Block Mining, Verification and the Blockchain

Comments

Transcription

Block Mining, Verification and the Blockchain
SKBI Cryptocurrency Technical Seminar Series
Block Mining, Verification and
the Blockchain
Zhiguo Wan
Sim Kee Boon Institute for Financial Economics
Singapore Management University
Schedule of bitcoin seminar series
•Seminar 1 – Basics: Cryptography and Transactions, 3 Dec
•Seminar 2 – Mining, Verification and the Blockchain, 8 Dec
•Seminar 3 – Wallets, Payments and Contracts, 15 Dec
OUTLINE
• Mining Blocks
• Verify a transaction
• Aggregate transactions into a block
• Mine the new block
• Validate the new block
• Assemble the new block to blockchain
• Fork resolving
• Threats against Blockchain
MINING BLOCKS
• Verify a transaction
• Aggregate transactions into a block
• Mine the new block
• Validate the new block
• Assemble the new block to blockchain
TRANSACTION VERIFICATION
• For each input, the referenced output must exist
and cannot already be spent.
• For each input, if the referenced output exists in
any other transaction in the pool, reject this
transaction.
• Reject if the sum of input values < sum of output
values.
• Reject if transaction fee would be too low to get into
an empty block.
• The unlocking scripts for each input must validate
against the corresponding output locking scripts.
AGGREGATING TRANSACTIONS
•
Old and high-value inputs to be prioritized over newer and
smaller inputs.
•
Prioritized transactions can be sent without any fees, if
there is enough space in the block.
•
Priority = Sum (Value of input * Input Age) / Transaction
Size
• Value of an input is measured in the base unit, satoshis (1/100m
of a bitcoin)
• Age: the number of blocks that have elapsed
•
High Priority > 100,000,000 satoshis * 144 blocks / 250
bytes = 57,600,000
AGGREGATING TRANSACTIONS
WITH MERKLE TREE
AGGREGATING TRANSACTIONS WI
MERKLE TREE
AGGREGATING TRANSACTIONS
BLOCK STRUCTURE
GENESIS BLOCK
•
Bitcoin-cli getblockhash 0
•
Bitcoin-cli getblock 000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f
THE COINBASE
TRANSACTION
• Coin generation transaction
MINING A BLOCK
• SHA256(SHA256(Block_header))<Difficulty_target
• Transactions are hashed through Merkle root
Block header
Merkle root
DIFFICULTY and TARGET
•
Target: E.g. 0x1903a30c
•
The exponent is 0x19 and the coefficient is 0x03a30c.
•
target = coefficient * 2^(8 * (exponent – 3))
•
For difficulty bits value 0x1903a30c, we get:
•
target = 0x03a30c * 2(0x08 * (0x19 - 0x03))
•
⇒ target = 0x03a30c * 2(0x08 * 0x16)
•
⇒ target =
0x0000000000000003A30C00000000000000000000000000000000
000000000000
•
Difficulty = Difficulty_1_Target/Current_Target
•
New Difficulty = Old Difficulty * (Actual Time of Last
2016 Blocks / 20160 minutes)
DIFFICULTY OF MINING
MINING BLOCKS
• Chance of success is less than one in 1019.
• Harder than finding a particular grain of sand from
all the grains of sand on Earth
• Every second about 25,000,000,000,000,000
blocks gets hashed
• Total hardware used for mining cost tens of millions
of dollars
• Uses as much power as the country of Cambodia
MINING BLOCKS
•
Nonce size: 4 bytes, 32-bit
• Current ASIC can exhaust all possible nonce in a second
(4G Hash per second, 4 billinion).
• Use coinbase script (8 bytes more) and timestamp as nonce
source
•
Pool mining: Predictable return
• Successful blocks pay the reward to a pool bitcoin address
• Miners get paid periodically by pool server
• How to measure each miner’s contribution?
• Mining pool sets a lower difficulty target for earning a share,
typically more than 1,000 times easier than the bitcoin
network’s difficulty
VALIDATING BLOCKS
• The block data structure is syntactically valid
• The block header hash is less than the target
difficulty (enforces the Proof-Of-Work)
• The block timestamp is less than two hours in the
future (allowing for time errors)
• The block size is within acceptable limits
• The first transaction (and only the first) is a
coinbase generation transaction
• All transactions within the block are valid
ASSEMBLING BLOCKS
• Three sets of blocks:
• Blocks connected to the main blockchain,
• Blocks that form branches off the main blockchain
(secondary chains)
• Blocks that do not have a known parent in the known
chains (orphans).
• Blockchain forks
• Select the chain with higher cumulative difficulty as the
main chain
BLOCKCHAIN FORK
BLOCKCHAIN FORK
BLOCKCHAIN FORK
• The block chain fork
that occurred on 11
March 2013.
• Despite less support
from users, version
0.7 was chosen by
developers to be the
official chain.
THREATS AGAINST
BLOCKCHAIN
• 51% attack
•
A group of miners, controlling a majority (51%) of the
total network’s hashing power, collude to attack bitcoin.
• Effects
• Double-spend one’s own bitcoins
• Delay others’ txn confirmations
• Cannot destroy/steal bitcoins
• 33% attack: selfish mining
THREATS AGAINST
BLOCKCHAIN
• Selfish mining
BLK n+1
Selfish
pool (1/3)
BLK n
BLK n+1
BLK n+2
BLK n+2
1/3 of the
mining
power
Another
1/3 mining
power
THREATS AGAINST
BLOCKCHAIN
• Selfish mining
BLK n
BLK n+1
BLK n+1
Selfish
pool (1/3)
BLK n+1
BLK n+1
BLK n+1
BLK n+2
BLK n+3
1/3 of the
mining
power
Another
1/3 mining
power
REFERENCES
• Is Bitcoin a Decentralized Currency? IEEE Security
& Privacy magazine
• Mastering bitcoin, O’Reilly Publishing
• Ken Shirriff, Bitcoin mining the hard way: the
algorithms, protocols, and bytes,
http://www.righto.com/2014/02/bitcoin-mining-hardway-algorithms.html
• Majority is not Enough: Bitcoin Mining is
Vulnerable, Financial crypto’14.

Similar documents