Day 1 Introduction to Blockchains
- Distributed Systems
- Overlay Networks and Peer-to-peer Systems
- Security and Trust
- Principles of Blockchains
- Blockchain Operations
- Blockchain Eras and Application Domains
- Consensus Mechanisms
- Blockchains and Quantum Security
- Electronic Payment Systems
- Bitcoins
Part I: Introduction and Background
1 Distributed Systems
Increasing numer of computers + internet users + distributed applications
Embracing needs are increasingly Complex, Larger Scale, Application specific
Distributed systems : A collectioon of independent computers that appears to its users as a single coherent system. Hardware : All machines are fully automomous. Software : Users think they deal with a single system
Selected Key consequences : Concurrency, No global clock, independent failures
Examples : Telephony, Client server communication, internet, Automation networks, cloud computing, blockchains
example of peer to peer :
Characteristics of distributed systems
Transparency
- Single view of the systems
- Hide numerous details
Heterogeneity
- Networks
- Computers (HW)
- Operating systems (SW)
- Programming languages
- Developers
Failure Handling
- Detecting
- Masking
- Tolerating
- Redundancy
- Recovery
Openess
- Extensibility
- Publication of interfaces
Scalability
- Controlling the cost of resources
- Controlling the performance
- Preventing resources from running out
- Avoiding performance bottlenecks
Security
- Secrecy, privacy, integrity
- Confidentiality
- Authentication, authorization
- Non-repudiation
2 Overlay Networks and Peer-to-peer Systems
Overlay network : a computer network built on the top of any other network, today, typically on top of the internet. Nodes in the ON are connected by virtual or logical links.
P2P systems : Composed out of direct connections between peers
Peers have all the same capabilities (ability to act in any role, clients and servers) : clear difference to client-server systems
Peer-to-Peer (P2P) system is „a self-organizing system of equal [which] aims for the shared usage of distributed resources in a networked environment avoiding central services.“ No dedicated server is involved
Key Characteristics of P2P systems :
- Equality : All peers are equal
- Decentralization : no centralized services
- Self organization : No coordination from outside
- Shared resources: Peers use resources provided by other peers
- Direct interaction: Peers communicate directly with other peers
Desirable properties of an ON/P2P
- High fault-tolerance (connection prob..)
- Wide heterogeneity (mobile, gaming pc..)
- Acceptable fairness (each peer should have a similar workload)
- good scalability (workload proportiona to # peers, no limit ideally)
- Typically the underlay is the internet (IP based)
- ON is determined by informal “rules and regulations”
- Using its own addressing scheme
- Applying its own high level communication protocol for peers
- Limited to participating peers following the overlay rules
- Runs within a given P2P system exploiting its functionality
3. Security and Trust
Vulnerability : A quality or characteristic of a system that provides an
opportunity for misuse
Threat : Any potentially malicious or otherwise occurrence that can
have an undesirable effect on assets and resources of an IT
system.
Risk : Threat X Vulnerabilities OR Likelihood X Impact
Security defines a process of risk management supported by a set of suitable (technical, economic, behavioral) measures!
- Organizational Security (OS): trusted Third party, certification authority
- Technical security (TS) : Security services, mechanisms, algorithms
- User Behavior (UB) : Passwords, internal and external attacks
- Information Security/Information System Security (IS) : Effect on content procedures or the system
- Passive attacks : Eavesdropping, Analysis of traffic flows
- Active attack : Spoofing, replaying delaying messages, Denial of service, man in the middle..
Major 7 Security pillars
- Authentication : ensure that partners involved in communications can prove that the peer is who it claims to be
- Authorization : Authorization ensures that a partner with a known ID is enabled to utilize a service
- Integrity : Integrity provides protection against the modification of a message along a transmission path
- Privacy : Privacy defines the degree of publication of personal information and data
- Confidentiality : Confidentiality protects transmitted data against eavesdroppers in a communication channel ensuring that only an authorized received can interpret the message received
- Non repudiation: Non-repudiation provides that neither the sender nor the receiver can deny that a communication has taken place.
- Anti-replay protection : Anti-replay protection protects a receiver from the duplicated reception of a previously obtained and already authenticated message
Additional aspects :
- System security : entire system has to be protected by means
- Anonymity : condition in which a person’s true identity is not known
- Pseudonymity : condition in which a person has take an assumed identity
- Auditing : process to collect unforged events and facts
- Identity : characteristics by which an object/human is recognizable or known
- Identity Management
- Trust and Trusted Third Party (TTP) : two arbitrary parties trust a third one
Cryptography :
Symmetric cryptography :
Entities own a shared, secred key
Advantages :
- Small overhead/calculation
- Short keys
Drawbacks :
- Key exchange complicated
- No Commitment
Asymmetric cryptography :
key pair of private/public parts
Advantages:
- Public keys easy to publish
- Commitment possible (CA)
Drawbacks:
- Longer keys
- Larger overhead/calculation
Encryption defines a function ƒ, mapping plain text to cipher text; decryption defines the inverse of ƒ.
f requires 5 properties :
- ƒ is one-to-one (uniquely invertible)
- ƒ is easy to compute (encryption easy)
- ƒ-1 is difficult to compute (decryption difficult for senders)
- ƒ has a domain that is easy to sample from (Bob easily generates a key)
- Existence of an easy-to-compute function d of the input of ƒ making computing ƒ-1 easy (Bob decrypts easily)
example trapdoor function
f is the basis for the RSA Cryptosystem
- (e, pq) public encryption key (“public key”)
- (p, q, d) secret decryption key (“secret key”)
- Alice generates a private/public key pair once (re-use later)
- Alice encrypts / signs message with her private key
- Bob decrypts this message with Alice’s public key
From Coursera course :
The idea of encrypting something twices is : first you encrypt with the other person’s public key so only they can decrypt the message, and then with your own private key, so they know that you were legitimately the sender because they know your public key and your message encrypted with you private key can only be decoded with the public key. Hop you guarantee the origin of the message and you guarantee that only the receiver can decrypt it with his private key.
Basic Elliptic Curve Cryptography (ECC) :
Hash Functions and Hashes
Message Digest Code, MDC
Message M (arbitrarily long) -> Hash H(M), One-way feature, efficient generation, very low collision possibility : SHA-256
Message Authentication code, MAC
Message M, key K -> Hash (M,K), may be constructed out of MDC, HMAC-SH-256. Cryptographic strength of underlying hash function depending on size of its hash output, size and quality of key
Merkle (or hash) tree
- Every leaf node is labeled with the hash of a data block and
- Every non-leaf node is labeled with the cryptographic hash of the labels of its child nodes.
- Top of a tree there is a root hash
Characteristics
- Efficient and secure verification content of large data
- For binary hash trees: computing hashes is proportional to the logarithm of the number of leaf nodes of the tree
- Usually cryptographic hash functions used (e.g., SHA-256)
Zero Knowledge Proofs (ZKP) :
A ZKP is a method by which one party (the prover) can prove to another party (the verifier) that they know a value x, without conveying any information apart from the fact that they know the value x (as of 2013).
Nonce : Arbitrary number that can be used just once in a cryptographic communication. Often a random or pseudo-random number issued in an
authentication protocol to ensure that old communications cannot be reused in replay attacks
Example : Salt: : random data that is used as an additional input to a one-way function hashing data (password or passphrase)
Trust : Trust is the firm belief in the reliability (character, strength), truth, or ability of someone or something
In Information Security: Computational trust is the generation of trusted authorities, trusted protocols, or user trust through cryptography
Key trust facets :
- Initial level of trust needed as an incentive to participate
- Theoretical aspects of trust and its quantification
- Relationship between security and trust
- Significance of trust in distributed network security
Part II: Blockchain Basics
4. Principles of Blockchains
Digitization of Society
ACID principle : Atomicity, Consistency, Isolation, Durability
Distributed Ledgers
Can data be stored fully decentralized and handled reliably between non-trusted stakeholders?
- Unstructured/structured data stored across the world by anyone
- Access control by “all” w/o a central root
- No central point, redundant copies, non-trusted participants,
and detectable misuse
-> Distributed (Shared) Ledger (DL)
DL defines a “consensus” on replicated, shared, and synchronized digital data (blocks), geographically spread across many sites on earth. very node participating may hold a copy of the full DL
Key Idea: “Replacing” (Central) Databases
Distributed Ledgers replace clients’ access-protected writes to an authoritative database via validation rules by a distributed consensus of decentralized validators
[Distributed Ledgers (DL) or] Blockchains (BC) : digital records of who-owns-what w/o a central storage
Consensus Mechanism (CM) ensures that each node‘s copy of the ledger is identical to every other node’s copy
Write access to BCs by miners or validators (with data from any asset owner) for transactions via CM and cryptographic signatures, read access at no “costs”
Key advantages of (public) BCs
Immutable, traceable, and preventing “double spending”
A digital asset = an electronic representation, e.g., file
- Inherently bears the exclusive right of use of this file
A token (digital token) = digital asset
- Issued by a stakeholder, giving right to participate within that network of stakeholders
- It may allow for “payments” inside that network
A coin (digital coin) = electronic representation of value
- Specifically designed to represent digital “money” within a network of stakeholders, typically the BC, and beyond
- Counterfeiting and double-spending prevented by cryptography
One can buy a token with a coin, but generally not a coin with a token.
Token Types :
Utility tokens provide access digitally to an application or service by means of a blockchain
Asset tokens represent assets such as (a) a debt or (b) an equity claim on the issuer ( E.g., they promise a share in future company earnings or future capital flows – analog to equities, bonds, or derivatives)
Payment tokens : are used (a) as a means of payment for acquiring goods or services or (b) as a means of money or value transfer – Synonymous to “cryptocurrencies”
DL/BC Types and Terminology – Simplified
Private permissioned : Read/write/consensus restricted to authorized nodes (pre-defined stakeholders) – Enterprise-grade DL
Private permissionless : Write/consensus restricted to authorized nodes (pre-defined stakeholders) – Read partially open – Consortium grade DL
Public permissioned : Write / consensus restricted to authorized nodes (pre-defined stakeholders) – Read open to everyone – Controlled collaborative DL
Public permissionless : Read/write/consensus open to everyone – No restrictions and full transparency – Public BC, THE BC the real and only blockchain
5. Blockchain Operations
Blockchain ingredients :
- Public key cryptography and hashes : Asymmetric approach for arbitrary users. Ensures validation and authentication.
- Internet : Networked infrastructure for everyone, Distributed system with arbitrary users and devices (nodes)
- Incentives : Supporting rewards for participants tasks performed within an overlay network by a protocol enabling communications : ensures participation
Cryptography
A hash function takes a block of data and produces effectively a random fixed size integer, e.g. 256 bit, any change to the input randomized the output
Merkle tree links pairs of hashes hierarchically up to the root, any leaf change changes all hashes based on that (incl the root)
Signatures :
Transactions collected in blocks -> New blocks created regularly
A block contains a hash of and a pointer to the previous block
Consensus mechanism required to determine the block to be integrated into this blockchain. e.g. solved crypto puzzles (PoW)
Creation of valid blocks performed by anyone (incentive). Solving crypto puzzles = confirmation of blocks = Mining. Computationally expensive -> Avoids double spending
Blockchains are a backward-ordered, linear list of blocks. Chain start with genesis block to which others are back-linked
Blocks contain (at least) :
- Transaction (tx) data (content, payload)
- Pointer to and a hash of the previous block
- Cryptographically hashed value of crypto puzzle (result of PoW)
- Time stamp
BC’s structural and technical characteristics :
Chain may show side chains, but only one valid branch finally – Chronological order guaranteed by previous blocks’s hashes
A BC network is organized as a peer to peer network
Transactions :
- Data structure encoding the transfer of “value” from a source (input) to a destination (output).
- Structures are typically not related to accounts or identities. Chunk of value locked with a specific secret known by the owner
Balance is calculated by total of unspent outputs
Account maintained by a global state, similar to a debit card, each transaction modifies the state of accounts, balance should be larger or equal than spending amount
Overall operations consists out of 4 steps (in principle) :
- User A wants to pay user B the amount of 1 BTC (bitcoin). This intent is broadcasted as a transaction via the P2P protocol into the BC network
- Any miner interested, adds this transaction to his/her respective current block
- One of the miners wins a lottery and mines the block. That miner solves the crypto puzzle first, such a block may contain multiple transactions and is mined in well-defined periods of time
- The definitive block – including the transactions and the new hash – is broadcasted to the BC network again as well and added to everyones BC copy
Once a set of transactions becomes available, a block is created by utilizing the following data
- Transaction(s)
- Hash of previous block
- Nonce (arbitrary number, used only once)
- Other information (depending on the BC)
The hash of new block is calculated meeting the “target” :Target hash is a number (absolute value) that a hashed block header must be less than or equal to in order for a new block to be awarded. used to determine “difficulty” and adjusted to ensure that blocks are processes in time.
Once the hash was computed, the hash is broadcast to the BC network and checks are performed
Accepted blocks require the miners to solve a crypto puzzle (PoW): hash
- Difficult to produce (time-consuming, energy), but easy to verify
- Validity is ensured by checking if a block’s hash value is less than “current target”
Since each block contains the preceding block’s hash, a sequence of
those determines a larger amount of work
Changing any block would require the regeneration of all successors and
redoing the work on the data they contain
The PoW (hash, result of the crypto puzzle) is validated by other members
of the BC network by confirming the new hash before adding the block to
their local copy, at 51% of the network hashing power’ ok, the block is
“definitive”
Mining (Process) : The process of BC members trying to solve the crypto puzzle and adding the respective new block onto the BC
Miners : Those BC members, who run machines to solve crypto puzzles, Their reward in case of a successful inclusion are tokens of BC
Checks : Verification of hashes broadcast to the BC network
Target Value and Adaptation Algorithm
- Mining is rewarded → Likely more miners join : Higher processing capacity increases likelihood on finding hash earlier
- Block creation rate in-, average mining time decreases : To maintain the ideal goal of 10 min mining per block: change difficulty, which effects the “target value”
- BC network decreases target value to increase difficulty : Decreasing target values increases difficulty to find the hash
- Block creation rate decreases and average mining time increases again : System stabilizes itself again, and continue as of above
Consensus: Hash-based Proof-of-Work
Key: One cannot compute an input from an output
To find a hash with N zeros at input start, requires 2*N computations, which proves computational work performed – Hashing an incrementing “nonce” as hash input, leads to zeros
The “chain race” (probability theory)
Difficulty : Measure of how difficult it is to find a new block compared to
the easiest it can ever be. Recalculated every 2016 blocks in the BTC BC such that the last 2016 blocks would have been calculated within two weeks. On average one block is mined every 10 minutes
Consensus : State reached where the majority of members of the same
P2P network agrees on the same mining output (51% agree). This state of the consensus is secure and tamper-resistant, immutable with respect to the blocks. Respective block data is persisted to the BC network’s nodes
Communications – The Flood Protocol
Temporary BC splits possible :
- 2 miners arrive at 2 different, but valid hashes at the same time
- P2P network resolves that split in short time to 1 valid branch
- Clients only accept “longest chain of blocks” as valid (pruning)
- Length is determined by the most combined difficulty, not #blocks
As soon as block gets “solved” as valid, every miner in the BC network must stop the current mining process on that block and can start with the next one
Segregated Witness (SegWit)
BC protocol “upgrade” to provide interception protection on transaction malleability and increase block capacity : SegWit separates witness from the list of inputs. Witness contains data required to check a transaction validity, but is not required to determine tx effects. Weight parameter defined. SegWit was the protocol change needed to make the lightning Network safe to deploy on the Bitcoin network
Blockchain‘s Immutability Exploited
Time stamping proves existence, integrity, and creation/exchange of digital assets
Transaction (tx/Tx) Fees
Mining and consensus finding require resources
Generally, tx fees are part of the tx
- Compensation for miner to mine
- Tx Fees are collected by that miner
- Tx Fees are set by the BTC’s market forces
Tx fees incentivize a miner to include a tx into a block -> high fees : early selection, low fees : delayed selection. No requirements for tx fees but mining may be delayed “forever”
Tx fees are countermeasures against “spam”
Tx fees are typically calculated by the size of the tx (in Byte)
Blockchain Transaction Types
On-chain tx :
- Available on the blockchain visible to all nodes on the BC
- Tx valid when a communicated that tx across the network
- Tx times may vary depending on the network load or tx queued
Off-chain tx
- Value resides outside of the blockchain
- Tx executed instantly
On-chain tx with off-chain storage of data
- The same is valid as for on-chain tx
- Additionally, the tx does not contain the full data, but only a hash of the data, which is stored off-chain
- Reduces storage size of BC for many tx or large volume
Blockchain adresses :
Transactions on a blockchain require the knowledge of the blockchain address of the sender and recipient : Address as 27-34 digit code consists of letters and numbers. Generated by the wallet, where public-private key pairs are stored, from public key via cryptographic hash function (“finger print”)
Note : A public key IS NOT the same as a bitcoin adress, but is derived from a key with a one-way hash function
Base58 encoding : Text-based binary-encoding format, using upper- and lowercase letters, but omitting “0” and “O”, “l” and “I”, and “\”, “/”, and “+”
Base58Check encoding : Adds 4 Byte checksum (error-checking over encoded data) to the address
Off-chain Signaling of Addresses
- Problem: BCs typically show limited storage capacity
- Solution : Digital representation of a file (“hash reference” != “PoW
result”) is stored on-chain and the file itself is stored off-chain - Practice : Peer-to-peer network stores and shares hypermedia (e.g.,
graphics, audio, video, plain text) in a distributed file system
Wallets :
Container for private keys :
- Structured files, databases
- Wallets contain keys (as keychains of private/public keypairs) not coins (which are stored on the BC as tx outputs), thus, keys prove the ownership of a coin!
Wallet types :
- Non-deterministic (random): just a collection (hard to maintain)
- Deterministic (seeded): keys derived from a common seed (random number plus index) via hash-functions
- Hierarchical deterministic (HD) – BIP0032/BIP0044 standard – with keys
in a tree structure: parent > children > grandchildren - Paper: character strings, 2D codes, BIP0038 encrypted print
Smart Contracts
A Smart Contract (SC) may reside inside transactions. Executed and validated on every node upon persisting that block. For Bitcoins SCs specify how to withdraw, escrow, refund or transfer BTC from A to B
Smart contracts alone are not smart
- They need an infrastructure (technology)
- A blockchain forms the ideal, distributed basis for SCs
SCs can be exchanged
- This is the code or program to be executed
- Programs and APIs on the BC
- This, SC are programs that encode conditions and outcomes
Part III: Blockchain Basics (2)
Blockchain 1.0 : Digital Currency or Cryptocurrencies
Blockchain 2.0 : Smart Contracts
Blockchain 3.0 : Decentralized Applications (DApps)
Blockchain 4.0 : Ecosystem and Industry Integration
4 different BC eras are running in parallel today
Cryptocurrencies and digital finance sector is still dominant
However, dApps represents the major number of projects
Current Application Domains
Different BC Eras present different requirements :
- Performance : transactions per second, latency
- Reliability : number of nodes
- Security : trade offs between confidentiality and transparency
As a consequence, different consensus mechanisms were necessary with the BC and DL development. Byzantine Fault Tolerance (BFT) could not deliver on all demands, election-based ones (PoW and PoS) appeared.
The 4 key characteristics :
- Uniform agreement: No two nodes decide differently
- Integrity: No node decides twice
- Validity: If a node decides on value v, then v was proposed by
some node - Termination: Every node that does not crash eventually decides
on some value
There are many aspects a consensus mechanism has to address:
- How many of the non-failing nodes are entitled to vote? -> How to decide who is entitled to vote?
- How to ensure a decision in a deterministic manner? -> How fast until a decision is reached?
Byzantine Fault Tolerance (BFT)
Described as the capacity of a system to handle or survive unreliable situations and (all kinds of) failures
Practical BFT (PBFT): assume a small fraction of nodes as Byzantines (dishonest)
- A client sends a request to invoke a service
- The primary leader multicasts the requests to the replicas
- Replicas execute the request and send a reply to the client
- The client wats for F+replies from different replicas with the
same result
delegated BFT (dBFT)
- Nodes in the network elect a group of consensus nodes (e.g., CoZ)
- Leader/speaker randomly chosen from consensus nodes, remainders are delegates
- Leader/speaker creates new block, needs to be positively checked by 2/3 of all delegates
- If 2/3 agree, block is added to the chain
- Countermeasures for dishonest leader/speakers or delegates
Elected Leader Models
Probabilistic elected leader in a :
- Lottery like
- Competition
- Probabilistic algorithm
Proof-of-Work (PoW)
- Set of transactions becomes available, block is created, by utilizing the following data : Transactions, hash of previous block, Nonce, other informations
- Hash of new block is calculated
- Checking performed once hash was computed
Ethereum PoW – Ethash
Also based on partial hash collision (target hash)
– Works as a memory-bound cryptographic sponge
– Requires heavy fetching of data on the DAG (RAM intensive process)
Proof-of-Stake – PoS
Blocks are “mined” according to the amount of “tokens” he or she holds (stake)
- The higher is the number of tokens (coins) at stake, the higher is the “mining power” (linear relation)
- Nodes receive block reward as inherent incentive
Nothing-at-stake problem : Creating forks is “costless”, when
someone is not burning an external resource (e.g., mining power)
PoS alone is “unworkable” and leads to misuse
PoS variant: DPoS: nodes can delegate their stakes
to a list of nodes
Proof-of-Authority (PoA)
PoA is a modified form of PoS, where instead of stake a validator’s identity performs the role of stake
Authorities (nodes) are allowed to create news blocks
- Clique (practical implementation) of PoA
- Requires N/2+1 (more than 50%) of signers to be honest
- Authorities sign new blocks in a Round-robin (RR) fashion
Proof-of-Burn (PoB)
- Mechanisms should proof that participants burned “coins”
- Sending them to a verifiably unspendable address
- This is expensive from each individual’s point of view
- But it consumes no resources other than burned asset
- Ultimate source of scarcity remains PoW-based cryptocurrency
Proof-of-Capacity (PoC)
- Also known as Proof-of-Space
- Miner has to proof a (free) storage capacity to be entitled to create
blocks - Miners has to stake their disk (hard-drive or SSD) capacity to create
blocks - Similar to PoS in this sense
Hybrid Consensus
Hybrid consensus models : using a single consensus results in limitations : combination of different consensus mechanisms
Hybrid sharding : System can be organized into shards (communities) : cross chain communcations
Comparison of Consensus Mechanisms
The Principle is to create computationally expensive problem. Security is based on existing asymmetric cryptography protocols and hashing schemes.
In practice Bitcoin and Ethereum uses :
- ECDSA to generate public keys
- SHA-256 (Bitcoin), Keccak (Ethereum)
Traditional vs. Quantum Computing
Contrasting the Performance Difference
QMP – Superposition
Two or more states can be combined (superposed) resulting in another valid quantum state
QMP – Entanglement
Pairs of Qubits (QB) can exist in a way that their quantum state cannot be described independently
• If the Schrödinger’s cat is dead-alive, then the cat is alive-dead.
Impacts on Asymmetric Cryptography
In theory, existing asymetric protocols would be broken
In practice, a quantum computer is infeasible to achieve a sufficient scale of Qubits as of today
In theory, selected existing protocols can survive quantum computers, i.e., they are quantum-resistant
A Quantum computer would always win the mining race based on existing output sizes of SHA-256 and Keccak
In practice, SHA-256 (SHA2) or Keccak (SHA3) would would resist by :
- Increasing the output hash size
- Raising the mining difficulty
Main quantum computing advantage : Greater Performance
- Superposition: Qubits store more values of 0’s and 1’s simultaneosly
- Entanglement: Scale exponentially as more Qubits are added (entangled)
- Result: quantum computers are exponentially faster than traditional computers
Main disadvantage : Lack of reliability
Decoherence: Qubits are extremely sensible to environment conditions ( vibrations or temperature changes), thus, they disturb superpositions
Quantum mechanics as of today are a theoretical threat
Existing asymmetric cryptography protocols are, in theory, broken
However, the entire Internet is based on AES, RSA, ECC : Unsafe Blockchains would not be the largest problem at all
In reality Large scale Quantum computers are still not reliable
Future : Theory is also advancing on post-quantum cryptography
Part IV: Cryptocurrencies (Technical Perspective)
Gap in the past: no transfer of money via the Internet
Electronic payment approaches : Means of running payments electronically over a network, such as the Internet or dedicated networks (IP-based)
Example (Systems): Electronic Fund Transfer (EFT), debit/ credit card, ecash, software wallets, smart cards, cryptocurrencies, Financial Electronic Data Interchange), interbank clearing (SWIFT)
Micropayment systems : Pre-pay, post-pay, pay-as-you-go (once per transaction)
Electronic Payments and Cryptocurrencies : Electronic money created solely by IT means
Formalized process (centralized or distributed) and software
exists, which :
• controls the cryptocurrency’s creation,
• enables and protects transactions, and
• may hide identities of its users
Advances in cryptography, compute performance, and BCs as an underlying distributed ledger enable fully decentralized electronic payment solutions
Cryptocurrencies :
A form of digital cash with general characteristics : Faster, cheaper, reliable than “paper/coin” issued currency
Main two alternatives for creation of coins:
- Issued by government(s) – centralized approach
- Issued in a fully distributed manner – modern cryptocurrency
General problems of cryptocurrencies
Countermeasures against distributed fraud and manipulation. Lack of trust, malicious transactions, double spending
Automated prevention mechanisms against fraud :
- Issuing of currency to be traceable & deterministic (algorithm)
- All transactions can be recorded in a decentralized manner
- All transactions can be verified, own and everyone’s else transactions
Blockchains, distributed ledgers or public records, provide the key basis for modern cryptocurrencies
- They do not require a Trusted Third Party (TTP) nor trust as such, neither banks or users → “trustless”
- Everyone can trace the money being sent, received, verified, and recorded
Cryptocurrencies can either be :
- Mined or
- Pre-created/burned
Initial Coin Offering (ICO) : Initial Coin Offering (ICO) is a means of crowd funding : Token sale: release of a new cryptocurrency, e.g., Ethereum
It can be done with today’s technologies! However :
Micro payments with today’s banking system not really feasible -> Solution: Use central service collection funds until threshold
Banking transactions are expensive (sending to Africa/India?) -> Solution: Increase threshold (e.g., low for SEPA, higher otherwise)
IBAN can change – if you change your bank -> Solution : keep IBANs in sync with users where possible
Alternatively, use of a blockchain-based approach
- Publicly, world-wide accessible via cryptocurrency
- ICOs offer a dedicated “payment system” alternative
- Create public/private key pair for pay ins
- Create an ICO backend/frontend
- Minting
- Consolidation
- Bitcoins are an experimental cryptocurrency (digital)
- 1st Bitcoin issued on January 3, 2009
- Smallest unit: 0.00000001 BTC = 1 satoshi
Key characteristics
- Maximum of 21 million BTC
- Every transaction broadcast to all peers
- Validation by proof-of-work
- Not relying on trust, but on strong cryptography
- Weak anonymity (pseudonymity)
- Bitcoin not controlled by a single entity
- Bitcoin address is an identifier of 26-35 alphanumeric characters, beginning with the number 1 , 3, or bc1
UTXO (Unspent Transaction Output) : Represents a chain of ownership as a chain of digital signatures where the owner signs a message transferring ownership of his UTXO to the receiver’s public key
wallet holds public-private keys (wallet.dat) :
- Public key, ECDSA 256 bit → Bitcoin address (receives BTC)
- Private key used for signing transactions
Private key authorizes the transaction (“access“)
- If keys are stolen, thief may use “your” coins
- If keys are lost, coins are lost
The Bitcoin blockchain avoids double spending by :
- Ensuing that transactions in blocks are confirmed
- Guessing value that results in number of zero bits is “hard”
- Chained PoW
Generation of coins
Mining/creating blocks : Every time 210,000 blocks are added to the blockchain, mining reward is halved to ensure a steady supply of bitcoins. As of May 17, 2020 reward is 6.25 BTC / block
Bitcoin Script : Non-Turing complete (e.g., no loops)
Reasonable anonymity with Bitcoin is complicated and perfect anonymity may be impossible
Bitcoin users should use a new address for each transaction to avoid the
transactions being linked to a common owner
Committed bloom filters and heuristics for improved wallet performance and Simplified Payment Verification (SPV) security
Bitcoin is also the name of the software : Sept 2, 2020: app. 297 GB
Bitcoin mining :
Dangerous, if someone has more than 51% computing power : can exclude and modify ordering of transactions
Mining Evolution
CPU (Central Processing Unit) = 100 M hashes/s
GPU (Graphics Processing Unit) = 1 G hashes/s
FPGA (Field Programmable Gate Arrays) = 10 G hashes/s
Application-specific Integrated Circuit (ASIC) Mining Farms = 1-10 T hashes/s
Bitcoin :
- 370,000 transactions per day
- 3 transactions per second
- 300,000 BTC traded
- 6 Billion US$
The difficulty is a measure of how difficult it is to find a hash below a given target (mine). Note: The difficulty is adjusted every 2016 blocks (every 2 weeks approximately) so that the average time between each block remains 10 minutes.
Bitcoin Advantages and Drawbacks
Advantages
- Low tx fees : 10-30 satoshis per Byte
- Scalable : Hardware/storage gets faster
- Anonymity : No privacy concers / datamining diofficult
- No major crashes
- Denctralized
- Other blockchain usage
Disadvantages
- Power consumption
- Not scalable (number of transactions)
- Can be used for illegal activities
- volatile exchange rate
- Central elements – 5 core developers
