# Blockchain Notes ## 期中考範圍 Chapter 1 ### Security Objectives * CIA triad * Confidentiality: * **Data Confidentiality** * Shield data from all unauthorized parties • Is achieved through data encryption • Shield data from unauthorized parties who are differentiated on the basis of access right * **User Confidentiality** * There is reason to expect that a user remains unidentifiable • Ensure untraceability • Ensure unlinkability * Integrity * Data integrity is concerned with ensuring that data are not tampered * Availabitity * Data and online services are of no use if they are not available when authorized users need them * addtional two * Authentication * Authentication extends to both data authentication and user authentication * **Data authentication** • Verify that the origin of a piece of data is what it claims to be * **User authentication** • Verify that a user is whom they claim to be * Accountability * Thwart a user from falsely denying that they have sent or received a particular communication • Similar to the concept of non-repudiation ### Properties of hash functions (6 points) * Deterministic: Same input always get the smae output * Variable-length input fixed-length output * avalanche effect: 雪崩效應 * Pre-image resistance: Get only hash value is computationally infeasible to find what the input is * Seconde pre-image resistance: give input and hash, there is computationally infeasible to find anoth different input that produces the same hash * Collision resistance: computationally infeasible to find two different inputs that produce the same hash value ### Distributed Ledger Technology(DLT) 分散式帳本 * Define: DLT is a method of record-keeping whereby every person involved in the record-keeping possesses a copy of the ledger * DLT is a method of record-keeping whereby every person involved in the record-keeping possesses a copy of the ledger ### Merkle Hash Tree * is a complete binary tree * using bottom-up construction, all leaf nodes are transactions * ### Proof of Work The proof-of-work (PoW) consensus algorithm in Bitcoin requires miners to vary the 32-bit nonce and iteratively calculate the block header hash until the resulting hash satisfies the difficulty target ### Digital Signature * Digital signature achieves user accountability, data authentication and integrity protection * Signing requires the signer’s message and private key * Verifying requires the verifier to perform the arithmetic comparison using the signer’s public key, message, and digital signature ### RSA vs ECDSA(Elliptic Curve Crytography) * Elliptic Curve Digital Signature Algorithm (ECDSA) is adopted in Bitcoin and widely used in the blockchain system * RSA: N=p*q r=(p-1)(q-1), 選一個e<r 且 e與r互質 d = e相對於r的模逆元 n=plain text 轉換後的數字 c=plain text 加密後的秘文 (N, e) 公鑰 (N, d) 私鑰 加密: c = n^e mod N 解密: n = c^d mod N ### P2PKH vs P2SH * P2PKH: Pay to Public Key Hash: The act of specifying the receiver’s public key hash in a bitcoin transaction is a mechanism called “Pay to Public Key Hash (P2PKH) ### Public key infrastructure(PKI): 公開金鑰基礎建設架構 * A certificate is a digital document that serves as proof that a particular public key belongs to a specific user (the subject) ### Privacy(以下兩種方法解決) #### Coinjoin **Define:** A trustless method that allows multiple bitcoin spenders to come together and mix their input and output, so that observers cannot easily trace how they are spending their bitcoin #### Zero-Knowledge Proofs **Define:** 不提供任何有關訊息的資料，但仍然可以說服對方該筆訊息是正確的。 Such proofs have three properties: 1. Completeness. If the prover is honest, the prover will eventually convince the verifier 2. Soundness. The prover can only convince the verifier if the statement is true 3. Zero-knowledge. The verifier learns nothing about the statement aside from the fact that it is true ## 期末考範圍(Chapter2, 3, 4) ### Chapter2 **Consensus for Blockchain and Distributed Ledger Technologies** #### Consensus Algorithm For consensus algorithms to achieve the objective to maintain a validblockchain ledger, it needs to be able to do the following * If bad actors try to broadcast invalid transactions, they should be ignored by the good nodes and not included in the ledger * When bad nodes try to mine a block with invalid or fraudulent transactions, the majority of the network should agree not mine on top of it #### Network fault tolerance The consensus algorithm is the set of rules that the nodes (or “generals”) have to follow * A. All good nodes have to agree on the same plan of action (whether a transaction is valid) a. All good nodes will follow the rules set by the consensus algorithm; check the ledger history to ensure that a transaction is valid before putting on the ledger. Bad nodes can do what they want such as work together to invalidate legitimate transactions or validate double-spent transactions (by invalidating the first transaction) b. The consensus algorithm must guarantee A no matter what the bad nodes do * B. As long as the number of bad nodes is small enough, the good nodes will not adopt an invalid transaction * The algorithm can ensure correct operation only if fewer than one-third of the processes are faulty → **n>=3m+1**(𝑛 is the number of generals in the system;𝑚 is the number of traitors) * A malicious actor needs to control around 50% of the network to successfully launch a Byzantine attack on a PoW network * In general, there are two fundamental stages to a BFT system: 1. **Agreement** • Nodes agree on what should be done • Each consensus algorithm has its way for the majority of the nodes to reach an agreement • Once the outcome is agreed upon, it moves on to the execution stage and puts the outcome on the ledger 2. **Execution** #### Consensus for Trustless Blockchains * Proof of Work(PoW) * competitive * **Steps** * Receive new broadcasted transactions and check them against the ledger to ensure that they are legitimate (sender has signed the transaction and sender address has enough balance) * Discard the transaction if it is invalid * Package legitimate transactions into the current block * Attempt to mine the block * If successful, broadcast the mined block to the network. Start again from Step 1 and mine on top of the block you just created * If not successful (next block is broadcasted before yours), check that the new block broadcasted is valid, go back to Step 1 and mine on top of the new block * Proof of Stake(PoS) * competitive * Delegated Proof of Stake(DPoS) * competitive * Proof of Weight * Proof of Believability (PoB) * Proof of Space (PoSpace) * Proof of Importance(PoI) * Proof of Burn(PoB) * random selection process * The more you burn, the higher the chance of being selected to mine the next block * This method also does not address the fairness issue; those with money to “burn” have higher chances of mining #### Consensus for Trusted Blockchains * Proof of Authority (PoA) * Validation is done by approved accounts called **validators** * 選出 Validator 三特點 * It must be a verified identity that links the node to **real world identity** * It must be difficult to become a validator * There must be complete **uniformity** in the checks and procedures for establishing an authority * Usually used in private and permissioned blockchains * Proof of Reputation(PoR) * a potential validator needs to pass verification and prove their reputation * Existing validators may vote on the eligibility of the new entrant or a weighted matrix may be used to decide * Usually used in private and permissioned blockchains * Proof of Elapsed Time (PoET) * Practical Byzantine Fault Tolerance (PBFT) * One of the first solutions proposed for the Byzantine Generals Problem * There is a **leader node** in a PBFT system, and all other nodes are backup nodes * Every node will communicate with each other to come to agreement on the state of the system using **majority voting** * The number of malicious nodes cannot exceed **one-third** of the system * Is usually only used in permissioned networks as there is no incentive mechanism to prevent untrusted malicious nodes from joining the network and making up the majority #### Hybrid Blockchain Networks * Delayed Proof of Work (dPoW) * Directed Acyclic Graphs (DAGs) * DAGs are generalized forms of blockchain and can be applied to **both trusted and trustless** networks * The DAG structure allows transactions to be **added in a parallel fashion**, making it highly scalable * Although deemed be the next-generation blockchain structure, one of the main issues of DAGs is that smart contracts are usually implemented via oracles and not be directly deployed on chain * Tangle(DAG consensus) * Hashgraph ### Chapter3 **Smart Contracts** #### Smart Contracts Def: * Be proposed as a means to embed contractual clauses into digital assets * For smart contracts to be useful for digital assets, **transparency** and **trust** are needed between contractual parties * Smart contracts are **stateful decentralized applications** that are stored in the Ethereum blockchain for later execution by the EVM #### Decentralized APP #### ERC-20(Ethereum request for comment, 20 stands for unique ID) * The Token rules or standard * ERC-20 tokens follow a list of rules so that they can be shared, exchanged for other tokens or transferred to a crypto-wallet; these are defined in the ERC-20 Interface * The ERC-20 standard consists of three optional rules and six mandatory rules * Mandatory rules: * totalSupply * balanceOf * Transfer * transferFrom * approve * allowance * Optional rules: * Token Name * Symbol * Decimal (up to 18) ### Chapter4 **元宇宙 & NFT** #### 元宇宙的7層構成要素 * 第一層 體驗層 元宇宙既不是三維的，也不是二維的，而是對現實空間、距離及物體的「非物質化」，現實生活中無法實現的體驗在元宇宙中都會變得觸手可及。 * 第二層 發現層 聚焦於將人們吸引到元宇宙的方式 * 主動發現機制: 使用者自發找尋，元宇宙的重要價值體現於在共有體驗基礎上的玩家之間的雙向互動 * 被動輸入機制: 使用者並無確切需求、沒有發起選擇時推薦給使用者 * 第三層 創作者經濟層 未來在元宇宙中，借助更多樣化的設計工具，創作者可以完成更多樣的創作，透過元宇宙中的資產市場進行交易，從而獲得收益。 * 第四層 空間計算層 軟體演算法能把人或物轉化為數位地圖，建立一個可量化、可操縱的數位世界，這為混合現實、虛擬計算提供了解決方案，而消除現實世界和虛擬世界之間的障礙。 * 第五層 去中心化層 * 元宇宙是個去中心化的世界，每個人都可以在這個世界裡自由、無限地創作內容 * 誰在元宇宙中創造的價值多，誰就會獲得更多的回報 * 對於自己創作的內容，創作者擁有獨立的資料主權 * 區塊鏈技術將為元宇宙的去中心化運作提供支援 * 第六層 人機互動層 微型裝置與人類軀體的結合將更加緊密，Augmented Reality(AR)/Virtual reality(VR)。 * 第七層 基礎設施層 括支援人們進入元宇宙的設備，以及將現實世界和虛擬世界連接到網路並提供內容的技術，例如更小的硬體設備、更快且低延遲的網路、持久耐用的電池。 #### 元宇宙四大核心屬性 * 同步和擬真 現實世界中產生的一切活動都將同步到虛擬世界中，同時，使用者在虛擬世界中進行互動也能得到真實的回饋資訊。 * 開源和建立 技術、資料的開源，借助各種標準和協定將程式碼進行封裝和模組化，使用者可依據自己的需求進行建立，豐富虛擬世界，不斷擴展元宇宙邊界。 * 持續性 從時間角度來講的，若把元宇宙比作一個遊戲，那麼它就是一個「永不結束的遊戲」，既不隨著某個營業公司的消亡而消亡，也不會因為某個國家的消亡而消亡。 * 循環經濟系統 使用者可以在元宇宙中工作賺錢，使用虛擬貨幣來消費，也可以將其兌換為現實世界中的貨幣，經濟系統是驅動元宇宙不斷發展的引擎。