what’s in a bitcoin (blockchain) transaction?jedinnovate.com/wp-content/uploads/2019/02/fbb... ·...

What’s in a Bitcoin (Blockchain)

Transaction? FinTech – Blockchain (Beginners)

Topics covered

Digital signatures

UTXO

Blockchain Wallets

UTXO vs Account Based

Digital signatures are unique to the signer and are created by utilising three algorithms: • A key generation algorithm, providing a private and public

key • A signing algorithm that combines data and private key to

make a signature • An algorithm that verifies signatures and determines

whether the message is authentic or not based on the message, the public key and signature

The key features of these algorithms are: • Making it absolutely impossible to work out the private key

based on the public key or data that it has encrypted • Ensuring the authenticity of a signature based on the

message and the private key, verified through the public key

Public / Private Keys & Signing

https://lisk.io/academy/blockchain-basics/how-does-blockchain-work/digital-signatures

Demo • https://anders.com/blockchain/public-private-

keys/keys.html

Public / Private Keys & Signing

• Multisignature, sometimes shortened to multisig, is a digital signature scheme with the requirement of more than one signee to approve a transaction

• Multisigs are used by many cryptocurrencies as a means of improving security as well as dividing the ability to make decisions between more than one party

• The number of potential signees and required number of signatures is agreed at the beginning, when the address is created

MultiSig


• For example, with multisignature you can create a 2-of-3 escrow service, meaning that in order to approve a transaction two out of three parties are required to be in agreement to do so

• A perfect example of where this could be useful is a savings account for a child, wherein both the child and at least one of the parents need to agree how the money is spent

• This also leaves the option of any major decision being solely made by the parents, as long as they are both in agreement

• Multisignature can be created in countless combinations (3-of-3 escrow service, 2-of-5 escrow service, etc) and are just as suited to smaller transactions as they are to uses by large companies

• An example of this would be a 5-of-9 escrow system created by the board of a large company

• In order to validate any large transaction, a majority of the board would have to agree to it

MultiSig


• UTXO, unspent transaction output, is a list of “unspent” Bitcoin amounts that have been sent to a user but not yet sent from him/her

• The sum of these outputs is the user’s total balance • On the blockchain, they appear to be a collection of

Bitcoin amounts on different addresses, and the role of a wallet is to identify which addresses the user has keys to

• Individual Bitcoin are easy to track because they are signed from one person to another

• A transaction is valid if one can prove ownership over the actual Bitcoin s/he is trying to send

UTXO

https://www.smithandcrown.com/definition/unspent-transaction-outputs-utxo/

• Each UTXO has an owner and a value • A transaction spends one or more UTXO and creates

one or more new UTXO A transaction is valid if: • Every referenced input must be valid and not yet spent • The transaction must have a signature matching the

owner of the input for every input • The total value of the inputs must equal or exceed the

total value of the outputs

UTXO

https://github.com/ethereum/wiki/wiki/Design-Rationale#accounts-and-not-utxos

• The UTXO system is like a digital recreation of a cash economy

• Alice gives Bob 1 BTC , and the system now recognizes that there is 1 BTC signed to Bob that he hasn’t yet given to anyone else

• If Bob had already had 1 BTC, then his balance on the blockchain would be 1 BTC + 1 BTC

• Bob’s Bitcoin balance is the sum of all bitcoin signed to him, similar to how all the fiat cash in Bob’s leather wallet is the sum of all fiat cash given to him

• If he wants to combine his two separate BTC, he must do so in another transaction, much like he needs to do if combining two $5 bills into a $10 bill

UTXO


• Blockchain wallet is a computer program that manages cryptocurrency

• Remember that there is no physical cryptocurrencies, a blockchain wallet is not the same as a physical wallet

• Blockchain wallets are more like email accounts • You can store and receive cryptocurrencies like emails • If someone sends you cryptocurrency, it means it is assigned

to the address of your blockchain wallet but recorded in a distributed ledger

Blockchain Wallets

https://blog.softwaremill.com/what-is-a-blockchain-wallet-bbb30fbf97f8

• The number of blockchain wallets has reached over 31.9 million users at the end of 2018

Blockchain Wallets

https://www.statista.com/statistics/647374/worldwide-blockchain-wallet-users/

• You need a place to securely store your records of transactions along with the private key that enables your identification in distributed network

• Your private key acts as a personal digital signature and if a record is altered, the signature will become invalid

• When the transaction is being processed your private key in your wallet must match the public key that the currency is assigned to

• When both the keys match, the ownership of the currency is signed off to your wallet’s address

• The transaction is recorded on a blockchain network and the balance appears in your wallet

Blockchain Wallets


Desktop wallet • Desktop wallet is installed on your PC or laptop • This option is usually safer than web wallets that run in

the cloud • Better choice if you don’t plan to access your wallet

anywhere, all the time • However, you should make sure your machine has a

proper antivirus software installed and that you update your blockchain status by connecting to the network when needed

Blockchain Wallets


Mobile wallet • This is light versions of wallets, suitable to download

and install on a smartphone or tablet • It can work seamlessly, however it depends on other

nodes in the process of verification of transactions • On the contrary full wallet versions verify transactions

themselves Online wallets • Wallets run on the cloud and are accessible from any

computing device in any location • While they are more convenient to access, online

wallets store your private keys online and are controlled by a third party which makes them more vulnerable to hacking attacks and theft

Blockchain Wallets


Cold Storage Hardware wallets • Hardware blockchain wallets can be disconnected from the internet

and can sign transactions without being online, but they are not a good choice when you want to use them frequently or on the go

Paper Wallets • Easy to use and provide a very high level of security • While the term paper wallet can simply refer to a physical copy or

printout of your public and private keys, it can also refer to a piece of software that is used to securely generate a pair of keys which are then printed

• Using a paper wallet is relatively straightforward • Transferring Bitcoin or any other currency to your paper wallet is

accomplished by the transfer of funds from your software wallet to the public address shown on your paper wallet

• Alternatively, if you want to withdraw or spend currency, all you need to do is transfer funds from your paper wallet to your software wallet

• This process, often referred to as ‘sweeping,’ can either be done manually by entering your private keys or by scanning the QR code on the paper wallet

Blockchain Wallets


Multi-currency or single use? • Although Bitcoin is by far the most well-known and

popular digital currency, hundreds of new cryptocurrencies (referred to as altcoins) have emerged, each with distinctive ecosystems and infrastructure

• If you’re interested in using a variety of cryptocurrencies, the good news is, you don’t need set up a separate wallet for each currency

• Instead of using a cryptocurrency wallet that supports a single currency, it may be more convenient to set up a multi-currency wallet which enables you to use several currencies from the same wallet

Blockchain Wallets

https://blockgeeks.com/guides/cryptocurrency-wallet-guide/

http://blockgeeks.com/guides/how-to-buy-bitcoin/

http://blockgeeks.com/guides/what-is-cryptocurrency/

• Wallets are secure to varying degrees • The level of security depends on the type of wallet you use

(desktop, mobile, online, paper, hardware) and the service provider

• A web server is an intrinsically riskier environment to keep your currency compared to offline

• Online wallets can expose users to possible vulnerabilities in the wallet platform which can be exploited by hackers to steal your funds

• Offline wallets, on the other hand, cannot be hacked because they simply aren’t connected to an online network and don’t rely on a third party for security

• No matter which wallet you use, losing your private keys will lead you to lose your money

• If your wallet gets hacked, or you send money to a scammer, there is no way to reclaim lost currency or reverse the transaction

Wallet Security


• Backup your wallet • Store only small amounts of currency for everyday use online, on your

computer or mobile • Keep the vast majority of your funds in a high security environment • Cold or offline storage options for backup will protect you against

computer failures and allow you to recover your wallet should it be lost or stolen

• It will not, however, protect you against eager hackers • If you use an online wallet there are inherent risks that can’t always be

protected against • Update software

• Keep your software up to date so that you have the latest security enhancements available

• You should regularly update not only your wallet software but also the software on your computer or mobile

• Add extra security layers • The more layers of security, the better • Setting long and complex passwords and ensuring any withdrawal of

funds requires a password is a start • Use wallets that have a good reputation and provide extra security layers

like two-factor authentication and additional pin code requirements every time a wallet application gets opened

• You may also want to consider a wallet that offers multisig transactions

Wallet Security


• Are cryptocurrency wallets anonymous? • Wallets are pseudonymous • Data like your wallet address could be traced to your

identity in a number of ways • Exchanges will require you to be identified to trade with

them

Wallet Privacy


How to choose the best blockchain wallet for your needs? • If you’re an individual user you can choose a blockchain

wallet based on your preferences on how often you’d like to interact with blockchain protocols and what safety level fits your individual needs

• Do you need a wallet for everyday purchases or just buying and holding digital currency for an investment?

• Do you plan to use several currencies or one single currency? • Do you require access to your digital wallet from anywhere or only

from home? • For businesses using blockchain or including

cryptocurrencies in their business • Every transaction that takes place on your blockchain, whether it’s

just mining or executing a type of smart contract, are visible and managed in a blockchain wallet

• You might need a dedicated wallet for your blockchain project • Providing a seamless experience for end-users or customers • Avoiding fees present in existing blockchain wallets • Meeting the highest safety standards

Blockchain Wallets


• Ethereum uses an account model, which stores information about a user’s entire balances

• Other users send tokens to and from their own accounts • Individual ETH are more difficult to track because they are added

and subtracted to user balances • A transaction is valid if one can prove ownership over the account

and the account’s balance is high enough to support it

• The account model is like a bank account that automatically maintains user balances, similar to how a bank maintains a single balance amidst spending and receiving funds

• When Alice gives Bob 1 ETH, the system now recognizes that Bob’s balance has gone up by 1 ETH and Alice’s has gone down

• If Bob already had 1 ETH, then his balance on the blockchain would be 2 ETH

• He doesn’t need another exchange to combine them in his account

Account based


• The benefits of UTXOs are: • Higher degree of privacy

• If a user uses a new address for each transaction that they receive then it will often be difficult to link accounts to each other

• This works well for cryptocurrencies but not so much for smart contracts keeping track of data

• Potential scalability paradigms • UTXOs are more theoretically compatible with certain kinds

of scalability paradigms, as we can rely on only the owner of some coins maintaining a Merkle proof of ownership, and even if everyone including the owner decides to forget that data then only the owner is harmed

• In an account paradigm, everyone losing the portion of a Merkle tree corresponding to an account would make it impossible to process messages that affect that account at all in any way, including sending to it

UTXO vs Account based


• The benefits of accounts are: • Large space savings

• One account instead of multiple UTXOs • Transactions can be smaller (eg. 100 bytes in Ethereum vs.

200-250 bytes in Bitcoin) because every transaction need only make one reference and one signature and produces one output

• Greater fungibility • There is no blockchain-level concept of the source of a

specific set of coins, it becomes less practical, both technically and legally, to institute a redlist/blacklisting scheme and to draw a distinction between coins depending on where they come from



• The benefits of accounts are: • Simplicity

• Easier to code and understand, especially once more complex scripts become involved

• Constant light client reference • Light clients can at any point access all data related to an

account by scanning down the state tree in a specific direction

• In a UTXO paradigm, the references change with each transaction, a particularly burdensome problem for smart contracts



what’s in a bitcoin (blockchain) transaction?jedinnovate.com/wp-content/uploads/2019/02/fbb... ·...

Documents