200 likes | 233 Views
A wallet is an address on the Blockchain. Someone wanting to conduct a transaction must send a message with the transaction signed with their private key. ... The computers in the network holding the Blockchain are called nodes. Miners place transactions in blocks in response to proof of work challenges.
E N D
Introduction toBlockchains By ProfessionalGuru
Overview • Prologue: A chess-by-mailanalogy • What problem does a blockchainsolve? • How do theywork? • Hash chains • Deciding what blocks are valid on thechain • Deciding whether we have the currentchain • Permissioned blockchains, proof of work,etc. • Wrapup http://professional-guru.com
Warm-up: AliceandBobwanttoplaychessbymail • Alice sends Bob “1e4” • Bob sends back “1 ...e5” • Alice sends Bob “2Nf3” • ... • Each of these messages is one move in thegame • What’s necessary for them to be able toplay the game? http://professional-guru.com
Theyhavetoagreeonthestateoftheboard • Iftheydon’tagreeonthestateoftheboard,theycan’tplayagame! • Both know the starting positions of theboard. • Both know the sequence of messages sofar. • Those messages make up a transcript of thegame. • Thus, they can reconstruct the state of theboard. Ifweagreeonhistory, weagreeonthepresentstateoftheworld! http://professional-guru.com
What’s that got to do withblockchain? • We have some distributedsystem • We need to all agree on the state ofsome system • Weall agreeontheinitialstateofthesystem • A blockchain contains a history of individualtransactions • Thus: We can all agree on the current state of thesystem • A blockchain lets mutually-distrusting entities agree onhistory... • ...which lets them agree on the state of the systemnow. http://professional-guru.com
Why is thisimportant? • Example:Bitcoin • Suppose I want to transfer 100 BTC toyou. • You need to know whether my account has 100 BTC init. • Forthat,you need toknowthecurrentstateofthesystem. • Note: You need to know the currentstate • Ifyou’relookingatanoldstateofthesystem,Imightbepayingyouwith money I’ve alreadyspent! http://professional-guru.com
What problem does a blockchainsolve? • A blockchain lets us agree on the state of the system, even if wedon’t all trust eachother! • Ultimategoal:Weallneedtoagreeonthestateofsomesystem. • How much BTC in eachaccount? • Who owns whichproperty? • What’s the current state ofmy program? • We can all agree on that if we agree onhistory. • Starting state + history currentstate • Wedon’twantasingletrustedarbiter ofthestateoftheworld. • We want some level of decentralization—not a single point offailure or compromise. http://professional-guru.com
TrustedArbiter • If we had a completely trusted arbiter, we wouldn’t needa blockchain! • We could just define reality as whatever TA said itwas. • For a payment system, imagine TA as thebank • Bank provides the official sequence of transactions and accountbalances • When you want to spend your money, you send a message tobank • Bank permits transaction if you have money, and updates accountbalances. http://professional-guru.com
Why not just have a trustedarbiter, then? • Single point offailure • If the TA goes down for a week, the system stopsworking! • Concentration ofpower • “Hewhocontrolsthepast,controlsthefuture” • TA can censor transactions, impose new conditions to gettransactions included in history,etc. • Maybe there’s nobody we alltrust http://professional-guru.com
Sowhatdoesablockchainbuyus,again? • Distributedsystem • We don’t all trust each other orany single entity • We want to agree onhistory • ...so we can agree on the state of oursystem... • ...so we can dosomething. • We get the functionality of a trustedarbiter... • ...without needing a trustedarbiter http://professional-guru.com
Blockchains: How do theywork? http://professional-guru.com
How does itwork? • A blockchain is a sequence of hash-chainedrecords • Once you’ve seen record N, you can’t change anything in thepast. • Some procedure for adding blocks toblockchain • Who gets to addblocks? How is itdone? • Validity conditions for newblocks • Aretransactionsvalid? Are digitalsignatures correct? Etc. • Enforced by consensus-–chains with invalid blocks won’t beaccepted. • Some procedure for deciding between alternativecandidate blockchains. • When Alice and Bob have different pictures of history, there’ssome way for themtoeventuallycometoagreementaboutwhoisright. http://professional-guru.com
Building Block: Cryptographic hashfunctions • A cryptographic hashfunction: • Takes any bitstring as an input* (Like a 10 MBfile) • Produces afixed-lengthoutput (Typically 256 or 512bits) • Nobody can findcollisions. • Examples: SHA256, SHA512, SHA3-256,RIPEMD-160 • *Sometimes there’s a (really huge) maximum input length. http://professional-guru.com
What’s acollision? • Suppose I can find two different inputs X and Y so that Hash(X) =Hash(Y) • That’s acollision. • For a cryptographic hash function to be any good, it needs tobe • collision-resistant. • That just means it’s impossible in practice to findcolliding inputs. http://professional-guru.com
Why is collision resistanceuseful? • If nobody can find X != Y such that Hash(X) ==Hash(Y), • ...then we can use hash(X) as a kind of message digest ofX. • Digital signatures actually sign hash(message) instead ofmessage. • Nobody can change X without changinghash(X) • Iftheycoulddothat,theycanfindcollisionsfor hash() • hash(X) also commits toX. • Once I’ve seen hash(X), later, you can show me X, and I’ll know it’s thevalue you committedto • ...youcan’tshowmesomeotherX*,becauseitwon’thavethesamehash. http://professional-guru.com
Building block: Hashchains Figure: A sequence of records linked together; each record contains the hash of the previousrecord. http://professional-guru.com
What’s a hashchain? • A hash chain is a sequence of records in which each record contains thehashoftheprevious recordinthechain,andthehashofallthe current record’scontents. Figure: A sequence of records linked together; each record contains the hash of the previousrecord. http://professional-guru.com
What does that buyus? • We’re using a cryptographic hash function likeSHA256. • That means nobody can find two inputs with the same hashvalue. • ...and that means that record N contains a commitment to recordN-1 • ...which contains a commitment to record N-2, which containsa commitment to record N-3, and soon. Figure: A sequence of records linked together; each record contains the hash of the previousrecord.
Figure: A change in one record in the hash chain propagates forward to change the hashes in all futurerecords.
Hash chains and blockchains • Hash chains have the property that every record containsa commitment to all previousrecords. • If you change record N, this changes the final hashes ofrecords N+1, N+2, ... • Result: Once we all accept record N, we have locked in the contentsof record 1, 2, 3, ..., N-1 as well. • Blockchains use hash chains as acomponent • Hash chains are also useful in a lot of othercontexts • For example, a system with a trusted arbiter can use a hash chain to limitthe arbiter’s power—even the arbiter can’tchange history. http://professional-guru.com