Blockchain CBSA – Blockchain 101 Part 2
- Objective – Security in Blockchain and how addresses, public keys, and private
Objective. Let’s talk about security and blockchain and how it addresses public private keys and how they all work. Let’s talk about a private key and a public key. Basically a private key and a public key are part of encryption and these encryption methods are going to be used to encode information. Basically we need a way to basically take plain text and transfer it into cipher text.
Now when we look at encryption systems, it’s generally two types. We have symmetric and asymmetric. Symmetric is private key encryption and it’s going to use the same key for encryption and decryption. Now again, there’s pros and cons to each of these. We’ll talk more about that and then we have asymmetric. This is where you’re going to have basically different keys and they’re going to rotate.
And here’s an example of how plain text will be changed into basically cipher text and then it will be decrypted by the receiver. Now, when it comes to public key uses, for example, the asymmetric algorithm that converts messages into an unreadable format. So basically the public key is going to go ahead and take whatever message or transaction and make it so that it can’t be read by anyone that does not have a key to be able to decipher that.
So anyone who has a public key can encrypt the message that is going to be intended for that receiver and then the receiver with the private key can decode the message and then basically that key is available via the public access directory and some consensus approaches as well. Now, the private key is a secret key that’s used to decrypt the message and the party knows that it is an exchange message.
The traditional method of secret key is shared with communicators to enable encryption. Basically, again, you need to have a private key and a public key. And I think the main thing on the exam is to understand who has a private key and who has the public key. Also to understand, for example, some of the errors we’ll talk about like PKI and what that is and also understand asymmetric and symmetric encryption. So what is PKI?
So PKI is basically a set of roles, policies and procedures that are needed to essentially manage the encryption. Now what is the purpose of PKI? It’s to help facilitate secure electronic transfer of information. Now PKI confirms what? Identity. Now generally we’re going to use certificates as well and these certificates are going to generally be in X 509 format. Now this format is basically a standard and a lot of encryption algorithms that are used. So this is very common. But you want to understand that X 509 is used and PKI and also PMI which is privileged management infrastructure as well. So these certificates, what are the certificates used for?
So you want to highlight this? It’s used for identity validation, otherwise it’s going to validate that it is you that has a certificate and that you’re the one that’s going to participate in this transaction. The certificates act as a secure Identifier, and you could also look at these as like a digital passport as well. So the certificate is tied to the public key value as well. Now, when it comes to x 509 certificates, once again, each of the blockchains handle things a little differently. Like in hyperledger, you’re going to have, for example, a certificate authority that’s going to manage all this, and MSP will be part of that as well.
MSPCA are basically part of the same mechanism and you have to have a way to manage your certificates. Some blockchains will issue transaction certificates, some will issue membership certificates, like in the world of hyperledger. And again, the main goal here is to make sure that you know the following things know what an x 509 certificate is, understand symmetric and asymmetric encryption, understand what PKI is and also understand who has a private key and the public key as well. It’s good to move on you.
- Objective – What is a smart contract and dApps?
Objective. What is a smart contract and a D app? It’s a great question. Let’s talk about what they are and why they are important. So a smart contract is a term that’s used to describe computer program code. Basically this code is capable of facilitating, executing and enforcing the negotiation or performance of an agreement using blockchain technology. Now, this is a way essentially to automate some of the manual tasks that you may have been doing. I don’t like to compare smart contracts to something that’s really smart because the reality is a smart contract is really neither smart nor is a contract in most cases. And we’ll talk more about that. But basically think of a smart contract as a way to automate tasks and this is done on a blockchain. Basically the process is automated. And again, generally smart contracts are going to be small snippets of code.
They’re not going to be large programs or applications. If you’re going to combine many smart contracts together, that’s called the D app and we’ll talk more about that. Now basically chain code is a term that’s used in the world of hyperledger. That’s a smart contract. It’s really the same thing. So why are smart contracts used? It’s a really good question. Now basically smart contracts provide some value and that’s going to be around autonomy, trust, backup, safety, speed, savings and accuracy. Now, on the exam, I’m going to advise you to know these benefits and what a smart contract provides autonomy means. What that means you’re going to be able to kick off this code and it’s going to go ahead and do its own thing. You don’t have to have anyone checking on it per se. Trust basically does what that’s going to allow you to trust in the technology, right? To basically believe that it’s going to do its job. There’s no intermediary or anyone involved, backup.
Now, we know that because this is deployed on a blockchain that this smart contract will be replicated among the blockchain safety. Now, when it comes to safety, basically the smart contract will only execute if the conditions are met. It’s logic. If the funds are sent and it’s the exact amount, it’ll go ahead and kick off the contract. If it isn’t, it doesn’t go anywhere. Now, it’s also fast. These are fast. In other words, it’s automated, no manual steps, they’re small step, it’s a code. Basically it’s done in seconds or even less. Smart contracts can provide savings. In other words, if you’re a large bank and you’re employing 300 people to validate contracts and you go ahead and put this in a smart contract format to validate like customs information or funds receipt or whatever, you could actually reduce your staff. This provides a lot of savings then accuracy.
These are accurate because of why? Because it removes the manual labor. And here’s a comparison between traditional contracts and smart contracts. This is from a PwC document. It’s a good comparison and they did a good job at sort of comparing both. So one of the things I recommend is, again, just understand that traditional contracts are slow and smart contracts are fast. Cost wise are different as well. Now smart contracts define the rules and penalties around an agreement. They’re going to enforce these obligations and when I say enforce they’re not going to send the police out or anything. What they’re going to do is basically if the conditions are met, it will kick off. If they’re not, it’s not going to kick off. In other words, conditions have to be met for anything to happen. When you have several smart contracts are going to make up what’s called D app known as a distributed app. Now smart contracts typically have two functions. They’re going to have a constructor function and a fallback function.
The constructor function is going to be called once. This is when you deploy the smart contract into the blockchain. Now this is very similar for example in Ethereum basically it’s a little bit different than in hyperledger. Like in hyperledger the constructor function is really the init function. It’s all different. Fallback is different where essentially if someone tries to invoke something and the conditions aren’t met, it goes back to its starting point. Basically it reverts back. Now smart contracts provide security that is better than traditional contracts. They cut costs also to smart contracts and Aetherium run on the EVM.
We’ll talk more about Ethereum and the EVM in that section. Decentralized apps that are running on Ethereum as well are going to be considered complex smart contracts. In other words, if you have 200 smart contracts and they’re working together or in sync, I like to also compare smart contracts to like a micro service, sort of like serverless in a sense as well, where you have snippets of code doing a task. So you could go ahead and have 100 200 smart contracts doing a specific thing. One executes after another if the condition is met and that’s met and that’s met very similar to micro services in that sense. What about enforcement? Now each of the blockchains enforce things all differently. Again, they’re written in different languages. We know that smart contracts and Ethereum are written generally in solidity and then in hyper ledger they’re going to be written in essentially golang JavaScript and then if we go over to like Corda it’s going to be jotlin. But again, it’s all about the intricacies of each blockchain. When a modification is made, basically there’s a process that needs to be kicked off. And in Ethereum you can’t just modify the contract as a user.
It’s got to be done by the code and there’s store procedures that are going to have predefined rules. And remember too, this is on a blockchain and the blockchain is immutable. So you have to go ahead and deploy different revisions. Essentially. It’s not like you’re going to just modify the same smart contract when it comes to legal enforcement. Now this is where, again, I mentioned earlier, smart contracts are not smart nor they are contracts. They’re generally not legally enforceable because again, you can’t address the law and computer code at least easily. Now, quota for example, has something called legal pros. And this addresses this a little differently with an attachment to the smart contract. But basically a smart contract may or may not be legally enforceable. And also two, depends on jurisdictions. So there’s a lot of concerns here around enforcement of it.
When it comes to smart contract, they could be used as evidence. There’s been a few cases of that already. And when it comes to, for example, comparison of this, think about it as like a vending machine. If you put in fifty cents and it’s $0. 50 for a drink, then you get your drink. If you don’t, then it could be there’s an issue with the vending machine and you may need to of course do what? Contact the vendor. But again, if you put in a dollar, you should get changed back if it’s $50. And again, this is sort of just a high level comparison really. Now. This is from Block Geeks. They have a really good diagram here of how it works in Ethereum, for example, I would encourage you to go through these and check out their site if you haven’t as well. But what I’m trying to get out here is try to do understand how a smart contract works.
And one of the things to realize is that the smart contracts are going to be triggered and these triggers are called events. I like to call an event for anyone that’s done web programming. I like to call them a web hook. It’s very similar to that. If this occurs, do this, that occurs, do that. Now, D apps are decentralized applications. These are apps that are going to run on the peer to peer network. Now remember too that when we deploy a smart contract, each of these smart contracts are going to run on each of the nodes, especially in a permissionless blockchain. Now, when it comes to D app, these D apps are open source generally. They’re going to have as well basically data as part of that D app. They’re going to store data in one format or another. They’re going to of course be decentralized. They’re going to be distributed on the peers. And when it comes to D apps as well, like an Ethereum, you can access with the missed browser for example, in Ethereum. And they’re generally open source and there’s good repositories of different D apps that you could utilize. And again, just remember a DAP a collection of smart contracts and there’s some practice questions as well. I’m going to recommend you go ahead and take a look at as well and see how you do it’s. Good to move on.