OMENSAH
2/27/2017 - 2:13 AM

Summary of "Bitcoin and Cryptocurrency Technologies" course at Coursera.Org

Summary of "Bitcoin and Cryptocurrency Technologies" course at Coursera.Org

Bitcoin and Cryptocurrency Technologies

Welcome to the MOOC on Bitcoin and Cryptocurrency Technologies where we cut through the hype and get to the core of what makes Bitcoin unique.

Week 1

Lecture 1: Intro to Crypto and Cryptocurrencies

  • Cryptographic Hash Function
    • Any string as input, fixed output (256 bits), efficiently computable
    • Security properties: collision-free, hiding, puzzle-friendly (no solving strategy for finding H(k | x) = y is better than tryinh random values of x)
  • Hash pointer to detect tampering
    • Pointer to where some data is stored
    • (cryptographic) hash of that data
    • Can return the data and verify the integrity of the data
    • Can be used in any pointer-based data struture which does not have cycles
  • Merkel Tree -- binary tree with hash pointers
    • Can verify membership in O(log(n)) time
    • Sorted Merkel TRee can verify non-membership in O(log(n))
  • Digital Signature
    • Tied to particular document that was signed
    • Easy to verify, very difficult to forge
    • The play of attacker and challenger
    • Bitcoin uses ECDSA -- Eliptic Curve Digital Signiture Algorithm
  • Public key can act as an identity
    • Anyone can mak new identity by generating new (Secret Key, Public Key) pair, this is called "address" in Bitcoin
    • Addresses are not directly linked to real-world identities, but that can be deduced
  • Simple cryptocurrency
    • Goofy coin
    • "Create Coin [UniqueCoinID]" signed by Goofy
    • "Pay to Alice", includes hash pointer to "Create Coin" and is signed by Goofy
    • Alice can create "Pay to Bob", which includes has pointer to "Pay to Alice" and is signed by Alice
    • Problem -- how to avoid double spending attack by Alice (or Goofy)
    • Solution is ScroogeCoin
    • Scrooge publishes a history of all transactions (a block chain, signed by Scroorge)
    • The history allows to detect double-spending because anyone can verify the chain of transactions
    • Two basic transactions
      • CreateCoiins can create multiple coins and assignes them to people (addresses); each coin has and id and every coin is valid because ... Scrooge said so
      • PainCoin consumes (destroys) some coins and creates new coins of same total value which will belong to certain recepients
      • Coins are immutable, they are never changed, subdivided, etc., they are only created and then consumed (destroyed)
    • The problem is Scrooge -- what if he starts misbehaving, or gets bored; the problem is the centralization

Lecture 2: How Bitcoin Achieves Decentralization

This week we'll look at the mechanics of Bitcoin, that is, we'll learn how the individual components of the Bitcoin protocol make the whole system tick: transactions, scripts, blocks, and the peer-to-peer network.

  • Aspects of decentralization in Bitcoin
    • Peer-to-peer network, open to anyone, low barrier to entry
    • Mining is open to anyone but inevitable to concentration of power
    • Updates to software -- core developers trusted by the community have a lot of power
  • Distributed consensus
    • All correct nodes agree on the same value (which must be proposed by a correct node)
    • Bitcoin is a peer-to-peer network where each transaction is broadcast to all Bitcoin nodes
    • How consesus work in Bitcoin
      • All nodes have a sequence of blocks of transactions they have reached consusus on
      • Each node has a set of outstanding transactions it has heard of
    • Theoretically it is impossible to reach global consensus because of
      • Byznatine generals problem
      • Fischer-Lynch-Paterson -- consensus impossible with a single faulty node
      • Paxos never produces inconsistent results but in rare situations may get stuck
  • Consensus without identity -- the block chain
    • Bitcoin nodes don't have identity, it is difficult due to Sybil attack
    • Implicit consensus -- random node is picked that selects the next block in the chain, and other nodes either agree by extending this block or ignore it by choosing to extend some other block
    • Why does it work -- because it is difficult (nay impossible) to subvert
    • "Zero-confirmation transaction" -- not a good idea
    • The more confirmationsa transaction gets the better the chace it will be accepted; 6 is a good but not a magical number
  • Incentives
    • Can not penilize nodes for misbehaving, but can reward nodes for behaving correctly
    • Incentive 1 -- block reward, currently 25 BTC, halves every 4 years
    • Finite supply of bitcons -- 21 millions, block reward is how new bitcoins are created, runs out in 2140
    • Incentive 2 -- transaction fee, purely voluntary, like a tip
    • Remaining problems
      • How to pick a random node
      • How to avoid a free-for-all due to rewards
      • How to prevent Sybil attacks
  • Proof-of-work -- select nodes in propertion to a resource that no one can monopolize
    • Hash puzzles -- to create block, a node has to find nonce such that H(nonse || prev hash || tx ...) is very small
    • Difficult to compute, only some nodes bother to compete
    • Attacks unfeasable if majority of miners weighted by hash power follow the protocol
    • Nonce must be published as part of the block
  • Mining econsmics
  • What can attacker with "51% consensus" achieve -- steal no, supress tx yes, suppress tx from p2p no, change block reward no, destroy confidence in bincoin likely

Week 2

Lecture 3: Mechanics of Bitcoin