2 of 39

DISCLAIMER:

Primarily a technical talk on blockchain mechanics, operation, and theory.
With examples of technology/theory to main crypto models.
With significant implications to ...

Environmental Social and Governance (ESG) impact ...
Blockchain-specific consensus/governance/trust issues ...
Blockchain-specific transaction scale/latency/costs ...
Decentralized Finance (DeFi) and Blockchain DeFi Apps ...
“Layer 2” crypto networks and their purpose ...
WEB3 & NFTs.

Talk is ...

NOT INTENDED to render any guidance on crypto currency value or future directions.
NOT INTENDED to render any guidance on political issues relating to how blockchains,�crypto, or NFTs are governed or regulated now or in the future.
NOT INTENDED to render any guidance on issues relating to how blockchains, crypto, or�NFTs can be exploited for any purpose now or in the future.
NOT INTENDED to render any guidance on issues relating to how blockchains, crypto,�or NFTs may be taxed or regulated in future.

In other words: My opinion/analysis only. Use at your own risk.

3 of 39

TALK OUTLINE

Essential Technologies for Blockchains and Cryptocurrencies

Blockchain Taxonomy, DAOs, and NFTs.
Types and Uses of Blockchains.
Three Essential Technologies for Blockchains

Consensus Algorithms.
Random Number Generators.
Cryptographic Hash Functions.

Blockchain Basics

Detailed Bitcoin Blockchain Description.

Crypto Blockchain Essentials:

Proof-of-Work (Bitcoin/Original-Ethereum/Original-Dogecoin/Litecoin).
Proof-of-Stake (Peercoin/Cardano/Avalanche/Polkadot/Solana/Ethereum 2.0).
Blockchain Hygiene : ESG Issues : Solo vs Pooled Mining/Minting.
Transactions: Scale/Latency/Cost Tradeoffs & “Layer 2 Crypto” Networks.

Future for Crypto, NFTs and Web3

NFT : Initial Coin Offerings : Web3 Economy

4 of 39

Definitions: Blockchains, DAOs, NFTs

5 of 39

Blockchain Basics

Blockchain is a shared, immutable ledger that facilitates the process of recording “transactions” or ”assets”.

Virtually anything of value can be tracked or traded on a blockchain network (not just crypto or NFTs or music).

Key Elements:

Distributed Ledger Technology (DLT) - All “participants” have access to the distributed ledger�and its immutable record of (past/validated) transactions.
Immutable records - No participant can change or tamper with transactions after they have been�validated and recorded onto the blockchain ledger. If a transaction includes an error – a new�transaction must be added to the ledger/blockchain to reverse – and both are then visible by all.
Smart Contracts – Blockchain-specific code that executes a set of defined rules (valid only on that�blockchain) is stored on the blockchain and execute automatically. Example: A corporate bond payment.

How blockchains work (detailed examples to follow):

A grouping of “validated transactions” are recorded in a given block.
A newly-formed block is “connected” to the immediately preceding block – forming a “chain”.
Consensus mechanisms are used validate “transactions” (to be inserted in new blocks in chain) and�to determine the “active chain” (when delay-induced and/or maliciously-induced “forks” exist).
As new blocks are “seasoned”* - an irreversible set of blocks is created in an ever-increasing chain.

* - Example: Bitcoin doesn’t release block creation awards until 100 blocks have past.

6 of 39

Blockchain Types – Blockchain Has Many Uses Other Than Crypto and NFTs!

Public (Permissionless) Blockchain. Example: All major cryptocurrencies.

Any node is allowed to join and participate in the “network consensus” (blockchain-specific mechanisms).
Fully decentralized, secured and immutable (distributed) ledger.
Transactions are (mostly) anonymous, but transparent to everyone.
Open ledger / Open to anyone / Open network.

Private (Permissioned) Blockchain. Example: Supply chain ledger for component parts for a specific company.*

A single organization has authority over network.
Fastest transaction reconciliation, power efficient, offers privacy guarantees.
Only a few users/entities are allowed to access a permissioned blockchain (e.g., component suppliers).
Closed Ledger / Single Organization in Control / Closed Network�

Federated Blockchain. Example: Blockchain that multiple organizations use, but closed outside the Federation.

Federation controls – via rules of code – what is allowed (e.g., access) and network operation (e.g., consensus).
Decentralized, much faster than public blockchains, highly scalable.
Open or Closed Ledger/ Multiple Organizations/ Closed Network.
Federation controls degree of privacy, security and ledger visibility. Also called “Consortium Blockchains”.�

Hybrid Blockchain.

Definitions on what elements/data are public and private. Access can be controlled (permissioned) or public.

* -Example: NIST Report 8419 (https://doi.org/10.6028/NIST.IR.8419 ).

7 of 39

Important: What is a Decentralized Autonomous Organization (DAO)? What is Web3?

A DAO is a organization - represented by rules encoded as a computer program - that is:

transparent,
controlled by the organization members, and
NOT influenced/controlled by a central government.

[In other words they are member-owned communities without centralized leadership used for ANY purpose.]�

A DAO's financial transaction record and program rules (e.g., smart contracts) are maintained on a blockchain.

A DAO participant thus eliminates the need to involve a mutually acceptable trusted third party for transactions.

Song writers, artists, etc. don’t require agents or agencies to sell their products, as long as ...
The DAO participant “agrees” to the governance/use of the DAOs blockchain and smart contracts.

Web3 is the general term for the next phase of the Internet:

Web1 – Basic Internet Transport and basic Web (HTML) and email functionality.
Web2 – Large part of communications, information and commerce on captive (closed) platforms. (Examples: Facebook, Instagram, LinkedIn, etc.).
Web3 - Aims to sole all Web2 problems by giving data ownership and power to individuals (in the DAO).

Blockchains are essential Web3 technology - Individual Cryptocurrencies and NFT markets are DAO examples.

Complete transparency to participants.
Issues of trust, security, interoperability, hacking abound – lots of new and untested technology here!

8 of 39

Three Essential Technologies for Blockchains and Cryptocurrencies

Consensus Algorithms
Random Number Generators
Cryptographic Hashes

�NOTE: Non-engineers ... Just hold on until we get through this ...

9 of 39

Essential Technology: Consensus Algorithms For Public, Permissionless Blockchains

Blockchains aim to produce an immutable distributed ledger where some of the participants ...

May be offline or experiencing communication difficulties to the “blockchain network”,
May not be trustworthy (e.g., opportunistically nefarious), and
May produce inaccurate results or do not compute quantities correctly.

�Thus, fault-tolerant consensus mechanisms are used in both distributed computing and blockchains to�arrive at the state of the network/blockchain among the distributed processing system participants.

�Since nefarious behavior on a crypto network may result in huge (and immutable) crypto losses - permissionless, public blockchains place a very high importance for secure, fault-tolerant consensus!�Both reward and penalty mechanisms are employed in most crypto blockchains.

�There are many such algorithms: Proof-of-Work, Proof-of-Stake, Proof-of-Authority, Proof-of-Space/Storage,�Proof-of-Elapsed-Time – and many yet to come.

�We will focus on the two most popular of these: “Proof-of-Work” and variants of “Proof-of-Stake”.

10 of 39

Essential Technology: Random Number Generators

Two general methods (one crypto uses both):

Measure some phenomenon that is expected to be random, then compensate for possible biases.
An algorithm produces apparently random results - ”Pseudorandom number generators” (PRNGs).�

Cryptographic Secure Pseudo Random Number Generators (CSPRNG/CPRNG) are used in blockchain for:

Key Generation (digital signatures for signing/verification – not discussed).
Salts (random data appended to inputs/passwords and fed into hash functions – not discussed here).
“Randomly choosing” the next validator/node for blockchain.

Issues / Problems:

Public blockchains are open-source – so everyone has access to the algorithm.
For a given seed, how well does output match desired pdf to needed accuracy?
For a given seed, the output sequence is IDENTICAL (CPRNGs are deterministic).
For consensus - need to create random seeds using deterministic hardware.

1: Is a given / 2: Is solved for many fields / 3: Is a given / 4: One way to solve is described later

Optional: Uniform pdf to�Desired pdf Mapping

N-bit Output (N<<M)

(Non-Uniform pdf)

Seed

CPRNG

Clock

M-bit Output

(Uniform pdf)

2^M-1

f(x)

2^M

11 of 39

Essential Technology: Cryptographic Hash Functions (SHA-256, p/o SHA-2 family from NSA*)

Input_Data

“One-Way” Hash Function (SHA-256)

Output_Hash (256 bits for SHA-256)

Arbitrary Length Input

Advanced Encryption Standard (AES) (FIPS PUB 197)

Deterministic value, but appears random relative to similar looking inputs.

Fixed-length Output (256 bits for SHA-256)

Example: Output_Hash = Hash_SHA-256(Input_Data)

0x7F83B1657FF1FC53B92DC18148A1D65DFC2D4B1FA3D677284ADDD200126D9069

0x451CAE5B3608B3556D46E41809AFBF80C1ADBEC092504D6FE86FA31A22795525

Hello World!

Hello Vorld!

“W” and “V” have only LSB different in ASCII encoding!

On average, 128 of the 256 bits will be different. For ANY difference in input!!�Often called “The Avalanche Effect”.

HASH_SHA-256

Designed to be virtually impossible to go this way.

“One-Way Functions”

Easy to go this way. Output only “appears random”.

https://doi.org/10.6028/NIST.FIPS.197

Input_Data₁ : Input_Data₂

Hash_SHA-256

Output_Hash (256 bits for SHA-256)

Deterministic value, but appears random relative to�EITHER Input_Data₁ or Input_Data₂.

Note: Concatenation often written as hash(x₁ + x₂) in�hash documentation (do not confuse with linear�addition of vectors). We will use this notation herein.

Concatenation of Inputs

This ”concatenation property” is often used in situations requiring hashing.

* - Others commonly used are RIPEMD, WHIRLPOOL, SWIFFT

12 of 39

Essential Technology: Merkel Tree & Merkel Root (Binary Hash Chain)

Binary Hash Tree of 4 Data Blocks

000

001

011

010

101

100

110

111

Block 0�Hash

Block 1�Hash

Block 7�Hash

Block 3�Hash

Block 2�Hash

Block 4�Hash

Block 5�Hash

Block 6�Hash

Merkel�Root

Merkel Tree with 8 Data Blocks

Only Merkel root stored in blockchain header
Binary labeling expedites individual transaction�validations (O(log₂(N)) hash checks).

Easy to ”include/add new data blocks” without�recomputing hashes over existing data (blocks).
Hashes over concatenations of data is very useful.

Hold on ... hashing is used in at least two more applications in blockchain!

13 of 39

Blockchain Basics – Bitcoin Example

14 of 39

Bitcoin – Most Famous Public Permissionless Blockchain for Cryptocurrency

Bitcoin’s Inventor/Founder: Satoshi Nakamoto (pseudonym for 1 or more creators)

Fractional Bitcoin is a “Satochi” (100 millionth of a Bitcoin)�

Satoshi’s October 31, 2008 Whitepaper: “Bitcoin: A Peer-to-Peer Electronic Cash System”

Problem to Solve*:

“What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party.”�

Launched 1^st Bitcoin client on January 9, 2009

Contained a message and the first 50 Bitcoins ever crated (“pre-minted” coins).
First commercial transaction: Two Papa John’s pizzas for 10,000 Bitcoins�(>>$100 Million today).

Today we will focus on blockchain and consensus mechanisms – not on the process of validating individual transactions.

* - Original intent was not to be an investment vehicle.

15 of 39

How Blockchains are Formed – Bitcoin Version 2 Example

Diagram and block decode from: https://www.oreilly.com/library/view/mastering-bitcoin/9781491902639/ch07.html

To “Genesis Block” (Block at Height 0)

Side Note: “Block Height” is not stored anywhere – as it is NOT always a�unique identifier (when there are forks, multiple blocks may have same height).

Expand

Block at Height 277315

Block�Header

Hash of Block Header is: ”0000000000000002a7bbd25a417c0374cc55261021e8a9ca74442b01284f0569”

This is the�“chaining”�mechanism

The “previousblockhash” element is the “header hash” of the prior block in the chain.

Merkle Tree Root Hash (of transactions below header)

4 Bytes: The size of the block after this field.

”Unix time” (uint: seconds from Jan 1, 1970)

Version 2 rules used (for encoding of this block)

KEY TO BITCOIN: WILL EXPLAIN SHORTLY!

16 of 39

Crypto Blockchain Essentials

Proof-of-Work Consensus
Proof-of-Stake Consensus
Blockchain Hygiene
Mining/Minting Issues (Solo vs Pooled)
Transaction Tradeoffs (Scale/Latency/Cost)
“Layer 2 Crypto” Networks
Crypto Miscellany (Stable Coins, Wallets)

17 of 39

Proof-of-Work (PoW) Consensus Algorithm: Bitcoin’s “Computationally Intensive Puzzle”

Bitcoin’s “computationally intensive puzzle” is ... you guessed it ... solving a cryptographic hash.�
In this case, “solving” the puzzle is to require the hash result to be below a “target value”�(target is decoded as an unsigned integer value).�
The only known way to “solve” this puzzle is to randomly search for the solution!

On average, solving this puzzle will provably take a long time.
“Miners” (nodes) are tasked with trying to “solve” this “puzzle”.
With overwhelming odds, a single miner will be the first one to solve the problem�(however, sometimes more than one will – we address this soon).�

However, once a solution is found (typically not unique) the “winning miner” advertises it.

ALL OTHER MINERS can quickly and easily verify that the hash solution meets the�requirement (i.e., they can “validate the solution” with trivial effort).
ALL OTHER MINERS then abandon their effort to solve and move on to the next block.
The WINNING MINER will eventually receive a “block reward” for solving puzzle.*�

We will first demonstrate the concept assuming a certain form of the target value�(a power of 2) – then we will relax that assumption.

* - There are exceptions to be described later.

18 of 39

Proof-of-Work: Let’s talk about that NONCE [Bitcoin/Original-Ethereum/Original-Dogecoin/Litecoin]

HASH_SHA-256{[Bitcoin Block Header without Nonce field] + [Nonce]} = 256-bit Result*

* - When used for signature/verification purposes, result also called a “message digest”

Block Header

Transactions

Nonce

A Bitcoin Block

A “Nonce” is a “number used once” for various cryptographic purposes.
We know from before that using different Nonces in the hash above�will produce seemingly different/random results.

Similarly: If you want to try nonces to produce exactly k leading zeros in the result (i.e., 0b{k-zeros}{(256-k)-don’t cares}),�then ON AVERAGE we expect to try 1/(1/2^k) = 2^k trials to obtain this result.

Question: How many “random Nonces” do you have to try if you want the hash result to begin with a binary zero?�(Desired 256 bit result in binary to be 0b0XXXXXXXXX ...XX, where X is “don’t care”; that is value < 2²⁵⁵).��Answer: Since the result is expected to be random, there is a 50% probability of the first bit being a “0” (p = 1/2¹).��The probability distribution of the number X of Bernoulli trials needed to get one success is a geometric distribution�where the mean of the distribution is 1/p. So ON AVERAGE we expect to need 2 trials.

255 bits don’t care

one zero bit

19 of 39

Proof-of-Work: Let’s talk about that NONCE & DIFFICULTY

HASH_SHA-256{[Bitcoin Block without Nonce field] + [Nonce*]} = 256-bit Result

* - Extra Credit: The Bitcoin Nonce field is only 32 bits. Why is this a problem? How to fix it?

If we want the result to 0b{k-zeros}{(256-k)-don’t cares}), ON AVERAGE we expect to try 1/(1/2^k) = 2^k Nonces.

Now suppose:

It is desirable to produce a bitcoin block once per 10 minutes on average (target for Bitcoin).
The TOTAL hash rate of ALL bitcoin “miners” is known to be X hashes per second (i.e., 600X per ten minutes) ...

IF we were limited to hash results numbers having the form of 0b{k-zeros}{(256-k)-don’t cares},�THEN we would find k so as to produce a block every 10 minutes (again, on average).��We need to set 2^k to be approximately equal to 600X, that is: k ⋍ log2[600*X].

200 Million, Tetra hashes/sec

(200*10⁶) (1*10¹³) = (2*10²¹)

(84.8*10⁶) (1*10¹³) = (8.48*10²⁰)

In 2021, China was responsible for 46.04% of global Bitcoin production.
In 2022, virtual currency-related business activities are illegal in China.
Result: A huge drop in total hash rate in mid-2022 (Sichuan shutdown).

Block 730466 (mined on April 04, 2022 at 7:10 PM EDT) hash is ...�0x00000000000000000002a24e1b956496a6f6c7d1eae6342488a257c9ade1909d�... which had 78 leading (binary) zeros (4*19+2).

Approximate hash rate in April 2022 is (2*10²¹),�so log₂[(6*10²)*(2*10²¹)] = 79.98, ~ 80 leading zeros needed

In July 2021, hash rate was (8.48*10²⁰), ~ 79 leading zeros needed.

20 of 39

Homework: Playing with “Proof of Work” Blockchains – Go to https://demoblockchain.org/tokens*

Same�transactions�different�order

Different�Nonces�needed�for�four, hex�zeros

Miners don’t�all work on the�“same hash problem”�(e.g., transactions�can be recorded�in a different order).��Demo goal here is�for a hash result�to have form of�0x0000{XXXX}�(sixteen leading zeros).

Create your own blockchain.

* - This is a commercial site. Not an endorsement. Demo may be taken down at any time.

Possible Chain 1

Possible Chain 2

21 of 39

Proof-of-Work: What is the Target? How is DIFFICULTY Adjusted?

�Block 730466 (mined on April 04, 2022 at 7:10 PM EDT) hash is ...�0x00000000000000000002a24e1b956496a6f6c7d1eae6342488a257c9ade1909d�... which had 78 leading (binary) zeros (4*19+2).��Note: Wanting a result to be 0b{k-zeros}{(256-k)-don’t cares}) ... is equivalent to saying ...�the value must be less than or equal to 0b{k-zeros}11111111111111...111 (i.e., < 2^(256-k))��Bitcoin specifies that the hash must be less than a specific target value (a specific 256 bit unsigned integer)�... thus not limited to power of 2 changes in our examples prior.�

Simplified, the Bitcoin’s target value is adjusted periodically as follows:

The network sums the total minutes it took to mine the last 2016 blocks (called an epoch, ~14 days)* ... and ...
Compares this sum to the desired sum of 20,160 minutes (goal is to produce a block every 10 minutes) ... then ...
Adjust Target Value up or down (“difficulty adjustment”) toward the desired result at each epoch end update.**

Bitcoin’s “Difficulty Adjustment” is an adaptive control system

* - Due to an error, actually 2015 blocks. See details at https://minerdaily.com/2021/how-are-bitcoins-difficulty-and-hash-rate-calculated�** - Hard adaptation limit/clipping at 4x or ¼ X at each target value epoch update.

Previous�Example

Let D’ be the proposed new difficulty level.�Let D be the difficulty level of the prior epoch.

Let t_i be the timestamp of the last block.

Let t_{i-2016} be the timestamp of the block 2016 blocks earlier.

D’ = D * (2016*600) / ( t_i – t_{i-2016} ).��By looking at the denominator .... we see the time is actually that between the last 2015 blocks (not the desired 2016)!

That is the denominator SHOULD have been ( t_i – t_{i-2017} ).��There is a factor of 4 hard limit up or down for D’.�Let D’’ be the new difficulty level.��D’’ = {min(D’, 4*D) if D’ > D} OR {max(D’, D/4) if D’ < D} OR {D’ if D’ = D}��Note: Forms of difficulty for other Proof-of-X schemes delay the actual adjustment for a few blocks post computation – to guard against other attacks.

22 of 39

Bitcoin Difficulty – The Game Is Rigged!

Details:

The Target Value is derived from the “Difficulty Level”.
The Difficulty Level relates the target to the one used in Genesis Block.
It is the Difficulty Level which is reported in the Bitcoin Block Header.
The Target Value (and Difficulty) is fixed for the particular epoch.
You can verify that the Difficulty Level in the headers remain the same�for the entire epoch (https://www.blockchain.com/btc/blocks).
The precise adjustment algorithm has changed over time to use�moving averages (but interestingly not median filtering!).

Minting time for a�particular block.��The average time for�the (2016 block) epoch.��Note the block time�variance (~ -15/+20%).

Sichuan�Shutdown

Image Credit: https://wdrfree.com/stock-vector/carrot-man-carrots

Solve sooner than 10 minutes (on average) – Make following solutions harder.
Take longer than 10 minutes (on average) – Make following solutions easier.

INDEPENDENT OF HOW MANY MINERS ARE WORKING ON THE SOLUTION!

Miner 1 has�10% of hashpower

Miner 1�Doubles GPUs

Miner 1 now has�18% of hashpower

Incentive for individual miners to increase minining.�
But if EVERYONE did this, the odds of winning are same!

Double resource consumption with no collective gain!��Bitcoin Tragedy of the Commons!

23 of 39

The Genius of Bitcoin’s “Proof of Work” (sometimes called blockchain conflict resolution)

Miners mint a new block when they are the first to find a hash whose value is below that of the target value.
Rule: Miners always build on “the longest chain”.
Given network delays or coincidence – two (or more) miners may successfully solve “their hash problem” at same time.
Depending on network propagation and/or miner choice, miners may decide to mine off of “Fork A” or “Fork B”.

Most of the time, a majority of miners will work off of one of the forks. Thus, the next block will likely be minted�from this fork (above Fork B). Then this fork will represent the “longest chain”. Fork A will be abandoned.
Worse case is that ½ the miners work on Fork A – and the other ½ on Fork B. In this case ANY new block on EITHER�chain will take about 20 minutes to solve. Even here, it is OVERWHELMINGLY UNLIKELY that both forks would find a solution at the same/similar time. The forks will resolve themselves with ONE becoming the “longest chain”.

This is the genius of proof of work! Conflict Resolution: eventually one fork becomes longest (due to math/statistics!).
Any transactions on Fork A above that are NOT ALREADY RECORDED on Fork B will be introduced into a future block on Fork B.
Block A: An “Orphan Block” in Bitcoin (no block reward) / An “Uncle block” in Ethereum (with a smaller block reward).

2 different miners “solve hash problem” at nearly the same time

Transactions on abandoned Fork A but not Fork B�will be introduced onto a future Fork B block.

Side Note: We now see why “block height” isn’t the chaining mechanism (A & B at same height).

24 of 39

The Horrible Downside of “Proof of Work” – ESG Waste!

To increase your chances of successful mining in a cost-effective manner you must:

Get many processors that are efficient at hash computations (ASIC-based),
Run them at places that have low electricity costs, and
Have a plan for the “excess heat” (and noise) produced.

13.5 Th/s, 1323 Watts

99.9%* of compute cycles (and thus electric power) is devoted to solving the Proof-of-Work hash “puzzle”!�Bitcoin hash operations today consume the equivalent of the power needs of Switzerland. This is unsustainable!�There must be more ESG-friendly ways to building blockchains in accordance with DAO principals!

“Bitcoin Mining” isn’t “mining” or “puzzle solving” in Traditional Sense: It is “Purposeful Random Guessing” at best!

Traditional Mining�(mine where gold was found before)

Puzzles Involve Skill�(would not try this piece in middle)

BITCOIN:�Idiocy of Random Digging�(dog without sense of smell)

* https://www.yahoo.com/finance/m/a9ed6f00-037b-3f67-9e4f-118b2e0bd6d8/bitcoin-mining-stocks-have.html

25 of 39

Can We Choose the Next Block Host Without the Purposeful ESG Waste Used in “Proof of Work”?

Statistically, We already know the answer!

Let’s simplify the problem (we will later relax these assumptions):

Assume there are N CPUs – and each CPU has identical hashing power.
About every 10 minutes, 1 of those N CPUs will “solve the hash problem”.
We just don’t know a priori WHICH ONE of the N CPUs will be the winner!
Why can’t we just “pick one at random”?

Benevolent Ramalho�Random Choosing�Machine

Problems:

Against DAO principals�(no one entity chooses,�don’t trust each other).
Even if open source, most�would not trust operation�against desired distribution.

METHOD 1: FAIL

Cryptographically Secure�Pseudo Random�Number Generator

Seed

Clock

Challenges:

Can seed have needed randomness?
If so, can we assure it can’t be gamed?

Hash�(what�else?)

Enroll with�your secret�random number

Seed

Problem:

Last CPU to send their�secret (after seeing all�others) can bias seed.*

METHOD 2: FAIL

Step 1: Enroll with�a hash of your secret�random number

ENROLL

Step 2: After enrollment�is complete, then send�secret random number

VERIFY PREVIOUSLY�SENT HASH

Step 3: Verify previously�sent hash is correct�for secret sent.

WORKS: “RanDAO commit-reveal scheme”*

* - Ethereum uses this. There are other schemes as well.

Seed

Hash

Step 4: Hash as before

* - Also called “grinding”.

26 of 39

“Proof-of-Stake” architectures “appoint” the next block creator without ESG waste in PoW�[Peercoin/Cardano/Avalanche/Polkadot/Solana/Ethereum 2.0]

We just showed that can choose 1 out of N possible CPUs to be the CPU to create the next block.
Since 99.9+% of Bitcoin work was “wasteful hash guessing”, actual processing cost of creating new blocks is low!
How do we choose N (now that we don’t need hundreds of thousands of special-purpose CPUs anymore)?
Who says any one of the “N mining entities” need to have equal chances (probabilities) of being chosen?

* - And you guessed it, some of the mechanisms use hash randomness properties instead of CSPRNGs.

Loose Definition of “Proof of Stake”

27 of 39

Proof-of-Stake (PoS): Some Popular Variants

Highest Chance�of Being Chosen�for Pure PoS

Pure Proof of Stake (PPoS): Algorand

Other criteria for PoS weighting other than amount staked:

(Staked) Coin Age.
Penalty (negative weight) for being offline.
ANY OTHER CRITERIA the DAO governance wants!

Delegated PoS (e.g., EOS) and Leased PoS (e.g. Waves) – Are variations on the above.

Proof of Importance (e.g., PoI, XEM)

Add factors of a nodes “importance” (usually via some DAO agreed scoring mechanism).
Net transfers (e.g., 30-day spend), currency vested, interconnectivity of nodes, etc.

Liquid PoS (e.g., Tezos)

Nodes can dynamically choose nodes to move their stake to – in order to form effective coalitions�for certain types of tasks (e.g., smart contract execution).

Bonded PoS (e.g., Cosmos)

Nodes can “reassign their delegation” to other validators (useful for cases where a penalty would�be assigned for not completing a task(s)).

Others: Proof of Authority, Proof of Burn, Proof of Elapsed Time, Proof of Capacity, Proof�of Presence, Proof of Assignment, Delegated Byzantine Fault Tolerance, Proof of Activity ...

I prefer “Probabilistic Validator Selection” for these techniques.

28 of 39

Blockchain Hygiene: Incentives and Disincentives for “Proof-of-Work” and “Proof-of-Stake”

PoW:

Blockchain building and consensus algorithms defined by solving PoW puzzle (the Genius of PoW).

Unless Hash_SHA256 is broken someday, there is no known way to game the system.

The winning miner is awarded a ”block reward” (for being lucky) and ”transaction fees” for the�transactions within it’s block - as long as that block has “matured” (i.e., not an orphaned block)*.
Some PoW crypto have “coin limits” (e.g., Bitcoin is 21 million and Litecoin is 84 million). Once these�limits are met, there will be no more block awards (only transaction fees).**

* Bitcoin’s maturation period is 100 blocks (about 16 hours).

** Bitcoin/Litecoin expectation is circa 2140.

PoS / Delegated PoS (and other derivatives):

When a validator is chosen and creates a new block, it is awarded a “block reward” – similar to PoW.
Validator passes most of the block award to staking participants contributing as “staking awards”.
Validators also receive “transaction or gas fees” for the computational expense of transacting work on their node (e.g., a smart contract execution).
Staked crypto must be staked for a prescribed amount of time. Un-staking is not immediate (a wait time�to ensure blockchain has “matured”). Validators often pay interest to parties contributing to its total stake.
”Slashing” is a penalty mechanism to discourage validator misbehavior (validator downtime, dishonest validation or execution, etc.). If egregious enough, entire stake may be forfeited and validator removed.
Other penalty mechanisms built into the PoS weighting (lessen chance of being chosen in future).

29 of 39

Economics of PoW/PoS: “Solo Mining/Minting” vs “Pooled Mining/Minting”

Solo Mining (PoW):

Almost exclusively the province of large entities specializing in mining, because:

It is very unlikely that you will mine a block (your hashrate vs total hashrate).
Large capital expense for “Mining Farms”.
But when you have success – you will have a large reward.

Example: Bitcoin block reward is now 6.25 BTC (~ $250,000).

Solo Minting (PoS):

Almost exclusively the province of large entities specializing in mining, because:

Minimum staking requirements are large (although less cost than large PoW farms).

Example: Ethereum minimum stake is 32 ETH (~ $95,000). Aka “Solo Home Staking”.

Similar to Bitcoin, your chance of minting is low (your stake vs total network stake).
And similar to Bitcoin, when successful you will have a correspondingly large reward

Pooled Mining (PoW):

You combine your hashrate to others in the same “hashrate pool”.
Similar to solo mining – it is unlikely that you will mine a block in a reasonable time ...

But it is more likely that someone in your pool will (the “winner” is reported as the pool name entity).

When anyone in your pool is the ”winning miner” - the reward is shared with everyone in the pool.

Minus a cut for the “pool management entity”(typ. 1%) – the rewards are shared in proportion to hashrate.

Pooled Staking (PoS) or “Centralized Exchange Staking” (PoS):

By pooling your stake with others in the pool, you increase the chance that your pooling entity will obtain rewards.
Option 1: Your rewards – like Pooled PoW – are in proportion to offered stake (deposited into wallet when they occur).
Option 2: You get interest (in native crypto) on the crypto “staked” (always - even when exchange doesn’t win).

A centralized exchange pays the interest – paying interest is part of their business plan.�

This is the “crypto staking” you often hear about (e.g., Binance).

(https://coinmarketcap.com/alexandria/article/crypto-staking-guide)

30 of 39

Fiat-Currency vs Crypto Currencies / What are “StableCoins”?

Fiat Currencies: US Dollar, Euro, Yuan ...

Major monetary factors affecting price:

Money Supply (creation/destruction of currency).
Interest Rates.
Reserve Bank Balance Sheet (e.g., investment instruments purchased by central bank).

Minor factor: The actual cost of coining money (bills).
Reserve bank has many levers to pull to stabilize (or manipulate) value.

Crypto Currencies: Bitcoin, Ethereum, Litecoin, Dogecoin ...

Native supply/demand of specific cryptocurrency.
Scarcity: Bitcoin and Litecoin have coin limits (programmed) – Dogecoin mints 5M coins/yr.
PoW Crypto: If cost to generate ever exceeds present value, mining could* stop.
Cryptocurrency DAO generally has limited means to manipulate value.

The DAO would have to change “policy”, then implement rules in code.

StableCoins: Tether (USDT), USD Coin (USDC), TerraUSD (UST), Binance USD (BUSD), ...

“Pegged” to an external reference (USD, gold, etc.).
Two Main Levers: 1) Collateralization (“reserves”) or 2) creation/destruction of its own crypto!
Market cap less than most countries. Not battle tested. How much trust do you have in them?

* - Due to control dynamics, some miners might exit – allowing remaining to become profitable.

May 13,�2022

(was 3^rd�largest)

31 of 39

Side Note About Crypto Wallets (added since TerraUSD implosion)

Crypto Transactions:

Sending your crypto to others requires the use two cryptographic keys:

Your public key (address people send crypto to you with – you freely share this key).
Your private key (which you MUST keep private, as anyone can move your crypto with it).

Others sending you crypto to you needs to know

Your public key (to send it to you).

Crypto Wallets:

Facility to store your private key (instead of writing it down on paper – called a “paper wallet”).
Remember: Your crypto “exists on a blockchain” (it isn’t in your regular wallet like a dollar bill is).
Wallet types:

Hardware wallets (e.g., a USB device). Only used when you want to make a transaction.

Very secure. Don’t lose it or forget any passcode to open it (you will “lose” your crypto)!

Software wallets (e.g., program on your computer).

If hackers find your private key – say goodbye to your crypto.

Online/Hosted wallets (e.g., a Coinbase account)

Simplest way to get started in crypto; look-and-feel of an online brokerage account.
But beware: Coinbase stated that in Coinbase bankruptcy your crypto can be used�to pay their debts (as it is an asset they control – no SPIC-like protection here)!

Perhaps a balanced approach is wise ...

Store “small transactional amounts” (that you can afford to lose) with a hosted wallet.
Store “long-holding / investment amounts” using a more secure method.

Anyone remember “bearer bonds” in a bank safe deposit box? Same deal.

32 of 39

Transactions (Scale/Latency/Cost Tradeoffs) & Role of “Layer 2 Crypto” Networks.

Scaling:

Goal: To increase transaction speed/throughput & minimize delay – ideally without sacrificing decentralization or security.

Sharding (e.g., Ethereum 2.0): Splitting database to spread the load (primarily for transaction validation).
“Layer 2 Networks”: Separate networks that provide “on-ramps” to the base (“Layer 1”) crypto network.

Layer 2 Downsides:

Concept of “Composability” – Don’t want transactions restricted to a particular Layer 2 network.

dApps (smart contracts) may or may not be compatible between various Layer 2 networks.

User Friction: Yet another “Web2 interface” to a “Web3/decentralized” crypto network.

Most(all?) can host your individual wallet! You need to trust them like you trust your bank.

One size doesn’t fit all – most Layer 2 networks specialize on some performance criteria or application need.
Security and Privacy Vulnerabilities:

Requires trust with Layer 2 network (and other Layer 2 networks that may interact with dApps).
Still “Wild West” – regulation and assurance guarantees not well developed.

Layer 2 Networks (aka “sidechains” or “off-chain solutions”):

Examples:

Lightning Network (used for both Bitcoin and Litecoin blockchains).
Polygon/Arbitrum (Ethereum).

Above addressing scale, Layer 2 has focus on transaction performance (delay/volume) and cost.
A given (Layer 1) crypto may be connected to a multiplicity of Layer 2 networks.
There is A LOT of innovation in Layer 2 Network functionality and interoperability!

33 of 39

Reprise on DAO Governance ....

REPRISE (earlier slide):

A DAO is a organization - represented by rules encoded as a computer program - that is:

transparent,
controlled by the organization members, and
NOT influenced/controlled by a central government.

[In other words they are member-owned communities without centralized leadership used for ANY purpose.]�

A DAO's financial transaction record and program rules (e.g., smart contracts) are maintained on a blockchain.

A DAO participant thus eliminates the need to involve a mutually acceptable trusted third part for transactions.

Song writers, artists, etc. don’t require agents or agencies to sell their products, as long as ...
The DAO participant “agrees” to the governance/use of the DAOs blockchain and smart contracts.

IMPLICATION:

BOTH Layer 1 DAOs (a cryptocurrency) or a Layer 2 DAOs governance/rules (a “Web 2.0 sidechain”) requires�A SIGNIFICANT AMOUNT OF TRUST.

By participating in either/both – you are agreeing to the terms the DAO set.��Cryptocurrency and Layer 2 networks have significantly different governance. Caveat Emptor!

34 of 39

Future for Crypto, NFTs and Web3

35 of 39

Intersection of Non-Fungible Tokens (NFTs) and Crypto / What are ICOs?

A NFT is a “digital asset” that represents real-world objects such as art, music, in-game items, videos, etc.
NFTs are unique cryptographic tokens that exist on a blockchain.

Often contain “off-chain pointers” to the real assets (which are not on the blockchain).

In contrast, a fungible token are individual assets that have exactly the same utility.

A dollar bill spends like any other.
A unit of cryptocurrency (even though the crypto - like NFTs - are stored on a blockchain).

Example: The NFT art market sits at the crossroads of crypto and traditional art market.

Provenance and ownership is easily provable via the blockchain.
More functionality (than the traditional art market) can be applied via a smart contact!
This empowers artists by adjusting the “balance of power” in their favor (relative to existing market/agent).

Example: Future sales of the NFT can forcibly assert a commission back to the original artist.

Just imagine ... Claude Monet could still be collecting on his Water Lilies!

Many NFTs have incentives/giveaways for new cryptocurrency – particularly for Initial Coin Offerings (ICOs).

Crypto is open source. There is a VERY LOW BARRIER to creating your own coin (e.g., FooCoin).
Every new ICO has “pre-mined” coins in it (e.g., Bitcoin Block 0 had 50 “pre-mined” BTC in it).

A new NFT series may give away some of the pre-minted coins: Increase demand for new crypto.
Event NFTs will sometimes require eventgoers to obtain ICO coins: Increase demand for new crypto.�

Caveat Emptor: Special caution for NFTs purchases associated with lesser-known blockchains!

Image credit: https://boredapeyachtclub.com/#/home

36 of 39

Web3 Economy: Opportunities and Concerns

REPRISE (earlier slide):

Web1 – Basic Internet Transport and basic Web (HTML) and email functionality.
Web2 – Large part of communications, info and commerce on captive platforms (Facebook, Instagram, ... ).
Web3 - Aims to sole all Web2 problems by giving data ownership and power to individuals.

OBSERVATION & OPINION BELOW – COME TO YOUR OWN CONCLUSIONS!

Many good, hard-working people involved with the “Web3 economy” have little technology-based knowledge�on how crypto actually works (less than you now have).
These musicians, artists, etc. are just trying to make a living and are using Web3 technology to sell their wares�without the overhead of usual art/music agent and infrastructure costs. They simply “register” their NFTs on�blockchains – knowing the provenance (and smart contract terms) will follow their work.
Where to list your NFT: OpenSea/Binance/Crypto.com/LooksRare/Nifty Gateway/Rarible/Solnart/SuperRare?

OpenSea Marketplace: Peer-to-Peer Marketplace with no intermediary between buyer and seller.

Takes 2.5% cut / Uses Polygon Layer 2 Network / Supports many crypto wallets.

Decision to use a new or not-well-known blockchain?

Do Web3 participants appreciate that “FooCoin” (recall Dodgecoin) can be made “out of thin air”?�And if they do, are they betting that FooCoin will have the value of a major crypto someday?

Some participants may not appreciate the risks involved – but want to get in on the “Web3 Ground Floor”!
Similar to Web2 – The Web3 winning/surviving/thriving companies are not easy to predict!

1 of 39

2 of 39

3 of 39

4 of 39

5 of 39

6 of 39

7 of 39

8 of 39

9 of 39

10 of 39

11 of 39

12 of 39

13 of 39

14 of 39

15 of 39

16 of 39

17 of 39

18 of 39

19 of 39

20 of 39

21 of 39

22 of 39

23 of 39

24 of 39

25 of 39

26 of 39

27 of 39

28 of 39

29 of 39

30 of 39

31 of 39

32 of 39

33 of 39

34 of 39

35 of 39

36 of 39

37 of 39

38 of 39

39 of 39