# ToyChain

This is an attempt to understand what blockchains are. People around me have been pitching all kinds of things based off blockchains and I have been stuck depending on the knowledge of others to understand what is going on. That sucks.

In my opinion, no knowledge is better than when consumed by the self.

As all good people must do to truly understand things, we must begin at the beginning. At the [Satoshi Nakamot paper](https://bitcoin.org/bitcoin.pdf)

## Transaction

> We define an electronic coin as a chain of digital signatures. Each owner transfers the coin to the next by digitally signing a hash of the previous transaction and the public key of the next owner and adding these to the end of the coin. A payee can verify the signatures to verify the chain of ownership.

Hence we need a private public key encryption system. As this is a toy example, we'll use RSA instead of making an informed decision as an expert on the subject would.

In [1]:
%pylab inline
from collections import namedtuple

Populating the interactive namespace from numpy and matplotlib


In [31]:
! pip install pycrypto



In [2]:
from Crypto.PublicKey import RSA
from Crypto import Random
from Crypto.Hash import MD5

rng = Random.new().read

# The 4 people in our coin ecosystem
alice = RSA.generate(1024, rng)
bob = RSA.generate(1024, rng)
chatur = RSA.generate(1024, rng)
rancho = RSA.generate(1024, rng)

As mentioned in the paper, a transfer is done by signing the hash of a previous transaction and the public key of the next owner. We'll try and do that now.

In [3]:
previous_hash = MD5.new('seed_dummy_hash'.encode()).digest()

print('coin ->', previous_hash)
print('Coin currently resides with Alice')
print('Transfering coin from Alice to Bob')

payload = str((previous_hash, bob.publickey().e, bob.publickey().n)).encode()
payload = MD5.new(payload).digest()
signed = alice.sign(payload, rng)

print('The new transaction has been signed. Can Bob verify?', alice.verify(payload, signed))

previous_hash = MD5.new(str(signed).encode()).digest()

print('coin ->', previous_hash)
print('Coin currently resides with Bob')
print('Transfering coin from Bob to Chatur')

payload = str((previous_hash, chatur.publickey().e, chatur.publickey().n)).encode()
payload = MD5.new(payload).digest()
signed = bob.sign(payload, rng)

print('The new transaction has been signed. Can Chatur verify?', bob.verify(payload, signed))

coin -> b'[\xcb1B\x0f\xedx1\xd1\xce*E\xbf8\x03\x0e'
Coin currently resides with Alice
Transfering coin from Alice to Bob
The new transaction has been signed. Can Bob verify? True
coin -> b'\xd4\xbe\xd1\x9e\x91\xf2\xbf\xf5L\x8a\x14s\xfb \x97\x85'
Coin currently resides with Bob
Transfering coin from Bob to Chatur
The new transaction has been signed. Can Chatur verify? True


Perhaps it will be easier if we turn this into a function and test it again?

In [4]:
def transfer(previous_hash, old_owner, new_owner):
    rng = Random.new().read
    payload = str((previous_hash, new_owner.publickey().e, new_owner.publickey().n)).encode()
    payload = MD5.new(payload).digest()
    signed = old_owner.sign(payload, rng)
    new_hash = MD5.new(str(signed).encode()).digest()
    return new_hash, signed

previous_hash = MD5.new('seed_dummy_hash'.encode()).digest()

previous_hash, signed = transfer(previous_hash, alice, bob)
print(previous_hash)
previous_hash, signed = transfer(previous_hash, bob, chatur)
print(previous_hash)
previous_hash, signed = transfer(previous_hash, chatur, rancho)
print(previous_hash)
print('So the hash changes as expected.')

b'\xd4\xbe\xd1\x9e\x91\xf2\xbf\xf5L\x8a\x14s\xfb \x97\x85'
b'\x9f\xd8\x90G\x92\x0c\xedt\xb3\xe2\xfc]\xd7f\xfd\xfb'
b'\x1e3\xc16pE\x98\xd4\x98\x0e\xdcdK\x1e\xc2\xdc'
So the hash changes as expected.


## Timestamp server

To solve the double spend problem, a time stamp server is proposed. Obviously since I don't have access to newpaper I'll just print it out for now.

In [5]:
items = [1, 2, 3, 4]
hash = MD5.new(str(items).encode()).digest()
print(hash)

b'\xd59uq\xa7\xf9\xc0[\xd5\x8b\xedw\xf9\xdb\xe8\xf0'


In [6]:
new_items = [hash, 5, 6, 7, 8]
hash_ = MD5.new(str(new_items).encode()).digest()
print(hash_)

b'\x95\xc7Z\x80%\xe5A\xd1\x02\xf7\x9epx\x85\xc3I'


## Proof of work
Proof of work is proposed as searching for a value which once hashed gives us *n* starting bits as zero.

In [8]:
def proof_of_work(prev_hash, transactions, n_zeros=1):
    nonce = 0
    while True:
        payload = (prev_hash, transactions, nonce)
        hash = MD5.new(str(payload).encode()).digest()
        if all([i == 0 for i in hash[:n_zeros]]):
            break
        nonce += 1
    return hash, nonce
        
transactions = [1, 2, 3, 4]
prev_hash = MD5.new('blah'.encode()).digest()

print(proof_of_work(prev_hash, transactions, 1))
print(proof_of_work(prev_hash, transactions, 2))

(b'\x00Y\xd1],A\xed\xe8u\xf0\xb3\xc5(\xfc\x93K', 97)
(b'\x00\x00\x132&y\xd2 \xd8X\x83\xe7\xc4\xf2\x17\xd4', 44570)


As mentioned in the paper, proof of work becomes exponentially more difficult as the n_zeros are increased. We can see that happening here when we test it for up to 4 zeros. As can be seen, searching for that nonce value is an embarrasingly parallel problem. So, we'll define some stuff to do that then.

In [14]:
import time
from tqdm import tqdm, trange
from multiprocessing import Pool

def worker(args):
    transactions, prev_hash, n_zeros, nonce = args
    payload = (prev_hash, transactions, nonce)
    hash = MD5.new(str(payload).encode()).digest()
    valid = all([i==0 for i in hash[:n_zeros]])
    return valid, hash, nonce

def get_random_transcations_and_hash():
    transactions = list(range(int(random.random()*10)))
    prev_hash = MD5.new(str(random.random()).encode()).digest()
    return transactions, prev_hash

def time_pow(n_zeros, trials):
    avgs, trial_count = [], []
    nonce_start = 0
    for _ in trange(trials):
        transactions, prev_hash = get_random_transcations_and_hash()
        with Pool() as pool:
            start = time.time()
            while True:
                nonces = list(range(nonce_start, nonce_start + 100))
                args = [(transactions, prev_hash, n_zeros, n) for n in nonces]        
                results = pool.map(worker, args)
                validations = [i[0] for i in results]
                if any(validations):
                    break
                nonce_start += 100
            end = time.time()
            t = end - start
            avgs.append(t)
    return avgs
    
        
        
    

times, trial_ids = [], []
n_begining_zeros, trials = 2, 50
for i in range(1, n_begining_zeros+1):
    time_taken = time_pow(i, trials)
    times.extend(time_taken); trial_ids.extend([i for _ in time_taken])


  0%|          | 0/50 [00:00<?, ?it/s][A




  2%|▏         | 1/50 [00:00<00:08,  5.73it/s][A




  4%|▍         | 2/50 [00:00<00:08,  5.88it/s][A




  6%|▌         | 3/50 [00:00<00:07,  5.88it/s][A




  8%|▊         | 4/50 [00:00<00:07,  5.97it/s][A




 10%|█         | 5/50 [00:00<00:07,  5.93it/s][A




 12%|█▏        | 6/50 [00:00<00:07,  6.06it/s][A




 14%|█▍        | 7/50 [00:01<00:09,  4.50it/s][A




 16%|█▌        | 8/50 [00:01<00:09,  4.30it/s][A




 18%|█▊        | 9/50 [00:01<00:08,  4.69it/s][A




 20%|██        | 10/50 [00:01<00:08,  4.91it/s][A




 22%|██▏       | 11/50 [00:02<00:07,  5.35it/s][A




 24%|██▍       | 12/50 [00:02<00:06,  5.66it/s][A




 26%|██▌       | 13/50 [00:02<00:06,  5.86it/s][A




 28%|██▊       | 14/50 [00:02<00:06,  5.88it/s][A




 30%|███       | 15/50 [00:02<00:05,  5.96it/s][A




 32%|███▏      | 16/50 [00:02<00:05,  6.03it/s][A




 34%|███▍      | 17/50 [00:03<00:05,  6.07it/s][A




 36%|███▌      | 18/50 [00:

I had to kill the process. It ran overnight at 3 leading zeros and was halfway through the 50 trials. The point is taken. With a 4 core laptop, proof-of-work is hard. Very hard. So if you're in the bitcoin mining business where broof-of-work is your bread and butter, you HAVE to get a GPU or you're not even in the game.

Let's visualize what we already have.

In [None]:
import pandas as pd
import seaborn as sns

df = pd.DataFrame({'time': times, 'n_zeros': trial_ids})
sns.pointplot(x='n_zeros', y='time', data=df)
plt.xlabel('N leading zeros in hash')
plt.ylabel('Seconds taken to find suitable nonce')
plt.title('Nonce generation witn n_leading zeros')

One leading zero took almost no time to find, two was ~ 8 seconds, and 3 did not complete computation overnight. The proof is hard.

## Conclusion

This let's us know enough to identify the fibbers when we see them, at least on a very general level. Perhaps we'll work on the notebook more to find other things.