رفتن به نوار ابزار
بازگشت به دوره

Bitcoin and Cryptocurrencies

0% تکمیل شده
0/ 144 گام
  1. Introduction: welcome to the course
    introduction
    5 موضوع‌ها
  2. Bitcoin Protocol & Consensus: A High Level Overview
    Intro
    1 موضوع
  3. Basic Concepts
    2 موضوع‌ها
  4. Bitcoin From The Ground Up
    11 موضوع‌ها
  5. Bitcoin Review
    5 موضوع‌ها
  6. QUIZ
  7. BLOCKCHAIN HISTORY: FROM THE CYPHERPUNK MOVEMENT to JPMORGAN CHASE
    Intro
    2 موضوع‌ها
  8. Pre-Bitcoin
    4 موضوع‌ها
  9. Early Bitcoin
    4 موضوع‌ها
  10. Scalability Debate and Ethereum
    4 موضوع‌ها
  11. Enterprise Blockchain
    3 موضوع‌ها
  12. State of the Industry
    3 موضوع‌ها
  13. Review, Readings, & More
    3 موضوع‌ها
  14. Quiz
  15. BITCOIN MECHANICS AND OPTIMIZATION: technical overview
    Intro
    2 موضوع‌ها
  16. Cryptographic Hash Functions
    9 موضوع‌ها
  17. A Tamper-Evident Database
    12 موضوع‌ها
  18. Signatures, ECDSA, and Addresses
    9 موضوع‌ها
  19. Bitcoin Script
    7 موضوع‌ها
  20. Advanced Bitcoin Script
    6 موضوع‌ها
  21. Review, Readings, & More
    4 موضوع‌ها
  22. Quiz
  23. bitcoin in real life: wallet mechanics, mining, & more
    Intro
  24. Types of Users
  25. Wallets
  26. Wallet Mechanics
  27. Mining
  28. Real World Mining
  29. Bitcoin Governance
  30. Review, Readings, & More
  31. Quiz
  32. game theory and network attacks: how to destroy bitcoin
    Intro
  33. Pool Strategies
  34. Double Spending
  35. Censorship
  36. Selfish Mining
  37. Defenses
  38. Review, Readings, & More
  39. Quiz
  40. ethereum and smart contracts: enabling a decentralized future
    Intro
  41. Smart Contracts
  42. Ethereum
  43. Ethereum Virtual Machine
  44. Ethereum Use Cases
  45. Ethereum Ecosystem
  46. Review, Readings, & More
  47. Quiz
  48. The End
    Beginning of something new
درس 21, موضوع 1
در حال پیشرفت

Lecture 3 Summary

نویسنده دسامبر 3, 2020
درس پیشرفت
0% تکمیل شده

Author: Rea Savla

I. Cryptographic Hash Functions 

In this lecture, we dove into the low-level specifics of Bitcoin that make it work. Bitcoin was innovative because it allowed a decentralized network to reach consensus. It achieved this via tamper-evidence, which means although one can modify the information that passes along the Bitcoin network, it would be obvious that some modification has been made. This tamper evident system allows us to be sure any update on Bitcoin is the same for everyone.

We achieve a tamper evident system using cryptographic hash functions to produce standardized random “fingerprints” of our data. If the data changes, so will the fingerprints. Cryptographic hash functions do the following:

Cryptographic hash functions

Cryptographic hash functions are pseudorandom: although the output for any given input seems random, the output will remain consistent for that input.

Important Properties of Cryptographic Hash Functions:

  1. Pre-image Resistance: Given H(x), it is computationally difficult to determine x
  2. Second-image Resistance: Given x, it is computationally difficult to find some value x’ such that H(x) == H(x’)
  3. Collision Resistance: It is computationally difficult to find x and y such that H(x) == H(y)

These properties produce the Avalanche effect, where even any small change in the input leads to a significant pseudorandom change in the output.

The particular hash function Bitcoin uses is SHA256, which takes in an input of size less than 2^64 bits and produces a 256 bit fix sized output.

II. A Tamper Evident Database

This cryptographic hash function is used to make an entire tamper evident database in Bitcoin. The Block Header of a block on Bitcoin, is a hash of many contents within the block, most notably its Merkle Root, Previous Block Hash, and Nonce fields. The Merkle Root represents a summary of transactions, the Previous Block Hash represents the chaining, and the Nonce represents the Proof-of-Work.

The Merkle Root is the head of the Merkle Tree, a binary tree of hashes of all the previous transactions. The Previous Block Hash contains the hash of the previous block. Both of these hashes change if any of the previous transactions or blocks is modified.

The Nonce is the manifestation of the proof-of-work in Bitcoin; it is a numerical value that must be found to solve the partial preimage hash puzzle. Miners hash the entire block header (the input) and tweak the nonce and coinbase until they find an output that solves the hash puzzle. 

Hash puzzles must be:

  1. Computationally Difficult: The solution to the hash puzzle cannot be easily found
  2. Parameterizable: The difficulty of the hash puzzle should be adjustable 
  3. Easily Verifiable: Computers should have to do little work to ensure the answer is correct

The difficulty of the hash puzzle in Bitcoin is:

difficulty = difficulty * two weeks / time to mine previous 2016 blocks

Once miners solve the puzzle, they receive bitcoin via a coinbase transaction. Whenever miners produce a block, they first create a coinbase transaction, which is the first transaction of the Merkle Tree.

Using cryptographic hash functions, we ensure previous blocks remain tamper evident; we now turn our attention to how digital signatures help us ensure current transactions are tamper evident as well. Public and Private keys in Bitcoin are generated using Elliptic Curve Digital Signature Algorithm (ECDSA). ECDSA has three key properties:

  1. Given the encrypted message and the sender’s public key, the recipient should be able to identify the message origin. Since the message has been signed by the sender’s private key, the ability to encode it using the public key demonstrates the original sender has authorized this message.
  2. The digital signature scheme must also ensure non-repudiation: once the sender signs the message, they should not be able to undo it. 
  3. Finally, the scheme must maintain integrity; since messages are signed with the private key, they cannot be modified after signing.

Identity in Bitcoin is derived from private keys, which are generated randomly. Public keys are the result of Elliptic curve point multiplication of the private key against a known generator point on the curve. Given the public key, it is computationally infeasible to arrive at the private key.

We can apply these concepts of private and public keys to understand how transactions in Bitcoin work. Spending bitcoin is the act of redeeming previous transaction outputs with a proof that you are the legitimate redeemer, and then specifying who can redeem the output of the transaction you are now creating, by encoding that per’s information in your transaction.

A transaction has three main sections:

  1. Metadata: Contains housekeeping data, a unique ID of this transaction, locktime, and size
  2. Inputs: Contains a list of previously created UTXOs and proof of eligibility to redeem this money
  3. Outputs: Contains a list of new UTXOs that will be sent to new addresses. These values are locked by a script only the intended redeemer can unlock.

Bitcoin uses the stack-based, Turing-incomplete language named Script to create transactions. Locking and Unlocking Scripts are contained in transaction input and previous transaction output and are used to redeem the output of a previous transaction and specify requirements for redeeming transactions, respectively. Senders specify a Locking Script, and recipients specify an Unlocking Script. In Pay-to-Pub-Key-Hash (P2PKH), the recipient says “send your coins to the hash of this Public Key.” In Pay-to-Script-Hash (P2SH), the recipient says “Send your coins to the hash of this Script; I will provide the script and the data to make the script evaluate to true when I redeem the coins.” The latter is popular among customer-vendor transactions, where the vendor (recipient) is responsible for writing the script.