docBlock Mining, Verification and the Blockchain
download 
Report Transcription
Block Mining, Verification and the Blockchain
SKBI Cryptocurrency Technical Seminar Series Block Mining, Verification and the Blockchain Zhiguo Wan Sim Kee Boon Institute for Financial Economics Singapore Management University Schedule of bitcoin seminar series •Seminar 1 – Basics: Cryptography and Transactions, 3 Dec •Seminar 2 – Mining, Verification and the Blockchain, 8 Dec •Seminar 3 – Wallets, Payments and Contracts, 15 Dec OUTLINE • Mining Blocks • Verify a transaction • Aggregate transactions into a block • Mine the new block • Validate the new block • Assemble the new block to blockchain • Fork resolving • Threats against Blockchain MINING BLOCKS • Verify a transaction • Aggregate transactions into a block • Mine the new block • Validate the new block • Assemble the new block to blockchain TRANSACTION VERIFICATION • For each input, the referenced output must exist and cannot already be spent. • For each input, if the referenced output exists in any other transaction in the pool, reject this transaction. • Reject if the sum of input values < sum of output values. • Reject if transaction fee would be too low to get into an empty block. • The unlocking scripts for each input must validate against the corresponding output locking scripts. AGGREGATING TRANSACTIONS • Old and high-value inputs to be prioritized over newer and smaller inputs. • Prioritized transactions can be sent without any fees, if there is enough space in the block. • Priority = Sum (Value of input * Input Age) / Transaction Size • Value of an input is measured in the base unit, satoshis (1/100m of a bitcoin) • Age: the number of blocks that have elapsed • High Priority > 100,000,000 satoshis * 144 blocks / 250 bytes = 57,600,000 AGGREGATING TRANSACTIONS WITH MERKLE TREE AGGREGATING TRANSACTIONS WI MERKLE TREE AGGREGATING TRANSACTIONS BLOCK STRUCTURE GENESIS BLOCK • Bitcoin-cli getblockhash 0 • Bitcoin-cli getblock 000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f THE COINBASE TRANSACTION • Coin generation transaction MINING A BLOCK • SHA256(SHA256(Block_header))<Difficulty_target • Transactions are hashed through Merkle root Block header Merkle root DIFFICULTY and TARGET • Target: E.g. 0x1903a30c • The exponent is 0x19 and the coefficient is 0x03a30c. • target = coefficient * 2^(8 * (exponent – 3)) • For difficulty bits value 0x1903a30c, we get: • target = 0x03a30c * 2(0x08 * (0x19 - 0x03)) • ⇒ target = 0x03a30c * 2(0x08 * 0x16) • ⇒ target = 0x0000000000000003A30C00000000000000000000000000000000 000000000000 • Difficulty = Difficulty_1_Target/Current_Target • New Difficulty = Old Difficulty * (Actual Time of Last 2016 Blocks / 20160 minutes) DIFFICULTY OF MINING MINING BLOCKS • Chance of success is less than one in 1019. • Harder than finding a particular grain of sand from all the grains of sand on Earth • Every second about 25,000,000,000,000,000 blocks gets hashed • Total hardware used for mining cost tens of millions of dollars • Uses as much power as the country of Cambodia MINING BLOCKS • Nonce size: 4 bytes, 32-bit • Current ASIC can exhaust all possible nonce in a second (4G Hash per second, 4 billinion). • Use coinbase script (8 bytes more) and timestamp as nonce source • Pool mining: Predictable return • Successful blocks pay the reward to a pool bitcoin address • Miners get paid periodically by pool server • How to measure each miner’s contribution? • Mining pool sets a lower difficulty target for earning a share, typically more than 1,000 times easier than the bitcoin network’s difficulty VALIDATING BLOCKS • The block data structure is syntactically valid • The block header hash is less than the target difficulty (enforces the Proof-Of-Work) • The block timestamp is less than two hours in the future (allowing for time errors) • The block size is within acceptable limits • The first transaction (and only the first) is a coinbase generation transaction • All transactions within the block are valid ASSEMBLING BLOCKS • Three sets of blocks: • Blocks connected to the main blockchain, • Blocks that form branches off the main blockchain (secondary chains) • Blocks that do not have a known parent in the known chains (orphans). • Blockchain forks • Select the chain with higher cumulative difficulty as the main chain BLOCKCHAIN FORK BLOCKCHAIN FORK BLOCKCHAIN FORK • The block chain fork that occurred on 11 March 2013. • Despite less support from users, version 0.7 was chosen by developers to be the official chain. THREATS AGAINST BLOCKCHAIN • 51% attack • A group of miners, controlling a majority (51%) of the total network’s hashing power, collude to attack bitcoin. • Effects • Double-spend one’s own bitcoins • Delay others’ txn confirmations • Cannot destroy/steal bitcoins • 33% attack: selfish mining THREATS AGAINST BLOCKCHAIN • Selfish mining BLK n+1 Selfish pool (1/3) BLK n BLK n+1 BLK n+2 BLK n+2 1/3 of the mining power Another 1/3 mining power THREATS AGAINST BLOCKCHAIN • Selfish mining BLK n BLK n+1 BLK n+1 Selfish pool (1/3) BLK n+1 BLK n+1 BLK n+1 BLK n+2 BLK n+3 1/3 of the mining power Another 1/3 mining power REFERENCES • Is Bitcoin a Decentralized Currency? IEEE Security & Privacy magazine • Mastering bitcoin, O’Reilly Publishing • Ken Shirriff, Bitcoin mining the hard way: the algorithms, protocols, and bytes, http://www.righto.com/2014/02/bitcoin-mining-hardway-algorithms.html • Majority is not Enough: Bitcoin Mining is Vulnerable, Financial crypto’14.
