Where we explain how the cryptographic ideas are used to create a crypto asset on the block chain. This one part of a three part slide deck. For the full deck and the context please visit http://bit.ly/pm-bbc
2. Establishing Ownership & Transfer of an Asset
Problem with any non-material, or dematerialised asset is the question of
ownership
Arup can write a cheque to Bina without having money in the bank
Or can write two cheques of Rs 1000 each to Bina and Dipa while having
only Rs 1000 in the bank
Arup may not have a house to sell
Or may try to sell the same house twice
3. Ownership verified with a central ledger
Each transaction
is validated or
allowed by a
bank, or a share
depository or a
land registry
office depending
on the “balance”
available in the
central ledger
Name Bal
Arup 1000
Bina 2000
Chandru 1500
Dipa 200
Esha 4000
Arup transfers 600 to Bina
Bina transfers 1500 to Chandru
Chandru transfers 2500 to Dipa
Dipa transfers 100 to Esha
4. The Distributed Ledger
Name Bal
Arup 1000
Bina 2000
Chandru 1500
Dipa 200
Esha 1000
Arup xfers 600 to Bina
Bina xfers 1500 to Chandru
Chandru xfers 2500 to Dipa
Dipa xfers 100 to Esha
Name Bal
Arup 1000
Bina 2000
Chandru 1500
Dipa 200
Esha 1000
Name Bal
Arup 1000
Bina 2000
Chandru 1500
Dipa 200
Esha 1000
Everyone can keep a
copy of the ledger.
All copies are
updated
simultaneously.
Anyone can verify
any transaction.
However everyone
need not do so.
Does not
maintain ledger,
only transacts
5. In reality, not balance but are stored
KPuA 800
KPuA 200
KPuB 1500
KPuB 500
KPuC 700
KPuC 800
KPuD 200
KPuE 1000
Arup xfers
600 to Bina
KPuA 800
KPuA 200
KPuB 600
KPuA 400
KPuA 800
KPuA 200
KPuB 1500
KPuB 500
KPuC 700
KPuC 800
KPuD 200
KPuE 1000
KPuB 600
KPuA 400
Dipa xfers
100 to Esha
KPuD 200
KPuE 100
KPuD 100
KPuA 800
KPuA 200
KPuB 1500
KPuB 500
KPuC 700
KPuC 800
KPuD 200
KPuE 1000
KPuB 600
KPuA 400
KPuE 100
KPuD 100
Chandru
xfers 2500
to Dipa
KPuA 800
KPuA 200
KPuB 1500
KPuB 500
KPuC 700
KPuC 800
KPuD 200
KPuE 1000
KPuB 600
KPuA 400
KPuE 100
KPuD 100
KPuC 700
KPuC 1000
KPuD 2500
The ledger stores
public key, not
name. Hence
anonymous
UTXO - Unspent
Transaction Output
KPuC 800
KPuB 500
What is a public key?
See this slide deck!
6. Verification : When can an UTXO not be used?
1. When UTXO does not belong to the
“person” [ or the “wallet” or the
“public key” ] who is transferring
the asset
this can be easily checked from the signature
used to sign the transfer.
1. If the UTXO does not exist in the
database!
KPuA 800
KPuA 200
KPuB 1500
KPuB 500
KPuC 700
KPuC 800
KPuD 200
KPuE 1000
KPuB 600
KPuA 400
KPuE 100
KPuD 100
KPuC 700
KPuD 2500
KPuC 800
KPuB 500
sigC
sigC
sigC
sigC
7. Suppose Arup “Double Spends”
KPuA 800
KPuA 200
KPuB 1500
KPuB 500
KPuC 700
KPuC 800
KPuD 200
KPuE 1000
Arup xfers
600 to Bina
KPuA 800
KPuA 200
KPuB 600
KPuA 400
KPuA 800
KPuA 200
KPuB 1500
KPuB 500
KPuC 700
KPuC 800
KPuD 200
KPuE 1000
KPuB 600
KPuA 400
Arup xfers
800 to Esha
KPuA 400
KPuA 500
KPuE 800
KPuA 800
KPuA 200
KPuB 1500
KPuB 500
KPuC 700
KPuC 800
KPuD 200
KPuE 1000
KPuB 600
KPuA 400
KPuA 100
KPuA 500
KPuE 800
KPuA 100
Arup creates
a fake
transaction
and
publishes a
corrupt
version of
the ledger
Will his
fake
transaction
be
accepted?
8. Network has full nodes and light nodes (wallets)
ledger
ledger
ledger
ledger
The ledger is huge ( ~ 50GB+) and growing. Not everyone
can afford to have the ledger on his or her own machine
for verification
& transaction
only
transaction
9. Whose ledger is correct?
Suppose Arup has “friends” who agree to take
a copy of his “corrupt” ledger and declare that
this is the ledger that they will follow
Can this copy of the corrupt ledger become
the accepted ledger?
Yes, if a “sufficient” number of members
of the network agree that this is indeed
the true ledger and start using it
What is a “sufficient” number?
Say 51% but then .. total number of
members in a peer-to-peer network is
never known!
So it is technically possible for a group of
people acting in concert to inject fake UTXOs
into the system thus
creating a “parallel” ledger
undermining the credibility of the “real”
ledger
10. Verification
A>B V1
C>D V2
P>Q V6
A>B V1
C>D V2
M>N V7
G>K V8
C>D V2
M>N V7
A>B V1
C>D V2
P>Q V6
Pool of unverified
transactions
Multiple full nodes
verify some
transactions and
assemble them
into a BLOCK
Block
234:id
wxd
Block
235:id
esf
Block
236
BLOCK
CHAIN
Ordered set of
verified, valid
transactions.
Shared with all
and cannot be
changed.
Which of
these 4
blocks
will be
accepted
as #236?
11. Proof of Work
A>B V1
C>D V2
P>Q V6
A>B V1
C>D V2
M>N V7
G>K V8
C>D V2
M>N V7
A>B V1
C>D V2
P>Q V6
Block
234:id
wxd
Block
235:id
esf
A>B V1
C>D V2
M>N V7
Prev Block ID = esf
“nonce” = 1,2,3 …
set of valid txns
hash
keep trying various values of the nonce until you get
a hash value that begins with a defined number of 0s
A>B V1
C>D V2
M>N V7
whoever wins “the race” gets to place his block into
the blockchain and then the race starts again for the
next block
verifying a block is easy, but locating the proof of
work is computationally hard - you need a lot of raw
CPU power
the only way a false transaction can get into the
block chain if a group of “criminals” control more
than 50% of the computing power of the network
“If a majority of CPU power is
controlled by honest nodes, the
honest chain will grow the fastest and
outpace any competing chains”
Satoshi Nakamoto
12. Reward! - the Coinbase transaction
A>B V1
C>D V2
M>N V7
Block
234:id
wxd
Block
235:id
esf
A>B V1
C>D V2
M>N V7
miner R
Why should anyone use his computational
resources AND electric power to verify
transactions for the network?
Winner is allowed to add one coinbase
transaction into the block chain that has
No INPUT
ONLY OUTPUT favouring winner
This add value to
the economy in general
the wallet of the winner that he can use in
subsequent transactions
13. The Mining Process
A self-sustaining mechanism
1. Validate Transactions
2. Demonstrate Proof-of-Work
3. Collect Rewards
Keeps the Crypto-Economy running forward
Block
234: id
wxd
Block
235: id
wst
Block
236: id
qlp
Block
237: id
bre
time >>>
Block
238: id
???
Pool of
unvalidated
transactions
BlockChain of of validated transactions
14. Latency, Simultaneity and the Fork
Since the size of the network is large, there is
definite, non-zero time lag between the
discovery of a new block and its
announcement or detection in a “distant”
node
In this interval there is a finite, non-zero
probability of another new block being
discovered and hence detected before the
other new block
The block chain is “forked” and both parts of
the chain (with the red block and the blue
block) are kept as candidates UNTIL ….
Block
234: id
wxd
Block
235: id
wst
Block
236: id
qlp
Block
237: id
bre
Block
238: id
opx
Block
238: id
wer
Note :Each block is chained to and defined by its predecessor
15. Until … the next new block is detected!
If the new block is derived from the red block
then it elongates, the red fork of the chain.
Otherwise it elongates the blue fork of the
chain.
Whichever chain is longer, has more “proof of
work” and is generally accepted by the
majority of nodes.
Now all miners will try to locate the next block
that will be derived from the latest block
(239) and the blue fork ( containing 238) will
be dropped or forgotten
Block
234: id
wxd
Block
235: id
wst
Block
236: id
qlp
Block
237: id
bre
Block
238: id
opx
Block
238: id
wer
Block
239: id
sur
16. Block Chain -- the Shared Ledger
The block chain is a read-only database of
validated transactions that is shared by all
but cannot be changed by anyone except
the one who “discovers” the next block at the
“head” of the chain.
❖ Can non-asset data be stored
in transactions?
❖ Yes! Bitcoin is just one
application
The size of the Bitcoin blockchain in Feb
2015 is 55GB and is growing exponentially.
It can be pruned, compressed and otherwise
compacted but it is estimated that even if
Bitcoin transactions exceed Visa card
transactions, scalability will not be an issue
because of Moore’s law.
Block
234: id
wxd
Block
235: id
wst
Block
236: id
qlp
Block
237: id
bre
Block
238: id
opx
Block
238: id
wer
Block
239: id
sur
Beyond
17. So what does the shared ledger store?
A new kind of
1. Crypto Currency
2. Crypto Commodity
3. Crypto Corporation
Prithwis Mukerjee, PhD, Praxis Business School, Calcutta, India
This question will
be addressed
next. See next
presentation