Stanford Webinar - Cryptocurrencies and Blockchains: The Science Behind the Technology, Dan Boneh
so hello everyone uh thank you so much for joining us um my name is petra parecova i am the associate director for our computer science and artificial intelligence programs at stanford center for professional development and it's my big pleasure today to you know be joining dan bonnet in his talk and about the science of blockchains so thank you so much dan once again for joining us for a quick introduction for those who who don't know dan but hopefully you all do because you know he's our great speaker and we shared a little bit of information beforehand he is the professor of computer science and electrical electrical engineering at stanford uh he's also the head of the applied cryptographic group and he co-directs the computer security lab and professor bona's research focuses on applications of cryptography uh to computer security and he's basically like the person you want to hear about blockchain from so we are very glad that he was able to join us and i think that we will kick us uh off uh maybe if you have some questions don't hesitate to use the q a box you will find on your console uh we will make sure that we ask some questions at the end uh we will try to get to as many as we can so i think that's it thank you so much then once again uh you can get started okay thank you petra uh so welcome everyone it's wonderful to be here um and let's get started so what i want to talk about today is a little bit of what we call the science of blockchain which is kind of the technology behind behind blockchains and i'll tell you about some of the work we're doing and kind of what i find exciting in the space so let's get started the first thing i want to do is kind of zoom out a little bit and kind of talk about traditionally what cryptography has been about so in kind of uh the i've been working in cryptography for for a long time as petra mentioned and it's interesting that traditionally cryptography has been um has primarily had uh you know one primary customer which was really the internet and it was interesting is if you look at cryptography on the internet what it was used for was primarily for securing communication right so if i send my credit card to amazon i want to make sure that nobody can steal my credit card on its way to amazon so traditionally cryptography sort of on the internet primarily focused on what we call confidentiality how do i send messages across the internet so no one can eavesdrop and no one can tamper with those messages so this raises cryptographic uh mechanisms this uses cryptographic mechanisms like encryption key exchange and things like that what we've seen with blockchains is that all of a sudden cryptography now has a new customer yeah these blockchains are basically a huge consumer of cryptographic technology which is why it's so much fun to work in the space but what's interesting is that blockchain cryptography is a little bit different from internet cryptography so on the blockchain as you know most data is just available in the clear right we're not encrypting anything when you write transactions to the ethereum blockchain the transactions are just written in the clear what we care about is not confidentiality but rather we care about integrity so really we look about blockchain cryptographic primitives by and large we look at things like signatures commitments zero knowledge proofs these are all integrity mechanisms to prove that the data is valid not so much about encrypting the data so it's been very interesting to see that sort of the cryptography that's used on blockchain is somewhat different from the cryptography that's used on the internet and as a result that led to a wealth of kind of new problems to work on and new things to think about but more generally i want to kind of mention that there's this whole area which we call the science of blockchains so science of blockchains is is i use that term to differentiate it from what traditionally is called blockchains which you kind of hear all the new all the noise about in the press the science of blockchains is sort of the technology that underlies uh all these blockchain systems and it's an incredible collection of fields um in particular there are lots of research questions that are being raised by the science of blockchains and economics and distributed systems of course and cryptography and programming languages verification and so on and so forth so it's a kind of a collection of super interesting areas and you know i have to say it's been a it's it's the fact that i don't think that there's ever been one area that kind of connects all the areas that are listed here into kind of one discipline and that's kind of what makes this kind of a fun area to work in i have to say that from my experiences the community is a very welcoming community if you have good ideas in any of these areas people are very eager and interested in collaborating with you and maybe even deploying what you are what you propose so it's kind of a very friendly community community and it's been kind of a lot of fun to work in the space so what i want to tell you a little bit about today is basically sort of um kind of where i see this piece going and we'll talk a little bit about our work before we do that i do want to mention that because of this kind of confluence of scientific areas at stanford we created this stanford center for blockchain research it's called cbr the center for blockchain research um there's a bunch of faculty involved in it as you can if you look at the list you can see they're from sort of all over the university um focused on sort of the uh again the underlying technology behind blockchains and again it's been a lot of fun to collaborate with with all these folks and um we run a lot of activities which are open to the public all of you are welcome to attend in particular at the end of august we're running we're running the fifth science of blockchain conference um this is a free open conference for anyone to attend if you go to the if you just search for the science of blockchain conference you'll find the website right away you can register and uh and and come if you'd like we also run seminars so you can join our mailing list to hear about seminars and you know again these are free and open to the public so we're very happy uh if you uh if you'd like to attend any of those i also wanted to mention very briefly that we run a bunch of uh classes technical classes on blockchains on campus uh so the classes are our kind of introductory introduction to blockchains uh which is called cs351 in fact that's a class that's starting in in a month and a half um i think this is the class that petra mentioned again this is uh televised you can take it remotely if you're interested in joining uh in the winter we teach our cryptography class and in the spring we teach a consensus a class specifically on on consensus maybe i wanted to just drill in for just a second and tell you about the the blockchain class um so by the end of this class kind of the goal is to teach the students how blockchains work if they need to they can kind of even build their own blockchain but primarily they should learn how to run how to write blockchain applications applications that are run on top of a blockchain i kind of listed the topics here i don't think i'm going to go through them very very carefully here you can see them on the website all the information is available on the course website um we spend there's quite a lot of interest in zero knowledge proofs and proof systems in general and their applications to blockchain so it can end the second half of the course we spend quite quite a lot of time on that um so if you're interested in learning about any of these topics and learning how to build your own blockchain applications you're very welcome to uh to take the classes available to be taken remotely as i said okay so with that let's let me switch gears and talk about sort of what i wanted to talk about which is i guess we'll start with a kind of an overview of what blockchains are i'm just i'm not sure what everybody's background is so i wanted to start uh from the beginning and kind of tell folks how i view blockchains and then we'll talk about some um some of our uh some of our recent work okay so what is a blockchain for what is it good for so the short answer that i usually give is that blockchains really are kind of a way for um for a large number of people to coordinate when there isn't a trusted party isn't a single trusted party that everybody trusts the corollary of this of course is if there is a single trusted party typically you actually don't need a blockchain yeah and so for example if everybody is happy to use i don't know google as a trusted party there's no need for a blockchain you can just use the google systems the google databases and store all your data there and everybody's happy if there's a government that everybody trusts then you could just use government services there's no need for a blockchain in those cases but if you're an environment where actually you don't want to be beholding to a single party that's kind of where blockchains might be useful and that's where they typically live now there are currently sort of four application areas that blockchains have been have been useful for yes these are four applications where they seem to be a good fit maybe in the future we'll see more but for now there are there are these particular four application areas so let's go through these uh slowly the first one i'm sure you're all familiar with is what's called defy decentralized finance this is basically this is the use of blockchains for uh the payment system yeah payment systems and all the financial uh assets that uh that go with that i think this is you guys are pretty fairly fairly familiar with what defy is i don't think i want to get into too much details here the second application area is what i call managing managing digital assets in general any digital asset be it art or sports cards or any sort of thing that you want uh any sort of digital asset that you want to maintain ownership of and you want to prove provenance and originality of you can kind of manage on a blockchain often this is these are called nfts and it turns out there's actually a good reason why you want to manage these things on a blockchain i'll talk about that a little bit later so nfds and more generally digital assets are kind of the second application area for blockchains the third application area is basically games and it's quite interesting that uh there's a large fraction of the gaming industry that's starting to use blockchains now in traditional games and again the idea is to sort of manage game assets on a blockchain so if you win a sword in a particular game that the fact that you own that sword is recorded on a blockchain and no one can take it away from you unless you give it away and the fourth application area is what i call decentralized organizations daos maybe the easiest way to explain what a dao is is just to think of the real world analog and the real world analog is basically sort of a partnership yeah so a bunch of people come together they want to take they want together to make decisions on how to manage assets how to manage uh funds and so on so they can form this dao and together vote and decide on what the dao does and there are many types of dows we'll talk about those in just a minute that was for investments for charity for collecting art and so on and so forth and one of the interesting questions is basically how does governance work that is how does the group that um the group of members of the dao how do they actually make collective decisions and there's a lot of active research going on here and again this is kind of one of the topics i wanted to talk about today in greater depth okay so those are kind of the four application areas you know maybe there will be more in the future you know so i kind of would challenge you to think about other application areas where um where the technology would would be a good fit and you know maybe maybe next year when we give this webinar the list will be will be longer but these are kind of the current four applications for application areas that that we currently see okay so let's go back to the beginning and just talk a little bit about what is the new capability that blockchain is enabled yeah what is it about it's not like what what why did it happen now why did it happen you know 20 years from now why didn't it happen 30 years ago and so on so it turns out of course as you know the first blockchain that came up came out is called the bitcoin blockchain in 2009 and what's interesting about about bitcoin is not the fact that it introduced the bitcoin currency that's sort of a derivative of what bitcoin did really kind of the new capability that bitcoin gave us is sort of something we didn't have before which is what i call in a public append only data structure right so it's a data structure where anyone can write to that data structure and anything that's written to that data structure will stay in that data structure and can never be removed at least in principle that's the idea behind what bitcoin bitcoin gave us okay so it's an append only data structure that anyone can write to and once you write something to it it'll never be removed how do we secure that data structure well how do you build such a thing well you build it basically by replicating the data structure across many many different machines and the minute you start replicating a data structure across many different machines you start to get problems of um of uh consistency how do we know maybe one machine has one version of the data structure and another machine has a different version of the data structure how do we know which one is the correct one and so that's exactly where the consensus problem comes from which is how do we replicate a data structure across the entire planet and make sure that all the replicas are actually in sync so security is done by replication and more importantly by incentives so everybody's incentivized to actually make sure that the data structure actually satisfies the property that it claims to satisfy once you have such a data structure you can actually use it to to uh build the currency right so if i have an append only data structure and let's say that i want to pay five dollars to petra i can record that transaction on the data structure and no one can remove the fact that the payment was made yeah once it's recorded it will stay there forever this is why sort of um a currency a cryptocurrency was a very natural application for this data structure but i do want you to think about the data structure as the primary thing that bitcoin gave us uh the currency is sort of uh is enabled by this by this uh data structure so that's bitcoin the next big big evolution in the space there have been many ideas in the space but the next big step in the space is the development of ethereum back in 2015 which introduced what we call the blockchain computer it's a fully programmable environment where you can run arbitrary applications i have to say that in our course we kind of go um and and talk quite a lot you know we do quite a lot of hands-on experiments with building programs that run on the blockchain on this blockchain computer um these programs are written in a language called solidity which i imagine many of you are familiar with it's kind of a fun program programming language to write in uh it's always interesting to uh to write applications in in this language what's interesting is it's quite difficult to make sure these applications are secure so i have a lot of stories i can tell there but maybe we'll move on for now and so uh yeah so ethereum introduced this idea of a blockchain computer so these are public programs anyone can inspect the code and they can manage digital and financial assets yeah that's what these kind of programs do one the other interesting aspect of ethereum is that they were very concerned with composability which means that that different programs running on the ethereum blockchain can actually call one another so if i develop something useful and somebody else wants to use it their program can just call my program so this was again a very important idea that came out in an ethereum so of course as you all know the story once the ethereum came out um after after that we saw the growth of of these four application areas basically d5 nfts gaming endows and uh there's been tremendous growth in the space and kind of that's kind of where we uh where we are now all right so this is kind of a quick overview of kind of the core ideas that enabled these blockchains and um there's this kind of statistic that this is graph that i want to share that i find this graph really interesting about where the development effort is being spent these days so this is a graph that's due to electric capital and what it does if you look at the x and y axis um so the x-axis basically measures the days the number of days since the project basically launched since the first commit um uh so yes so once since the project was born so you can see bitcoin is the oldest blockchain which is why it's furthest to the right to the right and the y-axis basically measures the number of developers who work on the project there's people who commit code relating to this project either building applications on top of it or contributing directly to the uh to the blockchain itself and it's really quite interesting if you look at the entire space there's roughly 20 000 developers worldwide that worked work in the space so 20 000 developers that's kind of a not a small number of developers um but you can see for example the number of developers for the work on bitcoin is somewhat stabilized the number of developers who work on ethereum continues to grow this is kind of where a lot of the development activity is taking place you can see so the sort of the up and coming blockchains there's polka dot over here cosmos over here um maybe someone over here uh you can kind of see um the the next level of um of blockchains as they grow and the numbers are kind of interesting right so if you look at ethereum there are roughly 4 000 developers right now building ethereum applications for polka dot there are 1500 developers and so on and so forth it's a very interesting graph to show that um the level of activity and the other interesting fact here is you can see that kind of during um you know during during what's often called winter periods you can see the number of developers is kind of this area of the graph here the number of developers stays roughly roughly the same and then during growth periods the number of developers kind of uh grows dramatically so it's very interesting how this kind of tracks the uh the ecosystem overall but anyhow it's of course useful to see where developers spend their time because probably that's um that's an indication of where uh where you know where all the activity is so i like this graph it's an interesting very informative graph okay so the next thing i want to do is just talk very briefly about how blockchains work and then and then i want to switch gears and talk about the particular topic that i'd like to talk about today so in my mind blockchain is sort of divided into four layers yeah at the bottom layer we have what we call the consensus layer that makes sure that all the replicas of the data structure they're all in sync with one another on top of the consensus layer often we have a scalability mechanisms as you know there's a big scalability issue with popular blockchains in particular in ethereum because it's so popular there are so many transactions being submitted to the ethereum blockchain that the price per transaction sometimes gets to be quite high and so there's a need for for scaling these layer one block chains so often there's a scalability mechanism that runs on top of the blockchain uh these are called layer two systems and you know roll ups are kind of the typical examples of that maybe if we have time we'll talk about how rollups work in a bit more detail towards the end of the talk um but that's basically the consensus layer to make sure all the replicas are in sync with one another and whatever is written to the to the data structure stays there and is never removed above the consensus layer we have the compute layer which is actually what we call the blockchain computer an example of that is the ethereum virtual machine the evm right this is this is the operating system on top of which all the applications run so on top of the blockchain computer we have applications that that developers build right so students in the class for example uh build a lot of um evm applications a lot of these decentralized applications dapps and they run on top of the evm computer that's provided by the ethereum compute layer and then on top of the applications we have the user interface layer which is basically the thing that allows end users to actually interact with applications that run on top of the computer okay so i kind of think of a blockchain as divided into these uh into these four layers um and so if you look at the picture in a slightly more detail you can see the blockchain computer basically manages a lot of unchained states yeah so there's a lot of storage this is actually the data structure where things run so the computer manages a lot of on-chain state these applications run on this computer and then when an end user wants to interact with an application typically they'll interact with a cloud service traditional cloud service hosted at amazon or or google the cloud service will have a copy of the state that's stored on the blockchain so the state is stored both on the blockchain and in the cloud although the authoritative authoritative source for the data is whatever is stored on the blockchain this is sort of the the copy that's stored in the cloud is more of a cache that's just used for accelerating operations and then end users will issue instructions uh and interact with the blockchain application through the uh through this uh through this interface now what's interesting is actually interacting with the with the blockchain turns out to be um somewhat complicated so there's entire companies uh like in for an alchemy that are devoted basically to making it easier to interact with uh with these applications so keep in mind if you're gonna build something most likely you won't be talking to an application on the blockchain yourself you'll probably be talking through an intermediary uh and those are those are available as well okay so that's kind of how these things work and i guess the last thing maybe the last general thing i'll say is this question of why do we even need to decentralize applications why do we want decentralization in the first place so it's kind of um really quite important to understand that the descent decentralization is not a goal on its own the centralization the centralization is sort of a means to an end goal and so what is the end goal well so you can think of the end goal is basically making it very easy for apple for people to deploy their own applications for example if you wanted to deploy an application on a bank system or an existing social network well if the bank has a competing service they might refuse to deploy your application on their infrastructure because they don't want you to compete with them in a blockchain environment actually there is no there is no such thing anyone can deploy anything they want and no one can prevent you from deploying your application on the on the blockchain uh if things were stored in a centralized system if things were stored in a centralized database you know basically the users are are stuck in some sense with whoever controls that database um you know in a in a decentralized environment uh you know the data is written replicated all over the world there's no one person that owns all this data so if for some reason you're using a service and you're not happy with the service that they give you you can just take your data and move and move elsewhere yeah so those are kind of the benefits that come from um from having this this this blockchain architecture and finally i guess i'll say that one is regional the other one tends to be global but i'll skip that i think the mo the most important thing is that anyone that no one can prevent you from deploying a service anyone can deploy whatever they want whatever program they want on these blockchain systems and then it's up to the public to decide whether they want to use what was deployed or or not all right so i'll leave it at that this is kind of what i wanted to say at a high level and now let's kind of dig a little deeper into uh how dials work and in particular i want to talk a little bit about what a private dao is so in the past couple in the past year or so we've been working on this concept of a private dao so um let me tell you a little bit about that so first of all let's start with what is a dao yeah so again so daos stand for decentralized organizations the idea is that a dao is literally just an application it's a decentralized application that's deployed on a chain at a specific address so it's really just a program it's not even a very big program it's like a typical dows or like a thousand thousand lines of code that are deployed on uh say the ethereum blockchain and then once the contract is deployed once the dao is deployed it's deployed at a specific address anyone in the world can actually send funds to the dial treasury and contribute to uh to the town become basically a member of the dao by doing that now once so as you can see kind of the dao builds a treasury the dow typically has a particular goal in mind we'll see that in just a minute and then once the dow is deployed anyone can deploy funds to the dow treasury and once they deploy once they become kind of members of the dow they can also submit proposals as to what to do with the dow treasury and more generally you can submit proposals on how to manage the dow how governance should work um as we said what to do with the treasury whether to accept particular members or not and so on and so forth so anyone can submit proposals the participants in the dow votes on these proposals and once the proposal is approved basically the proposal executes and again there are many are many uh infrastructures available out there for uh for managing proposals for managing these proposals snapshot is a very common one for managing votes and proposals off-chain so anyone can submit a proposal to snapshot then the members can vote and if the vote is approved then the proposal actually executes okay good all right so um so today basically if you look on snapshot you'll see there are thousands of those already deployed there's something like 6 500 already today possibly even more so it's actually uh quite a popular thing many dials have been uh have been uh come come into existence uh excuse me um and so let's see what they're for so one type of dao was what we call a collector dao yeah collector dao is one that collects various uh chair various arts maybe contributes to uh to fashion and other things so examples are pleaser dao flamingo doubt flamingo is a fashion dial for example they contribute to uh fashion artists um constitution dao is a nice example constitution dao is a dao that wanted to buy a physical copy of the constitution so they would collect that particular uh that particular uh physical piece um and you can see for example uh pleasure dao uh is is a dow that collects art you can go look at their gallery and see all the all the art pieces that they've already that have already bought yeah so again uh people join the dow they together decide what uh what art pieces they want to buy um they decide what to bid on those art pieces and once the decision is made they go ahead and execute and and by if they're successful in the auction they buy the uh the art piece so please without for example just to drill in for a second they have about a hundred members you can see these members manage the treasury of the dow it also has full-time employees yes so think about that you have a contract a program running on the blockchain that has a full-time employees so these employees salaries is paid by a program running on a blockchain which is kind of kind of interesting together they deliberate over telegram whether they want to acquire a particular piece what to what to bid for that piece and then once they reach a decision they go ahead and use the dow treasury to bid and to buy the piece so it's very interesting how this works it literally works like a partnership where they make decisions together and jointly uh use the dollar treasury so that's one example of a doubt another example of that was what's called a charity dao and uh one of my favorite charity dials is called git coin which actually supports the development of open source software so git coin has about 42 000 members they've raised you know without treasury is substantial and then these these members basically make proposals to uh decide which open source projects to support using the treasury that they raised so i wanted to give you one example here is proposal number 21. uh so here they look to spend whatever they look to spend a portion of on the treasury on some mmm that's a marketing uh campaign or so yeah and you can see you can actually track this proposal you can see exactly the rate at which which votes were collected so this is the voting pattern on this proposal the line indicates when enough votes were collected for the proposal to pass um and so you can see that as soon as the line was reached the proposal passed and could be executed but people kept on voting what's interesting is that in on for this particular proposal only eight percent of the dao members actually participated we'll talk more about that in just a second the participation rate is relatively low in this type of governance um and then the proposal got executed you can see exactly you know the ethereum block number where the funds were actually spent so you can kind of track exactly from the moment the proposal was issued to when it was voted on to to when it passed and to when it actually executed on chain and the funds were actually spent yeah all of this is completely completely visible so charity dials are another category of dallas but there are many others there are what are called protocol dials dows that are used to man to govern and manage protocols unispot for example has 20 29 000 members compound dao has 4 000 members and and so on and so forth so again they vote on how to manage these these systems there are social dials which i won't talk about here there are investment dows which also i won't talk about here so there are many many categories of these dows and there's actually actually quite a lot of infrastructure that has evolved around the management of these doubts so one question that's kind of interesting is how does governance actually work and that is you know who can vote how do you vote what the exact voting mechanism is how much does your vote count for there are lots of governance questions around this if you're interested in the governance questions on dao dals which is actually really quite a beautiful beautiful question there's a nice paper that just came out by by one of our cbr members andy hall in collaboration with porter smith for our andy hall is one of the members of our center so this andy hall is actually a political scientist who's very much interested in the man in the governance of dao's for political scientists dao's are like um an amazing uh playground because they get to use all their theories and see how governance how those theories affect governance on daos so they wrote this paper on basically how daoz can learn from what's been learned in the last ten thousand years of human human governance quite an interesting read so i highly recommend highly recommend reading this if you're interested in how governance works and generally what what dows are they basically provide a wonderful platform for experimenting with lots and lots of governance mechanisms so for political scientists this is like a uh okay so uh one thing that i wanted to mention is against the typical governance method what's called the one token one vote yeah so for every token that i own i get to count on votes this is very similar to how uh votes work in the stock market right if i own stocks in a company and the company runs a vote then the more stocks i have the more weight my vote carries yeah so basically members receive tokens and then they can vote using their tokens and you can see on proposal 21 that we just saw you can see how the different members voted here you can here you can look at this at this graph here and you can see here is someone some people have many tokens so their vote actually has carries a lot of weight other people have fewer tokens uh and so on these governance tokens are actually implemented using what's called open zeppelin's governor's contract again this is just relatively simple to learn the code you can just look it up and see exactly how the governance mechanism works here i pasted in the cast vote function so when you want to vote literally what happens is someone calls the cast vote functions on chain with the proposal id the voter uh you know whether the support or they not support the the uh the proposal and the reason for their decision um and so you can just look at the code and see exactly how it works and what it does it's fairly fairly simple code the problem though with these kind of governance mechanisms is this is what we call a direct democracy right everybody votes on every proposal and what we've learned is that the direct democracy even the greeks already knew this direct democracy doesn't scale very well to large populations so in fact if you look at the uh participation rate in different uh in different dials in a different votes you'll see that the participation rate is actually quite low so here we have a graph that we generated this is by the way based on joint work uh by myself and andy hall with uh two wonderful students who are collecting this data what this shows what this graph shows you is basically um a number of dowels out there kind of very very famous dials for example bitcoin compound and others and it shows you the average particip average voting rate for each proposal so you can see that for compound bitcoin you know pull together in a swap the participation rate is under five percent yeah so not too many people are voting on the different proposals for some reason nouns is able to do better you know participation rate is around 17 up but still you'd like it to be much much much higher than that and uh right now using the governance mechanism is being used the participation rate is simply not high enough so what do we do well these governor mechanisms actually support a delegation mechanism where you for example rather than voting yourself on every proposal you can delegate your coins to somebody else and they will vote on your behalf yeah so this is intended to increase participation support and in fact government contracts uh supports delegation so just as an example if we look at elements this is how the delegates in element are distributed and you can see there's one address here i actually don't know who this address belongs to but you can see there's one address here that um 300 other voters delegated their tokens to this address and so this address now can vote and has quite a lot of power when it's actually voting yep so you can see how delegation actually works it seems to be you know a good design we know representative democracy is kind of how things work and delegation is a step towards representative democracy but there could be many other governance mechanisms that um that are deployed and all of those are sort of being experimented on with uh in the context of doubts all right so what i wanted to do is uh tell you a little bit a little bit about some recent work that we did on this question of private dows in particular i'll talk about uh a private dow treasury so the story here this is kind of a fun story so the story begins with the constitution doubt so what is the constitution dao i hope many of you have heard of the constitution now it's kind of a remarkable story of what happened so basically in 2021 there was a copy of the physical copy of the constitution of the united states that was made available for for for sale yeah so there's i think there's a couple there's like 10 copies of the constitution available and one of them was put for auction um at sotheby's and anyone can bid so when that happened the constitution dial formed and it was quite remarkable within five days or so this dow basically was able to raise 46 million dollars to bid on the us constitution this money was raised from around 20 000 participants from all over the world yeah this again shows the power of dao's running on a blockchain that really you have you can reach anyone in the world people will contribute funds for a particular cause um you know i'm not exactly sure how you would get 20 000 participants to contribute funds without a blockchain black architecture and so this is kind of a good fit for this technology so this constitution that raised those funds and now it was ready to bid for uh for the constitution so they were actually able to make their bid it turned out that that they had to reserve some funds for managing the constitution itself if they won the uh the auction and so the highest bid they could bid if i remember correctly was around 42 million dollars right so they could only bid 42 million and the remaining 4.3 million uh were needed to manage the constitution if they won the bid well so it turns out that uh somebody else actually somebody else wanted the constitution more and they lost to another bidder who bid 43 million right so this was more than the constitution thou could bid and as a result they lost the bid they lost the auction and they did not win the uh the constitution uh you know the physical copy of the constitution so if you step back for a second and you ask yourself well what just happened here you realize that something actually went very wrong yeah the problem here is that everything about the constitution dao was managed on on a public blockchain as a result everybody knew exactly what their treasury was and everybody knew exactly what is the maximum bid that they could offer and as a result the bidder who wanted to outbid them knew exactly how much they should bid in order to outbid the constitution down yeah it's because because of the public nature of the blockchain that they could not participate in this in this auction in in a fair way in a way that would actually not reveal what their maximum possible bid was so as a result they lost they lost the auction so the question is basically how can a how can a public dow that runs on a blockchain how can it participate in an auction when everybody knows uh it's complete treasury everybody knows exactly how much what's the maximum amount that it can get so this is a very interesting question i'd say that in some sense you know the auction house you know should have anticipated this and maybe they should have changed the rules of the auction to be more friendly to uh to these public dows but you know we we i think we live and learn and hopefully this will not happen things we'll do will go better next time but nevertheless it raises this interesting question of can we build a dao that has a private treasury so the world that looks at the dao doesn't actually know how much uh funds it has so you wouldn't know what is the maximum bid that the tr that the dao can issue so this is what we worked on this is with one of my former students um yeah um uh the knife and so let me explain uh how this works so the idea is basically to have uh a single dial platform that's going to manage many many different dials yeah so for example there are such platforms juice box is an example of such a platform so many dials will actually run on the juicebot juicebox platform it's a single ethereum contract that manages a large number of dowels now when someone wants to contribute actually when someone wants to create a dao we'll call that the dao manager they create the dao and all they do is they basically publish a public key some some you know short key which we'll call a public key they publish that on the dao's website and they tell people whenever you contribute to my dow just use this public key now when a contributor wants to send funds to the dow what they'll do is they'll send funds to the contract the contract manages many many different dials and they'll use a blinded version of the dow public key so that when you look at the actual transaction you have no idea which dow on the contract is the one that's receiving the funds you'll know that some dow on the contract receives the funds but you wouldn't know which one okay and so every contributes contributes their funds to the dao in this blinded way so nobody really knows which dow has what treasury so an observer will see the total funds that are available on the nadao platform but they wouldn't know how much what how much treasury each individual dow had so the hope is that this would make it so that it's not possible to tell for example how much funds the constitution now has and as a result someone who wants to outbid them would not know how much to bid to outbid the constitution down okay so that's the idea and then later on when the dow manager actually wants to withdraw their funds and participate in the auction they can use their secret key to withdraw those funds and they can only withdraw funds that were submitted to uh to the particular dial that they manage okay so that's kind of the idea for how the system works so the contributions are blinded and even though they're blinded so the public doesn't know where they went but even though they're blinded the dow manager can later withdraw the funds that were sent to that dao and cannot draw funds that were sent to any other guy if you're interested in the details of how this work we at works we actually have a blog post that we wrote about this it's kind of a fun design kind of a nice cryptographic trick to make this this all work so i would encourage you to kind of maybe look at the details of the system okay so this is kind of uh how we build a dial with the private treasury but it turns out there are many other privacy questions around dowse for example maybe people want to participate in a dow but they don't want to reveal that they're part of the doubt right so how do we build the dao where the participants participant list is private maybe even the number of participants in the dao is private today all that information is public it's available on the blockchain so how do we build a dao with private participation obviously how do we build a dial with private voting so the voters don't have to reveal how they voted on each proposal today all those votes are um are public and finally we also talked about delegations where people can delegate their voting tokens to other people to vote so can we do a private delegation where i can delegate my tokens but nobody will know who i delegated my tokens to yeah so there are lots and lots of fascinating privacy questions around these dows uh lots more research to do and of course all of that has to be done while complying with all the relevant local laws yeah so generally privacy with compliance uh is is quite interesting from a cryptographic point of view often that's done using what are called zero knowledge proof systems um and that's why again that's why this area is so much interesting this is so interesting because there are so many beautiful questions to work on and so many different things to design yeah so i should mention that some of these questions are going to be answered generically by general privacy platforms like aztec and aleo and others and so while we can build custom protocols for these to answer these questions there are also generic solutions being developed to answer these questions and so in the future we will likely see many more private dials that are run out there than we do uh than we do today okay so that's all i wanted to say about daos i was going to talk a little bit about scaling the blockchain but actually and talk about roll-ups but i see that i'm actually running out of time so why don't i just jump to my conclusions conclusion slide and uh just tell you kind of my concluding thoughts and then i'd love to open it to questions and to kind of hear hear your thoughts so as i mentioned i kind of talked about the science of blockchain here blockchains basically which is kind of the underlying technology that makes blockchain work the science of blockchain brings together very different areas of research rights cryptography distributed systems economics programming languages verification and so on so these are very distinguished very different uh areas of research that all come together to make these blockchains work so it's really quite amazing that all these are needed together to make these systems work um as you can see the air this this this design the science of blockchain area generates new problems in all these areas so there's a lot of room for more ideas and as i mentioned in the beginning the community is very open to new ideas in his face so everybody's welcome to participate um so hopefully you you can think about these questions too and if you have ideas uh you know we would love to hear about them in addition the other thing that's changing is there's a lot there's a lot of improvements to the blockchain infrastructure that's coming actually not only coming that is actually becoming available so for example nowadays it's a lot easier to do to interoperate between blockchains yes if you want to send funds or assets from one blockchain to another this is becoming a lot easier if you want to solve what's called the data availability problem that is store data in a way that you it's guaranteed to be available later on there is general infrastructure now available for uh doing data availability so so the problems that in the past every project has to saul had to solve for themselves there is now general infrastructure that makes that much easier to do and as a result is becoming much easier to develop uh better and safer blockchain applications yeah so that's that's another uh big changes big change that's happening in the space in the the development effort is becoming a lot simpler thanks to all this new infrastructure so despite all of these developments there are lots of open problems left to think about there are lots of challenges in particular i'm sure you you hear a lot about all the thefts that are happening in the blockchain space where uh there are just economic losses where uh projects due to bugs due to social engineering they just lose funds and so there's a lot of interesting questions around how uh to make that better there are still questions around scaling the blockchain that uh that remain and so there's still many many challenges uh to work on by far this area is um still quite young and there's a lot of opportunities uh to make to make an impact okay so i think i'll stop here and as i said i'm very very happy to take any questions i hope you enjoyed the talk and i look forward to seeing you in a in a future talk so thank you all thank you very much everyone thank you so much dan thank you it's a fascinating area of you know studies and everything that is happening in the area so thank you so much there were so many questions coming in uh if you have some more questions you should go and submit them in a q a box so for you dan there are few clarification questions about the dow treasury and one of them was on the user end so like since the contributors are blinded like how you as a submitter can guarantee that your funds actually go to a specific dell that's one question and the other one is on the other side like how do you actually specify which private dollar receives the donation then like how do you oh yeah great excellent these are these are terrific questions um so let me jump to that uh to that slide so yeah yeah so these are terrific terrific questions um right so what happens is basically the dao manager is going to publish this public key on a website so say i create the constitution dao what i'll do is on the constitution dials website i'll say this is the public key that you should use to send funds to the constitution dialogue yep and then anyone can download this public key and when they want to send the funds they'll basically as i said they'll use the public key to to create some some sort of a blinded version of the key and then that will be used to push the funds onto the uh dial platform yeah and once the funds are available on the dell platform no people will know that those funds were contributed to the platform but they wouldn't know which dow on the platform received those funds now the dow manager has a secret key yeah that's the whole point there's a secret key that only the dow manager knows and that secret key allows the down manager to come to prove to the contract that these funds belong to this dao and therefore the contract is authorized to use to release those found funds to the down manager so you can sort of um so the down manager can actually use a secret key to just look at all the incoming transactions and see which ones are for the dao for its own dao and which ones aren't so dumb manager will very easily tell you know what the current balance of the dao is just by summing up all the transactions that came in and then once it knows the total sum it can ask the contract to release those funds to it using its secret key but what's interesting is without the secret key everything looks just like noise without the secret key you can't tell which funds went where and as a result this basically uh gives you the privacy the private treasury that you'd like to uh that you'd like to run and again i didn't want to go into too many technical details here but if you want to see the technicalities of how this works you know please check out this uh this post where we explain kind of the the cryptographic mechanism that's used for this this is based on diffie-hellman tuples and what's called the diffie-hellman random self-reduction so it's actually very i think it's a very cute cryptographic mechanism that makes this all possible so yeah thanks for asking the questions a great question great thank you so much and there was a very positive comment about your answer uh what do you think are the main barriers for the deployment of dao and maybe if you think about emerging markets and you know some other areas outside of the us like what do you think about that about the deployment outside well it's actually quite easy to deploy dows there are there's infrastructure actually that will make it possible for you to deploy a dial quite uh quite easily yeah so depending on the dao you want to deploy um you can find the right infrastructure uh and use that infrastructure to deploy the dao for example if you want to deploy an investment dial there are companies out there that will make it easy for you to create the dial manage the investments manage the treasury and so on manage the votes and so on uh so it's actually not difficult at all to deploy it out this is why there's over six thousand six thousand of them already deployed now one of the issues is again how do you run the governance yeah so how do you decide who can vote what can what can they vote on and so on and so forth so that's very important to sort of specify at the beginning when the dao is created you want to specify exactly what is the power that the dow members the dow members have so that's that's also something that needs to be done and then after you create your dao the kind of the the the interesting part is actually attracting members right how do you get people to know that your dab exists how do you get people who believe in the mission of your dao to actually become members of your dao and so that's more of traditional marketing um and so you know you would have to do some marketing work in order to make that happen um and that's actually i have to say that that one of the hardest parts is basically making sure the people who are interested in the goal of your dao become familiar with your doubt and then finally once people don't join your your dao now you have a bunch of participants in your dao you have to manage those participants you know participants often have a lot of um requests they might not agree with everything that you do and so there's a there's a this is actually called the participant management uh question and so there are um typically often daos will hire people to do participant management and they will coordinate um coordinate among the participants and kind of uh resolve disputes and so on so all yeah all that requires people and a lot of these daos actually literally have employees working for them and again it's one i mentioned this in the talk but it's one of these fascinating things where you have a program that's running on a blockchain that program hires people and then it pays them a salary um to do to do their job yeah and uh of course you know if they if if something something goes wrong and they don't do their job properly then the dow can vote to maybe replace them by somebody else and so on and so uh yeah so there's a lot of uh work that happens behind the theme to make the actual dial function seamlessly it's quite a lot of work if you're interested in looking at um specifics of dials one of the one of sort of the one of the large dials out there that's actually run quite well is called the maker dial and you can actually look at look at the decisions they run through you can look at the mechanics of how the dial actually runs everything is public and so that's just an example of one dao that you can learn from to see how that actually works in the real world it's yeah it's quite quite fascinating to see how this actually operates yeah thank you so much thank you so much and you covered uh you know the private dow treasury and now there are some questions about the privacy on blockchain isn't it against the actual basic idea of the blockchain and maybe if you look outside of dell like you know like why would companies like be actually interested in privacy and how they can actually achieve that oh yeah so that's a very good question too so so really in some sense the fact that everything on the blockchain today is public you know it has some benefits because we have transparency we can see exactly what's happening uh and we can see how the system kind of evolves and operates so that's kind of a on the plus side on the minus side you know complete transparency also means that it can't be used for a lot of for a lot of applications um just to give two examples you know if companies you know if companies want to use um cryptocurrencies to manage their supply chain right so maybe you know maybe i'm building a car like say ford is building a car and ford wants to pay its supplier supplier for tires if they did that on a blockchain basically everything would be public so everybody would know exactly how much ford is paying for tires for their cars which is typically something that companies want to uh want to hide right so if you're so if you're trying to use this technology for managing supply chains you know your entire supply chain will be public to the whole world everybody would see exactly how much you're paying for your parts who your suppliers are and so on this is typically things that companies don't companies don't want to reveal to the whole world and as a result they simply can't use public blockchains for this for this purpose today similarly you know another another problem is you know if companies wanted to pay their employees salaries in crypto today that's quite difficult because it would mean that everybody's salaries is open and public for the whole world to see and again often people would prefer their salaries not to be public and so there is definitely a need for privacy uh in in the blockchain ecosystem i think i mentioned that there are a couple of companies going after the public the privacy aspect of um of blockchains and so companies like aztec aleo that i mentioned down here they're building s
2022-08-07 12:47
