blockchain
play

Blockchain CS 240: Computing Systems and Concurrency Lecture 20 - PowerPoint PPT Presentation

Jan 21, 2023 •333 likes •786 views

Blockchain CS 240: Computing Systems and Concurrency Lecture 20 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material. Bitcoin: 10,000 foot view New bitcoins are created every ~10 min,

  1. Blockchain CS 240: Computing Systems and Concurrency Lecture 20 Marco Canini Credits: Michael Freedman and Kyle Jamieson developed much of the original material.

  2. Bitcoin: 10,000 foot view • New bitcoins are “created” every ~10 min, owned by “miner” (more on this later) • Thereafter, just keep record of transfers – e.g., Alice pays Bob 1 BTC • Basic protocol: – Alice signs transaction: txn = Sign Alice (BTC, PK Bob ) – Alice shows transaction to others… 2

  3. Problem: Equivocation! Can Alice “pay” both Bob and Charlie with same bitcoin ? ( Known as “double spending” ) 3

  4. How traditional e-cash handled problem Bank Alice Bob • When Alice pays Bob with a coin, Bob validates that coin hasn’t been spend with trusted third party • Introduced “blind signatures” and “zero-knowledge protocols” so bank can’t link withdrawals and deposits 4

  5. How traditional e-cash handled problem Bank Alice Bob • When Alice pays Bob with a coin, Bob validates that coin hasn’t been spend with trusted third party • Introduced “blind signatures” and “zero-knowledge protocols” Bank maintains linearizable log of transactions so bank can’t link withdrawals and deposits 5

  6. Problem: Equivocation! Goal: No double-spending in decentralized environment Approach: Make transaction log 1. public 2. append-only 3. strongly consistent 6

  7. Bitcoin: 10,000 foot view • Public – Transactions are signed: txn = Sign Alice (BTC, PK Bob ) – All transactions are sent to all network participants • No equivocation: Log append-only and consistent – All transactions part of a hash chain – Consensus on set/order of operations in hash chain 7

  8. Cryptographic hash function ( and their use in blockchain ) 8

  9. Cryptography Hash Functions I • Take message m of arbitrary length and produces fixed-size (short) number H(m) • One-way function – Efficient: Easy to compute H(m) – Hiding property: Hard to find an m , given H(m) • Assumes “m” has sufficient entropy, not just {“heads”, “tails”} – Random: Often assumes for output to “look” random 9

  10. Cryptography Hash Functions II • Collisions exist: | possible inputs | >> | possible outputs | … but hard to find • Collision resistance: – Strong resistance: Find any m != m’ such that H(m) == H(m’) – Weak resistance: Given m, find m’ such that H(m) == H(m’) – For 160-bit hash (SHA-1) • Finding any collision is birthday paradox: 2^{160/2} = 2^80 • Finding specific collision requires 2^160 10

  11. Hash Pointers h = H( ) (data) 11

  12. Hash chains H( ) prev: H( ) prev: H( ) prev: H( ) data data data Creates a “tamper-evident” log of data 12

  13. Hash chains H( ) prev: H( ) prev: H( ) prev: H( ) data data data If data changes, all subsequent hash pointers change Otherwise, found a hash collision! 13

  14. Blockchain Append-only hash chain 14

  15. Blockchain: Append-only hash chain prev: H( ) prev: H( ) prev: H( ) txn 5 txn 6 txn 7 • Hash chain creates “tamper-evident” log of txns • Security based on collision-resistance of hash function – Given m and h = hash(m), difficult to find m’ such that h = hash(m’) and m != m’ 15

  16. Blockchain: Append-only hash chain 16

  17. Problem remains: forking prev: H( ) prev: H( ) prev: H( ) txn 5 txn 6 txn 7 prev: H( ) prev: H( ) txn 6’ txn 7’ 17

  18. Goal: Consensus • Recall Byzantine fault-tolerant protocols to achieve consensus of replicated log – Requires: n >= 3f + 1 nodes, at most f faulty • Problem – Communication complexity is n 2 – Requires view of network participants 18

  19. Consensus susceptible to Sybils • All consensus protocols based on membership… – … assume independent failures … – … which implies strong notion of identity • “Sybil attack” (P2P literature ~2002) – Idea: one entity can create many “identities” in system – Typical defense: 1 IP address = 1 identity – Problem: IP addresses aren’t difficult / expensive to get, esp. in world of botnets & cloud services 19

  20. Consensus based on “work” • Rather than “count” IP addresses, bitcoin “counts” the amount of CPU time / electricity that is expended “The system is secure as long as honest nodes collectively control more CPU power than any cooperating group of attacker nodes.” - Satoshi Nakamoto • Proof-of-work: Cryptographic “proof” that certain amount of CPU work was performed 20

  21. Key idea: Chain length requires work prev: H( ) prev: H( ) prev: H( ) prev: H( ) prev: H( ) txn 8 txn 9 txn 5 txn 6 txn 7 prev: H( ) txn 6’ • Generating a new block requires “proof of work” • “Correct” nodes accept longest chain • Creating fork requires rate of malicious work >> rate of correct – So, the older the block, the “safer” it is from being deleted 21

  22. Use hashing to determine work! • Hash functions are one-way / collision resistant – Given h , hard to find m such that h = hash(m) • But what about finding partial collision? – m whose hash has most significant bit = 0? – m whose hash has most significant bit = 00? – Assuming output is randomly distributed, complexity grows exponentially with # bits to match 22

  23. Bitcoin proof of work Find nonce such that hash ( nonce || prev_hash || block data) < target i.e., hash has certain number of leading 0’s What about changes in total system hashing rate? • Target is recalculated every 2 weeks • Goal: One new block every 10 minutes 23

  24. Historical hash rate trends of bitcoin Currently: 8.2 Exahash/s 2 x 10 18 Tech: CPU → GPU → FPGA → ASICs 24

  25. Historical hash rate trends of bitcoin Currently (Nov ’17): 11 Exahash/s 2 x 10 18 Tech: CPU → GPU → FPGA → ASICs https://bitcoinwisdom.com/bitcoin/difficulty 25

  26. Why consume all this energy? • Creating a new block creates bitcoin! – Initially 50 BTC, decreases over time, currently 12.5 – New bitcoin assigned to party named in new block – Called “mining” as you search for gold/coins 26

  27. Incentivizing correct behavior? • Race to find nonce and claim block reward, at which time race starts again for next block hash ( nonce || prev_hash || block data) – As solution has prev_hash, corresponds to particular chain • Correct behavior is to accept longest chain – “Length” determined by aggregate work, not # blocks – So miners incentivized only to work on longest chain, as otherwise solution not accepted – Remember blocks on other forks still “create” bitcoin, but only matters if chain in collective conscious (majority) 27

  28. Form of randomized leader election • Each time a nonce is found: – New leader elected for past epoch (~10 min) – Leader elected randomly, probability of selection proportional to leader’s % of global hashing power – Leader decides which transactions comprise block 28

  29. One block = many transactions • Each miner picks a set of transactions for block • Builds “block header”: prevhash, version, timestamp, txns, … • Until hash < target OR another node wins: – Pick nonce for header, compute hash = SHA256(SHA256(header)) 29

  30. Transactions are delayed • At some time T , block header constructed • Those transactions had been received [ T – 10 min, T] • Block will be generated at time T + 10 min (on average) • So transactions are from 10 - 20 min before block creation • Can be much longer if “backlog” of transactions are long 30

  31. Commitments further delayed • When do you trust a transaction? – After we know it is “stable” on the hash chain – Recall that the longer the chain, the hard to “revert” • Common practice: transaction “committed” when 6 blocks deep – i.e., Takes another ~1 hour for txn to become committed 31

  32. Transaction format: strawman Create 12.5 coins, credit to Alice Transfer 3 coins from Alice to Bob SIGNED(Alice) Transfer 8 coins from Bob to Carol SIGNED(Bob) Transfer 1 coins from Carol to Alice SIGNED(Carol) Transfer 5 coins from Alice to David SIGNED(Alice) How do you determine if Alice has balance? Scan backwards to time 0 ! 32

  33. Transaction format Inputs: Ø // Coinbase reward Outputs: 25.0→PK_Alice Inputs: H (prevtxn, 0) // 25 BTC from Alice Outputs: 25.0→PK_Bob SIGNED(Alice) change address Inputs: H (prevtxn, 0) // 25 BTC From Alice Outputs: 5.0→PK_Bob, 20.0 →PK_Alice2 SIGNED(Alice) Inputs: H (prevtxn1, 1), H (prevtxn2, 0) // 10+5 BTC Outputs: 14.9→PK_Bob SIGNED(Alice) • Transaction typically has 1+ inputs, 1+ outputs • Making change: 1 st output payee, 2 nd output self • Output can appear in single later input (avoids scan back) 33

  34. Transaction format Inputs: Ø // Coinbase reward Outputs: 25.0→PK_Alice Inputs: H (prevtxn, 0) // 25 BTC from Alice Outputs: 25.0→PK_Bob SIGNED(Alice) Inputs: H (prevtxn, 0) // 25 BTC From Alice Outputs: 5.0→PK_Bob, 20.0 →PK_Alice SIGNED(Alice) Inputs: H (prevtxn1, 1), H (prevtxn2, 0) // 10+5 BTC Outputs: 14.9→PK_Bob SIGNED(Alice) • Unspent portion of inputs is “transaction fee” to miner • In fact, “outputs” are stack-based scripts • 1 Block = 1MB max 34

Recommend

bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2

bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2

MAKE BLOCKCHAIN WORK FOR YOU bluzelle What is Blockchain? Blockchain is a combination of multiple technologies 4 3 2 Consensus 1 Encryption P2P Networks Time Stamp Challenges addressed by blockchain Regulatory and compliance pressures

669 views • 14 slides
Solidus Blockchain Ethan Cecchetti March 26, 2017 Blockchains Blockchain Blockchain

Solidus Blockchain Ethan Cecchetti March 26, 2017 Blockchains Blockchain Blockchain

Solidus Blockchain Ethan Cecchetti March 26, 2017 Blockchains Blockchain Blockchain blockchain blockchain blockchain Blockchain blockchain blockchain Blockchain Blockchain (blockchain) Blockchain blockchain, blockchain

470 views • 12 slides
Blockchain and Distributed Ledgers Blockchain allows mul/ple compe/ng par/es

Blockchain and Distributed Ledgers Blockchain allows mul/ple compe/ng par/es

State of Blockchain at LF Christopher Ferris, CTO Open Technology, IBM Blockchain and Distributed Ledgers Blockchain allows mul/ple compe/ng par/es to securely interact with the same universal

567 views • 31 slides
Blockchain &amp; Banking Ahmed A. Mansour MBA, PMP, ITIL, TOGAF, FL23, Blockchain Expert Who

Blockchain &amp; Banking Ahmed A. Mansour MBA, PMP, ITIL, TOGAF, FL23, Blockchain Expert Who

Blockchain &amp; Banking Ahmed A. Mansour MBA, PMP, ITIL, TOGAF, FL23, Blockchain Expert Who thinks blockchain is the future of banking? Who can explain what blockchain is? Blockchain in Banking 2 Blockchain Key Elements Smart Ledger

517 views • 20 slides
Bitcoin, Blockchain and the Internet of Value Veronika Ktt Frankfurt School Blockchain Center

Bitcoin, Blockchain and the Internet of Value Veronika Ktt Frankfurt School Blockchain Center

Bitcoin, Blockchain and the Internet of Value Veronika Ktt Frankfurt School Blockchain Center E-Mail: veronika.kuett@fs-blockchain.de Internet: www.fs-blockchain.de About FSBC Our Portfolio Research 1 Foster understanding of blockchain

688 views • 24 slides
Welcome to the Government Blockchain Association (GBA) Meet Up May 15 th , 2017 Blockchain

Welcome to the Government Blockchain Association (GBA) Meet Up May 15 th , 2017 Blockchain

Welcome to the Government Blockchain Association (GBA) Meet Up May 15 th , 2017 Blockchain for Homeland Security, Defense and Law Enforcement Agenda Brief Review What is blockchain and why is it important? What are the defining

795 views • 31 slides
Blockchain and Accounting By: Jamie Freiman Rutgers University Overview What is Blockchain?

Blockchain and Accounting By: Jamie Freiman Rutgers University Overview What is Blockchain?

Blockchain and Accounting By: Jamie Freiman Rutgers University Overview What is Blockchain? How does it work? Types of Blockchain systems. Impacts of the Blockchain on business and accounting. Integration with Smart

879 views • 22 slides
TECHNOLOGY (DLT) AND BLOCKCHAIN Blockchain and its applications INTRODUCTION Ishmeet Singh,

TECHNOLOGY (DLT) AND BLOCKCHAIN Blockchain and its applications INTRODUCTION Ishmeet Singh,

DISTRIBUTED LEDGER TECHNOLOGY (DLT) AND BLOCKCHAIN Blockchain and its applications INTRODUCTION Ishmeet Singh, Blockchain Consultant I have built technology products for Fortune 500 companies like MasterCard, MetLife and Adobe. I have also

925 views • 28 slides
The Blockchain #HypetoReality 23 rd May 2017 What is the beginning? Dubai Government Blockchain

The Blockchain #HypetoReality 23 rd May 2017 What is the beginning? Dubai Government Blockchain

The Blockchain #HypetoReality 23 rd May 2017 What is the beginning? Dubai Government Blockchain Strategy 100% of Government documents to be on the Blockchain by 2020 Emirates NBD Branch of the future Two use case were chosen for Pilot

484 views • 23 slides
K&amp;L Gates Blockchain Energizer Vol. 1 A bi-weekly update on applications of blockchain

K&amp;L Gates Blockchain Energizer Vol. 1 A bi-weekly update on applications of blockchain

K&amp;L Gates Blockchain Energizer Vol. 1 A bi-weekly update on applications of blockchain technology in the April 6, 2017 energy industry Molly Suda and Benjamin L. Tejblum In this issue: There is a lot of buzz around blockchain technology and

255 views • 4 slides
CHALLENGES 02/04/2020 OUTLINE : Introduction Blockchain in Cyber security Blockchain and CIA

CHALLENGES 02/04/2020 OUTLINE : Introduction Blockchain in Cyber security Blockchain and CIA

BLOCKCHAIN IN CYBERSECURITY: USAGE AND Abdullah Hamdan CHALLENGES 02/04/2020 OUTLINE : Introduction Blockchain in Cyber security Blockchain and CIA Blockchain Security applications Blockchain Security challenges Conclusion 2 INTRODUCTION

413 views • 12 slides
An Overview of Blockchain and Delawares Blockchain Initiative Matthew J. OToole September

An Overview of Blockchain and Delawares Blockchain Initiative Matthew J. OToole September

Sponsored By: An Overview of Blockchain and Delawares Blockchain Initiative Matthew J. OToole September 29, 2018 National Public Records Research Association Annual Conference Overview of Blockchain/DLT Broad/high-level overview

217 views • 9 slides
Blockchain At Your Fingertips INTRODUCTION WE ARE RAPIDS! BLOCKCHAIN AT YOUR FINGERTIPS We are a

Blockchain At Your Fingertips INTRODUCTION WE ARE RAPIDS! BLOCKCHAIN AT YOUR FINGERTIPS We are a

Blockchain At Your Fingertips INTRODUCTION WE ARE RAPIDS! BLOCKCHAIN AT YOUR FINGERTIPS We are a creative agency with a passion for innovation and the design of beautiful creations. We have all envisioned certain aspects of past cryptocurrency

441 views • 26 slides
Blockchain and Crypto By David and Lukas Blockchain and Crypto By David and Lukas Topics

Blockchain and Crypto By David and Lukas Blockchain and Crypto By David and Lukas Topics

Blockchain and Crypto By David and Lukas Blockchain and Crypto By David and Lukas Topics Overview What is Bitcoin? What is a Blockchain? Blockchain and Bitcoin In-Depth Transactions New Blocks Forks Nakamotos Forerunners Smart

708 views • 48 slides
The State of Blockchain and Its Impact on Finance Profession What do Blockchain and

The State of Blockchain and Its Impact on Finance Profession What do Blockchain and

The State of Blockchain and Its Impact on Finance Profession What do Blockchain and cryptocurrency really mean and what are the opportunities? What about the risks that come with such wholesale change to business processes. Learn this and more

1.22k views • 32 slides
The Blockchain Josh Vorick Bitcoin is a currency. Blockchain is a technology. What is a

The Blockchain Josh Vorick Bitcoin is a currency. Blockchain is a technology. What is a

The Blockchain Josh Vorick Bitcoin is a currency. Blockchain is a technology. What is a blockchain? A decentralized database that anyone can add to and no one can delete from The Bitcoin blockchain Why You Should Care Bitcoin

1.02k views • 76 slides
Is GDPR a Roadblock to Blockchain? 1. Swiss Symposium Blockchain Research, Zurich, May 14th Jrn

Is GDPR a Roadblock to Blockchain? 1. Swiss Symposium Blockchain Research, Zurich, May 14th Jrn

Is GDPR a Roadblock to Blockchain? 1. Swiss Symposium Blockchain Research, Zurich, May 14th Jrn Erbguth, Dipl.-Inf., Dipl.-Jur. Consultant Legal Tech, Blockchain, Smart Contracts and Data Protection PhD candidate, University of Geneva

739 views • 35 slides
1 2 Overview What is the blockchain? How does it work? Why is there so much interest? Some

1 2 Overview What is the blockchain? How does it work? Why is there so much interest? Some

1 2 Overview What is the blockchain? How does it work? Why is there so much interest? Some example applications Implications of blockchain technology 3 The Blockchain A digital ledger that records the transfer of digital assets. But also

579 views • 36 slides
BLOCKCHAIN ALL YOUR PROBLEMS Proof Engine Tierion turns the blockchain into a global platform

BLOCKCHAIN ALL YOUR PROBLEMS Proof Engine Tierion turns the blockchain into a global platform

BLOCKCHAIN ALL YOUR PROBLEMS Proof Engine Tierion turns the blockchain into a global platform for verifying any data, file, or business process. Anchor Data In The Blockchain Scales to millions of records Receipts are portable

235 views • 9 slides
Quantum &amp; blockchain Best friendmies ! Introduction Blockchain technologies, of which the

Quantum &amp; blockchain Best friendmies ! Introduction Blockchain technologies, of which the

Quantum &amp; blockchain Best friendmies ! Introduction Blockchain technologies, of which the most famous representative is the Bitcoin crypto currency, all have a point in common (hacker thinking : single point of failure) : cryptography.

310 views • 10 slides
THE FUTURE OF BLOCKCHAIN IS NOT BLOCKCHAIN LUKE ANGELL Events and Partnerships Manager

THE FUTURE OF BLOCKCHAIN IS NOT BLOCKCHAIN LUKE ANGELL Events and Partnerships Manager

THE FUTURE OF BLOCKCHAIN IS NOT BLOCKCHAIN LUKE ANGELL Events and Partnerships Manager BLOCKCHAIN FUTURE FESTIVAL 2019 WHAT SEEMS TO BE THE PROBLEM? Two entities: transactions and blocks Miners are gatekeepers Miners are not accountable

545 views • 11 slides
Blockchain for the Real World David Pinski Chief Strategist, Financial Innovation Laboratory

Blockchain for the Real World David Pinski Chief Strategist, Financial Innovation Laboratory

Blockchain for the Real World David Pinski Chief Strategist, Financial Innovation Laboratory September 19, 2017 Todays Topics Quick blockchain recap How blockchain operate The practical hurdles to deploying blockchain in a business

335 views • 21 slides
Private Keys And Security In A World Of Blockchain Mat Cybula Co-Founder &amp; CEO

Private Keys And Security In A World Of Blockchain Mat Cybula Co-Founder &amp; CEO

Private Keys And Security In A World Of Blockchain Mat Cybula Co-Founder &amp; CEO mat@cryptiv.com State of the blockchain 2016 - A big year for blockchain Public Ledgers Evolve Wall Street Places Bets Digital Assets Have Arrived Why this

217 views • 21 slides
The three blockchain The three blockchain technology technology generations? generations?

The three blockchain The three blockchain technology technology generations? generations?

The three blockchain The three blockchain technology technology generations? generations? Hello! Hello! I I am Mark van der Pasch am Mark van der Pasch Master student TU/e Blockchain internship @ Rabobank Fintech &amp; Innovation, BAL

511 views • 17 slides

More recommend