SKBI Cryptocurrency Technical Seminar Series Seminar 1: Basics: Cryptography and Transactions Zhiguo Wan Sim Kee Boon Institute for Financial Economics Singapore Management University
Schedule of bitcoin seminar series Seminar 1 Basics: Cryptography and Transactions, 3 Dec Seminar 2 Mining, Verification and the Blockchain, 8 Dec Seminar 3 Wallets, Payments and Contracts, 15 Dec
Outline Cryptographic basics An overview of Bitcoin system Bitcoin address, keys and transactions Demos 1) use bitcoin core utility bitcoin-cli 2) use our own code
Cryptographic Basics: hash functions X, X : arbitrary strings X X 1. Collision resistance SHA256 SHA256 2. Onewayness Y (256-bit string) Y (256-bit string) Collision
Cryptographic basics SHA256 256-bit digest, 2 256 possible values Brute-force attack O(2 128 ) Hash 2 128 times to find a collision 128-bit security (80-bit security is enough currently) Negligible collision probability! No absolute security Analogue to air crash probability
Avalanche effect (SHA1) Cryptographic basics: hash functions
Public key cryptography Private key: only owner knows Generate signatures Decryption Public key: everyone knows Verify signatures Encryption ECDSA: Elliptic curve digital signature algorithm Private key Public key
Public key cryptosystem Symmetric key cryptosystem Plaintext Symmetric Symmetric Encryption Ciphertext Decryption Plaintext Public key crypto/asymmetric key cryptosystem Plaintext Asymmetric Ciphertext Asymmetric Plaintext Encryption Decryption
Public key cryptosystem Plaintext Asymmetric Ciphertext Asymmetric Plaintext Encryption Decryption Digital signature Plaintext Asymmetric Asymmetric Encryption Signature Decryption Plaintext
Elliptic Curve cryptography Generator point G Private key: a random scalar k (256-bit) Public key: K= k*g
Overview of bitcoin: a big picture From Mastering Bitcoin, O Reilly
Overview of bitcoin
Bitcoin address and key
Bitcoin address and key 0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486 D8511DAD8A04887E5B23522CD470243453A299FA9E77 237716103ABC11A1DF38855ED6F2EE187E9C582BA6 SHA256 600FFE422B4E00731A59557A5CCA46CC183944 191006324A447BDB2D98D4B408 RIPEMD160 00 010966776006953D5567439E5E39F86A0D273BEE SHA256 twice D61967F63C7DD183914A4AE452C9F6AD5D462C E3D277798075B107615C1A8A30 00 010966776006953D5567439E5E39F86A0D273BEE D61967F6 Base58 16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM
Bitcoin address and key
Bitcoin Transaction
Types of Transactions Bitcoin Transaction
Bitcoin Transaction
http://blockchain.info Bitcoin Transaction
DEMO 1: BITCOIN-CLI Bitcoin-cli: a utility to interact with the bitcoin client via RPC (remote procedure call) Check info about the client, blockchain, blocks Maintain keys and addresses Process transactions
DEMO 2: OUR OWN CODE Bit-level demo on keys, address and transactions Manage addresses and keys Create bitcoin transactions Sign the transactions
TRANSACTION DETAILS version 01 00 00 00 input count 01 previous output hash (reversed) 48 4d 40 d4 5b 9e a0 d6 52 fc a8 25 8a b7 ca a4 25 41 eb 52 97 58 57 f9 6f b5 0c d7 32 c8 b4 81 (256-bit) input previous output index 00 00 00 00 script length scriptsig script containing signature sequence ff ff ff ff output count 01 value 62 64 01 00 00 00 00 00 output script length scriptpubkey script containing destination address block lock time 00 00 00 00
SIGNATURE SCRIPT ScriptSig PUSHDATA signature data and SIGHASH_ALL PUSHDATA public key data PUSHDATA 47 47 sequence 30 length 44 integer 02 length 20 signature (DER) X integer 02 length 20 2c b2 65 bf 10 70 7b f4 93 46 c3 51 5d d3 d1 6f c4 54 61 8c 58 ec 0a 0f f4 48 a6 76 c5 4f f7 13 Y 6c 66 24 d7 62 a1 fc ef 46 18 28 4e ad 8f 08 67 8a c0 5b 13 c8 42 35 f1 65 4e 6a d1 68 23 3e 82 SIGHASH_ALL 01 PUSHDATA 41 41 type 04 X 14 e3 01 b2 32 8f 17 44 2c 0b 83 10 d7 87 bf 3d 8a 40 4c fb d0 70 4f 13 5b 6a d4 b2 d3 ee 75 13 public key Y 10 f9 81 92 6e 53 a6 e8 c3 9b d7 d3 fe fd 57 6c 54 3c ce 49 3c ba c0 63 88 f2 65 1d 1a ac bf cd
PUBKEY SCRIPT ScriptPubKey OP_DUP OP_HASH160 PUSHDATA Bitcoin address (public key hash) OP_EQUALVERIFY OP_CHECKSIG OP_DUP 76 OP_HASH160 a9 PUSHDATA 14 14 public key hash c8 e9 09 96 c7 c6 08 0e e0 62 84 60 0c 68 4e d9 04 d1 4c 5c OP_EQUALVERIFY 88 OP_CHECKSIG ac
FINAL TRANSACTION version 01 00 00 00 input count 01 previous output hash (reversed) 48 4d 40 d4 5b 9e a0 d6 52 fc a8 25 8a b7 ca a4 25 41 eb 52 97 58 57 f9 6f b5 0c d7 32 c8 b4 81 input previous output index script length scriptsig 00 00 00 00 8a 47 30 44 02 20 2c b2 65 bf 10 70 7b f4 93 46 c3 51 5d d3 d1 6f c4 54 61 8c 58 ec 0a 0f f4 48 a6 76 c5 4f f7 13 02 20 6c 66 24 d7 62 a1 fc ef 46 18 28 4e ad 8f 08 67 8a c0 5b 13 c8 42 35 f1 65 4e 6a d1 68 23 3e 82 01 41 04 14 e3 01 b2 32 8f 17 44 2c 0b 83 10 d7 87 bf 3d 8a 40 4c fb d0 70 4f 13 5b 6a d4 b2 d3 ee 75 13 10 f9 81 92 6e 53 a6 e8 c3 9b d7 d3 fe fd 57 6c 54 3c ce 49 3c ba c0 63 88 f2 65 1d 1a ac bf cd sequence ff ff ff ff output count 01 value 62 64 01 00 00 00 00 00 script length 19 output 76 a9 14 c8 e9 09 96 c7 c6 08 0e e0 62 84 60 0c 68 scriptpubkey 4e d9 04 d1 4c 5c 88 ac block lock time 00 00 00 00
References [1] Ken Shirriff s blog, Bitcoins the hard way: Using the raw Bitcoin protocol [2] Bitcoin wiki, Technical background of version 1 Bitcoin addresses. [3] Mastering bitcoin, O Reilly Publish [4] Bitcoin.org, Developer examples.
BASE58 ENCODING Specially used in bitcoin 123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdef ghijkmnopqrstuvwxyz Without 0,O,I,l Avoid misunderstanding Looks like an account number No punctuations Good for doubleclick & copy.
DIFFICULTY Difficulty The block hash should be smaller than a target (leading 0s) Difficulty 1 target(a): 00000000FFFFFFFF. Current Difficulty target(b): 000000000000000009564d4cdc1aacfeb689cd32a4c4e 72bfe5c77abcb27a14e (block 332574) Difficulty = (A)/(B)
BIG ENDIAN AND LITTLE ENDIAN Little endian Most significant bytes at the end Least significant bytes at the beginning Big endian Reverse to little endian Example: 0x90 AE 3C 62 Little endian: 0x62 3C AE 90 Big endian: 0x90 AE 3C 62