Article Directory
1. What is Bitcoin?
Bitcoin is an electronic currency (digital currency), and Bitcoin is a currency based on cryptography. On November 1, 2008, Satoshi Nakamoto (I don't know whether it is a human or an AI, an organization or an individual?) proposed the concept of Bitcoin. He published a paper on Bitcoin, which is now the "white paper" of Bitcoin. Link to Satoshi Nakamoto’s original Bitcoin paper pdf: Bitcoin
proposes a decentralized electronic accounting system in the article . The traditional electronic cash is the bank to keep accounts, because the bank is behind the country’s credit, decentralized electronics The accounting system is the joint accounting of participants. People obtain Bitcoin through mining and complete payment through public accounting .
2. The principle of blockchain
(1) Merkel tree
A hash tree or Merkel tree is a tree in which each leaf node is marked with the password hash of the data block, and each non-leaf node is marked with the password hash of its child node label. . Hash trees allow effective and safe verification of the contents of large data structures. Hash tree is a generalization of hash list and hash chain. In order to prove that a leaf node is part of a given binary hash tree, it is necessary to calculate the number of hashes that is proportional to the logarithm of the number of leaf nodes of the tree. This is the opposite of the hash list, and the number of the hash list is the same as the leaf node itself. Is directly proportional to the number.
This is an example of a binary hash tree. Hash 0-0 and 0-1 are the hash values of data blocks L1 and L2, respectively, and hash 0 is the concatenation of hashes 0-0 and 0-1.
(2). Block and blockchain
In the block chain there in a lot of blocks , these blocks are encrypted link, each block contains a block header and transaction information (usually Merkel tree representation), contained in the header information in Hash sequence, timestamp. According to the design, the blockchain can resist the modification of its data. This is because once recorded, the data in any given block cannot be changed retrospectively without changing all subsequent blocks.
Logically speaking, the blockchain can be seen as consisting of 5 layers:
1. Infrastructure (hardware)
2. Network (node discovery, information dissemination and verification)
3. Consensus (proof of work, shareholding certificate)
4. Data (Blocks, transactions)
5. Applications (dApps)
cannot be retrospectively changed because the data in any given block does not need to change all subsequent blocks. In response to this
, the formation of the blockchain. The main chain (black) consists of the longest series of blocks from the founding block (green) to the current block. There are isolated blocks (purple) outside the main chain.
Allow participants to independently and relatively cheaply verify and review transactions. Use peer-to-peer networks and distributed timestamp servers to autonomously manage blockchain databases. They certify that they carry collective self-interest through large-scale collaboration. Such a design promotes a robust workflow in which participants’ uncertainty about data security is negligible. The use of blockchain eliminates the infinite reproducibility of digital assets. It confirmed that each unit of value was transferred only once, thus solving the long-standing double-spending problem. Blockchain has been described as a value exchange protocol. Blockchain can maintain ownership because when properly set up to detail the exchange agreement, it can provide a record of mandatory offers and acceptances.
A simple example: A transaction was initiated among the four persons on ABCD. Among them, A transferred 100 bitcoins to B. Because this is a decentralized accounting method. Therefore, each of these four people will record this transaction on their own ledger, and will record the transfer of 100 bitcoins from A to B. This is a piece of transaction information that will be recorded in the block. Each block is 1MB in size and can store about 4k pieces of information. In this block, why would I use A as the standard to notify others? Who will we use in normal trading? And why should we keep accounts? Is it good for us? These are all problems encountered in design.
3. Reasons for using blockchain for accounting
As it is said that there is no benefit, Satoshi Nakamoto mentioned the incentive scheme in his paper on the design of blockchain. The person who keeps the book will get two kinds of benefits: the first is the reward of the handling fee, and the second is the reward of the packaged block (reward from the system). The initiation of each transaction will charge the user a small fee, and these fees will be rewarded to the users who book the package. In the second reward, the system rewards the person who booked the package. In Nakamoto's paper where he wrote this system every ten minutes to generate a block, every block will generate a certain amount of reward Bitcoin. Since 2008, it has been 50 bitcoins, which will decay by half every four years. By analogy, the number of bitcoins obtained will decrease. We can calculate that there are approximately 21 million Bitcoins in the world based on this algorithm , so Bitcoin will become more and more difficult to mine over time .
4. Who is the so-called "center" in each block
(1). Obtain the power to pack through the workload proof mechanism
Satoshi Nakamoto also wrote in his paper that each user or node will compete for the power of bookkeeping through a proof-of-work mechanism. The first user that can be calculated for each block is the producer of the next block. The only way to select users through proof of work is to let users solve "mathematics" problems. This mathematical problem is based on the SHA256 algorithm , so the only way is to try one by one. Whoever gets the answer to this question first will be eligible for packaging. This is also known as the so-called mining .
(2).SHA256 algorithm
The Secure Hash (SHA) algorithm is a series of cryptographic hash functions issued by the National Institute of Standards and Technology as the U.S. Federal Information Processing Standard. SHA stands for Secure Hash Algorithm. SHA-1 and SHA-2 are two different versions of this algorithm. They differ in structure (the way the resulting hash is created from the original data) and the bit length of the signature. SHA-2 is regarded as the successor to SHA-1 because it is an overall improvement. First of all, people regard the position length as an important difference. SHA-1 is a 160-bit hash. SHA-2 is actually a "hash" series, and has various lengths, the most popular is 256-bit (SHA256), and the final output is a 256-bit binary number . The following is the pseudo code of the SHA256 algorithm:
Initialize hash values:
(first 32 bits of the fractional parts of the square roots of the first 8 primes 2..19):
h0 := 0x6a09e667
h1 := 0xbb67ae85
h2 := 0x3c6ef372
h3 := 0xa54ff53a
h4 := 0x510e527f
h5 := 0x9b05688c
h6 := 0x1f83d9ab
h7 := 0x5be0cd19
Initialize array of round constants:
(first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311):
k[0..63] :=
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
Pre-processing (Padding):
begin with the original message of length L bits
append a single '1' bit
append K '0' bits, where K is the minimum number >= 0 such that L + 1 + K + 64 is a multiple of 512
append L as a 64-bit big-endian integer, making the total post-processed length a multiple of 512 bits
such that the bits in the message are L 1 00..<K 0's>..00 <L as 64 bit integer> = k*512 total bits
Process the message in successive 512-bit chunks:
break message into 512-bit chunks
for each chunk
create a 64-entry message schedule array w[0..63] of 32-bit words
(The initial values in w[0..63] don't matter, so many implementations zero them here)
copy chunk into first 16 words w[0..15] of the message schedule array
Extend the first 16 words into the remaining 48 words w[16..63] of the message schedule array:
for i from 16 to 63
s0 := (w[i-15] rightrotate 7) xor (w[i-15] rightrotate 18) xor (w[i-15] rightshift 3)
s1 := (w[i- 2] rightrotate 17) xor (w[i- 2] rightrotate 19) xor (w[i- 2] rightshift 10)
w[i] := w[i-16] + s0 + w[i-7] + s1
Initialize working variables to current hash value:
a := h0
b := h1
c := h2
d := h3
e := h4
f := h5
g := h6
h := h7
Compression function main loop:
for i from 0 to 63
S1 := (e rightrotate 6) xor (e rightrotate 11) xor (e rightrotate 25)
ch := (e and f) xor ((not e) and g)
temp1 := h + S1 + ch + k[i] + w[i]
S0 := (a rightrotate 2) xor (a rightrotate 13) xor (a rightrotate 22)
maj := (a and b) xor (a and c) xor (b and c)
temp2 := S0 + maj
h := g
g := f
f := e
e := d + temp1
d := c
c := b
b := a
a := temp1 + temp2
Add the compressed chunk to the current hash value:
h0 := h0 + a
h1 := h1 + b
h2 := h2 + c
h3 := h3 + d
h4 := h4 + e
h5 := h5 + f
h6 := h6 + g
h7 := h7 + h
Produce the final hash value (big-endian):
digest := hash := h0 append h1 append h2 append h3 append h4 append h5 append h6 append h7
(3). SHA256 core algorithm code formed by C++ language
#pragma once
#ifndef SHA256_H
#define SHA256_H
#include <string>
class SHA256
{
protected:
typedef unsigned char uint8;
typedef unsigned int uint32;
typedef unsigned long long uint64;
const static uint32 sha256_k[];
static const unsigned int SHA224_256_BLOCK_SIZE = (512 / 8);
public:
void init();
void update(const unsigned char* message, unsigned int len);
void final(unsigned char* digest);
static const unsigned int DIGEST_SIZE = (256 / 8);
protected:
void transform(const unsigned char* message, unsigned int block_nb);
unsigned int m_tot_len;
unsigned int m_len;
unsigned char m_block[2 * SHA224_256_BLOCK_SIZE];
uint32 m_h[8];
};
std::string sha256(std::string input);
#define SHA2_SHFR(x, n) (x >> n)
#define SHA2_ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
#define SHA2_ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n)))
#define SHA2_CH(x, y, z) ((x & y) ^ (~x & z))
#define SHA2_MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z))
#define SHA256_F1(x) (SHA2_ROTR(x, 2) ^ SHA2_ROTR(x, 13) ^ SHA2_ROTR(x, 22))
#define SHA256_F2(x) (SHA2_ROTR(x, 6) ^ SHA2_ROTR(x, 11) ^ SHA2_ROTR(x, 25))
#define SHA256_F3(x) (SHA2_ROTR(x, 7) ^ SHA2_ROTR(x, 18) ^ SHA2_SHFR(x, 3))
#define SHA256_F4(x) (SHA2_ROTR(x, 17) ^ SHA2_ROTR(x, 19) ^ SHA2_SHFR(x, 10))
#define SHA2_UNPACK32(x, str) \
{ \
*((str) + 3) = (uint8) ((x) ); \
*((str) + 2) = (uint8) ((x) >> 8); \
*((str) + 1) = (uint8) ((x) >> 16); \
*((str) + 0) = (uint8) ((x) >> 24); \
}
#define SHA2_PACK32(str, x) \
{ \
*(x) = ((uint32) *((str) + 3) ) \
| ((uint32) *((str) + 2) << 8) \
| ((uint32) *((str) + 1) << 16) \
| ((uint32) *((str) + 0) << 24); \
}
#endif
5. Blockchain and Bitcoin security
Are blockchain and Bitcoin safe? How do they prevent forgery, tampering and double payment ? Identity authentication technology can be face recognition, signature, fingerprint, etc. in life. But once they are digitized, they can be forged by copying , so Bitcoin uses an electronic signature method. Electronic signature technology mainly uses asymmetric encryption . First, Bitcoin will generate a random number . This technology will generate a private key (only the user knows) through a random number and encrypt it with a private key, and then generate a public key (publicly available) through the private key , which can be decrypted by the public key. A public address will be generated, and users can conduct anonymous transactions through the address . The typical algorithm is RSA, and Bitcoin uses an elliptic curve encryption algorithm.
Conversion process
1、首先使用随机数发生器生成一个私钥,它是一个256位的二进制数。私钥是不能公开的,相当于银行卡的密码。 2、私钥经过SECP256K1算法生成公钥,SECP256K1是一种椭圆曲线加密算法,功能和RSA算法类似,通过一个已知的私钥,生成一个公钥,但是通过公钥不能反推出私钥。 3、同SHA256算法一样,RIPEMD160也是一种HASH算法,由公钥可以得到公钥的哈希值,而通过哈希值无法推出公钥。 4、将一个字节的版本号连接到公钥哈希头部,然后对其进行两次SHA256运算,将结果的前4字节作为公钥哈希的校验值,连接在其尾部。 5、将上一步的结果使用BASE58进行编码,就得到了钱包地址(相当于银行账户)。比如A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
(1). Solve forged transaction records
The figure shows the event that A gives B1 bitcoins. After obtaining the digest through the hash operation, the digest is encrypted with the private key to obtain the password. Due to the uniqueness of the private key, the digest is unique. Through broadcasting, the messages delivered by A are: A transfers to B 1 bitcoin, A's public key, and A's password.
Of course, we can assume that the message that A transferred 1 Bitcoin to B is false, and the digest 1 is obtained based on this hash operation. And using A's public key to decrypt the password to get Digest 2. At this time Digest 1 and Digest 2 are different. Obviously, "A gives B 1 bitcoin" is a forged message.
(2). Prevent tampering with transaction records
In order to prevent the occurrence of tampering events, the blockchain will protect the entire blockchain according to the longest chain principle :
When the block chain branches, that is, more than one person dug up the next block in nearly the same time, and the chain direction has branched. Generally speaking, the longest chain principle is used for selection. Suppose that user group A chooses to go on the chain to continue mining, and user group B chooses to go off the chain to continue mining. If group A digs out the next mine first and adds a new block to the chain, group B will continue mining after moving to the new block. Normally, the down chain is discarded.
That is to say, where there is a branch in the blockchain, it will compare the upper and lower chains who dig out the second block first (whose chain becomes the long branch first), keep the long chain, and give up the short chain.
Therefore, we can follow the longest chain principle. If someone wants to tamper with the information of a block on the blockchain, he must lead a branch at that block and create a new chain to make the new chain exceed the length of the original chain. That is, the computing power of the mining machine controlled by him alone exceeds the computing power of the remaining mining machines in the world (faster than anyone else). The probability of this realization is very small. For example, a person controls 90% of the mining machines in the world to tamper with the transaction records of a chain. Why doesn't he use so many mining machines to mine seriously?
(3). Prevent double payment transactions
When a double payment event occurs, for example, A has only 100 bitcoins, but at the same time broadcasts the message "A to B 100 bitcoins" (recorded as message b) and "A to C
100 bitcoins" (recorded as message c) , Group D receives message b first, and will not confirm message c. Similarly, if group E receives message c first, it will not confirm message b. At this time, it depends on which of the groups D and E can calculate the math problem first, the one who digs the mine first can write the confirmed message in the new block, while the other message is invalid.
Copyright statement
This article is the original content of J0hn except the referenced content below , and the final interpretation right belongs to the original author. If there is any infringement, please contact to delete. Without my authorization, please do not reprint it privately!
6. Reference materials
[1]. BMoney http://www.weidai.com/bmoney.txt
[2]. Wikipedia https://en.wikipedia.org/wiki/Bitcoin
[3]. Wikipedia https://en.wikipedia.org/wiki/SHA-2
[4]. Wikipedia https://en.wikipedia.org/wiki/Blockchain
[5]. Youtube https://www.youtube.com/watch?v=g_fSistU3MQ&t=11s
[6]. BitcoinOrg https://bitcoin.org/bitcoin.pdf