Explains what the Blockchain is and how it works. Features slides about the Cryptography, P2P Networking, Blockchain Data Structure, Bitcoin Transactions, Proof of Work Algorithm (Mining) and Scripts.
3. Motivation for Bitcoin Creation
● The initial idea was to create decentralized secure, open,
self-regulated digital money
● What was invented became something much bigger
6. The Blockchain is…
Ledger
Date Description Credit Debit Balance
2/20/2011 Alice to Bob -$10 $90
2/20/2011 Bob from Alice +$10 $10
3/20/2011 Bob to Eve -$5 $5
16. Where are the balances?
● No balances
● Only transactions
● No user accounts
● Transactions are made
of Inputs and Outputs
● Transactions are
chained
● Coinbase transaction
generates initial coins
● Balance = Sum(UTXOs)
18. How to ensure the transactions order?
● Put transactions in Blocks
● Chain the blocks
● Order chronologically
● Immutability?
● Consensus?
19. How to reach consensus in the network?
● Mining
○ Only one version is accepted
○ Although forks exists
● Proof of Work
○ Hard computation
○ Такеs certain amount of time
○ Guarantees the immutability
28. Elliptic curve cryptography (ECC)
Explanation:
https://youtu.be/dCvB-mhkT0w
https://youtu.be/F3zzNa42-tQ
ECC Domain Parameters:
p - prime field (modulo)
a,b - curve parameters
G - generator point
n - ord(G) (n x G = 0)
h - cofactor of n
Private Key (k) = Random Number < n - 1
Public Key (K) = k ∗ G
K = 1E99423A4ED27608A15A2616A2B0E9E52CED330AC530EDCC32C8FFC6A526AEDD * G
K = (x, y)
x = F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A
y = 07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB
30. Security Risks
● Pool cracking - https://lbc.cryptoguru.org
● Quantum computers
● NSA backdoors in ECC?
● Solution: post quantum cryptography
○ NTRUEncrypt - based on the shortest vector problem in a lattice
○ More: https://en.wikipedia.org/wiki/Post-quantum_cryptography
34. Bitcoin Address
Version = 1 byte of 0 (zero); on the test network, this is 1 byte of 111
Key hash = Version concatenated with RIPEMD-160(SHA-256(Public Key))
Checksum = 1st 4 bytes of SHA-256(SHA-256(Key hash))
Bitcoin Address = Base58Encode(Key hash concatenated with Checksum)
14fxjE3qepjaYxiqs5WPtDx5y7vMQP81mW
Private Key (k) = Random Number < n - 1
Public Key (K) = k ∗ G
35. Wallets
● Keep private keys
● Types
○ Nondeterministic (Random) Wallets - collection of random private keys
○ Deterministic (Seeded) Wallets - private keys are derived from a common seed
○ Brain Wallet - derived from a word or phrase which one can remember
○ Mnemonic Words - word sequence to represent seed of a deterministic wallet
○ Hierarchical Deterministic Wallets (HD Wallet) - tree structure where new keys can be
generated from any child branch (public key) without revealing the private key
38. Node Types
● Reference Client (Bitcoin Core) - Wallet, Miner, Full Blockchain, Network Routing
● Full Blockchain Node - Full Blockchain, Network Routing
● Solo Miner - Miner, Full Blockchain, Network Routing
● Lightweight (SPV) wallet - Wallet, Network Routing
● Pool Protocol Servers - Connect the Bitcoin Network to other protocol
● Pool Mining Nodes - Miner, other protocol
39. Network Discovery
● DNS Seed
○ Servers returning known nodes
○ Hard-coded in the Bitcoin Core client
● Specify IP of known node
40. Protocol
● Connection
● Exchange addresses of peers
● Synchronize blocks and headers
● Relay transactions
● Heartbeat
https://en.bitcoin.it/wiki/Network
41. Messages
● version - Information about program version and block count. Exchanged when first connecting.
● verack - Sent in response to a version message to acknowledge that we are willing to connect.
● addr - List of one or more IP addresses and ports.
● inv - "I have these blocks/transactions: ..." Normally sent only when a new block or transaction is being relayed. This
is only a list, not the actual data.
● getdata - Request a single block or transaction by hash.
● getblocks - Request an inv of all blocks in a range.
● getheaders - Request a headers message containing all block headers in a range.
● tx - Send a transaction. This is sent only in response to a getdata request.
● block - Send a block. This is sent only in response to a getdata request.
● headers - Send up to 2,000 block headers. Non-generators can download the headers of blocks instead of entire
blocks.
● getaddr - Request an addr message containing a bunch of known-active peers (for bootstrapping).
● submitorder, checkorder, and reply - Used when performing an IP transaction.
● alert - Send a network alert.
● ping - Does nothing. Used to check that the connection is still online. A TCP error will occur if the connection has
died.
43. Block Structure
● Header is separated from the transactions
● Block size is limited (1 MB before SegWit)
● In SegWit < 4 MB = ~2 MB on average
44. Block Header
● Hash of the header is used as a block identifier
● hashPrevBlock links to the blockchain
● hashMerkleRoot guarantees transactions immutability
● Nonce is the solution of the hashcash puzzle
45. New Block Validation
● The block data structure is syntactically valid
● The block header hash is less than the target difficulty
(enforces the proof of work)
● The block timestamp is less than two hours in the future
(allowing for time errors)
● The block size is within acceptable limits
● The first transaction (and only the first) is a coinbase
generation transaction
● All transactions within the block are valid using the
transaction checklist
46. Block Types
● Blocks in the main branch - confirmed
● Blocks on side branches off the main branch - might
be confirmed but form shorter than the main chain
● Orphan blocks - blocks not linked to the main branch, due to
missing predecessor
55. Miners...
● Collect transactions
● Validate transactions
● Create new blocks
● Invest power and electricity
● Get rewards in a form of bitcoins
● Guarantee the blockchain
consensus
56. Generation (Coinbase) Transaction
● Creates coins from nothing
● Used to award the miner
● Has no input (coinbase)
● Outputs the fee to the miner’s address
● #0 Block is the Genesis Block
The Times 03/Jan/2009 Chancellor on brink of second bailout for banks
57. Transaction Fees
Transaction Fees = Sum(Inputs) - Sum(Outputs)
● Initial reward 50 BTC
● Halving every 210,000 blocks
● Total halvings allowed is 64
● Will be reached in
● Total supply is 21 million
● Current award 12.5 BTC
● Next halving ~June 2020
● Mining ends in ~2140
58. Transaction Priority
● Older coins have priority
● High Priority > 57,600,000
● First 50KiB in the block are reserved for high priority transactions
● High priority transaction can be included in a block even without any fees
Priority = Sum(ValueOfInput * InputAge) / TransactionSize
59. References
● Bitcoin Wiki, https://en.bitcoin.it/wiki/
● Mastering Bitcoin, Andreas M. Antonopoulos, O’Reilly Media
● Bitcoin.ORG, https://bitcoin.org