Blockchain and Bitcoin by Nida Sajid

Blockchain and Bitcoin by Nida Sajid https://padlet.com/nida25/wm4d1x4dw49b en-us 2016-07-08 12:08:36 UTC 2023-10-14 00:56:08 UTC hello@padlet.com Alice sends bitcoins to Bob nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116112746 Alice tells her Bitcoin client the amount she wants to send and signs a hashed version of transaction data with her private key. The Bitcoin client creates a transaction (data structure) with:

-Input referencing UTXO Unspent Transation Output from a previous transaction (bitcoin address, used to send the bitcoins to Alice in the first place).
-Unlocking script/ScriptSig containing a digital signature
(which is verified by showing it came from the hash and private key which corresponds to the public key)
-Locking script/encumberence/scriptPubKey containing a public Key (when hashed, yields bitcoin address)
-Output of a certain amount encumbered (locked) to Bob's bitcoin address
(public key --->hash--->hash = bitcoin address)

This transaction is then transmitted to the entire bitcoin network.
Can be done over a public network as only sending signature/public key and no confidential information.
As there is no centralized authority e.g a bank, bitcoin miners work to firstly, verify the transaction is valid and secondly, add this to the blockchain.

Coinbase transaction : First transaction on the block]]> 2016-07-08 12:10:33 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116112746 Proof of work nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116114226 Once verified, a Bitcoin miner can add a transaction to the transaction block chain by finding a proof-of work ( so that the concatenation of new transaction and old transactions is hashed to produce a string with a certain number of zeros at the start). By Bitcoin protocol, this happens every 10 minutes. Each block contains the hash for the previous transaction.

-----The algorithm for proof of work involves repeatedly hashing the header of the block and a random number with the SHA256 cryptographic algorithm until a solution matching a predetermined pattern emerges.]]> 2016-07-08 12:56:02 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116114226 Inputs/UTXO nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116114572 Money received in a wallet is kept separate, according to the different bitcoin addresses it was received from. If Alice has received a 10BTC payment and 20BTC payment and wants to send 25BTC, she sends both as the input and defines 25 as the payment for Bob and 4 as the change returned to her. The remaining amount, 1, goes to the bitcoiner miner as a transaction fee (higher fee=priority processing). ]]> 2016-07-08 13:02:42 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116114572 Hash nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116118581 Input-->Crypotopraphic hash function = Digest
Hashes are one-way functions that transform a string of chars. into another block of bytes of a fixed size such as 128bit or 256bit (SHA/MD5)]]> 2016-07-08 14:23:57 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116118581 Mathematical Minutia nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116122435 2016-07-08 16:28:20 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116122435 Elliptic Curve Cryptography ECC nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116159618

Step 1: Pick ECC curve, parameters and generate key pair

Elliptic curve for bitcoin is always y^2 = x^3 +ax + b
Known as spec256k1, established by National Institute of Standards and Technology (NIST)
Domain paramenters (p,a,b,G,n,h) are all set/fixed by Bitcoin
p is prime modulo of field Fp
Finite fields are modular, things wrap around until they fit in
a=0, b=7
G is base point (always the same)
n is order of point G. Smallest positive number n such that nG=infinity
so number of times G can be added to itself to make a vertical line
h = 1, the cofactor = Order of elliptic curve / order of subgroup
By Lagrange, order of a any finite group is divisible by the order of subgroup
so h is always an integer

-Private Key: any number b/w 1 and 2^256 (n=order of curve) - 1
This is randomly generated by feeding a larger string of numbers through SHA256 hash to get a 256-bit number. If less then n-1, then great, if not, then try again.

Order 2^256 is approx. 10^77
No. of atoms in universie is 10^80

-Public key: base point x private key
^Example of a trapdoor function: Discrete log problem
Easy to compute in one direction but nearly impossible to go backwards

Step 2: Hash data using algorithm e.g SHA-1 and sign hashed data
Signature (r,s) is created, different each time
but created from the same private key
Step 3: Verify

]]> 2016-07-10 13:56:10 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116159618 Elliptic Curve Diffie-Hellman ECDH nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116160120 k = private key
Q = public key
G = basepoint/generator

Middle man could have both public keys but not figure out the private keys (without solving the DH problem equivalent to discrete log problem in modular arithmetic) due to the one-way multiplication function]]> 2016-07-10 14:28:42 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116160120 nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116160237 2016-07-10 14:37:58 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116160237 nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116160345 2016-07-10 14:43:38 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116160345 Mastering Bitcoin E-Book nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/116222921 http://chimera.labs.oreilly.com/books/1234000001802/index.html

Invented by Satoshi Nakamoto (alias) in 2008 - identity unknown

To get started, we need a bitcoin client software
-Full: stores history, manages wallet (database), can initiate transactions, basically does everything e.g a standalone email server
-Lightweight: stores wallet but uses 3rd party for transaction initiation and verification
-Web: accessed through a web browser and store the user’s wallet on a server owned by a third party.

Within a bitcoin client, there is a bitcoin wallet which generates
-transaction when a user wants to send bitcoins
-Public Key
-Corresponding bitcoin address, 160-bit (20 byte) which is
Base58Check encoded: combination of base58 and checksum
Base58 is a base of 58 symbols, basically Base64 without (0,O, i,L, \+, /)

Checksum
datachecksum = SHA256(SHA256(prefix+data))
This gives us 32 bytes (32 bits) but we only take the first 4 bytes and append them onto the end of data

Private Key Formats:
Hexadecimal/hex/base-16: uses a base of 16 distinct symbols to represent data.
One hex digit = 4 bits (8 bits = 1 byte)
256 binary digits written in 64 hexadecimal digits, each digit represting 4 bits)
OR
Wallet Import Format (WIF): Prefix Payload Checksum
NB: WIF Compressed PRIVATE Key means key is in WIF format and compressed PUBLIC keys and compressed bitcoin addresses should be derived from it. Private key itself cannot be compressed.

Compresed PUBLIC Key Format: Just the x coordinate is stored to save space, as y can be calculated from equation. If x coordinate has a 02 prefix, then y is even/positive, if 03 prefix then y is odd/negative

If the wallet application does not maintain a copy of unspent transaction outputs, it can query the bitcoin network to retrieve this information, using a variety of APIs.

Blockchain explorer: bitcoin search engine to search for addresses, transactions, blocks

]]> 2016-07-11 19:41:54 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/116222921 Wallets nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/117363175 Nondeterministic/random/JBOK (Just a Bunch of Keys) Wallet:
Random keys are generated, making backing up cumbersome. Usage is discouraged

Deterministic/Seeded Wallet:
Keys are generated by a one-way hash function applied to a 'seed'
Only the seed needs back up as all keys can be derived from it

Hierarchical deterministic wallet
Chain code is used to produce child keys from parents keys so we have a tree-like structure

Backing up a wallet
BIP0038 encryption scheme:
private key (WIF format, Base58Check prefix 5) + long password = private key ( Base58Check prefix 6P).
This new key will need to be decrypted back to WIF format for it to be used in any wallet.

]]> 2016-08-02 10:10:55 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/117363175 'Script' nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/117375428 Bitcoin transaction script language
Uses data structure called stack
Can push/add item to top of stock or pop/remove item from top of stack
Example: OP_ADD will pop two items from the stack,
add them, and push the resulting sum onto the stack.
-Turing Incomplete
limited complexity
predictable execution times
-Stateless
no state before or after verification
all the information needed to execute a script is contained within the script

Sample script below returns TRUE]]> 2016-08-02 14:23:46 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/117375428 Bitcoin adresses nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/117793175 P2PKH address Pay to public key hash,
Starts with 1
Beneficiary is owner of public key
Bitcoin address=Base58Check encoded (RIPEMD160 hash(SHA256 hash(public key)))

P2SH address Pay to script hash
Starts with 3
Beneficiary is defined in the hash script
Can add functionality to the script - multi-signatures required to prove ownership (think joint a/c)
Derived from transaction script, Mostly used for multi-signatures
Bitcoin address=Base58Check encoded (RIPEMD160 hash(SHA256 hash(script)))]]> 2016-08-09 13:46:13 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/117793175 Bitcoin Network nida25 https://padlet.com/nida25/wm4d1x4dw49b/wish/117805322 P2P peer to peer
Flat topology - no hierarchy
Decentralized

Node: collection of functions -
Wallet, Miner, Full blockchain, Network Routing Node

Full node: complete copy of blockchain
Lightweight node: contain subset of blockchain, verification done by SPV Simplified Payment Verification

]]> 2016-08-09 15:40:22 UTC https://padlet.com/nida25/wm4d1x4dw49b/wish/117805322