 So each time someone mentions blockchain, they usually think about cryptocurrencies. And the problem is that there is many more to blockchain than just cryptocurrencies because they are very popular use case, but not all of the use cases that blockchain is applicable to. So blockchain as a technology is a solution that stems from a few innovations, from really, really old innovations from spaces like mathematics, cryptography, software design, software engineering. And just like any other data structure, any other design pattern that we use, blockchain may or may not be useful in basically in our use case. So in this talk, I'd like to demystify the word blockchain, tell you what it technically is, how can it be used, for what can it be used, and what technical considerations do you need to make to actually make that happen and make that happen and not hurt yourself in the process. My name is Tomasz Kowalczyk. I came here from Warsaw in Poland, quite a lovely flight here. I really enjoyed it here in the UK, I hope that you will enjoy it as much as I do. So I'm interested in all kinds of complex technical topics, so blockchain nicely fits in because it is a complex technical topic. Right now I'm working as a software architect in a Polish company called GOG, or GOG. I don't know if you are aware of existence of GOG, but you are probably aware of the existence of a company called CDProject, which is famous for games called The Witcher, Gwent, and Upcoming Cyberpunk. So GOG is, let's say, a sister company that handles many interesting technical challenges behind what CDProject does, apart from doing our own DRM-free game shop. So if you didn't know about GOG and you like to play games, please check us out, because there are really many interesting games that are DRM-free, so if you buy it, you own it. So back to blockchain. Because blockchain is so misunderstood, before we delve into the technical details, I'd like to first define some terms. So what are we talking about at all? Because each time I talk to someone about blockchain, basically each time that person will use the same terms, but we mean different things. So for me, the blockchain is first and foremost the database. Because when you use the blockchain for, and you imagine that it is, for example, used for cryptocurrency, you imagine all of those processes, like sending tokens, receiving money, like creating addresses, and so on. But the blockchain basically is a database. When you think about the database, you're probably having in your mind something like relational database such as MySQL, Postgres, or some other kind. Maybe you have in your mind a NoSQL one, a document store, a key value store, whatever else. But blockchain is also a database with a different structure. Because the blockchain, as the name implies, is just a chain of blocks. And this is really the only structural constraint that you have. So if you have a structure that resembles a linear list of pieces of information, you may have a blockchain with one caveat. You need to have those blocks to reference one another. So every new block references the previous one. If you have the kind of structure like this, you basically have the blockchain, even though you may not even be aware of it. So things get interesting when you think of the data that is inside. Because each time you, for example, think about relational databases, you probably think about schemas, tables, columns, rows, and so on. Because in those kinds of databases, those things are soft problems. Because if you want to use SQL database, you need to create a table, you need to insert some rows, have some columns, and so on. But with blockchain, it's kind of different. Because there isn't something like general purpose blockchain, and by general purpose, I mean something like you install it once, and you use it for all your use cases without putting any more effort. So blocks are basically data structures in themselves, and you design them for your own use case. So each time whatever industry you come from, whether you're coming from, let's say, movie industry, logistics, e-commerce, whatever else, the blockchains for different purposes will look vastly different. And this is a very important thing to remember, that blockchain for different purpose will look completely different. If you want to store images there, if you want to store transactions, if you want to store orders of your e-commerce shop, your blockchain will be optimized for different things. So there isn't something like one reference blockchain implementation that you can use for all kinds of purposes, just like with MySQL or MongoDB. Of course, cryptocurrencies are the most popular use case. But what we're here to talk about is the so-called general purpose blockchain, and by general purpose, I don't mean, as I said, the solution that solves all your problems without any effort, but how to think about blockchain to design it to reap all the benefits without hurting yourself in the process. So now that we have covered the basic definitions, let's talk about why would you use blockchain in the first place. So what things do you need to sort out before you even think about designing it or implementing it? So what properties are we talking about? And what do they give us? So first principle that you need to be aware of is the immutability. So data inside the blocks must be immutable. If you aren't able to provide the immutability property of your data inside blocks, you won't get any benefits of any other properties that blockchain have. So the data inside blocks is immutable. But I've already told you that blockchain is a database. So what is the point of having a database in which you can't change the data? And if you ask me the question, how do you change the data inside blockchain? The answer is, of course, you don't, but you append it. So if you have a piece of information and you want to in some way alter it, you add a new block with the information what to do with that, what to do with it. So let's say a very simple example that you use blockchain to store information about your accounts. So if someone set up an account, of course, in one of the blocks, there will be information that one of you set up the information with some ID or some email, whatever information else you may require. And if you want to change it, you need to, in the following block, whichever one, you need to say that information that was at some previous block now gets amended to a new state. So each time the application that operates on the blockchain processes those blocks, it sees, okay, I have this piece of information and now the block instructs me to change it to some other state. And this way, you achieve the next property, which you basically get for free, traceability, because if you have in all your blocks, you have information where the information originated, where it was changed to what state it is required to be changed, you get traceability basically for free. So each time, for example, I don't know how many of you have ever worked on audit systems like logging systems where all changes in the system needs to be reported in some way. In blockchain, you get traceability and in that, in turn, all kinds of audit systems basically for free, just because how the information is stored there. Another thing is that you now have the blockchain in which you store information and you change it by appending the blocks, but it's not all. Along with the data, you also store the information how to verify it, how to basically confirm that the data is authentic, came from the right source, from the right origin, and that it is basically factually correct. So you store the information with which you are able to verify that it is actually correct, because basically all of the information that you have in the blockchain must be, the only information that you have to restore the complete state must be stored in blockchain because you don't use any external state, you don't consult any external actors, companies, or whatever else to restore information. So if you store along with the data the information to verify it, you get another benefit of this data being tamper proof, just because you have stored along all those technical mechanisms to verify that the data is correct. And all those properties working together are working towards the most important thing is that the data is integral. The data integrity is the core principle behind blockchain. So blockchain systems aren't designed to provide scalability, aren't designed to provide performance or something else. You need to design your system so that it provides enough of that for your system to be viable, but blockchain first and foremost is designed to provide data integrity. So you can't basically compromise on this property, you can compromise on everything else but not on the data integrity. And since all of the data that is required to reproduce the state of the system is inside blockchain, you get another property of reproducibility because all of the information is already inside and if you have anything external to the blockchain that may change and may alter the way the information will be restored to form the complete state of your system, the blockchain may not be a good way to store your data because the blockchain requires you to store all of the information inside, to basically be the only single point of truth and you do everything else to be that way. Which of course makes blockchain an excellent solution for building a decentralized application. So the applications in which you don't, you are not some, you don't have an essential point, you don't have an essential governance on how the network operates, but you and your computer, even if you're an author of this software, basically you are only one of the nodes in the network, you aren't special in any way, even though it's your software. So this brings us to the biggest benefit that actually cryptocurrencies are heavily leveraging for them to exist. Blockchain effectively removes trust from the system just because the software that the blockchain is operated by and the data that is stored inside is only required to recompute the whole state and all rules of the network are encoded in the software that operates on it. You effectively remove trust from the system in all kinds of systems that we have in our society. We rely either on government, on some company, or some CEO, or some authority that may change their mind. Of course, sometimes it's a benefit, but in the system based on blockchain, we want to have the trust removed from humans. We want the trust removed from any kind of organization, any kind of place that may change their mind, but we want to have it in the code. We want to have it in a way that is easily auditable by virtually everyone else and isn't amendable without making explicit changes to whatever happens to the information inside. And this brings us also to the transparency because if you have all those traits, like transparency is again something that you get for free. This doesn't mean that the data that you store in your blockchain must be plain text, must be readable by anyone, but even if you are in some way encrypting it or hiding it, you need to take it into account. You need to take it into account that someone else on their own computer must be able to recompute the state, even though he or she may not have access on this information. So now that we have covered all the properties and other kind of things in which blockchain is good for, let's now talk about when would you use blockchain or what do people use blockchain for. And the problem is that they use it for virtually everything. So close your eyes, imagine a problem that you would like to be solved. Sometimes someone is probably already working on that or already did that because as we see here, I won't go into the details of each of those, but for example, voting, medical records, messaging, property registry, crowdfunding, digital wallets, finances, even visual countries which store their loss in blockchain. I don't say, I wouldn't want you to think that all of those are legit use cases for blockchain, but people are using blockchain to do that and really I could really go on and on and on about all the ideas that people have and really smart contracts, loyalty programs, internal currencies, anti-counterfeiting mechanisms. Like there are really a lot, a lot of them and we will only see only the history and the future will show us which of them will actually prevail because there are really hundreds of projects that are out there in the world and I have no idea which one will survive, which one which will just die. So of course, I can't forget about cryptocurrencies and here is a very fun website to observe the cryptocurrencies, how do they compare with others and what their rights are? So this is a website called Coin 360 and as you see here, each of the rectangles here represents a single cryptocurrency that is actually traded. So it is on some exchange, people trade those tokens. So you see that if there are so many actually even traded, there are like order of magnitude more of cryptocurrencies that are being built, being implemented, being worked on. So people do many things apart from the cryptocurrencies but cryptocurrencies still make the most important use case of blockchain. So now that we have leveled our knowledge, talked about the properties and talked about when people use it, let's talk right now about how do you actually do that? So what technical considerations do you need to have in your mind to think about implementing blockchain based solution? So the first thing that I would consider important when I was building blockchain based solution is to think about what kind of network do you want to have? Because either way, you will have some kind of network and of course, the public blockchain is the most popular one because all cryptocurrencies are effectively the public blockchains. Public blockchain means exactly what it is. Everyone can download the software. Everyone can download the blocks. Everyone can inspect it, try to break it. Everyone can do whatever they want because that's just their data on their hard disk, yeah? So you need the highest level of security. You need to take the highest level of security considerations into your system because if there is an incentive of breaking your system, you can be sure that someone will at least attempt to do it. So public blockchains basically mean that whatever code it will, someone will try to break it. So you need to really think through whatever you're doing. On the other hand, we have private blockchains, which is the exact opposite. So if you have the blockchain for yourself, on your own computer, or let's say for your own company, that may be shared on some employees' computers, but still, there is a single entity which makes rules, can make amends to the code and distribute it without consulting with some other entities, companies and so on. Basically it means that you have private blockchains, so you can even have plain text text files because there is really as much or as little security as you want. You can basically do whatever you want because, hey, you control it. Things get interesting when you consider that there is a middle ground between them and that middle ground is the shared blockchain, which in which you want to talk with some other entities which you may not control, but still they want to do business with you. Say that for example, you are an e-commerce store and you want to use blockchain to control your interactions with other e-commerce store that sign an additional agreement about how you do that. You can build a blockchain to, for example, track the information that you exchange and have the rules in place in the code that will decide what kind of information you will have access to, what kind of access you won't have to and basically what are the rules for that interaction. Still, I'm not saying that for all kinds of interactions it might make sense, but shared blockchain could be used between companies, for example, for things like, from my experience, the shared ledger. If you have the financial company that operates on some kind of money, you may use blockchain to store the data in an immutable ledger and then each time some regulation agency or some other inspection comes in, you can show them a case. So, see, I have this system which is guaranteed to have immutable data which is guaranteed that for, I have the unchangeable history for last couple of months or years and you can basically take the data and have a guarantee that I didn't tamper with it in any way because you've got the whole history of whatever happened here. It must check out because otherwise, you can prove that we did something wrong or we did something illegal. So, if you consider the types of network that you want to achieve ultimately, the next thing are actually technical. So, you need a way to provide the technical guarantees behind the claims that you want to have. So, of course, you're going to use cryptography and cryptography is used as cryptography, I mean, by cryptography, I mean the asymmetrical cryptography. You have the public and private keys. So, you will use those keys to sign the information so that you will be able to provide the property of verifiability so that everyone can verify that the information actually originated from you and to do that, you will use the most popular cryptography, cryptosystem right now, which is an elliptic curve cryptography, which has a very nice property of providing at the same level of guarantee as a widely known RSA cryptosystem but with way shorter keys. So, if I remember correctly, I've read somewhere that the RSA cryptosystem and the key that has 3000 bits long provides the same level of security as just 223 bits of ECC key. So, you get way shorter keys and the same level of security, which gives you an opportunity to use those keys for some other things. But before we delve into those details, the problem in elliptic curve cryptography is actually choosing a curve and there are many of them so you can either select the same one which is used by some other cryptocurrency because since they are public blockchains, it means that they have already considered the pros and cons so you can basically copy them in that matter because it's just selecting the same curve that you will operate on but there are really many, many of them and this listing provides the list of curves supported by OpenSSL so not all of them are good to be used but as you see, there are really many, many, many of them and really there are many, many more but at least those are included in OpenSSL. So you may use the same ones that are used by cryptocurrencies because hey, they are secure so you also should be but the advice here is that if you're building a blockchain-based system, please have someone who understands it, who understands security, who understands cryptography because it's your first and last line of defense whether you're building, whenever you're building blockchain-based system and since you have those addresses, since you have those keys, you probably will need to have some concept of addressing some entities in your system, in a network in case of cryptocurrencies, for example, you need to have some notion of identifier of some other address, person or whatever else because if you want to send free Bitcoins, if I wanted to send free Bitcoins, which I don't have, of course, to you, I would need to have some kind of identifier and that identifier is precisely generated from the public key of that recipient so if I wanted to send to you my free Bitcoins which doesn't exist, I would need to have your address so that the Bitcoin crypto system understands that some key must match the address that you have there and here is the algorithm of Bitcoin address generation. We won't go into the details but see that we generate the keeper, the public and private key, the ECDSA key, we then apply some really basic cryptographical operations to it like every kind of programming language provides, SH-8256, RIPM-160, basically, you get all of that in OpenSSL, for example, so you can use it in PHP, in all kinds of other languages to do that and what you get is the value that is way shorter and can be easily either written on paper, sent somewhere or even if you'd like to do that, memorized in your brain. So here is an example of keys that I've generated on my computer, like there aren't any money so you can copy that code, like I didn't store anything there. Here is an example of private key which is kinda long, here is a public key which is way longer as you see and by applying this algorithm to this value, you see we have this address. So this address is quite easy to copy, paste somewhere, to give someone or even write on a piece of paper and store somewhere. So now that we have covered the asymmetrical cryptography, we also need another cryptographical operations for providing the data being tamper proof so that the data is actually integral and no one has altered it in any way and for this, we will use hash algorithms because we will store the hashes of the data that we are storing in the blockchain along with the data and in the case of Bitcoin, they are using double SHA256 on the header of the block and since that doesn't say anything, I'll go into the details. So Bitcoin block header consists of several fields. First you get four bytes for the block version, then you get 32 bytes for the previous block hash so this is precisely a place in which Bitcoin blockchain becomes a blockchain because every next block contains a hash of the previous one right here and here the next part is the 32 bytes for the Merkle root hash which is basically a hash of the contents of that block. Then we have timestamp difficulty bits which we'll get into in a few minutes and nonce which we'll also get into in a few minutes. So here is an example of the first block of Bitcoin blockchain. So here you see, here is a hash of that first block. The version is one. The previous are only zeros because it's a first block. The root is some hash of the data. There is some timestamp, difficulty is one and nonce is some random value. Here you have the block nearly 500,000 which was generated two years ago. The version is still one. The previous hash is non-zero right now. The root is also a different hash. Timestamp is a current time sub according to this date. Then you have difficulty which went through the roof and here we have a nonce which is also a random value. So Bitcoin blockchain hashes that information to provide you with both the integrity of the data and the hash that you will use in the new blocks. And I've mentioned already a few things that burst an explanation. So the first one is Merklely which is just a fancy name for binary hash tree which is named after Ralph Merkle who basically came up with this idea. Why isn't it important? Each time your application processes the data from the blocks, you need to have some efficient way of telling whether this block contains something that is in my interest. So say that you have your Bitcoin address and you want your software to search for data related to your address. The Bitcoin blockchain contains thousands, millions of various transactions. You don't care about those transactions. You ultimately care about transactions that affect your own account. So you want to have the information whether you got some Bitcoins or you spent some Bitcoins or in case of general purpose blockchain, you care, for example, as we've shared one, you care whether there is some data related to your company or there is some data that you should send from your company. You don't care about anything else because you recompute the state that is relevant to you. So Merkle tree is, which I mean the binary hash tree is a structure with which you can quickly tell whether the block contains something that is in your interest. So the very important property is that when you know the so-called Merkle path, which is just a complete list of hashes of the data up to the element stored in the block, you can quickly tell whether you need to completely read and verify and process all the information and you can just extract some part of it and apply it to the state of your application. So here, this solution basically is for speeding up operations to telling immediately whether this block is of any interest to you or not. Another thing that I already mentioned is that the first block of the Bitcoin blockchain referred to only zeros as the previous block ID. And here I need to introduce the concept of Genesis block, which as the name implies is the first block in the blockchain. And it is special not only because it is first, but if you didn't secure this part of your system, you could be vulnerable to an attack which will consist of generally blocks before the first block in your system. So you, for example, have your system and you introduce information and then someone generates the block before yours and you have no idea how to stop that process because someone is exploiting your system, yeah? So the Genesis block is a block that is not only the first, but it is also hard coded inside the source code of the application that operates in a blockchain and that's precisely to prevent that kind of problem because the application, freshly installed application, will start processing the blocks exactly from the first one that is encoded. This is hard coded in your application source code. So there is no other way of overwriting it and all other properties, all other cryptographic systems and hash algorithms and so on, will work towards having you be secure in that matter. It also can be used to provide some statement about why your system exists at all. So you see, you know that the Bitcoin was built because Satoshi Nakamoto wanted to basically provide an alternate system in which people have the power just like any other financial institution, yeah? More or less. So the Genesis block of Bitcoin contains exactly this. This is the header from the times from third January, 2009, which contains the header of that newspaper, chancellor on bring of second bailout for banks and you can find it exactly at this address when you head to the blockchain.info and I dug out the actual times from the third January of 2009 and you see that it is exactly that issue. You can get it out from five pounds but what's the most more important is what is at the bottom, chancellor on bring of the second bailout for banks. So you see that Genesis block was not used, wasn't used only to provide the technical details like issuing some Bitcoins or providing some transactions and so on but it was also used to provide a political message behind the whole system. So I don't encourage you to start your blockchains with political statement but still it is something that was done and can be done in this matter. Another thing that is very important is that you will have conflicts in your network because once you give away the power of deciding what should go inside the blockchain you will have problems with other people generating other data and wanting to include it in your chain. So you will have to effectively form some form of consensus resolving and imagine that you, for example, want to have this kind of situation. So you have the first block which is block number zero and then you have two blocks, one and two. What happens next? Two blocks gets generated independently, 3.1 and 3.2. So the problem is that let's say the half of the network received the first one and the other half received the second one and to make matters worse you see that the same two blocks were also generated again so we have the block 3.1 is basis for 4.1 and the 3.2 is basis for 4.2. Right now we have a standard split-brain situation like we believe in two alternate futures so it is a problem because we can't have that. So you need to have an algorithm that will resolve that kind of problems and in case of Bitcoin because as I said this talk isn't about cryptocurrency but it is heavily illustrated using cryptocurrency examples. The simplest algorithm that resolves the problem the longest chain always wins. So let's say that for example another block is based on one of them and it is distributed all of the network, all of the nodes in your network. What happens? All the half of the network that had the 3.2 and 4.2 blocks in their chains gets retroactively discarded back to the state based on block number two and block 3.1, 4.1 and 5.1 is now the only future that exists. So in this back to the future movie we just got killed so this doesn't exist anymore. So you would say that at this point of course the longest chain wins so you can also generate as many blocks so that your channel will always win. Let's say that you have more computers than me I create a crypto system I create a blockchain system that employs this algorithm and then you just flood my network with the number of blocks that I'm unable to cope with and since I don't have any control of the network apart from the source code of the application I don't have any way to prevent you from generating those blocks and that's precisely why consensus algorithm needs to be paired with some kind of proof algorithm and here we have some examples and Bitcoin for example uses proof of work what does it mean? It means that for all the blocks that are generated in our systems the hash of the block needs to meet certain properties in case of Bitcoin it is a certain amount of zeros at the beginning of the hash so since hashes are pretty random you need to spend a great deal of computing power to generate the hash with enough zeros on it and this is precisely what the difficulty property in that block header meant it is basically a number of zeros that needs to be at the beginning because otherwise all of the other nodes will reject your block as invalid it will provide less number of zeros that is required there are also other algorithms for example proof of stake in which you need to stake some of the value from your network in case of cryptocurrency this is of course a number of tokens because you confirm that this block is correct and if it's not you will get your value lost because effectively this block won't get created it will get rejected so this is two major one I mean there are mostly most of the projects that you will hear about are using either proof of work or proof of stake claiming that we are being eco-friendly because we don't burn CPUs yeah proof of stake is still debated whether it is completely fail safe but still there are two main ones but there are also many other ones such as for example proof of burn in which you need to intentionally burn some value sending this sending it to some non-existent address and proving that by including such transaction in your block there is also proof of elapsed time proof of allocated volume basically you can come up with all kinds of proof algorithms that will make your consensus algorithm work properly without giving an attacker a possibility of flooding your network with blocks created just to take over whatever you wanted to achieve so those are the things that you need to be aware of whenever you will try to create a blockchain based system because those are the building blocks I didn't tell you which to choose because that will ultimately depend on what you're trying to achieve and if you're going to build something with blockchain I will be happy to consult the actual ideas that you may have but there isn't any advice that I can tell you like use exactly this because there isn't such advice that's why I'm showing you the building blocks I'm showing you the ideas that you need to be aware of not the actual answers because there are no answers without knowing what you're trying to achieve but right now I want to also cover some topics which you may have heard about but they weren't really explained and they are especially very popular in the cryptocurrency systems so first of all the data that you have in the blockchain doesn't need to be static I mean ultimately it will be static because after all they are also only files on disk and as we know files on disk are usually static but smart contracts are a topic are a term for programs stored on the blockchain so some crypto systems are so sophisticated that they can not only store some static data such as transactions or some other information but they can also run programs that will be stored along with the data so say that for example you wanted to provide a loan system you can write a smart contract that someone can call to receive a loan if they provide enough information that can be verified by a smart contract and then that money, the tokens can be basically issued each month in a specific amount just by running the program which will be handled by the crypto system themselves so you just need to write a program and if someone calls it everything else is totally automated so the tokens will be automatically sent everything will be confirmed transactions will be written you will need to do nothing else like even if you are not interested in writing blockchain based system please do explore smart contracts and especially the Ethereum crypto system and their solidity language because there are really many interesting ideas behind from the purely technical standpoint that I think most software engineers will be interested in another thing is that as I told you blockchain based system are designed to provide data integrity first and foremost so all of the other things such as especially performance and throughput comes at a price so in case of Bitcoin which has a very low throughput there is something called lightning network and lightning network can be described exactly as a subtext in this slide so it's the transactions that happen off-chain so they happen in the separate layer of transactions but they are only remitted they are only settled on the chain so basically there is another system which can take the information from Bitcoin blockchain which can immediately as in the name lightning it can immediately make some transactions switch some money to some other places which you can immediately use but all of those transactions will be eventually settled in a block that will be from time to time remitted back to the blockchain another thing is that not all the blockchains are actually blockchains there are some projects we are exploring some other data structures such for example as graphs in case of IOTA tangle because IOTA tangle is a project that employs something called hash graph in which case as you probably understand we don't have a blockchain we have basically an information graph like we have all of the information connected to them and the application makes sure that all of the information all the new information that you put inside the chain actually makes sense so it is connected with enough of the other nodes of information so that we can recompute the whole state of the system there is also a concept of mining which you may be also interested in what is mining so mining effectively in a proof of work systems is just calculating those hashes by changing nonce values by incrementing them specifically so that you'll achieve the block with hash that matches the requirements of the number of zeros at the beginning so effectively the mining process is just computing hashes of network transactions of burning your CPU to get the reward of creating a block another concept is wallets because wallets are... when you hear the word wallet you probably imagine money but wallets in blockchain-based systems are basically an application which stores all kinds of keys that you have generated in the context of this blockchain-based system so of course in case of cryptocurrency you will have a wallet that contains keys to your money, to your tokens but still you will use other wallet-based systems for other blockchains because it will basically store your keys so those are the few concepts that I think were the most popular so I just wanted to explain them so right now let's finish with the challenges that you will be facing whenever building a blockchain-based system so the first challenge that you actually need to solve is of course fault tolerance and by fault tolerance I mean all kinds of consensus breaking bugs, consensus breaking moves breaking data and so on so it is very important to understand that once you build a blockchain-based system and you give it to someone else that you don't control I mean that person is not your employee or that company is not your company and so on you will have no way of forcing them to accept the new protocol some amends to the data amends to the software that you're using so you need to be aware that conflict resolution comes at a price that you need to have all of the nodes in the network needs to be aligned for the same kind of output because if you are not, there is a problem because there is no other way of forcing someone else to do that the problem also may be with integration with existing systems because blockchain effectively is a system that recomputes its state from blocks so if you have any kind of existing system that needs to modify data in place you don't have a chance to do that because that's not how blockchain works so if you try to integrate your blockchain-based system with other systems that expect basically regular database to modify data in place and do whatever else you won't be able to do that of course without any translation layer that will recompute that state and provide the modification and submit it back to blockchain in the form of new blocks another thing is of course security if you're doing a blockchain-based system especially if that's a public one please do hire a person that has the knowledge about security, has the knowledge about cryptography because as I've said, I'll repeat that security is provided by cryptography and cryptography is your first and last line of defense if someone is able to break your cryptography he's basically able to stuff all kinds of data in your blockchain and you will not have any way of discarding it, you will not have any ways of disproving it because hey, all the signatures match all the keys are correct so what you're talking about, this is legit information even though you know it is not and of course as I told you at the beginning blockchain is designed first and foremost for data integrity so things like minor things like performance even less minor things like the scalability or throughput come at a price, you need to factor it in because if you design your blockchain to be ironclad without any possibility of doing any evil things but still you will be able to add one block per hour probably it won't work for your use case because it will be simply too slow even if you add a mediating layer of caching the information or whatever else you simply need to factor this in because blockchain gives you integrity everything else is on you and since you don't control the network and you want people to use it because of course you can publish the network and no one will use it, so what's the point? There is a concept of incentives and you need to be aware of what makes other people use your software on their own machines because ultimately they will need to pay for some hardware they will need to run it on their computers so what makes them do so? In case of cryptocurrencies, of course mining new block gives someone the reward so you will get more ethers you will get more bitcoins or whatever else you may sell them, you may earn money so that's your incentive, you're wasting your power so that you will gain some more money but in case of your private blockchain or your blockchain for your company that may not be a cryptocurrency you may have to think about better incentives to do that Privacy of course is another big concern because if your data is public or is not encrypted in any way how would you solve the problem of correct people having access only to correct information not to anyone, for example if you store invoices of your company not how to prevent someone else who isn't authorized in this system to gain access to the data you need to take it into account and of course since you don't control the network and every note is equal what will happen when someone changes the rules alters the code or compiles the different version of whatever so what happens? you may stumble upon the problem called hard fork so someone starts operating on a software that is different than yours and you need to have the logic in place to detect that some block is invalid because you made some amends for example you now reserve more space for some information and less for the other and we can't process the blocks because it is invalid for our standpoint so each change in the software that you're writing will probably cause the hard fork and of course if everyone switches to your new version you won't get a fork because everyone just accepted a new reality but if you create a new version of your software and then some part of the network won't change to your new version you will get two versions of reality and you don't want to have that because again you don't have any way of preventing it you don't have any way of mediating it apart from talking to the people please upgrade and of course the last thing is the network security is that what will happen when your consensus algorithm when your proof algorithm isn't as strong as it should be and you will effectively get caught in a problem called 51% attack so what if someone has more than half computing power and is able to overrun your proof algorithm this is also something that you need to be aware of so there are really many many many things to be aware of when you're building the blockchain based systems and that's precisely why cryptocurrencies are so inclined to provide that level of security and not care about the throughput because this is the thing that you need to solve that you must solve and everything else is just nice to have so in case of financial systems you would say that if you had to pay for your morning coffee and you would take three hours to process you wouldn't be happy so crypto people will tell you it's fine because I'm sure that it will be a correct transaction who cares about the correct transaction if it took you three hours to get your coffee but that's the argument that we're making here so to summarize I cannot put it better than blockchain is the right solution but for the right kind of problem if you want to have a network if you want to have a group of nodes that cooperate on some common result you may use blockchain for your system but if you just want to have a blockchain for the sake of the blockchain I mean of course you are a free person you can do that but you are hurting yourself in the process so don't do that unless you really think that the benefits, the properties that I have described here and all of the technical considerations is something that you really understand and you really want to follow through because if you don't or if you want to follow through half of them or like 10th of them and so on if you really don't know what you're doing you may hurt not only yourself but all of the people that are using your blockchain network and given that I've told you that blockchain contains all the data in blocks and the data must be the only data required to reconstitute the state of your system you may think about analogy to event sourcing and as I like to say blockchain is basically event sourcing on steroids because you get event sourcing all the data is in blocks you can recompute all the states from the data inside them but you also get all of the cryptographic guarantees all of the properties with which you basically get a self-contained piece of data that lives on its own and have the means of verifying whether it is actually correct or not so for each of the slides that you have seen here and there are as far as I remember nearly 80 in this talk I could really make another presentation for each one of them that's how vast, that's how wide the whole topic is because for each of the slides that I've shown you here for each of the consensus algorithms for properties and so on there are really a lot of white papers there are a lot of discussion in the space there are really a lot of both theoretical practical, engineering information how to implement that whether is that secure whether is that the correct implementation in some concrete examples there are really, really many, many information and right now this talk is called dive deep into blockchain but it is really showing you where can you dive deep because even though we are talking about the blockchain for a good hour right now it's really only showing you the doors whether you want to open them or not it's of course your call but there are really many, many more things that you can explore in this area so right now all of the things that I wanted to cover is covered I hope that you enjoyed so maybe there are some questions yes so the question is whether I have any recommendations of PHP implementation of blockchain and the answer is ultimately no because as I said there isn't something like the reference implementation of blockchain you may find some repositories and you have the show examples some other places in which you will see examples of how to build blockchain one-on-one or some tutorial how to how to let's say build a blockchain with symphony or something like that but ultimately there isn't I can't answer that question because there isn't a reference implementation of blockchain that for example you can take, understand and then like transfer that knowledge directly to solve your own problem so the answer is ultimately no thanks another other question yeah on the right thank you for the talk so you've mentioned privacy is one of the problems with blockchain and I was wondering whether you have any ideas and how to implement something like for example you have a P2P loan system and you want the users of this of this system to see their own loans the loans they issued the loans they've received and be able to verify it but not to see any other users' loans mm-hmm okay so here this problem can be solved in of course in multiple ways but the two ways that I cannot think of right now is first of all you don't need to have as with event sourcing you don't have to have all of the information inside blockchain so for example if you can have an external system in which you store the information something like names, surnames, like social security numbers or something like that and then you can store information about the keys that those people have assigned to them and you only want to store the values of whatever financial transaction happened there you are safe to have the privacy because the data about those actual people isn't in the blockchain but you are able to recompute the whole state just by having the keys assigned to them and the values of loans that is stored there but this is only a one way of solving that and of course the second one is the encryption so for example the data could be encrypted with those people's details could be encrypted with for example your keys that you control so you as a company giving those loans will have the access of that part of the data inside the blockchain but everyone else will be able to compute the information for example that this piece of encrypted information has 100,000 pounds of depth in your system but they won't be able to access it of course the first approach will be probably better because if the data isn't there it is less prone for example for you to make a mistake in encrypted the data and effectively revealing that information because you can protect it in some other way but as I said up to you if you were to design such a system I would be happy to hear the actual use case you may have and then we could work something out Does that answer your question? Yeah, thank you I think I see where I can go from there Yeah, thank you Any other question? Maybe before Hi I don't really understand private blockchains because the bigger blockchains that have a lot of hash power they get their sort of censorship resistance from that so it's hard to generate blocks and anyone can do it and everyone has to verify but when you've got a private blockchain and maybe it's one company with the nodes or it's creating those blocks that company then essentially has the power to rewrite the history because you're not going to probably require a great deal of hash power to go back and change a block and then recalculate all the following blocks from that block Does that make sense? Yeah, that makes sense Why do they use it? That makes sense and of course you're right if the company controls the blockchain it of course has the power to regenerate everything from scratch but I guess you're mentioning the example that I said about the immutable ledger so I will talk about it right now so if you have the immutable ledger and you store everything in blockchain and of course if you don't give that information to the outside world no one is able to verify whether you are not regenerating it each night of course you're totally right and if that happened you could have some arguments that I didn't do that and so on but no one would believe you but for example imagine a world in which for example you will be you will be required by law to for example store the data in blockchain and only give the hashes of blocks to some authority so that authority would just inspect your block see more or less what was there and just store on their side the hashes of the blocks so of course you may do something with the current block which you haven't given the information about to the authorities yet but if the authorities have the list of hashes of all your blocks that you have generated from the Genesis one and basically you need to have the corresponding data because ultimately you aren't able to generate the counterfeited data because it's simply impossible for example if you had if it wasn't RC4 or ND5 you may have some luck but with SHA256 or SHA512 basically you aren't able because there isn't enough computational power in this world right now to counterfeit it especially for it to make sense so if you were required to give the hashes of your data to the authorities and then if they inspect your finances you are just required they will compare their hashes to your hashes and then and only if and only if those hashes match they would inspect your data otherwise you will pay a hefty fine it means that basically you can have the data in your company without giving it to anyone else and still provide the level of guarantees so that's something thank you for asking the question because that was a detail that I forgot and you fortunately uncovered it thank you very much No problem, as a follow up are there any real world examples of that where a company does need to give those hashes to a government or agency? Unfortunately, those systems at least on the government part doesn't exist yet but in one of the projects I have consulted on there was an idea of doing that ultimately we didn't pursue it that way because there was no way of getting government to agree to such kind of verification but I mean few years ago cryptocurrencies weren't something that even existed and few years ago few years later we get to talk about solutions maybe in the future it will be something that will exist I mean it's just what I'm talking about is that it's technically possible to provide a level of guarantee in which all parties will be happy like both the government will be happy you will be happy and the customers will be happy like all the privacy concerns are handled and so on and so forth but still you get to use the tech that you want to use