The Real Blockchain

CSC 597: Blockchain and Ethereum

by: burt rosenberg
at: university of miami

What is a blockchain?

A blockchain is an immutable, append-only public ledger of facts verified by decentralized consensus mechanism.

Blockchains will often be associated with security and with anonymity. I would rather you didn't. That says too much, because one needs to say what sort security and what sort of anonymity? It also says too little, because notably a blockchain also provides validation of the facts in the ledger.

A blockchain uses a cryptographic hash function that provides evidence that participants in and users of the blockchain agree on,

what the facts in the blockchain are, and
in what order the facts occurred.

The details for the Bitcoin is a double hasing by SHA256 or either a block or a transaction.

The hash has these functions,

It indexes the block or transaction. We assume a mechanism that can retrieve a block or transaction given the hash.
It seals the block or transaction. We can verify that the value retrieved is correct — all agree on the contents at this index.
It chains the blocks. All can agree on the sequence of blocks and their existence, from a given index back to a genesis block.

This is possible because a cryptographic hash function is a deterministic function from arbitrary length bit strings to a fixed length bit string that,

Is collision resistant. That is, it is computationally infeasible to find and x and y such that H(x)=H(y).
It is pre-image resistant. That is, given a y it is computationally infeasible to find an x such that H(x)=y.

The hash used in bitcoin is SHA256 ∘ SHA256.

What is in a blockchain

A block is a sequence of transactions, along with a header that contains the hash (the index) of the block prior in the chain, and a random number used in the consensus protocol to attest to the agreement on this block.

A transaction is the pair: list of TxIn's and a list of TxOut's. The transaction proposes the swap of the collection of TxIn's for the collection of TxOut's. Each TxIn points back to a TxOut in a previous transaction, and funds the transaction. Each TxOut gives a value and a lock on the value. The TxIn also has an unlock code that unlocks the the TxOut but only for this transaction.

The TxIn references the TxOut by the hash of the transaction in which it occurs, and its sequential position in the list of TxOut's in that transaction.

The transaction is verified for several things,

That the TxOut's referenced by the TxIn's exist.
That the sum of the values over all these reference TxOut's is not less than the sum of this transactions TxOut's.
And none of the referenced TxOuts has ever been reference by any other TxIn in any other transaction (no double spending).

A Bitcoin is the collection of unspent (not reference by any TxIn) TxOut's. Also known as UTXO's. When verifying a block, it must be verified that any TxIn references an UTXO.

Consensus and Incentives

The first transaction on a block is the coinbase transaction. It has TxOut's but no TxIn's. It is therefore new Bitcoin created in this block. The miner of the block will generally claim this for itself, and is the incentive to mine.

To mine a block is to find a random number, included in the block header, such that the double hash of the full contents of the block match a numerical criteria. This is a publicly verifiable random coinflip, and it decides who gets to add a block to the blockchain. It is called a proof of work because each coinflip is the calculation of the double SHA256 hash which has a computational cost.

While fanciful in the way gold is coinage and effort is expended to mine gold, or steal it, and hence has value counted in effort; the proof of work consensus depends on the agnosticism of compute cycles. There will be a competition between compute cycles, not miners, as to which miner wins the competition. A miner is unlikely to win without expending a lot of computer cycles, and the solution attests to all that those computer cycles were spent. As long as this miner cannot collude with sufficiently many other miners, if the block is faulty the other miners will ignore it and mine ahead of honest blocks. Then the work of the dishonest block is forfeited (see below about forks for the case of deciding between two honest blocks.)

Another incentive mechanism is that a transaction can yield a profit for the miner that places that transaction in a block and successfully mines it into the block chain. A transaction can include TxIn's whose values sum to more than the sum of the values of the TxOut's. The difference can be claimed in by the miner. (I think this is added to the coinbase transaction. To be checked).

Transactions are proposed to the miner and float in a mempool. Miners collect out transactions and their incentive is to collect up those providing high fees.

The coinbase TxOut is gradually halved over time and will eventually be zero. From that point on, the only incentive will be these fees.

Forks

The problem of consensus that Bitcoin wishes to solve is not solvable. Bitcoin's solution is possible because it is probabilistic. It is likely that the miners have consensus, and the deeper in the chain a block is, the more likely is that consensus. These are called block confirmations, and generally one waits until 6 confirmations before concluding the the probability of a reversal of consensus for that block will ever happen.

An example of what can go wrong, is that two blocks are mined at about the same time. Assume that otherwise both are valid. It just so happened that two winning blocks occurred at the same time. What happens now is miners choose one block to mine on and extend the chain. Eventually one chain will be (by chance) longer, and miners should mine the larger chain. The transactions on the shorter chain are abandoned. Since they are not on the chain, their TxOut's will not verify in future transactions. The transactions are void, and the miner rewards for the block are void.

An attack on the blockchain risks, if it fails, the waste of effort that certainly was involved in mining the orphaned chain. The correct hash of these blocks, that allowed them to be considered by any honest miner, also attests to an effort. Because the misbehaving miner does not get the block reward, its behavior is not incentivized. Because it cost the misbehaving miner work, its behavior is disincentivized.

Signing a transaction

I have deliberately written little about the security of who gets to spend what bitcoin. I have done that to focus on other elements of the blockchain; and in a sense the more important and subtle elements of the blockchain. Elsewhere we can talk about the public-key cryptography, and the digital signatures, that lock and unlock bitcoins.

Conclusion

Bitcoin is a masterwork of interplay between several forces to make a public ledger that can be extended and verified and kept "right" without a central player to ensure this rightness. It does have the problem of the monetary cost of the "work" that runs the consensus mechanism. However, it is effective, if expensive.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

author: burton rosenberg
created: 30 Aug 2024
update: 30 Aug 2024