Essential Crypto Mechanics and DeFi�for Computer Science Engineers

Michael A. Ramalho, Ph.D.�FWCS SP/COMM Society Chair & FWCS IEEE Blockchain Community Chair�mar42@cornell.edu

March 3, 2023

IEEE Aerospace and

Electronics

Systems Society

Florida West Coast Section�(Michael Mayor / michael.mayor@ieee.org)

Florida West Coast Section

(Michael A Ramalho / mar42@cornell.edu)

USF Student Branch Chapter�(Mateus A. Fernandes A. / mateusf1@usf.edu)

DISCLAIMER:

​

​

Primarily a technical talk on blockchain mechanics, operation, and theory.

​

• Talk is ...�
• NOT INTENDED to render any guidance on crypto value now or in the future.�
• NOT INTENDED to render any guidance on issues relating to how blockchains�or crypto are governed or regulated now or in the future.�
• NOT INTENDED to render any guidance on issues relating to how blockchains or�crypto can be exploited for any purpose now or in the future.�

In Other Words: Analysis and Opinion Only - Use at your own risk.

2

© 2023 FWCS IEEE SP/COMM. All rights reserved.

OBJECTIVES:

1. What makes Bitcoin so special?
• Bitcoin blockchain and mining operation by example.
2. Software/Cryptographic advances that enabled Cryptocurrency.
• Consensus algorithms and hash functions in public blockchains.
3. Software advances that enabled Decentralized Finance (DeFi).
• Add “Smart Contracts” + {”virtual machines” and “virtual machine state”} to blockchain.
4. How crypto is mined/minted and how crypto can be held.
• Cost to mine/mint crypto and ESG issues.
• Self-Custody vs Exchange-Custody of crypto.

3

© 2023 FWCS IEEE SP/COMM. All rights reserved.

TALK OUTLINE

1. Blockchain and Cryptocurrency Essentials:
• Blockchain Fundamentals & Blockchain Types.
• Three Essential Technologies for Blockchain.
2. Crypto Blockchain Basics:
• Bitcoin: Detailed Bitcoin v2 Blockchain Description.
• Ethereum: Ethereum Virtual Machines & Smart Contracts.
3. Crypto Blockchain Consensus Algorithms:
• Major Algorithms: “Proof-of-Work” and “Proof-of-Stake”.
4. Debunking Widely-Held Crypto Beliefs:
• Crypto supply / Crypto Governance / How Crypto is Held.

4

© 2023 FWCS IEEE SP/COMM. All rights reserved.

Blockchains and Cryptocurrency Essentials

• Blockchain Fundamentals
• Blockchain Types & Blockchain Misconceptions

5

© 2023 FWCS IEEE SP/COMM. All rights reserved.

What are Blockchains?

Blockchains are software-defined data structures in which:�

• “Blocks of data” are created via a standardized structure (header and payload) in which:
• “Validated transactions” (and optionally other state) are recorded in a given block.
• Each newly-formed block is “connected/tied/referenced” to the immediately preceding block (generally via a 256-bit identifier) – forming a “chain”.�
• “Consensus Mechanisms” are used to:
• Validate transactions within the block’s “payload”.
• Validate all summary information in the block’s “header”.
• Determine the “active chain” (when multiple possibilities exist).
• Protect against malicious participants.

​

• An irreversible set of blocks is created in an ever-increasing chain.

Misconception #1: Blockchain = Database (Not!)

Blockchain is a shared, immutable ledger that facilitates recording “transactions”, ”assets” and optionally smart contracts (and state associated with them).

​

Virtually anything of value can be tracked or traded on a blockchain network.

• The “tokenization” of “Real World Assets” (RWAs) is a huge focus area for DeFi and Web3.

​

Key Blockchain Elements:

• Distributed Ledger Technology (DLT) - All “participants” have access to the distributed ledger and its immutable record of (past/validated) transactions.
• Immutable records - No participant can change or tamper with transactions after they have been�validated and recorded onto the blockchain ledger!�

RESULT: If a transaction includes an error – a new transaction must be added to the ledger/blockchain�to reverse – and both are then visible by all participants.

Blockchain ≠ Database!

• Smart Contracts – Blockchain-specific code (and associated state) that is stored on the blockchain and automatically executes a set of defined rules when triggered by an “event”.

Misconception #2: Blockchain = Crypto (Not!)

• Public (Permissionless) Blockchain. Example: Most major cryptocurrencies.
• Any node is allowed to join and participate in the “network consensus” (blockchain-specific mechanisms).
• Fully decentralized, secured and immutable (distributed) ledger.
• Transactions are “pseudo anonymous” (the public keys of users are opaque and transparent to everyone).
• Open ledger / Open to anyone / Open network / Any node can join.

​

• Private (Permissioned) Blockchain. Example: Supply chain ledger for component parts for a specific company.*
• A single organization has authority over network.
• Fastest transaction reconciliation, power efficient, offers privacy guarantees.
• Only a few users/entities are allowed to access a permissioned blockchain (e.g., component suppliers).
• Closed Ledger / Single Organization in Control / Closed Network.�
• Federated Blockchain. Example: Blockchain that multiple organizations use, but closed outside the Federation.
• Federation controls – via rules of code – what is allowed (e.g., access) and network operation (e.g., consensus).
• Decentralized, much faster than public blockchains, highly scalable.
• Open or Closed Ledger/ Multiple Organizations/ Closed Network.
• Federation controls degree of privacy, security and ledger visibility. Also called “Consortium Blockchains”.�
• Hybrid Blockchain.
• Definitions on what elements/data are public and private. Access can be controlled (permissioned) or public.

* -Example: NIST Report 8419 (https://doi.org/10.6028/NIST.IR.8419 ).

This is today’s Focus.

Please Do Not Equate “Blockchain and Database” or “Blockchain and Crypto”!

Blockchain ≠ Database!�&�Blockchain ≠ Crypto!

[Don’t ever equate blockchain as a database in a discussion with others!]

Today’s Focus:

Public Permissionless Blockchains�&�Blockchain/Cryptocurrency Mechanics�&�Foundational DeFi Components (implemented on blockchains)

Essential Technologies for Blockchains

1. Consensus Algorithms
2. Random Number Generators
3. Cryptographic Hashes

You would also need to know Public Key Cryptography and Digital Signatures if this was a longer lecture! 😁

10

© 2023 FWCS IEEE SP/COMM. All rights reserved.

Essential Technology 1: Consensus Algorithms For Public, Permissionless Blockchains

Blockchains aim to produce an immutable distributed ledger where some of the participants ...

• May be offline or experiencing communication difficulties to the “blockchain network”,
• May not be trustworthy (e.g., opportunistically nefarious), and
• May produce inaccurate results or do not compute quantities correctly.

​

�Thus, fault-tolerant consensus mechanisms are used in both distributed computing and blockchains to�arrive at the state of the network/blockchain among the distributed processing system participants.

​

�Since nefarious behavior on a crypto network may result in huge (and immutable) crypto losses - permissionless, public blockchains place a very high importance for secure, fault-tolerant consensus!�Both reward and penalty mechanisms are employed in most crypto blockchains.

​

�There are many such algorithms: Proof-of-Work, Proof-of-Stake, Proof-of-Authority, Proof-of-Space/Storage,�Proof-of-Elapsed-Time – and many yet to come.

​

�We will focus on the two most popular of these: “Proof-of-Work” and variants of “Proof-of-Stake”.

Essential Technology 2: Random Number Generator Use in Blockchain

Cryptographic Secure Pseudo Random Number Generators (CSPRNG/CPRNG) are used in computer science for:

• Key Generation – In blockchain, creating digital signatures for signing/verification transactions .
• Salts - Random data appended to inputs/passwords and fed into hash functions (not discussed today).
• “Randomly choosing” things – In blockchain, for choosing the next validator/mining/minting node.

Essential Technology 3: Cryptographic Hash Functions (SHA-256, p/o SHA-2 family from NSA*)

Input_Data

“One-Way” Hash Function (SHA-256)

Output_Hash (256 bits for SHA-256)

Arbitrary Length Input

Advanced Encryption Standard (AES) (FIPS PUB 197)

Deterministic value, but appears random relative to similar looking inputs.

Fixed-length Output (256 bits for SHA-256)

Example: Output_Hash = Hash_SHA-256(Input_Data)

https://doi.org/10.6028/NIST.FIPS.197

* - Others commonly used are RIPEMD, WHIRLPOOL, SWIFFT

Essential Technology 3: Cryptographic Hash Functions (Continued)

Input_Data₁ : Input_Data₂

Hash_SHA-256

Output_Hash_1,2

Deterministic 256 bit value, but appears random relative to�Hash(Input_Data₁)�OR�Hash(Input_Data₂).

Note: Concatenation often written as hash(x₁ + x₂) in hash documentation (do not confuse with linear addition of vectors). We will use this notation henceforward.

Concatenation of Inputs (of arbitrary length)

This ”concatenation property” is often used in situations requiring hashing.

Concatenation of the Inputs to the Hash Function

Input_Data₂ : Input_Data₁

Hash_SHA-256

Output_Hash_2,1

Deterministic 256 bit value, but appears random relative to�Hash(Input_Data₁)�OR�Hash(Input_Data₂)�OR�Hash(Input_Data₁ :Input_Data₂)

Concatenation of Inputs in different order!

Essential Technology 3 (Continued): Merkel Tree & Merkel Root (Binary Hash Chain)

Binary Hash Tree of 4 Data Blocks

• Each data block contain transactions – each of which have�have been check via digital signatures (not discussed today).
• Easy to ”include/add new data blocks” without recomputing�hashes over existing data blocks.

Hold on ... hashing is used in at least two additional applications in blockchain!

ANY data under the “top hash” changes – and the top hash (called the “Merkel Root”) changes!

Crypto Blockchain Basics By Example

1. Bitcoin v2 Blockchain Fundamentals.
2. Ethereum Blockchain Fundamentals.
3. Ethereum Virtual Machines and�Smart Contracts.

16

© 2023 FWCS IEEE SP/COMM. All rights reserved.

Bitcoin – Most Famous Public Permissionless Blockchain for Cryptocurrency

• Bitcoin’s Inventor/Founder: Satoshi Nakamoto (pseudonym for 1 or more creators)
• Fractional Bitcoin is a “Satochi” (100 millionth of a Bitcoin)�
• Satoshi’s October 31, 2008 Whitepaper: “Bitcoin: A Peer-to-Peer Electronic Cash System”
• Problem to Solve^1,2:

“What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party.”�

• Launched 1^st Bitcoin client on January 9, 2009
• Contained a message and the first 50 Bitcoins ever crated (“pre-minted” coins).
• First commercial transaction: Two Papa John’s pizzas for 10,000 Bitcoins�(~ $250 Million today).

​

• Today we will focus on blockchain and consensus mechanisms – not on the process of validating individual (digitally signed) transactions.

NOTE:�1 - Original intent was NOT to be an investment!�2 – True, but parties need to TRUST THE CODE!

How Blockchains are Formed – Bitcoin Version 2 Example

Diagram and block decode from: https://www.oreilly.com/library/view/mastering-bitcoin/9781491902639/ch07.html

To “Genesis Block” (Block at Height 0)

Side Note: “Block Height” is not stored anywhere – as it is not always a unique identifier.

“Proof-of-Work” (PoW) Based Consensus:�

• Bitcoin’s fault-tolerant consensus mechanism
• More hashpower => Greater chance of mining new block�
• Genius of Bitcoin / Horrible ESG Bitcoin Waste

19

© 2023 FWCS IEEE SP/COMM. All rights reserved.

Proof-of-Work (PoW) Consensus Algorithm: Bitcoin’s “Computationally Intensive Puzzle”

• Bitcoin’s “computationally intensive puzzle” is ... you guessed it ... solving a cryptographic hash.�
• In this case, “solving” the puzzle is to require the hash result to be below a “target value”.
• Note: The target value is interpreted as an unsigned 256-bit integer value (uint256).�
• The only known way to “solve” this puzzle is to randomly guess for the solution!
• On average, solving this puzzle will provably take a long time.
• “Miners” (nodes) are tasked with trying to “solve” this “puzzle”.
• With substantial odds, a single miner will be the first one to solve the problem�(however, sometimes more than one will – we address this soon).�
• However, once a solution is found (typically not unique) the “winning miner” advertises it.
• ALL OTHER MINERS can quickly and easily verify that the hash solution meets the�requirements (i.e., they can “validate the solution” with trivial effort).
• ALL OTHER MINERS then abandon their effort to solve and move on to the next block.
• The WINNING MINER will eventually receive a “block reward” for solving puzzle.*�
• We will first demonstrate the concept assuming a certain form of the target value�(a power of 2) – then we will relax that assumption.

* - There are exceptions to be described later.

Proof-of-Work: Let’s talk about that NONCE [Bitcoin/Ethereum 1.0/Original Dogecoin/Litecoin]

HASH_SHA-256{[Bitcoin Block Header without Nonce field] + [Nonce]} = 256-bit Result*

* - When used for signature/verification purposes, result also called a “message digest”

Block Header

Transactions

Nonce

A Bitcoin Block

• A “Nonce” is a “number used once” for various cryptographic purposes.
• We know from before that using different Nonces in the hash above�will produce seemingly different/random results.

Key Result: If you want to try nonces (e.g., 0, 1, 2 ...) to produce ....

exactly k leading zeros in the result (i.e., 0b{k-zeros}{(256-k)-don’t cares}) ...

then ON AVERAGE we expect to try 1/(1/2^k) = 2^k trials to obtain this result.

Full Answer: The probability distribution of the number X of Bernoulli trials needed to get one success is a�geometric distribution where the mean of the distribution is 1/p. So ON AVERAGE we expect to need 2 trials.

Proof-of-Work: Let’s talk about that NONCE & DIFFICULTY (continued)

HASH_SHA-256{[Bitcoin Block without Nonce field] + [Nonce*]} = 256-bit Result

* - Extra Credit: The Bitcoin Nonce field is only 32 bits. Why is this a problem? How to fix it?

If we want the result to 0b{k-zeros}{(256-k)-don’t cares}), ON AVERAGE we expect to try 1/(1/2^k) = 2^k Nonces.

Block 730466 (mined on April 04, 2022 at 7:10 PM EDT) hash is ...�0x00000000000000000002a24e1b956496a6f6c7d1eae6342488a257c9ade1909d�... which had 78 leading (binary) zeros (4*19+2).

Homework: Playing with “Proof of Work” Blockchains – Go to https://demoblockchain.org/tokens*

Same�transactions�different�order

Different�Nonces�needed�for�four, hex�zeros

Miners don’t�all work on the�“same hash problem”�(e.g., transactions�can be recorded�in a different order).��Demo goal here is�for a hash result�to have form of�0x0000{XXXX}�(16 leading zeros,�65,536 tries on average).

Create your own blockchain.

* - This is a commercial site. Not an endorsement. Demo may be taken down at any time.

Possible Chain 1

Possible Chain 2

139,359 tries (~2x avg)

23,136 tries (~35% avg)

Proof-of-Work: What is the Target? How is DIFFICULTY Adjusted?

�Block 730466 (mined on April 04, 2022 at 7:10 PM EDT) hash is ...�0x00000000000000000002a24e1b956496a6f6c7d1eae6342488a257c9ade1909d�... which had 78 leading (binary) zeros (4*19+2).��Note: Wanting a result to be 0b{k-zeros}{(256-k)-don’t cares}) ... is equivalent to saying ...�the value must be less than or equal to 0b{k-zeros}11111111111111...111 (i.e., < 2^(256-k))��Bitcoin specifies that the hash must be less than a specific target value (a specific 256 bit unsigned integer)�... thus not limited to power of 2 changes in our examples prior.�

Simplified, the Bitcoin’s target value is adjusted approximately every 14 days as follows:

1. The network sums the total minutes it took to mine the last 2016* blocks (called an epoch, ~14 days)** ... and ...
2. Compares this sum to the desired sum of 20,160 minutes (goal is to produce a block every 10 minutes) ... then ...
3. Adjust Target Value up or down (“difficulty adjustment”) toward the desired result at each epoch end update.***

Bitcoin’s “Difficulty Adjustment” is an Adaptive Control System

* - Bitcoin Goal is block every 10 minutes. (1 block/ten-minutes)*(6 ten-min periods/hour)*(24 hours/day)*(14 days/epoch) = 2016 blocks/epoch�** - Due to an error, actually 2015 blocks. See details at https://minerdaily.com/2021/how-are-bitcoins-difficulty-and-hash-rate-calculated�*** - With hard adaptation limit/clipping at 4x or ¼ X at each target value epoch update.

Previous�Example

Bitcoin Difficulty – The Game Is Rigged!

The Details:

• The Target Value is derived from something called the “Difficulty Level”.
• The Difficulty Level relates the target value to the one used in Genesis Block.
• It is the Difficulty Level which is reported in the Bitcoin Block Header.
• The Target Value (and Difficulty) is fixed for the particular epoch.
• You can verify that the Difficulty Level in the headers remain the same for the entire epoch (https://www.blockchain.com/btc/blocks).
• The precise adjustment algorithm has changed over time to use moving averages (but interestingly not median filtering!).

Image Credit: https://wdrfree.com/stock-vector/carrot-man-carrots

• Solve sooner than 10 minutes (on average) – Make following solutions harder.
• Take longer than 10 minutes (on average) – Make following solutions easier.

INDEPENDENT OF HOW MANY MINERS ARE WORKING ON THE SOLUTION!

Nonce & Difficulty Bitcoin Header Fields -�Now you know ALL fields in Bitcoin v2 Header!

How Much Does It Cost to Mine Bitcoin? – It Depends!

Miner #1 has�10% of hashpower

Miner #1�Doubles GPUs

Miner #1 now has 18% of hashpower

Miner #1 almost doubles their chances of�producing a Bitcoin block!

If Miner #1’s mining costs are low relative to�the average miner, this is a winning strategy!

Bitcoin’s “Tragedy of the Commons”:�Low-cost miners have incentive to increase hashpower and waste energy!

The Economics of Bitcoin (to be continued ...)

IF� {“Mining cost for a given miner” > “their expected profit”}; // Profit ~= (Bitcoin Price – Mining Costs)�THEN

{The miner will stop mining};

END

• If miner stops mining Bitcoin ... What happens to the mining hardware?
• Mining hardware may be re-deployed where non-hardware costs are less expensive (same blockchain).
• Or mining hardware may move to different PoW blockchain (Alt Coin) with better economics.
• As we just learned, Bitcoin Difficulty will be adapted (every two weeks) to the new condition.
• The market price of Bitcoin has a significant effect on the profitability of mining.
• The market price of Bitcoin is a function of supply and demand.
• Bitcoin supply will be discussed soon ... but let’s first wrap up on Bitcoin’s consensus algorithm.

The Genius of Bitcoin’s “Proof of Work” – Consensus Algorithm Resolves Conflicts!

• Rule: Miners always build on “the longest chain”.
• Miners mint a new block when they are the first to find a hash whose value is below that of the target value.
• Given network delays or coincidence – two (or more) miners may successfully solve “their hash problem” at same time.
• Depending on network propagation and/or miner choice, miners may decide to mine off of “Fork A” or “Fork B”.
• Most of the time, a majority of miners will work off of one of the forks. Thus, the next block will likely be minted�from this fork (above Fork B). Then this fork will represent the “longest chain”. Fork A will be abandoned.
• Worse case is that ½ the miners work on Fork A – and the other ½ on Fork B. In this case ANY new block on EITHER�chain will take about 20 minutes to solve. It is OVERWHELMINGLY UNLIKELY that both forks would find a solution at the same/similar time. The forks will resolve themselves with ONE becoming the “longest chain”.
• This is the genius of proof of work! Conflict Resolution: eventually one fork becomes longest (due to math/statistics!).
• Any transactions on Fork A above that are NOT ALREADY RECORDED on Fork B will be introduced into a future block on Fork B.
• Block A: An “Orphan Block” in Bitcoin (no block reward) / An “Uncle block” in Ethereum (with a smaller block reward).

A

B

“Nakamoto Consensus” - A Natural Fit for Open Permissionless Systems (any node can join at any time).

Z

C

The Horrible Downside of “Proof of Work” – ESG Waste!

To increase your chances of successful mining in a cost-effective manner you must:

• Get many processors that are efficient at hash computations (ASIC-based),
• Run them at places that have low electricity costs, and
• Have a plan for the “excess heat” (and noise) produced.

14 Th/s, 1190 Watts

99.9%* of compute cycles (and thus electric power) is devoted to solving the Proof-of-Work hash “puzzle”!�Bitcoin hash operations today consume the equivalent of 2x the power needs of Switzerland. This is unsustainable!�There must be more ESG-friendly ways to building blockchains!

* https://www.yahoo.com/finance/m/a9ed6f00-037b-3f67-9e4f-118b2e0bd6d8/bitcoin-mining-stocks-have.html

ESG == “Environmental, Social, Governance”

Can We Choose the Next Block Host Without the Purposeful ESG Waste Used in “Proof of Work”?

Statistically, We already know the answer!

Let’s simplify the problem (we will later relax these assumptions):

• Assume there are N CPUs – and each CPU has identical hashing power.
• About every 10 minutes, 1 of those N CPUs will “solve the hash problem”.
• We just don’t know a priori WHICH ONE of the N CPUs will be the winner!
• Why can’t we just “pick one at random”?

* - Also called “grinding”.

“Proof-of-Stake” (PoS) Consensus:�

• Peercoin’s fault-tolerant consensus mechanism
• More “staked” => Greater chance of creating next block.
• “Staked coins” are collateral (can’t be spent).
• Consensus is based on economic rewards/penalties.�
• Major benefit: 99.9% Less Power Consumption than PoW

​

• Also: Cardano/Avalanche/Polkadot/Solana/Ethereum 2.0

​

• PoW vs PoS Consensus and Operational Differences

31

© 2023 FWCS IEEE SP/COMM. All rights reserved.

“Proof-of-Stake” architectures “appoint” the next block creator without ESG waste in PoW

• We just showed that can choose 1 out of N possible CPUs to be the CPU to create the next block.
• Since 99.9+% of Bitcoin work was “wasteful hash guessing”, actual processing cost of creating new blocks is low!
• How do we choose N (now that we don’t need hundreds of thousands of special-purpose CPUs anymore)?
• Who says any one of the “N mining entities” need to have equal chances (probabilities) of being chosen?

Loose Definition of “Proof of Stake”

Proof-of-Stake (PoS): Some Popular Variants

Highest Chance�of Being Chosen�for Pure PoS

Pure Proof of Stake (PPoS): Algorand

Other criteria for PoS weighting other than amount staked:

• (Staked) Coin Age.
• Penalty (negative weight) for being offline.
• ANY OTHER CRITERIA the blockchain governance wants!

I use the term “Probabilistic Validator Selection” for these techniques.

Blockchain Hygiene: Incentives and Disincentives for “Proof-of-Work” and “Proof-of-Stake”

PoW (Bitcoin and “Altcoins”) – Uses “Nakamoto Consensus”:

• Blockchain building and consensus algorithms defined by solving PoW puzzle (the Genius of PoW).
• Unless Hash_SHA256 is broken someday, there is no known way to game the system.
• The winning miner is awarded a ”block reward” (for being lucky) and ”transaction fees” for the�transactions within it’s block.
• Some PoW crypto have “coin limits”. Once limits are met, miners will receive only transaction fees.*

* Bitcoin/Litecoin expectation is circa 2140.

PoS (and other PoS derivatives) – Use an Economics-Based Consensus Algorithm:

• When a validator is chosen and creates a new block, it is awarded a “block reward” – similar to PoW.
• Validator passes most of the block award to staking participants contributing as “staking awards”.
• Validators also receive “transaction or gas fees” for the computational expense of transacting work on their node (e.g., a smart contract execution).
• Staked crypto must be staked for a prescribed amount of time. Validators often pay interest to parties contributing to its total stake.
• ”Slashing” is a penalty mechanism to discourage validator misbehavior (validator downtime, dishonest validation or execution, etc.). If egregious enough, entire stake may be forfeited and validator removed.
• Other penalty mechanisms built into the PoS weighting (e.g., lessen chance of being chosen in future).

Answer to PoW ESG Wastefulness ... Is PoS and PoS Derivatives

Public Permissionless Blockchain Nodes (validators) are not autonomous! Major departure from Bitcoin principles.

“THE MERGE” - Ethereum's Transition from Ethereum 1.0 (PoW) to Ethereum 2.0 (PoS)

• Years in planning! Just occurred on September 15, 2021.
• 99.9+% reduction in energy costs-- AND -- More Scalability (primarily via “chain sharding”).
• Ethereum 1.0 (PoW) was becoming “increasingly centralized” (5 mining pools - 64.5% of all ETH mined).
• PoS is characterized as “a more secure network” owing to more decentralization ...

... BUT THIS IS DEBATABLE ... BECAUSE ...

• Need to “trust” a lot more code (compared other PoW crypto), and ...
• Validators must “obey” centralized commands AND are becoming (increasingly) permissioned (e.g., joint signatures).

Ethereum “Merge” from PoW to PoS – Quick Look at Block Headers

Ethereum�Pre-Merge�(similar to Bitcoin header)

Ethereum�Post-Merge

Fundamentally Straightforward�(despite the hype/analogies�of changing jet engines�on jet while in flight)

A lot of testing to�ensure the merge�went smoothly!

Ethereum PROVED that�(energy-wasting) PoW�blockchains can�transition to PoS!

Extra header fields�mostly due to Ethereum�Virtual Machine State�(we discuss this later)

SUMMARY: Proof-of-Stake (PoS) vs Proof-of-Work (PoW)

”Proof-of-Work” Properties (“The Genius of Satoshi Nakamoto’s Bitcoin”):

• Consensus (conflict resolution) due to mathematical properties of cryptographic hashes!
• For as long as Hash_SHA-256 isn’t broken – NO CHEATING IS POSSIBLE!
• Result: PoW mechanics are very, very secure in an open/permissionless system.
• Downside: Incredible waste of electrical power and computes.
• However: Any node can mine Bitcoin – there is no “central authority” to enroll.
• Aside: Anyone can copy Bitcoin and generate their own crypto altcoin: “Dr. Sudeep Sarkar Coin”�(remember Dogecoin was started a satirical take on Bitcoin in just a few days).

“Proof-of-Stake” Properties:

• Virtually no power wasted in choosing next validator.
• Consensus via open-source random number generation and secret/hash enrollment!
• Next validator probability can be a function of virtually anything (PoS Variants)!
• Increased scalability relative to Bitcoin (e.g., blocks created more frequently & sharding).
• However: As a validator, you need to “enroll” to the “central authority” of the blockchain.
• Result 1: Relative to PoW/Bitcoin – “Minting costs” are virtually nothing!
• Result 2: PoS validators are not fully autonomous!
• Result 3: Trust in the Blockchain governance is paramount!

Note: Blockchain Governance and future Blockchain Regulation are extremely important topics!�We will address some of these issues later.

A Quick Note on Other Forms of Blockchain Consensus (for completeness):

PoW and PoS are the two dominant consensus algorithms for public permissionless blockchains, but there are others.�

• PoW-based consensus (Bitcoin and other Alt Coins) use “Nakamoto Consensus” �(also called “chained proof of work” consensus).
• This is a natural fit for open, permissionless systems where any node can join the system at any time.�
• PoS-based consensus uses a form of “Economic Consensus” and a deterministic probabilistic mechanism�that the system nodes agree upon (e.g., CSPRNGs).
• Relies upon economic rewards/punishments to thwart nefarious activity.
• Requires nodes to “register/enroll” to a central authority (for RANDAO, signature conventions and more).

​

• ”Proof-of-Authority” consensus (not discussed) requires nodes to prove their authenticity (and thus their�non-maliciousness) via an administrative process.
• These are effectively permissioned (not-permissionless) public blockchains.�
• Metastable Byzantine Fault Tolerance based consensus (not discussed).
• No enrollment needed (unlike PoS), still permissionless – but better finality/liveness guarantees.
• Example: Ava Labs uses Snowball. AVAX (it’s native token) is 18^th in market cap.

We are still “Early Adopter/Early Majority” phase of the crypto technology life cycle!

Blockchain Virtual Machines and Smart Contracts – Ethereum Example Code

39

© 2023 FWCS IEEE SP/COMM. All rights reserved.

Ethereum Virtual Machines (EVMs) ⋍ {Bitcoin-like transaction chain + Smart Contracts}

• Ethereum == {platform for facilitating contracts, via its currency} vs Bitcoin == {alternative to fiat currency}

​

• Smart Contract Definition (Nick Szabo, 1994).

A smart contract is a computerized transaction protocol that executes the terms of a contract. The general objectives of�smart-contract design are to satisfy common contractual conditions (such as payment terms, liens, confidentiality, and even enforcement), minimize exceptions both malicious and accidental, and minimize the need for trusted intermediaries.

​

• Thus a "smart contract" is simply a program that runs on a blockchain virtual machine. It is a collection of code (its functions) and data (its state) that resides at specific blockchain addresses.

​

• Need to keep both “transactions” (like Bitcoin) PLUS “world state” on the blockchain.

Smart Contract Execution isn’t free ... It costs “gas”.

Ethereum Virtual Machines (EVMs) – A Deeper Look

Gas fees are paid in Ethereum's native currency, ether (ETH).�Gas prices are denoted in gwei (1 gwei = 0.000000001 ETH).

Image Credit: https://ethereum.org/en/developers/docs/gas/

Smart Contact is interpreted code – executed upon an ”event”.

• All opcodes/functions cost gas�(usually different amounts).�
• Using external storage uses a lot of�gas – as it must be instantiated on the blockchain (p/o “world state” noted previously).�
• Modifying external storage�on subsequent invocations is also costly, as it updates state in new blockchain block.�
• If the amount of gas passed to�execute code is insufficient, all�gas available is consumed – but external state “reverts” to state prior (by not updating world state).�

Point 1: Only use external storage when absolutely required.

​

Point 2: Pass enough gas!

Ethereum Smart Contracts – Solidity Example

The first time this smart contract is called, the “constructor” instantiates the state needed on the blockchain (part of�“world state”). There is a cost (in gas) to instantiate state that will forever be on the blockchain – so don’t ever instantiate�local/temporary state on the blockchain!

Smart Contract execution can trigger other “events” and “errors”.

Widely-Held Crypto Beliefs or Lies�(ahem ... I meant misunderstandings )

• Bitcoin Supply
• Yeah, I OWN Crypto ...
• Role of Crypto Blockchain Governance

​

😁

43

© 2023 FWCS IEEE SP/COMM. All rights reserved.

Crypto Supply Limits – A Bitcoin Example (Part 1)

Original Bitcoin Money Supply Design (it has not changed!)

​

1. 50 BTC Block Award for every block during first 4 years (recall, blocks produced every 10 min on average).
2. Then for the next 4 years – reduce award by half (i.e., 25 BTC per each new block).
3. Continue to half block award similarly every 4 years.

• 210,240 Bitcoin blocks are produced every 4 years (4*365*24*6).
• Bitcoin’s “Reward Epoch” is 210,000 blocks (only approximately every 4 years).
• Thus, reward for first Bitcoin Reward Epoch is 10,500,000 BTC (50*210,000).

= 1

Total BTC Limit = 21,000,000 BTC

Crypto Supply Limits – A Bitcoin Example (Part 2)

Question: Why 21 Million BTC Cap? ..... Bitcoin’s Answer: Designed-in BTC scarcity.

Apparently everyone doesn’t know that Bitcoin Governance can vote to change code in the future.*

* https://sports.yahoo.com/jamie-dimon-thinks-bitcoin-supply-214026462.html

Bitcoin Supply Limit - Just One “Blockchain Governance” Issue

El Salvador President Nayib Bukele quotes “Bitcoin Scarcity”

"A gigantic price increase is just a matter of time" ... He centered his case on bitcoin's supply cap and his estimate�that there are 50 million millionaires in the world.

�"Imagine when each one of them decides they should own at least ONE #Bitcoin ...�But there will ever be only 21 million #Bitcoin," he said. "No[t] enough for even half of them."

The ARK chief [Cathy Wood] also pointed to the increasing institutional embrace for Bitcoin, and said that if institutions were�to allocate around 5% of their funds to Bitcoin the way they have with asset classes like real estate or emerging markets,�that would lift the price to $400,000 or $500,000.

​

At those levels, Bitcoin would be worth roughly the same as all of the gold in the world. That fits with another argument for�Bitcoin's value, as many backers claim it's digital gold due to it being capped at 21 million coins, which creates artificial scarcity.

Cathie Wood ARK Invest CEO also mentions “Bitcoin Scarcity”

The money supply of a given cryptocurrency SHOULD be a factor in it’s potential worth in the future.

Do You REALLY Own Crypto?

47

© 2023 FWCS IEEE SP/COMM. All rights reserved.

Do You Really Own Crypto? ... Let’s Talk About Crypto Ownership – Part 1

Crypto Transactions on the Crypto Blockchain Require Cryptographic Key Pairs (Private/Public Keys):�

• An Entity A sending crypto to a receiving Entity B requires the use two cryptographic keys:
1. Entity A’s private key
• Entity A effectively “digitally signs” the transaction with this key.
• This key MUST be kept private by Entity A – as any entity knowing it can move Entity A’s crypto.
2. Entity B’s public key
• Or equivalently, a blockchain address directly derived from B’s public key.�
• Any Entity sending crypto to Entity A needs to know (in addition to it’s own keys):
• Entity A’s public key (or equivalently, an address directly derived from Entity A’s public key).��

Cryptocurrency Mantra: “Not your Keys – Not your Crypto!”

The two prevalent ways crypto is “owned” are:�

• Self-Custody
• You control your keys that are associated with your cryptocurrency public key (“account/address”).�
• Exchange-Custody
• The crypto blockchain doesn’t ”know you” as transacting party (only knows the exchange).

Do You Really Own Crypto? ... Let’s Talk About Crypto Ownership – Part 2

Self-Custody: The entity “owing” the crypto has direct responsibility for their keys!

​

Keeping track of the needed public/private key pairs is usually facilitated by a “wallet”.

• Hardware wallets (e.g., a USB device). Generally only used when you want to make a transaction.
• Very secure. Don’t lose it or forget any passcode needed to open it (or you “lose” access your crypto).
• Paper wallet. Yes, just a piece of paper upon which you write down the keys.
• Very cumbersome and error prone. Don’t lose this piece of paper (or you “lose” access your crypto).
• Software wallet on your internet-connected computer/device
• Warning - If hackers find your private keys – say goodbye to your crypto.
• Software wallet on a centralized exchange (note: this is not exchange custody).
• Exchange entrusted with safekeeping of your keys (e.g., Coinbase self-custody account) – but anyone accessing your account (with your exchange login credentials) can move your crypto with access to your keys!

Exchange-Custody: The entity “owing” the crypto is really the exchange (NOT YOU).

​

• Simplest way to get started in crypto; look-and-feel of an online brokerage account. Examples: Venmo, PayPal.
• ”Your crypto ownership” is ... a bookkeeping entity on the exchange (similar to your local bank).
• The exchange manages transactions associated with your account via IT’S KEYS on the crypto blockchain.
• Coinbase stated that in bankruptcy “your crypto” can be used to pay “their debts”. “Your crypto” account�is an asset THEY control with THEIR keys (no SPIC-like protection for you!).
• Many legal jurisdictions consider this akin to a “futures contract” – exchange agrees to pay you back later.
• “Your Crypto” is sometimes insured against loss (e.g., Robinhood uses Lloyds of London).

Blockchain Governance and Regulation

50

© 2023 FWCS IEEE SP/COMM. All rights reserved.

A Short Note on Blockchain Governance ....

A Decentralized Autonomous Organization (a DAO) is a organization - represented by rules encoded as a computer program (smart contract) or in blockchain governance structure - that is:

• transparent,
• controlled by the organization members, and
• NOT influenced/controlled by a central government.

[Member-directed communities without centralized leadership used for ANY purpose.]

​

Bitcoin’s Original Goal: To eliminate the need of a mutually acceptable trusted third party. Just trust the code.

But the blockchain code can be changed by the blockchain’s governance!

IMPLICATION:

• Layer 1 Cryptocurrency DAOs governance/rules
• Layer 2 Crypto DAOs governance/rules (a “Web 2.0 sidechain” – not discussed today)
• Web2 Interface to Crypto Holdings via a Web2 Provider (a exchange custody account)�>>> REQUIRES A SIGNIFICANT AMOUNT OF USER TRUST <<<

​

By participating in any of the above – you are agreeing to the terms the DAO or Web2 provider set!��Cryptocurrency & Layer 2 networks have significantly different governance than regulated entities.� Caveat Emptor!

TALK SUMMARY

​

Blockchain and Cryptocurrency Fundamentals & Blockchain Misconceptions

Cryptographic Hash Functions & Cryptographic Random Number Generators

Detailed Bitcoin v2 Blockchain Mechanics & Ethereum Virtual Machines & Smart Contracts

Major Consensus Algorithms: Proof-of-Work vs Proof-of-Stake

ESG / Incentives and Disincentives for PoW & PoS & Costs to Mine Bitcoin

Debunking Widely-Held Beliefs: Crypto Supply & How Crypto is Held

Cryptocurrency/Blockchain Governance & Regulation

You have better understanding than 98% of the crypto journalists!

52

© 2023 FWCS IEEE SP/COMM. All rights reserved.

53

© 2023 FWCS IEEE SP/COMM. All rights reserved.

Bonus Material��

54

© 2023 FWCS IEEE SP/COMM. All rights reserved.

Economics of PoW/PoS: “Solo Mining/Minting” vs “Pooled Mining/Minting”

Solo Mining (PoW):

• Almost exclusively the province of large entities specializing in mining, because:
• It is very unlikely that you will mine a block (your hashrate vs total hashrate).
• Large capital expense for “Mining Farms”.
• But when you have success – you will have a large reward (YOU own the PoW coin!).
• Example: Bitcoin block reward is now 6.25 BTC (~ $160,000).

Solo Minting (PoS):

• Almost exclusively the province of large entities specializing in mining, because:
• Minimum staking requirements are large (although less cost than large PoW farms).
• Example: Ethereum minimum stake is 32 ETH (~ $48,000). Aka “Solo Home Staking”.
• Similar to Bitcoin, your chance of minting is low (your stake vs total network stake).
• And similar to Bitcoin, when successful you will have a correspondingly large reward (YOU own the PoS coin).

Pooled Staking (PoS) or “Centralized Exchange Staking” (PoS):

• By pooling your stake with others in the pool, you increase the chance that your pooling entity will obtain rewards.
• Option 1: Your rewards – like Pooled PoW – are in proportion to offered stake (deposited into wallet when they occur).
• Option 2: You get interest on the crypto “staked” by the exchange (always - even when exchange doesn’t win).
• A centralized exchange pays the interest – paying interest is part of their business plan.�

(https://coinmarketcap.com/alexandria/article/crypto-staking-guide)

Role of “Layer 2 Crypto” Networks: Transaction Scale/Latency/Cost Tradeoffs

Scaling:

Goal: Increase transaction speed/throughput & minimize delay (without sacrificing decentralization or security).

• Sharding: Splitting database to spread the load.
• “Layer 2 Networks”: Separate networks that provide “on-ramps” to the “Layer 1” crypto network.

Layer 2 Downsides:

• Concept of “Composability” – Don’t want transactions restricted to a particular Layer 2 network.
• dApps (smart contracts) may or may not be compatible between various Layer 2 networks.
• User Friction: Yet another “Web2 interface” to a “Web3/decentralized” crypto network.
• Most can host your individual wallet! You need to trust them like you trust your bank.
• Most Layer 2 networks specialize on some performance criteria or application need.
• Security and Privacy Vulnerabilities:
• Requires trust with Layer 2 network (and/or multiple Layer 2 networks interacting via dApps).
• Still “Wild West” – regulation and assurance guarantees not well developed.

Fiat-Currency vs Crypto Currencies / What are “StableCoins”? / Crypto Supply Limits?

Fiat Currencies: US Dollar, Euro, Yuan ...

• Major monetary factors affecting price:
• Money Supply (creation/destruction of currency).
• Interest Rates.
• Reserve Bank Balance Sheet (e.g., investment instruments purchased by central bank).
• Minor factor: The actual cost of coining money (bills).
• Reserve bank has many levers to pull to stabilize (or manipulate) value.

Crypto Currencies: Bitcoin, Ethereum, Litecoin, Dogecoin ...

• Native supply/demand of specific cryptocurrency.
• Scarcity: Bitcoin and Litecoin have coin limits (see next slide) – Dogecoin mints 5M coins/yr.
• PoW Crypto: If cost to generate ever exceeds present value, mining could* stop.
• Cryptocurrency DAO generally has limited means to manipulate value.
• The DAO would have to change “policy”, then implement rules in code.

* - Due to control dynamics, some miners might exit – allowing remaining to become profitable.

(was 3^rd�largest)