1 / 31

Bitcoin: P2P Electronic Cash System

Bitcoin: P2P Electronic Cash System. Cao Phương Nhất Duy Nguyễn Huỳnh Như Ý. Introduction. Commerce on the Internet rely on financial institutions Reversible transactions Increase transaction cost, cut off possibility for for small casual transactions Large cost for non-reversible service

sumana
Download Presentation

Bitcoin: P2P Electronic Cash System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Bitcoin: P2P Electronic Cash System Cao Phương Nhất Duy Nguyễn Huỳnh Như Ý

  2. Introduction • Commerce on the Internet rely on financial institutions • Reversible transactions • Increase transaction cost, cut off possibility for for small casual transactions • Large cost for non-reversible service • A certain percentage of fraud is accepted as unavoidable

  3. Introduction

  4. Proposal • A system allow any two willing parties to transact directly without the need for trusted third party • Transactions that are computationally impractical to reverse would protect sellers from fraud • Lower transaction fee • Problem of double-spending

  5. Proposal • Peer to peer distributed system • Timestamp system • Based on proof-of-work

  6. Transactions • A bitcoin is defined by a chain of digitally-signed transactions • It is possible to consider the coin as a token digitally signed by the owner that desires to transfer the currency. • Owner transfer the coin to the next by signing a hash of previous transaction and public key of next owner • Can’t check double-spending

  7. Transactions

  8. Timestamp Server • Double-spending??? • Without a trusted third party? • A system that all participants agree on a single history of order of transaction.

  9. Timestamp Server • Take a hash of a block of items to be timestamped • Widely publish the hash • Each timestamp includes the previous timestamp in its hash, forming a chain, with each additional timestamp reinforcing the ones before it.

  10. Proof-of-work system • Require some work from the service requester, usually meaning processing time by a computer • To implement a distributed timestamp server on a peer-to-peer basis, we will need to use a proof-of-work system • Once the CPU effort has been expended to make it satisfy the proof-of-work, the block cannot be changed without redoing the work

  11. Hashcash • Was proposed in March 1997 by Adam Black • Add stamp to email header to prevent spam • X-Hashcash: 1:40:1303030600:adam@cypherspace.org::McMybZIhxKXu57jd:FOvXX • Sha1 = 000000000031791ed06fd1c882dc26e663dcc3c2

  12. Timestamp based on proof-of-work • Hashcash like proof-of-work • Timestamp model • Double-SHA256 hash

  13. Proof-of-work • Majority decision is represented by the longest chain • To modify past block, an attacker would have to redo the proof-of-work of the block and all blocks after it • Difficulty is changed based on network status • Expected to produce 1 block / 10 minutes • Every 2016 blocks (~ 2 weeks), network scales difficulty

  14. Network • New transactions are broadcast to all nodes. • Each node collects new transactions into a block. • Each node works on finding a difficult proof-of-work for its block. • When a node finds a proof-of-work, it broadcasts the block to all nodes. • Nodes accept the block only if all transactions in it are valid and not already spent. • Nodes express their acceptance of the block by working on creating the next block in the chain, using the hash of the accepted block as the previous hash.

  15. Network • Nodes always consider longest chain to be the correct one • If two nodes broadcast different versions of the next block simultaneously. Other nodes work on the first one they received, but save the other branch in case it becomes longer • When one branch becomes longer, the nodes that were working on the other branch will then switch to the longer one • New transactions and block do not necessarily need to reach all nodes

  16. Network • "Length" is calculated as total combined difficulty of that chain, not number of blocks. • These blocks on the shorter chains are often called "orphan" blocks.

  17. Incentive • By convention, the first transaction in a block is a special transaction that starts a new coin owned by the creator of the block. • This adds an incentive for nodes to support the network and provides a way to initially distribute coins into circulation, since there is no central authority to issue them. • The incentive can also be funded with transaction fees. • The incentive may help encourage nodes to stay honest.

  18. Reclaim Disk Space • Once the latest transaction in a coin is buried under enough blocks, the spent transaction before it can be discarded to save disk space. • Transactions are hashed in Merkle Tree. • Only the root included in block’s hash

  19. Simplifed Payment Verification • It’s possible to verify payments without running a full network node. • Only need to keep block headers of the longest proof-of-work chain. • Query network nodes to confirm longest chain and obtain Merkel branch linking the transaction to the block. • He can see the that a network node has accepted it, and blocks added after confirm the network has accepted.

  20. Simplified Payment method

  21. Simplified Payment method • Simplified payment method can be fooled if an attacker overpower the network. • Accept alerts from network nodes when they detect an invalid block. • Software download full block and alerted transactions to confim inconsistency.

  22. Combining and Splitting Value • To allow value to be split and combined, transactions contain multiple inputs and outputs. • Single input from larger previous transaction or multiple inputs combining smaller amounts. • Most two output: one for the payment, and one returning to the sender

  23. Combining and Splitting Value

  24. Privacy • The necessity to announce all transactions publicily. • Can not keep privacy by limit access to the information like traditional banking method. • Break the flow of information by keep the public keys anonymous.

  25. Privacy • Bitcoin addresses should only be used once. • A new key pair should be used for each transaction to keep them from being linked to a common owner. • Some linking is still unavoidable with multi-input transactions, which necessarily reveal that their inputs were owned by the same owner.

  26. Development of Bitcoin • First mentioned in a 2008 paper published under the pseudonym Satoshi Nakamoto, Bitcoin became operational in early 2009. • The value of one Bitcoin fluctuate unpredictably

  27. Bitcoin value since 2009

  28. Bitcoin value in the latest year

  29. Status of Bitcoin • Current value of Bitcoin is 374.7 USD (13/11/2013) • Accepted from mainstream services such as OkCupid, Baidu, Reddit, Humble Bundle and Foodler. • Related to criminal activites: • Purchasing drugs, laundering money and online – gambling. • Botnets engaged in covert mining of Bitcoin. • The possibility of a “Bitcoin bubble”

  30. Thank you for your listening!

  31. References • Bitcoin: A Peer-to-Peer Electronic Cash System[bitcoin.org/bitcoin.pdf‎] Satoshi Nakamoto • en.bitcoin.it/wiki/protocol_specification

More Related