trick or treat?: bitcoin for non-believers, cryptocurrencies for cypherpunks
TRANSCRIPT
Trick or Treat? Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
David EvansUniversity of Virginiawww.cs.virginia.edu/evansbitcoin-class.org
DC Area Crypto DayAll Hallows’ Eve2
Johns Hopkins University
Plan
Tutorial Introduction to Bitcoin
Hype vs. Reality in Bitcoin Today
Scaling Bitcoin
Ombuds (Nick Skelsey)
1
What is money?
2
3
Aristotle’s Politics 350 BCE
Fiat Currency
4
5
With a strong enough army, anything can be a fiat currency
Centralized Digital Currency
6Trusted Bank
Account No. Owner’s Identify Value
3022493 Alice 2033.23
3022494 Bob 85733.03
3022495 Colleen 24331.77
3022496 Dave 0.01
7
Communications of the ACMOctober 1985
8
Communications of the ACMOctober 1985
First Wave Cryptocurrency
9David Chaum
First Wave Cryptocurrency
10David Chaum
Bankrupt, 1998
Decentralized CurrencyCurrency without trust
11
Double Spending Challenge
12
M = transfer X to Bob SignKRA[H(M)]
Bob wants to verify:1. Alice owns X2. Alice hasn’t transferred X3. The coin will be valuable for Bob
Double Spending Challenge
13
M = transfer X to Bob SignKRA[H(M)]
Bob wants to verify:1. Alice owns X2. Alice hasn’t transferred X3. The coin will be valuable for Bob
Node CNode A Node B
txb
txb
14
M = transfer X to Bob SignKRA[H(M)]
Bob wants to verify:1. Alice owns X2. Alice hasn’t transferred X3. The coin will be valuable for Bob
Node CNode A Node B
txb
txb
M = transfer X to Coleen SignKRA[H(M)]
txc
15
M = transfer X to Bob SignKRA[H(M)]
Bob wants to verify:1. Alice owns X2. Alice hasn’t transferred X3. The coin will be valuable for Bob
Node CNode A Node B
txb
txb
M = transfer X to Coleen SignKRA[H(M)]
txc
16
M = transfer X to Bob SignKRA[H(M)]
Bob wants to verify:1. Alice owns X2. Alice hasn’t transferred X3. The coin will be valuable for Bob
Node CNode A Node B
txb
txb
M = transfer X to Coleen SignKRA[H(M)]
txc
Node E
Node D
Satoshi’s Solution
17
Blockchain
18
B0H(B0) Nonce
Transactions
H(B1) Nonce
Transactions
H(B2) Nonce
Transactions
Distributed ledger maintained by network of untrusted nodesBlocks added require proof-of-workNode’s agree to consensus: longest (most difficult) chain
Incentives designed to encourage network nodes to:Validate and record transactionsSpend effort on extending consensus chain
19
BitcoinTransaction
Input 1: v1, a1
Input 2: v2, a2
…
Output 1: x1, d1
Output 2: x2, d2
…
transaction fees = sum(input values) – sum(output values)(must be non-negative for valid transaction)
Bitcoin Script
20
OP_DATA <public key>OP_CHECKSIG
Lock
ing
Scri
pt
OP_DATA <signature>
Un
lock
ing
Scri
pt
Transactio
na0
b6
ea…
..
Input 1: v1, a1
Output 1: x1, d1
Output 2: x2, d2
…
Transactio
nd
87
30
d…
Locking Script
Unlocking Script
If B
itco
in A
dd
ress
wer
e ju
st p
ub
lic k
ey
Bitcoin Script
21
OP_DUPOP_HASH160OP_DATA <bitcoin address>OP_EQUALVERIFY OP_CHECKSIGLock
ing
Scri
pt
OP_DATA <signature>OP_DATA <public key>
Un
lock
ing
Scri
pt
Transactio
na0
b6
ea…
..
Input 1: v1, a1
Output 1: x1, d1
Output 2: x2, d2
…
Transactio
nd
87
30
d…
Locking Script
Unlocking Script
Bit
coin
Ad
dre
ss =
H(p
ub
lic k
ey)
OP_RETURN (until July 2010)
22
https://github.com/bitcoin/bitcoin/blob/v0.1.5/script.cpp#L170
Universal Unlocking Script!OP_DATA 1OP_RETURN
23
Example Transaction
Fees are optional…
24
25
Exhibit B
26
BitcoinTransaction
Input 1: v1, a1
Input 2: v2, a2
…
Output 1: x1, d1
Output 2: x2, d2
…
transaction fees = sum(input values) – sum(output values)(must be non-negative for valid transaction)
How is new bitcoin created?
27
CoinbaseTransaction
Output 1: x1, d1
Output 2: x2, d2
…
sum(output values) ≤ sum(transaction fees) + mining reward
mining reward = 50 BTC 2floor(block number / 210,000)
28
Bitcoin’s Proof-of-Work
29
B0H(B0) Nonce
Transactions
H(B1) Nonce
Transactions
H(B2) Nonce
Transactions
Find a nonce x such that: SHA-256(SHA-256(r || x)) < T/d
r = header includes H(previous block)root of Merkle tree of transactions
30
difficulty = 62,253,982,450expected hashes = 2.67 * 1020 ~ 268
“number of grains of sand on earth”
Actual Bitcoin Block
31
https://en.bitcoin.it/wiki/Protocol_documentation#Block_Headers
Mining32
(General-Purpose)Computers are Useless
33
34
XOR two 32-bit values in CPU XOR two 32-bit values in ASIC
4 transistors XOR design
35
https://en.bitcoin.it/wiki/Mining_hardware_comparison
36
37
38
Fire at mining facility in Thailand, 14 Oct 2014Photo credit: www.thairath.co.th
39
40
41
Entire bitcoin network: 1/10th Lake Anna Power Station
42
Bitcoin Hype!
43
William Mougayar, The Global Landscape of Blockchain Companies in Financial Services
44
Google Trends
Renminbi
BitcoinDec 2013
45
Bitcoin “Hype”
Bitcoin MarketPrice (US$)
Reality Check
46
Bitcoin “Market Capitalization” = Number of Bitcoins ✕ Market Price
= 14,777,800 ✕ $314 = $4.64B
What does a $4.64B Market Cap company look like?
47
48
NASDAQ: WOOFMarket Cap: $4.4BAverage daily trading: $35M
BitcoinMarket Cap: $4.6BAverage daily transactions: $50M (?)Average daily US$ exchange value: $3M
Can Bitcoin Scale?
49
50
https://github.com/bitcoin/bitcoin/blob/master/src/consensus/consensus.h
51https://github.com/bitcoin/bitcoin/blob/master/src/main.cpp
52https://github.com/bitcoin/bitcoin/blob/master/src/main.cpp
Scale Today
53
Block Size = 1MBTypical transaction size ~ 500 BytesMaximum of ~2000 transactions per block / 10 minutesSo, about 3-4 transactions per second
Scale Today
54
Cost to control bitcoin (assuming other miners are “rational”):value per block-minute = $7500/10 minutes ~ $750/minute ~ $1M/dayto increase to $1B/day with current transaction rate:
$3472 fee per transaction (without losing transactions)or 33 Billion transactions per day (with current $0.03 fee)
Block Size = 1MBTypical transaction size ~ 500 BytesMaximum of ~2000 transactions per block / 10 minutesSo, about 3-4 transactions per second
$1B / day =
Scale Today
55
Cost to control bitcoin (assuming other miners are “rational”):value per block-minute = $7500/10 minutes ~ $750/minute ~ $1M/dayto increase to $1B/day with current transaction rate:
$3472 fee per transaction (without losing transactions)or 33 Billion transactions per day (with current $0.03 fee)
Block Size = 1MBTypical transaction size ~ 500 BytesMaximum of ~2000 transactions per block / 10 minutesSo, about 3-4 transactions per second
Transactions per DayVISA: 300MInterbank: 100M
Scale Today
56
Cost to control bitcoin (assuming other miners are “rational”):value per block-minute = $7500/10 minutes ~ $750/minute ~ $1M/dayto increase to $1B/day with current transaction rate:
$3472 fee per transaction (without losing transactions)or 33 Billion transactions per day (with current $0.03 fee)
Block Size = 1MBTypical transaction size ~ 500 BytesMaximum of ~2000 transactions per block / 10 minutesSo, about 3-4 transactions per second
Transactions per DayVISA: 300MInterbank: 100MCash: 20B?
Scale Today
57
Cost to control bitcoin (assuming other miners are “rational”):value per block-minute = $7500/10 minutes ~ $750/minute ~ $1M/dayto increase to $1B/day with current transaction rate:
$3472 fee per transaction (without losing transactions)or 33 Billion transactions per day (with current $0.03 fee)
Block Size = 1MBTypical transaction size ~ 500 BytesMaximum of ~2000 transactions per block / 10 minutesSo, about 3-4 transactions per second
Transactions per DayVISA: 300MInterbank: 100MCash: 20B?Facebook Likes: 4.5BSMS Messages: 25BWhatsApp Msg: 50B
Distributed microblogging
58Nick Skelsey – Cofounder @ Soapbox Systems