Bitcoin and Beyond
Presented by Alex Akselrod
Decentralized Digital Currencies
Why Digital Currency?
Cash for the InternetSecurity
Privacy
Crypto-anarchy
ExamplesDigicash one of the very first cryptocurrencies
PayPal
eGold
Liberty Reserve
How they work
Digicash used Chaumian blind signatures and a mint to check for
double spends
PayPal and Liberty Reserve balance/d user deposits against
deposits with partner institutions
eGold kept bullion in a vault and balanced user deposits against
that
Centralized ledgers single point of failure
Decentralization
A public ledger so everyone plays by the rulesEach full peer
verifies all transactions
Timestamps to prevent double-spendingMiners operate distributed
timestamp server
Proof of work = lottery
Initial distributionMining rewards
Scamcoins often pre-mine - SolidCoin
The Nitty Gritty - Transactions
Each transaction is a set of ledger entries
Two listsOutputs consist of amount and condition to redeem that
money - debit
Inputs consist of pointer to previous output and script that
makes the condition return true - credit
Total input amount >= total output amount, the remainder is
miner fees
All outputs are fully used up when used as inputs, change
outputs to new address help preserve privacy
Transaction Diagram
By Matthus Wander (Own work) [CC-BY-SA-3.0
(http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia
Commonshttp://commons.wikimedia.org/wiki/File%3ABitcoin_Transaction_Inputs_and_Outputs.png
Blocks
Each block contains header and list of Txes
Header contains hash of last header, timestamp, target, root of
TX Merkle tree, nonce, and TX count is replaced with padding
Arranged in a TREE of possible TX orderings
Hash of the block being less than the target is proof of work
like HashCash, but reusable
First TX is the coinbase - trustless inflation
Until a TX is in a block, no work secures it
Blockchain
The blockchain is a ledger, blocks are pages
Longest branch of block tree by cumulative proof of work is
blockchain
Represents current network consensus state
Parameters change to keep time, limit supplydifficulty
retargeting every 2016 blocks
subsidy halves every 210,000 blocks
Blockchain Diagram
By Matthus Wander (Own work) [CC-BY-SA-3.0
(http://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia
Commonshttp://commons.wikimedia.org/wiki/File%3ABitcoin_Block_Data.svg
P2P Network
Message-based protocol
Provides forPeer discovery
Broadcast of transactions and blocks
Download of blockchain by new nodes
Download of memory pool by newly started nodes
Stateful (Bloom filter) connections for lite nodes
Alert broadcasts
Transaction Example
Alice has received two outputs 5 mBTC and 10 mBTC, wants to pay
Bob 12 mBTC
Bob generates address, gives it to Alice
Alice generates change address, creates TX:Input 1: 5 mBTC
Input 2: 10 mBTC
Output 1: 12 mBTC to Bob's address
Output 2: 2.9 mBTC to her change address
Transaction Example, Continued
Alice broadcasts TX to peer nodes
Peers verify TX, add to mempool, rebroadcast
Eventually, transaction makes it to Bob's node
Miners include TX in block they're working on, recalculate
Merkle root and keep hashing
When a block is found, miner broadcasts
Peers validate and rebroadcast
Alice and Bob see their first confirmation!
Result
Decentralized payment network more like settlement network
Unconfirmed TXes = cleared, confirmed = settled
All TXes are in bitcoins
Limited supply Thiers' Law
Open platform for commerce and innovation
No middlemen, no borders, no censorship, no SPOF, only the rules
of its own design
The Future Is Here
Criteria for redemption can specify complex contracts using
scripts
Scripts can check signatures, hashes, m-of-n signatures, and
transactions can enforce nLockTime and limited selection of
input/output combinations
Applications include deposits, assurance contracts, escrow,
micropayments, bets
Caveats
Privacy is user-defined
ScalabilityBlock size CPU, network, storage
UTXO indexing/blockchain pruning, SPV
Off-chain transactions, centralized and not
Off-chain bets and other complex contracts
Transaction malleabilityImportant to contracts with refund
failsafes
Cause of the latest ruckus
Alt-coins
Many use same technology but alter parameters like hash
algorithm, block frequency, monetary policy Litecoin, Freicoin,
Dogecoin
Some use unique concepts proof of stake, additional scripting
and data storage capabilities PPCoin, NXT, Ethereum, Mastercoin
Bitcoin Mining
Progression: CPU, GPU, FPGA, ASIC
Mining chip manufacturers include KnC, CoinTerra, Butterfly
Labs, ASICMiner, BitFury, Avalon caveat emptor
Mining software includes cgminer, bfgminer
Pools include Eligius, Slush
Please consider P2Pool peer-to-peer decentralized pool -
http://p2pool.in/
BFL EasyMiner
Butterfly Labs wraps bfgminer, Avalon wraps cgminer
Courtesy of http://p2pool.in/
Alt-coin mining
Bitcoin mining software and ASICs can often be adapted for
SHA256-based coins
Litecoin and other scrypt-based coins are still using GPUs,
though ASICs are rumoredcgminer for AMD GPUs
cudaMiner for Nvidia GPUs
P2Pool supports Litecoin as well (maybe not any more?)
Getting and Using Bitcoins
Buy from Coinbase, LocalBitcoins, or exchange caveat emptor
Sell goods or services for Bitcoin Coinbase and BitPay make it
easy, or use FOSS
Trade for altcoins at Cryptsy and other exchanges
Buy from many Coinbase and BitPay enabled merchants like
Overstock.com, Gyft.com, fiverr.com, and adafruit.com
Desktop Bitcoin Wallets
Multibit simple, SPV wallet
Electrum uses a blockchain server
Hive SPV wallet for Mac OS X
Bitcoin-QT and bitcoind the full node
Armory advanced security features, requires bitcoind
Android and Web Bitcoin Wallets
Bitcoin Wallet by Andreas Schildbach SPV
Mycelium Android, uses a blockchain server
Blockchain.info web-based and Android app
Coinbase web-based and Android app
CoinKite web wallet and debit card/terminal
