# Blockchain

**Map**

- Blockchain
    - `what`
    - `how`
    - `why` (short)
- Discussion
    - Opportunities
    - Challenges

## 1. The `what`

### 1.1 Distributed systems

<center><b>Collections of independent machines working together to <mark>achieve a common goal</mark></b></center>
    
- **Coordination** obtains by **messaging** over the network
- The system acts as a **single coherent system** 

**Key dimensions**
- `fault tolerance` 
- `liveness`
- `scalability`

<!-- <center><img src = 'figures/distributed_system.png' width = 500></img></center>  -->

:::{figure} figures/distributed_system.png
:width: 300px
:align: center
:::

**Example**: The Internet 
- <u>Goal</u>: transfer of information (`TCP`/`IP` protocols, etc.) 
- <u>Killer application</u>: e-mail

### 1.2 Distributed ledgers
A subfield of **distributed systems**

<center><b>Collections of independent machines operating <mark>common digital records</mark></b></center>

<!-- - Use cases: where maintaining a **consistent** and **immutable** record of data is **critical**.
    - Example: ledger of transactions
 -->

**Additional key dimensions** 
- `synchronization` 
- `consensus`
- `tamper-proof` 

<!-- <center><img src = 'figures/distributed_ledger.png' width = 500></img></center>-->

:::{figure} figures/distributed_ledger.png
:width: 300px
:align: center
:::

**Example**: The `Bitcoin` protocol
- <u>Goal</u>: transfer of token ownership
- <u>Killer application</u>: *to be determined*...

### 1.3 Elements of a Distributed Ledger Technology

| <u>Element</u>    | <u>Roles</u>  |
|-------------|-----------------|
| **Ledger**      | Record storage         |
| **Users**       | Viewers <br> Contributors         |
| **Nodes**       | Validators <br> Recorders       |
| **<mark>Protocol</mark>**    | Governance <br> Consensus           |

### 1.4 Protocol design

In distributed systems $\to$ **no single authority**.

$\to$The <b>protocol</b> fixes <b>explicit rules</b> to ensure <mark><b>consistent & immutable</b> record-keeping</mark>

- Nodes
- Users
- Ledger

##### 1. Rules for nodes & users

**Access & communication rights** for all participants  
(nodes and users)

<center><i> Who can <b>read/write</b> data <br> How to <b>contribute</b> data </i></center>

Protocol specifies:
- Identification (`address`, `public-private key pairing`)
- Authentification (`signature`)
- Validation (`proof-of-work`, `proof-of-stake`)

##### 2. Rules for the ledger

**Consensus & recording rules** to update the ledger.

<center><i>What is <b>true/correct</b> data <br> How is data <b>recorded/protected</b></i></center>


The protocol specificies 

- Verification 
    - Authorization (`hash functions`)
    - Validity (`double spending`)
- Consensus mechanism (`proof-of-work`, `proof-of-stake`, `block rewards`, etc.)

### 1.5 Decentralisation spectrum

DLT allow for **degrees of decentralization** as a function of the rights of participants
- Visibility (`read`)
- Access (`write`)
- Liability (`identity`)

**Main dimensions**

|             <u>Participants</u>           | <u>Closed</u> | <u>Open</u>           |
|-------------------------|------------------|-----------------------------|
| **Read** | Private          | Public                      |
| **Write**  | Permissioned     | Permissionless              |
| **Identity**      | Legal entity     | Pseudonymous      |

$\to$ `Blockhain` technologies allow for a fully **open** design


$\to$  <mark><b>Public x Permissionless x Pseudonymous</b></mark>



<center><i>What is the value of this specific combination?</i></center>

<!-- |             Participants           | `Blockchain` |
|-------------------------|------------------|
| **Access**  | Permissionless              |
| **View** | Public                      |
| **Identity**      | Pseudonymous      | -->

### 1.6 The computer in the sky

The ideal **technical vision** for fully decentralized DLT like `blockchain` is a

<center><mark><b><u>Public good virtual machine</u></b></mark></center>


- **General purpose computation**: run any software (protocol/smart contracts)
- **No physicallity / central authority**: no shutting down nor tampering
- **Universal access**: deployment / view / contribution
- **Enforced property right**: use / exclusion / transfer
    
    
> "*This combination is the super power of the blockchain technology*"
>
> -- Roughgarden (2024)

<!-- <div style="text-align: center"> Roughgarden (2024)</div> -->



### 1.7 First apps: crypto tokens and payments 
`Bitcoin`, `Ethereum`, `Solana`, etc.

- Public ledgers of **token ownership**
- Nodes follow protocols/smart contracts to **validate transfers**
    - Validity constrains: No double spending, balance consistency, authorization, etc.
- **No shut down button**
- **Universal access** on all sides
- Self-custody of keys and related assets enable **property rights**

## 2. The `how`

Mix of **cryptographic** technology and **economic** design.

**Cryptographic dimension** $\to$ <mark>Guarantee on records</mark>

- Public
- Permissionless / Pseudonimity
- Tamper-proof
    
**Economic dimension** $\to$ <mark> Guarantee on behavior</mark>
- Production/selection of valid records
- Resistance towards adverse scenarios
    
<!-- 
Backward approach here:
1. `what` the blockchain guarantees for recorded data
2. `how` to guarantee records of new data  -->

### 2.1 Crypto guarantees 

**A `blockchain` ensures that**
- Every record is **public** and **verifiable** by anyone
- **Anyone** can authorize transfers without losing **privacy**
- Historical records are **immutable**

**The `blockchain` worldview** 

<center><b>What is an entry?</b></center>

When records are transactions, they require:
1. An origin
2. A destination
3. Amount
4. Authorization

| | Origin | Destination | Amount | Authorization| (other)|
|:-|:-|:-|:-|:-|:-|
|**true information** |`Tarik` | `Laura` | 5 BTC | Signature (`Tarik`) | fee, message, etc.|
<!-- |**public information** | x012jdoijdpoj.. | x32ffwew.. | 5 BTC | Signature (x012jdoijdpoj..) | etc.| -->

<center><b>Blockchain pseudonymity</b> $\to$ Operate under adresses</center>

| | Origin | Destination | Amount | Authorization| (other)|
|:-|:-|:-|:-|:-|:-|
|**true information** |Tarik | Laura | 5 BTC | Signature (Tarik) | fee, message, etc.|
|**public information** | <mark>x012jdoijdpoj..</mark> | <mark>x32ffwew..</mark> | 5 BTC | Signature (<mark>x012jdoijdpoj..</mark>) | fee, message, etc|

**Guarantees**

Records must be 
<center> <mark><b>Public x Permissionless x Pseudonymous | Verifiable & Immutable </b></mark></center>

Properties obtain from **elements of cryptography**
1. `Key pairs`
2. `Public signatures`
3. `Hash functions`

$\to$  <mark><b>This is the secret sauce</mark></b>

#### 1. Key pairs

In **public-key cryptography**, there are 2 keys:
  1. `PrivKey` $\to$ the **private key** 
  2. `PubKey`$\to$ the **public key** 

such that
```python
    PubKey = G . PrivKey
```

**Properties**
1. **<mark>Costless verification</mark>** $\to$ `PubKey` can be easily derived from the `PrivKey`.
2. **<mark>Pre-Image resistance</mark>** $\to$ Given `PubKey`, impossible to obtain `PrivKey`

**What is an identity/account in a blockchain?** 

- A user's identity is an **address** which obtains from the `PubKey`.

| | Origin | Destination | Amount | Authorization| (other)|
|:-|:-|:-|:-|:-|:-|
|**true information** |Tarik | Laura | 5 BTC | Signature (Tarik) | fee, message, etc.|
|**public information** | <mark>x012jdoijdpoj..</mark> | <mark>x32ffwew..</mark> | 5 BTC | Signature (<mark>x012jdoijdpoj..</mark>) | fee, message, etc|



- Key pairs are **freely** generated through **`asymmetric encryption`**

In [4]:

generate_key_pair()

Private Key: 5c67b6fac421cab616862a7b533c5fde318ff758c697aa3049b93e5067b9888a
Public Key: 11e5e499d50449f58730509a1920331e24c5bcf09e3e818a8eba61ee5f27de82c526fd9ebff4b6040f018c6e4c744f37365f58b1054ffeecea8fd018da284edd


<center> <b><mark>Permissionless</mark> <mark>Pseudonymity</mark></b></center>

#### 2. Public signatures

To guarantee legitimate **communication** in an <u><b>open ecosystem<b></u> <br>(**permissionless and pseudonymity**)

`Blockchain` protocols require

- Messages (transaction records) are **publicly signed**
- Signatures need to be **unique** and **verifiable**
    - Only one adress to one signature
    - Everyone can confirm the validity of a signature

Given a message `x` (transaction), **crypto signatures** rely on 2 functions:
1. `Sign()`
2. `Verify()`

The **private key** signs the message
```python
    Signature = Sign(x, PrivKey)
```

The **public key** is used to verify the signature
```python
IsValid = Verify(x, Signature, PubKey)
```


| | Origin | Destination | Amount | Authorization| (other)|
|:-|:-|:-|:-|:-|:-|
|**true information** |Tarik | Laura | 5 BTC | Signature (Tarik) | fee, message, etc.|
|**public information** | <mark>x012jdoijdpoj..</mark> | <mark>x32ffwew..</mark> | 5 BTC | **`Signature `(`x`, <mark>x012jdoijdpoj..</mark>)** | fee, message, etc|



<center> <b><mark>Verifiabilty</mark> <br>  <mark>Authentication</mark> <mark>Property Rights</mark></b></center>

#### 3. Hash functions

A **hash function** is a mathematical object $H()$ that 
- takes any **input** (`x`)
- returns a <b><u>deterministic fixed-size string of bytes</u></b> $h$ <br> which appears **random**  (`hash`)

**Random looking fixed sized hash**

In [6]:
hash_function_example_1()

first input	ero;ifhqwpoiufhqew;oifnwqo;fiweqhfo;iuweh;oweiuhweo;ihnweo;fih

Input 1: ero;ifhqwpoiufhqew;oifnwqo;fiweqhfo;iuweh;oweiuhweo;ihnweo;fih
Hash 1 : 380db4c688cc288f16fda3157c8f9b5ef5002d286ec0c4852d7b839dc24f62ec



**The beauty of hashing**

$$H(x) = h$$

| **Hash Property** | **Description** |
|-------------------|-----------------|
| **Fixed size & pseudo-randomness** | Output always has fixed length, looks random. |
| **Costless verification** | Given $x$, easy to compute $H(x)$. |
| **Pre-image resistance** | Given $h$, infeasible to find $x$. |
| **Collision resistance** | No $x$ and $y$ such that $H(x)=H(y)$ when $x \neq y$. |
| **Avalanche effect** | Small changes in $x$ produce totally different $H(x)$. |

**The Avalanche effect**

In [8]:
hash_function_example_2()

first input	sdfa dec 10
second input	sdfa dec10

Input 1: sdfa dec 10
Hash 1 : fea5f4791fb99178b6a3e3406756a9f913ef5cb9bb8fe836da6da989b4c94d02

Input 2: sdfa dec10
Hash 2 : f494ec3e8bc7ed0df8f16526f2f071c13760e7f3467f2d1b3b023710171b8629



**Hashing to guarantee immutability**

A **blockchain** = a chain of **blocks** connected through **hashes**

Each block contains 
- List of records + the **`hash`**
- Reference to the previous block (**`hash`**)

$\to$ <b><u>Costless detection</u></b>: Any micro-change radically transforms the <b>hash</b> (<b>Avalanche effect</b>)

**Block structure**

<!-- <center><img src = 'figures/block.jpg'></img></center> -->

:::{figure} figures/block.jpg
:width: 200px
:align: center
:::




<!-- 
|<u>Block</u> |
|:---|
|**Header**|
|- Hash of previous block <br> - Timestamp <br> (- Nonce) <br> (- Merkle root)|
|**Body**|
| {Transaction data} | -->

**Chain of blocks**

<!-- <center><img src="figures/blockchain.png"  width="1000"><center> -->

:::{figure} figures/blockchain.png
:width: 600px
:align: center
:::

### **Properties of Blockchain**

<center> <mark>key-pairing</mark> + <mark>signatures</mark> + <mark>hashing</mark> $\to$ <b>Crypto guarantees</b></center>

| **Property** | **Description** |
|--------------|-----------------|
| **Tamper-Proof** <br> by virtue of hashing | Each block’s hash depends on its content and the previous block’s hash.<br> The **Avalanche effect**: infinitesimal changes in one block alter the entire chain. |
| **Public access** <br> by virtue of crypto keys | Activity is recorded as entries signed by **free public keys**.<br> Anyone can verify signatures, ensuring **transparency** and **auditability**. |
| **Privacy + <br> Private ownership** <br> by virtue of crypto signatures | Only the the `PrivKey` can initiate new activity from a **public address**|

### 2.2 Economic guarantees

How to ensure new records are valid?

- Special participants
- Vulnerabilities
- Consensus
- Incentives

#### 1. Special participants: Validators / Miners

**Validators** are responsible for 
- **Updating** 
- **Maintaining the integrity/security** 

of the `blockchain`

<!-- <center><img src="figures/validators.png"  width="1000"><center> -->

:::{figure} figures/validators.png
:width: 1000px
:align: center
:::

**Workflow**

**Initial state**: users broadcast messages (transactions) to be recorded on the ledger

1. Validators **collect records** and (when selected) propose **blocks**

3. Validators **validate other blocks**

4. **When consensus $\to$ update local ledger**: The proposed block is added to the blockchain: all validators add it to their local copy of the blockchain.

**Example of <mark>validity</mark> in payments**

A transaction is **valid** if:
- Transfer between **existing** addresses
- **Amount** under the balance of the originator (`no double spending`) 
- Transfer is **authorized** by the originator (valid `signature`)

**A glimpse into `Smart Contracts`** 

<center>From <b>valid payment</b> $\to$ to <b>valid action</b></center>

In general, validators verify **state transitions**. 

A valid action must:
1. Refer to **valid objects** in the state <br> <u>ex:</u> *addresses*
2. Respect the **protocol rules** <br> <u>ex: </u>*valid transaction*
3. Be **authorized** by the right keys/roles <br> <u>ex: </u>*signature*
4. Produce a **valid new state** <br> <u>ex: </u>*token transfer*

The `smart contracts` framework:
- **Rules** <br> Sequences of `IF ... THEN ...` / `FOR`
- **Objects** <br> Adresses, tokens, data feeds, ownership, etc.
- **Actions** <br> Arbitrary state transitions 
<br> <u>ex:</u> *swap/exchange, insurance, credit, etc.*


*More on this in the DeFi lecture*

#### 2. Blockchain vulnerabilities

**Pseudonymity** and **universal** access at **zero-cost** introduces <mark>**critical vulnerabilities**</mark> in the validation process

- **Malicious or faulty behavior**   
    $\to$ `Byzantine fault tolerance`
- **Majority control**     
    $\to$ `Sybil attacks`


**Pseudonymity vulnerability**
- If some validators are **faulty** or **malicious**, how to guarantee consensus? 
    - This is known as the **Byzantine General Problem**.
- **`Byzantine Fault Tolerance` (BFT)** $\to$ ability to **maintain network functionality and consensus** even when some participants behave improperly.

**The cost of zero-cost**
- If adresse can be freely generated, an adversary can influence outcomes through **fake identities** (**`Sybil` nodes**) to overwhelm honest validators
    - This is know as **`Sybil attack`**
- **`51% attack`** $\to$ control over a **majority** of the network’s validating power 
    - Power to rewrite, induce or block transactions.

#### 3. Consensus

In `Blockchains`, **consensus mechanisms** are designed to 
- **Synchronise** the ledger across the network
- Ensure `Byzantine Fault Tolerance`
- Resist against `Sybil attacks`

<b><u>General fix</u></b> 

<b>Costly actions</b> $\to$ Attacks on the ledger become too expensive to undertake

1. **Selection of a validator** to propose a block <br> $\to$ **Condition** on some **cost** faced by the validator (ex-ante / ex-post)<br> + Random selection (lottery)

2. **Rewards to a validator** from proposing a block <br> $\to$ **Conditional** upon **references from blocks downstream**

**Intuition**

| **Vulnerability** | **Solution** | **Explanation** |
|-------------------|--------------|-----------------|
| `Sybil attack` | Make **validation costly** | Economically infeasible to create enough fake identities to influence the network (`51% attack`) |
| `Byzantine fault failures` | Force **coordinated validation** | Economically infeasible to risk referencing or building on faulty or inconsistent blocks. |

<!-- 
- Prevents `Sybil attacks` by making **validation costly** <br> $\to$ infeasible to create enough fake identities to influence the network (`51% attack`).
- Ensures `Byzantine Fault Tolerance` by forcing **validation coordination** <br> $\to$infeasible to risk reffering blocks to faulty records. -->

##### Examples

**Proof of Work (PoW)** (`Bitcoin`) 

- **Costly action**: validators (**miners**) solve **computationally difficult cryptographic puzzles** before they can propose new blocks.
    -  Significant computational resources (and electricity) to solve the cryptographic puzzles.
- The **difficulty** is adjusted to the size of the miner market.
- **Risk of Centralization**: small number of miners with large computational power could have a disproportionate influence over the network.

**Proof of Stake (PoS)** (`Ethereum 2.0`) 
- Validators **stake their wealth** as collateral to back their block selection.
- **Allocation** of new blocks permits based on a **validator's staked amount.**
    - In case of **misconduct**, stakes are **slashed**.
- **Energy Efficiency**: unlike PoW, PoS does not require validators to perform computational work, thereby reducing energy consumption.
- **Risk of Centralization**: small number of validators with large stakes could have a disproportionate influence over the network.

#### 4. Economic incentives

Validators/miners **invest** time, computational resources, and capital into maintaining the blockchain. 

**Sources of revenue**

- **Block rewards** <br> Minting of new tokens allocated to successful block creators.
    - Algorithmic (deterministic) monetary policy

- **Transaction fees** <br> Fees paid by users when submitting a transaction
    - Manage network congestion
    - Prevent spamming and DoS attacks

## 1.3 The `why`


### Issues with centralized alternatives

Primary issues of centralization

- **Data Manipulation**
- **Market power**
- **Entry barrier**
- **Privacy**
- **Lack of innovation**

Ulimately, the key is the **governance of information** and how it structures the economics of information-intensive markets 

*More on this in the DeFi Lecture*

# 3. Discussion 
- Efficiency of DLT
- Technological developments
- Challenges and opportunities for regulators/supervisors

## The efficiency of DLT

The **Blockchain Trilemma** is the **inherent trade-offs** between three key properties of blockchain networks:

1. **Decentralization** <br> Distribution of control and decision-making
2. **Security** <br> Guarantee for integrity and reliability of records
3. **Scalability** <br> Capacity to scale without degrading performance

<b><u>Trilemma</u></b>: **Protocol design** can optimize for **<mark>only two of these three properties</mark>** simultaneously without compromising the third. 

<!-- <center><img src = 'figures/trilemma.png' width = 1000></img></center> -->

:::{figure} figures/trilemma.png
:width: 600px
:align: center
:::

**Intuition**

* **Scalability**
<br> Bigger blocks, faster validation <br>$\to$ reduces **security** (more attack surface)
<br> Fewer nodes <br>$\to$ reduces **decentralization**

* **Decentralization**
<br> More nodes, more distributed control <br>$\to$ reduces **scalability** (slower consensus) <br>$\to$ reduces **security** (coordination harder, higher latency).

* **Security**
<br> Stricter validation, slower consensus production <br>$\to$ reduces **scalability** (lower throughput) <br>$\to$ reduces **decentralization** (more resources needed to participate).

### The evolving technological landscape

**Continuous developments**

- **Blockchain Trilemma**: Balancing **decentralization**, **security**, and **scalability**.<br> $\to$ `Layer 2` solutions, `sharding`, and new consensus protocol
- **Hash properties**: Ensure properties like **pre-image resistance** are not violated. <br> $\to$Threats from **quantum computing**.
- **MEV (Miner/Maximal Extractable Value)**: Validators can extract additional value through **transaction ordering**. <br> $\to$ Implications for market fairness and transparency.
- **Interoperability Solutions**: Technologies to **bridge** over different blockchains (`Polkadot`, `Cosmos`). <br> $\to$ New sources of risk and efficiency.
- **Privacy-Preserving Technologies**: Development of **Zero-knowledge proofs** (`zk-SNARKs`) and confidential transactions. <br> $\to$ New challenges/opportunities for liability and monitoring.
  

### Opportunities and challenges for regulation and supervision


**Opportunities**
- **On-Chain activity monitoring**<br> Blockchains provide unprecedented **visibility into transaction histories**. Supervisors can leverage this transparency to detect illicit activities, monitor systemic risks, and analyze macroeconomic indicators.
- **Smart contracts and automated oversight**<br> Smart contracts can automatically enforce compliance and reporting standards, enabling real-time oversight. <br> `Embedded supervision`
- **Improved data integrity** <br> Data on blockchains is tamper-proof and timestamped, which reduces the potential for fraud and enhances the reliability of supervisory data


**Challenges**
- **Pseudonymity**<br> Challenge to link `on-chain` activity with real-world entities. 
- **Regulatory arbitrage and global deployment** <br> Entities may choose to operate in jurisdictions with weaker regulations while deploying their services globally
- **Protocols & Smart contract** <br> Unintentional bugs may have severe impact. Malicious actors can exploit flaws in smart contract code. Enforcement power over protocols is limited.
- **Protocol upgrades and hard forks**<br> Divergences in blockchain communities can lead to protocol forks, creating risks of network instability or fragmentation.

---

## Appendix

In [1]:
import hashlib
from ecdsa import SigningKey, SECP256k1

# Function to generate a hash using SHA-256
def generate_hash(input_string):
    # Create a new sha256 hash object
    sha256_hash = hashlib.sha256()
    
    # Update the hash object with the bytes of the input string
    sha256_hash.update(input_string.encode('utf-8'))
    
    # Return the hexadecimal digest (the hash value)
    return sha256_hash.hexdigest()

def hash_function_example_1():
    # Input strings
    input1 = input("first input\t")
#     input2 = input("second input\t")

    print(f"\nInput 1: {input1}")
    print(f"Hash 1 : {generate_hash(input1)}\n")
#     print(f"Input 2: {input2}")
#     print(f"Hash 2 : {generate_hash(input2)}\n")

def hash_function_example_2():
    # Input strings
    input1 = input("first input\t")
    input2 = input("second input\t")

    print(f"\nInput 1: {input1}")
    print(f"Hash 1 : {generate_hash(input1)}\n")
    print(f"Input 2: {input2}")
    print(f"Hash 2 : {generate_hash(input2)}\n")

def generate_key_pair():
    # Generate a private key (using SECP256k1 curve, used by Bitcoin)
    private_key = SigningKey.generate(curve=SECP256k1)

    # Derive the public key from the private key
    public_key = private_key.get_verifying_key()

    # Convert keys to hexadecimal format
    private_key_hex = private_key.to_string().hex()
    public_key_hex = public_key.to_string().hex()

    # Print the private and public keys
    print("Private Key:", private_key_hex)
    print("Public Key:", public_key_hex)