diff options
author | Marcello Stanisci <stanisci.m@gmail.com> | 2018-09-10 11:40:19 +0200 |
---|---|---|
committer | Marcello Stanisci <stanisci.m@gmail.com> | 2018-09-10 11:40:19 +0200 |
commit | 0e68968ca4f4ccd5052cf960003a07934ce92b5c (patch) | |
tree | b5148400874be383444d21b17392d23e1ac5c930 /presentation | |
parent | 067244c327e5f76ac4d1be299a0c027f00a4c9a7 (diff) | |
download | twister-0e68968ca4f4ccd5052cf960003a07934ce92b5c.tar.gz twister-0e68968ca4f4ccd5052cf960003a07934ce92b5c.tar.bz2 twister-0e68968ca4f4ccd5052cf960003a07934ce92b5c.zip |
beamer draft
Diffstat (limited to 'presentation')
-rw-r--r-- | presentation/twister.tex | 610 |
1 files changed, 610 insertions, 0 deletions
diff --git a/presentation/twister.tex b/presentation/twister.tex new file mode 100644 index 0000000..7e82884 --- /dev/null +++ b/presentation/twister.tex @@ -0,0 +1,610 @@ +\documentclass[c]{beamer} + +%\usepackage{helvet} +\usepackage{calc} +\usepackage[utf8]{inputenc} % set your input encoding differently, if you want +\usepackage[english]{babel} + +\usepackage{enumitem} +\usepackage{eurosym} +\usepackage{tikz} +\usepackage{pgfgantt} +\usepackage{amsmath,amssymb} +\usetikzlibrary{shapes,arrows,fit} +\usetikzlibrary{positioning} +\usetikzlibrary{calc} +\usepackage[absolute,overlay]{textpos} + +%\setbeameroption{show notes} + +\setlist[itemize]{label=$\bullet$} + + +\def\checkmark{\tikz\fill[scale=0.4](0,.35) -- (.25,0) -- (1,.7) -- (.25,.15) -- cycle;} + +\setbeamertemplate{navigation symbols}{} +%\setbeamercovered{transparent=10} +\setbeamertemplate{navigation symbols}{\url{taler.net}} +%\setbeamertemplate{section in toc}[sections numbered] + +% Adapt title information +% ======================= +\title{GNU Taler \\ Payments for the Common Good} +\institute{Taler Systems SA} +\author{Dr. Christian Grothoff \& Leon Schumacher} +\date{22.2.2018} + +% Some common packages +% ==================== +\usepackage{units} +\usepackage{amsbsy} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{graphics} +\usepackage{epsf} +\usepackage{epsfig} +\usepackage{fixmath} +\usepackage{wrapfig} + + + \usetikzlibrary{snakes} + + +\begin{document} + +\begin{frame} + \begin{center} + GNU Taler: Payments for the Common Good + +% \includegraphics[width=0.66\textwidth]{logo-2017-fr.pdf} + \includegraphics[width=0.66\textwidth]{taler-logo-2017.pdf} + \end{center} +\begin{textblock*}{4cm}(.5cm,7.5cm) % {block width} (coords) + {\Large {\bf \url{taler.net}} \\ +% IRC{\bf \#taler} \\ +% {\small (on freenode)} \\ + twitter@taler \\ + mail@taler.net } +\end{textblock*} + + \begin{textblock*}{4cm}(10cm,7.5cm) % {block width} (coords) + \includegraphics[width=2cm]{ashoka.png} +\end{textblock*} +\end{frame} + + +% Organization / Supplier + +\begin{frame} +\frametitle{Organization} +\begin{center} +\begin{tikzpicture} + \tikzstyle{def} = [node distance= 1.8em and 1.3em, inner sep=1em, outer sep=.3em]; + \node (origin) at (0,0) {}; + \node (cg) [def,orange,above=of origin,draw]{CG}; + \node (gnu) [def, draw, above=of cg]{GNU}; + \node (pep) [def, draw, above right=of cg]{PEP SA}; + \node (ashoka) [def, draw, above left =of cg]{Ashoka}; + \node (ls) [def,orange,above right=of origin,draw]{LS}; + \node (mw) [def,orange,above left=of origin,draw]{MW}; + \node (fd) [def,orange, draw, below left=of origin] {FD}; + \node (jb) [def,orange, draw, below =of origin] {JB}; + \node (ue) [def,orange, draw, below right=of origin] {UE}; + \node (ms) [def,orange, draw, right=of ue] {MS}; + \node (bl) [def,orange, draw, right=of ms] {BL}; + \node (pepf) [def, draw, below=of bl]{PEP Foundation}; + \node (inria) [def, draw, below =of fd]{Inria}; + \node (bfh) [def, draw, below =of ue]{BFH}; + + + % grouping invividuals + \node[def,draw,orange,fit=(ls)(mw)(fd)(jb)(ue)(ms)(bl)](group){}; + + % comment right +% \draw[line width=1pt,orange,decorate,decoration={amplitude=7pt,brace}] +% (group.north east) -- (group.south east); +% \node[right=of group,anchor=center,rotate=90]{Implementation partners}; + + + \tikzstyle{C} = [color=black, line width=1pt] + + %\draw [->, C] (cg) -- (fd) node [midway, above, sloped] (TextNode) {}; + %\draw [->, C] (cg) -- (jb) node [midway, above, sloped] (TextNode) {}; + %\draw [->, C] (cg) -- (ms) node [midway, above, sloped] (TextNode) {}; + %\draw [->, C] (cg) -- (ue) node [midway, above, sloped] (TextNode) {}; + %\draw [->, C] (ls) -- (bl) node [midway, above, sloped] (TextNode) {}; + \draw [<-, C] (cg) -- (gnu) node [midway, above, sloped] (TextNode) {}; + \draw [<-, C] (cg) -- (ashoka) node [midway, above, sloped] (TextNode) {}; + \draw [<-, C] (jb) -- (inria) node [midway, above, sloped] (TextNode) {}; + \draw [<-, C] (fd) -- (inria) node [midway, above, sloped] (TextNode) {}; + \draw [<-, C] (ls) -- (pep) node [midway, above, sloped] (TextNode) {}; + \draw [<-, C] (ue) -- (bfh) node [midway, above, sloped] (TextNode) {}; + \draw [<-, C] (bl) -- (pepf) node [midway, above, sloped] (TextNode) {}; +\end{tikzpicture} +\end{center} +\end{frame} + + +\begin{frame} +\frametitle{Dr. Christian Grothoff} +\begin{itemize} +\item Co-founder of Taler Systems SA +\item 16+ years of experience in network security and privacy +\item Software deployed in millions of computers and devices +\item PhD in Computer Science, from UCLA, degrees in Mathematics and Chemistry +\item GNU maintainer, GNU advisory board member +\item Ashoka fellow, former Emmy-Noether scholar +\item Lived and worked in USA, Germany, France and Switzerland +\item Professor for network security at University of Applied Sciences, Bern +\end{itemize} +\end{frame} + + +\begin{frame} +\frametitle{Leon Schumacher} +\begin{itemize} +\item Co-founder of Taler Systems SA +\item Co-founder of p$\equiv$p Security / pretty Easy privacy +\item Founder of DigitalEklo +\item Former Group CIO of Novartis +\item Former Group CIO ArcelorMittal +\end{itemize} +\end{frame} + + +\begin{frame} + \frametitle{Senior Team \hfill \& \hfill advisory board \hfill} + \begin{minipage}{5cm} + \setlist[description]{leftmargin=1cm,labelindent=0cm} + \begin{description} + \item[Leon Schumacher]\ \\ co-founder, executive + \item[Dr. Christian Grothoff]\ \\ co-founder, executive + \item[Michael Widmer]\ \\ Lawyer, executive + \item[Dr. Jeff Burdges]\ \\ PostDoc + \item[Florian Dold]\ \\ PhD Student + \end{description} + +\end{minipage} + \begin{minipage}{5.5cm} + {\tiny +\begin{description} + \item[Prof. Mikhail Atallah] \ \\ + Cryptographer, co-founder + Arxan Technologies Inc. + \item[Prof. Roberto Di Cosmo] \ \\ + Director IRILL + \item[Greg Framke] \ \\ + CIO Manulife, \\ + former COO Etrade + \item[Ante Gulam] \ \\ + Global Head of Information Security --- CISO \\ + MetaPack Group + \item[Dr. Richard Stallman]\ \\ + Founder of the \\ \mbox{Free Software movement} + \item[Chris Pagett] \ \\ + former Group Head Security/ \ \\ + Fraud/Geo Risk HSBC + \item[Prof. Alex Pentland] \ \\ + MIT Media Lab +\end{description} +} +\end{minipage} +\vfill +\includegraphics[height=0.1\textwidth]{team-images/leon-schumacher.jpg} \hfill +\includegraphics[height=0.1\textwidth]{team-images/christian-grothoff.jpg}\hfill +\includegraphics[height=0.1\textwidth]{team-images/michael-widmer.jpg}\hfill +\includegraphics[height=0.1\textwidth]{team-images/jeff-burdges.jpg}\hfill +\includegraphics[height=0.1\textwidth]{team-images/florian-dold.jpg}\hfill +\includegraphics[height=0.1\textwidth]{board-images/mja.jpg} \hfill +\includegraphics[height=0.1\textwidth]{board-images/roberto-di-cosmo.jpg} \hfill +\includegraphics[height=0.1\textwidth]{board-images/greg-framke.jpg} \hfill +\includegraphics[height=0.1\textwidth]{board-images/ante-gulam.jpg} \hfill +\includegraphics[height=0.1\textwidth]{board-images/alex-pentland.jpg} +%\note{Advisory board still under construction.} +\end{frame} + + +\begin{frame} +\frametitle{History of Taler Systems SA} +\begin{itemize} +\item Software development started at TU Munich (2013) +\item Grant from Renewable Freedom Foudation to develop core system (2014-2017) +\item Inria decision to create startup in (2015) +\item Company founded 2016 by Dr. Christian Grothoff and Leon Schumacher +\item Copyright agreement with Inria, GNUnet e.V. and other stakeholders (2017) +%\item Swedish community member informs us about e-Krona project (9'2017) +%\item First hire from former Inria team (2018) +\item Core team assisted by many volunteers ($\Rightarrow$ easy to grow) +\end{itemize} +\end{frame} + + +% ``References and experience within the field'' +\begin{frame} +\frametitle{Strategic partners} +\begin{itemize} +\item GNU Taler: We are a GNU package within the GNU project +\item Hacker community: supported by CCC, Tor project, Enigmail, GnuPG, Nitrokey, etc. +\item Ashoka: Prof. Grothoff is part of a global network of social entrepreneurs +\item p$\equiv$p: Taler partners with pEp for e-mail integration +\item Roots in academia: partners at TUM (I8), Inria (TAMIS team), ETH Zurich (Helbing) and MIT (Media Lab) +\item Roots in industry: Leon Schumacher, Group CIO of ArcelorMittal \& Novartis +\item Roots in banking: Michael Widmer, Chief of Staff of Adecco Group; Bank Gutenberg, AIG, EUREX, Chicago Board of Trade/Eurex Alliance +\end{itemize} +\end{frame} + + +\section{What is GNU Taler?} +\begin{frame}{What is GNU Taler?} + \vfill + \begin{center} +GNU Taler is an electronic instant payment system. + \end{center} + \begin{itemize} + \item Uses electronic coins stored in {\bf wallets} on customer's device + \item Think electronic {\bf cash}, with a few twists + \item Pay in {\bf existing currencies} (i.e. EUR, USD, BTC) +% or use it to create new regional currencies + \end{itemize} + \vfill + \begin{center} + Taler is {\bf not} a cryptocurrency. + \end{center} +\end{frame} + + +\begin{frame} +\frametitle{GNU Taler Overview} +\begin{center} +\begin{tikzpicture} + \tikzstyle{def} = [node distance= 5em and 6.5em, inner sep=1em, outer sep=.3em]; + \node (origin) at (0,0) {}; + \node (exchange) [def,above=of origin,draw]{Exchange}; + \node (customer) [def, draw, below left=of origin] {Customer}; + \node (merchant) [def, draw, below right=of origin] {Merchant}; + \node (auditor) [def, draw, above right=of origin]{Auditor}; + + \tikzstyle{C} = [color=black, line width=1pt] + + \draw [<-, C] (customer) -- (exchange) node [midway, above, sloped] (TextNode) {withdraw coins}; + \draw [<-, C] (exchange) -- (merchant) node [midway, above, sloped] (TextNode) {deposit coins}; + \draw [<-, C] (merchant) -- (customer) node [midway, above, sloped] (TextNode) {spend coins}; + \draw [<-, C] (exchange) -- (auditor) node [midway, above, sloped] (TextNode) {verify}; + +\end{tikzpicture} +\end{center} +\end{frame} +% Demo here + + +\begin{frame} +\frametitle{Components in Depth} +\begin{itemize} +\item Exchange: payment service provider + \begin{itemize} + \item Wire plugins: integration with register based system + \item Database plugins: persist cryptographic proofs + \item Auditor: verifies correct operation + \end{itemize} +\item Wallet: customer user interface + \begin{itemize} + \item Browser extension + \item E-mail client integration (future work) + \item NFC payments (future work) + \end{itemize} +\item Merchant: shop + \begin{itemize} + \item Front end (custom) + \item Backend (RESTful service, performs cryptography) + \item Backend database: persists cryptographic proofs + \item Back office Web service: access to business data + \end{itemize} +\item Protocol specification (generally JSON-based) +\end{itemize} +\end{frame} + + + +% ``References and experience within the field'' +\begin{frame}{Hardware requirements} +\begin{itemize} +\item[@] Exchange: + \begin{itemize} + \item high-availablility data center (with replicated database), + \item expected amortized average transaction costs $\approx$ \EUR{0.000001} + \item transaction latency $\approx$ network RTT + \end{itemize} +\item[@] Merchant: + \begin{itemize} + \item database to store contracts and cryptographic proofs + \item minimal CPU, hardware and bandwidth requirements + \item integration cost small due to reusable backend and backoffice components + \end{itemize} +\item[@] Customer: + \begin{itemize} + \item database (IndexedDB) to store coins, contracts and cryptographic proofs + \item minimal CPU, hardware and bandwidth requirements + \item DesignShift estimated \EUR{300,000} cost for design of + mass production ready \EUR{10} NFC hardware wallet in CC format + \end{itemize} +\end{itemize} +\end{frame} + + +% ``References and experience within the field'' +\begin{frame}{Availability / Reliability / Off-line transactions} + + {\bf CAP theorem:} +\begin{center} + Consistency, Availability, Partition-Tolerance: pick two! +\end{center} +\vfill +\begin{itemize} +\item By default, Taler focuses on consistency and detects double-spending online \\ + $\Rightarrow$ Network partitions impact availability +\item Sharing coins via NFC while offline in principle possible \\ + $\Rightarrow$ Double spending detected late, receiver may be defrauded +\end{itemize} +\vfill +\end{frame} + + +\begin{frame}{Security} +\begin{itemize} +\item Each party must keep their private keys secure +%\item Private keys are never disclosed by the protocol (not even during payments) +\item Losses are by design with party where keys were compromised +\item Losses are bounded to: +\begin{itemize} +\item amount of coins carried in wallet (for consumer) +\item volume of transactions during compromise (for merchant) +\item amount of coins in circulation (for exchange) +\end{itemize} +\item Denomination key expiration used to limit risk +\item Exchange operator typically has escrow account matching issued coins +\end{itemize} +\end{frame} + + +\begin{frame}{Scalability} + \begin{block}{By design} + For exchange operator: + \begin{itemize} + \item linear scalability (via sharding) of database + \item linear scalability of cryptographic operations + \end{itemize} + System also supports having multiple exchange operators. + \end{block} + \begin{block}{Implementation limitations} + \begin{itemize} + \item Auditor implementation is currently sequential + \end{itemize} + \end{block} + All components are {\em free software} with {\em public specifications}. +\end{frame} + + +\begin{frame}{Interoperability} + \begin{itemize} + \item Database layer abstracted via interface + \item Wire transfer layer abstracted via interface + \item Open protocol specification + \item RESTful JSON-based APIs + \item Designed to operate well with HTTP(S) + \item Recent changes to better support Apps and non-WebExtension compatible browsers + \item Core logic implemented in portable C code (exchange, merchant backend) + \item Wallet-specific logic implemented in TypeScript \\ + ($\Rightarrow$ WebExtensions, React) + \end{itemize} +\end{frame} + + +\begin{frame}{Reliability} + \begin{itemize} + \item Cryptographic constructions are well-understood + \item Cryptographic primitives are state-of-the art + \item Protocols have been peer-reviewed by various cryptographers + \item State-of-the-art secure software development process + \item Implementation has been (partially) subjected to security audits, more planned + \item World-class information security team + \end{itemize} +\end{frame} + + +\begin{frame}{Anonymous transactions} +\begin{itemize} +\item Customer must identify when withdrawing via register system (KYC) +\item Merchant must identify to receive via register system (AML) +\item Merchant can be compelled to disclose terms of contract +\item Customer can be {\em anonymous} when paying +\item Multiple transactions of same customer are {\em unlinkable} +\item Customer has proof of purchase +\item Customer can voluntarily disclose identity, but not be compelled +\item Exchange operator must be well-known and certified by auditor +\item Auditor keys usually hard-coded in customer and merchant software +\end{itemize} +\end{frame} + + +\begin{frame}{Identity Management} + \begin{itemize} + \item Taler provides electronic cash on top of register-based system + \item Typically, customer and merchants have accounts in register-based system \\ + $\Rightarrow$ Identification piggy-backs on register-based system + \item Customer's wallets have a key to identify them + \item Possible to send electronic coins to customer based on wallet key \\ + $\Rightarrow$ Possible to provide {\em welfare} to unbanked individuals + \item Receiving Taler payments requires account in register (for taxability) + \end{itemize} +\end{frame} + + +\begin{frame}{Accessibility} + \begin{itemize} + \item Anyone can customize wallet, as {\em protocols} enforce security! + \item Wallets (HW, SW) will be customized to + match accessibility requirements (children, disabled, elderly) + \item Prototype was publicly demonstrated and explained by 10 year + old kid at hacker conferences (videos available) + \item Transaction speed is one click plus network RTT + \item Avoiding customer authentication improves privacy and usability! + \item Advisory board voiced ethical concerns with payments becoming + too easy and need to integrate financial education with wallet. + \end{itemize} +\end{frame} + + +\begin{frame}{Social Impact of Taler} + \begin{center} + \includegraphics[height=0.8\textheight]{social-impact.pdf} + \end{center} +\end{frame} + + +\begin{frame} + \frametitle{Possible outcomes (optimistic)} + \begin{itemize} + \item{Replace Mastercard/Visa/Paypal online} \\ + $\Rightarrow$ Cheaper transactions $\equiv$ 3\% reduction in VAT + \item{Replace cash and credit cards} \\ + $\Rightarrow$ Faster business transactions in stores + \item{Income via Taler is easily tracked by the government} \\ + $\Rightarrow$ Less corruption, less tax evasion possible + \item{Nobody can track how you spend your money} \\ + $\Rightarrow$ Privacy for citizens! \\ + $\Rightarrow$ Industrial espionage defense for business! + \end{itemize} +\end{frame} + + +\begin{frame}{} + \vfill + \begin{center} + {Why should {\em Riksbank} be interested?} + \end{center} + \vfill + \begin{center} + \includegraphics[height=3cm]{illustrations/usmint.jpeg} + \end{center} + \vfill + \begin{center} + {Why not do {\em online} what they do {\em offline}?\footnote{Just better: you can anonymously receive cash, but not Taler coins.}} + \end{center} +\end{frame} + + +\begin{frame}{Greatest challenges for Taler Systems SA} +\begin{itemize} + \item Onboarding of customers \& merchants + \item Banking license \& integration with register-based system +% \item Funding for non-proprietary (FLOSS) software to establish a +% payment systems commons without patents + \end{itemize} +\end{frame} + + +\begin{frame}{PoC project} + \begin{itemize} + \item Taler Systems SA as technological solution provider (expertise) + \item Riksbank as operator (escrow account, data center, RIX link) + \item Key steps: + \begin{itemize} + \item Agreement on costs and responsibilities for PoC (1 M) + \item Define specifications for small PoC / demonstrator (1 M) + \item Setup PoC (1 M) + \item Satisfy Riksbank technical security and performance requirements (6-12 M) + \item Identification of niche market and partners for public PoC launch (4-6 M) + \end{itemize} + \end{itemize} +\end{frame} + + + +\begin{frame} + \begin{center} +% \includegraphics[width=0.66\textwidth]{logo-2017-fr.pdf} + \includegraphics[width=0.66\textwidth]{taler-logo-2018.pdf} + \end{center} + \vfill + \hfill A GNU package +\end{frame} + +\end{document} + + +\section{Comparison} +\begin{frame}{Comparison} + \begin{center} \small + \begin{tabular}{l||c|c|c|c|c} + & Cash & Bitcoin & ZCash & Creditcard & GNU Taler \\ \hline \hline + Online &$-$$-$$-$ & ++ & ++ & + & +++ \\ \hline + Offline & +++ & $-$$-$ & $-$$-$ & + & $-$$-$ \\ \hline + Trans. cost & + & $-$$-$$-$ & $-$$-$$-$ & $-$ & ++ \\ \hline + Speed & + & $-$$-$$-$ & $-$$-$$-$ & o & ++ \\ \hline + Taxation & $-$ & $-$$-$ & $-$$-$$-$ & +++ & +++ \\ \hline + Payer-anon & ++ & o & ++ & $-$$-$$-$ & +++ \\ \hline + Payee-anon & ++ & o & ++ & $-$$-$$-$ & $-$$-$$-$ {\bf (*)} \\ \hline + Security & $-$ & o & o & $-$$-$ & ++ \\ \hline + Conversion & +++ & $-$$-$$-$ & $-$$-$$-$ & +++ & +++ \\ \hline + Libre & $-$ & +++ & +++ & $-$ $-$ $-$ & +++ \\ + \end{tabular} + \end{center} + {{\bf (*)} Not having payee-anonymity is a good thing as otherwise money laundering + becomes a real problem.} +\end{frame} + + + + +\section{The Problem} +\begin{frame}{The Problem} + + 3D secure (``verified by visa'') is a nightmare: + \begin{minipage}{5cm} + \begin{itemize} + \item Complicated process + \item Shifts liability to consumer + \item Significant latency + \item Can refuse valid requests + \item Legal vendors excluded + \item No privacy for buyers + \end{itemize} + \end{minipage} + \begin{minipage}{5cm} + \includegraphics[width=\textwidth]{illustrations/cc3ds.pdf} + \end{minipage} + \vfill + Online credit card payments will be replaced, but with what? +\end{frame} + + +\begin{frame}{The Problem} +\vfill + \begin{textblock*}{12cm}(0.5cm,1cm) % {block width} (coords) + \begin{itemize} + \item Global tech companies push oligopolies + \item Privacy and federated finance are at risk +% \item 30\% fees are conceivable + \item Economic sovereingity is in danger + \end{itemize} +\end{textblock*} +\begin{textblock*}{4cm}(3.5cm,5.2cm) % {block width} (coords) + {\includegraphics[width=\textwidth]{competitor-logos/amazon.png}} +\end{textblock*} +\begin{textblock*}{2cm}(7cm,3cm) % {block width} (coords) + {\includegraphics[width=\textwidth]{competitor-logos/alipay.jpeg}} +\end{textblock*} +\begin{textblock*}{2cm}(3cm,3.5cm) % {block width} (coords) + {\includegraphics[width=\textwidth]{competitor-logos/paypal.jpeg}} +\end{textblock*} +\begin{textblock*}{2cm}(9cm,5cm) % {block width} (coords) + {\includegraphics[width=\textwidth]{competitor-logos/applepay.jpeg}} +\end{textblock*} +\begin{textblock*}{2cm}(7.5cm,5.9cm) % {block width} (coords) + {\includegraphics[width=\textwidth]{competitor-logos/samsungpay.jpeg}} +\end{textblock*} +\begin{textblock*}{1cm}(9.5cm,6.3cm) % {block width} (coords) + {\includegraphics[width=\textwidth]{competitor-logos/android_pay.png}} +\end{textblock*} +\vfill +\end{frame} |