Vector Databases 101 - An introduction to the world of Vector Databases
Decentralized Digital Currency Bitcoin Explained
1. The world’s first decentralized digital currency
Ron Gross
ron.gross@bitcoil.co.il
Adapted from slides by Meni Rosenfeld
meni@bitcoil.co.il
1
2. Adoption (March 2013)
“Market capitalization”: $500M
Users: ~ 150-200K
Bitcoin-accepting businesses: > 3000, including
Wordpress.com
Reddit.com
Namecheap
…
Donations: Wikileaks, Internet Archive, xkcd…
Academic research: WIS (Adi Shamir), Microsoft, Cornell, ETH Zurich…
Reports: FBI, European Central Bank…
2
3. Bitcoin is a currency
Facilitates the trade of one good for another
Has all properties of a currency
Does not need to have “intrinsic” value
The value is determined by supply and demand
3
4. Bitcoin is digital
Ownership of bitcoins is digital information
Typically used on the internet
But not only
(e.g. smartphones / physical bitcoins)
Based on cryptography
4
5. Bitcoin is decentralized
No company “Bitcoin Ltd.”
No central issuer or controller
Based on a public protocol
A p2p network of nodes running open source software
Multiple parties are each “doing their own thing”
5
6. Bitcoin is the first!
Plenty of physical currencies (commodities)
Gold, silver, seashells, rocks …
Plenty of centralized digital currencies
PayPal, WebMoney, e-gold, WoW gold, Second Life, …
Bitcoin is the first decentralized digital currency
Invented in 2008 by “Satoshi Nakamoto”
6
7. How to use?
Install one of the open-source clients
Client generates “addresses”, which are like bank accounts
e.g. 1BBsbEq8Q29JpQr4jygjPof7F7uphqyUCQ
To receive bitcoins, let the sender know your address
To send bitcoins, specify receiving address and amount,
and click “send”
7
8. Why?
No need for 3rd party
Easy to send and receive money
Almost no fees
No single point of failure
8
9. Why?
Limited supply – no arbitrary printing of money
No chargebacks
International
Pseudonymous
9
10. Numbers
Max money supply = 21 million BTC
Currently, 11 million
Each bitcoin is currently worth roughly $45
Bitcoins can be specified with 8 decimal places
2.1 1015 atomic units (“satoshis”)
0.003 BTC per person alive today
Monetary inflation rate is decaying exponent
10
14. Public key cryptography
Every user has a private key and a public key
Public key is uniquely determined by the private key
Virtually impossible to compute private key from public key
Can be used for encryption and digital signatures
14
15. Digital signatures
User wants to send a message and prove that he wrote it
Gets (message, private key) and computes a signature
Recipient verifies the signature using the known public key
Only the user who possesses the private key can sign
Examples: RSA, ECDSA
15
16. Hash functions
Example: SHA-256
Transforms any data to a 256-bit number
Any input change significantly alters the output
Very hard to reverse
The hash output behaves like a random function
16
17. Bitcoin system components
A transaction structure for managing ownership
A p2p network for propagating, verifying and storing
transaction data
A proof-of-work system (hashing, “mining”) for:
Synchronizing transactions
Determining initial distribution of coins
17
18. Coins
The fundamental building block of Bitcoin is a “coin”
A coin is characterized by:
Unique ID
Quantity (denomination) – arbitrary number with 8 decimal places
Owner
6.3
2.4
18
19. Coins
Coins can be split and merged
If Alice wants to send bitcoins to Bob, she will merge some
of her coins and split the result between her and Bob
6
2
2.5
8.5 1.5
7
19
20. Transactions
The owner of a coin is identified by an “address”
Each address is associated with a private key
To send a coin, the owner signs a message
“this coin now belongs to address XYZ”
The process is is called a “transaction”
20
22. Transaction rules
Inputs are “unspent outputs” of previous TX
Total coins in <= Total coins out
Voluntary TX fee = Coins In – Coins Out
Miners include a special “generating TX”
22
24. Problem: Double spending
Using the same coin to pay 2 different recipients
No agreement on who is the “true” recipient
One recipient will be out of his coins
Some way to enforce ordering is needed
Traditional solution: Central authority
Prior decentralized solutions have vulnerabilities
The first working decentralized solution is the blockchain
24
25. Preventing double spends
Suppose there was just one coin
Two conflicting transactions:
Only one transaction will be accepted
Doesn’t matter which one (if everyone agree eventually)
25
26. Solution: The blockchain
Transactions are grouped into blocks
Blocks are confirmed with proof of work (= hashing)
A transaction is final if it is included in a block
Each block references a previous block to form a chain
In case of conflict: the TX with more confirms wins
26
31. Failure
Bitcoin is hacked
Bitcoin is outlawed / over-regulated
People lose interest
…
Value drops close to $0
31
32. Stagnation
Usage remains at current levels / drops
Remains “the geek currency”
Value stabilizes somewhere in $1-100
32
33. Bitcoin Wins!
Network effect keeps Bitcoin in the lead
More business and users accept it
Fiat currencies inflate to zero value
Bitcoin becomes 1-100% of the world’s market
1 BTC > $10,000-100,000
33
35. Thank you
Meni Rosenfeld
meni@bitcoil.co.il
https://bitcoil.co.il
1DdrvajpK221W9dTzo5cLoxMnaxu859QN6
Ron Gross
ron@bitcoil.co.il
http://ripper234.com/
1dTGdZcckzX5cdjigZBzwFtuWmio2jtWa
35
Notas do Editor
Bitcoins are valuable objects that can be owned and sent. As such they can act as a medium of exchange – one can work or offer goods and services and get bitcoins in return, and then use those bitcoins to pay for the goods and services he needs.
Data on ownership is stored by every computer on the network. For an individual to claim ownership of his coins (and send them to another party) he needs a piece of information called a “private key”. Private keys are typically stored on a computer and handled by a client software, but they can be stored anywhere – e.g., paper wallets and physical bitcoins.
Satoshi Nakamoto published the Bitcoin whitepaper (http://bitcoin.org/bitcoin.pdf) in 2008, and probably started working on it in 2007. The first version of the client software started running in January 2009.
There are many software clients available following the Bitcoin protocol, all of them free open-source software (though nothing in principle prevents a proprietary software adhering to the protocol). The standard software is available at http://bitcoin.org/.There are also web wallets and hybrid wallets.When the software is run it generates (using the machine’s pseudo-random number generator) ECDSA private-public key pairs and stores them locally. The private keys are used to claim coins sent to the associated addresses.
Bitcoins can be stored and sent without needing a bank or services like PayPal or a credit card, allowing a more autonomous existence and protecting from deficiencies in the quality of such services.Sending an receiving can be done with the click of a button – no need to fill out forms or apply for merchant accounts.Fees are currently up to half a cent per transaction, and in the future shouldn’t be much higher than the marginal resource cost.There is no single entity which could create a loss of service by failing.Unlike traditional payment solutions, payment is based on digital signatures rather than passwords (which need to be shared). Additional security can obtained with wallet backups, multi-signature transactions and so on.Total number of bitcoins is capped at 21 million rather than being inflatable arbitrarily. This makes them a viable long-term store of value.Bitcoin payments cannot be reversed by fraudulent buyers; merchants no longer need to worry about fraud, allowing them to lower their prices.Not being beholden to any country, they can be used internationally – adding stability, and obviating the trouble and significant costs of currency conversion.Consequently, they can be used as a stable medium of exchange for countries with a weak economy and start-up countries.Users on the Bitcoin network are identified by addresses, which needn’t be linked to their identities. This allows maintaining privacy and resisting oppressive regimes.All transactions are recorded in the public pseudonymous blockchain, thus there can be no conflict whether a payment was sent or not.Bitcoin can be used in various advanced applications – smart property, assurance contracts, escrow, off-chain transactions, colored coins and so on. The technology can be used for other decentralized applications, such as the alternative DNS system Namecoin.
Bitcoins can be stored and sent without needing a bank or services like PayPal or a credit card, allowing a more autonomous existence and protecting from deficiencies in the quality of such services.Sending an receiving can be done with the click of a button – no need to fill out forms or apply for merchant accounts.Fees are currently up to half a cent per transaction, and in the future shouldn’t be much higher than the marginal resource cost.There is no single entity which could create a loss of service by failing.Unlike traditional payment solutions, payment is based on digital signatures rather than passwords (which need to be shared). Additional security can obtained with wallet backups, multi-signature transactions and so on.Total number of bitcoins is capped at 21 million rather than being inflatable arbitrarily. This makes them a viable long-term store of value.Bitcoin payments cannot be reversed by fraudulent buyers; merchants no longer need to worry about fraud, allowing them to lower their prices.Not being beholden to any country, they can be used internationally – adding stability, and obviating the trouble and significant costs of currency conversion.Consequently, they can be used as a stable medium of exchange for countries with a weak economy and start-up countries.Users on the Bitcoin network are identified by addresses, which needn’t be linked to their identities. This allows maintaining privacy and resisting oppressive regimes.All transactions are recorded in the public pseudonymous blockchain, thus there can be no conflict whether a payment was sent or not.Bitcoin can be used in various advanced applications – smart property, assurance contracts, escrow, off-chain transactions, colored coins and so on. The technology can be used for other decentralized applications, such as the alternative DNS system Namecoin.
The smallest denomination of Bitcoin with the current protocol is a “satoshi”, equal to 10^(-8)bitcoins. Each bitcoin can be divided to 100 million satoshis. Unlike the association of “coins” may suggest, satoshis aren’t accounted for individually – a transaction specifies how many satoshis are to be sent as an integer variable.When people first hear about Bitcoin, a common reaction is “21 million bitcoins aren’t enough”. But since bitcoins are divisible essentially infinitely, this is not an issue at all and the number 21 million is completely arbitrary.Illustration of inflation rate and price history are on the next slides.
Half of the total 21 million bitcoins (10.5 million) are to be created within the first (roughly) 4 years, at a constant rate (roughly 7200 per day); then the creation rate is halved, so that half of the remaining coins (5.25 million) are to be created within the next 4 years (at a rate of 3600 per day); and so on.
The exchange rate was about half a cent per BTC in May 2010. Mtgox trading started at July 2010 at a rate of $0.05. By March 2011 it was around $1, and from April quickly climbed up to the all-time high of $32 on June 8, 2011. Then it declined to $2 in November 2011, stayed around $5 from March to June 2012, and as of November 2012 is around $12.The exchange rate is very volatile – a change of 20% within a day is considered normal.
This is just an incomplete description of the spirit of transactions. More accurate details are to follow.
As explained in the next slide, a transaction is a collection of inputs and outputs. An output specifies a receiver and amount. An input is a reference to some unspent output of an earlier transaction. The transaction hash must be digitally signed by the private key corresponding to each input.The fundamental unit of account in Bitcoin is an output. Contrary to popular myth, transaction inputs don’t reference addresses, they reference outputs. “Having X bitcoins” really means “there are unspent outputs which I can authorize in a transaction because I have the corresponding private key, with a total value of X bitcoins between them”.The requirement of having digital signatures means you can authorize a payment without handing out the data needed to authorize payments.
Each computer with the standard software installed is a node in the peer-to-peer network, receiving transaction data from other nodes, verifying it, storing it, and propagating it to other nodes.The standard software also acts as a wallet: Generates private keys and associated addresses, and uses the keys to sign transactions to send coins received to these addresses.
This is a synchronization problem. It doesn’t matter which transaction (in a conflicting pair) is considered valid, as long as some transaction is eventually chosen, everyone agrees on this transaction, and it is clear when we can be sure that the decision is final.One naïve solution is that each node will consider the first transaction (in a conflicting pair) as valid, unless it is convinced to switch by a majority vote. However:Every node is connected to a different subset of nodes, and thus different nodes will see a different majority.As such, there is no guarantee of convergence – the network could stagnate in a fork or oscillate.Identifying yourself as a node is cheap – an attacker could run many nodes and distort the decision.Even without many nodes, an attacker can influence nodes with a “divide and conquer” approach – isolating nodes one by one and causing them to flip.In one variant, a node will cement its choice and not agree to switch it after some time has passed. This alleviates some of these problems, but intensifies others. An isolated node which cemented on a transaction other than the rest of the network will be forever stuck on the wrong version, not changing even after being exposed to the larger network. Also, it is impossible for a new node joining the network to get an accurate history of what earlier transpired.“Proof of stake” is a family of proposals which give synchronization power to holders of bitcoins. These methods, however, also rely on Bitcoin’s hash-based blockchain.
Every block includes a list of transactions, organized in a “Merkle Tree” which results in a Merkle root. The block header contains the version number, hash of the previous block in the chain, Merkle root, timestamp, hash target (expressed in “bits” format), nonce and an unused tx count.The SHA-256 hash of the block header is the block hash which identifies it. The hash must be lower than the target for the block to be valid.
In principle, an attacker with less than 50% of the network hashrate can try to establish an alternative history, but his probability of success becomes lower the more subsequent blocks in the chain there are. The standard clients considers 6 confirmations (5 blocks after the block which includes the transaction) to be sufficient to make the probability of success of an attacker with typical hashrate to be very low. Since “typical hashrate” and “very low” are ill-defined, this number is completely arbitrary.The more computational resources are dedicated to hashing according to protocol, the harder it is for attackers to perform a hashrate-based attack, and hence the more secure the network.
Since Bitcoin is digital and decentralized, the initial distribution of coins must be computational and internal – it cannot refer to “outside world” things such as ID numbers, as there is no service authorized to verify them. Distribution according to the amount of computational work done is pretty much the only objective and robust method.The same work done for synchronizing transactions, is used for determining the initial distribution. It is not mandatory that these two issues are married, but it is natural and efficient. It provides an incentive for people to secure the network during its early stages.As time goes by, less new bitcoins are generated per block and rewarded to miners, and transaction fees paid by users will be required to incentivize keeping the network secure. The dynamics of that era are an interesting open problem.
Since Bitcoin is digital and decentralized, the initial distribution of coins must be computational and internal – it cannot refer to “outside world” things such as ID numbers, as there is no service authorized to verify them. Distribution according to the amount of computational work done is pretty much the only objective and robust method.The same work done for synchronizing transactions, is used for determining the initial distribution. It is not mandatory that these two issues are married, but it is natural and efficient. It provides an incentive for people to secure the network during its early stages.As time goes by, less new bitcoins are generated per block and rewarded to miners, and transaction fees paid by users will be required to incentivize keeping the network secure. The dynamics of that era are an interesting open problem.
Since Bitcoin is digital and decentralized, the initial distribution of coins must be computational and internal – it cannot refer to “outside world” things such as ID numbers, as there is no service authorized to verify them. Distribution according to the amount of computational work done is pretty much the only objective and robust method.The same work done for synchronizing transactions, is used for determining the initial distribution. It is not mandatory that these two issues are married, but it is natural and efficient. It provides an incentive for people to secure the network during its early stages.As time goes by, less new bitcoins are generated per block and rewarded to miners, and transaction fees paid by users will be required to incentivize keeping the network secure. The dynamics of that era are an interesting open problem.
Since Bitcoin is digital and decentralized, the initial distribution of coins must be computational and internal – it cannot refer to “outside world” things such as ID numbers, as there is no service authorized to verify them. Distribution according to the amount of computational work done is pretty much the only objective and robust method.The same work done for synchronizing transactions, is used for determining the initial distribution. It is not mandatory that these two issues are married, but it is natural and efficient. It provides an incentive for people to secure the network during its early stages.As time goes by, less new bitcoins are generated per block and rewarded to miners, and transaction fees paid by users will be required to incentivize keeping the network secure. The dynamics of that era are an interesting open problem.