TalkingTrust with Thales and ConsenSys Quorum
– Security for Ethereum Blockchains

TalkingTrust Series - ConsenSys – Blockchain

 

00:10 Welcome everyone. This is the latest in

00:12 our TalkingTrust video series.  

00:14 With me today is Arash.

00:16 Arash, I know you're calling in from a

00:19 long way away,

00:20 I believe, Canberra Australia, for this call.

00:23 I just want to say how much I

00:25 appreciate that and it's early morning

00:27 for you so I hope you've had

00:28 enough coffee to get through our webinar today.

00:33 Hey Blair, yeah morning! Thanks for

00:35 having me. I did have my cup of coffee, it

00:37 was a few hours ago.

00:38 I probably need another one, but I think

00:40 I've got just enough right to get me going

00:43 to this presentation today. So yes, thanks

00:45 for having me. It'll be a great chat.

00:47 Well good, we're looking forward to

00:49 it. As I said, this is our Talking

00:51 Trust video series and today we're

00:52 talking with ConsenSys and Arash.

00:54 I understand you've been with the

00:55 company for a few years and I just want

00:57 to make sure I have it correct but

00:59 you are the Protocol Engineering Lead

01:02 for ConsenSys.

01:04 Yes, I'm one of the Product Managers of

01:06 ConsenSys. I've been with them for

01:08 nearly about three years and I've been

01:11 in the blockchain space

01:13 for a little bit longer than that.

01:15 It's a fantastic space and you know it

01:19 moves very, very fast and has been rapidly

01:22 developing and growing and changing.

01:25 Which is very, very exciting, but you know

01:27 sometimes really hard to keep up with

01:29 and I'm sure so that you're aware

01:31 there's a lot of things going on

01:34 in the blockchain space in the

01:35 cryptocurrency market.

01:37 It's becoming it's been a big hike

01:4001:41 and continues to be. I think

01:44 as it continues to mature and grow the technology,

01:47 the cat's out of the bag so to

01:49 speak and it's not going back in. 

01:50 Everyone's starting to pop their heads

01:52 up and really

01:53 take notice which is really exciting.

01:55 Well good.

01:56 I should have mentioned I run the

01:57 Business Development Blockchain

02:00 relationship with ConsenSys and I'm part

02:02 of Thales if I didn't say at the beginning. 

02:05 We've been working together you and

02:07 I and our companies for the last few

02:08 months putting together what we believe

02:10 to be a pretty exciting

02:11 combination of technologies. What I

02:14 think we could do

02:15 is, no one's looking forward to about 30

02:18 or 40 slides, so we can

02:19 assure you that if you listen in, this is

02:21 only going to be a few short slides.

02:23 I'm excited because

02:24 I don't like those long type

02:28 of deep dives. So we're going to go at a

02:30 very high level, explain a little bit

02:31 about our two technologies coming together,

02:33 and again what I would like to do is

02:37 is give you the opportunity to talk

02:39 about ConsenSys,

02:40 talk about the Ethereum aspect of what

02:42 you're doing and if you could pull up

02:44 the slides we'll do so.

02:47 We'll get through the slides and then

02:48 come back at the end to do some wrap-up.

02:50 Great, sounds good.  I might jump

02:54 straight in and start talking a little bit about

02:58 all the exciting work that ConsenSys and

03:00 Thales have been

03:01 doing together and but just to

03:05 kind of level set and make sure we're

03:07 all on the same page,

03:08 I find it useful to briefly touch on

03:12 what my definition of blockchain is.

03:14 And you know,

03:15 our viewers could be

03:17 someone that's very familiar with

03:18 the concepts of blockchain and

03:20 blockchain technology or

03:21 this is a little bit more new.

03:25 At a high level,

03:26 what does a blockchain mean? 

03:29 There's two kind of words in

03:31 that, so there's this concept of blocks,

03:33 that I'll touch on in a second,

03:34 and these chains. You can think

03:37 of a blockchain network as

03:39 really a ledger of transactions.

03:42 Illegal transactions

03:44 of who sent what to whom,

03:47 on what date, and that might seem

03:50 like a very common concept that we're

03:52 very used to with things like databases for

03:55 example, and the distinction with

03:57 blockchain technology

03:59 is that it's distributed and

04:00 decentralized. What that means

04:02 is that everyone has a copy of the data.

04:05 So, Blair if you and I are on a

04:08 blockchain network,

04:09 we both have a copy of that

04:12 database in a traditional sense.

04:14 You might hold the copy of that database and you

04:17 gave me access and I can access your database.

04:20 But, there's no way for me to really know

04:22 if you go behind

04:23 my back and change anything on the

04:24 database, when I have a copy of that

04:27 if yours looks different to mine then

04:28 that's very clear.

04:30 And if things are distributed then we

04:34 both kind of share ownership over maintaining

04:37 that database and making sure it's

04:39 robust and secure.

04:41 These concept of blocks

04:44 is what you can imagine is a blockchain

04:47 is a set of transactions that take place

04:49 on the network.  I send you

04:51 five dollars on a particular date

04:53 and all these transactions that take

04:55 place get put into a box

04:57 and these boxes get sent around the network.

05:01 They stack up on top of each other, so 

05:04 block one, then two, then three, then four, in

05:08 sequential order and that's what forms

05:09 this chain concept.

05:11 The key differentiator

05:14 and the value add that blockchain networks provide

05:16 is to be able to guarantee the

05:18 authenticity of who produced these blocks.

05:21 What we're going to talk a little

05:22 bit more about here today, are these

05:25 cryptographic keys. We use these keys

05:28 to sign our transactions and sign our blocks

05:31 to validate that this block was produced by me.

05:34 I am sending you this block

05:36 and I own it. These keys are what

05:39 we want to really secure

05:40 and make sure there's control over

05:44 because losing our keys and losing our identity 

05:47 essentially is what compromises the network.

05:50 We'll talk about that a little bit more.

05:53 The main thing that we want to do with these

05:58 cryptographic keys is make sure that

06:00 they are robust and safely secured because if

06:04 someone gets access to their keys

06:06 then they can imitate us on our network

06:08 and they can pretend

06:09 pretend to be me on the network so

06:11 although blockchain technology itself is

06:14 tamper proof, losing your keys

06:19 is where trouble comes in. I

06:20 was listening to a podcast the other day

06:23 about a heist on the most secure vault

06:28 in the world. I think it was back in the

06:31 90s. The vault

06:34 had all the security measures in place

06:36 that it needed.

06:37 One of the security measures was

06:38 this two-key system so

06:40 that you actually needed two physical

06:42 keys that could be detached

06:44 and stored separately to access the vault but

06:47 what the burglars realize  is

06:50  that the security guards just

06:53  kept those two keys together

06:56  in the room right next door to the vault.

06:58  You can produce the more secure vault,

07:01 but if you don't keep

07:02 your keys secure, locked away somewhere,

07:05 then it's very easy to hack into.

07:07 Lots of lessons learned over the years.

07:12 I don't think that they

07:14 were too clever about their separation

07:16 of duties in that

07:17 example. We'll talk as well

07:18 on the HSM side how we could make

07:20 that problem go away quite easily. 

07:23 Exactly.

07:24 We've talked about what is a

07:27 blockchain network. The

07:29 next question that we usually get asked is,

07:32 why is this important?  How big

07:34 is this space? If we're talking about

07:37 hundreds of dollars being

07:39 run on the blockchain network or

07:40 even potentially thousands, and the

07:42 remote possibility of a hack,

07:44 how big of an impact can it really be?

07:46 What I wanted to bring to everyone's attention

07:50 is really how big this market is and how rapidly it's

07:54 growing and what I want to talk about is

07:57 just very briefly the growth of the

07:59 enterprise market.

08:01 When we're talking about the

08:04 Ethereum, let's just take

08:05 one blockchain example. At ConsenSys

08:08 we believe in the value of Ethereum as

08:11 the kind of biggest blockchain network,

08:12 with the most number of active users and developers in

08:15 the space, and excluding the

08:20 mainnet network, which is the

08:22 permissionless network that anybody

08:24 can join and transact on.

08:26 There's billions of dollars

08:28 secured on that at the moment

08:30 but even putting that aside and

08:32 looking just for growth of

08:33 enterprise adoption,

08:34 there's nearly seven billion dollars in

08:36 value that they're projecting to be used in the system

08:40 within 2021 and the growth of

08:43 Fortune 500 companies coming

08:47 into space and moving their projects from

08:50 what they term, proof of concept

08:52 and R&D projects that

08:54 started a number of years ago

08:56 to real production, value ads with end

08:59 user access, is really rapidly increasing.

09:02 You can see this across

09:06 and we talked a bit about this

09:08 previous to the call today but it's really

09:11 an element of the maturity of

09:13 blockchain, so what you're saying

09:16 is that a great deal of fine

09:19 the transactional value of seven billion

09:22 pales in comparison to the

09:24 to the traditional markets. You're

09:26 seeing an emerging technology. The

09:28 trust and integrity is becoming

09:30 an issue and with what you're just

09:33 just describing today

09:34 is if people trust, it they will use it.

09:37 Is a that a fair statement?

09:38 Trust and integrity of a blockchain network is

09:44 very paramount and as

09:46 one of the one of the fundamental

09:48 elements that blockchain

09:50 tries to bring in is this concept of

09:53 distributed trust. It's a

09:54 trustless technology because you can

09:56 trust in the protocol in the system,

09:58 rather than necessarily trusting

10:00 the person that you're interacting with.

10:02 Having that trust in

10:05 integrity of the solution is paramount,

10:07 because if you don't have that

10:09 then what else is there?

10:12 It's really the market,

10:16 it’s rapidly growing and

10:18 it's moving from a stage of a number of

10:23 technologists really using these solutions to

10:26 mainstream adoption.

10:27 We're really seeing that pick up

10:29 over the last few years. Today we'd like to talk

10:33 about that in the application side, 

10:35 moving from theory to

10:37 practice. Maybe you could talk a

10:38 little bit about how ConsenSys Quorum

10:42 is a product that is

10:46 unique but also adopting and

10:48 adapting, and providing those

10:50 those trust elements that you described

10:52 in your previous slide. I'll

10:53 let you walk through this slide for us a little bit.

10:56 at a high level touching on what ConsenSys Quorum is.

11:01 ConsenSys Quorum is an open source

11:04 blockchain platform that you can use

11:06 for a permissioned or permissionless

11:09 network. It supports a

11:11 permissionless network, a public

11:13 chain that anybody can use.

11:15 What we've also seen is a wide range

11:17 of adoptions across different use cases for

11:20 permission chains so consortium chains

11:22 that are coming together to

11:24 transact and have for some particular

11:28 use case. We've seen this from

11:30 financial use case predominantly

11:32 to reduce the cost of operation

11:35 in supply chain for tracking food for example.

11:38 You can kind of build any sort of platform

11:42 that you want on top of that.

11:44 ConsenSys Quorum so consistently

11:46 provides that base layer application,

11:49 which is the trust of the distributed

11:50 technology and running the blockchain

11:52 network for you.

11:54 There's a number of features and things

11:57 that it brings to place both in permission network,

12:01 where you know things like private

12:02 transactions and privacy

12:04 and security is quite paramount. You

12:07 might have a number of organizations that are

12:10 transacting with each other on the network,

12:12 but some of those transactions need to

12:14 be private, so it supports that as well, allowing

12:19 permission access so you know who is

12:21 joining your network and what kind of

12:22 transactions are taking place.

12:24 This kind of starting capability,

12:29 which we're going to dig into a little

12:30 bit more, about providing

12:32 keys and securely storing those keys

12:36 separately to your application layer.

12:39 You can provide that

12:41 differentiation but ConsenSys Quorum

12:43 is a really customizable solution

12:46 that you can pick up as an open source tool

12:49 and start developing your application on

12:50 it straight away.

12:53 I think that's a great segue into

12:55 the next slide. We're going to talk a

12:56 little bit about the key security

12:58 elemental to the integrity of the entire blockchain.

13:03 As we put the slide up here and

13:05 to the right we show

13:06 a typical HSM. Maybe you could talk a

13:09 little bit about your perspective on the attack

13:13 vectors and what that could mean to

13:15 a blockchain environment and why it's

13:17 important to protect that infrastructure.

13:19 Definitely.

13:20 I guess as I keep talking about these keys, one

13:24 of the paramount things that we

13:27 identified while we're building

13:28 solutions for our customers

13:30 is how do you store these keys? Where

13:32 do you put these keys to provide a level

13:34 of integrity and access that's required

13:37 but also make sure they are in a tamper-proof,

13:40 sealed environment that can't be accessed?

13:44 The integration that we did

13:48 with Thales was essentially an

13:50 integration with ConsenSys Quorum

13:52 and a Luna Network HSM module which

13:55 allows for these keys to be stored

13:57 securely in a separate device, an off-chain device.

14:00 That integration allows ConsenSys Quorum

14:04 to communicate with a HSM module for

14:07 any transactions and processes

14:10 that need access to the HSM. The keys never

14:14 leave the HSM application. I'll

14:16 talk a little in a second on the next slide about

14:18 what you do with these keys? 

14:22 But as I said paramount to this, is being able to

14:26 differentiate and securely keep your

14:28 keys away from your

14:30 server layer, where your application resides.

14:34 In the event that somebody gets access to your server environment,

14:40 where your application logic is, at least

14:42 if your keys are separate 

14:45 they can't get even though.

14:47 They might get access to the data,

14:49 they can't imitate you on the network

14:52 and pretend to be you,

14:53 and therefore access your funds. So

14:56 digging in a little bit about

14:58 how we utilize our integration

15:01 with the Luna HSM module.

15:03 It's really about improving your

15:05 identity on your network and an Ethereum blockchain network.

15:08 Your identity allows you to do a number

15:10 of things, so when you peer with

15:12 others as I said it's a distributed

15:14 technology, where we communicate and

15:16 shake hands when we

15:17 you know with each other, we identify

15:19 who we are. So just in real life when we

15:21 meet one another I say hi.

15:23 A layer of trust and you just trust me

15:25 that's my name that's my identity,

15:27 and in a blockchain network you use

15:29 these keys to identify who you are, 

15:31 when you meet other people on the network.

15:34 One of the other things you do

15:36 once you peer with other people,

15:38 when you do these transactions and

15:39 create these blocks

15:41 and find your name on the block and send

15:43 them across is you create these blocks,

15:46 you sign your name on it, using your key. You sign

15:50 the block that says, hey I produced this

15:52 block. Here's my copy of it. You validate

15:54 it against blocks that you have and make

15:57 sure they're identical that that we're

15:59 both speaking the same language. That

16:02 again is a critical component,

16:04 maintaining the governance of the

16:05 network is also important. In a permission chain,

16:09 these nodes which are

16:12 essentially the computers on the network

16:15 that run this application and maintain the network,

16:19 get to also say who is and isn't in a

16:22 permission network. If you and I

16:23 control the network

16:25 and somebody else wants to join, I have

16:27 to say yes, they can join it. You have to

16:29 say yes, they can join.

16:30 You can imagine what happened if

16:32 someone was imitating my identity,

16:34 they could obviously let others join the network

16:37 where we don't necessarily want them to.

16:40 All these kind of controls that are

16:43 in place you can see how

16:44 important it is to make sure your

16:46 cryptographic keys are securely stored away.

16:48 The value that we have with the Luna HSM

16:52 is that we can create the keys in the

16:53 HSM. They can stay in there and

16:55 they don't ever have to leave

16:57 the HSM.  When we want to create

16:59 a block we go and talk to the HSM and say hey,

17:02 I want to create a block. Use my

17:04 key to find this for me.

17:06 Then the HSM does that

17:08 and sends the signature back. We know

17:10 that the keys never

17:11 leave the module itself and any

17:13 communication we need to do, we do

17:15 directly and then send back.

17:17 I think the key here is that it's

17:19 not optional, it's not an exception, it's a rule.

17:22 What you've built here is the

17:24 integrity of that design and it

17:26 mandates that every single

17:28 transaction described has

17:30 a root of trust in that cryptographic

17:32 module. I think that's a key element

17:34 no pun intended,

17:36 that we find ourselves in, is this transparent operation

17:40 from a usability point of view.

17:43 One of the the value benefits is that this is all

17:46 running in the background, this

17:47 plumbing and wiring,

17:48 and the performance is not affected in

17:51 any shape or form. We're really glad

17:53 that we're working with you to make this

17:56 truly a win-win win situation

17:59 by using the elements within ConsenSys

18:01 and the value proposition of HSM technologies.

18:04 We've got a few couple more slides

18:06 here. Did you want to

18:08 walk us through some of

18:10 the resources that are available

18:12 to our listeners today and what they

18:15 could learn by going to your website or

18:17 some of the documents? 

18:19 Definitely.

18:22 There's obviously tons of

18:23 material available out there if you want

18:25 to learn more about both Thales and

18:27 ConsenSys Quorum,

18:28 and what we do and our integration with

18:31 the Luna HSM. Reach out, our

18:34 contact details are there, if you want to

18:36 talk a little bit more

18:37 and dig into some of the more

18:38 technicalities. We're more than happy to

18:41 do that, but as I said we found that

18:43 this is a key component for networks

18:46 that are moving into production.

18:47 While we're in kind of POC and

18:49 testing phase, those kind of security elements don't

18:52 necessarily come into where they're

18:54 they're not top of mind and

18:55 the application logic seems to be top of

18:57 mind for most of our customers.

18:59 As projects move through

19:00 pre-production and getting into production,

19:02 the Luna HSM requirements are paramount.

19:08 It is definitely a hard requirement. Any customer that we

19:12 speak to definitely has those requirements and

19:15 this is part of the the fact that we've worked together.

19:20 Please reach out if you

19:22 have any questions and happy to talk a

19:24 little bit more about this.

19:26 We've got the the data sheet elements available

19:30 and from a resource point of view on

19:32 on the slide, there you can reach

19:33 you can reach out to myself or Arash if

19:35 you have any questions.

19:36 I'm just going to end the slides here

19:38 and put our talking heads back up on the

19:40 screen if people forgotten what we might look like

19:42 or sound like.

19:44 Arash, I just wanted to say thanks very

19:46 much. We're very excited to be working with ConsenSys,

19:48 and appreciate you walking us

19:50 through the technology stack.

19:52 If there's anything that you'd like to

19:56 add at a later date by all means.

19:59 We're looking forward to working with

20:00 you and evolving as your technology evolves with us. 

20:04 Thanks again for all of your input

20:06 and working with us on the

20:08 TalkingTrust Webinar Series and again,

20:11 we look forward to working with

20:12 you it's been fun. Thanks Blair. 

20:14 Thanks for having me.

20:15 You're welcome.