Session 1 2 Blockchain v2.16
Session 1 2 Blockchain v2.16
Terminology
perspective of
BitCoin Availability
• Can I make a transaction anytime
I want?
Confidentiality
Authentication
Integrity
Non-repudiation
(3) Cryptographic Hash Function
Fixed Size
Message of arbitrary length Hash Fn Hash
21
Merkle Tree
Merkle Tree: How it works?
Merkle Tree: How it works?
Merkle Tree: How it works?
Merkle Tree: How it works?
Merkle Tree: How it works?
Merkle Tree
Merkle Tree in Blockchain: example
Chain of blocks in Blockchain: Linked List Type
Page 1 of ledger
• 30-06-2017: Mr. Ryan deposits 100 million.
• 25-07-2017: Mr. Ryan lends Ms. Thuy 10 million.
Block 1 Hash of block 0 • 31-07-2017: Ms. Thuy borrows 200 million.
Block 1
1 0000000000000000000000000000000000000000000000000000000000000000 [{Ryan:+100:2017/06/30},{Ryan:Thuy:10:2017/07/25},{Thuy:-200:2017/07/31}]
9b7bf677e5c344679b668d35fa3cd4b7ad6c7fd9bacfe23c0a62fa393ae8f607
Page 2 of ledger
• 31-07-2017: Mr. Jun deposits 1 million.
• 01-08-2017: Ms. Thuy sends 2 million to Mr. Jun
Block 2 Hash of block 1 • 20-09-2017: Mr. Ryan withdraw 1 million.
Block 2
2 9b7bf677e5c344679b668d35fa3cd4b7ad6c7fd9bacfe23c0a62fa393ae8f607 [{Jun:+1:2017/07/31},{Thuy:Jun:2:2017/08/01},{Ryan:-1:2017/09/20}]
Block 1
1 0000000000000000000000000000000000000000000000000000000000000000 [{Ryan:+100:2017/06/30},{Ryan:Thuy:10:2017/07/25},{Thuy:-200:2017/07/31}]
Block 2
2 9b7bf677e5c344679b668d35fa3cd4b7ad6c7fd9bacfe23c0a62fa393ae8f607 [{Jun:+1:2017/07/31},{Thuy:Jun:2:2017/08/01},{Ryan:-1:2017/09/20}]
Block 3
3 0c16a4af6f84f5b0771b6bcf0724914abc4cd8d2ca134d9fb746f0d18d95de84 [{Ryan:Khoa:2:2018/01/15},{Ryan:+3:2018/02/13}]
Block 4
4 f273a71c4f58543f3cf5fe2c9b5cbb9b6261461eaa47c9eb2c485e72ff679c7d [{Jun:Thuy:1:2018/05/12},{Khoa:+2:2018/06/01},{Ryan:-1:2018/07/31}]
Update data in block 2: June deposits 1 million → June deposits 150 million. Because:
- Block 3 contains hash (block 2) → need to recompute and update block 3
- Block 4 contains hash (block 3) → need to recompute and update block 4
- …..
- Block 1000 contains hash (block 999) → need to recompute and update block 1000……
- ….
How to use Bitcoin?
• To keep your “money”, you will need a
wallet
• A software
• Manage private key
• Just looks like your bank account password!
• Must keep secret
• Initiate bitcoin transactions
• 3 types of wallet
• Full node wallet: download whole
blockchain
• SPV wallet: download a part of blockchain
• Light wallet: no download
How Bitcoin works?
• Proof of work blockchain
• A block contains transactions, where each transaction has:
• Input
• Output
tx1 tx2
How Bitcoin works?
• Spent and Unspent output
• Spent output is output used in one other next transaction.
• Unspent output is not used yet
• New transaction can only be created with unspent output!! B sends bitcoin to C,
need an input of B!
Spent output 2 outputs of B in tx2
tx1 tx2 could not be used! and tx3 available
Spent output
Input: tx1–out1 Input: tx2–out1 Input: tx3–out2
Input: null
tx3 tx4
How Bitcoin works?
• Spent and Unspent output
• Spent output is output used in one other next transaction.
• Unspent output is not used yet
• New transaction can only be created with unspent output!! C has 8 coins and
Tx4-out1 is not wants to send 6 coins
enough, need to to D
use tx3-out1
tx1 tx2
BitCoins
• Validation
• Is the coin legit? (proof-of-work) → Use of Cryptographic Hashes
• How do you prevent a coin from double-spending? → Broadcast to all nodes
• Creation of a virtual coin
• How is it created in the first place? → Provide incentives for miners
• How do you prevent inflation? (What prevents anyone from creating lots of coins?)
→ Limit the creation rate of the BitCoins
Use of Cryptographic Hashes
Proof-of-work
Block contains transactions to be validated and previous hash value.
Pick a nonce such that H (prev hash, nonce, Tx) < E. E is a variable that the system specifies.
Basically, this amounts to finding a hash value who’s leading bits are zero. The work required is
exponential in the number of zero bits required.
Verification is easy. But proof-of-work is hard.
Preventing Double-spending
• The only way is to be aware of all transactions.
• Each node (miner) verifies that this is the first spending of the BitCoin
by the payer.
• Only when it is verified it generates the proof-of-work and attach it to
the current chain.
BitCoin Network
• Each P2P node runs the following algorithm [bitcoin]:
• New transactions are broadcast to all nodes.
• Each node collects new transactions into a block.
• Each node works on finding a proof-of-work for its block. (Hard to do.
Probabilistic. The one to finish early will probably win.)
• When a node finds a proof-of-work, it broadcasts the block to all nodes.
• Nodes accept the block only if all transactions in it are valid (digital signature
checking) and not already spent (check all the transactions).
• Nodes express their acceptance by working on creating the next block in the
chain, using the hash of the accepted block as the previous hash.
BitCoin Network: Tie breaking
• Two nodes may find a correct block simultaneously.
• Keep both and work on the first one
• If one grows longer than the other, take the longer one
• A node is just a computer that is running the program (Bitcoin, …). It is connected to
other computers (running the same program) to create a Network.
What does a node do?
• You can get your own copy of a genuine blockchain by downloading the original
blockchain client (like Bitcoin client,…).
• By keeping a copy of the blockchain and sharing it with other people on the network,
you make bitcoin stronger.
• If you’re a fan of bittorrent, you could think of yourself as seeding the blockchain.
Where is the blockchain file stored on my
computer?
• The blockchain is stored in files with names like this: blk00000.dat.
There’s also blk00001.dat, blk00002.dat, and so on. (It’s split in to
multiple files because it’s easier than working with one huge file.)
• Their location depends on what operating system you’re using:
▪ Linux
/home/[username]/.bitcoin/blocks/
▪ Windows
C:\Users\[username]\AppData\Roaming\Bitcoin\
▪ Mac
~/Library/Application Support/Bitcoin/
MINING
What is Mining?
• Mining is the process of adding transactions to the blockchain.
How does it work?
• Every node on the blockchain network shares information about new
transactions. They store these transactions in their memory pool.
• The memory pool is a node’s temporary storage area for transaction data.
Mining
• Each node also has the option to try and “mine” the transactions in their memory pool in
to a file. This file is a ledger of every bitcoin transaction, and it’s called the BLOCKCHAIN.
• You could think of the memory pool as “floating” transactions and the blockchain as
“archived” transactions.
• However, to add transactions from the memory pool to the blockchain, a node has to
use a lot of computer processing power.
• This processing power is forced through the existence of a challenge in the memory
pool.
What is this challenge?
• Imagine you’re a node. At any moment in time you can condense the
transactions in your memory pool in to a single “string” of numbers
and letters.
• This string represents all of the transactions in your memory pool.
• Now, your objective is to HASH this string with another number to try and get a new string that
begins with a certain number of zeros.
• The “certain number of zeros” comes from the difficulty. This is set by the network and changes
based on the volume of miners – the more people mining, the greater the difficulty and the more
zeros are needed at the start (which makes it harder to find a winning result).
• Most of the time you will get a result that isn’t even close.
▪ But if you keep going you may stumble upon a number that works.
▪ Now, this sounds easy enough, but it’s actually difficult. It’s utterly random, and you can only hope to find a
winning result through trial and error. And that’s what Mining is – lots of hashing (using lots of your
computer’s processing power) and hoping to get lucky.
• But if you are lucky enough to find a successful hash result, the transactions in
your memory pool get added to the blockchain, and every other node on the
network adds your block of transactions to their blockchain.
• You’ll also receive a 25BTC reward for your effort, as well as picking up any fees
that were tacked on to the transactions that you just added to the blockchain.
Why is Mining necessary?
• Why not add transactions directly to the blockchain?
• Because mining allows the entire Bitcoin Network to agree on which
transactions get “archived”, and this is how you prevent fraud in a
digital currency.
Why is Mining necessary?
• When you make a bitcoin transaction, nodes on the network do not
hear about it instantly. Instead, transactions travel across the
blockchain network by being passed from one node to the next.
Why is Mining necessary? Fraud?
• However, it’s actually possible to make another transaction using those same bitcoins and insert that transaction in to the network
too.
• For example, you could buy a beer with some bitcoins, then quickly attempt to buy a slice of pizza with those same bitcoins too.
• Some nodes would get the pizza transaction first (and ignore the beer transaction), whereas others would get the beer transaction
first (and ignore the pizza transaction).
• Yet even though you make the pizza transaction after the beer transaction, due to the way transactions travel across the Bitcoin
Network, the network would be in a disagreement about whether you should get the beer or the pizza.
So how does the network decide which transaction
to go with?
• Mining, of course.
• If a node on the network completes the challenge, then it’s the transactions in their memory pool that get
added to the blockchain.
• If a node with the pizza transaction successfully mines a block, then that’s the transaction that gets added to
the blockchain, and the beer transaction evaporates from the network.
• On the plus side, it only takes about 10 minutes for each new block of transactions to be added to the
blockchain, so you only need to wait 10 minutes for a confirmation that bitcoins have “arrived” at a new
address (and haven’t been sent to an alternative address).
Another benefit of Mining
• If you want to try and control the blocks (i.e. transactions) that get
added to the blockchain, you have to compete to solve block puzzles
with every other mining node on the bitcoin network.
• In other words, you need to have a computer with enough processing
power that is able to out-work the combined processing power of
every other bitcoin miner.
• Which is entirely possible – you just need to spend a few billion on
hardware and you’re good to go (although this figure increases with
every new miner who joins the network).
MEMORY POOL
MEMORY POOL
• The memory pool is a temporary storage area for transactions.
MEMORY POOL
• When a new transaction is received by a node, it will hold it in its
memory pool with all the other latest transactions it has received.
From here the transaction will be hoping to get selected for inclusion
in the candidate block.
Block
What is a block?
• A block is a bunch of transactions that have
been added to the blockchain.
• Blocks are formed by miners/validators.
• When you make a transaction, it isn’t
added to the blockchain straight away.
Instead, it is held in a TRANSACTION
POOL (or memory pool).
Candidate block
• Version: Describes the structure of the data inside the block. This is used so
that computers can read the contents of each block correctly.
• Last Block: An identification number for the previous block. We are trying
to get one of these for the current candidate block.
• Merkle Root (Transactions): All of the transactions inside the block hashed
together to form a single line of text. All of the fields are unique, but it
would be fair to think of this as the most significant part of the block
header.
• Time: The current time. Always handy.
• Target: A value that miners work with to try and add candidate block to the
blockchain. It is set by the bitcoin network, and will make more sense in a
moment.
Structure of Block
Structure of Block
Structure of Block
Merkle Root
• The Merkle Root is a field in the block header.
• The “Merkle root" acts as a representation of every transaction
included in the block.
How do you get a Merkle root?
• By repeatedly hashing together pairs of Transaction IDs until you end
up with a single hash as a result.
• Steps:
• Take each pair of Transaction IDs from the block, and hash them together
through SHA256 twice.
• Keep doing this for each pair Transaction IDs, until you end up with a new list
of hashes.
• Note: If you have an odd number of transactions, hash the remaining transaction with
itself.
• Repeat steps 1-2 for every new list of hashes you create until you finally end
up with one hash.
Why does bitcoin use the
Merkle root method?
(If miners were able to solve each block more quickly than expected; say 9 minutes per block for example, you’d
get a number like this)
▪ Each node then uses this number to adjust the difficulty for the next 2016 blocks:
• If 𝑛𝑒𝑤_𝑑𝑖𝑓𝑓𝑖𝑐𝑢𝑙𝑡𝑦 >1 (i.e. blocks were mined quicker than expected), the difficulty increases.
• If 𝑛𝑒w_difficulty <1 (i.e. blocks were mined slower than expected) the difficulty decreases.
• Every miner on the bitcoin network now works with this new difficulty for the next 2016 blocks.
• 0.25<=A(of difficulty)<= 4, prevent abrupt changes from one difficulty to the next.
How does the difficulty control time between blocks?
• There are now thousands of miners trying to find winning numbers, to ensure
that a winning number is found every 10 minutes (instead of every few seconds),
the range of successful numbers ends up being absolutely tiny.
• Even though that difficulty number looks big, the target is still absurdly difficult
to get under. It’s like a lottery.
Difficulty: Bitcoin example
• Because these target numbers are so big, computers prefer to work with them in
hexadecimal format.
• So the target is a hexadecimal value, and miners are trying to get a hexadecimal
hash value below the target.
Difficulty: Bitcoin example
Link:
https://blockexplorer.com/block/000000000003ba27aa200b1cecaad478d2b00432346c3f1f3986da1afd33e506
Difficulty: Bitcoin example
01000000017967a5185e907a25225574544c31f7b059c1a191d65b53dcc1554d
339c4f9efc010000006a47304402206a2eb16b7b92051d0fa38c133e67684ed0
64effada1d7f925c842da401d4f22702201f196b10e6e4b4a9fff948e5c5d71ec5
da53e90529c8dbd122bff2b1d21dc8a90121039b7bcd0824b9a9164f7ba09840
8e63e5b7e3cf90835cceb19868f54f8961a825ffffffff014baf2100000000001976
a914db4d1141d0048b1ed15839d0b7a4c488cd368b0e88ac00000000
Transaction:
c1b4e695098210a31fe02abffe9005cffc051bbe86ff33e173155bcbdc5821e3
Transaction
Data:
Structure
169e1e83e930853391bc6f35f605c6754cfead57cf8387639d3b4096c54f18f4
Where are TXIDs used?
1. Searching the blockchain.
• If you've just hashed some transaction data and want to search for a
TXID in the blockchain, you have to search for it in reverse byte order.
• txid (original):
169e1e83e930853391bc6f35f605c6754cfead57cf8387639d3b4096c5
4f18f4
• txid (searching):
f4184fc596403b9d638783cf57adfe4c75c605f6356fbc91338530e9831
e9e16
Where are TXIDs used?
2. Spending outputs.
You use a TXID when you want to use an existing output as an input in
a new transaction.
VOUT
• A vout is an index number for an output in a transaction.
VOUT: Usage
• You use a txid and a vout when you want to select an existing output as an
input in a new transaction.
• In programming, counting starts at 0. So if we want to use the first output
of an existing transaction, we put a vout of 0. (The second output would be
1.)
TRANSACTION: OUTPUTS
• The (bitcoin) transaction system involves sending and receiving whole
batches of bitcoins, called OUTPUTS.
• Outputs are packages of bitcoins created in a bitcoin transaction.
• Each output has a lock, which means that they can only be used as
an inputs in a future transaction by people who can unlock them.
How do Outputs work?
• After selecting Input(s) to spend, you can create as many Outputs
from them as you like.
• For each output you just:
▪ Give it a value. Every output has a value. You can create as many outputs as
you like, as long as their sum does not exceed the sum of the Inputs you are
spending.
How do Outputs work?
• Give it a lock. You also place locks on outputs when you create them
them.
• These locking scripts prevent other people from using these outputs
as inputs in another transaction (i.e. spending them). This locking
code is called a ScriptPubKey.
TRANSACTION: INPUT
• An input is what you call an output when you're spending it in a
transaction.
Input Field in Transaction Data
01000000017967a5185e907a25225574544c31f7b059c1a191d65b53dcc1554
d339c4f9efc010000006a47304402206a2eb16b7b92051d0fa38c133e67684ed
064effada1d7f925c842da401d4f22702201f196b10e6e4b4a9fff948e5c5d71ec
5da53e90529c8dbd122bff2b1d21dc8a90121039b7bcd0824b9a9164f7ba0984
08e63e5b7e3cf90835cceb19868f54f8961a825ffffffff014baf210000000000197
6a914db4d1141d0048b1ed15839d0b7a4c488cd368b0e88ac00000000
How do Inputs work?
1. Select an Output.
▪ When you want to use an output as an input for a transaction, you just need to
specify which one you want to spend.
▪ Every transaction has a unique TXID, so by using that with a specific output
number (VOUT), you can refer to any output in the blockchain.
▪ All you need is a txid and a vout and you can select any output from the
blockchain.
How do Inputs work?
2. Unlock it.
• After selecting an output, you then have to be able to unlock it.
• Each output is set with a locking script. So if you want to spend one, you need to supply an
unlocking script (called a ScriptSig).
• Nodes validate every transaction they receive. So if you do not provide an unlocking script
that satisfies the locking script, your transaction will get rejected.
UTXO: Unspent Transaction Output.
• After an output has been
"used up" in a transaction, it
cannot be used again.
• UTXO are available to be used
in new transactions (as long as
you can unlock them), which
makes them useful. That's why
there is a distinction between
spent outputs and unspent
outputs (UTXOs).
UTXO: Where are UTXOs used?
1. Verifying Transactions
• A node will verify the transactions it receives by checking that its inputs have not
already been spent.
• So if you want to create your own bitcoin transaction, you must use UTXOs in
your inputs.
UTXO: Where are UTXOs used?
1. Verifying Transactions
If you try and use an output that has already been used in another
transaction, your transaction will be rejected by nodes.
UTXO: Where are UTXOs used?
2. Address Balances
If you want to work out the balance
of an address, add up all of the
unspent outputs that are locked to
that address.
TRANSACTION FEE
• A transaction fee is the remainder of a bitcoin transaction.
Why use a transaction fee?
• A transaction fee acts as an incentive for
a miner to include your transaction in
their candidate block.
• If there are more transactions in
the memory pool than can fit in to a
block, a miner will select transactions
with the highest fees.
• So if there are a lot of bitcoin
transactions floating around the
memory pool and not all of them can fit
in to a block, a transaction fee can be
used as a way to "buy space" in a block.
Where do transaction fees go?
• Transaction fees are claimed by miners
through the coinbase transaction.
Coinbase Transaction
• A coinbase transaction is the first
transaction in a block.
• Miners use it to collect the block
reward, and any additional
transaction fees.
• It's like putting your details on a
self-addressed envelope so you
can collect prize winnings.
Block Reward
• If a miner mines a new block, they're given a
reward in the form of the block reward (coinbase).
This is the main incentive for Bitcoin miners.
• The block reward is halved every 210,000 blocks,
which is approximately every 4 years (as Bitcoin's
block time is 10 minutes per block).
• When Bitcoin was created the Block reward used
to be 50 Bitcoin, and is now 12.5 BTC.
• When the block reward has halved 64 times, the
block reward becomes 0.
• The last new bitcoin will not be mined until May
2140.
Coinbase Transaction: Usage
• When a miner creates a candidate block, the very first space for a
transaction is reserved for the coinbase transaction.
• Every block must have a coinbase transaction.
• A coinbase transaction is only slightly different to normal transaction data.
The main difference is its single "blank" input, which we call the coinbase.
Transaction 1 - A simple transaction
• This is what the bitcoin addresses look like after the transaction
• The beer shop has a new batch of 1, and we’ve sent ourselves a new batch of 24. That
original batch of 25 bitcoins has now been “used up”.
Summary: How Transactions work?
It’s these locks that prevent us from spending each other’s outputs in a
transaction, as every output we receive is encumbered by a lock.
Where do output locks come from?
• As we know, a transaction is the process of taking existing outputs
and creating new ones from them:
Where do output locks come from?
• And it’s during the creation of these outputs that we give each one a
“lock”.
Where do output locks come from?
• So when we want to send bitcoins to a friend, we create the new output, and add
a lock that says “only the owner of 1friend1234567890 can use this output”.
• All of this is stored in the transaction data.
• As a result, this new output will effectively “belong” to our friend, because they
are the only person who has the private key for this address, so nobody else will
be able to spend it.
How do you create an output lock?
• Output locks are written in a basic programming language, called SCRIPT.
• It’s a bit tricky to explain the workings of an entire programming language in
one diagram, but here we go anyway:
• Ledgers
• Ledgers are historically centralized and private.
• The unbroken Hash (seal) confirms that the block, and therefore
every block before it, is legitimate.
How Blockchains Work: Hashing (cont.)
• Recall: Transactions must be validated by other network miners
• Full nodes download every block and transaction and check them
against Bitcoin's consensus rules.
• Here are examples of consensus rules, though there are many more:
• Blocks may only create a certain number of bitcoins.
• Transactions must have correct signatures for the bitcoins being spent.
• Transactions/blocks must be in the correct data format.
• Within a single block chain, a transaction output cannot be double-spent.
Consensus Protocol
• PoW (Proof of Work)
• PoS (Proof of Stake)
• PoET (Proof of Elapsed Time)
• SBFT (Simplified Byzantine Fault Tolerance)
• PoA (Proof of Authority)
PoW vs. PoS
The Bitcoin network, for example, requires an annual energy consumption comparable to that of Colombia
(57.6 TWh annually).
Link: Data as at April 3rd, 2018. Retrieved from https://digiconomist.net/bitcoin-energy-consumption
PoW (Proof of Work)
• PoW requires a huge amount of energy to be expended, given the
computationally heavy algorithm.
• PoW has a high latency of transaction validation, and the
concentration of mining power is located in countries where
electricity is cheap.
• In terms of the network security, PoW is susceptible to the '51%
attack', which refers to an attack on a blockchain by a group of miners
controlling more than 50% of the network's computing power.
PoS (Proof of Stake)
• The Proof of Stake algorithm is a generalization of the Proof of Work
algorithm.
• In PoS, the nodes are known as the 'validators' and, rather than mining the
blockchain, they validate the transactions to earn a transaction fee.
• Nodes are randomly selected to validate blocks, and the probability of this
random selection depends on the amount of stake held.
• So, if node X owns 2 coins and node Y owns 1 coin, node X is twice as likely
to be called upon to validate a block of transactions.
• The PoS algorithm saves expensive computational resources that are spent
in mining under a PoW consensus regime.
PoA (Proof of Authority)
• Proof-of-Authority (PoA) is a consensus algorithm which can be used
for permissioned ledgers.
• It uses a set of 'authorities', which are designated nodes that are
allowed to create new blocks and secure the ledger.
• Ledgers using PoA require sign-off by a majority of authorities in
order for a block to be created.
PoET (Proof of Elapsed Time)
• Developed by Intel, the Proof of Elapsed Time consensus algorithm
emulates the Bitcoin-style Proof of Work.
• Instead of competing to solve the cryptographic challenge and mine
the next block, (as in the Bitcoin blockchain), the PoET consensus
algorithm is a hybrid of a random lottery & first-come-first-serve
basis. In PoET, each validator is given a random wait time.
• Hyperledger's Sawtooth implementation is an example of PoET at
work
• The validator with the shortest wait time for a particular transaction
block is elected the leader. This "leader" gets to create the next block
on the chain.
SBFT (Simplified Byzantine Fault Tolerance)