Scribd
Upload
26 views115 pages

Lecture1 Cryptocurrency

CS 6290 is a course on Privacy Enhancing Technologies taught by Dr. Yuefeng Du at the City University of Hong Kong. The course covers topics such as cryptocurrency, confidential computing, and machine learning privacy, with assessments including reading summaries, group projects, and a final exam. Students are expected to engage in lectures and discussions, utilizing provided teaching materials and resources.

Uploaded by

hungsir86
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
26 views115 pages

Lecture1 Cryptocurrency

CS 6290 is a course on Privacy Enhancing Technologies taught by Dr. Yuefeng Du at the City University of Hong Kong. The course covers topics such as cryptocurrency, confidential computing, and machine learning privacy, with assessments including reading summaries, group projects, and a final exam. Students are expected to engage in lectures and discussions, utilizing provided teaching materials and resources.

Uploaded by

hungsir86
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 115

CS 6290

Privacy Enhancing Technologies

Department of Computer Science

Slides credit in part from A. Juels, D, Song, A. Miller, E. Ben-Sasson, D. Dziembowski,


A. Judmayer, F. Zhang, I. Eyal, J. Poon, and F. Greenspan
CS6290 Privacy-enhancing Technologies
1
Lecture 1 – Introduction

Dr. Yuefeng DU
CS Department
City University of Hong Kong
Teaching Team
• Instructor:
– Dr. Yuefeng DU, P6405@AC1
– Tel(O): 3442 6641
– Email: yf.du@cityu.edu.hk
• Teaching Assistant:
– Miss. Xinyan LI xinyanli4-c@my.cityu.edu.hk
– Mr. Yi LIU yiliu247-c@my.cityu.edu.hk
– Mr. WANG Longxiang longxwang4-c@my.cityu.edu.hk

CS6290 Privacy-enhancing Technologies 3


Teaching Materials
• Weekly lecture notes, tutorials, reading materials
– usually provided before class
• Reference books:
– Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction,
Princeton University Press, July 19, 2016
– Introduction to Modern Cryptography, by Katz and Lindell
– Introduction to Modern Cryptography
(https://cseweb.ucsd.edu/~mihir/cse207/classnotes.html) by Bellare and
Rogaway

CS6290 Privacy-enhancing Technologies 4


Teaching Pattern
• Lecture and Tutorials (3 hours per week)
– Information sessions
– Discussions on commonly asked question
– Student led presentations based on lecture materials/assigned
readings

CS6290 Privacy-enhancing Technologies 5


Assessment
• 60% Continuous Assessment:
– 40 % reading summary every three weeks
• 4 summaries to be submitted in total
• 2 pages per summary for at least 2 assigned papers
– 20 % group project + oral presentation
• 3 students (tentative) per group
• Systems projects, theoretical projects, or survey projects
• 40% Final examination
• Plagiarism will not be tolerated

CS6290 Privacy-enhancing Technologies 6


Average Grades in Past Semesters
Semester Coursework Exam Final Mark

2023-2024, semester B 81.38 56.77 71.54

2022-2023, semester B 85.18 52.64 72.16

2020-2021, semester B 81.66 58.29 72.31

2019-2020, semester B 91.25 59.37 78.50

2018-2019, semester B 83.29 62.62 75.02

CS6290 Privacy-enhancing Technologies 7


Announcements and Q&A
• You have to check Canvas and emails!
– Announcements, material, assignments, etc.
• Ask questions:
– Use canvas->discussions
• Serve like a public bulletin so everyone can see the discussions
• TAs and I will check the discussions daily
– Email to me or TAs
• Use CityU mailbox, i.e., yf.du@cityu.edu.hk
• Do NOT use Canvas->mailbox(inbox)!
– Mails could get lost…

CS6290 Privacy-enhancing Technologies 8


Course Overview
Intended Learning Outcomes
• Identify and analyse common privacy issues of modern applications,
and suggest countermeasures;
• Explain the concept and design principles of privacy-enhancing
mechanisms with merits assessment;
• Describe and analyse guidelines to apply privacy-enhancing
techniques in real-world settings.
• Understand constraints of different privacy-enhancing designs and
identify directions to address shortcomings.
• Document and evaluate the effectiveness of privacy-enhancing
designs through written reports and oral presentations.

CS6290 Privacy-enhancing Technologies 10


Tentative Course Overview
• An introduction to four advanced topics and their respective
privacy enhancing technologies, including:
– Part I: Cryptocurrency and blockchain systems
• Bitcoin and how it works, scalability issues, and smart contracts
– Part II: Confidential computing technologies
• Focus on ZKP, MPC, homomorphic encryptions
– Part III: Machine learning and data privacy (if time permits)
• Security and privacy in ML systems, differential privacy

CS6290 Privacy-enhancing Technologies 11


Tentative Course Overview
• An introduction to three advanced topics and their
respective privacy enhancing technologies, including:
– Part I: Cryptocurrency and blockchain systems
• Bitcoin and how it works, scalability issues, and smart contracts
– Part II: Confidential computing technologies
• Focus on ZKP, MPC, homomorphic encryptions
– Part III: Machine learning and data privacy (if time permits)
• Privacy issues and attacks in ML systems and countermeasures

CS6290 Privacy-enhancing Technologies 12


The rise of cryptocurrencies
Bitcoin Price (USD) – Source : coinbase.com

Peak : ~HKD 500,000

• Bitcoin sparked research into multiple challenging


areas and applications
• More than 2000+ cryptocurrency startups

CS6290 Privacy-enhancing Technologies


13
Bitcoin use today

CS6290 Privacy-enhancing Technologies


14
CS6290 Privacy-enhancing Technologies
15
ATMs

Sell your Bitcoins!


CS6290 Privacy-enhancing Technologies
16
CS6290 Privacy-enhancing Technologies
17
Bitcoin has its dark sides…

CS6290 Privacy-enhancing Technologies


18
Bitcoin has its dark sides…

CS6290 Privacy-enhancing Technologies


19
How Bitcoin works?

CS6290 Privacy-enhancing Technologies


20
Background: hash function
• Map data of arbitrary size to data of a fixed size
• E.g., takes any string as input and generates fixed-size output
(we’ll use 256 bits)
• Efficiently computable

• Security properties:
• Collision-resistant
• Hiding
• Puzzle-friendly

CS6290 Privacy-enhancing Technologies


21
Property 1: Collision-resistant
• Difficult to find x and y such that
x != y and H(x)=H(y)

H(x) = H(y)
y

CS6290 Privacy-enhancing Technologies


22
Collisions do exist ...

possible outputs
possible inputs

… but can anyone find them?

CS6290 Privacy-enhancing Technologies


23
How to find a collision
• A cryptographic hash is expected to have a collision resistance
strength of n/2 bits (lower due to birthday paradox)
• If you can randomly generate a sequence 2130 inputs
99.97% chance that two of them will collide

• This works no Is there a faster way to find collisions?


matter what H is … For some possible H’s, yes.
• But it takes too long For others, we don’t know of one.
to matter No H has been proven collision-free.

CS6290 Privacy-enhancing Technologies


24
Application: Hash as message digest
• If we know H(x) = H(y),
it’s safe to assume that x = y.

• To recognize a file that we saw before,


just remember its hash.

• Useful because the hash is small for network transmission.

CS6290 Privacy-enhancing Technologies


25
Property 2: Hiding
• We want something like this:
Given H(x), it is infeasible to find x.

H(“heads”)
easy to find x!

H(“tails”)

CS6290 Privacy-enhancing Technologies


26
Hiding property
• If r is sampled uniformly at random from a high-entropy domain, then
given an outcome
H(r | | x), it is infeasible to find x.

Note: r is a secret and is NOT given here.

No particular value is chosen with more than negligible probability.

CS6290 Privacy-enhancing Technologies


27
Commitment API
• (com, key) := commit(msg)
• match := verify(com, key, msg)

• Security properties:
• Hiding: Given com, infeasible to find msg.
• Binding: Infeasible to find msg != msg’ such that
verify(commit(msg), msg’) == true

CS6290 Privacy-enhancing Technologies


28
Concrete construction sample
• commit(msg) := ( H(key | msg), H(key) )
where key is a random 256-bit value
• verify(com, key, msg) := ( H(key | msg) == com )

• Security properties:
• Hiding: Given H(key | msg), infeasible to find msg.
• Binding: Infeasible to find msg != msg’ such that
H(key | msg) == H(key | msg’)

CS6290 Privacy-enhancing Technologies


29
Property 3: Puzzle-friendly
Puzzle-friendly:
• For every possible output value y,
if k is chosen uniformly at random and public to all,
then it is infeasible to find x such that H(k | x) = y.

CS6290 Privacy-enhancing Technologies


30
Application: Search puzzle
• Given a “puzzle ID” k,
and a target set Y:

Try to find a “solution” x such that


H(k | x) ∈ Y.

• Puzzle-friendly property implies that no solving strategy is much


better than trying random values of x.

CS6290 Privacy-enhancing Technologies


31
Hash Pointers
• Hash pointer is:
• pointer to where some info is stored, and
• (cryptographic) hash of the info

• If we have a hash pointer, we can


• ask to get the info back, and
• verify that it hasn’t changed

CS6290 Privacy-enhancing Technologies


32
H( )
(data) will draw hash
pointers like this

CS6290 Privacy-enhancing Technologies


33
“blockchain”
• key idea: build data structures with hash pointers
• linked list with hash pointers = “block chain”

H( )
prev: H( ) prev: H( ) prev: H( )

data data data

use case: tamper-evident log


CS6290 Privacy-enhancing Technologies
34
Detecting tampering
H( )

prev: H( ) prev: H( ) prev: H( )

data data data

use case: tamper-evident log

CS6290 Privacy-enhancing Technologies


35
Background: Digital Signatures
• What we want from signatures:
• Only you can sign, but anyone can verify
• Signature is tied to a particular document

(sk, pk) := generateKeys(keysize)


sk: secret signing key
pk: public verification key

sig := sign(sk, message) API for digital


signatures
isValid := verify(pk, message, sig)

CS6290 Privacy-enhancing Technologies


36
Requirements for signatures
• “valid signatures verify”
• verify(pk, message, sign(sk, message)) == true

• “can’t forge signatures”


adversary who:
knows pk
gets to see signatures on messages of his choice
can’t produce a verifiable signature on another message

CS6290 Privacy-enhancing Technologies


37
Useful trick: public key == an identity

if you see sig such that verify(pk, msg, sig)==true,


think of it as
pk says, “[msg]”.

to “speak for” pk, you must know matching secret key sk

CS6290: Privacy Enhancing Technologies


GoofyCoin

CS6290: Privacy Enhancing Technologies


Goofy can create new coins

New coins belong to me.

signed by pkGoofy
CreateCoin [uniqueCoinID]

CS6290: Privacy Enhancing Technologies


A coin’s owner can spend it.

Alice owns it now.

signed by pkGoofy
Pay to pkAlice : H( )

signed by pkGoofy
CreateCoin [uniqueCoinID]

CS6290: Privacy Enhancing Technologies


The recipient can pass on the coin again.

signed by pkAlice Bob owns it now.

Pay to pkBob : H( )

signed by pkGoofy
Pay to pkAlice : H( )

signed by pkGoofy
CreateCoin [uniqueCoinID]

CS6290: Privacy Enhancing Technologies


double-spending attack

signed by pkAlice signed by pkAlice


Pay to pkBob : H( ) Pay to pkChuck : H( )

signed by pkGoofy
Pay to pkAlice : H( )

signed by pkGoofy
CreateCoin [uniqueCoinID]

CS6290: Privacy Enhancing Technologies


double-spending attack

the main design challenge in digital currency

CS6290: Privacy Enhancing Technologies


ScroogeCoin

CS6290: Privacy Enhancing Technologies


Scrooge publishes a history of all transactions
(a block chain, signed by Scrooge)
H( )

prev: H( ) prev: H( ) prev: H( )


transID: 71 transID: 72 transID: 73

trans trans trans

optimization: put multiple transactions in the same block

CS6290: Privacy Enhancing Technologies


CreateCoins transaction creates new coins

Valid, because I said so.

transID: 73 type:CreateCoins

coins created
num value recipient

0 3.2 0x... coinID 73(0)

1 1.4 0x... coinID 73(1)

2 7.1 0x... coinID 73(2)

CS6290: Privacy Enhancing Technologies


PayCoins transaction consumes (and destroys) some coins,
and creates new coins of the same total value

transID: 73 type:PayCoins

consumed coinIDs:
68(1), 42(0), 72(3)
Valid if:
coins created -- consumed coins valid,
-- not already consumed,
num value recipient
-- total value out = total value in, and
0 3.2 0x... -- signed by owners of all consumed coins

1 1.4 0x...

2 7.1 0x...

signatures

CS6290: Privacy Enhancing Technologies


What are the problems with ScroogeCoin?

Can we use ScroogeCoin in real life?

CS6290: Privacy Enhancing Technologies


Can we use ScroogeCoin in real life?

“How to Time-Stamp a Digital Document”, Haber and Stornetta,


1991

Surety: Linked-timestamping service, 1995

Publishes hash of the tail on New York Times,


Lost and Found section

CS6290: Privacy Enhancing Technologies


Don’t worry, I’m honest.

Crucial question:

Can we descroogify the currency,


and operate without any central,
trusted party?

CS6290: Privacy Enhancing Technologies


Bitcoin: A Peer to Peer Electronic
Cash System

CS6290 Privacy-enhancing Technologies


52
CS6290 Privacy-enhancing Technologies
53
Privacy problem?

CS6290 Privacy-enhancing Technologies


54
CS6290 Privacy-enhancing Technologies
55
CS6290 Privacy-enhancing Technologies
56
blinded

CS6290 Privacy-enhancing Technologies


57
Conditional anonymity
• Intuition:
• Identity encoded as value b
• Coin randomness encoded as value a
• Receiver challenges coin spender to reveal point f(x)
when spending
• Double-spending: two points uniquely specify a line

CS6290 Privacy-enhancing Technologies


58
Despite promising, we still need
a trusted third party.

CS6290 Privacy-enhancing Technologies


59
The Times 03/Jan/2009 Chancellor on
brink of second bailout for banks.

Paper published in 2008


Source code in 2009
60
CS6290: Privacy Enhancing Technologies
Wait…But who is Nakamoto?
Bitcoin’s face And another …
Another theory…

Maybe not. 61
CS6290 Privacy-enhancing Technologies
Bitcoin design -- from basic
principles

CS6290 Privacy-enhancing Technologies


62
Key property #1
Bitcoin is pseudonymous
1. Each entity X has an (ECDSA) key pair (PKX,
SKX)
2. No association between X and real-world
identity

PK: hUK67H9fyg

SK: z4Pxc2kKn3

CS6290 Privacy-enhancing Technologies


63
Recall: digital signature
• First, create a message digest using a cryptographic hash
• Then, sign the message digest with your private key

Authentication
Integrity

Non-repudiation

CS6290 Privacy-enhancing Technologies 64


Digital signatures are used in Bitcoin

CS6290 Privacy-enhancing Technologies


65
Could build naïve system…

CS6290 Privacy-enhancing Technologies 66


CS6290 Privacy-enhancing Technologies 67
The Double Spending Problem

CS6290 Privacy-enhancing Technologies 68


What a bank will do to prevent
double spending?

Maintain a ledger to record every transaction!


CS6290 Privacy-enhancing Technologies
69
Bitcoin entities emulate a public
trusted bulletin-board (ledger)

CS6290 Privacy-enhancing Technologies 70


The public ledger prevents double
spending

Ledger

The ledger shows that you’ve


already spent this coin to Y!

CS6290 Privacy-enhancing Technologies


71
Key property #2
Bitcoin is decentralized
1. Has a ledger, but with no Bank!
2. The ledger is agreed upon and distributed
among many entities
3.The ledger is called blockchain in Bitcoin

CS6290 Privacy-enhancing Technologies 72


SKA

CS6290 Privacy-enhancing Technologies


73
Block of transactions

One block every 10 minutes Q: what’s the average transaction rate?


Around 2000 transactions per block (transactions/second)
https://ycharts.com/indicators/bitcoin_average_transactions_per_block Assessed on Jan. 5 2023.

CS6290 Privacy-enhancing Technologies 74


UTXO Model
• Unspent transactions output (UTXO)
• No explicit “account balances”
• Structured in terms of transactions

• Your account balance is the combined value


of all UTXOs you control

• Each transactions consumes at least one


UTXO and creates at least one UTXO

• Each UTXO can only be consumed at most once and only in its entirety
• The sum of a transactions inputs must be greater or equal to the sum of its outputs
• The difference is the transaction fee
CS6290 Privacy-enhancing Technologies
75
Demo
1 Inputs: Ø
time
Outputs: 25.0→Alice we implement this
with hash pointers
2 Inputs: 1[0]
Outputs: 17.0→Bob, 8.0→Alice
SIGNED(Alice)

3 Inputs: 2[0] finite scan to


check for
Outputs: 8.0→Carol, 9.0→Bob validity
SIGNED(Bob)

4 Inputs: 2[1] is this valid?


Outputs: 6.0→David, 2.0→Alice
SIGNED(Alice)

SIMPLIFICATION: only one transaction per block

CS6290: Privacy Enhancing Technologies


Merging value
time
1 Inputs: ...
Outputs: 17.0→Bob, 8.0→Alice
SIGNED(Alice)
...
2 Inputs: 1[1]
Outputs: 6.0→Carol, 2.0→Bob
SIGNED(Carol)
...
3 Inputs: 1[0], 2[1]
Outputs: 19.0→Bob
SIGNED(Bob)

SIMPLIFICATION: only one transaction per block

CS6290: Privacy Enhancing Technologies


Joint payments
time
1 Inputs: ...
What if this
Outputs: 17.0→Bob, 8.0→Alice
SIGNED(Alice)
input is 1[0]?
...
2 Inputs: 1[1]
Outputs: 6.0→Carol, 2.0→Bob
SIGNED(Alice)
...
3 Inputs: 2[0], 2[1]
two signatures!
Outputs: 8.0→David
SIGNED(Carol), SIGNED(Bob)

SIMPLIFICATION: only one transaction per block

CS6290: Privacy Enhancing Technologies


Key challenge in Bitcoin
• Distributed consensus:
All “correct” nodes decide on the same value
This value must have been proposed by some correct node
The protocol terminates

(more about this in the next class…)

CS6290 Privacy-enhancing Technologies


79
Bitcoin is a peer-to-peer system
When Alice wants to pay Bob:
she broadcasts the transaction to all Bitcoin nodes

signed by Alice
Pay to pkBob : H( )

Note: Bob’s computer is not in the picture

CS6290: Privacy Enhancing Technologies


How consensus could work in
Bitcoin
At any given time:
• All nodes have a sequence of blocks of transactions
they’ve reached consensus on
• Each node has a set of outstanding transactions it’s heard
about Tx
Tx

Tx
Tx Tx Tx
Tx Tx Tx Consensus
… … … protocol
Tx Tx Tx
Tx Tx
Outstanding transactions Tx Tx
… …
Tx Tx
CS6290 Privacy-enhancing Technologies
81
How consensus could work in
Bitcoin (cont.)
• Now, how does system decide which block to be extended?
• Ideal for P2P system: All clients in the world vote on the correct
new block

Tx
Tx

Tx
Tx Tx Tx
Tx Tx Tx New
… … … block Consensus
Tx Tx Tx protocol
Outstanding transactions
Tx Tx
Tx Tx
… …
Tx Tx
CS6290 Privacy-enhancing Technologies
82
How consensus could work in
Bitcoin (cont.)
• But it’s hard to ensure one vote per machine in a P2P system
• E.g., there’s the problem of “Sybil” attacks
• one user creates multiple identities

• So “voting” (cleverly) in Bitcoin takes the form of hash power.


• I.e., one vote per CPU (roughly speaking)

CS6290 Privacy-enhancing Technologies


83
“Mining” in Bitcoin
• All miners execute communal, computationally–
intensive process called mining.
• Together, mining community defines blockchain
• Intuition:
• All miners collectively search for hard-to-compute
“signature” on new block (solve a puzzle)
• Attacker with little computing power unlikely to mine
new valid block faster than honest ones
• Security: assume less than 50% malicious

CS6290 Privacy-enhancing Technologies


84
Block Mining

CS6290 Privacy-enhancing Technologies


85
Block Mining

CS6290 Privacy-enhancing Technologies


86
Demo

Block 1 Block 2 Block 3 ...


... ... ...
Pending TXs
- Alice: 10:Bob
….

Miner Miner

Miner
Miner
Miner

CS6290: Privacy Enhancing Technologies


Miners commit new transactions
by solving puzzles
= 0x000***...

Hash( prevBlock
Block 3 | newTXs | 0xb9824
nonce ) = 0x000c3f...
0x2cf24
0x30e26
0xc5b9e 0x000***...
0xdba5fb...
0x61e5c1...
0x04336a...

- 12.5 bonus for Miner


- Alice: 10:Bob Each attempt has 16-3 chance
... of success

Block 1 Block 2 Block 3 ...


... ... ... Miner
Pending TXs
- Alice:10:Bob
….

CS6290: Privacy Enhancing Technologies


...
Block 1 Block 2 Block 3 Block 4
... ... ... ...

I found a new
valid block

Miner
Alice Bob

Miner
Miner I agree with that guy
(after checking)
Miner
I also agree with that guy
No luck this time…
(after checking)
Work on the next block!

CS6290: Privacy Enhancing Technologies


Longest Chain Rule
• One subtle question
• Which chain should miner 1 work on?
▪ His local one, or the one broadcast by miner 2
• Longest chain!
No luck this time… ...
Work on the next block! Block 1 Block 2 Block 3 Block 4
... ... ... ...

Miner
1
Block 1 Block 2 Block 3
... ... ...

Miner
2

CS6290 Privacy-enhancing Technologies


90
What’s the incentive
for miners to mine?
• Key idea: Bitcoin is a lottery 20
18/
1/
8 37
-ex
pansi
on.
svg

• Every miner tries tickets until a “winning”


one is found
• The reward for the winner: Bitcoin!
• Special transaction (coinbase) in block
assigns BTC to winner
• Originally, 50 BTC/block; today, 6.25
BTC/block
• Winner also gets transaction fees

Jan. 2023, height ≈


• 21 million BTC will be produced 770k
over the lifetime of the system
CS6290 Privacy-enhancing Technologies
91
What’s the incentive
for miners to mine?
• Key idea: Bitcoin is a lottery
• Every miner tries tickets until a “winning”
one is found
• The reward for the winner: Bitcoin!
• Special transaction (coinbase) in block
assigns BTC to winner
• Originally, 50 BTC/block; today, 6.25
BTC/block
• Winner also gets transaction fees

• 21 million BTC will be produced transaction fee = transaction Miner: I am more willing to
value – spent value include your transaction as I
over the lifetime of the system
(transaction fee ≥ 0) can earn more BTC from it!
CS6290 Privacy-enhancing Technologies 92
What’s the incentive
for miners to mine?
• In principle, Bitcoin is democratic
• Anyone can mine
• Reward is proportional to computational
investment
• But…

CS6290 Privacy-enhancing Technologies


93
How long will it take to
find a block?
• In the early days, with an PC (CPU mining).
while (1){
HDR[kNoncePos]++;
IF (SHA256(SHA256(HDR)) < (65535 << 208)/ DIFFICULTY)
return;
}

A typical PC can crank out about one bitcoin


𝟏
every 4 years. -- WSJ Oct. 2017
𝟐
https://www.wsj.com/articles/hackers-latest-move-using-your-computer-to-mine-bitcoin-1509102002. By Robert McMillan.

CS6290 Privacy-enhancing Technologies


94
GPU mining

• GPUs designed for high-performance graphics


• High parallelism
• High throughput
• First used for Bitcoin ca. October 2010
• Implemented in OpenCL

CS6290: Privacy Enhancing Technologies


Source:
LeonardH,
cryptocurren
ciestalk.com

CS6290: Privacy Enhancing Technologies


FPGA mining

• Field Programmable Gate Area


• First used for Bitcoin ca. June 2011
• Implemented in Verilog

CS6290: Privacy Enhancing Technologies


Bob Buskirk, thinkcomputers.org

CS6290: Privacy Enhancing Technologies


Bitcoin ASICs

Special purpose!
CS6290: Privacy Enhancing Technologies
Professional mining centers

Needs:
cheap power
good network
cool climate

BitFury mining center, Republic of Georgia, 2014

CS6290: Privacy Enhancing Technologies


CS6290: Privacy Enhancing Technologies
Evolution of mining

CPU GPU FPGA ASIC

gold pan sluice box placer mining pit mining

CS6290: Privacy Enhancing Technologies


CS6290 Privacy-enhancing Technologies
103
CS6290 Privacy-enhancing Technologies
104
Node Types in Bitcoin Network

CS6290 Privacy-enhancing Technologies


105
CS6290 Privacy-enhancing Technologies
106
Storage
• Full nodes:
• Store entire blockchain
• Enforce consensus rules, ensuring
blocks in blockchain adhere to
• 6.25 BTC reward
• Correct signatures on transactions
• BTC not double-spent
• Etc…
CS6290 Privacy-enhancing Technologies
107
Full node distribution

CS6290 Privacy-enhancing Technologies


108
Bitcoin Wallets

CS6290 Privacy-enhancing Technologies


109
Bitcoin Wallets: Under the Hood

CS6290 Privacy-enhancing Technologies


110
Brain Wallets

CS6290 Privacy-enhancing Technologies


111
Brain Wallets

CS6290 Privacy-enhancing Technologies


112
Related References
• Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan , Joshua
A. Kroll, and Edward W. Felten. “SoK: Research Perspectives and
Challenges for Bitcoin and Cryptocurrencies”, in Proc. of IEEE S&P 2015.
• Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, Steven
Goldfeder. “Bitcoin and Cryptocurrency Technologies”, in Princeton
University Press, 2016 (first two chapters)
• Satoshi Nakamoto. “Bitcoin: A Peer-to-Peer Electronic Cash System”
• Bitcoin Wiki, online at https://en.bitcoin.it/wiki/Main_Page
• Maurice Herlihy. “Blockchains from a Distributed Computing Perspective ”,
2018

CS6290: Privacy Enhancing Technologies


Playground Demo

• Start from hash:


• https://andersbrownworth.com/blockchain/hash
• Till tokens:
• https://andersbrownworth.com/blockchain/tokens

CS6290: Privacy Enhancing Technologies


What’s Next
• Byzantine Fault Tolerance (BFT)
• Some enhanced consensus algorithms for scaling the original Bitcoin
design
• Bitcoin-NG
• GHOST (adopted by Ethereum)
• Proof-of-Stake protocols
• Sharding
• Etc…

CS6290 Privacy-enhancing Technologies


115

You might also like