1. Bitcoin is a digital currency that exists on a distributed network, not controlled by any central authority. It uses cryptography and a public ledger called the blockchain to record transactions. 2. Users can transfer bitcoin to each other via digital signatures to authorize transactions without revealing their identities. The network checks that funds are available before allowing transfers to prevent double spending. 3. Miners on the network validate transactions by competing to solve computational puzzles and add verified transactions to the blockchain. Solving a puzzle first earns the miner a reward of new bitcoins, providing an incentive to secure the network.

1. How to explain Bitcoin
to your mother?
@philippecamacho

2. Distributed System,
Open Source, Digital
Signatures, Collision-
Resistant Hash
Functions, Broadcast
transactions, Merkle
trees,…
Very interesting…
I can send bitcoin via
email right?
Me My mother

3. Maybe my
explanation
was not very
clear…

4. (Let’s do it again)
What is
Bitcoin?

5. Bitcoin
 It’s like gold expect that it’s digital
 No central authority controls the coins
 Limited number of bitcoins (btc)
 You can keep it or transfer it
 You don’t have to reveal your identity

6. Hum… Looks nice,
but how does it work?

8. Solution 0
Example: Linden Dollars

9. I control everything.

10. Fix #1
Bitcoin is a distributed protocol and is open source.

11. Solution 1
1 BTC
2 BTC
1 BTC

12. Great!
I can spend my bitcoins as many times as I want !
(double spending)

13. Fix #2
 The network shares a transaction book

14. Solution 2
Origin Destination Amount
Homer Lisa 1 BTC
Homer Bart 2 BTC
Lisa Bart 1 BTC
… … …
The network checks
that an account is
funded before
allowing a new
transfer.

15. As every transaction is public,
the identity of user is revealed.
Nobody will want to use such a system!

16. Fix #3
 Replace user id by some random number.

17. Solution 3
Origin Destination Amount
HHY67J81 JH89HF8M 1 BTC
HHY67J81 LAU4V6UU 2 BTC
JH89HF8M LAU4V6UU 1 BTC
… … …
Note that any user
can create multiple
accounts.

18. Every account id is public, thus I can transfer money
from an account that is not mine.

19. Fix #4: Digital Signatures
Private Key Public Key
= Bart’s address
SignMessage
Signature

20. Signature
Fix #4: Digital Signatures
Accept /
Reject
Verify

21. Fix #4: Digital Signatures
Non-repudiation Unforgeability
(You can’t sign in Bart’s name)

22. Solution 4
Origin Destination Amount Signature
HHY67J81 JH89HF8M 1 BTC Djsh767
HHY67J81 LAU4V6UU 2 BTC 8988dd
JH89HF8M LAU4V6UU 1 BTC djDhd7n
… … …
Every bitcoin address
corresponds to the
public key.
Message

23. I can still do very bad things…
What about publishing a wrong history of transactions…

24. Things get a bit more complicated…
Name: Shafi Goldwasser
Profession: Computer scientist at MIT
Speciality: Cryptography
Other: Turing Award (march 2013)
Your mother

25. FIX #5: Cryptographic Hash Functions
H
01110001110001110
10001010100010010
00110101010010110
01100111100011100
10000101000101110
11011010110100111
Huge input
Fixed sized output
(e.g. 256 bits)

26. FIX #5: Cryptographic Hash Functions
 Security properties
 One-way
 Given the output y it’s hard
to compute some input x
such that H(x) = y
 Collision-Resistant
 It’s hard to find two different
values x,x’ such that
H(x)=H(x’)

27. Solution 5
HH H
Tx1;
Tx2;
Tx3…
Initial value of
the chain:
coinbase
Tx34;
Tx35;
Tx36…
Tx54;
Tx55;
Tx56…
Block of
transactions
Block chain
…

28. Who computes the next block?

29. Proof of work
00000
00001
00010
00011
00100
00101
00110
00111
01000
01001
01010
01011
01100
01101
01110
01111
10000
10001
10010
10011
10100
10101
10110
10111
11000
11001
11010
11011
11100
11101
11110
11111
H1001101|| x 000||10
Find the nonce x such
that the output starts
with 3 zeros.
The only way (*) to
compute the nonce such
that the ouput starts with 𝒏
zeros is to try with roughly
𝟐 𝒏 hash values
(*) If you find a better way you may (1) get rich, (2) be famous (Turing award), or (3) both.

30. Solution 5
 The first node that manages to
solve the computational puzzle
(nonce) wins the block.
 The network extends the chain
from the newly computed block
 The network always choose the
largest chain
Damned!
I need to control 51%
of the network….

31. Nice in theory but why would
people waste their CPU cycles?

32.  The winner of a block is rewarded 25 BTC
by the network
(BTW, this is how bitcoins are created)
 This process is called mining.

33. 1 0-