DIGITAL ASSET RESEARCH

Transcription

1 Our Digital Assets Primer is a more in-depth look at the underlying technology behind digital assets, using two of the largest cryptocurrencies, in terms of network values, Bitcoin and Ethereum, as examples. Here, we explain at a technical level how transactions are conducted over each network. DIGITAL ASSET RESEARCH provides unbiased, institutional quality cryptocurrency research for hedge funds, family offices, traditional asset managers, and venture capitalists. To learn more about our products and services, please fill out a Demo Request form here. If you would like to stay up to date on important cryptocurrency related news, you can sign up for our newsletter here.

2 As you will learn in this report, digital assets go beyond the general idea of a digital currency, and may represent a variety of use cases; from consumer applications, such as tokenized travel insurance, to digital commodities, such as decentralized computation. The purpose of this primer is to give you a detailed explanation of the underlying technology behind digital assets using the cryptocurrencies with largest network values: Bitcoin and Ethereum. Before we dig into the fascinating technology behind both networks, it is important to make a few distinctions, which may ease this educational exercise. The word blockchain was first used to describe the structure of the database in which bitcoin transactions are recorded. However, Bitcoin s inventor, Satoshi Nakamoto, never used the word blockchain to describe this structure. When referring to Bitcoin s data structure, Nakamoto often used chain of blocks, and only after the launch of the Bitcoin network was term blockchain popularized. In a way, the use of the term blockchain today is analogous to the use of the term internet in the early 1990s; widely referenced, but often misunderstood. Before we understand what is happening at the transaction level, let us analyze the data structure that allows digital currencies to be both transparent and immutable. Transparency is achieved because every participant in these networks stores its own blockchain documenting all transactions that have ever occurred, and from where the balance of every other participant can be derived. Since all members must record each valid group of transactions, or blocks, malicious actors are unable to double spend funds or send more tokens than they own. Once a new block is broadcasted to all members of the network, all transactions in it are considered final since it would take an immense amount of computer power to change everyone s blockchain. Therefore, malicious actors are not able to change transactions that have happened in the past, granting distributed blockchain networks a high level of immutability and security.

3 Let us assume the network below is composed of only four participants: Alice, Bob, Carly and Doug. Each participant started with a total balance of 5 tokens (TKNs), and there were no transactions in the network:

4 In this section, we will attempt to explain Bitcoin and its underlying technology using an example of a bitcoin transaction. On the left side of the page, we will guide you through every step of this transaction s life cycle and provide the technical details behind each of these processes. (in the context of this report) Alice lives in Tokyo, and she will soon fly across the world to visit her friend Bob, who lives in New York. When Alice gets to New York, she wants to see a popular Broadway show, so she asks Bob to buy her the tickets in advance in case they get sold out. Alice insists that she wants to pay for the tickets and will send Bob the equivalent amount in bitcoin for the purchase. Alice wants to send BTC to her friend Bob To transact in the Bitcoin network, every participant must download software to interact with the blockchain and other network participants. This is referred to as a client, which sends requests to a server for specific applications. Web browsers, for example, are clients that interact with centralized servers to display data. When a URL is accessed, the client sends a request to the server storing the website s content and displays that content to the user. Bitcoin clients work similarly, but with a key difference. Instead of accessing data from a centralized server, Bitcoin clients interact with all other members in the network to source and validate the integrity of their data, which can easily be determined since all network participants store the same ledger. This is a key aspect of the Bitcoin network, as its decentralization grants unique security properties to the data flowing between network participants, or nodes. Client The interface that enables users to create blocks, verify and interact with the blockchain Nodes, by definition, are the individual participants of a large network. When we refer to the nodes of the Bitcoin network, we refer to the entities running a Bitcoin client. Collectively, Bitcoin nodes are what the network is made of. Nodes may interact with the network by running two types of clients: full clients and light clients. Alice, who has used before, asks Bob to download a Bitcoin client, which enables him to create an account & receive funds.

5 Full clients, also called thick clients, store a complete copy of the blockchain and contain all transactions that have ever occurred in the network. Full nodes are the backbone of the Bitcoin network and enforce the rules set forth by the protocol to ensure security and consistency of the data, as well as the process by which new data is added to the ledger. Because full nodes store a copy of all transactions that have ever occurred, they are able validate transactions initiated by any user by confirming all past transactions that such user conducted, thereby preventing malicious actors from sending more than what they possess. Full nodes also check the signatures of the parties involved in every transaction to prevent other users from double spending the same funds. Downloading an entire copy of the Bitcoin blockchain from other nodes in the network may take several days as the size of the blockchain is more than 130GB at the time of writing. However, this process only needs to be done once. After downloading the chain, users only need to download new a new block every 10 minutes. As an open-source project, there are over 15 Bitcoin clients that can be used to interact with the network. Instead of running a full node, Alice runs a light client that can be set up within minutes. She advises Bob to do the same. Because running a full node has several requirements, such as having sufficient storage space and memory, light clients (also called thin clients) were designed to ease the interaction with the network and reduce the frictions of owning and using bitcoin. Instead of storing a complete copy of the blockchain, light clients only store the header of each block, which only requires a fraction of the storage space. (Block) Header A unique identifier for each block of a blockchain. Only storing the block header, however, limits the functionality of a light client. A light client is unable to verify transactions and its main purpose is to broadcast transactions to the network.

6 Although both full and light clients can serve as a user s wallet, the definition of a wallet is broader. A wallet is the collection of data required to initiate transactions and receive bitcoin, which can come in many forms. The number of clients available for Bitcoin increases the efficiency of the network and has granted it near-zero down time. If there are bugs in one client, the network can process transactions through a different client. Clients generate addresses that define a user s identity in the network using a concept called Public Key Cryptography. Because Bitcoin was built for payments, users have a unique identity that can be shared publicly. Additionally, users need a unique identifier or password to authorize transactions. In other words, users need both public and private identities to receive and send funds. The private identifier is called a Private Key and the public identifier is called a Public Key. Public identities are often represented as addresses, which are derived from Public Keys. Bob downloaded a light client & sends Alice his Address over . There is a relationship between these keys so that only one Private Key can be associated with any one Public Key. This relationship exists because a Public Key is a mathematical derivation of a Private Key. When a user signs a transaction using a Private Key, this signature is checked against the Public Key of the same user. In the verification process, the relationship between a Private Key signature and a Public Key identity is validated without revealing the Private Key. Bitcoin achieves this by using what is called a Mathematical Trap Door, a function that can be performed in one direction (deriving Public Keys from Private Keys), but impossible to be performed in the reverse direction (deriving Private Keys from Public Keys). Private Key A combination of letters and numbers that can be used to spend the digital token associated with a specific Address. Public Key In the context of blockchain systems, a Public Key is an account address that can be publicly shared, and it is used to send and receive funds. Address A unique account derived from a Public Key.

7 5K2CrUJ2EYDaXPTSKuuk2Y9N2E9s4RsWHrvg9S8DnBi3yzzU1CgRw2WqEwq2w1sD Above is the example of a real Private Key. To enable better user experience, applications used to generate Private Keys often provide QR versions of each key. Private Keys are created by combining a series of random numbers into to generate a string of 256 bits. Private keys are shown to users in 64 hexadecimals digits, each of them with a size of 4 bits. The Public Key is derived from a unique Private Key using elliptical curve point multiplication, which is a one-way mathematical function. The Public Key, combined with a user signature generated using the corresponding Private Key, grants the user spending power of the balance associated with the account. String A finite sequence of characters (i.e., letters, numerals, symbols and punctuation marks). Hexadecimals A numeral system in which each hexadecimal digit represents four binary digits (bits). Elliptical Curve Point Multiplication The operation of successively adding a point along an elliptic curve to itself repeatedly to create a oneway function. 1P8zPByYiGDj2fGur17fvXAn7jwawuHZz2 It is important to note that Public Keys and Wallet Addresses are not the same. Addresses are used as an account identifier, and are derived from a Public Key through yet another one-way mathematical function. Bitcoin clients use a hash function for this operation. Hash function A function used to map data of arbitrary size and convert it to a fixed length output. Source: Digital Asset Research

8 A bitcoin transaction is a signed message that authorizes the transfer of funds. Each transaction includes the sender s Public Key, the receiver s Public Key, and a signature created using the sender s Private Key. The Bitcoin blockchain has a native multiple-entry accounting system and each transaction has inputs and outputs, which serve as debits and credits. Simply put, a user s balance is the sum of all debits associated with his or her Public Key, minus all credits. Alice now has Bob s address, which is the only thing she will need to initiate a transaction When Alice initiates a transaction of BTC or 10 millibits (mbtc) to Bob, her Bitcoin client will look at all previous unspent outputs (debits) related to her Public Key, and show her balance. Alice then scans or copies Bob s Public Key, adds the transaction amount and chooses how fast she wants the funds to reach Bob. The speed at which Bob will receive Alice s transaction is dependent upon how much network fees Alice is willing to pay. Millibits (mbtc) The name used to represent bitcoins. Alice decides how much she will pay in fees, which is proportionate to the speed at which Bob will receive the funds. Bitcoin relies on participants in the network to process all transactions and include them in the ledger, an activity called mining. Miners prioritize transactions with higher fees, so if Alice wants Bob to receive the funds in less than one hour, she will have to pay higher fees. We will provide more details on the mining process in the next section. Mining The activity by which transactions are validated and new coins are generated. Source: Digital Asset Research

9 Because Bob will not need the funds right away, Alice decides to pay a rate of 2.21 mbtc per kilobyte in transaction fees, which is enough to make sure Bob will receive her transaction within the next 50 minutes, or 5 blockchain blocks. Alice previews the transaction to see how much she will pay in fees: Source: Digital Asset Research Because Alice decided to pay a transaction fee rate of 2.21 mbtc per kilobyte, and the size of her transaction is 336 bytes, the total amount paid in network fees is mbtc, or $4.65 USD. Bitcoin transactions are often composed of multiple inputs and outputs and the transaction initiated by Alice contains one input and two outputs. To send 10 mbtc to Bob, Alice s client uses a past transaction as an input to prove that she has a balance higher than the amount being sent. A day earlier, Alice received mbtc from her roommate Carly for her share of the rent. The client will use this transaction as input since it is higher than the amount being sent to Bob, and send the difference back to Alice.

10 Two outputs are then created; the first output of 10 mbtc goes to Bob, as it represents what Alice is sending, and the second output of mbtc goes back to Alice s address as change. Notice that the mbtc output that Alice will receive as change is already accounting for the 0.74 mbtc paid in network fees. Source: Digital Asset Research Before this transaction can be broadcasted to the network, Alice needs to prove that she possesses the Private Key associated with her bitcoin by signing the transaction. Alice can sign transactions by manually typing her Private Key in the console, or loading the text file used to store it. Alice s client will then combine all details from the transaction and convert it to hexadecimal format: 6f42666a921fff3b29c3e7115ed74bcd1e4febc6ee3adea403840ac57987c8e1 The above string is what is shared with other members of the network. Once broadcasted, the nodes around Alice verify the transaction and disseminate it to other nodes until the transaction gets processed by the miners. Since all nodes are storing a group of unprocessed transactions, this is called the memory pool, or mempool. When the mempool is large and nodes in the network must store many unprocessed transactions, the network fee rate per kilobyte increases since memory is scarce and as a result, users must pay more to transact in the network. Accordingly, the Bitcoin mempool is used as a proxy for network congestion and fees.

11 Mining is a competition in which players race to find the solution to a mathematical puzzle that confirms the validity of a Bitcoin transaction. Miners must devote an immense amount of computer resources to solving this mathematical puzzle and must also provide proof of the work they put into finding the solution. Even though finding a solution requires effort, verifying it does not. This system is called Proof of Work (PoW), and it has been researched as an anti-spam mechanism since the early 1990s. Since validating Bitcoin transactions requires work, this system guarantees the network s resilience against replay attacks and denial of service attacks. As more miners join the network, the cost of performing such attacks also increases. More importantly, mining ensures that the security of the network is not dependent upon a centralized party. The Bitcoin protocol has a native incentive mechanism that rewards miners for resources they devote to the network if a miner can successfully create a new block. Such amount decreases every 4 years and, at the time of writing, is 12.5 BTC per block. Miners also receive network transaction fees from every transaction they include in a block. When the Bitcoin network launched in January 2009, block rewards were 50 BTC per block. As expected, block rewards halved to 25 BTC in November 2012, and to 12.5 BTC in July In the year 2140, the Bitcoin protocol will stop generating new coins and mining rewards will only be based on network fees. At that point, around 21 million bitcoins will be in circulation and supply will be mostly deflationary. Replay Attack A type of network attack in which the adversary repeats or delays valid data transmission to exploit vulnerabilities within the protocol. Denial of Service (DoS) Attack An attack where the adversary seeks to make aspects of the network inaccessible to its users by flooding the system with service requests. The mathematical puzzled referenced in the introductory paragraph is based on a cryptographic hash function. Hash functions are particularly useful for this process since they are hard to solve, but easy to verify. Hash functions are used in many different fields to convert data of any arbitrary size to a fixedlength output. To produce proof of work, Bitcoin miners use the SHA-256 cryptographic algorithm; a hash function originally designed by the NSA for the encryption of sensitive information. Every time a miner fills a block with unprocessed transactions, the miner runs the SHA-256 hash algorithm multiple times with specific parameters to find a hash that starts with an arbitrary number of zeroes.

12 As the number of miners allocating resources to the network increases, so too does the amount of effort it takes to validate one block of transactions. This difficulty in validating each block is proportionate to the number of miners allocating resources to network. Every 2016-blocks, or around two weeks, the protocol determines a target difficulty so that on average, each block takes 10-minutes to be created. Digest The string created by the hash function. Source: Digital Asset Research Regardless of the number of inputs and outputs that are in a single transaction, the hash function will convert that data to a digest of a fixed length. Even the smallest change in the text input results in a completely different digest. Notice how, from Text A to Text B in the example above, the addition of a. to the input completely changed the digest. Finally, Alice s transaction is added to a block along with many other transactions. Once the block gets mine Bob can verify. Miners use hash functions to assign a unique, fixed length hash to each transaction. Digest The string created by the hash function. data sets in an efficient manner. Merkle Tree A data structure commonly used in cryptography and computer science to securely verify large data sets in an efficient manner.

13 The Bitcoin protocol uses a Merkle Tree structure to generate a block header that encompasses all transactions that are included in a block. The root hash, which is the final hash of this process is used in conjunction with a number that meets the requirements of the mathematical puzzle. Once the network peers validate the correctness of the solution, a new block is added to the Blockchain. Merkle Tree A data structure commonly used in cryptography and computer science to securely verify large data sets in an efficient manner.

14 From a technical standpoint, Ethereum relies on a state transition system to keep track of the transactions that occur in the network. While networks such as Bitcoin were designed with a focus on a transaction system, Ethereum emphasizes changes in state at an account level. State, in this context, refers to the most current set of data that incorporates all known inputs, or transactions. Ethereum keeps track of the state of all accounts in the network by maintaining a global state ledger that readjusts as new information comes in. When a group of transactions is considered valid and added to a block, a new global state is determined to reflect the changes introduced by the new block. Each participant of the network then updates their data sets to readjust the balance of the parties involved in those transactions. Relative to Bitcoin, Ethereum s account-based system is more simplistic and arguably leaner. A single Bitcoin transaction at times invokes dozens of inputs and may generate dozens of outputs, whereas an Ethereum transaction only produces one output that representing a change in the accounts within the network. Source: Digital Asset Research A new set of Ethereum transactions is found in intervals of as little as 12 seconds, and the network must reach consensus on a sequence of valid events to determine a change in global state, which incorporates the data of all accounts, balances, transactions and smart contracts. Ethereum shares some similarities with Bitcoin when it comes to processing transactions, and consensus on both networks is reached through mining via a Proof-of-Work system. Like Bitcoin, Ethereum also employs the concept of user accounts, but with a key difference; Ethereum accounts may be governed by software and store code. As a platform for programmatic money, Ethereum enables developers to add logic to transfers of value and create numerous decentralized applications, or Dapps.

15 Source: Digital Asset Research To better understand Ethereum as a platform for programmatic transfers of value, consider the following example: Alice is a software developer and lives in New York City with her dog, Charlie. Her work has been very demanding, and she has not had time to walk Charlie as much as needed. She decides to hire a dog walker to walk Charlie during the afternoon while she is at work. She goes on Craigslist and decides to hire a dog walker named Bob. Alice and Bob have never met before and their business transaction relies on trust from both parties. Alice needs to trust that Bob will actually walk her dog at the times she requested and follow a path of her choosing. Conversely, Bob needs to trust that Alice will pay him after completing the task while meeting all her requirements. Like many real-world business exchanges, Alice s verbal contract with Bob relies on counterparty trust. The logic behind their verbal contract can be represented by the conditional statement if Bob walks Charlie following a predetermined set of rules, transfer $30 from Alice s account to Bob s. Alice works as a developer and thinks she can convert the above statement into an automatically executable contract that represents her business relationship with Bob. At the time of writing, Ethereum supports 6 high level programming languages derived from popular counterparts. These high-level programming languages are then converted using a compiler to a common bytecode language that other participants in the network can understand. Since the common low-level language is cumbersome to write programs with, Ethereum s approach was to develop multiple development environments based on popular programming languages, the most popular of them is Solidity, which is based on JavaScript and C++. Before Alice starts developing her contract with Bob, she needs to install certain software on her computer that will enable her to interact with the Ethereum blockchain. This software is called a full node client, and is the backbone of distributed networks. Ethereum full node clients store a complete copy of the blockchain in their computers and all transactions and contracts that have ever occurred in the history of the network: from the very first transaction in the genesis block to the most recent block the software is able to find. Most importantly, full nodes enforce the consensus rules set forth by the protocol. These rules guarantee the security and consistency of the data that is stored on the

16 blockchain, as well as the process by which new data is amended to the ledger. Since full nodes store a copy of all transactions that have occurred in the network, they are able to verify the validity of transactions initiated by any user by confirming all past transactions associated with its address, as well as verifying the code that may have triggered the transaction. This decentralized verification process is important, as it prevents malicious actors from sending more than what they possess, or replaying the same transaction multiple times. The two most popular Ethereum clients, at the time of writing are Geth (Go-Ethereum), which uses the Go programming language, and Parity, which uses the Rust programming language. Downloading and synchronizing a full copy of the Ethereum blockchain from other nodes in the network may take days, or even weeks depending on a user s internet connection. A full archival version of Geth, which stores all historical states of the blockchain, has a total size of nearly 380 gigabytes. It is important to note that not all full nodes store archival copies of the blockchain. Most nodes that download archival versions of the blockchain also engage in mining, which, as mentioned earlier, is the process whereby transactions are validated and included in the blockchain. For purposes of developing smart contracts and safely interacting with the Ethereum blockchain, users can download the fast version of Geth, which is currently 28 gigabytes. Not every Ethereum user needs to run a full node to participate in the network. Because running a full node has cumbersome requirements, such as having sufficient storage space and memory, light clients were designed to ease the interaction with the network and reduce the frictions of owning and using ether. Rather than validating all transactions and running all code stored on the blockchain, light clients only verify the header of each block in the blockchain. This enables the integration of Ethereum wallets with mobile phones and browsers. Because Bob wants to quickly receive funds and initiate transactions, he decides to download a light client, which can be installed in minutes. One of the most innovative aspects of Ethereum is the concept of a built-in Turing-complete scripting language. Turing completeness is a characteristic of a system that has computational power equivalent to that of a Turing Machine, which is a device that can solve a set of mathematical functions and store the results of that computation. In the context of computer systems, it refers to the ability of finding answers to these problems. In very simplistic terms, Turing completeness is the ability of a system to perform basic computational functions. By featuring a Turing-complete development environment, Ethereum allows transfers of value to be triggered by the result of a script, enabling it to be used for multiple use cases. Conditional statements can be created using well-known control structures, such as if, else, while, etc. Alice will use the control structures in Solidity when writing her contract with Bob so that a transaction is triggered when certain conditions are met.

17 Over the past two years, significant development infrastructure has been built around Ethereum, especially for writing contracts in Solidity. Today, there are multiple Ethereum development frameworks that developers can use to test and deploy smart contracts. Testing smart contracts is essential because, once deployed, they cannot be changed. Unlike conventional software where developers can afford small bugs in the first release of their applications, smart contracts need to be extensively tested for exploits and vulnerabilities prior to deployment. Because smart contracts have accounts and hold value in the same way that regular users do, attackers have multi-million-dollar incentives to exploit potential vulnerabilities. Immutability enables developers to trust that the code will be executed based on predetermined rules, but immutability may hurt inexperienced developers. After she has written her smart contract, Alice extensively tests it prior to deployment. Ethereum enables conditional transfers of value that are based on the outcome of external events by using oracles. Generally, oracles can determine the outcomes of Binary Events, where the outcome is either yes or no; Categorical Events, where there are multiple discrete outcomes; and Scalar Events, where outcomes are determined by upper and lower numerical bounds. In the hypothetical example below, Alice will use an oracle to determine if Bob successfully completed the task. The smart contract Alice will write should have 4 main pieces of data highlighted below: import dev.dogwalkeroracle.io/api.sol contractdogwalk is using DogWalkerOracle { function WalkAroundPark () if(walkaroundpark!= true); oracle_query(api.dogwalkeroracle.io/alice) transfer(alice s Address, Bob s Address, 100Gwei) Source: Digital Asset Research 1. The event (WalkAroundPark) 2. The sender s address (Alice s Address) 3. The receiver s address (Bob s Address) 4. The amount to be sent per contract cycle (100Gwei) Alice understands that, for her smart contract to work, Bob will need to provide verifiable proof that he walked her dog around the local park during the predetermined time window. To accurately determine the completion of the task, she purchases a leash with a GPS tracker that tracks the location of her dog. Assume that the manufacturer of the collar provides an interface in which users can create routes, as well as an API that can be accessed through its website; dev.dogwalkeroracle.io/api.sol When the API is called, it determines whether Bob followed the correct path within the correct time window.

18 Prior to execution, the expressions contained in a smart contract are converted to set of computational instructions. These instructions, noted in bytecode, are then broadcasted as transactions to the rest of the network. Bytecode is code in portable, numeric form, and specifically designed for efficient execution. For simplicity, let us look at a real smart contract that features a basic mathematical equation: 1. SimpleMath Contract in Solidity 2. SimpleMath represented as Operation Codes PUSH1 0x60 PUSH1 0x40 MSTORE PUSH1 0x4 PUSH1 0x0 SSTORE CALLVALUE ISZERO PUSH1 0x13 JUMPI PUSH1 0x0 DUP1 REVERT JUMPDEST PUSH1 0x35 DUP1 PUSH1 0x20 PUSH1 0x0 CODECOPY PUSH1 0x0 RETURN STOP PUSH1 0x60 PUSH1 0x40 MSTORE PUSH1 0x0 DUP1 REVERT STOP LOG1 PUSH6 0x627A7A KECCAK256 PUSH9 0x52A0B4D3B17E BLOCKHASH PUSH24 0x82955F6BA0CF7FB5BDA10A04617D5FEA8F05E SimpleMath represented in bytecode fd5b f fd00a165627a7a a0b4d3b17e f6ba0cf7fb5bda10a04617d5fea8f05e Once a transaction is converted to bytecode, it is then broadcasted to the rest of the network and executed by the Ethereum Virtual Machine. Ethereum has been described as a decentralized computer because the code attached to every transaction is executed by all members of the network. Collectively, the network participants running full node Ethereum clients make up the Ethereum Virtual Machine. In computer science, a Virtual Machine is a system that emulates a computer and the EVM is Ethereum s native runtime environment where all code is executed. In addition to reaching consensus by verifying the validity of every transaction in the network, Ethereum nodes also verify the validity of the code that may have triggered an ether transfer. The EVM was designed as a stack machine, a type of computer that uses a LIFO (last in, first out) stack to temporarily store values.

19 Source: Digital Asset Research Once high-level code is converted to bytecode, each underlying operation within the smart contract will flow through the EVM stack like the example above. Each element in the stack of the EVM is 256-bits long, and the total size of the stack is limited to 1,024 elements. If, once compiled, a contract exceeds the maximum stack limit, the system will print an error and the contract will not be deployed. Both users and developers interact with the Ethereum network by initiating transactions. Ethereum s web3 API enables network participants to transfer ETH, and create and interact with smart contracts. Source: Digital Asset Research

20 Executing computer programs with the EVM also carries cost constraints in the form of network fees. Network fees in Ethereum are noted in Gas, a unit that represents computational costs as a function of time. Gas is also representative of the duration of each operation performed by the EVM. Since more complex operations require more processing power and take longer to be completed, they require more units of Gas to be executed. When sending funds or deploying smart contracts, users can assign a gas price to every unit of gas in every transaction. While gas is noted as a unit of measurement, gas price is denominated as a function of ETH. At the time of writing, the most popular gas price denomination is Gwei, which is one-millionth of an ETH. Ethereum clients often have built in recommendations for both gas limit and price, which fluctuates based on network congestion. If to send 1 ETH from the Ethereum Mist wallet the system recommends a gas limit of 31,500 units and a gas price of 10 Gwei, the maximum transaction fee is of ETH, or around $0.01. Mining is a competition in which players race to find a solution to a mathematical puzzle that confirms the validity of network transactions. Miners must devote an immense amount of computer resources to solve this mathematical puzzle and must also provide the proof of the work they put into finding the solution. Even though finding a solution to the puzzle requires effort, verifying its validity does not. This system, which also includes an incentive structure, was used by Satoshi Nakamoto in the implementation of Bitcoin and was based on several pre-existing technologies, including the Proof of Work (PoW) mechanism. Because Ethereum transaction verification requires work, this system guarantees the network s resilience against replay attacks and denial of service attacks. As more miners join the network, the cost of performing such attacks also increases. More importantly, mining ensures that the security of the network is not dependent upon a centralized party, but the collective effort of all network participants. The mathematical puzzle used in mining is based on a cryptographic hash function. Hash functions are particularly useful for this process since they are hard to solve, but easy to verify. Hash functions are used in many different fields to map data of any arbitrary size to a fixed-length output. To produce proof of work, Ethereum miners run Ethash; a cryptographic algorithm based on the Keccak-256 hash function. Every time a miner fills a block with unprocessed transactions, the miner runs Ethash multiple times with specific parameters to find a hash that starts with an arbitrary number of zeroes. As the number of miners allocating resources to the network increases, the amount of effort it takes to validate one block of transactions also increases. This difficulty in validating each block is proportionate to the number of miners allocating resources to network so that new blocks are amended to the blockchain at consistent intervals. In the future, Ethereum plans to introduce a new mechanism for validating transactions called Proof of Stake.

21 ONE OR MORE OF THE ANALYSTS PARTICIPATING IN THE PREPARATION OF THIS REPORT HAVE HOLDINGS OF BITCOIN AND ETHEREUM. The employees of Digital Asset Research ( DAR ) may purchase and use cryptocurrencies as part of the due diligence process. They may also own or hold them for any other reason. This report is for clients of Digital Asset Research ( DAR ) only. Use of this report, in any context, is governed by the Subscription Services Agreement and DAR s Terms of Use, both of which are incorporated here by reference. DAR is the sole and exclusive owner of this report and retains all right, title and interest to it and you do not have any right to the same except for the rights otherwise expressly granted herein or in the Subscription Services Agreement. You are permitted to store, display, analyze, modify, and print this report, but only for your own use. You are not permitted to (a) reverse engineer, decompile, decode, decrypt, disassemble, or in any way derive source code from this report; (b) modify, translate, adapt, alter, or create derivative works from this report; (c) copy (except as expressly permitted in the Subscription Services Agreement), distribute, publicly display, transmit, sell, rent, lease or otherwise exploit this report or grant any third party access to it; (d) frame or scrape or in-line link to the this report or use web crawlers, web spiders or other automated means to access, copy, index, process and/or store any of the information herein; (e) create apps, extensions, programs or other products or services that use any of the information herein; or (f) make or have made a service or product using similar ideas, features, functions or graphics of or providing a similar benefit as that provided by this report. DAR DOES NOT MAKE AND HEREBY EXPRESSLY DISCLAIMS ALL WARRANTIES, ORAL OR WRITTEN, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. WITHOUT LIMITING THE FOREGOING, YOU AGREE THAT YOUR USE OF THIS REPORT IS AT YOUR SOLE RISK AND ACKNOWLEDGE THAT THIS REPORT IS PROVIDED AS-IS AND DAR DOES NOT MAKE ANY WARRANTIES WITH RESPECT TO THE OPERATION, AVAILABILITY, RELIABILITY, ORIGINALITY OR ADEQUACY OF THE SAME. THIS REPORT (INCLUDING ANY INFERENCES OR CONCLUSIONS DRAWN HEREIN) IS BASED ON INFORMATION DAR CONSIDERS RELIABLE, HOWEVER, DAR DOES NOT REPRESENT IT AS ACCURATE OR COMPLETE, AND IT SHOULD NOT BE RELIED ON AS SUCH. THIS REPORT (INCLUDING ANY INFERENCES OR CONCLUSIONS DRAWN HEREIN) IS PROVIDED FOR GENERAL INFORMATIONAL PURPOSES ONLY AND YOU ARE RESPONSIBLE FOR DETERMINING WHETHER ANYTHING CONTAINED HEREIN IS SUITABLE FOR YOUR PARTICULAR CIRCUMSTANCES, AND FOR SEEKING PROFESSIONAL TAX AND/OR INVESTMENT ADVICE AS APPROPRIATE. DAR DOES NOT GIVE TAX, LEGAL OR INVESTMENT ADVICE OR ADVOCATE THE PURCHASE OR SALE OF ANY SECURITY, INVESTMENT, CRYPTOCURRENCY OR DIGITAL ASSET. NONE OF THE INFORMATION CONTAINED IN THIS REPORT CONSTITUTES OR IS INTENDED TO CONSTITUTE A RECOMMENDATION BY DAR TO ACQUIRE, HOLD, INVEST IN, OR USE ANY PARTICULAR COIN, TOKEN, CRYPTOCURRENCY, PROTOCOL, COMPANY OR FOUNDATION. You assume the entire risk of any use you make or permit to be made from this report. Without limiting the foregoing and to the maximum extent permitted by applicable law, in no event shall DAR have any liability regarding this report for damages, even if notified of such possibility. The information contained herein is as of the date hereof and is subject to change without prior notice. We may provide oral or written market commentary or trading strategies to our clients that reflect opinions that are contrary to the opinions expressed in this research. Information containing any historical information, data or analysis should not be taken as an indication or guarantee of any future performance as past performance does not guarantee future results. None of DAR s products or services recommend, endorse, or otherwise express any opinion regarding any coin, token, cryptocurrency protocol, company or foundation and none of DAR s products or services are intended to constitute investment advice or a recommendation to make (or refrain from making) any kind of investment decision and may not be relied on as such.