0.05cm of Darknet] {Silkroad}; + + \node (AgentBuyer) [right =2cm of Darknet] {\includegraphics[scale=0.05]{../assets/images/agents/handing_money_left}}; + \node (Buyer) [below= 0.05cm of AgentBuyer] {Buyer}; + + \draw[->, thick] (AgentBuyer) edge [out=-230, in=50] node[midway,above] {\texttt{BTC}} (Darknet); + \draw[->, thick, dotted] (Darknet) edge [out=-230, in=50] node[midway,above] {\texttt{BTC}} (AgentSeller); + \draw[->, thick] (AgentSeller) edge [out=-45, in=-140] node[midway,below] {\texttt{Good}} (AgentBuyer); \ No newline at end of file diff --git a/assets/images/darknet.png b/assets/images/darknet.png new file mode 100644 index 0000000..4868b48 Binary files /dev/null and b/assets/images/darknet.png differ diff --git a/assets/images/microsoft_store.png b/assets/images/microsoft_store.png new file mode 100644 index 0000000..dd5b8e3 Binary files /dev/null and b/assets/images/microsoft_store.png differ diff --git a/assets/images/mt_gox.png b/assets/images/mt_gox.png new file mode 100644 index 0000000..5000660 Binary files /dev/null and b/assets/images/mt_gox.png differ diff --git a/assets/images/wannacry.jpg b/assets/images/wannacry.jpg new file mode 100644 index 0000000..7dc2054 Binary files /dev/null and b/assets/images/wannacry.jpg differ diff --git a/slides/risks_illicit_activity.tex b/slides/risks_illicit_activity.tex new file mode 100644 index 0000000..f7dcad7 --- /dev/null +++ b/slides/risks_illicit_activity.tex @@ -0,0 +1,165 @@ +% Choose one to switch between slides and handout +%\documentclass[]{beamer} +\documentclass[handout]{beamer} + +% Video Meta Data +\title{Bitcoin, Blockchain and Cryptoassets} +\subtitle{Risks \& Illicit Activity} +\author{Prof. Dr. Fabian Schär} +\institute{University of Basel} + +% Config File +\input{../config/config.tex} + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\begin{document} + +\thispagestyle{empty} +\begin{frame}[noframenumbering] + \titlepage +\end{frame} + + +%%% +\begin{frame}{Quantifying Illicit Activity} + Illicit activities with cryptocurrencies pose a certain problem but are hard to quantify. \\ + \vspace{1em} + Number of users or transactions are flawed measurables: + \begin{itemize} + \item One user $\rightarrow$ Multiple addresses + \item Multiple Users $\rightarrow$ One address + \item Transaction $\neq$ Transaction + \item Obfuscation transactions + \end{itemize} + \vspace{1em} + Studies use different assumptions in order to carry out estimates, which can have a big influence on the results. +\end{frame} +%%% + + +%%% +\begin{frame}{Origin and Homogenity of Bitcoin Units} + Each output has a clearly distinguishable origin. + \begin{figure} + \resizebox{10cm}{6cm}{ + \begin{tikzpicture}[ + roundnode1/.style = {circle, draw=highlight, fill=highlight!5}, + roundnode2/.style = {circle, draw=focus!50, fill=focus!5}, + squarednode/.style = {rectangle, draw=black!60, fill=black!5}, + ] + \input{../assets/figures/output_origin} + \end{tikzpicture} + } + \end{figure} +\end{frame} +%%% + + +%%% +\begin{frame}{Silk Road} + \begin{itemize} + \item First modern large-scale darknet market + \item Trading of illegal drugs and digital goods + \item Bitcoin as dominant medium of exchange + \end{itemize} + \vspace{1em} + \centering + \begin{tikzpicture}[squarednode/.style = {rectangle, draw=black!60, fill=black!5}] + \input{../assets/figures/silk_road} + \end{tikzpicture} +\end{frame} +%%% + + +%%% +\begin{frame}{Mt. Gox} + \centering + \begin{itemize} + \item Worlds largest bitcoin exchange in 2013. + \item Transaction malleability as reason for stopping Bitcoin withdrawals in February 2014. + \item Mistake: Relied solely on the transaction hash to track and verify its account balance. + \item Claim that transaction malleability as the reason for the loss of around 850,000 BTC is controversial. See \cite{Decker2014} + \end{itemize} + \includegraphics[scale=0.12]{../assets/images/mt_gox}\\ + \footnotesize{Picture source: Wikipedia} +\end{frame} +%%% + + +%%% +\begin{frame}{Malleability Attack} + \centering + \begin{tikzpicture}[squarednode/.style = {rectangle, draw=black!60, fill=black!5}] + \input{../assets/figures/malleability_attack} + \end{tikzpicture} + \begin{itemize} + \item<1->[1.] The user sends a request for withdrawal. The exchange initiates $TRX_a$ with $TXID_a$. + \item<3->[2.] The user modifies $TRX_a$'s \texttt{scriptSig} in a way that the transaction is still valid, but its ID changes to $TXID_b$. Both transactions $TRX_a$ and $TRX_b$ are valid and race for confirmation. + \item<4->[3.] If the modified version $TRX_b$ gets included in the blockchain: + \begin{itemize} + \item The user receives the expected BTC units through $TRX_b$. + \item $TRX_a$ fails and the user is still credited with funds in Mt. Gox's system. + \end{itemize} + \end{itemize} +\end{frame} +%%% + + +%%% +\begin{frame}{Wannacry} + \centering + \includegraphics[scale=0.28]{../assets/images/wannacry} \\ + \footnotesize{Picture source: OneSpan Blog}\\ + \vspace{1em} + \begin{small} + \href{https://blockstream.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94}{\texttt{13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94} \link} \\ + \href{https://blockstream.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw}{\texttt{12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw} \link} \\ + \href{https://blockstream.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn} {\texttt{115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn} \link} \\ + \end{small} +\end{frame} +%%% + + +%%% +\begin{frame}{Other Risks \& Illicit Activities} + \textbf{Botnet Miner} + \begin{itemize} + \item Malware that integrates a victims computer into the "botnet". + \item Compromised computers can be used for mining. + \begin{center} + \includegraphics[scale=0.2]{../assets/images/microsoft_store}\\ + \footnotesize{Picture source: Symantec} + \end{center} + \end{itemize} + %\vspace{1em} + \textbf{Bitcoin Tumbler} + \begin{itemize} + \item Used to disguise the origin of Bitcoin units and links between old and new addresses. + \item How: Send coins from users around, Randomize transaction amounts, Add time delays + \end{itemize} +\end{frame} +%%% + + +%%% +\begin{frame}{Regulation} + Bitcoin Network because of decentralized nature hard to regulate $\rightarrow$ Focus on On- and Off-ramps\\ + \vspace{1em} + Example: {\color{focus} OpenVASP } (Virtual asset service providers) + \begin{itemize} + \item Protocol facilitating compliance with global travel rule requirements for VASPs. Shared communication protocol to exchange VA transfer information. + \end{itemize} + \vspace{1em} + \textbf{Because of the high transparency, Bitcoin is not very suitable for usage with illegal activities.} +\end{frame} +%%% + +\begin{frame}%[allowframebreaks] +\frametitle{References and Recommended Reading} + \bibliographystyle{amsplain} + \bibliography{../assets/bib/refs} +\end{frame} + + +\end{document}