1 of 45

CryptoVarna Meetup №2

Bitcoin Blockchain

by Galin Dinkov

https://www.linkedin.com/in/galindinkov/

24 Oct 2017

2 of 45

Introduction

3 of 45

About CryptoVarna

CryptoVarna is a group of people interested in Blockchain technologies, cryptocurrencies, ICOs and the possibilities they provide. It is an open group with members specialized in different fields, from informatics to law.

Facebook Group:

https://www.facebook.com/groups/123317971755498

Meetup.com:

https://www.meetup.com/preview/CryptoVarna-Blockchains-Bitcoins-Ethereum

Slack:

https://cryptovarna.slack.com/join/shared_invite/enQtMjYwNDU4OTQxNjIwLTVmOGM4MDEyMjgxYWVlZDRiYmI0OTI4ZGEwMzM3N2QwMzkyYzQ2OTFhOTgzZTAzODkyY2EyNjJlZDJhODE4ZmE

4 of 45

About VarnaLab

VarnaLab is an independent hacker’s space where people with common interest can meet, work and drink beer. The spheres of interest include but not limited to: software technologies, hardware and electronics, art and design, photography, gaming and more.

It is part of huge network of 1600 hacker’s spaces worldwide.

VarnaLab is a non-profit organization and is free for everyone. It is financially supported by its members by a non-fixed donations.

Facebook Page:

https://www.facebook.com/varnalab/

Web:

https://varnalab.org

Trello:

https://trello.com/varnalab

Github:

https://github.com/VarnaLab

5 of 45

Motivation for Bitcoin Creation

The initial idea was to create decentralized secure, open, self-regulated digital money

What was invented became something much bigger

6 of 45

Bitcoin Blockchain’s Main Characteristics

7 of 45

The Blockchain is…

Data Structure

8 of 45

The Blockchain is…

Ledger

Date	Description	Credit	Debit	Balance
2/20/2011	Alice to Bob	-$10		$90
2/20/2011	Bob from Alice		+$10	$10
3/20/2011	Bob to Eve	-$5		$5

9 of 45

The Blockchain is…

Distributed

10 of 45

The Blockchain is…

Immutable

11 of 45

The Blockchain is…

Secure

12 of 45

The Blockchain is…

Anonymous (Pseudo)

13 of 45

The Blockchain is…

Autonomous

14 of 45

The Blockchain is…

Public

15 of 45

Digital Money

16 of 45

I want to create digital money...

Balances?
Accounts?
Transactions?
Security?
Immutability?
Consensus?

17 of 45

How They Made It?

18 of 45

Where are the balances?

No balances
Only transactions
No user accounts
Transactions are made of Inputs and Outputs
Transactions are chained
Coinbase transaction generates initial coins
Balance = Sum(UTXOs)

19 of 45

How to verify the owner?

20 of 45

How to ensure the transactions order?

Put transactions in Blocks
Chain the blocks
Order chronologically

Immutability?
Consensus?

21 of 45

P2P Network

22 of 45

How to reach consensus in the network?

Mining

Only one version is accepted
Although forks exists

Proof of Work

Hard computation
Такеs certain amount of time
Guarantees the immutability

Example: https://blockexplorer.com/

23 of 45

How to deal with the forks?

24 of 45

Going Deep...

25 of 45

Cryptography

26 of 45

Hash Function

Maps any data to fixed bits data or number
Deterministic
One-Way
Uniformly distributed
Collisions
Cryptographic hash functions

MD 2/4/5/6 - Message-Digest Algorithm
SHA 1/2/3 - Secure Hash Algorithms
RIPEMD - RACE Integrity Primitives Evaluation Message Digest
BLAKE 1/2

27 of 45

Hash Usage

‘hello’

SHA-256: 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824�SHA-256d: 9595c9df90075148eb06860365df33584b75bff782a510c6cd4883a419833d50

RIPEMD-160: b6a9c8c230722b7c748331a8b450f05566dc7d0f

Used:

For Addresses
Block IDs
Transaction IDs
Verifications / Checksums
In Merkle Trees

28 of 45

Public-Key Cryptography

Symmetrical (one key)
Asymmetrical (public and private key)
Key exchange
Usage:

Encryption
Digital signature
Authentication

Math behind:

Integer factorization problem
Discrete logarithm problem
Elliptic curve discrete logarithm problem

29 of 45

RSA

Example: https://git.io/v5exi

30 of 45

Elliptic curve cryptography (ECC)

Explanation:

https://youtu.be/dCvB-mhkT0w

https://youtu.be/F3zzNa42-tQ

ECC Domain Parameters:

p - prime field (modulo)

a,b - curve parameters

G - generator point

n - ord(G) (n x G = 0)

h - cofactor of n

Private Key (k) = Random Number < n - 1

Public Key (K) = k ∗ G

K = 1E99423A4ED27608A15A2616A2B0E9E52CED330AC530EDCC32C8FFC6A526AEDD * G

K = (x, y)�x = F028892BAD7ED57D2FB57BF33081D5CFCF6F9ED3D3D7F159C2E2FFF579DC341A�y = 07CF33DA18BD734C600B96A72BBC4749D5141C90EC8AC328AE52DDFE2E505BDB

31 of 45

Key Size Recommendations

32 of 45

Security Risks

Pool cracking - https://lbc.cryptoguru.org
Quantum computers
NSA backdoors in ECC?
Solution: post quantum cryptography

NTRUEncrypt - based on the shortest vector problem in a lattice
More: https://en.wikipedia.org/wiki/Post-quantum_cryptography

33 of 45

Keys & Addresses

34 of 45

Bitcoin Address

Version = 1 byte of 0 (zero); on the test network, this is 1 byte of 111�Key hash = Version concatenated with RIPEMD-160(SHA-256(Public Key))�Checksum = 1st 4 bytes of SHA-256(SHA-256(Key hash))�Bitcoin Address = Base58Encode(Key hash concatenated with Checksum)

14fxjE3qepjaYxiqs5WPtDx5y7vMQP81mW

Private Key (k) = Random Number < n - 1

Public Key (K) = k ∗ G

35 of 45

Wallets

Keep private keys
Types

Nondeterministic (Random) Wallets - collection of random private keys
Deterministic (Seeded) Wallets - private keys are derived from a common seed
Brain Wallet - derived from a word or phrase which one can remember
Mnemonic Words - word sequence to represent seed of a deterministic wallet
Hierarchical Deterministic Wallets (HD Wallet) - tree structure where new keys can be generated from any child branch (public key) without revealing the private key

36 of 45

Transactions

37 of 45

Transaction Lifecycle

38 of 45

Signature and Verification

Standard Transaction Scripts:

Pay-to-Public-Key-Hash (P2PKH)
Pay-to-Public-Key
Multi-Signature
Data Output
Pay-to-Script-Hash (P2SH)
P2WPKH

scriptPubKey: OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG�scriptSig: <sig> <pubKey>

39 of 45

Mining

40 of 45

Miners...

Collect transactions
Validate transactions
Create new blocks
Invest power and electricity
Get rewards in a form of bitcoins
Guarantee the blockchain consensus

41 of 45

Generation (Coinbase) Transaction

Creates coins from nothing
Used to award the miner
Has no input (coinbase)
Outputs the fee to the miner’s address
#0 Block is the Genesis Block

The Times 03/Jan/2009 Chancellor on brink of second bailout for banks

The Generation Transaction

The first transaction added to the block is a special transaction, called a generation transaction or coinbase transaction. This transaction is constructed by Jing’s node and is his reward for the mining effort. Jing’s node creates the generation transaction as a payment to his own wallet: "Pay Jing’s address 25.09094928 bitcoin." The total amount of reward that Jing collects for mining a block is the sum of the coinbase reward (25 new bitcoins) and the transaction fees (0.09094928) from all the transactions included in the block as shown in Example 8-4:

Unlike regular transactions, the generation transaction does not consume (spend) UTXO as inputs. Instead, it has only one input, called the coinbase, which creates bitcoin from nothing. The generation transaction has one output, payable to the miner’s own bitcoin address. The output of the generation transaction sends the value of 25.09094928 bitcoins to the miner’s bitcoin address, in this case 1MxTkeEP2PmHSMze5tUZ1hAV3YTKu2Gh1N.

42 of 45

Transaction Fees

Initial reward 50 BTC
Halving every 210,000 blocks
Total halvings allowed is 64
Will be reached in
Total supply is 21 million
Current award 12.5 BTC
Next halving ~June 2020
Mining ends in ~2140

Transaction Fees = Sum(Inputs) - Sum(Outputs)

Coinbase Reward and Fees

To construct the generation transaction, Jing’s node first calculates the total amount of transaction fees by adding all the inputs and outputs of the 418 transactions that were added to the block. The fees are calculated as:

Total Fees = Sum(Inputs) - Sum(Outputs)

In block 277,316, the total transaction fees are 0.09094928 bitcoins.

Next, Jing’s node calculates the correct reward for the new block. The reward is calculated based on the block height, starting at 50 bitcoins per block and reduced by half every 210,000 blocks. Because this block is at height 277,316, the correct reward is 25 bitcoins.

The initial subsidy is calculated in satoshis by multiplying 50 with the COIN constant (100,000,000 satoshis). This sets the initial reward (nSubsidy) at 5 billion satoshis.

Next, the function calculates the number of halvings that have occurred by dividing the current block height by the halving interval (SubsidyHalvingInterval). In the case of block 277,316, with a halving interval every 210,000 blocks, the result is 1 halving.

The maximum number of halvings allowed is 64, so the code imposes a zero reward (return only the fees) if the 64 halvings is exceeded.

Next, the function uses the binary-right-shift operator to divide the reward (nSubsidy) by two for each round of halving. In the case of block 277,316, this would binary-right-shift the reward of 5 billion satoshis once (one halving) and result in 2.5 billion satoshis, or 25 bitcoins. The binary-right-shift operator is used because it is more efficient for division by two than integer or floating-point division.

43 of 45

Transaction Priority

Older coins have priority
High Priority > 57,600,000
First 50KiB in the block are reserved for high priority transactions
High priority transaction can be included in a block even without any fees

Priority = Sum(ValueOfInput * InputAge) / TransactionSize

The priority of a transaction is calculated as the sum of the value and age of the inputs divided by the total size of the transaction:

Priority = Sum (Value of input * Input Age) / Transaction Size

In this equation, the value of an input is measured in the base unit, satoshis (1/100m of a bitcoin). The age of a UTXO is the number of blocks that have elapsed since the UTXO was recorded on the blockchain, measuring how many blocks "deep" into the blockchain it is. The size of the transaction is measured in bytes.

For a transaction to be considered "high priority," its priority must be greater than 57,600,000, which corresponds to one bitcoin (100m satoshis), aged one day (144 blocks), in a transaction of 250 bytes total size:

High Priority > 100,000,000 satoshis * 144 blocks / 250 bytes = 57,600,000

The first 50 kilobytes of transaction space in a block are set aside for high-priority transactions. Jing’s node will fill the first 50 kilobytes, prioritizing the highest priority transactions first, regardless of fee. This allows high-priority transactions to be processed even if they carry zero fees.

44 of 45

References

Bitcoin Wiki, https://en.bitcoin.it/wiki/
Mastering Bitcoin, Andreas M. Antonopoulos, O’Reilly Media
Bitcoin.ORG, https://bitcoin.org

45 of 45

Final

by Galin Dinkov

https://www.linkedin.com/in/galindinkov/