Bitcoin Proof of Work Require a unit of work to do a task Send - - PowerPoint PPT Presentation

Bitcoin

Proof of Work

• Require a unit of work to do a task
• Send email
• Access a website
• Process a Bitcoin transaction

Why?

• Prevent spam
• Prevent denial of service attacks
• Rate-limit the network

HashCash

• Find a partial pre-image of a hashed value.
• Hashcash: SHA-1
• Bitcoin: SHA-256
• Hashcash: at least the first 20 digits (out of 160) need to

be 0

• Bitcoin: at least the first T digits (out of 256) need to be 0
• Question: what security properties does this have?

Merkle Tree

From previous classes

• Byzantine consensus
• Hash function

8

9

10

11

Bitcoin

• Bitcoin is a public, digital, decentralized currency.
• Public
• Every transaction (past or current) can be read by anybody.
• Digital
• There are no bills, only bits to represent transactions.
• Decentralized
• Bitcoins are mined, not minted, by a collection of actors, not a central bank.
• Anybody can create an account and receive bitcoin.
• Anybody can try to mine bitcoin.
• Rules are set by computer code and changed upon a consensus of the

actors.

12

Cash vs. Digital Cash

• Properties of traditional cash
• Anonymous
• Transferable
• No transaction fees
• Total money supply expendable,

set by central bank

• Properties of digital cash
• Pseudo-anonymous
• Transferable
• Very low transaction fees
• Total money supply fixed, set

by protocol.

13

Why Scammers Use Bitcoin

• Lower fees (more profit for criminals)
• Large userbase (compared to other digital currencies)
• Easy to get (can exchange Bitcoin for cash on the street)
• Distributed system (no Bank of Bitcoin to forcibly shut down)
• Less direct regulatory oversight (anti-money laundering

efforts only on some endpoints)

14

Bitcoin

Give green 0.25 BTC

0.25 BTC

15

Merkle Tree

Blockchain

Block Header

• version
• previous block header hash
• merkle root hash
• time when miner started hashing the header
• nBits (representation of difficulty level)
• nonce

Mining

• https://www.youtube.com/watch?v=GmOzih6I1zs
• Hashcash
• Difficulty set by speed of network
• Once solution is found, broadcast block to network
• If valid, mining begins on merkle root including the

block

• Otherwise, everybody ignores it.

Mining Pools

• Miners group together to share rewards, divide the

work

• Lowers the variance for revenue.
• Centralization in a decentralized network

51% attack

• Attacker owns more than half of the miners
• Doublespend: Reverse transactions that he sends

while he's in control.

• Prevent some or all transactions from confirming
• Prevent other miners from mining any blocks

Block Withholding Attacks

• if we gain a lead:
• withhold blocks


mine on private chain

• else if lead shrinks, but is still at least alpha:
• reveal blocks to keep abreast with public chain
• else if lead drops below alpha:
• reveal all blocks


mine on public chain

Spam attack

• Fill up the blockchain with small, insignificant

transactions

• Prevent others from transacting

Mempool

Confirmed Transactions

Blockchain Size

Theft of Bitcoin

• “Be your own Bank”
• Steal the keys, steal the bitcoin forever
• Bad passwords
• Bad randomness
• Bad security hygiene

Sybil Attack

• Single adversary controls a lot of nodes
• From these nodes, can carry out a 51% attack

Blacklisting

• Stop transactions from being processed to/from a

node

Fungibility

• Each Bitcoin is worth the same amount as every
• ther Bitcoin
• Does this property hold?

Questions

• With the rise of 51% attacks:
• why? to what end?
• when will this stop?
• What are the points of centralization in this

network?

• Is this inevitable?