BLOCKCHAIN

ELEMENTS
 What is Blockchain?

• A Platform for executing transactional services

• Spanned over multiple organizations or individuals who may not (need not)
trust each other

• An append-only shared ledger of digitally signed and encrypted transactions

replicated across a network of peer nodes
 The Block in a Blockchain – Securing Data Cryptographically

• Digitally signed and encrypted

transactions “verified” by peers

• Cryptographic security – Ensures that

participants can only view information on
the ledger that they are authorized to see

Image source: http://dataconomy.com/

 Structure of a Block

• A block is a container data structure that contains a series of transactions

• In Bitcoin: A block may contain more than 500 transactions on average, the
average size of a block is around 1 MB (an upper bound proposed by Satoshi
Nakamoto in 2010)
• May grow up to 8 MB or sometime higher (several conflicting views on this!!)
• Larger blocks can help in processing large number of transactions in one go.
• But longer time for verification and propagation
 Structure of a Block (Reference: Bitcoin)

• Two components:
• Block Header
• List of Transactions

Block Source: https://btc.com/btc/blocks OR https://blockchain.com/explorer

 Block Header (Reference: Bitcoin)

• Metadata about a block – (1) Previous block hash, H0

(2) Mining statistics used to construct the block, (3)
Merkle tree root
H1 = Hash(H0)

• Previous block hash: Every block inherits from the

H2 = Hash(H1)
previous block – we use previous block’s hash to
create the new block’s hash – make the blockchain
tamper proof. H3 = Hash(H2)

H4 = Hash(H3)
 Block Generation Puzzle

Block Header Block Header Block Header

Previous Previous Previous

Nonce Nonce Nonce
Hash Hash Hash

Merkle Root Block Hash Merkle Root Block Hash Merkle Root Block Hash

Find out the nonce which generates the desired hash (certain zero
bits at the prefix - 0000000000000000004a2b84f93a285b7a7………)
 Block Header (Reference: Bitcoin)
• Mining – the mechanism to generate the hash
• The mechanism needs to be complicated enough, to make the blockchain tamper H0
proof
• Bitcoin Mining: Hk = Hash(Hk-1 || T || Nonce || Something more)
• Find the nonce such that Hk has certain predefined complexity (value less than a
target value) H1 = Hash(H0)

• The header contains mining statistics – timestamp, nonce and difficulty

• Understanding Difficulty and Bits H2 = Hash(H1)
https://medium.com/@dongha.sohn/bitcoin-6-target-and-difficulty-
ee3bc9cc5962
• Difficulty is the largest target (0x0000 0000 00FF FF00 0000 0000 0000 0000 0000 0000 0000 H3 = Hash(H2)
0000 0000 0000 0000 0000) divided by the current target, e.g., (0x0000 0000 0000 0000
0012 180B 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000)
• Remember: “Cost of Mining” – Pretty High (Computing Power and Energy) H4 = Hash(H3)
 The Hashes in a Block Header (Reference: Bitcoin)

• Block identifier – the hash of the current block header (Hash

algorithm: Double SHA256)
• Merkle Root
• Previous block hash is used to compute the current block hash
• Timestamp, Previous hash, Merkle root, Difficulty Bits, Nonce
and Version used to compute current hash
• DEMO
https://cse.buffalo.edu/blockchain/blockhash.html Block Source: https://btc.com/btc/blocks
 Block Generation Cost

• Energy efficiency ~0.098 J/GH = ~100 J/TH

• ASIC Hardware for bitcoin can perform about 750 TH/s
• Hash rate of the Bitcoin network approx. 120M TH/s!! Many actually go
waste  https://www.blockchain.com/charts/hash-rate
• Bitcoin network consumes about 80 TW-hours of electricity annually. These
figures vary between sources and are all some form of estimates
• Average household in Germany of four people consumes approx. 4,000 KW-
hours of electricity per year.
• Can power about 20,000 households
• Concept of Pooling is used
• Ensures tamperproof operation in terms of honest nodes!
 The Blockchain Replicas

• Every peer in a Blockchain network maintains a local copy of the Blockchain.

• Size is just about 591 GB ☺
• As a new user joins the network, she can get the whole copy

• Requirements
• All the replicas need to be updated with the last mined block
• All the replicas need to be consistent – the copies of the Blockchain at
different peers need to be exactly similar
 Transactions in a Block (Reference: Bitcoin)

• Transactions are organized as a Merkle Tree. The Merkle Root is used to

construct the block hash

• If you change a transaction, you need to change all the subsequent block
hashes

• The difficulty of the mining algorithm determines the toughness of tampering

with a block in a blockchain
 Transactions in a Block (Reference: Bitcoin)

Block Source: https://blockchain.info/

 Bitcoin Transactions and Input and Output

TX 1 TX 3
TX 0

input() input()
input()
100 BTC
output1() output1()
output1()

output2()
output2()
TX 2 TX 4

input() input()

output1() output1()
 Bitcoin Scripts – A Simple Example

T(A->B)

How Bob will verify that the transaction is actually

originated from Alice?
 Bitcoin Scripts – A Simple Example

T(A->B)

KAPUB, SA(T(A->B))

Send the public key of Alice along with the

signature -> Bob can verify this
 Bitcoin Scripts – A Simple Example

T(A->B)

KAPUB, SA(T(A->B))

Bitcoin indeed transfers scripts instead of the

signature and the public key
 Bitcoin Scripts – A Simple Example

T(A->B)

scriptPubKey, scriptSig

Bitcoin indeed transfers scripts instead of the

signature and the public key
 Bitcoin Scripts – A Simple Example

T(A->B)

scriptPubKey, scriptSig

Bob can spend the bitcoins only if both the scripts

return true after execution
 Bitcoin Scripts

• With every transaction Bob must provide

• A public key that, when hashed, yields the address of Bob embedded in the script
• A signature to provide ownership of the private key corresponding to the public key of
Bob
 Bitcoin Scripts

Transaction 18E14A7B6A30…
Input
scriptSig: D61967F63C7DD…

OP_DUP
OP_HASH160
Transaction scriptPubKey: 16UwLL9Risc3QfPqBUvKof…
OP_EQUALVERIFY
Output OP_CHECKSIG

See for detailed steps: https://developer.bitcoin.org/devguide/transactions.html

Simple Example: https://medium.com/@aalim.khan/bitcoin-transactions-scripts-and-
digital-signatures-506688e1630a
 Bitcoin Scripts

scriptPubKey: OP_DUP OP_HASH160

<pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG

scriptSig: <sig> <pubKey>

• The stack is initially empty. Both the scripts are

combined – input followed by output

<sig> <pubKey> OP_DUP OP_HASH160

<pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
 Bitcoin Scripts

<sig> <pubKey> OP_DUP OP_HASH160

<pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG <pubKey>
<sig>

• The stack is initially empty. Both the scripts are

combined

OP_DUP OP_HASH160 <pubKeyHash>

OP_EQUALVERIFY OP_CHECKSIG
 Bitcoin Scripts

OP_DUP OP_HASH160 <pubKeyHash> <pubKey>

OP_EQUALVERIFY OP_CHECKSIG
<pubKey>
<sig>
• Top stack item is duplicated

OP_HASH160 <pubKeyHash> OP_EQUALVERIFY

OP_CHECKSIG
 Bitcoin Scripts

<pubHash>
OP_HASH160 <pubKeyHash> OP_EQUALVERIFY
OP_CHECKSIG <pubKey>
<sig>
• Top stack item is hashed (RIPEMD-160 hashing)

<pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG

 Bitcoin Scripts

<pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG

<pubKeyHash>
<pubHash>
<pubKey>
• The constant is pushed in the stack <sig>

OP_EQUALVERIFY OP_CHECKSIG
 Bitcoin Scripts

OP_EQUALVERIFY OP_CHECKSIG
<pubKeyHash>
<pubHash>
<pubKey>
• Equality is checked between the top two items in <sig>
the stack

OP_CHECKSIG
 Bitcoin Scripts

OP_CHECKSIG
<pubKey>
<sig>

• Signature is checked based on the top two stack

item

TRUE
 Bitcoin Script Instructions

• Total 256 opcodes (15 disabled, 75 reserved)

• Arithmetic operations
• if-then conditions
• Logical operators
• Data handling (like OP_DUP)
• Cryptographic operations
• Hash functions
• Signature verification
• Multi-signature verification
 Interesting Bitcoin Scripts

• Provably un-spendable or prunable outputs

scriptPubKey: OP_RETURN {zero or more ops}

• Anyone-can-spend outputs
scriptPubKey: {empty}
scriptSig: OP_TRUE

Source: https://en.bitcoin.it/wiki/Script
 Interesting Bitcoin Scripts

• Freezing funds until a time in the future

scriptPubKey: <expiry_time> OP_CHECKLOCKTIMEVERIFY
OP_DROP OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY
OP_CHECKSIG
scriptSig: <sig> <pubKey>

Source: https://en.bitcoin.it/wiki/Script
 Bitcoin P2P Network

• An ad-hoc network with random topology, Bitcoin protocol runs on TCP port
8333

• All nodes (users) in the bitcoin network are treated equally

• New nodes can join any time, non-responding nodes are removed after 3
hours
Joining in a Bitcoin P2P Network
Joining in a Bitcoin P2P Network
Joining in a Bitcoin P2P Network

Seed Node

Give me the
address
 Joining in a Bitcoin P2P Network

Seed Node

<address list>
Joining in a Bitcoin P2P Network

Seed Node
Joining in a Bitcoin P2P Network

Get most recent

blockchain
Joining in a Bitcoin P2P Network

Start transaction
 Transaction in a Bitcoin Network

• Alice joins the Bitcoin network by opening her applet

• Alice makes a transaction to Bob: A->B: BTC 10

• Alice includes the scripts with the transactions

• Alice broadcasts this transaction in the Bitcoin network

Transaction Flooding in a Bitcoin Network
Transaction Flooding in a Bitcoin Network
Transaction Flooding in a Bitcoin Network

Validate the
Transaction
Transaction Flooding in a Bitcoin Network

Flood the
Transaction
Transaction Flooding in a Bitcoin Network
I have already
A->B:BTC10
seen the
transaction
 Which Transactions Should You Relay?

• The transaction is valid with current blockchain

• No conflict
• No double spending

• The script matches with a pre-given set of whitelist scripts – avoid unusual
scripts, avoid infinite loops

• Does not conflict with other transactions that I have relayed after getting the
blockchain updated – avoid double spending
 Transaction Flooding in a Bitcoin Network

A->B:BTC10
C->D:BTC20 A->B:BTC10
C->D:BTC20
A->B:BTC10

A->B:BTC10 A->B:BTC10
C->D:BTC20
C->D:BTC20
C->D:BTC20
A->B:BTC10

Different nodes may have A->B:BTC10

different transaction pools Accept the first set of transactions
that you have heard
 Mining in a Bitcoin Network

Miner collects all the transactions

flooded and starts Mining
 Block Generation

The miner who solves the

puzzle first, generates a new block
 Block Flooding

Flood the blockchain with the

new block included
 Block Propagation

Multiple miners can mine a

new block simultaneously or in a near identical time
 Block Propagation – Accept the Longest Chain

Block 3 Block 6

Block 1 Block 2 Block 5 Block 7 Block 8 Block 10

Block 4 Block 9
 Block Propagation – Accept One of the Longest Chains

Block 3 Block 6

Block 1 Block 2 Block 5 Block 7 Block 8 Block 10

Block 4 Block 9 Block 11

“Accidental” forks occur rarely. Even if they occur, eventually only one becomes part of
the longest chain
There are “intentional” forks of two type: hard forks and soft forks to come up with new
versions like Bitcoin Cash, etc., or to upgrade software versions
[ Will be further discussed during our lectures on consensus ]
 Which Block to Relay

• Block contains the correct hash based on the existing blockchain

• All the transactions inside the block are valid

• Check the scripts
• Validate with the existing blockchain

• The block is included in the current longest chain

• Do not relay the forks
Block Propagation Latency

Mean time = 12.6 Seconds

95% of the nodes can see
the block within 40 seconds

Decker, Christian, and Roger Wattenhofer.

"Information propagation in the bitcoin
network." 2013 IEEE Thirteenth International
Conference on Peer-to-Peer Computing (P2P).
IEEE, 2013.
 Bitcoin – The Beginning

• “A decentralized digital currency enables instant payments to anyone,

anywhere in the world” – en.bitcoin.it

• No central authority, uses peer-to-peer technology

• Two broad operations

• Transaction Management – transfer of bitcoins from one user to another
• Money Issuance – regulate the monetary base
 Bitcoin Basics – Creation of Coins

• Controlled Supply: Must be limited for the currency to have value – any
maliciously generated currency needs to be rejected by the network

• Bitcoins are generated during the mining – each time a user discovers a new
block

• The rate of block creation is adjusted every 2016 blocks to aim for a
constant two week adjustment period

• The last bitcoin will be mined in 2140 (estimated and unless changed)
 Bitcoin Basics – Creation of Coins

• The number of bitcoins generated per block is set to decrease

geometrically, with a 50% reduction for every 210,000 blocks, or
approximately 4 years

• This reduces, with time, the amount of bitcoins generated per

block
• Theoretical limit for total bitcoins: Slightly less than 21 million
• Miners will get less reward as time progresses
• How to pay the mining fee – increase the transaction fee
Projected Bitcoins

Information Source: https://en.bitcoin.it/wiki/

 Bitcoin Basics – Sending Payments

• Alice wants to send bitcoin to Bob

• Bob sends his address to Alice
• Alice adds Bob’s address and the amount of bitcoins to transfer in a “transaction”
message
• Alice signs the transaction with her private key, and announces her public key for
signature verification
• Alice broadcasts the transaction on the Bitcoin network for all to see
 Handle Double Spending using Blockchain

• When multiple valid continuation to this chain appear, only the longest such
branch is accepted and it is then extended further (longest chain)

• Once a transaction is committed in the blockchain, everyone in the network

can validate all the transactions by using Alice’s public address

• The validation prevents double spending in bitcoin

 Bitcoin Anonymity

• Bitcoin is permission-less, you do not need to setup any “account”, or

required any e-mail address, user name or password to login to the wallet
• The public and the private keys do not need to be registered, the wallet can
generate them for the users
• The bitcoin address is used for transaction, not the user name or identity
• A bitcoin address mathematically corresponds to a public key based on
ECDSA – the digital signature algorithm used in bitcoin
• A sample bitcoin address: 1PHYrmdJ22MKbJevpb3MBNpVckjZHt89hz
• Each person can have many such addresses, each with its own balance
• Difficult to know which person owns what amount
 To Sum it All Up!!

• Bitcoins do not really “exist” as any tangible or electronic

object.
• There is no bit”coin” as you see in its logo
• Owning a bitcoin simply means you have access to a key pair
that includes
• A public key to which somebody else had sent some bitcoin
• A matching private key that gives you the authority to send the
previously received bitcoin to another address
• If you lose your private key, you lose the corresponding
bitcoin(s)
 Physical Payment using Bitcoin

• All that is needed is a (set of) private key(s) – Public key can be generated
from the private key.
• Safely store the private key – in your desktop, on the web, mobile phone,
special hardware attachment, printed on a piece of paper as QR
• For online payment, you can use the wallet and an appropriate mode of
applying the private key
• For off line payments like in store payments or paying to your friend, you can
use your mobile phone to present the private key or use the hardcopy!! As
simple as using PayTm, Google Pay and so on.
 Bitcoin Exchange

• Trading bitcoin as commodity

• Centralized exchanges – (Examle: WazirX, CoinDCX, Zebpay, CoinSwitch
Kuber, etc.)
• Identity verification using KYC documents
• Maintain your balance in Bitcoin and another currency like USD.
• You set the buying and selling prices and quantities.
• If necessary, you can take the money out in a preferred currency.
• Some exchanges provide the payout option in anonymous prepaid cards
• There can also be decentralized exchanges with appropriate procedures for
handling similar requirements
68