From c07d001fd1fddee600ca94b27ed50916f00898ab Mon Sep 17 00:00:00 2001 From: Marcello Stanisci Date: Mon, 10 Sep 2018 11:50:52 +0200 Subject: presentation minimal skeleton --- presentation/twister.tex | 553 +---------------------------------------------- 1 file changed, 4 insertions(+), 549 deletions(-) diff --git a/presentation/twister.tex b/presentation/twister.tex index 7e82884..05ecf8e 100644 --- a/presentation/twister.tex +++ b/presentation/twister.tex @@ -29,10 +29,10 @@ % Adapt title information % ======================= -\title{GNU Taler \\ Payments for the Common Good} +\title{Twister \\ Easy C instrumentation and programmable proxy} \institute{Taler Systems SA} -\author{Dr. Christian Grothoff \& Leon Schumacher} -\date{22.2.2018} +\author{Dr. Christian Grothoff \& Marcello Stanisci} +\date{10.9.2018} % Some common packages % ==================== @@ -53,558 +53,13 @@ \begin{document} \begin{frame} - \begin{center} - GNU Taler: Payments for the Common Good - -% \includegraphics[width=0.66\textwidth]{logo-2017-fr.pdf} - \includegraphics[width=0.66\textwidth]{taler-logo-2017.pdf} - \end{center} + \frametitle{GNU Twister: C-friendly programmable proxy} \begin{textblock*}{4cm}(.5cm,7.5cm) % {block width} (coords) {\Large {\bf \url{taler.net}} \\ -% IRC{\bf \#taler} \\ -% {\small (on freenode)} \\ twitter@taler \\ mail@taler.net } \end{textblock*} - \begin{textblock*}{4cm}(10cm,7.5cm) % {block width} (coords) - \includegraphics[width=2cm]{ashoka.png} -\end{textblock*} -\end{frame} - - -% Organization / Supplier - -\begin{frame} -\frametitle{Organization} -\begin{center} -\begin{tikzpicture} - \tikzstyle{def} = [node distance= 1.8em and 1.3em, inner sep=1em, outer sep=.3em]; - \node (origin) at (0,0) {}; - \node (cg) [def,orange,above=of origin,draw]{CG}; - \node (gnu) [def, draw, above=of cg]{GNU}; - \node (pep) [def, draw, above right=of cg]{PEP SA}; - \node (ashoka) [def, draw, above left =of cg]{Ashoka}; - \node (ls) [def,orange,above right=of origin,draw]{LS}; - \node (mw) [def,orange,above left=of origin,draw]{MW}; - \node (fd) [def,orange, draw, below left=of origin] {FD}; - \node (jb) [def,orange, draw, below =of origin] {JB}; - \node (ue) [def,orange, draw, below right=of origin] {UE}; - \node (ms) [def,orange, draw, right=of ue] {MS}; - \node (bl) [def,orange, draw, right=of ms] {BL}; - \node (pepf) [def, draw, below=of bl]{PEP Foundation}; - \node (inria) [def, draw, below =of fd]{Inria}; - \node (bfh) [def, draw, below =of ue]{BFH}; - - - % grouping invividuals - \node[def,draw,orange,fit=(ls)(mw)(fd)(jb)(ue)(ms)(bl)](group){}; - - % comment right -% \draw[line width=1pt,orange,decorate,decoration={amplitude=7pt,brace}] -% (group.north east) -- (group.south east); -% \node[right=of group,anchor=center,rotate=90]{Implementation partners}; - - - \tikzstyle{C} = [color=black, line width=1pt] - - %\draw [->, C] (cg) -- (fd) node [midway, above, sloped] (TextNode) {}; - %\draw [->, C] (cg) -- (jb) node [midway, above, sloped] (TextNode) {}; - %\draw [->, C] (cg) -- (ms) node [midway, above, sloped] (TextNode) {}; - %\draw [->, C] (cg) -- (ue) node [midway, above, sloped] (TextNode) {}; - %\draw [->, C] (ls) -- (bl) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (cg) -- (gnu) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (cg) -- (ashoka) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (jb) -- (inria) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (fd) -- (inria) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (ls) -- (pep) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (ue) -- (bfh) node [midway, above, sloped] (TextNode) {}; - \draw [<-, C] (bl) -- (pepf) node [midway, above, sloped] (TextNode) {}; -\end{tikzpicture} -\end{center} -\end{frame} - - -\begin{frame} -\frametitle{Dr. Christian Grothoff} -\begin{itemize} -\item Co-founder of Taler Systems SA -\item 16+ years of experience in network security and privacy -\item Software deployed in millions of computers and devices -\item PhD in Computer Science, from UCLA, degrees in Mathematics and Chemistry -\item GNU maintainer, GNU advisory board member -\item Ashoka fellow, former Emmy-Noether scholar -\item Lived and worked in USA, Germany, France and Switzerland -\item Professor for network security at University of Applied Sciences, Bern -\end{itemize} -\end{frame} - - -\begin{frame} -\frametitle{Leon Schumacher} -\begin{itemize} -\item Co-founder of Taler Systems SA -\item Co-founder of p$\equiv$p Security / pretty Easy privacy -\item Founder of DigitalEklo -\item Former Group CIO of Novartis -\item Former Group CIO ArcelorMittal -\end{itemize} -\end{frame} - - -\begin{frame} - \frametitle{Senior Team \hfill \& \hfill advisory board \hfill} - \begin{minipage}{5cm} - \setlist[description]{leftmargin=1cm,labelindent=0cm} - \begin{description} - \item[Leon Schumacher]\ \\ co-founder, executive - \item[Dr. Christian Grothoff]\ \\ co-founder, executive - \item[Michael Widmer]\ \\ Lawyer, executive - \item[Dr. Jeff Burdges]\ \\ PostDoc - \item[Florian Dold]\ \\ PhD Student - \end{description} - -\end{minipage} - \begin{minipage}{5.5cm} - {\tiny -\begin{description} - \item[Prof. Mikhail Atallah] \ \\ - Cryptographer, co-founder - Arxan Technologies Inc. - \item[Prof. Roberto Di Cosmo] \ \\ - Director IRILL - \item[Greg Framke] \ \\ - CIO Manulife, \\ - former COO Etrade - \item[Ante Gulam] \ \\ - Global Head of Information Security --- CISO \\ - MetaPack Group - \item[Dr. Richard Stallman]\ \\ - Founder of the \\ \mbox{Free Software movement} - \item[Chris Pagett] \ \\ - former Group Head Security/ \ \\ - Fraud/Geo Risk HSBC - \item[Prof. Alex Pentland] \ \\ - MIT Media Lab -\end{description} -} -\end{minipage} -\vfill -\includegraphics[height=0.1\textwidth]{team-images/leon-schumacher.jpg} \hfill -\includegraphics[height=0.1\textwidth]{team-images/christian-grothoff.jpg}\hfill -\includegraphics[height=0.1\textwidth]{team-images/michael-widmer.jpg}\hfill -\includegraphics[height=0.1\textwidth]{team-images/jeff-burdges.jpg}\hfill -\includegraphics[height=0.1\textwidth]{team-images/florian-dold.jpg}\hfill -\includegraphics[height=0.1\textwidth]{board-images/mja.jpg} \hfill -\includegraphics[height=0.1\textwidth]{board-images/roberto-di-cosmo.jpg} \hfill -\includegraphics[height=0.1\textwidth]{board-images/greg-framke.jpg} \hfill -\includegraphics[height=0.1\textwidth]{board-images/ante-gulam.jpg} \hfill -\includegraphics[height=0.1\textwidth]{board-images/alex-pentland.jpg} -%\note{Advisory board still under construction.} -\end{frame} - - -\begin{frame} -\frametitle{History of Taler Systems SA} -\begin{itemize} -\item Software development started at TU Munich (2013) -\item Grant from Renewable Freedom Foudation to develop core system (2014-2017) -\item Inria decision to create startup in (2015) -\item Company founded 2016 by Dr. Christian Grothoff and Leon Schumacher -\item Copyright agreement with Inria, GNUnet e.V. and other stakeholders (2017) -%\item Swedish community member informs us about e-Krona project (9'2017) -%\item First hire from former Inria team (2018) -\item Core team assisted by many volunteers ($\Rightarrow$ easy to grow) -\end{itemize} -\end{frame} - - -% ``References and experience within the field'' -\begin{frame} -\frametitle{Strategic partners} -\begin{itemize} -\item GNU Taler: We are a GNU package within the GNU project -\item Hacker community: supported by CCC, Tor project, Enigmail, GnuPG, Nitrokey, etc. -\item Ashoka: Prof. Grothoff is part of a global network of social entrepreneurs -\item p$\equiv$p: Taler partners with pEp for e-mail integration -\item Roots in academia: partners at TUM (I8), Inria (TAMIS team), ETH Zurich (Helbing) and MIT (Media Lab) -\item Roots in industry: Leon Schumacher, Group CIO of ArcelorMittal \& Novartis -\item Roots in banking: Michael Widmer, Chief of Staff of Adecco Group; Bank Gutenberg, AIG, EUREX, Chicago Board of Trade/Eurex Alliance -\end{itemize} -\end{frame} - - -\section{What is GNU Taler?} -\begin{frame}{What is GNU Taler?} - \vfill - \begin{center} -GNU Taler is an electronic instant payment system. - \end{center} - \begin{itemize} - \item Uses electronic coins stored in {\bf wallets} on customer's device - \item Think electronic {\bf cash}, with a few twists - \item Pay in {\bf existing currencies} (i.e. EUR, USD, BTC) -% or use it to create new regional currencies - \end{itemize} - \vfill - \begin{center} - Taler is {\bf not} a cryptocurrency. - \end{center} -\end{frame} - - -\begin{frame} -\frametitle{GNU Taler Overview} -\begin{center} -\begin{tikzpicture} - \tikzstyle{def} = [node distance= 5em and 6.5em, inner sep=1em, outer sep=.3em]; - \node (origin) at (0,0) {}; - \node (exchange) [def,above=of origin,draw]{Exchange}; - \node (customer) [def, draw, below left=of origin] {Customer}; - \node (merchant) [def, draw, below right=of origin] {Merchant}; - \node (auditor) [def, draw, above right=of origin]{Auditor}; - - \tikzstyle{C} = [color=black, line width=1pt] - - \draw [<-, C] (customer) -- (exchange) node [midway, above, sloped] (TextNode) {withdraw coins}; - \draw [<-, C] (exchange) -- (merchant) node [midway, above, sloped] (TextNode) {deposit coins}; - \draw [<-, C] (merchant) -- (customer) node [midway, above, sloped] (TextNode) {spend coins}; - \draw [<-, C] (exchange) -- (auditor) node [midway, above, sloped] (TextNode) {verify}; - -\end{tikzpicture} -\end{center} -\end{frame} -% Demo here - - -\begin{frame} -\frametitle{Components in Depth} -\begin{itemize} -\item Exchange: payment service provider - \begin{itemize} - \item Wire plugins: integration with register based system - \item Database plugins: persist cryptographic proofs - \item Auditor: verifies correct operation - \end{itemize} -\item Wallet: customer user interface - \begin{itemize} - \item Browser extension - \item E-mail client integration (future work) - \item NFC payments (future work) - \end{itemize} -\item Merchant: shop - \begin{itemize} - \item Front end (custom) - \item Backend (RESTful service, performs cryptography) - \item Backend database: persists cryptographic proofs - \item Back office Web service: access to business data - \end{itemize} -\item Protocol specification (generally JSON-based) -\end{itemize} -\end{frame} - - - -% ``References and experience within the field'' -\begin{frame}{Hardware requirements} -\begin{itemize} -\item[@] Exchange: - \begin{itemize} - \item high-availablility data center (with replicated database), - \item expected amortized average transaction costs $\approx$ \EUR{0.000001} - \item transaction latency $\approx$ network RTT - \end{itemize} -\item[@] Merchant: - \begin{itemize} - \item database to store contracts and cryptographic proofs - \item minimal CPU, hardware and bandwidth requirements - \item integration cost small due to reusable backend and backoffice components - \end{itemize} -\item[@] Customer: - \begin{itemize} - \item database (IndexedDB) to store coins, contracts and cryptographic proofs - \item minimal CPU, hardware and bandwidth requirements - \item DesignShift estimated \EUR{300,000} cost for design of - mass production ready \EUR{10} NFC hardware wallet in CC format - \end{itemize} -\end{itemize} -\end{frame} - - -% ``References and experience within the field'' -\begin{frame}{Availability / Reliability / Off-line transactions} - - {\bf CAP theorem:} -\begin{center} - Consistency, Availability, Partition-Tolerance: pick two! -\end{center} -\vfill -\begin{itemize} -\item By default, Taler focuses on consistency and detects double-spending online \\ - $\Rightarrow$ Network partitions impact availability -\item Sharing coins via NFC while offline in principle possible \\ - $\Rightarrow$ Double spending detected late, receiver may be defrauded -\end{itemize} -\vfill -\end{frame} - - -\begin{frame}{Security} -\begin{itemize} -\item Each party must keep their private keys secure -%\item Private keys are never disclosed by the protocol (not even during payments) -\item Losses are by design with party where keys were compromised -\item Losses are bounded to: -\begin{itemize} -\item amount of coins carried in wallet (for consumer) -\item volume of transactions during compromise (for merchant) -\item amount of coins in circulation (for exchange) -\end{itemize} -\item Denomination key expiration used to limit risk -\item Exchange operator typically has escrow account matching issued coins -\end{itemize} -\end{frame} - - -\begin{frame}{Scalability} - \begin{block}{By design} - For exchange operator: - \begin{itemize} - \item linear scalability (via sharding) of database - \item linear scalability of cryptographic operations - \end{itemize} - System also supports having multiple exchange operators. - \end{block} - \begin{block}{Implementation limitations} - \begin{itemize} - \item Auditor implementation is currently sequential - \end{itemize} - \end{block} - All components are {\em free software} with {\em public specifications}. -\end{frame} - - -\begin{frame}{Interoperability} - \begin{itemize} - \item Database layer abstracted via interface - \item Wire transfer layer abstracted via interface - \item Open protocol specification - \item RESTful JSON-based APIs - \item Designed to operate well with HTTP(S) - \item Recent changes to better support Apps and non-WebExtension compatible browsers - \item Core logic implemented in portable C code (exchange, merchant backend) - \item Wallet-specific logic implemented in TypeScript \\ - ($\Rightarrow$ WebExtensions, React) - \end{itemize} -\end{frame} - - -\begin{frame}{Reliability} - \begin{itemize} - \item Cryptographic constructions are well-understood - \item Cryptographic primitives are state-of-the art - \item Protocols have been peer-reviewed by various cryptographers - \item State-of-the-art secure software development process - \item Implementation has been (partially) subjected to security audits, more planned - \item World-class information security team - \end{itemize} -\end{frame} - - -\begin{frame}{Anonymous transactions} -\begin{itemize} -\item Customer must identify when withdrawing via register system (KYC) -\item Merchant must identify to receive via register system (AML) -\item Merchant can be compelled to disclose terms of contract -\item Customer can be {\em anonymous} when paying -\item Multiple transactions of same customer are {\em unlinkable} -\item Customer has proof of purchase -\item Customer can voluntarily disclose identity, but not be compelled -\item Exchange operator must be well-known and certified by auditor -\item Auditor keys usually hard-coded in customer and merchant software -\end{itemize} -\end{frame} - - -\begin{frame}{Identity Management} - \begin{itemize} - \item Taler provides electronic cash on top of register-based system - \item Typically, customer and merchants have accounts in register-based system \\ - $\Rightarrow$ Identification piggy-backs on register-based system - \item Customer's wallets have a key to identify them - \item Possible to send electronic coins to customer based on wallet key \\ - $\Rightarrow$ Possible to provide {\em welfare} to unbanked individuals - \item Receiving Taler payments requires account in register (for taxability) - \end{itemize} -\end{frame} - - -\begin{frame}{Accessibility} - \begin{itemize} - \item Anyone can customize wallet, as {\em protocols} enforce security! - \item Wallets (HW, SW) will be customized to - match accessibility requirements (children, disabled, elderly) - \item Prototype was publicly demonstrated and explained by 10 year - old kid at hacker conferences (videos available) - \item Transaction speed is one click plus network RTT - \item Avoiding customer authentication improves privacy and usability! - \item Advisory board voiced ethical concerns with payments becoming - too easy and need to integrate financial education with wallet. - \end{itemize} -\end{frame} - - -\begin{frame}{Social Impact of Taler} - \begin{center} - \includegraphics[height=0.8\textheight]{social-impact.pdf} - \end{center} -\end{frame} - - -\begin{frame} - \frametitle{Possible outcomes (optimistic)} - \begin{itemize} - \item{Replace Mastercard/Visa/Paypal online} \\ - $\Rightarrow$ Cheaper transactions $\equiv$ 3\% reduction in VAT - \item{Replace cash and credit cards} \\ - $\Rightarrow$ Faster business transactions in stores - \item{Income via Taler is easily tracked by the government} \\ - $\Rightarrow$ Less corruption, less tax evasion possible - \item{Nobody can track how you spend your money} \\ - $\Rightarrow$ Privacy for citizens! \\ - $\Rightarrow$ Industrial espionage defense for business! - \end{itemize} -\end{frame} - - -\begin{frame}{} - \vfill - \begin{center} - {Why should {\em Riksbank} be interested?} - \end{center} - \vfill - \begin{center} - \includegraphics[height=3cm]{illustrations/usmint.jpeg} - \end{center} - \vfill - \begin{center} - {Why not do {\em online} what they do {\em offline}?\footnote{Just better: you can anonymously receive cash, but not Taler coins.}} - \end{center} -\end{frame} - - -\begin{frame}{Greatest challenges for Taler Systems SA} -\begin{itemize} - \item Onboarding of customers \& merchants - \item Banking license \& integration with register-based system -% \item Funding for non-proprietary (FLOSS) software to establish a -% payment systems commons without patents - \end{itemize} -\end{frame} - - -\begin{frame}{PoC project} - \begin{itemize} - \item Taler Systems SA as technological solution provider (expertise) - \item Riksbank as operator (escrow account, data center, RIX link) - \item Key steps: - \begin{itemize} - \item Agreement on costs and responsibilities for PoC (1 M) - \item Define specifications for small PoC / demonstrator (1 M) - \item Setup PoC (1 M) - \item Satisfy Riksbank technical security and performance requirements (6-12 M) - \item Identification of niche market and partners for public PoC launch (4-6 M) - \end{itemize} - \end{itemize} -\end{frame} - - - -\begin{frame} - \begin{center} -% \includegraphics[width=0.66\textwidth]{logo-2017-fr.pdf} - \includegraphics[width=0.66\textwidth]{taler-logo-2018.pdf} - \end{center} - \vfill - \hfill A GNU package \end{frame} \end{document} - - -\section{Comparison} -\begin{frame}{Comparison} - \begin{center} \small - \begin{tabular}{l||c|c|c|c|c} - & Cash & Bitcoin & ZCash & Creditcard & GNU Taler \\ \hline \hline - Online &$-$$-$$-$ & ++ & ++ & + & +++ \\ \hline - Offline & +++ & $-$$-$ & $-$$-$ & + & $-$$-$ \\ \hline - Trans. cost & + & $-$$-$$-$ & $-$$-$$-$ & $-$ & ++ \\ \hline - Speed & + & $-$$-$$-$ & $-$$-$$-$ & o & ++ \\ \hline - Taxation & $-$ & $-$$-$ & $-$$-$$-$ & +++ & +++ \\ \hline - Payer-anon & ++ & o & ++ & $-$$-$$-$ & +++ \\ \hline - Payee-anon & ++ & o & ++ & $-$$-$$-$ & $-$$-$$-$ {\bf (*)} \\ \hline - Security & $-$ & o & o & $-$$-$ & ++ \\ \hline - Conversion & +++ & $-$$-$$-$ & $-$$-$$-$ & +++ & +++ \\ \hline - Libre & $-$ & +++ & +++ & $-$ $-$ $-$ & +++ \\ - \end{tabular} - \end{center} - {{\bf (*)} Not having payee-anonymity is a good thing as otherwise money laundering - becomes a real problem.} -\end{frame} - - - - -\section{The Problem} -\begin{frame}{The Problem} - - 3D secure (``verified by visa'') is a nightmare: - \begin{minipage}{5cm} - \begin{itemize} - \item Complicated process - \item Shifts liability to consumer - \item Significant latency - \item Can refuse valid requests - \item Legal vendors excluded - \item No privacy for buyers - \end{itemize} - \end{minipage} - \begin{minipage}{5cm} - \includegraphics[width=\textwidth]{illustrations/cc3ds.pdf} - \end{minipage} - \vfill - Online credit card payments will be replaced, but with what? -\end{frame} - - -\begin{frame}{The Problem} -\vfill - \begin{textblock*}{12cm}(0.5cm,1cm) % {block width} (coords) - \begin{itemize} - \item Global tech companies push oligopolies - \item Privacy and federated finance are at risk -% \item 30\% fees are conceivable - \item Economic sovereingity is in danger - \end{itemize} -\end{textblock*} -\begin{textblock*}{4cm}(3.5cm,5.2cm) % {block width} (coords) - {\includegraphics[width=\textwidth]{competitor-logos/amazon.png}} -\end{textblock*} -\begin{textblock*}{2cm}(7cm,3cm) % {block width} (coords) - {\includegraphics[width=\textwidth]{competitor-logos/alipay.jpeg}} -\end{textblock*} -\begin{textblock*}{2cm}(3cm,3.5cm) % {block width} (coords) - {\includegraphics[width=\textwidth]{competitor-logos/paypal.jpeg}} -\end{textblock*} -\begin{textblock*}{2cm}(9cm,5cm) % {block width} (coords) - {\includegraphics[width=\textwidth]{competitor-logos/applepay.jpeg}} -\end{textblock*} -\begin{textblock*}{2cm}(7.5cm,5.9cm) % {block width} (coords) - {\includegraphics[width=\textwidth]{competitor-logos/samsungpay.jpeg}} -\end{textblock*} -\begin{textblock*}{1cm}(9.5cm,6.3cm) % {block width} (coords) - {\includegraphics[width=\textwidth]{competitor-logos/android_pay.png}} -\end{textblock*} -\vfill -\end{frame} -- cgit v1.2.3