University of Duisburg-Essen Bismarckstr Duisburg Germany HOW BITCOIN WORKS. Matthäus Wander. June 29, 2011

Similar documents
Problem: Equivocation!

Bitcoin (Part I) Ken Calvert Keeping Current Seminar 22 January Keeping Current 1

Blockchain. CS 240: Computing Systems and Concurrency Lecture 20. Marco Canini

Computer Security. 14. Blockchain & Bitcoin. Paul Krzyzanowski. Rutgers University. Spring 2019

Smalltalk 3/30/15. The Mathematics of Bitcoin Brian Heinold

Bitcoin and Blockchain

ENEE 457: E-Cash and Bitcoin

Ensimag - 4MMSR Network Security Student Seminar. Bitcoin: A peer-to-peer Electronic Cash System Satoshi Nakamoto

P2P BitCoin: Technical details

Security Analysis of Bitcoin. Dibyojyoti Mukherjee Jaswant Katragadda Yashwant Gazula

Anupam Datta CMU. Fall 2015

Bitcoin. CS6450: Distributed Systems Lecture 20 Ryan Stutsman

CS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University

Anupam Datta CMU. Spring 2017

Chapter 13. Digital Cash. Information Security/System Security p. 570/626

Blockchain, Cryptocurrency, Smart Contracts and Initial Coin Offerings: A Technical Perspective

How Bitcoin achieves Decentralization. How Bitcoin achieves Decentralization

Biomedical Security. Cipher Block Chaining and Applications

Bitcoin (and why it uses SO much energy)

Bitcoin/Namecoin/*coin: On Bitcoin like protocols and their relation to other IT-Security issues

ICS 421 & ICS 690. Bitcoin & Blockchain. Assoc. Prof. Lipyeow Lim Information & Computer Sciences Department University of Hawai`i at Mānoa

BLOCKCHAIN Blockchains and Transactions Part II A Deeper Dive

Introduction to Bitcoin I

Lecture 6. Mechanics of Bitcoin

Ergo platform. Dmitry Meshkov

Biomedical Security. Some Security News 10/5/2018. Erwin M. Bakker

Bitcoin, a decentralized and trustless protocol

Upgrading Bitcoin: Segregated Witness. Dr. Johnson Lau Bitcoin Core Contributor Co-author of Segregated Witness BIPs March-2016

Biomedical and Healthcare Applications for Blockchain. Tiffany J. Callahan Computational Bioscience Program Hunter/Kahn Labs

Scalable overlay Networks

EECS 498 Introduction to Distributed Systems

Consensus & Blockchain

Applied cryptography

About cryptocurrencies and blockchains part 1. Jyväskylä 17th of April 2018 Henri Heinonen

TOPPERCASH TOPPERCASH WHITEPAPER REFORM THE BEST OF BLOCKCHAIN

Realization and Addressing Analysis In Blockchain Bitcoin

The Blockchain. Josh Vorick

CS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University

Whitepaper Rcoin Global

Jan Møller Co-founder, CTO Chainalysis

Darkcoin: Peer to Peer Crypto Currency with Anonymous Blockchain Transactions and an Improved Proof of Work System

Micropayments, Now! Probabilistic Micropayments in Bitcoin

Bitcoin and Blockchain Technology: Addresses, Transactions, and Blocks. Ferdinando M. Ametrano

Analyzing Bitcoin Security. Philippe Camacho

As a 3rd generation currency, not only are transactions secured, private and fast, you actually get paid for holding DigitalPrice coins.

Bitcoin, Security for Cloud & Big Data

What is Bitcoin? How Bitcoin Works. Outline. Outline. Bitcoin. Problems with Centralization

Lecture 9. Anonymity in Cryptocurrencies

Distributed Algorithms Bitcoin

Burstcoin Technical information about mining and block forging

Mechanics of Bitcoin

The Technology behind Smart Contracts

Digital Currencies: Algorithms and Protocols

ECC: Peer-to-Peer Electronic Cash with Trustless Network Services

A Gentle Introduction To Bitcoin Mining

Concurrency and Privacy with Payment Channel Networks

A HASH-CASH BASED MUSIC STREAMING PAYMENT SYSTEM. Timothy Chen San Jose State University Fall 2014

DEV. Deviant Coin, Innovative Anonymity. A PoS/Masternode cr yptocurrency developed with POS proof of stake.

What is Proof of Work?

FiiiCOIN. Yellow Paper. FiiiCOIN Yellow Paper v0.01. A versatile, scalable and energy efficient blockchain technology. Authors.

Technical Analysis of Established Blockchain Systems

Introduc)on to Bitcoin

Bitcoin. Arni Par ov. December 17, 2013

Radix - Public Node Incentives

Prelude. The notes within this Whitepaper publication are intended to formally document the concepts and features of the Aegeus cryptocurrency.

Blockchain Certification Protocol (BCP)

Let's build a blockchain!

Proof-of-Work & Bitcoin

Transactions as Proof-of-Stake! by Daniel Larimer!

CRUDE COINS.

Blockchain Bitcoin & Ethereum

Marker addresses: Adding identification information to Bitcoin transactions to leverage existing trust relationships

Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts. Yashar Dehkan Asl

Bitcoin/Blockchain. Workshop

Key Security Issues for implementation of Digital Currency, including ITU-T SG17 activities

Proof-of-Stake Protocol v3.0

Payment systems. Tuomas Aura T Information security technology. Aalto University, autumn 2013

DAVID ANDREWS, FOUNDER RYATTA BLOCKCHAIN FOUNDATIONS

CS 251: Bitcoin and Crypto Currencies Fall 2015

ILCOIN White Paper. In ILCOIN We Trust ILCOIN

SpaceMint Overcoming Bitcoin s waste of energy

Security (and finale) Dan Ports, CSEP 552

WHITEPAPER 1.0 Boostx, Lead Developer BoxyCoin

SKBI Cryptocurrency Technical Seminar Series Seminar 1: Basics: Cryptography and Transactions

BITCOIN PROTOCOL & CONSENSUS: A HIGH LEVEL OVERVIEW

Bitcoin a Peer-to-Peer payment solution

Matt Howard and Ajay Patel CIS 556: Cryptography University of Pennsylvania Fall DriveCoin: A Proof of Space Cryptocurrency

Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric

Page Total

Lecture 3. Introduction to Cryptocurrencies

SmartPool: practical decentralized pool mining. Loi Luu, Yaron Velner, Jason Teutsch, and Prateek Saxena August 18, 2017

Hyperledger fabric: towards scalable blockchain for business

Blockchains & Cryptocurrencies

Bitcoin Mining. A high-level technical introduction. Konstantinos Karasavvas

Technical White Paper of. MOAC Mother of All Chains. June 8 th, 2017

Ethereum. Campbell R. Harvey* Duke University and NBER. Ashwin Ramachandran Duke University. Brent Xu ConsenSys. Innovation and Cryptoventures

Cryptography and Cryptocurrencies. Intro to Cryptography and Cryptocurrencies

Alternative Consensus Algorithms. Murat Osmanoglu

I. Introduction. II. Security, Coinage and Attacks

Bitcoin: A Peer-to-Peer Electronic Cash System

Transcription:

University of Duisburg-Essen Bismarckstr. 90 47057 Duisburg Germany HOW BITCOIN WORKS June 29, 2011

Overview Electronic currency system Decentralized No trusted third party involved Unstructured peer-to-peer network Non-reversible Cryptographic proof instead of trust Open source beta software (C++, wxwidgets) Currency unit: BTC June 29, 2011 2

Timeline 1993: ecash (DigiCash/David Chaum) 1998: Crypto-currency ideas (W. Dai, N. Szabo) Nov 2008: Whitepaper by Satoshi Nakamoto Feb 2009: Initial Bitcoin release June 29, 2011 3

Concept Clients invest computing power to create coins By solving cryptographic puzzles Difficulty of puzzles adapts Number of coins limited Public transactions for coin transfers Senders and receivers have addresses Authorized by private key signatures Honest majority prevents double-spending Public transaction database June 29, 2011 4

Transactions Public transfers between Bitcoin addresses Signed by previous coin owner 50 BTC created by Alice Transaction Bob s Public Key Hash Alice s Signature Transaction Carol s Public Key Hash Bob s Signature June 29, 2011 5

Splitting and Combining Coins Coins can be split up to 10-8 BTC Transaction 50 BTC In Out 0.5 BTC Transaction 0.5 BTC In Out 0.8 BTC Out 49.5 BTC 0.1 BTC In 0.2 BTC In June 29, 2011 6

Bitcoin Address Fingerprint of public key 25 bytes identifier Format version: 0x01 Fingerprint: RIPEMD160(SHA256(pub)) Checksum: 4 bytes of SHA256(fingerprint) Base58 encoded Alphanumeric alphabet (without I, O, l, 0, +, /) E.g. 1BpCB9Qzm2LePrQKu6RzASzEKvjc6utsQQ June 29, 2011 7

Key Handling Client generates public/private key pairs ECDSA 256 bit Stores them in wallet file Wallet contains key pairs, not coins Private key authorizes transactions If keys are stolen, thief may use your coins If keys are lost, coins are lost No wallet encryption nor backup in v0.3.23 GUI June 29, 2011 8

Networking (1/2) Unstructured peer-to-peer network IRC bootstrapping Nickname contains IP endpoint, e.g. u4euc453wz599zq u, base58(ip address, port, checksum) Freenode used at the beginning Users got k-lined for botnet-like behavior Moved to dedicated network in mid 2010 #bitcoin overcrowded, now using #bitcoin[00-99] June 29, 2011 9

Networking (2/2) DNS bootstrapping Without update channel Built-in fallback peer list Peer exchange Port 8333/TCP UPnP Purpose of networking: Flood transactions Share distributed database (block chain) June 29, 2011 10

Mining Coins (1/3) Solve cryptographic challenge to create coins Find a block whose hash value is below target value SHA256(SHA256(block)) < target Random client finds solution first Chance proportional to computing power On average one solution every 10 minutes Difficulty adapts to keep solving rate constant If found: announce block which is proof-of-work June 29, 2011 11

Mining Coins (2/3) Payout per block: 50 BTC Halves every 4 years In 2033: Payout < 1 BTC 20.7 million BTC in circulation Total number of Bitcoins is a geometric series and approaches maximum of 21 million BTC June 29, 2011 12

Mining Coins (3/3) Bitcoin requires processing power for operation The more honest clients work, the harder cheating is Hash rate vs. power consumption GPU mining is common, CPU mining pointless ATI cards better suited than NVIDIA Mining pools share payout In future: FPGA, ASIC? June 29, 2011 13

Block Chain (1/3) Block 10 Block 11 Block 12 Prev_Hash Timestamp Prev_Hash Timestamp Prev_Hash Timestamp Tx_Root Nonce Tx_Root Nonce Tx_Root Nonce Hash01 Hash23 Hash0 Hash1 Hash2 Hash3 Tx0 Tx1 Tx2 Tx3 Blocks commit transactions First transaction is generation of coins June 29, 2011 14

Block Chain (2/3) Clients have built-in Genesis block Newer versions also have checkpoint blocks Download, validate and store block chain from untrusted network Check whether block hashes < target value Verify known checkpoints Verify balance and check for double-spending Forging chain is computationally infeasible June 29, 2011 15

Block Chain (3/3) Block chain may fork Due to propagation delay in p2p network Due to attacker injecting forged blocks Use first block received, save the other one Switch to other chain, if it becomes longer Transactions confirmed after 6 blocks Double-spending becomes unlikely Ignore orphaned block chains Generated coins mature after 100 blocks June 29, 2011 16

Adapting Difficulty Allowed block timestamp time < now + 2h time > median of past 11 blocks uint32 nbits value nbits adapts every 2016 blocks ( 2 weeks) nbits ((time cur time cur-2016 ) 2 weeks) 256 bit target hash value -1h +2h greater less difficult uint8 uint24 uint24 2 (8 (uint8 3)) = 0x0000000000001D932F0 June 29, 2011 17

Scalability Transactions flooded in network Pending until someone commits them in new block Does not scale with number of transactions Block chain mirrored on all clients 300 MB after 2,5 years of operation Storage usage can be further optimized Compress block chain to 240 MB Prune redeemed transactions from hash tree Estimated 70% of transactions can be pruned June 29, 2011 18

Transaction Fee and Priority Fee to keep transaction count low Sender may pay fee to mining client who finds block Fee is voluntary, but so is commitment in block Transaction priority sum(value in age in ) size greater higher priority Transaction ignored if fee too low May be done by both, relays and miners Minimum fee depends on space left in new block Fee serves as incentive for mining clients Transaction In Out In Out June 29, 2011 19

Transaction Script Scripting language for verification Simple stack machine without loops Transaction Transaction Out In Out OP_DUP OP_HASH160 Address:=07b52e62 OP_EQUALVERIFY OP_CHECKSIG 1 BTC Sig:=30450221 PubKey:=046a6588 OP_DUP OP_HASH160 Address:=6d6f2539... OP_EQUALVERIFY OP_CHECKSIG 1 BTC June 29, 2011 20

Privacy Transactions traceable in public block chain Weak anonymity (pseudonymity) Anonymity vanishes if identity linked to address To keep payments private, keep addresses private use different addresses use trusted mixing service June 29, 2011 21

Conclusion Peer-to-peer accounting system Relying on honest majority Growing public log file (block chain) Limited scalability Limited privacy Public key cryptography for authorization Proof-of-work to prevent double-spending Requires vast amount of computing power Technically sophisticated experiment June 29, 2011 22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback