SlideShare a Scribd company logo

Bitcoin

Download as PPTX, PDF
S
Sikun Lin

Bitcoin Whitepaper

Technology
1 of 31
BITCOIN: A P2P ELECTRONIC CASH SYSTEM Satoshi Nakamoto
OnlineTransactions ■ Physical cash – Non-traceable (mostly) – Secure (mostly) – Low inflation ■ Can’t be used online directly  Electronic credit or debit transactions  Bank sees all transactions  Merchants can track/profile customers
E-Cash ■ Secure ■ Low inflation ■ Privacy-preserving
E-Cash Crypto Protocols  Chaum82: blind signatures for e-cash  Chaum88: retroactive double spender identification  Brandis95: restricted blind signatures  Camenisch05: compact offline e-cash ■ Various practical issues: – Need for trusted central party – Computationally expensive – Etc.
Bitcoin ■ Proposed by Satoshi Nakamoto, 2008 ■ A distributed, decentralized digital currency system ■ Effectively a bank run by an ad hoc network – A distributed transaction log
Public & Private key: Encryption & Decryption ■ Key pair generation Message Encrypted Message Message Privat e Key Public Key Encryption Decryption
Public & Private key: Digital signature &Verification ■ Keys work inversely Message Message HashValue Signed Message Hash Privat e Key Sign Message HashValue Public Key Message Message HashValue Compose Verify (Encrypt) (Decrypt) Hash
Bitcoin ■ Electronic coin = chain of digital signatures ■ Bitcoin transfer: – message = Previous transaction + payee’s public key – Ownership verification – Sign[Hash(message)] with Payer’s private key Alice gets 5 BTC fromTx 0, and wants to sent it to Bob Tx 0 Bob’s Public Key Hash Alice’s Signature Alice’s Private Key Sign Tx 1 Alice’s Public Key Verify
Address 0xa8fc93875a972ea Signature 0xa87g14632d452cd Public key 0xc7b2f68...
Transaction (cont.) ■ Input: – Multiple inputs allowed – Refer to an output from previousTx – Special: generation transaction ■ Output: at most 2 – One for payment – One for change (return to payer) In Out Out 12.5 BTC In In In Out 0.5 BTC 0.1 BTC 0.2 BTC 0.8 BTC In (Gen) Out 12 BTC Tx 1 Tx 0 Tx 2
Double-spending ■ Payee cannot verify whether the payer double-spent the coin ■ Common solution: introduce trusted central authority (3rd party) ■ What about BTC? Mint Each transaction: A B return issue Only trust money from mint Check money
Avoid double-spending ■ Be aware of all transactions: publicly announce them! ■ Need a system agreed on a single history. ■ Each node (miner) verifies validity ofTxs. ■ Include validTxs into a block, attach it to the current chain.
Proof-of-Work ■ Pick a random node in proportion to some resource that no one can monopolize. ■ Proof ofWork: – in proportion to computing power. – Nodes compete for right to create a block – Make it relatively hard to create new blocks ■ Proof of Stake: in proportion to ownership.
Proof-of-Work ■ Cryptographic Hash Functions – Consistent: hash(X) always yields same result – One-way: givenY, hard to find X s.t. hash(X) =Y – Collision resistant: given hash(W) = Z, hard to find X s.t. hash(X) = Z ■ SHA-256 is used for PoW.
Proof-of-Work ■ Block:Txs + Prev Hash ■ Find a nonce such that Hash(Txs, prev hash, nonce) < E – Find a hash value whose leading bits are zero – The work is exponential in the number of zero bits required ■ Hard to find, easy to verify.
PoW Properties ■ Difficult to compute! – Only miners bother to compete – Say 1020 hashes per block (in August 2014) ■ Cost is parameterizable – Recalculate the target space every 2 weeks so amount of work to find a block increases. – Prob (Alice wins next block) = fraction of global hash power she controls ■ Key Security Assumption – Majority of miners weighted by hash power are honest
Block chain ■ A distributed timestamp server on a peer-to-peer basis ■ Longest chain – Has the greatest proof-of-work effort invested in it – Represent majority decision (One-CPU-one-vote)
Tie breaking ■ Two nodes may find a correct block simultaneously. – Keep both and work on the first one – If one grows longer than the other, switch to work on the longer one
Bitcoin Network ■ Each P2P node runs the following algorithm: 1. New transactions are broadcast to all nodes. 2. Each node (miners) collects new transactions into a block. 3. Each node works on finding a proof-of-work for its block. 4. When a node finds a proof-of-work, it broadcasts the block to all nodes. 5. Nodes accept the block only if all transactions in it are valid (digital signature checking) and not already spent (check all the transactions). 6. Nodes express their acceptance by working on creating the next block in the chain, using the hash of the accepted block as the previous hash.
Reverting is Hard ■ Reverting gets exponentially hard as the chain grows. 1. Modify the transaction (revert, change the payer, etc.) 2. Recompute nonce 3. Recompute the next nonce
51% Attack ■ The attacker with >= half of all the computation power can succeed. ■ Gambler’s Ruin problem 0 1 2 3 P(right) = p P(left) = 1-p = q P(n) = P(1)n (prob. that move from n to 0) cliff P(1) = 1-p+p*P(2) P(2) = P(1)2 P(1) = (1-p)/p = q/p p<=0.5, then P(1)>=1 p>0.5, P(1)<1, the larger n, the safer
51% Attack (cont.) ■ BTC: if attacker is behind the longest chain by z blocks ■ Actually, 50% will do… (as long as p<= 0.5, P(1)>=1) ■ If honest is the majority: the larger the z, the safer 0 z … z+1 honest node (p) attacker node (q)
Vanishing chance ■ Simulation result: P(Attacker succeed) drop off exponentially with z
Practical Limitation ■ At least 10 mins to verify a transaction. – Agree to pay. – Wait for 1 block (10 mins) for the transaction to go through. – But for a large transaction ($$$) wait longer. ■ More block attached, more secure ■ For large $$$, wait for 6 blocks (1 hour).
Incentives ■ For miners – N new BTC reward for each new block ■ N starts from 50, halved every 210k blocks (~4 yrs) ■ Total BTC amount will not exceed 21 million – Transaction fees ■ Encourage nodes to stay honest – Attacker succeed when >= 50% CPU power – Find more profit when playing by the rules
Privacy ■ Anonymous public key ■ A new key pair for each transaction – Avoid linking to a common owner
A final word… ■ Distributed currencies are good or bad? ■ A future world without governments Q&A
Optimizations ■ MerkleTree (Hash tree) – Block header only contains the root hash – Block header is about 80 bytes – 80 bytes * 6 per/hr * 24 hrs * 365 = 4.2 MB/year
Simplified payment verification ■ Get the longest proof-of-work chain. ■ Query the block thatTx3 is in. ■ Only need Hash01 and Hash2 to verify. VerifyTx3
Reclaiming Disk Space ■ Prune spent transactions – A leaf (Tx) can be pruned when all of its outputs have been spent.

Recommended

Hydro Mining - Mining Bitcoin and other Cryptocurrencies with hydroelectric p...
Hydro Mining - Mining Bitcoin and other Cryptocurrencies with hydroelectric p...Hydro Mining - Mining Bitcoin and other Cryptocurrencies with hydroelectric p...
Hydro Mining - Mining Bitcoin and other Cryptocurrencies with hydroelectric p...Michele Mostarda
 
Fundamentals of Blockchain Technology
Fundamentals of Blockchain TechnologyFundamentals of Blockchain Technology
Fundamentals of Blockchain TechnologyBrandonBailey62
 
Lightning Network
Lightning NetworkLightning Network
Lightning NetworkFelix Crisan
 
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)Zvi Avraham
 
Bitcoin: money of the future
Bitcoin: money of the futureBitcoin: money of the future
Bitcoin: money of the futureSergei Tikhomirov
 
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contractsOWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contractsOWASP
 
Intro to Blockchain - And, by the way, what the heck is proof-of-work?
Intro to Blockchain - And, by the way, what the heck is proof-of-work?Intro to Blockchain - And, by the way, what the heck is proof-of-work?
Intro to Blockchain - And, by the way, what the heck is proof-of-work?Jim Flynn
 
Blockchain - a basic overview
Blockchain - a basic overviewBlockchain - a basic overview
Blockchain - a basic overviewSyed Rakib Al Hasan
 

Recommended

Hydro Mining - Mining Bitcoin and other Cryptocurrencies with hydroelectric p...
Hydro Mining - Mining Bitcoin and other Cryptocurrencies with hydroelectric p...Hydro Mining - Mining Bitcoin and other Cryptocurrencies with hydroelectric p...
Hydro Mining - Mining Bitcoin and other Cryptocurrencies with hydroelectric p...Michele Mostarda
 
Fundamentals of Blockchain Technology
Fundamentals of Blockchain TechnologyFundamentals of Blockchain Technology
Fundamentals of Blockchain TechnologyBrandonBailey62
 
Lightning Network
Lightning NetworkLightning Network
Lightning NetworkFelix Crisan
 
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)
Ethereum VM and DSLs for Smart Contracts (updated on May 12th 2015)Zvi Avraham
 
Bitcoin: money of the future
Bitcoin: money of the futureBitcoin: money of the future
Bitcoin: money of the futureSergei Tikhomirov
 
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contractsOWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contracts
OWASP Poland Day 2018 - Damian Rusinek - Outsmarting smart contractsOWASP
 
Intro to Blockchain - And, by the way, what the heck is proof-of-work?
Intro to Blockchain - And, by the way, what the heck is proof-of-work?Intro to Blockchain - And, by the way, what the heck is proof-of-work?
Intro to Blockchain - And, by the way, what the heck is proof-of-work?Jim Flynn
 
Blockchain - a basic overview
Blockchain - a basic overviewBlockchain - a basic overview
Blockchain - a basic overviewSyed Rakib Al Hasan
 
Intro to Blockchain Slides
Intro to Blockchain SlidesIntro to Blockchain Slides
Intro to Blockchain SlidesShannon Wells
 
Miner lock
Miner lockMiner lock
Miner lockJosephDavisui
 
CBGTBT - Part 6 - Transactions 102
CBGTBT - Part 6 - Transactions 102CBGTBT - Part 6 - Transactions 102
CBGTBT - Part 6 - Transactions 102Blockstrap.com
 
CBGTBT - Part 4 - Mining
CBGTBT - Part 4 - MiningCBGTBT - Part 4 - Mining
CBGTBT - Part 4 - MiningBlockstrap.com
 
Introduction to Lightning Network
Introduction to Lightning NetworkIntroduction to Lightning Network
Introduction to Lightning NetworkAlan Carbery
 
Cryptocurrencies 101 v5 public
Cryptocurrencies 101 v5 publicCryptocurrencies 101 v5 public
Cryptocurrencies 101 v5 publicBrett Colbert
 
Academic Ethereum
Academic EthereumAcademic Ethereum
Academic Ethereumgavofyork
 
Blockchain technology
Blockchain technologyBlockchain technology
Blockchain technologyAbhilash Kumar Aryavanshi
 
Introduction to blockchain and cryptocurrency technologies
Introduction to blockchain and cryptocurrency technologiesIntroduction to blockchain and cryptocurrency technologies
Introduction to blockchain and cryptocurrency technologiesPaweł Wacławczyk
 
CBGTBT - Part 5 - Blockchains 102
CBGTBT - Part 5 - Blockchains 102CBGTBT - Part 5 - Blockchains 102
CBGTBT - Part 5 - Blockchains 102Blockstrap.com
 
Bitcoin - Beyond the basics
Bitcoin - Beyond the basicsBitcoin - Beyond the basics
Bitcoin - Beyond the basicsChris DeRose
 
Capital management services- How does cryptocurrency mining work
Capital management services- How does cryptocurrency mining workCapital management services- How does cryptocurrency mining work
Capital management services- How does cryptocurrency mining workCapital Management Services
 
CBGTBT - Part 3 - Transactions 101
CBGTBT - Part 3 - Transactions 101CBGTBT - Part 3 - Transactions 101
CBGTBT - Part 3 - Transactions 101Blockstrap.com
 
Blockchain presentation
Blockchain presentationBlockchain presentation
Blockchain presentationKouTon
 
Ethereum Contracts - Coinfest 2015
Ethereum Contracts - Coinfest 2015Ethereum Contracts - Coinfest 2015
Ethereum Contracts - Coinfest 2015Rhea Myers
 
Bitcoin
BitcoinBitcoin
BitcoinPuneet Kumar
 
Introduction to Ethereum
Introduction to EthereumIntroduction to Ethereum
Introduction to EthereumArnold Pham
 
Introduction into blockchains and cryptocurrencies
Introduction into blockchains and cryptocurrenciesIntroduction into blockchains and cryptocurrencies
Introduction into blockchains and cryptocurrenciesSergey Ivliev
 
Bitcoin
Bitcoin Bitcoin
Bitcoin Jas Chhabra
 
Smart contracts in Solidity
Smart contracts in SoliditySmart contracts in Solidity
Smart contracts in SolidityFelix Crisan
 
CRYPTO CURRENCY-2022OD205.pdf
CRYPTO CURRENCY-2022OD205.pdfCRYPTO CURRENCY-2022OD205.pdf
CRYPTO CURRENCY-2022OD205.pdfJESUNPK
 
bitcoin
bitcoinbitcoin
bitcoinAasimRasheed3
 

More Related Content

What's hot

Intro to Blockchain Slides
Intro to Blockchain SlidesIntro to Blockchain Slides
Intro to Blockchain SlidesShannon Wells
 
CBGTBT - Part 6 - Transactions 102
CBGTBT - Part 6 - Transactions 102CBGTBT - Part 6 - Transactions 102
CBGTBT - Part 6 - Transactions 102Blockstrap.com
 
CBGTBT - Part 4 - Mining
CBGTBT - Part 4 - MiningCBGTBT - Part 4 - Mining
CBGTBT - Part 4 - MiningBlockstrap.com
 
Introduction to Lightning Network
Introduction to Lightning NetworkIntroduction to Lightning Network
Introduction to Lightning NetworkAlan Carbery
 
Cryptocurrencies 101 v5 public
Cryptocurrencies 101 v5 publicCryptocurrencies 101 v5 public
Cryptocurrencies 101 v5 publicBrett Colbert
 
Academic Ethereum
Academic EthereumAcademic Ethereum
Academic Ethereumgavofyork
 
Introduction to blockchain and cryptocurrency technologies
Introduction to blockchain and cryptocurrency technologiesIntroduction to blockchain and cryptocurrency technologies
Introduction to blockchain and cryptocurrency technologiesPaweł Wacławczyk
 
CBGTBT - Part 5 - Blockchains 102
CBGTBT - Part 5 - Blockchains 102CBGTBT - Part 5 - Blockchains 102
CBGTBT - Part 5 - Blockchains 102Blockstrap.com
 
Bitcoin - Beyond the basics
Bitcoin - Beyond the basicsBitcoin - Beyond the basics
Bitcoin - Beyond the basicsChris DeRose
 
Capital management services- How does cryptocurrency mining work
Capital management services- How does cryptocurrency mining workCapital management services- How does cryptocurrency mining work
Capital management services- How does cryptocurrency mining workCapital Management Services
 
CBGTBT - Part 3 - Transactions 101
CBGTBT - Part 3 - Transactions 101CBGTBT - Part 3 - Transactions 101
CBGTBT - Part 3 - Transactions 101Blockstrap.com
 
Blockchain presentation
Blockchain presentationBlockchain presentation
Blockchain presentationKouTon
 
Ethereum Contracts - Coinfest 2015
Ethereum Contracts - Coinfest 2015Ethereum Contracts - Coinfest 2015
Ethereum Contracts - Coinfest 2015Rhea Myers
 
Introduction to Ethereum
Introduction to EthereumIntroduction to Ethereum
Introduction to EthereumArnold Pham
 
Introduction into blockchains and cryptocurrencies
Introduction into blockchains and cryptocurrenciesIntroduction into blockchains and cryptocurrencies
Introduction into blockchains and cryptocurrenciesSergey Ivliev
 
Smart contracts in Solidity
Smart contracts in SoliditySmart contracts in Solidity
Smart contracts in SolidityFelix Crisan
 

What's hot (20)

Intro to Blockchain Slides
Intro to Blockchain SlidesIntro to Blockchain Slides
Intro to Blockchain Slides
 
Miner lock
Miner lockMiner lock
Miner lock
 
CBGTBT - Part 6 - Transactions 102
CBGTBT - Part 6 - Transactions 102CBGTBT - Part 6 - Transactions 102
CBGTBT - Part 6 - Transactions 102
 
CBGTBT - Part 4 - Mining
CBGTBT - Part 4 - MiningCBGTBT - Part 4 - Mining
CBGTBT - Part 4 - Mining
 
Introduction to Lightning Network
Introduction to Lightning NetworkIntroduction to Lightning Network
Introduction to Lightning Network
 
Cryptocurrencies 101 v5 public
Cryptocurrencies 101 v5 publicCryptocurrencies 101 v5 public
Cryptocurrencies 101 v5 public
 
Academic Ethereum
Academic EthereumAcademic Ethereum
Academic Ethereum
 
Blockchain technology
Blockchain technologyBlockchain technology
Blockchain technology
 
Introduction to blockchain and cryptocurrency technologies
Introduction to blockchain and cryptocurrency technologiesIntroduction to blockchain and cryptocurrency technologies
Introduction to blockchain and cryptocurrency technologies
 
CBGTBT - Part 5 - Blockchains 102
CBGTBT - Part 5 - Blockchains 102CBGTBT - Part 5 - Blockchains 102
CBGTBT - Part 5 - Blockchains 102
 
Bitcoin - Beyond the basics
Bitcoin - Beyond the basicsBitcoin - Beyond the basics
Bitcoin - Beyond the basics
 
Capital management services- How does cryptocurrency mining work
Capital management services- How does cryptocurrency mining workCapital management services- How does cryptocurrency mining work
Capital management services- How does cryptocurrency mining work
 
CBGTBT - Part 3 - Transactions 101
CBGTBT - Part 3 - Transactions 101CBGTBT - Part 3 - Transactions 101
CBGTBT - Part 3 - Transactions 101
 
Blockchain presentation
Blockchain presentationBlockchain presentation
Blockchain presentation
 
Ethereum Contracts - Coinfest 2015
Ethereum Contracts - Coinfest 2015Ethereum Contracts - Coinfest 2015
Ethereum Contracts - Coinfest 2015
 
Bitcoin
BitcoinBitcoin
Bitcoin
 
Introduction to Ethereum
Introduction to EthereumIntroduction to Ethereum
Introduction to Ethereum
 
Introduction into blockchains and cryptocurrencies
Introduction into blockchains and cryptocurrenciesIntroduction into blockchains and cryptocurrencies
Introduction into blockchains and cryptocurrencies
 
Bitcoin
Bitcoin Bitcoin
Bitcoin
 
Smart contracts in Solidity
Smart contracts in SoliditySmart contracts in Solidity
Smart contracts in Solidity
 

Similar to Bitcoin

CRYPTO CURRENCY-2022OD205.pdf
CRYPTO CURRENCY-2022OD205.pdfCRYPTO CURRENCY-2022OD205.pdf
CRYPTO CURRENCY-2022OD205.pdfJESUNPK
 
Blockchain and Bitcoin.pptx
Blockchain and Bitcoin.pptxBlockchain and Bitcoin.pptx
Blockchain and Bitcoin.pptxssuser3ab054
 
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad SarangNinad Sarang
 
Connecting The Block Cointelligence Academy by Dr Vince Ming
Connecting The Block Cointelligence Academy by Dr Vince MingConnecting The Block Cointelligence Academy by Dr Vince Ming
Connecting The Block Cointelligence Academy by Dr Vince MingCointelligence
 
Economías criptográficas
Economías criptográficasEconomías criptográficas
Economías criptográficasnavajanegra
 
The Bitcoin blockchain (en)
The Bitcoin blockchain (en)The Bitcoin blockchain (en)
The Bitcoin blockchain (en)Davide Carboni
 
Blockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challengesBlockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challengesSébastien Tandel
 
Introduction to Bitcoin for programmers
Introduction to Bitcoin for programmersIntroduction to Bitcoin for programmers
Introduction to Bitcoin for programmersWojciech Langiewicz
 
BCHGraz - Meetup #8 - Intro & Ethereum
BCHGraz - Meetup #8 - Intro & Ethereum BCHGraz - Meetup #8 - Intro & Ethereum
BCHGraz - Meetup #8 - Intro & EthereumBlockchainHub Graz
 
A research-oriented introduction to the cryptographic currencies (starting wi...
A research-oriented introduction to the cryptographic currencies (starting wi...A research-oriented introduction to the cryptographic currencies (starting wi...
A research-oriented introduction to the cryptographic currencies (starting wi...vpnmentor
 
Bitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docx
Bitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docxBitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docx
Bitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docxjasoninnes20
 
Can we safely adapt the construction of permissionless blockchain to user dem...
Can we safely adapt the construction of permissionless blockchain to user dem...Can we safely adapt the construction of permissionless blockchain to user dem...
Can we safely adapt the construction of permissionless blockchain to user dem...I MT
 
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Svetlin Nakov
 
Blockchain and Bitcoin
Blockchain and BitcoinBlockchain and Bitcoin
Blockchain and BitcoinKeenan Olsen
 
bitcoin.pdf
bitcoin.pdfbitcoin.pdf
bitcoin.pdfkikofx
 

Similar to Bitcoin (20)

CRYPTO CURRENCY-2022OD205.pdf
CRYPTO CURRENCY-2022OD205.pdfCRYPTO CURRENCY-2022OD205.pdf
CRYPTO CURRENCY-2022OD205.pdf
 
bitcoin
bitcoinbitcoin
bitcoin
 
15-Bitcoin.pptx
15-Bitcoin.pptx15-Bitcoin.pptx
15-Bitcoin.pptx
 
Blockchain and Bitcoin.pptx
Blockchain and Bitcoin.pptxBlockchain and Bitcoin.pptx
Blockchain and Bitcoin.pptx
 
01 what is blockchain
01 what is blockchain01 what is blockchain
01 what is blockchain
 
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
14 Jan17- Nullmeets -Blockchain concept decoded by Ninad Sarang
 
Bitcoin Talk at Rainbow
Bitcoin Talk at RainbowBitcoin Talk at Rainbow
Bitcoin Talk at Rainbow
 
Bitcoin
BitcoinBitcoin
Bitcoin
 
Connecting The Block Cointelligence Academy by Dr Vince Ming
Connecting The Block Cointelligence Academy by Dr Vince MingConnecting The Block Cointelligence Academy by Dr Vince Ming
Connecting The Block Cointelligence Academy by Dr Vince Ming
 
Economías criptográficas
Economías criptográficasEconomías criptográficas
Economías criptográficas
 
The Bitcoin blockchain (en)
The Bitcoin blockchain (en)The Bitcoin blockchain (en)
The Bitcoin blockchain (en)
 
Blockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challengesBlockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challenges
 
Introduction to Bitcoin for programmers
Introduction to Bitcoin for programmersIntroduction to Bitcoin for programmers
Introduction to Bitcoin for programmers
 
BCHGraz - Meetup #8 - Intro & Ethereum
BCHGraz - Meetup #8 - Intro & Ethereum BCHGraz - Meetup #8 - Intro & Ethereum
BCHGraz - Meetup #8 - Intro & Ethereum
 
A research-oriented introduction to the cryptographic currencies (starting wi...
A research-oriented introduction to the cryptographic currencies (starting wi...A research-oriented introduction to the cryptographic currencies (starting wi...
A research-oriented introduction to the cryptographic currencies (starting wi...
 
Bitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docx
Bitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docxBitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docx
Bitcoin A Peer-to-Peer Electronic Cash SystemSatoshi Naka.docx
 
Can we safely adapt the construction of permissionless blockchain to user dem...
Can we safely adapt the construction of permissionless blockchain to user dem...Can we safely adapt the construction of permissionless blockchain to user dem...
Can we safely adapt the construction of permissionless blockchain to user dem...
 
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
Consensus Algorithms - Nakov @ jProfessionals - Jan 2018
 
Blockchain and Bitcoin
Blockchain and BitcoinBlockchain and Bitcoin
Blockchain and Bitcoin
 
bitcoin.pdf
bitcoin.pdfbitcoin.pdf
bitcoin.pdf
 

Recently uploaded

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 

Recently uploaded (20)

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 

Bitcoin

  • 1. BITCOIN: A P2P ELECTRONIC CASH SYSTEM Satoshi Nakamoto
  • 2. OnlineTransactions ■ Physical cash – Non-traceable (mostly) – Secure (mostly) – Low inflation ■ Can’t be used online directly  Electronic credit or debit transactions  Bank sees all transactions  Merchants can track/profile customers
  • 3. E-Cash ■ Secure ■ Low inflation ■ Privacy-preserving
  • 4. E-Cash Crypto Protocols  Chaum82: blind signatures for e-cash  Chaum88: retroactive double spender identification  Brandis95: restricted blind signatures  Camenisch05: compact offline e-cash ■ Various practical issues: – Need for trusted central party – Computationally expensive – Etc.
  • 5. Bitcoin ■ Proposed by Satoshi Nakamoto, 2008 ■ A distributed, decentralized digital currency system ■ Effectively a bank run by an ad hoc network – A distributed transaction log
  • 6. Public & Private key: Encryption & Decryption ■ Key pair generation Message Encrypted Message Message Privat e Key Public Key Encryption Decryption
  • 7. Public & Private key: Digital signature &Verification ■ Keys work inversely Message Message HashValue Signed Message Hash Privat e Key Sign Message HashValue Public Key Message Message HashValue Compose Verify (Encrypt) (Decrypt) Hash
  • 8. Bitcoin ■ Electronic coin = chain of digital signatures ■ Bitcoin transfer: – message = Previous transaction + payee’s public key – Ownership verification – Sign[Hash(message)] with Payer’s private key Alice gets 5 BTC fromTx 0, and wants to sent it to Bob Tx 0 Bob’s Public Key Hash Alice’s Signature Alice’s Private Key Sign Tx 1 Alice’s Public Key Verify
  • 10. Transaction (cont.) ■ Input: – Multiple inputs allowed – Refer to an output from previousTx – Special: generation transaction ■ Output: at most 2 – One for payment – One for change (return to payer) In Out Out 12.5 BTC In In In Out 0.5 BTC 0.1 BTC 0.2 BTC 0.8 BTC In (Gen) Out 12 BTC Tx 1 Tx 0 Tx 2
  • 11. Double-spending ■ Payee cannot verify whether the payer double-spent the coin ■ Common solution: introduce trusted central authority (3rd party) ■ What about BTC? Mint Each transaction: A B return issue Only trust money from mint Check money
  • 12. Avoid double-spending ■ Be aware of all transactions: publicly announce them! ■ Need a system agreed on a single history. ■ Each node (miner) verifies validity ofTxs. ■ Include validTxs into a block, attach it to the current chain.
  • 13. Proof-of-Work ■ Pick a random node in proportion to some resource that no one can monopolize. ■ Proof ofWork: – in proportion to computing power. – Nodes compete for right to create a block – Make it relatively hard to create new blocks ■ Proof of Stake: in proportion to ownership.
  • 14. Proof-of-Work ■ Cryptographic Hash Functions – Consistent: hash(X) always yields same result – One-way: givenY, hard to find X s.t. hash(X) =Y – Collision resistant: given hash(W) = Z, hard to find X s.t. hash(X) = Z ■ SHA-256 is used for PoW.
  • 15. Proof-of-Work ■ Block:Txs + Prev Hash ■ Find a nonce such that Hash(Txs, prev hash, nonce) < E – Find a hash value whose leading bits are zero – The work is exponential in the number of zero bits required ■ Hard to find, easy to verify.
  • 16.
  • 17. PoW Properties ■ Difficult to compute! – Only miners bother to compete – Say 1020 hashes per block (in August 2014) ■ Cost is parameterizable – Recalculate the target space every 2 weeks so amount of work to find a block increases. – Prob (Alice wins next block) = fraction of global hash power she controls ■ Key Security Assumption – Majority of miners weighted by hash power are honest
  • 18. Block chain ■ A distributed timestamp server on a peer-to-peer basis ■ Longest chain – Has the greatest proof-of-work effort invested in it – Represent majority decision (One-CPU-one-vote)
  • 19. Tie breaking ■ Two nodes may find a correct block simultaneously. – Keep both and work on the first one – If one grows longer than the other, switch to work on the longer one
  • 20. Bitcoin Network ■ Each P2P node runs the following algorithm: 1. New transactions are broadcast to all nodes. 2. Each node (miners) collects new transactions into a block. 3. Each node works on finding a proof-of-work for its block. 4. When a node finds a proof-of-work, it broadcasts the block to all nodes. 5. Nodes accept the block only if all transactions in it are valid (digital signature checking) and not already spent (check all the transactions). 6. Nodes express their acceptance by working on creating the next block in the chain, using the hash of the accepted block as the previous hash.
  • 21. Reverting is Hard ■ Reverting gets exponentially hard as the chain grows. 1. Modify the transaction (revert, change the payer, etc.) 2. Recompute nonce 3. Recompute the next nonce
  • 22. 51% Attack ■ The attacker with >= half of all the computation power can succeed. ■ Gambler’s Ruin problem 0 1 2 3 P(right) = p P(left) = 1-p = q P(n) = P(1)n (prob. that move from n to 0) cliff P(1) = 1-p+p*P(2) P(2) = P(1)2 P(1) = (1-p)/p = q/p p<=0.5, then P(1)>=1 p>0.5, P(1)<1, the larger n, the safer
  • 23. 51% Attack (cont.) ■ BTC: if attacker is behind the longest chain by z blocks ■ Actually, 50% will do… (as long as p<= 0.5, P(1)>=1) ■ If honest is the majority: the larger the z, the safer 0 z … z+1 honest node (p) attacker node (q)
  • 24. Vanishing chance ■ Simulation result: P(Attacker succeed) drop off exponentially with z
  • 25. Practical Limitation ■ At least 10 mins to verify a transaction. – Agree to pay. – Wait for 1 block (10 mins) for the transaction to go through. – But for a large transaction ($$$) wait longer. ■ More block attached, more secure ■ For large $$$, wait for 6 blocks (1 hour).
  • 26. Incentives ■ For miners – N new BTC reward for each new block ■ N starts from 50, halved every 210k blocks (~4 yrs) ■ Total BTC amount will not exceed 21 million – Transaction fees ■ Encourage nodes to stay honest – Attacker succeed when >= 50% CPU power – Find more profit when playing by the rules
  • 27. Privacy ■ Anonymous public key ■ A new key pair for each transaction – Avoid linking to a common owner
  • 28. A final word… ■ Distributed currencies are good or bad? ■ A future world without governments Q&A
  • 29. Optimizations ■ MerkleTree (Hash tree) – Block header only contains the root hash – Block header is about 80 bytes – 80 bytes * 6 per/hr * 24 hrs * 365 = 4.2 MB/year
  • 30. Simplified payment verification ■ Get the longest proof-of-work chain. ■ Query the block thatTx3 is in. ■ Only need Hash01 and Hash2 to verify. VerifyTx3
  • 31. Reclaiming Disk Space ■ Prune spent transactions – A leaf (Tx) can be pruned when all of its outputs have been spent.

Editor's Notes

  1. Ownership verification: when Bob wants to spend the money, other’s will use Alice’s public key to verify this transaction
  2. Block contains transactions to be validated and previous hash value. Pick a nonce such that H(prev hash, nonce, Tx) < E. E is a variable that the system specifies. Basically, this means to finding a hash value who’s leading bits are zero. The work required is exponential in the number of zero bits required. the proof-of-work difficulty is determined by a moving average targeting an average number of blocks per hour. If they're generated too fast, the difficulty increases. (Remain the same average speed even the computation power becomes higher and higher) ~1 block/10mins It’s hard to find the nonce value satisfy the requirement, but once found, it can be easily verified by other nodes (just doing the hash) due to the asymmetry property of hash functions. Anybody can verify that a miner has computed the nonce
  3. Majority decision making: one-CPU-one-vote Majority computation power controlled by honest nodes, then honest chain grow fastest Nodes work on the longest chain
  4. 1. But in reality, new transaction broadcasts do not necessarily need to reach all nodes. As long as they reach many nodes, they will get into a block before long. 4. Block broadcasts are also tolerant of dropped messages. If a node does not receive a block, it will request it when it receives the next block and realizes it missed one.
  5. Probability of a slower attacker catching up diminishes exponentially as subsequent blocks are added.
  6. Slow
  7. The traditional banking model achieves a level of privacy by limiting access to information to the parties involved and the trusted third party. The necessity to announce all transactions publicly precludes this method, but privacy can still be maintained by breaking the flow of information in another place: by keeping public keys anonymous. The public can see that someone is sending an amount to someone else, but without information linking the transaction to anyone. Some linking is still unavoidable with multi-input transactions, which necessarily reveal that their inputs were owned by the same owner. The risk is that if the owner of a key is revealed, linking could reveal other transactions that belonged to the same owner.
  8. Depends on who’s using it! Crime is bad! Tax evasion is bad! But sometimes governments are bad too!
  9. Any user can verify a transaction easily by asking a node. Only need Hash01 and Hash2 to verify; not the entire transactions.