Add risks and illicit activity slides

assets/bib/refs.bib

@@ -103,3 +103,16 @@ @inproceedings{dwork_pricing_1993
 	pages = {139--147}, 	
 }
 
+@Article{Decker2014,
+  author        = {Christian Decker and Roger Wattenhofer},
+  title         = {Bitcoin Transaction Malleability and MtGox},
+  year          = {2014},
+  month         = mar,
+  archiveprefix = {arXiv},
+  doi           = {10.1007/978-3-319-11212-1_18},
+  eprint        = {1403.6676},
+  file          = {:http\://arxiv.org/pdf/1403.6676v1:PDF},
+  keywords      = {cs.CR, cs.CE},
+  primaryclass  = {cs.CR},
+}
+

assets/figures/malleability_attack.tex

@@ -0,0 +1,34 @@
+%User
+		\node (AvatarUser) at (0,0)	{\includegraphics[scale=0.05]{../assets/images/agents/agent_right}};
+		\node (User)[below= 0.05cm of AvatarUser]{{\footnotesize User}};
+
+%Mt.Gox
+		\node (CEX)	[right =3cm of AvatarUser]{\includegraphics[scale=0.05]{../assets/images/agents/handing_money_left}};
+		\node (Mt.Gox)[below= 0.05cm of CEX]{{\footnotesize Mt.Gox}};
+
+%Connection
+	\only<1->{
+		\draw[->, thick, dotted](AvatarUser) edge [out=-30, in=-150] node[midway,below] {{\scriptsize Withdrawal Request}} (CEX);
+		}
+	\only<2->{	
+		\draw[->, thick, dotted] (CEX) edge [out=-210, in=30] node[midway,above] {{\scriptsize $TXID_{a}$}} (AvatarUser);
+		}
+
+%Network nodes	
+	\node (agenta) at (-1.5,1) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand3.png}};
+	\node (agentb) at (-1.5,0) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand4.png}};
+	\node (agentc) at (-1.5,-1) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand5.png}};
+	\node (agentd) at (5.8,0.5) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand1.png}};
+	\node (agente) at (5.8,-0.5) {\includegraphics[width = 0.6 cm]{../assets/images/agents/avatar_rand2.png}};	
+
+%Peer connections
+	\only<4->{
+	\draw[->, thick, dotted]	(AvatarUser.north west) -- (agenta.east) node[midway, above] {\scriptsize $TXID_{b}$};
+	\draw[->, thick, dotted] 	(AvatarUser.west) -- (agentb.east);
+	\draw[->, thick, dotted]	(AvatarUser.south west) -- (agentc.east);
+		}
+
+\only<2->{
+	\draw[->, thick, dotted]	(CEX.east) -- (agentd.west)  node[midway, above= 3mm] {\scriptsize $TXID_{a}$};
+	\draw[->, thick, dotted] 	(CEX.east) -- (agente.west)  ;
+		}

assets/figures/output_origin.tex

@@ -0,0 +1,76 @@
+
+    \node[roundnode2]    (nodeA)                                    {\texttt{A}};
+    \node[roundnode2]    (nodeB)        [below=8mm of nodeA]        {\texttt{B}};
+    \node[roundnode2]    (nodeC)        [below=8mm of nodeB]        {\texttt{C}};
+    \node[roundnode2]    (nodeD)        [below=8mm of nodeC]        {\includegraphics[scale=0.025]{../assets/images/agents/intermediary_devil}};
+    \node[roundnode2]    (nodeE)        [below=10mm of nodeD]       {\texttt{E}};
+
+    \node[squarednode]  (TRX1)          [right =of nodeA]           {\texttt{TRX1}}; 
+    \node[squarednode]  (TRX2)          [below =17mm of TRX1]       {\texttt{TRX2}};
+    \node[squarednode]  (TRX3)          [right =8mm of nodeD]      {\texttt{TRX3}};
+    \node[squarednode]  (TRX4)          [right =of nodeE]           {\texttt{TRX4}};
+
+    \node[roundnode2]    (nodeF)        [right =of TRX1]            {\texttt{F}};
+    \node[roundnode2]    (nodeG)        [right =of TRX2]            {\texttt{G}};
+    \node[roundnode2]    (nodeI)        [right =of TRX3]            {\texttt{I}};
+    \node[roundnode2]    (nodeH)        [above =4mm of nodeI]       {\texttt{H}};
+    \node[roundnode2]    (nodeJ)        [below =2mm of nodeI]       {\texttt{J}};
+    \node[roundnode2]    (nodeK)        [right =of TRX4]            {\texttt{K}};
+
+    \node[squarednode]  (TRX5)          [right =of nodeF]          {\texttt{TRX5}}; 
+    \node[squarednode]  (TRX6)          [right =of nodeG]          {\texttt{TRX6}};
+    \node[squarednode]  (TRX7)          [right =of nodeK]          {\texttt{TRX7}};
+
+    \node[roundnode1]    (nodeO)        [right =of TRX6]            {\texttt{O}};
+    \node[roundnode2]    (nodeN)        [above =3mm of nodeO]       {\texttt{N}};
+    \node[roundnode2]    (nodeM)        [above =3mm of nodeN]       {\texttt{M}};
+    \node[roundnode1]    (nodeL)        [above =1mm of nodeM]       {\texttt{L}};
+    \node[roundnode2]    (nodeP)        [below =4mm of nodeO]       {\texttt{P}};
+    \node[roundnode2]    (nodeQ)        [right =of TRX7]            {\texttt{Q}};
+
+    \node[squarednode]  (TRX9)          [right = 48mm of nodeI]    {\texttt{TRX9}};
+    \node[squarednode]  (TRX8)          [above = 33mm of TRX9]     {\texttt{TRX8}};
+
+    \node[roundnode1]    (nodeS)        [right =of TRX8]            {\texttt{S}};
+    \node[roundnode1]    (nodeR)        [above =2mm of nodeS]       {\texttt{R}};
+    \node[roundnode1]    (nodeT)        [below =2mm of nodeS]       {\texttt{T}};
+    \node[roundnode1]    (nodeU)        [right =of TRX9]            {\texttt{U}};
+
+
+    \draw[-] (nodeA) -- (TRX1);
+    \draw[-] (nodeB) -- (TRX2);
+    \draw[-] (nodeC) -- (TRX2);
+    \draw[-] (nodeD) -- (TRX3);
+    \draw[-] (nodeE) -- (TRX4);
+
+    \draw[-] (TRX1) -- (nodeF);
+    \draw[-] (TRX2) -- (nodeG);
+    \draw[-] (TRX3) -- (nodeH);
+    \draw[-] (TRX3) -- (nodeI);
+    \draw[-] (TRX3) -- (nodeJ);
+    \draw[-] (TRX4) -- (nodeK);
+
+    \draw[-] (nodeF) -- (TRX5);
+    \draw[-] (nodeG) -- (TRX6);
+    \draw[-] (nodeH) -- (TRX6);
+    \draw[-] (nodeJ) -- (TRX7);
+    \draw[-] (nodeK) -- (TRX7);
+
+    \draw[-] (TRX5) -- (nodeL);
+    \draw[-] (TRX5) -- (nodeM);
+    \draw[-] (TRX6) -- (nodeN);
+    \draw[-] (TRX6) -- (nodeO);
+    \draw[-] (TRX6) -- (nodeP);
+    \draw[-] (TRX7) -- (nodeQ);
+
+    \draw[-] (nodeM) -- (TRX8);
+    \draw[-] (nodeN) -- (TRX8);
+    \draw[-] (nodeP) -- (TRX9);
+    \draw[-] (nodeQ) -- (TRX9);
+    \draw[-] (nodeI) -- (TRX9);
+
+    \draw[-] (TRX8) -- (nodeR);
+    \draw[-] (TRX8) -- (nodeS);
+    \draw[-] (TRX8) -- (nodeT);
+    \draw[-] (TRX9) -- (nodeU);
+

assets/figures/silk_road.tex

@@ -0,0 +1,12 @@
+\node (AgentSeller)				{\includegraphics[scale=0.05]{../assets/images/agents/handing_right}};
+		\node (Seller)	[below= 0.05cm of AgentSeller]			{Seller};
+
+		\node (Darknet)          [right = 2cm of AgentSeller]          {\includegraphics[scale=0.1]{../assets/images/darknet}}; 
+		\node (Silkroad)	[below= 0.05cm of Darknet]			{Silkroad};
+
+		\node (AgentBuyer)		[right =2cm of Darknet]		{\includegraphics[scale=0.05]{../assets/images/agents/handing_money_left}};
+		\node (Buyer)	[below= 0.05cm of AgentBuyer]			{Buyer};
+
+		\draw[->, thick] (AgentBuyer) edge [out=-230, in=50] node[midway,above] {\texttt{BTC}} (Darknet);
+		\draw[->, thick, dotted] (Darknet) edge [out=-230, in=50] node[midway,above] {\texttt{BTC}} (AgentSeller);
+		\draw[->, thick] (AgentSeller) edge [out=-45, in=-140] node[midway,below] {\texttt{Good}} (AgentBuyer);

slides/risks_illicit_activity.tex

@@ -0,0 +1,166 @@
+% Choose one to switch between slides and handout
+%\documentclass[]{beamer}
+\documentclass[handout]{beamer}
+
+% Video Meta Data
+\title{Bitcoin, Blockchain and Cryptoassets}
+\subtitle{Risks \& Illicit Activity}
+\author{Prof. Dr. Fabian Schär}
+\institute{University of Basel}
+
+% Config File
+\input{../config/config.tex}
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{document}
+
+\thispagestyle{empty}
+\begin{frame}[noframenumbering]
+	\titlepage
+\end{frame}
+
+
+%%%
+\begin{frame}{Quantifying Illicit Activity}
+	Illicit activities with cryptocurrencies pose a certain problem but are hard to quantify. \\
+	\vspace{1em}
+	Number of users or transactions are flawed measurables:
+		\begin{itemize}
+			\item One user $\rightarrow$ Multiple addresses
+			\item Multiple Users $\rightarrow$ One address
+			\item Transaction $\neq$ Transaction
+			\item Obfuscation transactions
+		\end{itemize}
+	\vspace{1em} 
+	Studies use different assumptions in order to carry out estimates, which can have a big influence on the results.	
+\end{frame}
+%%%	
+
+
+%%%
+\begin{frame}{Origin and Homogenity of Bitcoin Units}
+	Each output has a clearly distinguishable origin.
+	\begin{figure}
+		\resizebox{10cm}{6cm}{
+			\begin{tikzpicture}[
+     		 roundnode1/.style = {circle,  draw=highlight, fill=highlight!5},
+     		 roundnode2/.style = {circle,  draw=focus!50, fill=focus!5},
+      		squarednode/.style = {rectangle, draw=black!60, fill=black!5},
+     		 ]
+			\input{../assets/figures/output_origin}
+			\end{tikzpicture}
+		}
+	\end{figure}	
+\end{frame}
+%%%
+
+
+%%%
+\begin{frame}{Silk Road}
+	\begin{itemize}
+		\item First modern large-scale darknet market
+		\item Trading of illegal drugs and digital goods
+		\item Bitcoin as dominant medium of exchange
+	\end{itemize}
+	\vspace{1em}
+	\centering
+	\begin{tikzpicture}[squarednode/.style = {rectangle, draw=black!60, fill=black!5}]
+		\input{../assets/figures/silk_road}
+	\end{tikzpicture}
+\end{frame}
+%%%
+
+
+%%%
+\begin{frame}{Mt. Gox}
+	\centering
+		\begin{itemize}
+			\item Worlds largest bitcoin exchange in 2013.
+			\item Transaction malleability as reason for stopping Bitcoin withdrawals in February 2014.
+			\item Mistake: Relied solely on the transaction hash to track and verify its account balance.
+			\item Claim that transaction malleability as the reason for the loss of around 850'000 is controversial. See \cite{Decker2014}
+		\end{itemize}
+	\includegraphics[scale=0.12]{../assets/images/mt_gox}\\
+	\footnotesize{Picture source: Wikipedia}	
+\end{frame}
+%%%
+
+
+%%%
+\begin{frame}{Malleability Attack}
+	\centering
+	\begin{tikzpicture}[squarednode/.style = {rectangle, draw=black!60, fill=black!5}]
+		\input{../assets/figures/malleability_attack}
+	\end{tikzpicture}
+	\begin{enumerate}
+	\setcounter{enumi}{2}
+		\item<3-> User modifies $TRX_{a}$ by altering the scriptSig without invalidating it. Modification results in a different transaction ID ($TXID_{b}$).
+		\item<4-> Modified $TRX_{b}$ races with original $TXR_{a}$ for confirmation.
+		\item<5-> If modified version gets included in the blockchain:
+		\begin{itemize}
+			\item User still receives BTC units.
+			\item Mt. Gox thinks $TRX_{a}$ failed, as they only check for $TXID_{a}$. User still credited with funds in their system.
+		\end{itemize}
+	\end{enumerate}
+\end{frame}
+%%%
+
+
+%%%
+\begin{frame}{Wannacry}
+	\centering
+		\includegraphics[scale=0.28]{../assets/images/wannacry} \\
+		\footnotesize{Picture source: OneSpan Blog}\\
+		\vspace{1em}
+		\begin{small}
+			\texttt{13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94} \link \href{https://blockstream.info/address/13AM4VW2dhxYgXeQepoHkHSQuy6NgaEb94}{} \\
+			\texttt{12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw} \link \href{https://blockstream.info/address/12t9YDPgwueZ9NyMgw519p7AA8isjr6SMw}{} \\
+			\texttt{115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn} \link \href{https://blockstream.info/address/115p7UMMngoj1pMvkpHijcRdfJNXj6LrLn} {} \\
+		\end{small}
+\end{frame}
+%%%
+
+
+%%%
+\begin{frame}{Other Risks \& Illicit Activities}
+	\textbf{Botnet Miner}
+		\begin{itemize}
+			\item Malware that integrates a victims computer into the "botnet".
+			\item Compromised computers can be used for mining.
+		\begin{center}
+		\includegraphics[scale=0.25]{../assets/images/google_playstore}\\
+		\footnotesize{Picture source: Google}
+		\end{center}
+		\end{itemize}
+	%\vspace{1em}
+	\textbf{Bitcoin Tumbler}
+		\begin{itemize}
+			\item Used to disguise the origin of Bitcoin units and links between old and new addresses.
+			\item How: Send coins from users around, Randomize transaction amounts, Add time delays
+		\end{itemize}	
+\end{frame}
+%%%
+
+
+%%%
+\begin{frame}{Regulation}
+	Bitcoin Network because of decentralized nature hard to regulate $\rightarrow$ Focus on On- and Off-ramps\\
+	\vspace{1em}
+	Example: {\color{focus} OpenVASP } (Virtual asset service providers)
+		\begin{itemize}
+			\item Protocol facilitating compliance with global travel rule requirements for VASPs. Shared communication protocol to exchange VA transfer information.
+		\end{itemize}
+	\vspace{1em}
+	\textbf{Because of the high transparency, Bitcoin is not very suitable for usage with illegal activities.}
+\end{frame}
+%%%
+
+\begin{frame}%[allowframebreaks]
+\frametitle{References and Recommended Reading}
+	\bibliographystyle{amsplain}
+	\bibliography{../assets/bib/refs}
+\end{frame}
+
+
+\end{document}