The bitcoin blockchain

1Copyright © 2017 All rights reserved. AIR at en-japan inc.
The Bitcoin Blockchain

- We are gonna go in depth in how the bitcoin blockchain works.
- For now all you have to know is that the btc blockchain is a p2p distributed
read only write only once ledger.
Introduction

- A public key is generated with ECDSA (Elliptic Curve Digital Signature
Algorithm) from a random private key
Bitcoin address?
You can just flip a coin 256 times to get a private key or use a computer :)
Note: Total number of possible btc addresses 2^160, it’s bigger than (the number of grains of
sand on earth) ^ 2

Elliptic Curve
y^2 = x^3 + ax + b
secp256k1
a = 0
b = 7
Max
(keysize)
More secure than RSA
A lot less space used
Pk = Sk * G

- When you make a transaction you sign it with your private key.
- A btc address is derived from a public key generated from your private key
and encoded in Base58Check
Bitcoin address?
k K A
Private key </= Public key </= Btc address
ECC Hashing

Bitcoin address Generation Steps
Public key
SHA256
RIPEMD160
1KbYHh7LjcUxpcrKWsxmrhEsrF9BjBS3km
RIPEMD = RACE Integrity Primitives
Evaluation Message Digest
Version Payload
SHA256
SHA256
First 4 bytes
Version Payload Checksum
Base58
Base58Check
Encode

- With a private key we can now sign transactions.
- Each transaction contains inputs transactions and outputs transactions. When
you create a transaction the inputs are your bitcoins, the outputs contains the
btc addresses you want to send these btc to.
- It's possible to sign a transaction that will only be valid in the future. You can
set a variable called nLockTime to either a timestamp or a block height. Then
the transaction will only be included in the blockchain after the block height or
timestamp you specified.
Transactions

Transactions
4 bytes Version Specifies which rules this
transaction follows
1-9 bytes (VarInt) Input Counter How many inputs are
included
Variable Inputs One or more transaction
inputs
1-9 bytes (VarInt) Output counter How many outputs do we
have
Variable Outputs One or more outputs
4 bytes nLockTime A unix timestamp or block
number

Transactions
Alice needs to pay Bob 5 BTC.
She has 6 BTC left in a previous unspent transaction output (UTXO),
she decides to use that UTXO as input of a new 5 BTC transaction to
Bob.
That means she’ll have to create a transaction with 2 UTXO, one is for
Bob btc address for 5 BTC, and the second one is for an address she
owns, for 1 BTC minus fees.
Alice previous txid (contains 6BTC):
3f4fa19803dec4d6a84fae3821da7a
c7577080ef75
16au1M18Pcu9wzz79
hAznvdh8nt1opjEcz
(5BTC bob)
14h22VUd4393feMAU
Xb8hbyJo5wmrKtezu
(1BTC - fees Alice)
All UTXO balance should always match transaction input balance
minus fees.

- The transaction Alice did is still not broadcasted to the network. So that’s
nothing more than a signed check for now.
Transactions

- Contains an amount of bitcoins, a LockScript (ScriptPubKey), and an
UnlockScript (ScriptSig)
UTXO
{
"txid" :
"263c018582731ff54dc72c7d67e858c002ae298835501d
80200f05753de0edf0",
"address" :
"mvbnrCX3bg1cDRUu8pkecrvP6vQkSLDSou",
"scriptPubKey" :
"76a914cbc20a7664f2f69e5355aa427045bc15e7c6c7728
8ac",
"amount" : 10.00000000,
"confirmations" : 0,
}
76a914cbc20a7664f2f69e5355aa427045bc15e7c6c77288ac
Is the hex representation of:
OP_DUP OP_HASH160 cbc20a7664f2f69e5355a
a427045bc15e7c6c772 OP_EQUALVERIFY OP_CHECKSIG

- Pay to Public Key Hash (P2PKH)
- Pay to Public Key
- Multi Signature (limit 15 keys)
- Pay to Script Hash (P2SH)
- Data Output (OP_RETURN)
Different transactions

When Alice pays Bob she generates a LockScript:
OP_DUP OP_HASH160 <Bob Public Key Hash> OP_EQUAL OP_CHECKSIG
To be able to spend that money, Bob needs to generate the following
UnlockScript:
<Bob Signature> <Bob public key>
Concatenating UnlockScript + LockScript and executing it should return TRUE.
Pay to Public Key Hash (P2PKH)

Same as before but without Hashes, it used to be the standard long time ago
when people didn’t have btc addresses but sent directly to pubkeys
<Bob Public Key> OP_CHECKSIG
UnlockScript:
<Bob Signature>
Concatenating UnlockScript + LockScript and executing it should return TRUE.
Pay to Public Key (P2PK)

A very interesting feature. You can create a lockScript that can only be unlocked if
multiple keys are used (limit 15). Great way to do joint accounts or escrow
systems.
M <pubkey 1> <pubkey 2> … <pubkey N> N OP_CHECKMULTISIG
M is the threshold of required signatures to spend the output and N the total
number of pubkeys.
UnlockScript:
OP_0 <Signature 1> <Signature 2>...
MultiSignature

This is a new way to do multi signatures transactions.
Pay to Script Hash (P2SH)
Without P2SH:
LockingScript: 2 Pubkey1 Pubkey2 OP_CHECKMULTISIG
UnlockingScript: Sig1 Sig2
With P2SH:
Redeem Script: 2 Pubkey1 Pubkey2 OP_CHECKMULTISIG
LockingScript: OP_HASH160 <20 bytes hash of redeem script> OP_EQUAL
UnlockingScript: Sig1 Sig2 redeem script

It is possible to simply write data in the blockchain in a transaction script. It’s very
useful for uses beyond payments, like stock certificates, proof of existence etc..
OP_RETURN <data>
This UTXO can never be spent and you can store a maximum of 80 bytes.
Data Output OP_RETURN

Miners:
- Check that transaction is signed with the key matching the inputs (i.e the
inputs belong to Alice and the message has not been tampered)
- Sum of inputs > Sum of outputs (Sum(inputs) - Sum(outputs) = fees)
- The inputs are unspent (would have to read the whole blockchain to check
that but nowadays there is an UTXO index for that purpose)
Miners and blocks

- Miner generate a coinbase transaction (no UTXO as input)
- SHA256(the content of the block header + a random value) needs to be lower
than a specific difficulty value.
- One block is mined every 10 minutes. Difficulty adjusted every 2016 blocks.
- Each block contains a Merkle Tree root, it’s used to quickly check if a specific
transaction is included in a specific block. All transactions are hashed and
summarized into one node at the root of the tree.
Proof of work

Genesis block
The first mined block has been mined by Satoshi Nakamoto on January 3rd 2009.
It’s called the Genesis block.
You can find this hidden message in it:
“ The Times 03/Jan/2009 Chancellor on brink of second bailout for banks.”
This message is here as a proof of the earliest date the block could have been mined

Sometimes 2 miners find the
solution at the same time.
2 blocks found at the same time?

Sometimes 2 miners find the
solution at the same time.
In that situation we have a fork.

The next miner finding a block
will have to choose one as a
parent block.

The bitcoin mining software
always choose the longest chain
by default for the next block.
So now we have an orphan
block!
All transactions in that block have
now 0 confirmations and are out
of the blockchain! These
transactions have to be included
in a block again. That’s why you
should always wait for 3
confirmations (blocks) at least.

If a miner had 50% of the mining
network they can in theory find a
block 50% of the time. That
means they can abuse the
system and do a double spend.
BTC Guild few years ago mined 6
blocks in a row.

Common double spend
c7577080ef75
1HYGn4HvcM8eZaAFb
GYSGxG1xPTRYXWt3z
(1BTC to Alice)
c7577080ef75
14h22VUd4393feMAU
Xb8hbyJo5wmrKtezu
(1BTC to Bob)

All blocks contain in their header
the hash of the previous block.
If the red block gets modified, all
subsequent blocks will have to be
recalculated.
Why is the past so immutable?

Pseudonymity
Bitcoin is not anonymous but pseudonymous.
Everyone can see all the transactions, who send money to whom, the values of transactions, etc
Your IP address is also inside each packet.
You also need to be careful of blockchain analysis. Many websites already do that and can find the
balance of big users (like exchanges etc).
Coinbase banned users buying drugs with their bitcoins, so they do blockchain analysis.
What people do usually to hide themselves is using Tumblers. (careful, prone to timing attacks and you
have to trust the tumbling service which could be and must be owned by the Feds)

Alternatives Blockchains based on Bitcoin’s code

Alternatives Blockchains NOT based on Bitcoin’s code

Cryptos based on a Tangle

Blockchains can be used for
- Voting systems (See https://www.ethereum.org/dao)
- Patents
- Smart Contracts
- Any contract, like a marriage contract with multiple keys owned by multiple people.
- Proving that something happened in the past (e.g Bob worked for company X from 2001 to 2003)
- Developing Escrow systems like Paypal with zero infrastructure/employees.
- Storing data in P2P in a secure manner (can’t be tampered, only the owners can modify)

Questions?

The bitcoin blockchain

More Related Content

What's hot (18)

Similar to The bitcoin blockchain (20)

Recently uploaded (20)

The bitcoin blockchain

Editor's Notes