Diese Präsentation wurde erfolgreich gemeldet.

Bitcoin Blockchain - Under the Hood

5

Teilen

Nächste SlideShare
Bitcoin developer guide
Bitcoin developer guide
Wird geladen in …3
×
1 von 60
1 von 60

Bitcoin Blockchain - Under the Hood

5

Teilen

Herunterladen, um offline zu lesen

Explains what the Blockchain is and how it works. Features slides about the Cryptography, P2P Networking, Blockchain Data Structure, Bitcoin Transactions, Proof of Work Algorithm (Mining) and Scripts.

Explains what the Blockchain is and how it works. Features slides about the Cryptography, P2P Networking, Blockchain Data Structure, Bitcoin Transactions, Proof of Work Algorithm (Mining) and Scripts.

Weitere Verwandte Inhalte

Ähnliche Bücher

Kostenlos mit einer 14-tägigen Testversion von Scribd

Alle anzeigen

Ähnliche Hörbücher

Kostenlos mit einer 14-tägigen Testversion von Scribd

Alle anzeigen

Bitcoin Blockchain - Under the Hood

  1. 1. Bitcoin Blockchain Under the Hood by Galin Dinkov https://www.linkedin.com/in/galindinkov/
  2. 2. Introduction
  3. 3. Motivation for Bitcoin Creation ● The initial idea was to create decentralized secure, open, self-regulated digital money ● What was invented became something much bigger
  4. 4. What is Blockchain?
  5. 5. The Blockchain is… Data Structure
  6. 6. The Blockchain is… Ledger Date Description Credit Debit Balance 2/20/2011 Alice to Bob -$10 $90 2/20/2011 Bob from Alice +$10 $10 3/20/2011 Bob to Eve -$5 $5
  7. 7. The Blockchain is… Distributed
  8. 8. The Blockchain is… Immutable
  9. 9. The Blockchain is… Secure
  10. 10. The Blockchain is… Anonymous (Pseudo)
  11. 11. The Blockchain is… Autonomous
  12. 12. The Blockchain is… Public
  13. 13. Digital Money
  14. 14. I want to create digital money... ● Balances? ● Accounts? ● Transactions? ● Security? ● Immutability? ● Consensus?
  15. 15. How They Made It?
  16. 16. Where are the balances? ● No balances ● Only transactions ● No user accounts ● Transactions are made of Inputs and Outputs ● Transactions are chained ● Coinbase transaction generates initial coins ● Balance = Sum(UTXOs)
  17. 17. How to verify the owner?
  18. 18. How to ensure the transactions order? ● Put transactions in Blocks ● Chain the blocks ● Order chronologically ● Immutability? ● Consensus?
  19. 19. How to reach consensus in the network? ● Mining ○ Only one version is accepted ○ Although forks exists ● Proof of Work ○ Hard computation ○ Такеs certain amount of time ○ Guarantees the immutability
  20. 20. How to deal with forks?
  21. 21. Going Deep...
  22. 22. Cryptography
  23. 23. Hash Function ● Maps any data to fixed bits data or number ● Deterministic ● One-Way ● Uniformly distributed ● Collisions ● Cryptographic hash functions ○ MD 2/4/5/6 - Message-Digest Algorithm ○ SHA 1/2/3 - Secure Hash Algorithms ○ RIPEMD - RACE Integrity Primitives Evaluation Message Digest ○ BLAKE 1/2
  24. 24. Hash Usage ‘hello’ SHA-256: 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824 SHA-256d: 9595c9df90075148eb06860365df33584b75bff782a510c6cd4883a419833d50 RIPEMD-160: b6a9c8c230722b7c748331a8b450f05566dc7d0f Used: ● For Addresses ● Block IDs ● Transaction IDs ● Verifications / Checksums ● In Merkle Trees
  25. 25. Public-Key Cryptography ● Symmetrical (one key) ● Asymmetrical (public and private key) ● Key exchange ● Usage: ○ Encryption ○ Digital signature ○ Authentication ● Math behind: ○ Integer factorization problem ○ Discrete logarithm problem ○ Elliptic curve discrete logarithm problem
  26. 26. Diffie-Hellman Key Exchange Example: https://git.io/v7S3A
  27. 27. RSA Example: https://git.io/v5exi
  28. 28. Elliptic curve cryptography (ECC) Explanation: https://youtu.be/dCvB-mhkT0w https://youtu.be/F3zzNa42-tQ ECC Domain Parameters: p - prime field (modulo) a,b - curve parameters G - generator point n - ord(G) (n x G = 0) h - cofactor of n Private Key (k) = Random Number < n - 1 Public Key (K) = k ∗ G K = 1E99423A4ED27608A15A2616A2B0E9E52CED330AC530EDCC32C8FFC6A526AEDD * G K = (x, y) x = F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A y = 07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB
  29. 29. Key Size Recommendations
  30. 30. Security Risks ● Pool cracking - https://lbc.cryptoguru.org ● Quantum computers ● NSA backdoors in ECC? ● Solution: post quantum cryptography ○ NTRUEncrypt - based on the shortest vector problem in a lattice ○ More: https://en.wikipedia.org/wiki/Post-quantum_cryptography
  31. 31. Merkel Tree
  32. 32. Merkle Tree
  33. 33. Keys & Addresses
  34. 34. Bitcoin Address Version = 1 byte of 0 (zero); on the test network, this is 1 byte of 111 Key hash = Version concatenated with RIPEMD-160(SHA-256(Public Key)) Checksum = 1st 4 bytes of SHA-256(SHA-256(Key hash)) Bitcoin Address = Base58Encode(Key hash concatenated with Checksum) 14fxjE3qepjaYxiqs5WPtDx5y7vMQP81mW Private Key (k) = Random Number < n - 1 Public Key (K) = k ∗ G
  35. 35. Wallets ● Keep private keys ● Types ○ Nondeterministic (Random) Wallets - collection of random private keys ○ Deterministic (Seeded) Wallets - private keys are derived from a common seed ○ Brain Wallet - derived from a word or phrase which one can remember ○ Mnemonic Words - word sequence to represent seed of a deterministic wallet ○ Hierarchical Deterministic Wallets (HD Wallet) - tree structure where new keys can be generated from any child branch (public key) without revealing the private key
  36. 36. P2P Network
  37. 37. P2P Network
  38. 38. Node Types ● Reference Client (Bitcoin Core) - Wallet, Miner, Full Blockchain, Network Routing ● Full Blockchain Node - Full Blockchain, Network Routing ● Solo Miner - Miner, Full Blockchain, Network Routing ● Lightweight (SPV) wallet - Wallet, Network Routing ● Pool Protocol Servers - Connect the Bitcoin Network to other protocol ● Pool Mining Nodes - Miner, other protocol
  39. 39. Network Discovery ● DNS Seed ○ Servers returning known nodes ○ Hard-coded in the Bitcoin Core client ● Specify IP of known node
  40. 40. Protocol ● Connection ● Exchange addresses of peers ● Synchronize blocks and headers ● Relay transactions ● Heartbeat https://en.bitcoin.it/wiki/Network
  41. 41. Messages ● version - Information about program version and block count. Exchanged when first connecting. ● verack - Sent in response to a version message to acknowledge that we are willing to connect. ● addr - List of one or more IP addresses and ports. ● inv - "I have these blocks/transactions: ..." Normally sent only when a new block or transaction is being relayed. This is only a list, not the actual data. ● getdata - Request a single block or transaction by hash. ● getblocks - Request an inv of all blocks in a range. ● getheaders - Request a headers message containing all block headers in a range. ● tx - Send a transaction. This is sent only in response to a getdata request. ● block - Send a block. This is sent only in response to a getdata request. ● headers - Send up to 2,000 block headers. Non-generators can download the headers of blocks instead of entire blocks. ● getaddr - Request an addr message containing a bunch of known-active peers (for bootstrapping). ● submitorder, checkorder, and reply - Used when performing an IP transaction. ● alert - Send a network alert. ● ping - Does nothing. Used to check that the connection is still online. A TCP error will occur if the connection has died.
  42. 42. Blockchain
  43. 43. Block Structure ● Header is separated from the transactions ● Block size is limited (1 MB before SegWit) ● In SegWit < 4 MB = ~2 MB on average
  44. 44. Block Header ● Hash of the header is used as a block identifier ● hashPrevBlock links to the blockchain ● hashMerkleRoot guarantees transactions immutability ● Nonce is the solution of the hashcash puzzle
  45. 45. New Block Validation ● The block data structure is syntactically valid ● The block header hash is less than the target difficulty (enforces the proof of work) ● The block timestamp is less than two hours in the future (allowing for time errors) ● The block size is within acceptable limits ● The first transaction (and only the first) is a coinbase generation transaction ● All transactions within the block are valid using the transaction checklist
  46. 46. Block Types ● Blocks in the main branch - confirmed ● Blocks on side branches off the main branch - might be confirmed but form shorter than the main chain ● Orphan blocks - blocks not linked to the main branch, due to missing predecessor
  47. 47. Forks
  48. 48. Transactions
  49. 49. Transaction Lifecycle
  50. 50. Transaction Structure
  51. 51. Transaction Structure
  52. 52. Signature and Verification scriptPubKey: OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG scriptSig: <sig> <pubKey> Standard Transaction Scripts: ● Pay-to-Public-Key-Hash (P2PKH) ● Pay-to-Public-Key ● Multi-Signature ● Data Output ● Pay-to-Script-Hash (P2SH) ● P2WPKH
  53. 53. Unlock Script Pay-to-PubkeyHash scriptPubKey: OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG scriptSig: <sig> <pubKey> Bitcoin Script: https://en.bitcoin.it/wiki/Script
  54. 54. Mining
  55. 55. Miners... ● Collect transactions ● Validate transactions ● Create new blocks ● Invest power and electricity ● Get rewards in a form of bitcoins ● Guarantee the blockchain consensus
  56. 56. Generation (Coinbase) Transaction ● Creates coins from nothing ● Used to award the miner ● Has no input (coinbase) ● Outputs the fee to the miner’s address ● #0 Block is the Genesis Block The Times 03/Jan/2009 Chancellor on brink of second bailout for banks
  57. 57. Transaction Fees Transaction Fees = Sum(Inputs) - Sum(Outputs) ● Initial reward 50 BTC ● Halving every 210,000 blocks ● Total halvings allowed is 64 ● Will be reached in ● Total supply is 21 million ● Current award 12.5 BTC ● Next halving ~June 2020 ● Mining ends in ~2140
  58. 58. Transaction Priority ● Older coins have priority ● High Priority > 57,600,000 ● First 50KiB in the block are reserved for high priority transactions ● High priority transaction can be included in a block even without any fees Priority = Sum(ValueOfInput * InputAge) / TransactionSize
  59. 59. References ● Bitcoin Wiki, https://en.bitcoin.it/wiki/ ● Mastering Bitcoin, Andreas M. Antonopoulos, O’Reilly Media ● Bitcoin.ORG, https://bitcoin.org
  60. 60. Final by Galin Dinkov https://www.linkedin.com/in/galindinkov/

×