SlideShare una empresa de Scribd logo

Malleability and SegWit

Pandora Boxchain
Pandora Boxchain

How segregated witness aims to fix transaction malleability problem: a talk by Julian Konchunas from Pandora Boxchain Berlin meetup https://www.meetup.com/pandoraboxchain-berlin-meetup/events/253033999/

Tecnología
1 de 89
Descargar para leer sin conexión
Malleability and SegWit How segregated witness aims to fix transaction malleability problem Julian Konchunas Pandora Boxchain core developer konchunas@pandoraboxchain.ai
Motivation ● Our Prometheus protocol is based and inspired by Bitcoin. We take chunks of Bitcoin implementation and put them together ● As you may know Bitcoin was created 9 years ago and it has collected some amount of technical debt because it has faced several challenges throughout this years. ● One of such big challenges was so called transaction malleability, which recently have been fixed by Segregated Witness. Everybody heard of it, but not everybody knows how it works from a technical side. ● I will tell you about how it works as simple as I can, but understanding of how payments are done in Bitcoin would be good for you ● And also I will shed some light as how to fix this problem if you are going to create your Bitcoin-like blockchain from scratch.
Transactions and signing Malleability Witness From scratch Overview
Transactions and signing ● Simplified structure ● Transaction unlocking ● Signature forming Malleability Witness From scratch
Simplified transaction structure Transactions have fields Output Input
Simplified transaction structure How much bitcoins we want to send value Output Input 5
Simplified transaction structure Previous transaction hash where we should take these 5 bitcoins prev_output value Output Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5
Simplified transaction structure Proofs that you have the rights to use funds from previous transaction prev_output value Output Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 script_sig 6c9be328960c65b8dab9a50d98cda7...2aae86c937562c0c58e5962b8514301 5
Simplified transaction structure prev_output value Output script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 OP_DUP OP_HASH160 <pubkeyHash> OP_EQUALVERIFY Rules for unlocking this transaction bitcoins in future script_sig 6c9be328960c65b8dab9a50d98cda7...2aae86c937562c0c58e5962b8514301 5
Transactions and signing ● Simplified structure ● Transaction unlocking ● Signature forming Malleability Witness From scratch
Pay to public key hash (P2PKH) Locks transaction by script:script_pubkey
Pay to public key hash (P2PKH) OP_DUP OP_HASH160 <pubkeyHash> OP_EQUALVERIFY OP_CHECKSIG which says “allow to use these funds to owner of specific keys” Locks transaction by script:script_pubkey
Pay to public key hash (P2PKH) script_sig OP_DUP OP_HASH160 <pubkeyHash> OP_EQUALVERIFY OP_CHECKSIG which says “allow to use these funds to owner of specific keys” Locks transaction by script:script_pubkey Unlocks transaction
Pay to public key hash (P2PKH) And to prove that you have these keys you should provide: ● Signature ● Public key script_sig OP_DUP OP_HASH160 <pubkeyHash> OP_EQUALVERIFY OP_CHECKSIG which says “allow to use these funds to owner of specific keys” Locks transaction by script:script_pubkey Unlocks transaction
Transactions and signing ● Simplified structure ● Transaction unlocking ● Signature forming Malleability Witness From scratch
Take transaction fields as bytes Transaction prev_output script_sig value script_pubkey
Transaction hash Transaction prev_output script_sig value script_pubkey tx hash SHA-256
Take your private key Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256
Sign transaction hash Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256 sign
That’s a signature Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256 sign signature
Derive public key Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256 sign signature public key derive
Put both in script_sig Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256 sign signature public key derive
Transactions and signing Malleability ● Malleating ● Signature validity ● Fool the exchange ● Lightning network Witness From scratch
Malleability ● Changing of transaction hash ● Inputs and outputs stay the same ● Signature still valid ● You receive your money
Let’s imagine transaction prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY
Take its hash, sign it and push prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY signature
Now push your public key prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY PUSHDATA(33) 027c...62e7 signature public key
Get the transaction hash prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY PUSHDATA(33) 027c...62e7 Transaction hash 255111d171046d4a448cafcb5886885c377afd5f87b8b015110556933cb1299a signature public key
What if we put something meaningless? Transaction hash ????????????????????????????????????????????????????????????? prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY PUSHDATA(33) 027c...62e7OP_0 OP_DROP signature public keymeaningless
Hash changed, signature still valid Transaction hash d3434165924ffb1182c5be4fced201dd3f7f9ddb6da775044d072d315399301c prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY PUSHDATA(33) 027c...62e7OP_0 OP_DROP signature public keymeaningless
Transactions and signing Malleability ● Malleating ● Signature validity ● Fool the exchange ● Lightning network Witness From scratch
Change transaction without changing signature How transaction signature is still valid?
Change transaction without changing signature How transaction signature is still valid? script_sig field is not included in hash calculation when and verifying transaction (doing OP_CHECKSIG or OP_CHECKSIGVERIFY)
Change transaction without changing signature How transaction signature is still valid? script_sig field is not included in hash calculation when and verifying transaction (doing OP_CHECKSIG or OP_CHECKSIGVERIFY) This type of malleability is called script_sig malleability
Let’s sign the transaction Transaction prev_output empty script_sig value script_pubkey Unsigned TX
Produce hash of unsigned TX Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 Unsigned TX
Sign it with your private key Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 signature Unsigned TX sign with private key
Put signature back into script_sig Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 signature Transaction prev_output script_sig value script_pubkey Unsigned TX Signed TX sign with private key
Produce hash of signed TX Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 signature Transaction prev_output script_sig value script_pubkey Unsigned TX Signed TX transaction hash SHA-256 sign with private key
These are different hashes! Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 signature Transaction prev_output script_sig value script_pubkey Unsigned TX Signed TX transaction hash SHA-256 sign with private key
Validating transaction When network receives new transaction to figure out if signature is valid it takes hash of transaction without script_sig and checks against it
Transactions and signing Malleability ● Malleating ● Signature validity ● Fool the exchange ● Lightning network Witness From scratch
Back in the day... ● Go to your favourite and naive exchange ● Press withdraw money ● Remember the hash of withdrawal transaction ● Maleate transaction on your side (e.g. by mining) ● Receive your money on your wallet ● Go to exchange customer support ● Say that you cannot find transaction with such hash ● Get another withdrawal of the same amount ● ?????? ● PROFIT
Transactions and signing Malleability ● Malleating ● Signature validity ● Fool the exchange ● Lightning network Witness From scratch
Scalability problem Lightning network needs guarantees that transaction hash can not be changed
Lightning network ● You and your friend create a multisig transaction with 100 BTC on the balance ● Then you both create exit transactions linked to this transaction and they stay unconfirmed ● If malleability is present your friend can change multisig transaction before in gets confirmed ● You may lose your money not being able to issue a refund ● It makes lightning channels unreliable
Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
What is this witness? prev_output value script_sig script_pubkey
What is this witness? ● Witness is separate transaction field prev_output value script_sig script_pubkey witness
What is this witness? ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig prev_output value script_sig script_pubkey witness kind of
What is this witness? ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification prev_output value script_sig script_pubkey witness kind of
What is this witness? ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification ● And it is no longer just script sequence prev_output value script_sig script_pubkey witness kind of
What is this witness? ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification ● And it is no longer just script sequence ● It’s a stack of initial items for script prev_output value script_sig script_pubkey witness kind of first second ... last
What is this witness? prev_output value script_sig script_pubkey witness kind of ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification ● And it is no longer just script sequence ● It’s a stack of initial data items for script ● Last item is executable script sequence first second ... last
What is this witness? prev_output value script_sig script_pubkey witness kind of ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification ● And it is no longer just script sequence ● It’s a stack of initial data items for script ● Last item is executable script sequence ● Script_pubkey of transaction to unlock contains hash of last witness item first second ... last SHA-256
Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
Good ol’ transaction hash prev_output value script_sig script_pubkey witness Transaction hash aka TXID
Introducing brand new hash prev_output value script_sig script_pubkey witness Transaction hash aka TXID Witness transaction hash aka WTXID
Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
Take every transaction in a block Tx witness hash Tx witness hash Tx witness hash Tx witness hash
Put their witness hashes in a tree Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash
Merkelize tree to get root Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Witness Merkle root
Where to put witness merkle root? ● Block header has no empty or unused fields ● But we have some field in the very first transaction in a block ● This transaction is called “coinbase” and it is added by miner and has mining reward ● As it creates BTC out of thin air its script_sig field can contain 64 arbitrary bytes ● It even contains famous phrase by Satoshi in coinbase of genesis block ● So now miners are obligated to use that space for storing merkle root
Commitment structure Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Block Coinbase transaction script_sig Witness Merkle root
Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
Hash public key of recipient public key SHA-256
Put hash into unlocking script OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG public key SHA-256
Hash of whole unlocking script Hash unlocking script OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG b2f34055c1f69660220426c9be328960c65b8d9a50 public key SHA-256 SHA-256
Prepend witness version byte 0 OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG b2f34055c1f69660220426c9be328960c65b8d9a50 Witness version Hash of whole unlocking script public key SHA-256 SHA-256
Put this bad boy into script_pubkey 0 OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG b2f34055c1f69660220426c9be328960c65b8d9a50 Witness version Hash of whole unlocking script public key SHA-256 prev_output script_sig value script_pubkey SHA-256
Let’s remember this tx hash 0 OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG b2f34055c1f69660220426c9be328960c65b8d9a50 Witness version Hash of whole unlocking script public key SHA-256 prev_output script_sig value script_pubkey SHA-256 Transaction hash is: 182c5be4fced201dd3f7f9ddb6da775042d315399301c9ddb6d75044d072d3
Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
Leave your script_sig empty Transaction prev_output script_sig value script_pubkey
Hash your tx and sign it Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256 sign
Put signature as first element of witness Transaction prev_output script_sig value script_pubkey Witness private key tx hash SHA-256 sign signature
Derive your public key Transaction prev_output script_sig value script_pubkey Witness private key tx hash SHA-256 sign signature public key derive SHA-256
And put it as second witness item Transaction prev_output script_sig value script_pubkey Witness private key tx hash SHA-256 sign signature public key derive public key unlocking script
Now hash your pubkey and create unlocking script Transaction prev_output script_sig value script_pubkey Witness OP_DUP OP_HASH160 380011...53a7b4d OP_EQUALVERIFY OP_CHECKSIG private key tx hash SHA-256 sign signature public key derive SHA-256 public key unlocking script
Transaction Put this script as last item prev_output script_sig value script_pubkey Witness OP_DUP OP_HASH160 380011...53a7b4d OP_EQUALVERIFY OP_CHECKSIG private key tx hash SHA-256 sign signature public key derive SHA-256 public key unlocking script
Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
Nodes validate hash of last witness item with previous script_pubkey OP_DUP OP_HASH160 <pubkey_hash> OP_EQUALVERIFY OP_CHECKSIG Previous transaction script_pubkey SHA-256
When network tries to execute script items get pushed onto stack Script stack signature public key OP_DUP OP_HASH160 <pubkey_hash> OP_EQUALVERIFY OP_CHECKSIG Previous transaction script_pubkey SHA-256
Script stack Last witness item gets executed signature public key OP_DUP OP_HASH160 <pubkey_hash> OP_EQUALVERIFY OP_CHECKSIG Previous transaction script_pubkey SHA-256
What do we have now? ● Transaction is unambiguously identified ○ Its unlocking script is basically hash ○ It only has values, input tx hashes and output addresses ○ It has no script commands ● Witness fields are merkelized which includes signatures hashing for better protection ● Implementation made in a way that old clients ignore this data so it can be deployed as soft fork ● Witness is stored in separate field in block and so-called block weight is 4 megabytes so more transactions can fit
Special note ● Explained here pay to script hash is basically pay to public key hash wrapped into script. I used it for clarity here because it is similar to pre-segwit pay to public key hash which is commonly known. But Bitcoin has special shorthand for Pay to Witness Public key hash which saves some bytes in every transaction and you should use it in most cases ● But this example works perfectly if you want Multisig or just your custom script working using segregated witness mechanism
Transactions and signing Malleability Witness From scratch
How should you do it anew ● Since Witness merkle root is stored in Coinbase of every block it may be stored as separate field witness_merkle_root of block header ● You may skip all block_weight thing and just increase block size to 4 megabytes which should include transactions and witness ● If you fork you may remove every old check script variant since code contains bunch of checks which are not needed anymore
What about us? That’s what we did for our Rustheus implementation at Pandora Boxchain. We stripped everything which is related to non-witness validation and you can check it out at https://github.com/pandoraboxchain/rustheus It’s cool, fresh and written in Rust. But keep in mind it is work in progress! Thank you for attention!
@pandoraboxchain

Recomendados

Build your own block chain
Build your own block chainBuild your own block chain
Build your own block chainBohdan Szymanik
 
Ethereum wallet Intro 以太坊錢包介紹
Ethereum wallet Intro 以太坊錢包介紹Ethereum wallet Intro 以太坊錢包介紹
Ethereum wallet Intro 以太坊錢包介紹Nicholas Lin
 
以比特幣為例的區塊鏈技術介紹 ( Intro to Blockchain using Bitcoin as an example)
以比特幣為例的區塊鏈技術介紹 ( Intro to Blockchain using Bitcoin as an example)以比特幣為例的區塊鏈技術介紹 ( Intro to Blockchain using Bitcoin as an example)
以比特幣為例的區塊鏈技術介紹 ( Intro to Blockchain using Bitcoin as an example)Nicholas Lin
 
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc Beuchat
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc BeuchateGov Workshop - Digital Signature in the Blockchain - Jean-Luc Beuchat
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc BeuchateGov Innovation Center
 
Zcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist VenturesZcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist VenturesChristopher Brookins
 
Javantura v6 - Case Study: Marketplace App with Java and Hyperledger Fabric -...
Javantura v6 - Case Study: Marketplace App with Java and Hyperledger Fabric -...Javantura v6 - Case Study: Marketplace App with Java and Hyperledger Fabric -...
Javantura v6 - Case Study: Marketplace App with Java and Hyperledger Fabric -...HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
BitCoin Protocol
BitCoin ProtocolBitCoin Protocol
BitCoin ProtocolConsulthinkspa
 
Presentation_Topalidis_Giorgos
Presentation_Topalidis_GiorgosPresentation_Topalidis_Giorgos
Presentation_Topalidis_GiorgosGiorgos Topalidis
 

Recomendados

Build your own block chain
Build your own block chainBuild your own block chain
Build your own block chainBohdan Szymanik
 
Ethereum wallet Intro 以太坊錢包介紹
Ethereum wallet Intro 以太坊錢包介紹Ethereum wallet Intro 以太坊錢包介紹
Ethereum wallet Intro 以太坊錢包介紹Nicholas Lin
 
以比特幣為例的區塊鏈技術介紹 ( Intro to Blockchain using Bitcoin as an example)
以比特幣為例的區塊鏈技術介紹 ( Intro to Blockchain using Bitcoin as an example)以比特幣為例的區塊鏈技術介紹 ( Intro to Blockchain using Bitcoin as an example)
以比特幣為例的區塊鏈技術介紹 ( Intro to Blockchain using Bitcoin as an example)Nicholas Lin
 
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc Beuchat
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc BeuchateGov Workshop - Digital Signature in the Blockchain - Jean-Luc Beuchat
eGov Workshop - Digital Signature in the Blockchain - Jean-Luc BeuchateGov Innovation Center
 
Zcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist VenturesZcash (ZEC) Analysis by Pugilist Ventures
Zcash (ZEC) Analysis by Pugilist VenturesChristopher Brookins
 
Javantura v6 - Case Study: Marketplace App with Java and Hyperledger Fabric -...
Javantura v6 - Case Study: Marketplace App with Java and Hyperledger Fabric -...Javantura v6 - Case Study: Marketplace App with Java and Hyperledger Fabric -...
Javantura v6 - Case Study: Marketplace App with Java and Hyperledger Fabric -...HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
BitCoin Protocol
BitCoin ProtocolBitCoin Protocol
BitCoin ProtocolConsulthinkspa
 
Presentation_Topalidis_Giorgos
Presentation_Topalidis_GiorgosPresentation_Topalidis_Giorgos
Presentation_Topalidis_GiorgosGiorgos Topalidis
 
Id32
Id32Id32
Id32sandhish
 
The Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other CryptocurrenciesThe Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other CryptocurrenciesApondi Kevin Omondi
 
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeDeploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeHorea Porutiu
 
Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618Arnaud Le Hors
 
Programming smart contracts in solidity
Programming smart contracts in solidityProgramming smart contracts in solidity
Programming smart contracts in solidityEmanuel Mota
 
A New Business World Within A Blockchain
A New Business World Within A BlockchainA New Business World Within A Blockchain
A New Business World Within A BlockchainAlex Chepurnoy
 
Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20Truong Nguyen
 
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...Romeo Kienzler
 
A Zero-Knowledge Proof: Improving Privacy on a Blockchain
A Zero-Knowledge Proof: Improving Privacy on a BlockchainA Zero-Knowledge Proof: Improving Privacy on a Blockchain
A Zero-Knowledge Proof: Improving Privacy on a BlockchainAltoros
 
Demystify blockchain development with hyperledger fabric
Demystify blockchain development with hyperledger fabricDemystify blockchain development with hyperledger fabric
Demystify blockchain development with hyperledger fabricBenjamin Fuentes
 
Explain Ethereum smart contract hacking like i am a five
Explain Ethereum smart contract hacking like i am a fiveExplain Ethereum smart contract hacking like i am a five
Explain Ethereum smart contract hacking like i am a fiveZoltan Balazs
 
Architecture of the Hyperledger Blockchain Fabric
Architecture of the Hyperledger Blockchain FabricArchitecture of the Hyperledger Blockchain Fabric
Architecture of the Hyperledger Blockchain Fabricmustafa sarac
 
Switcheo Network - Advanced NEO Smart Contracts
Switcheo Network - Advanced NEO Smart ContractsSwitcheo Network - Advanced NEO Smart Contracts
Switcheo Network - Advanced NEO Smart ContractsSwitcheo
 
Bitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodBitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodGalin Dinkov
 
Bitcoin’s blockchain - from hashes to Escrow and beyond
Bitcoin’s blockchain - from hashes to Escrow and beyondBitcoin’s blockchain - from hashes to Escrow and beyond
Bitcoin’s blockchain - from hashes to Escrow and beyondGrzegorz Gawron
 
Bitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceBitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceAll Things Open
 
Blockchain (and Bitcoin)
Blockchain (and Bitcoin) Blockchain (and Bitcoin)
Blockchain (and Bitcoin) Nitin Jain
 
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...Dace Barone
 
Blockchain
BlockchainBlockchain
BlockchainNikolaMatijaevi
 
Blockchain with scala
Blockchain with scalaBlockchain with scala
Blockchain with scalaHongchao Liu
 
How to Build Your Own Blockchain
How to Build Your Own BlockchainHow to Build Your Own Blockchain
How to Build Your Own BlockchainLeonid Beder
 
Introduction to Bitcoin for programmers
Introduction to Bitcoin for programmersIntroduction to Bitcoin for programmers
Introduction to Bitcoin for programmersWojciech Langiewicz
 

Más contenido relacionado

La actualidad más candente

The Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other CryptocurrenciesThe Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other CryptocurrenciesApondi Kevin Omondi
 
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeDeploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeHorea Porutiu
 
Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618Arnaud Le Hors
 
Programming smart contracts in solidity
Programming smart contracts in solidityProgramming smart contracts in solidity
Programming smart contracts in solidityEmanuel Mota
 
A New Business World Within A Blockchain
A New Business World Within A BlockchainA New Business World Within A Blockchain
A New Business World Within A BlockchainAlex Chepurnoy
 
Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20Truong Nguyen
 
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...Romeo Kienzler
 
A Zero-Knowledge Proof: Improving Privacy on a Blockchain
A Zero-Knowledge Proof: Improving Privacy on a BlockchainA Zero-Knowledge Proof: Improving Privacy on a Blockchain
A Zero-Knowledge Proof: Improving Privacy on a BlockchainAltoros
 
Demystify blockchain development with hyperledger fabric
Demystify blockchain development with hyperledger fabricDemystify blockchain development with hyperledger fabric
Demystify blockchain development with hyperledger fabricBenjamin Fuentes
 
Explain Ethereum smart contract hacking like i am a five
Explain Ethereum smart contract hacking like i am a fiveExplain Ethereum smart contract hacking like i am a five
Explain Ethereum smart contract hacking like i am a fiveZoltan Balazs
 
Architecture of the Hyperledger Blockchain Fabric
Architecture of the Hyperledger Blockchain FabricArchitecture of the Hyperledger Blockchain Fabric
Architecture of the Hyperledger Blockchain Fabricmustafa sarac
 

La actualidad más candente (12)

Id32
Id32Id32
Id32
 
The Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other CryptocurrenciesThe Blockchain, Bitcoin and other Cryptocurrencies
The Blockchain, Bitcoin and other Cryptocurrencies
 
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & CodeDeploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
Deploy a blockchain web-app with Hyperledger Fabric 1.4 - Concepts & Code
 
Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618Hyperledger Fabric Application Development 20190618
Hyperledger Fabric Application Development 20190618
 
Programming smart contracts in solidity
Programming smart contracts in solidityProgramming smart contracts in solidity
Programming smart contracts in solidity
 
A New Business World Within A Blockchain
A New Business World Within A BlockchainA New Business World Within A Blockchain
A New Business World Within A Blockchain
 
Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20Ethereum Blockchain with Smart contract and ERC20
Ethereum Blockchain with Smart contract and ERC20
 
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...
Architecture of the Hyperledger Blockchain Fabric - Christian Cachin - IBM Re...
 
A Zero-Knowledge Proof: Improving Privacy on a Blockchain
A Zero-Knowledge Proof: Improving Privacy on a BlockchainA Zero-Knowledge Proof: Improving Privacy on a Blockchain
A Zero-Knowledge Proof: Improving Privacy on a Blockchain
 
Demystify blockchain development with hyperledger fabric
Demystify blockchain development with hyperledger fabricDemystify blockchain development with hyperledger fabric
Demystify blockchain development with hyperledger fabric
 
Explain Ethereum smart contract hacking like i am a five
Explain Ethereum smart contract hacking like i am a fiveExplain Ethereum smart contract hacking like i am a five
Explain Ethereum smart contract hacking like i am a five
 
Architecture of the Hyperledger Blockchain Fabric
Architecture of the Hyperledger Blockchain FabricArchitecture of the Hyperledger Blockchain Fabric
Architecture of the Hyperledger Blockchain Fabric
 

Similar a Malleability and SegWit

Switcheo Network - Advanced NEO Smart Contracts
Switcheo Network - Advanced NEO Smart ContractsSwitcheo Network - Advanced NEO Smart Contracts
Switcheo Network - Advanced NEO Smart ContractsSwitcheo
 
Bitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodBitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodGalin Dinkov
 
Bitcoin’s blockchain - from hashes to Escrow and beyond
Bitcoin’s blockchain - from hashes to Escrow and beyondBitcoin’s blockchain - from hashes to Escrow and beyond
Bitcoin’s blockchain - from hashes to Escrow and beyondGrzegorz Gawron
 
Bitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceBitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceAll Things Open
 
Blockchain (and Bitcoin)
Blockchain (and Bitcoin) Blockchain (and Bitcoin)
Blockchain (and Bitcoin) Nitin Jain
 
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...Dace Barone
 
Blockchain with scala
Blockchain with scalaBlockchain with scala
Blockchain with scalaHongchao Liu
 
How to Build Your Own Blockchain
How to Build Your Own BlockchainHow to Build Your Own Blockchain
How to Build Your Own BlockchainLeonid Beder
 
Introduction to Bitcoin for programmers
Introduction to Bitcoin for programmersIntroduction to Bitcoin for programmers
Introduction to Bitcoin for programmersWojciech Langiewicz
 
Interledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainInterledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainAmazon Web Services
 
Wallets and Transactions #2
Wallets and Transactions #2Wallets and Transactions #2
Wallets and Transactions #2BCWorkspace
 
Ethereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software UniversityEthereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software UniversityOpen Source University
 
Bitcoin protocol for developers at techfest
Bitcoin protocol for developers at techfestBitcoin protocol for developers at techfest
Bitcoin protocol for developers at techfestAlberto Gomez Toribio
 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the BankerBohdan Szymanik
 
Presentation topalidis giorgos
Presentation topalidis giorgosPresentation topalidis giorgos
Presentation topalidis giorgosGiorgos Topalidis
 
Blockchain in enterprise - Challenges, Considerations and Designs
Blockchain in enterprise - Challenges, Considerations and DesignsBlockchain in enterprise - Challenges, Considerations and Designs
Blockchain in enterprise - Challenges, Considerations and DesignsMichael Chi
 
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital DisruptionWSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital DisruptionWSO2
 

Similar a Malleability and SegWit (20)

Switcheo Network - Advanced NEO Smart Contracts
Switcheo Network - Advanced NEO Smart ContractsSwitcheo Network - Advanced NEO Smart Contracts
Switcheo Network - Advanced NEO Smart Contracts
 
Bitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the HoodBitcoin Blockchain - Under the Hood
Bitcoin Blockchain - Under the Hood
 
Bitcoin’s blockchain - from hashes to Escrow and beyond
Bitcoin’s blockchain - from hashes to Escrow and beyondBitcoin’s blockchain - from hashes to Escrow and beyond
Bitcoin’s blockchain - from hashes to Escrow and beyond
 
Bitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceBitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open Source
 
Blockchain (and Bitcoin)
Blockchain (and Bitcoin) Blockchain (and Bitcoin)
Blockchain (and Bitcoin)
 
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
“Technical Intro to Blockhain” by Yurijs Pimenovs from Paybis at CryptoCurren...
 
Blockchain
BlockchainBlockchain
Blockchain
 
Blockchain with scala
Blockchain with scalaBlockchain with scala
Blockchain with scala
 
How to Build Your Own Blockchain
How to Build Your Own BlockchainHow to Build Your Own Blockchain
How to Build Your Own Blockchain
 
Introduction to Bitcoin for programmers
Introduction to Bitcoin for programmersIntroduction to Bitcoin for programmers
Introduction to Bitcoin for programmers
 
Interledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed BlockchainInterledger DvP Settlement on Amazon Managed Blockchain
Interledger DvP Settlement on Amazon Managed Blockchain
 
Wallets and Transactions #2
Wallets and Transactions #2Wallets and Transactions #2
Wallets and Transactions #2
 
Ethereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software UniversityEthereum Blockchain and DApps - Workshop at Software University
Ethereum Blockchain and DApps - Workshop at Software University
 
Bitcoin protocol for developers at techfest
Bitcoin protocol for developers at techfestBitcoin protocol for developers at techfest
Bitcoin protocol for developers at techfest
 
Intro to blockchain
Intro to blockchainIntro to blockchain
Intro to blockchain
 
BlockChain for the Banker
BlockChain for the BankerBlockChain for the Banker
BlockChain for the Banker
 
Presentation topalidis giorgos
Presentation topalidis giorgosPresentation topalidis giorgos
Presentation topalidis giorgos
 
Blockchain in enterprise - Challenges, Considerations and Designs
Blockchain in enterprise - Challenges, Considerations and DesignsBlockchain in enterprise - Challenges, Considerations and Designs
Blockchain in enterprise - Challenges, Considerations and Designs
 
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital DisruptionWSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
WSO2Con USA 2017: Keynote - The Blockchain’s Digital Disruption
 
Ethereum-Cryptocurrency (All about Ethereum)
Ethereum-Cryptocurrency (All about Ethereum) Ethereum-Cryptocurrency (All about Ethereum)
Ethereum-Cryptocurrency (All about Ethereum)
 

Más de Pandora Boxchain

How to design a decentralisation: is blockchain & token needed or just a buzz...
How to design a decentralisation: is blockchain & token needed or just a buzz...How to design a decentralisation: is blockchain & token needed or just a buzz...
How to design a decentralisation: is blockchain & token needed or just a buzz...Pandora Boxchain
 
Tradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus ProtocolsTradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus ProtocolsPandora Boxchain
 
Why we need censorship-resistant AI
Why we need censorship-resistant AIWhy we need censorship-resistant AI
Why we need censorship-resistant AIPandora Boxchain
 
Proof of Computing Work Protocol by Pandora Boxchain
Proof of Computing Work Protocol by Pandora BoxchainProof of Computing Work Protocol by Pandora Boxchain
Proof of Computing Work Protocol by Pandora BoxchainPandora Boxchain
 
How AI benefits from Blockchain and Game Theory with Scalable Censorship-resi...
How AI benefits from Blockchain and Game Theory with Scalable Censorship-resi...How AI benefits from Blockchain and Game Theory with Scalable Censorship-resi...
How AI benefits from Blockchain and Game Theory with Scalable Censorship-resi...Pandora Boxchain
 
World decentralized AI on blockchain: simple explanation of Pandora Boxchain ...
World decentralized AI on blockchain: simple explanation of Pandora Boxchain ...World decentralized AI on blockchain: simple explanation of Pandora Boxchain ...
World decentralized AI on blockchain: simple explanation of Pandora Boxchain ...Pandora Boxchain
 
Pandora Boxchain: AI & Blockchain Project
Pandora Boxchain: AI & Blockchain ProjectPandora Boxchain: AI & Blockchain Project
Pandora Boxchain: AI & Blockchain ProjectPandora Boxchain
 

Más de Pandora Boxchain (8)

The #FreeAI Manifesto
The #FreeAI ManifestoThe #FreeAI Manifesto
The #FreeAI Manifesto
 
How to design a decentralisation: is blockchain & token needed or just a buzz...
How to design a decentralisation: is blockchain & token needed or just a buzz...How to design a decentralisation: is blockchain & token needed or just a buzz...
How to design a decentralisation: is blockchain & token needed or just a buzz...
 
Tradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus ProtocolsTradeoffs in PoS Consensus Protocols
Tradeoffs in PoS Consensus Protocols
 
Why we need censorship-resistant AI
Why we need censorship-resistant AIWhy we need censorship-resistant AI
Why we need censorship-resistant AI
 
Proof of Computing Work Protocol by Pandora Boxchain
Proof of Computing Work Protocol by Pandora BoxchainProof of Computing Work Protocol by Pandora Boxchain
Proof of Computing Work Protocol by Pandora Boxchain
 
How AI benefits from Blockchain and Game Theory with Scalable Censorship-resi...
How AI benefits from Blockchain and Game Theory with Scalable Censorship-resi...How AI benefits from Blockchain and Game Theory with Scalable Censorship-resi...
How AI benefits from Blockchain and Game Theory with Scalable Censorship-resi...
 
World decentralized AI on blockchain: simple explanation of Pandora Boxchain ...
World decentralized AI on blockchain: simple explanation of Pandora Boxchain ...World decentralized AI on blockchain: simple explanation of Pandora Boxchain ...
World decentralized AI on blockchain: simple explanation of Pandora Boxchain ...
 
Pandora Boxchain: AI & Blockchain Project
Pandora Boxchain: AI & Blockchain ProjectPandora Boxchain: AI & Blockchain Project
Pandora Boxchain: AI & Blockchain Project
 

Último

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 

Último (20)

Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 

Malleability and SegWit

  • 1. Malleability and SegWit How segregated witness aims to fix transaction malleability problem Julian Konchunas Pandora Boxchain core developer konchunas@pandoraboxchain.ai
  • 2. Motivation ● Our Prometheus protocol is based and inspired by Bitcoin. We take chunks of Bitcoin implementation and put them together ● As you may know Bitcoin was created 9 years ago and it has collected some amount of technical debt because it has faced several challenges throughout this years. ● One of such big challenges was so called transaction malleability, which recently have been fixed by Segregated Witness. Everybody heard of it, but not everybody knows how it works from a technical side. ● I will tell you about how it works as simple as I can, but understanding of how payments are done in Bitcoin would be good for you ● And also I will shed some light as how to fix this problem if you are going to create your Bitcoin-like blockchain from scratch.
  • 4. Transactions and signing ● Simplified structure ● Transaction unlocking ● Signature forming Malleability Witness From scratch
  • 6. Simplified transaction structure How much bitcoins we want to send value Output Input 5
  • 7. Simplified transaction structure Previous transaction hash where we should take these 5 bitcoins prev_output value Output Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5
  • 8. Simplified transaction structure Proofs that you have the rights to use funds from previous transaction prev_output value Output Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 script_sig 6c9be328960c65b8dab9a50d98cda7...2aae86c937562c0c58e5962b8514301 5
  • 9. Simplified transaction structure prev_output value Output script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 OP_DUP OP_HASH160 <pubkeyHash> OP_EQUALVERIFY Rules for unlocking this transaction bitcoins in future script_sig 6c9be328960c65b8dab9a50d98cda7...2aae86c937562c0c58e5962b8514301 5
  • 10. Transactions and signing ● Simplified structure ● Transaction unlocking ● Signature forming Malleability Witness From scratch
  • 11. Pay to public key hash (P2PKH) Locks transaction by script:script_pubkey
  • 12. Pay to public key hash (P2PKH) OP_DUP OP_HASH160 <pubkeyHash> OP_EQUALVERIFY OP_CHECKSIG which says “allow to use these funds to owner of specific keys” Locks transaction by script:script_pubkey
  • 13. Pay to public key hash (P2PKH) script_sig OP_DUP OP_HASH160 <pubkeyHash> OP_EQUALVERIFY OP_CHECKSIG which says “allow to use these funds to owner of specific keys” Locks transaction by script:script_pubkey Unlocks transaction
  • 14. Pay to public key hash (P2PKH) And to prove that you have these keys you should provide: ● Signature ● Public key script_sig OP_DUP OP_HASH160 <pubkeyHash> OP_EQUALVERIFY OP_CHECKSIG which says “allow to use these funds to owner of specific keys” Locks transaction by script:script_pubkey Unlocks transaction
  • 15. Transactions and signing ● Simplified structure ● Transaction unlocking ● Signature forming Malleability Witness From scratch
  • 16. Take transaction fields as bytes Transaction prev_output script_sig value script_pubkey
  • 18. Take your private key Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256
  • 21. Derive public key Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256 sign signature public key derive
  • 22. Put both in script_sig Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256 sign signature public key derive
  • 23. Transactions and signing Malleability ● Malleating ● Signature validity ● Fool the exchange ● Lightning network Witness From scratch
  • 24. Malleability ● Changing of transaction hash ● Inputs and outputs stay the same ● Signature still valid ● You receive your money
  • 26. Take its hash, sign it and push prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY signature
  • 27. Now push your public key prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY PUSHDATA(33) 027c...62e7 signature public key
  • 28. Get the transaction hash prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY PUSHDATA(33) 027c...62e7 Transaction hash 255111d171046d4a448cafcb5886885c377afd5f87b8b015110556933cb1299a signature public key
  • 29. What if we put something meaningless? Transaction hash ????????????????????????????????????????????????????????????? prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY PUSHDATA(33) 027c...62e7OP_0 OP_DROP signature public keymeaningless
  • 30. Hash changed, signature still valid Transaction hash d3434165924ffb1182c5be4fced201dd3f7f9ddb6da775044d072d315399301c prev_output value Output script_sig script_pubkey Input 3a82db8f9648518144a435d5de8922ad3c4210c26cbb6cfff6a0d866323fca27 5 PUSHDATA(72) 0450...3e01 OP_DUP OP_HASH160 PUSHDATA_20 380011...53a7b4d OP_EQUALVERIFY PUSHDATA(33) 027c...62e7OP_0 OP_DROP signature public keymeaningless
  • 31. Transactions and signing Malleability ● Malleating ● Signature validity ● Fool the exchange ● Lightning network Witness From scratch
  • 32. Change transaction without changing signature How transaction signature is still valid?
  • 33. Change transaction without changing signature How transaction signature is still valid? script_sig field is not included in hash calculation when and verifying transaction (doing OP_CHECKSIG or OP_CHECKSIGVERIFY)
  • 34. Change transaction without changing signature How transaction signature is still valid? script_sig field is not included in hash calculation when and verifying transaction (doing OP_CHECKSIG or OP_CHECKSIGVERIFY) This type of malleability is called script_sig malleability
  • 35. Let’s sign the transaction Transaction prev_output empty script_sig value script_pubkey Unsigned TX
  • 36. Produce hash of unsigned TX Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 Unsigned TX
  • 37. Sign it with your private key Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 signature Unsigned TX sign with private key
  • 38. Put signature back into script_sig Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 signature Transaction prev_output script_sig value script_pubkey Unsigned TX Signed TX sign with private key
  • 39. Produce hash of signed TX Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 signature Transaction prev_output script_sig value script_pubkey Unsigned TX Signed TX transaction hash SHA-256 sign with private key
  • 40. These are different hashes! Transaction prev_output empty script_sig value script_pubkey unsigned transaction hash SHA-256 signature Transaction prev_output script_sig value script_pubkey Unsigned TX Signed TX transaction hash SHA-256 sign with private key
  • 41. Validating transaction When network receives new transaction to figure out if signature is valid it takes hash of transaction without script_sig and checks against it
  • 42. Transactions and signing Malleability ● Malleating ● Signature validity ● Fool the exchange ● Lightning network Witness From scratch
  • 43. Back in the day... ● Go to your favourite and naive exchange ● Press withdraw money ● Remember the hash of withdrawal transaction ● Maleate transaction on your side (e.g. by mining) ● Receive your money on your wallet ● Go to exchange customer support ● Say that you cannot find transaction with such hash ● Get another withdrawal of the same amount ● ?????? ● PROFIT
  • 44. Transactions and signing Malleability ● Malleating ● Signature validity ● Fool the exchange ● Lightning network Witness From scratch
  • 45. Scalability problem Lightning network needs guarantees that transaction hash can not be changed
  • 46. Lightning network ● You and your friend create a multisig transaction with 100 BTC on the balance ● Then you both create exit transactions linked to this transaction and they stay unconfirmed ● If malleability is present your friend can change multisig transaction before in gets confirmed ● You may lose your money not being able to issue a refund ● It makes lightning channels unreliable
  • 47. Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
  • 48. What is this witness? prev_output value script_sig script_pubkey
  • 49. What is this witness? ● Witness is separate transaction field prev_output value script_sig script_pubkey witness
  • 50. What is this witness? ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig prev_output value script_sig script_pubkey witness kind of
  • 51. What is this witness? ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification prev_output value script_sig script_pubkey witness kind of
  • 52. What is this witness? ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification ● And it is no longer just script sequence prev_output value script_sig script_pubkey witness kind of
  • 53. What is this witness? ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification ● And it is no longer just script sequence ● It’s a stack of initial items for script prev_output value script_sig script_pubkey witness kind of first second ... last
  • 54. What is this witness? prev_output value script_sig script_pubkey witness kind of ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification ● And it is no longer just script sequence ● It’s a stack of initial data items for script ● Last item is executable script sequence first second ... last
  • 55. What is this witness? prev_output value script_sig script_pubkey witness kind of ● Witness is separate transaction field ● You may think of it as of sophisticated script_sig ● But it is no longer part of transaction identification ● And it is no longer just script sequence ● It’s a stack of initial data items for script ● Last item is executable script sequence ● Script_pubkey of transaction to unlock contains hash of last witness item first second ... last SHA-256
  • 56. Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
  • 57. Good ol’ transaction hash prev_output value script_sig script_pubkey witness Transaction hash aka TXID
  • 58. Introducing brand new hash prev_output value script_sig script_pubkey witness Transaction hash aka TXID Witness transaction hash aka WTXID
  • 59. Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
  • 60. Take every transaction in a block Tx witness hash Tx witness hash Tx witness hash Tx witness hash
  • 61. Put their witness hashes in a tree Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash
  • 62. Merkelize tree to get root Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Witness Merkle root
  • 63. Where to put witness merkle root? ● Block header has no empty or unused fields ● But we have some field in the very first transaction in a block ● This transaction is called “coinbase” and it is added by miner and has mining reward ● As it creates BTC out of thin air its script_sig field can contain 64 arbitrary bytes ● It even contains famous phrase by Satoshi in coinbase of genesis block ● So now miners are obligated to use that space for storing merkle root
  • 64. Commitment structure Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Tx witness hash Block Coinbase transaction script_sig Witness Merkle root
  • 65. Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
  • 66. Hash public key of recipient public key SHA-256
  • 67. Put hash into unlocking script OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG public key SHA-256
  • 68. Hash of whole unlocking script Hash unlocking script OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG b2f34055c1f69660220426c9be328960c65b8d9a50 public key SHA-256 SHA-256
  • 69. Prepend witness version byte 0 OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG b2f34055c1f69660220426c9be328960c65b8d9a50 Witness version Hash of whole unlocking script public key SHA-256 SHA-256
  • 70. Put this bad boy into script_pubkey 0 OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG b2f34055c1f69660220426c9be328960c65b8d9a50 Witness version Hash of whole unlocking script public key SHA-256 prev_output script_sig value script_pubkey SHA-256
  • 71. Let’s remember this tx hash 0 OP_DUP OP_HASH160 38001...a7b4d OP_EQUALVERIFY OP_CHECKSIG b2f34055c1f69660220426c9be328960c65b8d9a50 Witness version Hash of whole unlocking script public key SHA-256 prev_output script_sig value script_pubkey SHA-256 Transaction hash is: 182c5be4fced201dd3f7f9ddb6da775042d315399301c9ddb6d75044d072d3
  • 72. Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
  • 73. Leave your script_sig empty Transaction prev_output script_sig value script_pubkey
  • 74. Hash your tx and sign it Transaction prev_output script_sig value script_pubkey private key tx hash SHA-256 sign
  • 75. Put signature as first element of witness Transaction prev_output script_sig value script_pubkey Witness private key tx hash SHA-256 sign signature
  • 76. Derive your public key Transaction prev_output script_sig value script_pubkey Witness private key tx hash SHA-256 sign signature public key derive SHA-256
  • 77. And put it as second witness item Transaction prev_output script_sig value script_pubkey Witness private key tx hash SHA-256 sign signature public key derive public key unlocking script
  • 78. Now hash your pubkey and create unlocking script Transaction prev_output script_sig value script_pubkey Witness OP_DUP OP_HASH160 380011...53a7b4d OP_EQUALVERIFY OP_CHECKSIG private key tx hash SHA-256 sign signature public key derive SHA-256 public key unlocking script
  • 79. Transaction Put this script as last item prev_output script_sig value script_pubkey Witness OP_DUP OP_HASH160 380011...53a7b4d OP_EQUALVERIFY OP_CHECKSIG private key tx hash SHA-256 sign signature public key derive SHA-256 public key unlocking script
  • 80. Transactions and signing Malleability Witness ● Transaction structure ● New type of hash ● Commitment structure ● Prepare witness locked transaction ● Pay to witness script hash ● Validation and execution From scratch
  • 81. Nodes validate hash of last witness item with previous script_pubkey OP_DUP OP_HASH160 <pubkey_hash> OP_EQUALVERIFY OP_CHECKSIG Previous transaction script_pubkey SHA-256
  • 82. When network tries to execute script items get pushed onto stack Script stack signature public key OP_DUP OP_HASH160 <pubkey_hash> OP_EQUALVERIFY OP_CHECKSIG Previous transaction script_pubkey SHA-256
  • 83. Script stack Last witness item gets executed signature public key OP_DUP OP_HASH160 <pubkey_hash> OP_EQUALVERIFY OP_CHECKSIG Previous transaction script_pubkey SHA-256
  • 84. What do we have now? ● Transaction is unambiguously identified ○ Its unlocking script is basically hash ○ It only has values, input tx hashes and output addresses ○ It has no script commands ● Witness fields are merkelized which includes signatures hashing for better protection ● Implementation made in a way that old clients ignore this data so it can be deployed as soft fork ● Witness is stored in separate field in block and so-called block weight is 4 megabytes so more transactions can fit
  • 85. Special note ● Explained here pay to script hash is basically pay to public key hash wrapped into script. I used it for clarity here because it is similar to pre-segwit pay to public key hash which is commonly known. But Bitcoin has special shorthand for Pay to Witness Public key hash which saves some bytes in every transaction and you should use it in most cases ● But this example works perfectly if you want Multisig or just your custom script working using segregated witness mechanism
  • 87. How should you do it anew ● Since Witness merkle root is stored in Coinbase of every block it may be stored as separate field witness_merkle_root of block header ● You may skip all block_weight thing and just increase block size to 4 megabytes which should include transactions and witness ● If you fork you may remove every old check script variant since code contains bunch of checks which are not needed anymore
  • 88. What about us? That’s what we did for our Rustheus implementation at Pandora Boxchain. We stripped everything which is related to non-witness validation and you can check it out at https://github.com/pandoraboxchain/rustheus It’s cool, fresh and written in Rust. But keep in mind it is work in progress! Thank you for attention!