Understanding Decentralized Blockchain Concepts

lecture 3 proof of work and nakamoto lecture l.w
1 / 21
Embed
Share

Explore the core concepts of decentralized blockchain technology, including Proof of Work, Nakamoto Consensus, Merkle Trees, and Distributed Consensus. Learn about decentralized identity, ownership, transfer, variable difficulty mining, and the security analysis of blockchain systems.

  • Blockchain
  • Decentralization
  • Proof of Work
  • Consensus
  • Security
rayaanacharya
zev_mac Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Lecture 3: Proof of Work and Nakamoto Lecture 3: Proof of Work and Nakamoto Consensus Consensus Longest Chain Rule Decentralized Identity, Ownership, Transfer Variable difficulty mining Private attack; security analysis

  2. Blockchain with Merkle Trees Blockchain with Merkle Trees Block Block: Header + Data Application Application: Centralized tamper evident information log with efficient proof of membership of any data entry Header: Header: Pointer to previous block = hash of the previous block header and Merkle root of data of previous block Head of the chain being known is enough to find tamper evidence in any internal block Data Data: information specific to the block

  3. Decentralized Blockchain Decentralized Blockchain Block Block: Header + Data + Signature List of signatures known ahead of time: permissioned permissioned blockchains Header: Header: Pointer to previous block = hash of the previous block header and Merkle root of data of previous block Questions Questions: 1. How is this list known ahead of time? 2. Which user in this list gets to add which block? 3. Who polices this? Data Data: information specific to the block Signature: Signature: one of the users signs the block (header+data) This is the topic of this lecture This is the topic of this lecture

  4. Distributed Consensus Distributed Consensus Question: Question: Who maintains the ledger of transactions? Distributed Consensus Distributed Consensus Interactive Protocol Allows distributed non-trusting nodes to come to agreement Traditional area of computer science (Byzantine Fault Tolerance) Bitcoin s consensus protocol is vastly different Bitcoin s consensus protocol is vastly different decentralized identity (permissionless setting) less pessimistic network assumptions

  5. Decentralized Identity Decentralized Identity Public keys Public keys are used as identity identity Single entity can create vast number of identities Single entity can create vast number of identities Sybil Cannot do majority or super-majority voting

  6. Network Assumption Network Assumption Any node can broadcast fully connected network broadcast to all all nodes into the network Every broadcast message reaches every albeit with some delay Bitcoin: ten minutes reaches every node This is the focus of Lecture 4

  7. Oracle Oracle Time is organized into slots slots Oracle selects one of the nodes Oracle selects one of the nodes (public identities) random everyone can verify the unique winner The selected node is the The selected node is the proposer constitutes a block with transactions validates transactions includes hash pointer to previous block signs the block proposer in that slot in that slot

  8. Proof of Work Proof of Work Practical method to simulate the Oracle Mining Mining cryptographic hash function creates computational puzzle cryptographic hash function creates computational puzzle Hash Hash(nonce, (nonce, block block- -hash) < Threshold hash) < Threshold nonce nonce is the proof of work include nonce inside the block Threshold Threshold chosen such that a block is mined successfully on average once in 10 minutes a successfully mined block will be broadcast to all nodes in the network

  9. Properties of Proof of Work Mining Properties of Proof of Work Mining Random miner selected at each time Independent randomness across time and across miners Probability of successful mining proportional to fraction of total hash power Sybil resistance Spam resistance Tamper proof

  10. Longest Chain Protocol Longest Chain Protocol Where should the mined block hash-point to? The latest block G

  11. Longest Chain Protocol Longest Chain Protocol Where should the mined block hash-point to? However, blockchain may have forks forks because of network delays because of adversarial action G

  12. Longest Chain Protocol Longest Chain Protocol Where should the mined block hash-point to? Blockchain may have forks because of network delays because of adversarial action forks G Longest chain protocol Longest chain protocol attach the block to the leaf of the longest chain in the block tree

  13. Why Variable Difficulty Why Variable Difficulty

  14. Block Difficulty Block Difficulty As of March 2015, the mining target/threshold (in hexadecimal) is: 0000000000000000172EC0000000000000000000000000000000000000000000 0000000000000000172EC0000000000000000000000000000000000000000000 So the hash of any valid block must be below this value. In other words, only one in about 2^67 nonces that you try will work. Difficulty of a block: Block_difficulty Block_difficulty = 1/ = 1/mining_target mining_target

  15. Bitcoin Rule Bitcoin Rule (a) The mining difficulty changes every 2016 blocks next_difficulty next_difficulty = ( = (previous_difficulty previous_difficulty * 2016 * 10 minutes) / (time to mine last 2016 blocks) * 2016 * 10 minutes) / (time to mine last 2016 blocks) (b) (b) Adopt the heaviest chain instead of the longest chain chain_difficulty chain_difficulty = sum of = sum of block_difficulty block_difficulty (c) (c) Allow the difficulty to be adjusted only mildly every epoch < < next_difficulty next_difficulty/ /previous_difficulty previous_difficulty < 4 < 4

  16. Alternate Bitcoin Rule (Only (b)) Alternate Bitcoin Rule (Only (b)) Let the miners choose their own difficulty and then use (b) the heaviest chain rule.

  17. Alternate Bitcoin Rule ((a) + (b)) Alternate Bitcoin Rule ((a) + (b)) Difficulty rising attack

  18. Bitcoin Rule ((a) + (b) + (c)) Bitcoin Rule ((a) + (b) + (c))

  19. Security Analysis: Private Attack Security Analysis: Private Attack Adversary can point its block to an older part of the chain Adversary can point its block to an older part of the chain Duplicate transaction inserted Plausible Deniability Plausible Deniability network latency an offline user will not know which block came earlier blocks have no wall clock reference (time stamps).

  20. Security Analysis: k Deep Confirmation Rule Security Analysis: k Deep Confirmation Rule A block is confirmed if it is buried k-deep in the longest chain An attacker would need more than k blocks to double spend

  21. Security vs Latency with Private Attack Security vs Latency with Private Attack

Related


No related presentations.

More Related Content