Categories
blog

Part 2: Understanding the Blockchain

Part 2: Understanding the Blockchain

How to make decentralized, digital cash.

(Part 1 was A brief history of decentralization: about E-gold, Napster, and BitTorrent. What follows is part 2 of a 5 article series for the curious, non-technical reader.)

As a technology, cash is pretty impressive. It’s easy to verify and difficult to forge. When you pay for a coffee with cash, a third party is not required to verify and process that transaction — it’s peer-to-peer and decentralized. Most likely, the only personal information revealed was your physical appearance. If digital cash is to be adopted, then it should, at a minimum, behave similar to physical cash from the perspective of the individuals involved. This article will explain how to create digital cash that is 1) hard to forge and 2) transferrable without requiring a third-party (aka: decentralized).

Long before the days of e-gold (link back to previous post), people knew how to make something digital that was hard to forge. It’s called the digital signature.

A digital signature is a mathematical scheme to authenticate digital messages. The content of the message doesn’t matter — anything digital can be signed. Digital signatures employ cryptography. Most schemes have three parts:

  1. The generation of a private key and a corresponding public key.
  2. A signing algorithm that, given a message and a private key, produces a signature.
  3. A signature verifying algorithm that, given the message, public key and signature, either accepts or rejects the message’s claim to authenticity.

For some time, I struggled with how to explain digital signatures to people unfamiliar with cryptography. Then I realized the Chinese seal might be an interesting analog:

Chinese seals are typically made of natural materials (stone, wood, ivory, … ). Official documents are stamped with an individual or company’s seal instead of a handwritten signature. This has some advantages. Each seal is unique and difficult to duplicate because the surface details of the organic material cause detectable variations when the stamp is used. By fanning the pages, a stamp can be applied over multi-page documents such that it is easy to detect if a page is missing or changed. Some Asian governments and financial institutions keep stamps on record for fast, precise verification of documents.

Here’s how you would authenticate a digital document:

For example: An individual has a private key (seal) that represents ownership of their account and is used to produce a digital signature (stamp a document) that authorizes transactions in their name. Another party could view the public key (read the characters on the seal) and quickly verify their digital signature (against public government records) to accept or reject the claim to authenticity of the transaction.

We can create digital “coins” as signed digital messages. These will be very difficult to forge, which satisfies the first part of the solution. But if it’s possible to send the same digital coin to two or more people, AKA “double-spending”, then we have an incomplete solution. This “double-spending” problem, by the way, is far trickier than it might first appear. It stumped all previous attempts to decentralize digital money.

To understand how Satoshi Nakamoto, the creator of Bitcoin, resolved doubling spending, it helps to consider a smaller, simplified example first. Three people — Alice, Bob, and Carol — want to transact using digital coins. Everyone starts with one digital coin, and they agree upon some rules:

  1. New transactions are digitally signed and shared with everyone.
  2. Each person records new balances in their own sheet (spreadsheet).
  3. If a transaction spends the same coin twice, the first transfer is recorded in the sheet and the second is ignored.
  4. Once per day, everyone compares sheets. If the majority (two of three in our example) of the sheets are the same, the corresponding balances are accepted as “correct.”

Initially, things would look like this:

Sheet 1 (Account Balances)

 Account Balance  
--------- ---------
Alice 1
Bob 1
Carol 1

Then Bob sends his coin to Alice and Carol transfers her coin to Bob. They each record the new balances in their sheets, and at the end of the day, the majority agree on the following sheet:

Sheet 2 (Account Balances)

 Account Balance 
--------- ---------
Alice 2
Bob 1
Carol 0

You could see how this process would continue. Each day settlement happens, and a new sheet is added. Consensus is reached among Alice, Bob, and Carol through a simple majority. The process is nicely decentralized and peer-to-peer.

Yet there’s an obvious problem: Bob and Carol could collude against Alice. They could get together and agree to reverse each other’s transactions — effectively changing their account balances. Again, “correct” is whatever the majority agrees upon.

One way to reduce the effectiveness of colluding is to randomly pick one participant’s sheet and accept that sheet as “correct”. This works when people are known, yet, when we switch to computers talking to one another, we still have a problem. Someone with more computers would have a disproportionate chance of his or her sheet being selected. This is where a “proof-of-work” system is needed. A proof-of-work is a computational puzzle that is costly or time-consuming to produce but easy for others to verify. One way to think of a proof-of-work problem is like solving a Sudoku puzzle. The goal of Sudoku is to complete a partially filled in 9×9 grid with digits such that each column, row, and 3×3 section contains the all the numbers between 1 to 9 once and only once. Although solving a Sudoku puzzles requires a lot of time and effort, anyone with a knowledge of the rules can immediately verify a correct solution without having to solve the puzzle themselves.

We can use a proof-of-work puzzle, related to the account balances in a given day, to make it expensive to connect many computers and keep them computing the puzzles. Let’s modify our sheets to also include the solution to the new and previous puzzle. (You will see why we need the previous puzzle shortly.)

Here are the updated rules:

  1. New transactions are digitally signed and shared with everyone.
  2. Each person records new balances in their own sheet (spreadsheet).
  3. If a transaction spends the same coin twice, the first transfer is recorded in the sheet and the second is ignored.
  4. Once per day, everyone works to solve the proof-of-work puzzle for their sheet.
  5. When a person solves the puzzle, they record it in their sheet and share it with everyone.
  6. People express their acceptance of the sheet by working on creating the next sheet in the chain, using the puzzle from the accepted sheet.

In effect, we have “chained” our sheets together such that making a change to any single sheet requires redoing the puzzle — not just for that specific sheet — but for all the sheets thereafter. Why? Because once a proof-of-work is created for a given set of balances, it cannot be reused for different balances without redoing the work. As later sheets are chained after it, the work to change the sheet would include redoing all the sheets after it.

I hope it’s obvious to the reader that my sheets are blocks and the chaining forms the “blockchain”. (Even though it’s more of a mouthful — I prefer calling it “proof-of-work” chain). The very astute reader might realize it’s possible that two people could share a block at the same time. (These blocks would differ because their puzzles are digitally signed and are thus different.) In this case, the tie would be broken when the next proof-of-work is found and one of the branches in the chain becomes longer. A rule is that participants must work on the longest chain.

This concept of a blockchain becoming a “trusted” record secured through proof-of-work really is fantastic and original. It makes it possible to transfer digital money directly from one party to another without an intermediary. But there is something even more subtle and deeper that involves the incentives that emerge while the system is running. And this, in my opinion, is where Satoshi’s genius shines through the most. It’s how the system combines a proof-of-work chain with incentives to help participants stay honest.

By convention, the first transaction in a Bitcoin block is special. It creates new bitcoins owned by the participant that solved the proof-of-work for the block. This is a clever way to initially distribute coins into circulation without requiring a central authority to issue them. Yet it’s far more than that. The reward of new bitcoin adds an incentive to support and secure the network. If a greedy participant could assemble a lot of puzzle-solving power, he would have to choose between using that power to defraud people through reversing their own payments or using it to generate new coins. Clearly, it should be more profitable to play by the rules and win more coins than anyone else combined, rather than working to undermine the very system that is required to transact in the first place!

And there you have it.

Continue with part 3: Why did the creator of Bitcoin want decentralized, digital cash?

By Sean Moss-Pultz on January 21, 2017.
Categories
blog

Part 1: Understanding the Blockchain

Part 1: Understanding the Blockchain

E-gold, Napster, and BitTorrent: A brief history of decentralization.

Before you can understand blockchain, I think you have to understand Bitcoin. And before that, it is worth looking at some of the past digital currencies — specifically e-gold.

E-gold, launched in 1996, was the first digital currency to reach scale. The service worked by allowing users to deposit US dollars into an online account that was then denominated by grams of gold. Such an account holder could instantly send their e-gold to other account holders. By 2004, there was over a million accounts.

All was going well with e-gold’s business until the U.S. Treasury Department and the United States Department of Justice stretched the definition of money, specifically the transmission of money, to include the transfer of any kind of value from one person to another, not merely a national currency. Before that change, a money transmitter business was defined as a business that cashed checks or accepted cash remittances to send from one individual to another across international borders, such as Western Union. This change was made in the USA Patriot Act and it crushed e-gold. (You’ll need to understand “Know Your Customer” and “Anti Money Laundering” compliance requirements to grasp why services like e-gold are so difficult to run, legally that is, after this legislation.)

Clearly people liked the idea of digital currencies, safely transferable over the internet, without using banks. But it was equally clear that governments would not want to give up their monopoly over the creation and control of money. We have seen this story play out many times since e-gold’s death. Any central authority that intermediates the transfer of anything resembling money is easy for a government to regulate and/or shutdown.

You can think of Bitcoin sort of like e-gold, minus the company or central authority that issues money and verifies transactions. That crucial difference — exchanging value without a central authority — changes everything. I will come back to why, later. First let’s talk about digital music. For those of us old enough to remember the early days, there is a parallel concept that I think helps to understand Bitcoin (and then we will get to the blockchain). It also hints at what we can expect in the future.

Napster launched in 1999. At its peak it had 80 million active users, exchanging mostly digital music (mp3 files) through personal computers. Napster was called a “peer-to-peer” file sharing service. Yet it wasn’t really P2P, in the networking sense. When someone wanted to download or transfer music they would need to know which computers had what files. And that information was only stored on Napster servers.

Just like e-gold, legal realities forced Napster, the intermediary, out of business. Around that time Bram Cohen, an American computer programmer, released the “BitTorrent” software to share files. His method was superbly clever: instead of centralizing the information and sharing of a file, he developed a method to distribute that data across all the people that have downloaded or are in the process of downloading that file. This has two benefits: 1) You don’t even have to download the entire file before sharing. And 2) as long as one person, anywhere in the world, has that file on their computer, others will be able to download it. Computers connecting in this manner form a decentralized, “peer-to-peer” network and are both technically and legally difficult to shut down because no central computer is required to operate the network.

I encourage you to suspend moral judgement of such a file sharing system and look at what occurred from a technology perspective. It is incredible. Even after 15 years of legal whack-a-mole, BitTorrent is still the most dominant way to exchange digital music. And beyond that, BitTorrent now moves as much as 40% of the world’s internet traffic on a daily basis. Why? Because its decentralized peer-to-peer architecture is economically and technically advantageous for moving any type of data over the internet.

I hope it’s clear now that an alternative digital currency must be decentralized for it to survive outside of and independent of the banking system.

Continue with part 2: How to make decentralized, digital cash.

By Sean Moss-Pultz on January 21, 2017.