You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1227 lines
31 KiB
1227 lines
31 KiB
\documentclass[12pt]{beamer}
|
|
\usepackage{beamerthemeHannover, graphicx, clrscode, amsmath, amssymb, multicol}
|
|
\usepackage{mathtools,url}
|
|
\usepackage{textcomp} \usepackage{verbatim}
|
|
\usepackage{listings}
|
|
\setbeamercolor{sidebar}{use=structure,bg=purple}
|
|
\usepackage[utf8]{inputenc}
|
|
\usepackage[russian]{babel}
|
|
|
|
\author[Duke Leto\\hush.is/privacy]{Duke Leto\\\small{duke.leto.net\\hush.is}}
|
|
\date{}
|
|
\title[\hspace{2em}\insertframenumber/
|
|
\inserttotalframenumber]{Take Back\\ Your Privacy \\With Hush}
|
|
\setbeamertemplate{navigation symbols}{} %no nav symbols
|
|
|
|
% keynote-ish
|
|
\renewcommand\sfdefault{phv}
|
|
\renewcommand\familydefault{\sfdefault}
|
|
\usetheme{default}
|
|
\usepackage{color}
|
|
\useoutertheme{default}
|
|
%\usepackage{texnansi}
|
|
\usepackage{marvosym}
|
|
\definecolor{bottomcolour}{rgb}{0.32,0.3,0.38}
|
|
\definecolor{middlecolour}{rgb}{0.08,0.08,0.16}
|
|
\setbeamerfont{title}{size=\Huge}
|
|
\setbeamercolor{structure}{fg=gray}
|
|
\setbeamertemplate{frametitle}[default]%[center]
|
|
\setbeamercolor{normal text}{bg=black, fg=white}
|
|
\setbeamertemplate{background canvas}[vertical shading]
|
|
[bottom=bottomcolour, middle=middlecolour, top=black]
|
|
\setbeamertemplate{items}[circle]
|
|
\setbeamerfont{frametitle}{size=\huge}
|
|
\setbeamertemplate{navigation symbols}{} %no nav symbols
|
|
|
|
\begin{document}
|
|
|
|
\frame[t]{
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{hush-dark}
|
|
\end{center}
|
|
\titlepage
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{ What Is Hush? }
|
|
\begin{center}
|
|
\includegraphics[scale=0.18]{welcome-to-extreme-privacy}
|
|
\end{center}
|
|
|
|
\begin{center}
|
|
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
\begin{itemize}
|
|
\item Magic Internet Money
|
|
\item Private Chat Platform
|
|
\item Store-of-Privacy
|
|
\end{itemize}
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
\begin{itemize}
|
|
\item mainnet launched 2016
|
|
\item Global Community
|
|
\item i18n $\sim$ 20 langs
|
|
\end{itemize}
|
|
|
|
\end{column}
|
|
\end{columns}
|
|
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{How Is Hush Like Bitcoin?}
|
|
\begin{center}
|
|
\includegraphics[scale=0.30]{hush-code-is-bitcoin}
|
|
\end{center}
|
|
|
|
\begin{itemize}
|
|
\item Based on Bitcoin 0.11.2
|
|
\item No Company, Decentralized Community
|
|
\item 21M Total Supply
|
|
\item Halvings every four years
|
|
\item Hush extends Bitcoin Protocol
|
|
\item Mine with ASICs
|
|
\item wallet.dat works very similar
|
|
\item Compatability at many layers
|
|
\item Store-of-Value $\Longrightarrow$ Store-of-Privacy
|
|
\end{itemize}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{How Is Hush different?}
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{hush-same-as-bitcoin}
|
|
\begin{itemize}
|
|
\item Alice sends Bob money
|
|
\item Alice's address is private!
|
|
\item Bob's address is private!
|
|
\item The amount sent is private!
|
|
\item Encrypted memo field is private!
|
|
\item The number of recipients is private!
|
|
\item Plausible Deniability
|
|
\item 75 seconds vs 10 minute blocktime
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Bitcoiners Pay Extra For Privacy}
|
|
\begin{center}
|
|
\includegraphics[scale=0.22]{lolwut}
|
|
\end{center}
|
|
}
|
|
|
|
|
|
\frame{
|
|
\frametitle{How Is Hush different?}
|
|
You must use privacy, it's no longer optional!
|
|
\begin{center}
|
|
\includegraphics[scale=0.1]{send-in-the-clowns}
|
|
\begin{itemize}
|
|
\item Everyone must use privacy, no choice
|
|
\item Best practices are automated
|
|
\begin{itemize}
|
|
\item Only can send to a zaddr (z2z)
|
|
\item Send to multiple addresses (Sietch)
|
|
\item P2P encryption mandatory (TLS 1.3 Only!)
|
|
\end{itemize}
|
|
\item How much money was sent?
|
|
\item How many people received funds?
|
|
\item Was encrypted additional information sent?
|
|
\item "Herd immunity" to metadata attacks
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
\frame{
|
|
\frametitle{How Is Hush different?}
|
|
Herd immunity is network-wide resistance to metadata attacks.
|
|
\begin{center}
|
|
\includegraphics[scale=0.08]{zombie-moat}
|
|
\begin{itemize}
|
|
\item Sietch adds non-determinism
|
|
\item Your neighbor isn't doxxing you all day
|
|
\item You are responsible for your privacy, not others
|
|
\item Privacy increases with time, anonset $\uparrow$
|
|
\item XMR anonset is per-tx (small), decreases w/ time
|
|
\item HUSH anonset is network-wide
|
|
\item HUSH anonset is non-decreasing on average
|
|
\item HUSH anonset $\gg$ ZEC anonset
|
|
\item HUSH: 1st privacy coin w/ real-time anonset stats
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Zcash "Privacy"}
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{zec-clown}
|
|
\end{center}
|
|
Invented new Zero-Knowledge math but don't use it!!!
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Hush Zero Knowledge Math}
|
|
|
|
\begin{center}
|
|
The Magic Sauce
|
|
|
|
\includegraphics[scale=0.2]{zk-example}
|
|
|
|
\begin{itemize}
|
|
\item Zero Knowledge Proofs
|
|
\item Invented in 1985, just became "usable"
|
|
\item zk-SNARKs (close to 100 kinds)
|
|
\item Zero Knowledge Succinct Non-Interactive Arguments of Knowledge
|
|
\item Prove X is true, without saying anything about X
|
|
\item Elliptic Curves, Fields, Group Theory
|
|
\end{itemize}
|
|
\end{center}
|
|
|
|
}
|
|
\frame{
|
|
\frametitle{zk-SNARKs}
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.15]{math-lulz}
|
|
|
|
New atom for building privacy software
|
|
\begin{itemize}
|
|
\item One "flavor" : Zcash Protocol built on them
|
|
\item Monero uses older math that leaks metadata
|
|
\item There are others, like zk-STARKs/etc
|
|
\item Hush Protocol is an improved Zcash Protocol
|
|
\begin{itemize}
|
|
\item Same exact cryptographic primitives
|
|
\item We enforce their use
|
|
\item First blockchain to use Sapling zaddrs exclusively
|
|
\item All our privacy is inside one "pool"
|
|
\end{itemize}
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Sietch}
|
|
attackingzcash.com
|
|
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
Zcash z2z (optional)
|
|
|
|
\includegraphics[scale=0.2]{zec-graph}
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
Hush z2z (always)
|
|
|
|
\includegraphics[scale=0.12]{sietch-graph}
|
|
\end{column}
|
|
\end{columns}
|
|
|
|
An underground fortress for every transaction!
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Sietch}
|
|
\begin{center}
|
|
|
|
\includegraphics[scale=0.05]{nice-sietch}
|
|
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
|
|
\includegraphics[scale=0.18]{sietch-wp}
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
|
|
\includegraphics[scale=0.18]{sietch-wp-ru}
|
|
\end{column}
|
|
\end{columns}
|
|
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{If You Are Not Paying For Privacy...}
|
|
|
|
You Don't Have Any!
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{no-rhythm}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{How Is Hush different?}
|
|
\begin{center}
|
|
|
|
explorer.hush.is
|
|
|
|
\includegraphics[scale=0.20]{recent-explorer}
|
|
|
|
\begin{itemize}
|
|
\item Extreme Privacy Block Explorer
|
|
\item No Javascript (client or server)
|
|
\item No Images (web bugs)
|
|
\item Tor Hidden Service Available
|
|
\item Doesn't doxx you
|
|
\end{itemize}
|
|
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{How Does Hush Build Upon Bitcoin?}
|
|
|
|
Hush is at Layer 2
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.15]{protection-for-all}
|
|
\end{center}
|
|
|
|
\begin{itemize}
|
|
\item Lightning Network
|
|
\item Bisq Decentralized Exchange
|
|
\end{itemize}
|
|
We don't compete with Bitcoin, we build upon it.
|
|
}
|
|
|
|
|
|
\frame{
|
|
\frametitle{What Is HushChat?}
|
|
|
|
\begin{center}
|
|
|
|
% \includegraphics[scale=0.25]{
|
|
|
|
HushChat is an encrypted chat messaging protocol and decentralized platform.
|
|
|
|
\includegraphics[scale=0.4]{hushchat-screenshot}
|
|
|
|
Like Signal Protocol on a blockchain, with ratcheting.
|
|
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{What Is HushChat?}
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.2]{hush-comparison}
|
|
|
|
\begin{itemize}
|
|
\item HushChat Protocol is an encrypted chat messaging protocol and decentralized platform.
|
|
\item Signal Protocol with zaddrs not phone numbers
|
|
\item We don't use Signal code.
|
|
\item Proud libsodium user! Unlike Zcash...
|
|
\end{itemize}
|
|
|
|
|
|
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{What Is HushChat?}
|
|
|
|
\begin{center}
|
|
|
|
\includegraphics[scale=0.1]{paranoid-whackjobs}
|
|
|
|
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
Signal
|
|
\begin{itemize}
|
|
\item Signal Protocol
|
|
\item Centralized
|
|
\item Phone Numbers
|
|
\item Closed Source Server
|
|
\item Uncle Sam backdoors
|
|
\end{itemize}
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
HushChat
|
|
\begin{itemize}
|
|
\item HushChat Protocol
|
|
\item Decentralized
|
|
\item Shielded Addresses
|
|
\item GPLv3 Free Software
|
|
\item ??? backdoors?
|
|
\end{itemize}
|
|
\end{column}
|
|
\end{columns}
|
|
|
|
\end{center}
|
|
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Who Profits From Surveillance?}
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.30]{faraday}
|
|
\end{center}
|
|
|
|
\begin{itemize}
|
|
\item MFAANG (MSFT,FB,Amazon,Apple,Netflix,Google)
|
|
\item Surveillance Valley (Silicon Valley)
|
|
\item Governments
|
|
\item Militaries
|
|
\item Advertisers
|
|
\end{itemize}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Backdoors Everywhere}
|
|
\begin{center}
|
|
|
|
Disagree? You probably get paid to cover up backdoors.
|
|
|
|
\begin{itemize}
|
|
\item Signal - Best Protocol, backdoored by USA
|
|
\item WhatsApp - Backdoored by USA
|
|
\item Wickr- Backdoored by USA
|
|
\item Threema - Backdoored by USA
|
|
\item Telegram - Backdoored by Russia
|
|
\item WeChat - Backdoored by China
|
|
\item Zoom/KeyBase - USA and China, most likely
|
|
\end{itemize}
|
|
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
\includegraphics[scale=0.20]{back-door-man}
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
\includegraphics[scale=0.25]{just-a-small-signal-backdoor}
|
|
\end{column}
|
|
\end{columns}
|
|
|
|
\end{center}
|
|
}
|
|
|
|
|
|
\frame{
|
|
\frametitle{Who Spies On You?}
|
|
Depends on your GPS coordinates...
|
|
|
|
TLDR: Too many people, alphabet soup.
|
|
|
|
\begin{center}
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
Country
|
|
\begin{itemize}
|
|
\item Australia - ASIO
|
|
\item Canada - CSE
|
|
\item China - MSS
|
|
\item England - GCHQ
|
|
\item France - DGSE
|
|
\item Germany - BND
|
|
\item USA - NSA
|
|
\item Russia - FSB (ФСБ)
|
|
\item Singapore - ISD
|
|
\item Spain - CNI
|
|
\item Switzerland FIS
|
|
\end{itemize}
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
Global Networks
|
|
\begin{itemize}
|
|
\item Five Eyes (FVEY)
|
|
\item Nine Eyes
|
|
\item 14 Eyes
|
|
\item FATF (China+USA+Russia!)
|
|
\end{itemize}
|
|
|
|
\includegraphics[scale=0.15]{get-smart}
|
|
|
|
\end{column}
|
|
\end{columns}
|
|
\end{center}
|
|
}
|
|
\frame{
|
|
\frametitle{A Rose By Another Name}
|
|
\begin{center}
|
|
\includegraphics[scale=0.30]{mia-kgb-fsb}
|
|
|
|
\begin{itemize}
|
|
\item KGB $\Longrightarrow$ FSB
|
|
\end{itemize}
|
|
% \includegraphics[scale=0.30]{extreme-privacy-putin}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Surveillance Devices}
|
|
Most tech is designed to surveil and eject metadata in all directions.
|
|
|
|
You give it for free and it's sold back to you and others.
|
|
\begin{center}
|
|
\begin{itemize}
|
|
\item "Party Lines"
|
|
\item Fax machines
|
|
\item Email
|
|
\item Mobile Phones (SMS/MMS)
|
|
\item Web browsers
|
|
\item Web servers
|
|
\item Social Media
|
|
\item Voice Assistants
|
|
\item Every for-profit tech company
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
|
|
\frame{
|
|
\frametitle{Hush Is Human Rights}
|
|
|
|
United Nations
|
|
|
|
Universal Declaration of Human Rights
|
|
|
|
Most governments have not signed this into law.
|
|
|
|
Code is law on the HUSH blockchain!
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.25]{un-article12}
|
|
|
|
No government or company can see inside your multiple layers of encrypted data!
|
|
|
|
\includegraphics[scale=0.5]{seems-a-little-crazy}
|
|
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Silicon Valley?}
|
|
|
|
\begin{center}
|
|
Started by two Stanford professors:
|
|
|
|
Terman (US) + Shockley (UK)
|
|
|
|
\begin{itemize}
|
|
\item Preferred Electronic Warfare (EW) contractor
|
|
\item Best academic research was monetized
|
|
\item Students invented/improved:
|
|
\begin{itemize}
|
|
\item Efficient spy planes
|
|
\item Advanced Radar Jamming
|
|
\item Spy balloons, EME
|
|
\item Spy submarines
|
|
\end{itemize}
|
|
\item Some PhD theses were Top-Secret
|
|
\item Students went to form the first SV companies
|
|
\item Example: Hewlitt and Packard
|
|
\item Example: " Traitorous 8 "
|
|
\begin{itemize}
|
|
\item form Fairchild Semiconductor (1957)
|
|
\item 2 of 8 leave Fairchild to form Intel
|
|
\end{itemize}
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Surveillance Valley}
|
|
|
|
\begin{center}
|
|
It's alwas been Surveillance Valley, from the start.
|
|
|
|
Silicon made radar and radar jamming drastically more efficient.
|
|
|
|
\includegraphics[scale=0.6]{sv}
|
|
|
|
steveblank.com/secret-history/
|
|
\end{center}
|
|
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Hush Is Privacy}
|
|
|
|
Humans had privacy by default 100 years ago.
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.22]{anon-15-min}
|
|
\end{center}
|
|
|
|
Now we have surveillance by default.
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Hush Is Privacy}
|
|
|
|
Hush delivers privacy in a world of surveillance.
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.25]{mosque-cameras}
|
|
\end{center}
|
|
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{What Data Do They Want?}
|
|
|
|
Anything they can use to control you, market to you and/or sell to others.
|
|
Which is everything.
|
|
|
|
\begin{center}
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
\begin{itemize}
|
|
\item GPS
|
|
\item IMEI/IMSI
|
|
\item IP address
|
|
\item Browser details
|
|
\item Website URLs
|
|
\item Emails
|
|
\item Facebook messages
|
|
\item Shopping preferences
|
|
\item Financial records
|
|
\end{itemize}
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
\begin{itemize}
|
|
\item "encrypted" chats
|
|
\item 24/7 camera feeds
|
|
\item Sentiment (reactions)
|
|
\item Facial scans
|
|
\item Voice recordings
|
|
\item Genetic samples
|
|
\item Medical records
|
|
\item Biometric sensors
|
|
\end{itemize}
|
|
\end{column}
|
|
\end{columns}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Hush Is Privacy}
|
|
|
|
Must trust the hardware and software!
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.25]{phones}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Hush + Precursor}
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{grandpa-new-phone}
|
|
\end{center}
|
|
|
|
HushDroid is cool, but still so many backdoors.
|
|
|
|
Precursor is amazing new mobile hardware!
|
|
|
|
Trustable hardware + zero-knowledge math privacy $\Longrightarrow$ Win
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{precursor}
|
|
\end{center}
|
|
Precursor is the best HW in dev for use by Hush.
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Privacy By Default}
|
|
|
|
\begin{center}
|
|
Bleeding-edge Peer-to-Peer (p2p) Encryption
|
|
\begin{itemize}
|
|
\item Transport Layer Security (TLS) 1.3 only!
|
|
\item Useless for surveillance coins, very important for privacy coins!
|
|
\item Unencrypted connections disallowed
|
|
\item Advanced peer banning tech
|
|
\begin{itemize}
|
|
\item Feeler connections
|
|
\item test-before-evict
|
|
\item "Eclipse Attacks on Bitcoin’s Peer-to-Peer Network" (2015)
|
|
\item Ethan Heilman* Alison Kendler* Aviv Zohar† Sharon Goldberg*
|
|
\item *Boston University, †Hebrew University
|
|
\end{itemize}
|
|
\item BTC Core has implemented all countermeasures
|
|
\item Erebus Attack mitigation via ASN map
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Bleeding Edge of TLS}
|
|
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.14]{heartbleed}
|
|
\begin{itemize}
|
|
\item NSA: TLS\_AES\_256\_GCM\_SHA384
|
|
\item DJB: TLS\_CHACHA20\_POLY1305\_SHA256
|
|
\item No TLS certificates needed, that is a scam
|
|
\item We deleted OpenSSL, now use WolfSSL!
|
|
\item It's not made of CVE's
|
|
\item Nodes non-deterministically prefer either cipher
|
|
\item Forces network to use both ciphers randomly
|
|
\item You cannot predict which will be used
|
|
\end{itemize}
|
|
\end{center}
|
|
|
|
}
|
|
\frame{
|
|
\frametitle{Erebus Attack}
|
|
|
|
https://erebus-attack.comp.nus.edu.sg
|
|
|
|
Muoi Tran, Inho Choi, Gi Jun Moon
|
|
|
|
Anh V. Vu, Min Suk Kang
|
|
|
|
\begin{center}
|
|
Recent Attack against Bitcoin
|
|
\begin{itemize}
|
|
\item Research by National University of Singapore
|
|
\item Bitcoin Core realizes it's important
|
|
\item Code remains unmerged on Github for 1.5yrs
|
|
\item Likely never turned on by default
|
|
\item Hush protects all users by default already
|
|
\item Very first cryptocoin (and privacy coin) to do this
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Attacks That Molded Hush}
|
|
|
|
\begin{center}
|
|
Every attack makes Hush stronger.
|
|
\includegraphics[scale=0.25]{not-today}
|
|
|
|
\begin{itemize}
|
|
\item Cryptopia 51\% attacker $\Longrightarrow$ DPoW
|
|
\item Sprout Inflation Bug CVE $\Longrightarrow$ Sapling
|
|
\item Fraudulent Exchanges (Graviex,Citex,etc)
|
|
\item Malicious DPoW Attack $\Longrightarrow$ Hush DPoW
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Delayed-Proof-of-Work}
|
|
|
|
\begin{center}
|
|
Big blockchains can protect little blockchains.
|
|
|
|
It only makes sense to be protected by the strongest: Bitcoin
|
|
|
|
\begin{itemize}
|
|
\item HUSH injects blockhash data into HUSH+BTC
|
|
\item This costs HUSH+BTC, constantly
|
|
\item HUSH is protected by hashrate of BTC
|
|
\item Any other coin can jump in our wagon
|
|
\item Drastically easier/cheaper than doing it yourself
|
|
\item Cost is \$1K USD in BTC or XMR per month
|
|
\item Solves "Double Spend" attacks on exchanges!
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Delayed-Proof-of-Work}
|
|
DPoW enforces censorship-resistance.
|
|
|
|
Without DPoW, a mining attacker can rewrite history, like politicians.
|
|
\begin{center}
|
|
\begin{itemize}
|
|
\item DPoW means your data cannot be removed
|
|
\item DPoW means an attacker needs to attack BTC
|
|
\item Attacks are extremely costly
|
|
\item Attacks are less likely to succeed
|
|
\item Attackers cannot profit so they go elsewhere
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Hush + Tor}
|
|
\begin{center}
|
|
\includegraphics[scale=0.35]{do-not-wail}
|
|
|
|
Both evolving greatly in 2021
|
|
\begin{itemize}
|
|
\item Tor Network is under constant attack
|
|
\item v2 Hidden Services being DoS'ed
|
|
\item Migrating from v2 to v3 Hidden Services
|
|
\item Tor turning off v2 in Oct 2021
|
|
\item Bitcoin recently enabled v3 support
|
|
\item Currently being ported to Hush
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{zaddr opsec}
|
|
\begin{center}
|
|
\includegraphics[scale=0.2]{spy-vs-spy}
|
|
\begin{itemize}
|
|
\item One zaddr per
|
|
\begin{itemize}
|
|
\item Exchange
|
|
\item Mining Pool
|
|
\item Online Seller
|
|
\end{itemize}
|
|
\item When in doubt: new zaddr
|
|
\item Don't post publicly
|
|
\item Only senders need to know a zaddr
|
|
\item What about donation zaddrs?
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Donation zaddr opsec}
|
|
This mitigates attacks from those that know your zaddr
|
|
and require your wallet online to be attacked.
|
|
\begin{center}
|
|
\begin{itemize}
|
|
\item Create a brand new wallet
|
|
\begin{itemize}
|
|
\item SDP is best (most isolated)
|
|
\item Or SD, then SDL
|
|
\end{itemize}
|
|
\item Keep donation zaddr offline!
|
|
\item Make viewkey if desired
|
|
\item Only put wallet online to spend
|
|
\item NEVER use a public donation address for anything else
|
|
\item BIP47 $\Longrightarrow$ HIP47 will greatly improve this
|
|
\end{itemize}
|
|
\end{center}
|
|
Or just \#yolo
|
|
}
|
|
|
|
|
|
\frame{
|
|
\frametitle{Erebus Attack Prevention}
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{hush-txs.png}
|
|
\begin{itemize}
|
|
\item Hush filters peers by ASN
|
|
\item Bitcoin uses Class B (/16)
|
|
\item 65000 vs 7.4M buckets
|
|
\item SilentDragon Peers Tab shows ASN
|
|
\item Shodan integration
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Privacy: Consensus Layer}
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{optional-zcash-privacy-stolen-frame}
|
|
|
|
After 4 years...
|
|
\begin{itemize}
|
|
\item Zcash (optional) - 6\%
|
|
\item Hush (4 months after z2z) - 41\%
|
|
\end{itemize}
|
|
\end{center}
|
|
Zcash (ZEC) mainnet is a privacy disaster.
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Privacy: Consensus Layer}
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.25]{optional-zcash-privacy-butterfly}
|
|
\end{center}
|
|
Zcash optimizes for profit, not privacy.
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Privacy: Consensus Layer}
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.25]{zcash-sarah-connor}
|
|
\end{center}
|
|
Multiple Analysis companies now support Zcash!
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Hush Smart Chain (HSC)}
|
|
Spin up a Hush-like network in 1 command
|
|
\begin{center}
|
|
hush.is/hsc-creator
|
|
|
|
\includegraphics[scale=0.15]{hsc-creator}
|
|
\end{center}
|
|
Web interface to guide creation
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Use Cases}
|
|
|
|
\begin{center}
|
|
\begin{itemize}
|
|
\item Lawyer-client secure chat
|
|
\begin{itemize}
|
|
\item Enforced at protocol layer!
|
|
\item Dedicated HW as needed
|
|
\end{itemize}
|
|
\item Censored Journalist
|
|
\begin{itemize}
|
|
\item Encrypted data can be published
|
|
\item At a time determined later, or never
|
|
\end{itemize}
|
|
\item Will + Testament
|
|
\begin{itemize}
|
|
\item Encrypted Worldwide backup
|
|
\item Cryptographic proof
|
|
\end{itemize}
|
|
\item International Diplomacy
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Use Cases}
|
|
International Diplomacy Requires Privacy
|
|
|
|
\begin{center}
|
|
\begin{itemize}
|
|
\item China
|
|
\begin{itemize}
|
|
\item Create their own HSC, requires National ID, biometrics + VPN
|
|
\item For foreign diplomats outside of China
|
|
\end{itemize}
|
|
\item Russia
|
|
\begin{itemize}
|
|
\item Create completely isolated chain for internal usage only
|
|
\item Requires being in secured physical locations
|
|
\item Can cryptographically prove who-did-what-when
|
|
\end{itemize}
|
|
\item USA
|
|
\begin{itemize}
|
|
\item Studies attacks on HUSH mainnet in a Faraday Cage Under A Mountain
|
|
\item So it can be used effictively, in the field, like Tor
|
|
\item Or attack it, if they need the lulz
|
|
\end{itemize}
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
\frame{
|
|
\frametitle{Use Cases}
|
|
International Diplomacy Requires Privacy
|
|
|
|
\begin{center}
|
|
\begin{itemize}
|
|
\item Singapore
|
|
\begin{itemize}
|
|
\item US+Russia+China decide to do cyberattack against SG
|
|
\item Most of the internet goes malicious
|
|
\item Tor+Hush allows SG diplomats to communicate with UN
|
|
\item They can provide cryptographic proof of data
|
|
\item UN could be a hub of diplomatic privacy
|
|
\item DPoW protects things from being erased from history books
|
|
\end{itemize}
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Hush Finds Exploits and Bugs Constantly}
|
|
|
|
If we make fun of your favorite things, it's probably
|
|
because it's trivial to exploit or has no privacy.
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.19]{you-got-a-bug-problem-maam}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Hush Finds Exploits and Bugs Constantly}
|
|
|
|
\begin{center}
|
|
\begin{itemize}
|
|
\item "Attacking Zcash Protocol For Fun And Profit"
|
|
\item attackingzcash.com
|
|
\item CVE-2019-11636 (Sapling Woodchipper)
|
|
\item CVE-2019-16930 (PING/REJECT)
|
|
\begin{itemize}
|
|
\item Discovered by Dan Boneh (Stanford)
|
|
\item Reported privately to Zcash
|
|
\item Zcash published weird emergency patch
|
|
\item Zcash had no explanation or binaries
|
|
\item I reverse engineered from code
|
|
\item It was trying to be hidden
|
|
\item Zcash CEO/CTO/CSO blocked me on Twitter
|
|
\end{itemize}
|
|
\item CVE-2021-????? (OPIP)
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{SilentDragon: SD}
|
|
\begin{center}
|
|
|
|
hush.is/sd
|
|
|
|
\includegraphics[scale=0.12]{sd-peers-tab}
|
|
|
|
\begin{itemize}
|
|
\item Full Node GUI Wallet
|
|
\item Downloads gigabytes of data
|
|
\item Highest privacy
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{SilentDragonLite: SDL}
|
|
\begin{center}
|
|
hush.is/sdl
|
|
|
|
\includegraphics[scale=0.3]{sdl-hushchat}
|
|
|
|
\begin{itemize}
|
|
\item GUI Lite Wallet
|
|
\item HushChat GUI
|
|
\item Encrypted wallet on disk
|
|
\item Downloads megabytes of data
|
|
\item Easiest for users
|
|
\item Relies on external servers!
|
|
\item Communities encouraged to run servers
|
|
\end{itemize}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{SilentDragonPaper: SDP}
|
|
\begin{center}
|
|
hush.is/sdp
|
|
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
\includegraphics[scale=0.18]{sdp}
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
\begin{itemize}
|
|
\item GUI Paper Wallet
|
|
\item Generate addresses offline
|
|
\item Print out QR code backups
|
|
\item No bandwidth required
|
|
\item Cold wallets
|
|
\end{itemize}
|
|
\end{column}
|
|
\end{columns}
|
|
|
|
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{SilentDragonAndroid: SDA}
|
|
\begin{center}
|
|
hush.is/sda
|
|
\begin{columns}
|
|
\begin{column}{4cm}
|
|
\includegraphics[scale=0.1]{SDA}
|
|
\end{column}
|
|
\begin{column}{6cm}
|
|
\begin{itemize}
|
|
\item Android Wallet
|
|
\item Pairs to SD or SDL
|
|
\item "Lite mode" Coming Soon
|
|
\item Like a mobile SDL
|
|
\item On Google Play
|
|
\end{itemize}
|
|
|
|
\end{column}
|
|
\end{columns}
|
|
|
|
\end{center}
|
|
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Invest In Privacy}
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.12]{slaps-roof}
|
|
\begin{itemize}
|
|
\item HUSH is a Store-of-Privacy. You can purchase privacy now
|
|
and save it for use in the future, when privacy is more costly.
|
|
|
|
\item Monero and Zcash are over 1000x times more expensive than HUSH, but provide
|
|
drastically inferior privacy!
|
|
|
|
\item Zcash is funded by Surveillance Valley investors.
|
|
|
|
\item Monero (XMR) has over 90\% of total supply mined already while HUSH has about
|
|
50\% mined. HUSH is a fairer emission schedule.
|
|
|
|
\item Same emission as BTC: halvings every 4 years
|
|
\end{itemize}
|
|
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{How To Get Some HUSH?}
|
|
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{carlos-matos}
|
|
\end{center}
|
|
|
|
From most privacy to least privacy.
|
|
|
|
\begin{itemize}
|
|
\item Join our community, do work, get paid in HUSH
|
|
\item Purchase on Decentralized Exchange (DEX)
|
|
\item Solo Mine HUSH via ASICs
|
|
\item Solo Mine HUSH via renting hashrate
|
|
\item Pool Mine HUSH via ASICs
|
|
\item Pool Mine HUSH via renting hashrate
|
|
\item Purchase on Centralized Exchange (dicey)
|
|
\end{itemize}
|
|
|
|
hush.is/yt - Mine directly to your own wallet
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{HushDEX}
|
|
|
|
Decentralized Privacy Coin Exchange (DEX)
|
|
|
|
\includegraphics[scale=0.4]{what}
|
|
\begin{itemize}
|
|
\item Private Cross-Chain Swaps
|
|
\item First pair: HUSH <> XMR
|
|
\item Non-custodial
|
|
\item Alices + Bobs
|
|
\item Decentralized Application (dapp)
|
|
\end{itemize}
|
|
|
|
Coming Soon - trade.hush.is
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{How It's Going}
|
|
\begin{center}
|
|
\includegraphics[scale=0.28]{how-hush-started}
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Suspended From Github}
|
|
\begin{center}
|
|
Stop Using Github
|
|
|
|
\includegraphics[scale=0.3]{github-suspended}
|
|
|
|
Github=Microsoft
|
|
|
|
A Censorship and Surveillance Platform
|
|
\end{center}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Join The Hush Community}
|
|
Most types of Hackers and Cypherpunks welcome
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
\includegraphics[scale=0.15]{types-of-hackers}
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
\begin{itemize}
|
|
\item We already abandoned Slack+Discord
|
|
\item Official Telegrams
|
|
\item English: hush.is/tg
|
|
\item Russian: hush.is/tgru
|
|
\item Chinese: hush.is/tgzh
|
|
\item Spanish: hush.is/tges
|
|
\item \includegraphics[scale=0.20]{tg-qr}
|
|
\end{itemize}
|
|
\end{column}
|
|
\end{columns}
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Join The Hush Community}
|
|
|
|
\begin{center}
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
\includegraphics[scale=1.00]{hush-mask}
|
|
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
|
|
\includegraphics[scale=0.25]{hush-puppy-mask}
|
|
|
|
\end{column}
|
|
\end{columns}
|
|
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
\begin{center}
|
|
\includegraphics[scale=0.20]{buy-hush-mask-qr}
|
|
|
|
shoppinwithjoe.com
|
|
\end{center}
|
|
|
|
\end{column}
|
|
\begin{column}{6cm}
|
|
|
|
\begin{itemize}
|
|
\item Currently \$25 USD
|
|
\item Limited Promotion:
|
|
\item Show receipt $\rightarrow$ 5 HUSH
|
|
\item 50000 HushChat encrypted messages
|
|
\end{itemize}
|
|
|
|
\end{column}
|
|
\end{columns}
|
|
|
|
|
|
|
|
\end{center}
|
|
|
|
}
|
|
|
|
\frame{
|
|
\frametitle{Join The Hush Community}
|
|
If you know about this stuff $\Longrightarrow$ earn HUSH
|
|
|
|
\begin{columns}
|
|
\begin{column}{5cm}
|
|
\includegraphics[scale=0.35]{console-cowboys}
|
|
|
|
git.hush.is
|
|
|
|
In Zdust We Trust!
|
|
|
|
QED
|
|
\end{column}
|
|
\begin{column}{5cm}
|
|
\begin{itemize}
|
|
\item Linux/BSD servers
|
|
\item C/C++
|
|
\item Rust
|
|
\item Docker
|
|
\item QT5
|
|
\item Android/Kotlin
|
|
\item Tor/i2p/Mix networks
|
|
\end{itemize}
|
|
\includegraphics[scale=0.20]{tg-qr}
|
|
\end{column}
|
|
\end{columns}
|
|
}
|
|
|
|
\end{document}
|
|
|