Cryptography
- Symmetric encryption (base on substitution and permutation): a secret key and an encryption algorithm
- Asymmetric encryption (base on exponential): public key and private key system.
- Public-key: provide confidentiality(encryption/decryption) and authentication (signature)
- Both of them are secure and useful in diff scenarios
- RSA algorithm is based on the difficulty of factoring problem.
- Hash function can be applied to any sized message and produce fixed length message digest.
- Sign the message digest instead of the message itself.
- first hash the message
- Then encrypt(sign) the hashed value
- The message usually longer than the key size
- DSA signature is based on the difficulty of discrete logarithms problem.
AES
permutation (shift rows)
AES key will be expanded(x11)
16bytes -> 176bytes
The chiper consists of N rounds, N depends on the key length:
- 16bytes: 10rounds
- 24bytes: 12rounds
- 14bytes: 14rounds
Certification Authority (CA)
Sign certificate that bind subscriber’s name and his public key.
Indicates that the subscriber has sole control and access to the corresponding private key.
Public Key Infarstructure (PKI)
A set of policy, processes, server platforms, software etc…
to administer certificates
Bitcoin
- Merkle Tree Root is public for Verification
- Merkle Tree Root for txs, and store in the block header
- non-singular elliptic curve is the set of points and the point at infinity O
- The point at infinity O is the identity elements
- Bitcoin use Mudulo p - secp256k1, ECDSA
Bitcoin structure
Header:
- Version Number
- Hash of prev block header (by SHA256 double hash)
- Hash of Transactions(merkle tree)
- timestamp
- Threshold(difficulty)
- Nonce any value
Body:
- Number of TXs
- Coinbase
- Regulars etc
Hash function Requirment
- Easy to compute but diffcult to invert
- Collision resistant
New diffculty caluate
Bitcoin create once every 10 minutes
Update the diffculty every 2016 blocks
T-new = T-sum/(2016*10*60) * T
Simple Payment Verification Node (SPV)
only stores the block header, contact full nodes when information needed.
Mining
read my code
Probability that the block hash falls below the target threshold T:
p= T+1/2^256
Lock Time
>= 510^8, it is a Unix time
< 510^8, it is a block blockHeight
- Bitcoin prevents double spending(verifty every single node) and tampering(unless 51%)
- Mining difficulty adjucted to regulate coin supply
- Bitcoin address are shared over the internet
ETH
Account based model instead of UTXO. Main a global state to record the account balance
Accounts in ETH
Externally owned Accounts(EOA)
- Controlled by private key
- Has an Ether balance
- no code
Contract Accounts
- Has balance
- Has code (smart contract)
- has own permanent state
ETH Contact Transaction
- Create new contract
- Message the contract to execute it
Gas fee, Gas limit
Gas fee is the price per gas unit. Different operation cost different unit of gas.
Gas limit is the most you are willing to paid. The remainer will refund
ETH storage management - Radix Trie and Patricia Trie
—— Skip ——
- State Trie
- Transaction Trie
- Receipts Trie
ETH consensus - simpler GHOST
Uncle Block: floked block. Give reward to honest but unlucky minor.
intrinsic reward = 5
If include a uncle block, minor can get extra 1/32 intrinsic reward.
Uncle can get depands on block height
(Uncle + 8 - block that include uncle)* intrinsic reward/8
Incentive: reward unluck but honest miners. Make it more fair.
require The require function call defines conditions that reverts all changes if not met- emit an event after successful money transfer
Token
can be programmed to provide different functions
Initial Coin Offering (ICO)
raise funds for a company to create a new coins. similar to IPO
Consensus
PoW
- the longest chain wins
- the one growing fastest will be the longest and most trustworthy
- take a lot of time to generate a block
- if too easy, the chain can be DDoS attack
- Huge Energy Consumption
PoS
- creator of a block chosen in a random way, depending on the user’s wealth
- In order to validate, forger must first put their own coin at “stake”.
- When folk, pos vote
Randomized Block Selection
randomizaion to generate the following forger. Not true random in computer world. So is usually able to predict which user will be selected to forge the next block.
Coin Age Based selection
coin age = time * amount
Target * CoinAge = the hash difficulty.
To join the PoS, you might load your coins to other or join the pool youself.
Nothing at stake
when folk, vote for both because it gains most benefits. Always win, nothing to lose.
The blockchain might never reach Consensus
Use casper: punish
DPoS Delegated Proof of stake
vote to elect witnesses
21-100 elected witnesses in a DPoS. time slots are given to each witness to publish their block.
Longest chain wins
Much faster than POW and POS
Byzantine Fault Torlerance
- Commander -> all traitor
- traitor boardcast -> other traitor
- consensus
Consensus if at least 3m+1 nodes can achieve consensus. M is malicious nodes
Oral Message
- All messages are delivered correctly
- Know who this message is from
- Missing messages can be detected
Permissioned Blockchain
- Regulation
- Complete control of their data
- Can be fully centralizated. Members negotiate.
Membership Service Providers (MSPs)
PKI and CA
Endorsement and validation policy can be adjusted as need.
- Client -> Endorser (proposal)
- Endorser check the certificate and others to validate the transactions
- Executes the chaincode
- Enderser -> Client
- Client -> Orderer
- Orderer include the transaction and generate blocks
- Orderer -> Anchor
- Anchor -> boardcast the block
- Peer verify the new block
- Peer -> Client
Channel
Maintan a Ledger, only nodes in channel can access this ledger.
Collection
The data on the chain can be said to be “permanent” and “public” to be shared among the participants. However, in the real application scenario, many data are not “publicly” stored in the blockchain due to privacy.
Only the header is stored on chain for verification.