Cryptocurrency & Blockchain
Lecture 3 History II
1. The history of other Bitcoin dependencies
Copyright By PowCoder代写 加微信 powcoder
2. Proof of work and secure time-stamping
3. What we can learn about Satoshi from this history
Minting Money out of Thin Air
Examples of minting money
● Credit cards
○ (FirstVirtual, iKP, CyberCash, PayPal)
● Prepaid from bank account (DigiCash)
● Government authorized minting (NetCash) ● Gold (e-Gold, Digigold)
● Tokens in closed system (Karma)
How do you create something that has a value, in a digital realm?
● Create something of value (scarcity) from scratch
● Solutions to moderately hard puzzles
● Proposed to combat spam ○ [Dwork & Naor 92, Back 97]
● Hashcash proposal, by
● Proof of Work (PoW)
● Delaying the time for creating a block
Moderately Hard Puzzles ● Hashcash (Back 1997)
● An emailer (or resource consumer) would spend some time computing
● Moderately hard puzzles
○ H(string, nonce) = {0}m||{0,1}n-m
● Proof of Work (PoW) protocol
H(string, nonce)
● An emailer (or resource consumer) would spend some time computing:
● H(string, nonce) = {0}m||{0,1}n-m
○ String à
■ Service name
■ Validity Period
■ Challenge
■ Beacon à
● Lottery Tickets
● Newspaper
Hashcash v. Bitcoin
● The difficulty in hashcash has low granularity
● Say blocks in Bitcoin are being solved every 8 minutes instead of 10 minutes: you can only double/halve the time so you end up at 16 minutes
● H(string, nonce) = {0}m||{0,1}n-m < 2n–m
● H(string, nonce) < t
Another Proposal
Cost of creating 1st coin is Cost of creating 4 coins much higher
Reusable PoW (RPOW)
● Hashcash extension by
● When spent, hashcash token loses its “scarcity”
● RPOW: a server will refresh hashcash tokens with a new trusted PoW-less token
● Server trusted to only “refresh” existing tokens and not create new ones
● Server uses a trusted platform that can be remotely attested
Hashcash vs. Bitcoin
● Bitcoin uses Hashcash’s proof of work
● Modifies it slightly
● It uses it for a different purpose: not to mint coins ● Blockchain, transactions, scripts, P2P network...
”bitcoin is hashcash extended with inflation control”
Hashcash: Post-Mortem
● Spam is merely a nuisance
● Spam filters work pretty well
● A spammer with a botnet beats a real user with a normal computer (or smartphone)
● PoW for DoS-resistance still kicking around (MinimaLT)
Recording Everything in a -stamping scheme [Haber & Stornetta 91+]
Interval 1 Interval 2
Data/Information
Data/Information
Use of Merkle tree
Interval 1 Interval 2
Time-stamping [Haber & Stornetta 91+]
Interval 1 Interval 2
Time-stamping [Haber & Stornetta 91+]
Interval 1
Interval 2
Interval 3
Time-stamping vs the blockchain
● Time-stamping: intervals are set by a party
● Blockchain: use a PoW to define the intervals ● (Modified) hashcash Pow is drop in solution!
● Time-stamping: observers sign roots to validate ● Blockchain: trust the longest chain!
● Bonus: extending the blockchain as minting
b-money (Dei 1998)
● P2P network of observers who maintain everyone’s balance
● Minting: I solve a PoW and broadcast the solution; the
observers credit my account
● Transfer: I sign a (smart/standard) transaction e.g., transferring X units of currency to you; the observers debit my account and credit yours
Bitgold (Szabo 1998, 2005+)
● Similar proposal comes from
● He proposes a system call Bitgold
● According to him, he had the idea for bit-gold as early as 1998
● However he didn't get around to blogging about it into 2005
● A minor conspiracy theory
Smart Contracts
● Pioneered by Szabo
● Not directly applied to Bitgold
● However Bitgold uses a property title registry which can support smart contracts
Key Differences
● b-money & Bitgold: use PoW to mint
● Bitcoin: uses PoW to update blockchain
● b-money and Bitgold: use time-stamping ● Bitcoin: uses longest chain
● b-money and Bitgold: count entities in network ● Bitcoin: counts work in network
b-money & Bitgold: Post Mortem
● Both gloss over some details:
1. consensus* among disagreeing observers
2. theft-resistance of PoW solutions
3. determining PoW difficulty
● Bitcoin resolves these in clever (non-obvious) ways
Hints about Satoshi
● May 2007: Began coding Bitcoin
● Aug 2008: Registered bitcoin.org, emails
● Oct 2008: Posted a whitepaper design
● Oct 2008+: Corresponded and patched
● Dec 2010: Left the project
● Hypothesis: single individual? A collection of individuals?
E-cash History: What did he know?
● Citations (Paper):
1. Basic Crypto and Probability
2. Time-stamping papers
3. Hashcash (PoW)
4. b-money
● Website: Bitgold, RPOW
E-cash History: What did he know?
● Citations (Paper):
1. Basic Crypto and Probability 2. Time-stamping papers
3. Hashcash (PoW)
4. b-money
● Website: Bitgold, RPOW
Suggested by Back Suggested by Dei Suggested by -cash History: What did he know?
● After the Bitcoin Wikipedia article was marked for deletion, Satoshi wrote the following stub:
● “Bitcoin” is an implementation of ’s b-money proposal on Cypherpunks in 1998 and ’s Bitgold proposal.”
An academic approach?
● “I actually did [Bitcoin] kind of backwards. I had to write all the code before I could convince myself that I could solve every problem, then I wrote the paper. I think I will be able to release the code sooner than I could write a detailed spec.”
Why is Satoshi anonymous?
1) Why not?
2) Legal Reasons
● 2006 – Liberty Reserve founder fled US
● 2007 – e-Gold directors were indicted
● 2008 – pled guilty in July (one month before Satoshi registered bitcoin.org)
● That said, it didn’t scare anyone else
3) Patent Trouble?
● THE CHAUM CODING PROJECT
4) Personal Security
● Quite possibly an on-going reason
● Not likely the original reason: insightful but a perfect oracle of the future:
○ Code mistakes
○ Design failures
○ Gave narrow use cases
○ Optimistic but cautious about the success of
Concluding remarks
● The success of Bitcoin is quite remarkable if you consider all the ventures that failed trying to do what it does.
● Bitcoin has several notable innovations including the block chain and a decentralized model that supports user-to-user transactions.
● It provides a practically useful but less-than-perfect level of anonymity for users.
Tutorial 3 Exercise
● Who is (are) ?
● Your answer should not over two A4 page. ● Submit your answer to Canvas
● By 1 week time
References:
● History of payment systems and the road to Bitcoin
1. Narayanan et al. Preface
2. Haber and Stornetta, 1991, “How to Time-Stamp a Digital
Document.”
3. Nakamoto, 2008, “Bitcoin: A Peer-to-Peer Electronic Cash System.”
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com