Presented at the ISACA One-Day Conference
December 4, 2017
I am a lawyer
But I'm not your lawyer
If this were legal advise, it would be followed by a bill
A blockchain is a decentralized list of records (called blocks), which are linked and secured using cryptography (to form a chain).
Cryptocurrencies like Bitcoin
E-Commerce (both B2B and B2C)
e.g. Delaware SB 69 allows companies:
...to use cryptocurrencies in e-commerce
...to use blockchains for, e.g., a general ledger
...shares of company stock to be sold/recorded on a blockchain.
No Bank Delays
The integrity of the blockchain
The transactions on the blockchain
The procedures that use the blockchain
Blockchains record transactions, not balances.
Someone wants to send bitcoin to someone else
Both the sender and the receiver have a respective address
An address could look like: 1L75eRMgeCwAxEjD1oWXjLgud9jxwxm34u
You can look at an address online at a site like https://blockchain.info
The answer is cryptographic keys
typically held in a wallet
So someone with access to the balance at
wants to send money to someone else who has an address at
If you don't want to send all of your bitcoin, then you need a change address
... like 1DFMzaJWsGCGCTwbeM4Kw4LxHsMnuodqqN
of which you control with a cryptographic key
1L75eRMgeCwAxEjD1oWXjLgud9jxwxm34u (0 Btc)
1N6syVXHuQ7h6nikuQADi1MBXX2thdBRv (0.5 Btc)
1DFMzaJWsGCGCTwbeM4Kw4LxHsMnuodqqN (0.4998 Btc)
Note: Usually each change address is new/unique which complicates tracking.
Ultimately, the transaction has three pieces:
There is software that simplifies the review of a transaction
That software is called a Block Explorer
There are lots of block explorers
An example of a block explorers is etherchain.org
Notez Bien! Some of the block explorers give more information than others... but anything more than what was in the core statement is guesswork.
This part is pretty straightforward, traditional auditing.
Who can add a transaction to the blockchain.
How transaction statements are sent or received to the blockchain.