Ivan Voras
Ivan Voras is a freelancer and entrepreneur, proud of the breadth of the projects under his belt, and those span from Bitcoin and blockchain technologies, to hardware solutions for Internet of Things devices.
Toptal academy Blockchain lectures #2
2018-02-26
ivan.voras@toptal.com
Who is Satoshi? -- a guy from the forums...
?
?
?
?
?
?
https://bitcointalk.org/index.php?action=profile;u=3
Cryptocurrencies before Bitcoin:
In Bitcoin, known algorithms were combined in a new way,
sometime around 2008.
"The receiver of the first bitcoin transaction was cypherpunk Hal Finney, who created the first reusable proof-of-work system (RPOW) in 2004.[34] Finney downloaded the bitcoin software the day it was released, and received 10 bitcoins from Nakamoto.[35][36] Other early cypherpunk supporters were Wei Dai, creator of bitcoin predecessor b-money, and Nick Szabo, creator of bitcoin predecessor bit gold.[37]"
Proof of Work: the user (in a general way) does some hard computational work to prove his eligibility to the service provider,
which is trivially easy to verify by that provider.
For example:
Homework
f064b8b61422a3456cb273a474a1fb0cabb04200a6a82a9426bd01f56c97fbf8c4ef58634fd5cf21af29e7db3406de4f886fe71408696789f853af9932a84b79
Be careful! Everything we're talking about here is about binary data, not hexadecimal representation of binary data
(or any other representation).
Reusable Proof of Work: instead of making every single client do the computationally complex work, make only some of them do it and "trade" the results.
--> RPoW = cryptocurrency <--
This is how Bitcoin works: miners do the hard work, "earn" coins in return, and then trade them so everyone else exchanges pieces of the "earned" effort.
A solution for having an unknown number of participants in the network all agreeing on what is going on: the blockchain.
--> RPoW + Blockchain = Bitcoin <--
RPoW is implemented by using ECC (elliptic curve cryptography).
Transactions within the blockchain are also chained.
TX 1000:
Inputs: ...
Outputs:
TX 2341:
Inputs:
Outputs:
...
Miners, and every other node, check that the new transaction is signed with the private key which "owns" the address which the previous transaction said can spend the coins.
This is "change", returning
to the same wallet
"UTXO": unspent transaction output
ECDSA
signature
Public keys are included with each transaction input to verify that the creator of the transaction can spend them. The process looks like this:
There's a small programming language which actually does transaction verification in Bitcoin, it's called "Script".
Because of Script, Bitcoin can support multiple types of transactions, whatever the "Script" language can execute:
Big limitation: "Script" is deliberately very simple,
not even Turing complete, so no "smart contracts" here.
As incentives for the miners to include transactions in their blocks, there are "fees".
Basically, the miner fee is the sum of all coins referenced as inputs but not spent as outputs in all transactions in the block.
Input 1: 0.5 BTC
Input 2: 0.2 BTC
Output 1: 0.6 BTC
Fee: 0.1 BTC
(implicit)
(recorded in tx)
Homework
Using a service like https://blockchain.info, inspect the structure of the following transactions, including their scripts:
4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b a1075db55d416d3ca199f55b6084e2115b9345e16c5cf302fc80e9d5fbf5d48d 3a1b9e330d32fef1ee42f8e86420d2be978bbe0dc5862f17da9027cf9e11f8c4 1c12443203a48f42cdf7b1acee5b4b1c1fedc144cb909a3bf5edbffafb0cd204 930a2114cdaa86e1fac46d15c74e81c09eee1d4150ff9d48e76cb0697d8e1d72
So "blocks" contain a list of transactions (which the miner has picked to include in their block), the block header contains a hash of the transaction's hashes (i.e. the "Merkle root"), and the block header is "mined" so that its hash looks like this:
000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f
Among other data, the header contains a field called "nonce". It is a 32-bit integer which has no other use except that it can be adjusted in a way so that the hash of the header meets
the requirements for mining difficulty.
Example mining difficulty: "the hash must start with 43 zero bits"
...data...
nonce
...data...
hash f(x)
000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f
Homework
There is a data structure defined as:
struct blockheader { payload char[16]; nonce uint32; timestamp uint32; };
There is an instance of this data structure initialised like this:
bh.payload = "Hello, World!xx\0" bh.timestamp = 1519640946
(i.e. the payload is an ASCII string with a 0-byte terminator)
Homework
Your task is to find a value for nonce so that the SHA256 hash of the instance of the data structure as described on a previous slide starts with 23 bits which are all 0.
Notes:
All the miners in the world are competing to calculate the "current" block in the blockchain. Regularly, multiple miners calculate the "same" block.
The consensus rule is: the longest chain wins.
Proof of Work in Bitcoin serves 2 main purposes:
Many things in Bitcoin are probabilistic - "will probably happen":
Though at least the crypto parts are usually with probability of
1/(2^256)
Bitcoin's code dates from 2008...
~/.bitcoin ├── blocks │ └── index ├── chainstate └── database
As an optimisation, the blockchain node only needs to keep an index of unspent transactions to verify that new blocks are acceptable.
For each block, transactions which are spent are removed from the list of unspent transactions, new ones are added.
Normally, (without starting bitcoind with -txindex), there is
no way to get data on random transactions in the blockchain by using the built-in functionalities.
(you can read it externally e.g. with
https://github.com/toidi/pyblockchain)
Today, Bitcoin's blockchain is around 145 GB in size.
With all the auxiliary data, including the txindex, it's 183 GB.
When imported to a SQL database, with added indexes to quickly access all transactions and addresses, it climbs to 700 GB.
Blockchain data itself does not compress very well, because addresses, public keys and signatures are random-like.
A 128 MB file from the blocks/ folder
compresses to around 101 MB with xz.
Transactions are expensive (in terms of miner fees) and take a long time (block time: 10 minutes + waiting for confirmations).
The blockchain's size grows.
Increasing both the block size and the number of blocks created per unit of time increases the blockchain size
and complicates mining.
Some alternatives:
Lightning, Braided PoW, Tangle, (D)PoS, Sharding
Some of the reasons for forking:
Bitcoin and other cryptocurrencies are open source because they are security-sensitive:
users need to trust the implementation.
This makes them easy to fork.
ivan.voras@toptal.com
Blockchain lecture #2: The Bitcoin blockchain
February 2018
By Ivan Voras
The structure of the Bitcoin blockchain. The structure of blocks, transactions, file structures. The Script language for transactions. How are transactions validated and accepted. How PoW mining works.
Ivan Voras is a freelancer and entrepreneur, proud of the breadth of the projects under his belt, and those span from Bitcoin and blockchain technologies, to hardware solutions for Internet of Things devices.