# Blockchain

# Mathematical base

## Cryptographic hash function

- $Hash: \mathbb{Z} \rightarrow \mathbb{Z}_{2^n}: x \mapsto rand$
- Value of hash is unpredictable until you know ENTIRE input
- Hard to find collision: $a, b: hash(a) = hash(b)$
- Can be used as deterministic random generator

example: sha256, cryptonight, scrypt, x11

### Hashcash

- Antispam/DOS system
- Client puzzle implementation of Proof of work system
 - Problem: You want to distinguish between regular user of service and attackers who make flood of cheap requests for expensive resource
 - Solution: Every client must proof its spend significant time to solve math problem(puzzle)
   - Puzzle: find *data*: HASH(*data*) < difficulty

## ECDSA/Digital signature scheme

- Alice want to proof Bob that message is created by Alice
- Alice generate key pair of $K_{priv}$(private key, ex. $a \in \mathbb{Z}_{|G|}$) and $K_{pub}$(public key, ex. aG, G is generator of aditive group)
- Alice make $K_{pub}$ public to everybody in the world in trusted way
- Alice calculate $signature = Sign(message, K_{priv})$ and attach it to message
- Everybody can calculate $Verify(signature, message, K_{pub})$ and verify if $signature$ create owner of $K_{priv}$
- $Sign$ is typically encryption and $Verify$ is decryption

# Context

## P2P

- Type of protocols without central element
- Every user communicate(mostly) with another users, which provide service and informations about another nodes
- Commonly used for communication, data sharing, anonymity
- These protocols have big throughput, capacity, are anonymous and hard to ban

## Crypto-anarchism

- Political movement which wants to use strong cryptography to protect privacy, [pseudo]anonymity and personal freedom
- They use concepts like smart contracts and technology like tor, i2p, freenet, torbrowser and lot of P2P/decentralized networks
- They want to protect individuals against mass surveillance
- In contrast of regulation they prefer reputation, decentralized leadership, economical freedom...
- They prefer decentralized [pseudo]anonym money, markets, contracts...

# Bitcoin

- 3 January 2009 anonym under nickname Satoshi Nakamoto started bitcoin
- It is distributed system for managing tokens which should be used as a currency
- All transactions are public and pseudonymous
- Based on technology named blockchain
- Associated P2P protocol for share blockchain and transactions

## Bitcoin transactions

- Based on digital signature scheme
- You have your wallet with associated addresses
- Address is public key
- Every transaction from an address must be signed by private key associated with address

## Blockchain

- Concept to provide nonrepudation of operations over managed dataset(ex. Bitcoins)
- Backward linked list of basic elements: blocks
- Every block contains verified operation over managed dataset
- Blockchain guarantee integrity of blockchain, validity of operations and exiting blocks can not be modified or replaced(really?)
- There is a decentralized protocol to obtain blockchain and share new operations over dataset

## Bitcoin block structure

- Header
 - Hash(prev_block)
 - Merkle tree root of transactions(hash(Transactions))
 - Timestamp
 - Proof of work
   - Target
   - Nonce
- Transaction...
 - Input...
    - Hash(transaction)
    - Input script
 - Output...
    - Amount
    - Output script

## Block generation

- Group of users named miners participate on generating of a new block
- They vote for influence in generating process
- "One person/CPU, one vote"
- Author of new block get reward(FIX value(temporary) + transaction fees)
- Fix reward is only way how new bitcoin is created
- How to determine regular votes and attacker in P2P world?

### Proof of work

- Hashcash like concept of voting
- "one hash/10min calculation, one vote"
- Every valid block must contains "Proof of work"
- Proof of work: nonce: $hash(block_{header}, nonce) < difficulty$
- Difficulty is calculated from previous blocks timestamp to new block will be created every *PROTOCOL_CONSTANT* seconds
- If two valid ancestor blocks are mined, every miner select one and longer chain win

# After bitcoin

## Another cryptocurences 

1. Bitcoin
1. Ethereum
1. XRP
1. Bitcoin Cash
1. Bitcoin SV
1. Tether
1. Litecoin
1. EOS
1. Binance Coin
1. Cardano
1. Ethereum Classic
1. TRON
1. Monero
1. Stellar
1. Dash

## Another uses of blockchain

- Decentralized computing(golem project)
- Health care
- Social networks
- Decentralized markets&reputation systems
- Egoverment
- Banking system
- Election
- PKI

## Bitcoin script

- Bitcoin transaction target/source is executable code named *output/input script*
- Output script says when another transaction can manipulate with bitcoins
- Input script of valid transaction must satisfy criteria from output script
- Both are written in Bitcoin Script
- Bitcoins script is simple stack based low level language
- Bitcoins script IS NOT turing complete

## Smart contracts

- Contracts which itself enforce contract rules
- Contract can be any function implement in specific programming language
- Bitcoin Script can be used to create simple smart contracts
- You can have time depend transaction, check signature, basic flow control, arithmetic, stack operation and crypto primitives

# Eth

- created 30 July 2015 by Vitalik Buterin
- It provide blockchain based virtual machine as replacement for bitcoin script

## Ethereum Virtual Machine

- Turing complete
- Support persistent state
- Optimized to create complex applications
- Hight level languages can be compiled to ethereum script
- You pay for every operation
- Often used to create smart contracts

## Example of applications

- Digital cryptocurrency
- Casino
- Games
- Social applications
- Markets
- Decentralized Uber

## DAO(Decentralized autonomous organization)

- Company with leadership based on smart contract
- It must be online business or require trusted connection to real word
- Example: prediction market, social media, leadership of cryptocurrency

### The DAO

- DAO organization
- Venture capital fund
- Based on eth
- It take capital from investors in eth
- It had more then  \$150M asset in 2016
- ~14\% ether was attracted by the DAO
- It was traded in main exchanges

# [not]issues of blockchain and cryptocurrency

## [Pseudo]anonymity

- Bitcoin is relatively anonymous pay method
- It can be simply used to illegal activities
- Anybody can publish anything to blockchain
- It complicates legal status of cryptocurrency

## Monero

- Focused on anonymity
- Stealth address: You can use only randomized one time address
- Ring signature: You can not distinguish specific sender
- Bullet proof: You can not get amount of XMR

## Block size

- Every network node store whole copy of all transactions
- Storage requirement for network node constantly grow
- Bitcoin: ~250GB, Ethereum: ~210GB
- You can be cryptocurrency user without being a network node
- This helps vendor lock-in

## Cryptography and implementation depend

- Cryptocurrency is dependend on cryptographic primitives(hash, sign scheme)
- Ex. bitcoin use double sha256 and ECDSA over Secp256k1
- If someone breaks this primitives, if can be fatal for cryptocurrency
- Also, an implementation of protocol/wallet or protocol itself can contain bugs
- Ex. there were few Bitcoin script optcodes which had an security issue

## Forks and development

- P2P nature of blockchain means that majority decide about new features and valid state(a type of democracy enforcement)
- Every new feature must be accepted by majority
- Sometimes minority can be enforced to change
- Every new feature cause fork of blockchain
- There are 3 kinds of fork
 - Temporary fork: when 2 miners create block at once(protocol solve this)

### Softfork

- Let `new` user/miners accept change, `old` reject
- Backward compatible change, every `old` user accept block by `new` miners as valid
- `new` miners accept only block by `new` miners
- If more than 51% hashpower is `new`, `new` chain will be longer, fork is successful and all user(not necessarily miners) will use `new` chain
- `old` users are still valid, but do not understand new feature

### Hardfork

- `new` block are not valid for `old` users
- There is created 2 separate networks, for `old` and for `new` users and miners
- If any users stays in `old` network, fork become persistent

## Double spend/51% attack

- Blockchain can split to multiple separate chains
- Longest chain wins
- Attacker can adds transaction to one chain and another to different one
- Victim can receives resource in chain which will be dropped
- POW: If you have more 51% of network hashpower, you have full control of creating block

## POW

### ASIC

- Specialized hardware(ASIC) can mine significantly faster than CPU/GPU
- This break "One CPU, one vote" rule
- BTC: CPU/GPU hash rate is in gigahash scale
- BTC: ASIC hash rate is in terahash scale
- An cryptocurrencies try to reduce profitability of ASIC by memory requirements(ethereum) or memory latency(monero)

### Eko

- It is hard to measure ecological impact of PoW
- Source1:
 - Bitcoin miners burn ~70 TWh/year (comparable to Austria in 2015)
 - Earth production was 19,504TWH/year
 - This is approximately .35% of Earth production
- Source2:
 - Bitcoin and Ethereum burn over \$1M worth of electricity

### Proof of stake

- Alternative to Proof of work
- There is group of stakeholders(ex. to miners)
- Every stakeholder must give an resource(ex. deposit coins)
- Every stakeholder have *number of stake* based on number of resource
- There are selected stakeholders responsible for creating block
- Stakeholders are selected randomly based on *number of stake*

## Scalability

- Block can have limited size
- Throughput:
 - BTC ~5transaction/s
 - ETH ~13transaction/s
 - XRP ~1,500transaction/s
 - VISA ~65,000transaction/s

## Verification time

- To prevent double spend you should accept transaction if it is in chain of multiple blocks
- Confirmation time:
 - BTC: 60min(6 blocks * 10min/block)
 - ETH: 3min(12 blocks * 15s/block)
 - XRP: 4s

## Legal status

- Regulations?
- Tax?
- Is is legal pay method?
- Enforcement of smart contract?

## Non reversibility

- There is not authority which can decides refund
- Realized transaction can not be rollbacked[really?]
- Typo in address causes final lost of coins

### The DAO

- June 17, 2016 was performed successful attack on the DAO
- There was transaction which tried transfer 3.6M ether(\$50M, 1/3 of fund) to attacker account
- This was practically end of the DAO
- Most miners, users and developers agreed that blocks which contains attack will be reverted and create fork of blockchain
- Old blockchain is still alive under name Ethereum classic

## Online/P2P

- Offline transaction is not supported by concept(really?)
- Regulation is problematic
- P2P system is hard to deny

## Is it real currency

- Significant number of holders use it as an investment only
- Cryptocurrency has very big volatility
- There is a big diversity
- There is no realtime transactions(really?)

# Thank you for your attention
## ?? Questions ??