Towards Reference Architecture for Cryptocurrencies: Bitcoin Architectural Analysis Israa Alqassem, Davor Svetinovic

Abstract Bitcoin is complex p2p currency Decentralized But is Open Source and provide libraries and APIs. Up to date specification and architectural analysis Want to serve as a starting architectural point for the development of Bitcoin.

Introduction Bitcoin is incrementally developed and evolved. add new features update existing ones All to improve reliability, sustainability, security, and privacy. Development architecture model goals: Provide constraints by evaluating the system’s feasibility. Understand the design and implementation rationale. Alleviate security risks while integrating Map quality attributes (scalability, security, performance) to altcoins.

Bitcoin Protocol Specification The protocol was designed to shift from centralized monetary systems. Public ledger Accessed by anyone Blockchain All accounts All balances Public-key cryptography Every address is a public key. You do not own bitcoin You can have multiple balances and accounts (wallets). All can be verified by third parties.

Proof of work Proof of work uses DDOS attacks Spam Hashcash Designed in 1997 Scalable difficulty Hashcash-double SHA-256 Creates a unique block for every block in the chain Each block is linked to the previous all the way to the genesis block. Append only if proof of work is met hash value meets set difficulty

Proof of work: Requirements Scalable difficulty Difficulty must not be fixed Fair distribution of wealth All miners are equally likely to get the mining rewards. Easily verifiable results The ability to verify proof of work by network nodes promptly, without a central authority. Sensitivity to tampering block data Essential to strengthen blockchains connectivity and prevent malicious attackers.

Block contents Version Block version number Hash of previous block 256-bit hash of the previous block header Hash Merkle root 256-bit hash of all the transactions in the block Time Current timestamp epoch time Bits Current target in compact form Random nonce 32-bit field when hashed the first (bits) will be all zeros

Miners job Any node connected can participate in mining a new block. Every node is mining the same block at the same time. A successful mined block will have a hash where the first certain amount of bits are all zero.

Why mine? REWARDS! ●Every new block mined adds new currency to the market ●The one node that submits the proof of work first is rewarded. ●Miners fees (explained later) Will the bitcoins ever run out?

Why mine? REWARDS! ●Every new block mined adds new currency to the market ●The one node that submits the proof of work first is rewarded. ●Miners fees (explained later) Will the bitcoins ever run out? YES! ●Every 210,000 blocks the reward for a mint (new) block is split in half. ●This is approximately every 4 years.

Difficulty Adjustment If you had a money tree in your garden that would give you $1 every month. Two ways to improve 1)Plant another money tree = $2 a month 2)Use money tree fertilizer on your one tree to produce more money each month This is the case for Bitcoins as well.

Difficulty Adjustment

Unfair!!

Difficulty Adjustment As I said before everyone is mining the same block with the same probability but it all depends on the hardware. Bitcoin has added Difficulty Adjustments to counteract any new technologies that could solve the proof of work in a quick amount of time. ●CPU ●GPU ●ASIC

Difficulty Adjustment The Target ●256-bit number shared by all connected nodes. ●No minimum target ●Adjusted every 2016 blocks ~ 2 weeks New target = Current Target * actual time took to create the last 2016 blocks / 2 weeks Targets are used to determine difficulty

Difficulty Adjustment Difficulty ●Maximum target difficulty is about 2^224

Difficulty Adjustment The Target ●256-bit number shared by all connected nodes. ●No minimum target ●Maximum target difficulty is about 2^224

Difficulty Adjustment Difficulty ●Maximum target difficulty is about 2^224 ● ●difficulty = maximum target / current_target ●Current difficulty {"difficulty": } How long would that take if I had a 1Ghash/s mining rig? python -c "print * 2**32 / 10**9 / 60 / 60.0"

Difficulty Adjustment Goal ●Main goals ○A block is mined every 10 minutes ○No new hardware can trivially solve proof of work ●Self moderating currency ○In 2010 the largest difficulty adjustment ever recorded jumped more than %300 ■The time between blocks being mined was around 2 minutes All modifications are decentralized with out one person making the calls.

Size of the blockchain ●The blockchain grows with each block added not by every transaction. ○A block is added every 10 minutes ● The current blocksize is 1M ○Some people want the block size to be 2M Every node contains their own copy of the entire blockchain from the origin How does the size of the blockchain affect the nodes?

Size of the blockchain How does the size of the blockchain affect the nodes? ●Mobile users ●Linearly growing blockchain ●Memory conscious clients

Size of the blockchain How does the size of the blockchain affect the nodes? ●Mobile users ●Linearly growing blockchain ●Memory conscious clients ENTER Bloom Filter

Size of the blockchain: Bloom Filter A Bloom filter is a probabilistic data structure that is used to retrieve records from a data set. The Bitcoin bloom filter may have some false positive matches but no false negative. HUH? False positives?

Size of the blockchain: Bloom Filter False positives are desired The Bloom filter has a configurable false positive rate. A memory conservent client using the bloom filter will receive all of his wallet's contents as well as some extra to be used as noise. Noise ●Prevents other nodes form making connections between accounts and transactions. More noise = more privacy = more bandwidth

Transactions Transactions encompass two main goals ●Transfer of money from one entity to another ●Payment verification system. Bitcoin transactions are never the exact amount ●Each transfer of money is accompanied by change sent back Other words you alway overpay as a way to verify that the cashier counted your money.

Transactions Transaction Size: Each transaction can have multiple inputs and multiple outputs all increasing the size of the transaction Transaction size is also increased by value of funds being transferred.

Transactions Transaction Priority: Every transaction has its own priority. age = total number of transactions confirmations Priority = Summation(input value * age) This matters because in each block there is dedicated space for high priority transactions, regardless of fee they pay.

Transactions Transaction Merkle trees: Merkle trees verify the integrity of transactions within a block. Each Merkle root is double SHA256 hashed. Every transaction in the block will be added to the Merkle root. ●Since SHA256 has a fixed size it is very easy to put into the block header ●Helps mobile users not need to download the entire block chain.

Transactions Fee Policy: Fees are decided when the transactions priority is less than the minimum defined priority, or if the size of transaction exceeds a certain threshold. Minimum priority and maximum sizes are adjustable to modify the fee in the following way: ● Free more space in blocks for high priority transactions ●Prevent flooding of the free transaction area by transferring large amounts of old bitcoins. * Extra fees can be added to any transaction to speed up the verification process.

Memory Pool A memory pool is a local storage of unconfirmed transactions that exist at each node. Before a transaction is added to the memory pool the node must verify that the block has not been tampered or already spent and that the block headers are proper.

Memory Pool A transaction that appears to have inputs that were used in other confirmed transactions are invalid. The invalid transactions are called Orphan Transactions, describing a transaction that cannot be added to a memory pool. Orphans are caused by: ●Fee amount < amount required ●Total input coins != Total output coins

Memory Pool Memory pools are synchronized across all nodes. Every confirmed transaction is that is confirmed is removed from the memory pool. This ensures that the memory pool does not grow exponentially and functions as a sort of queue.

Wallet and Coin Selection ●Bitcoin wallets store ○User accounts addresses ○Transactions related to them Wallets should be kept secret. When you make a transaction you give your a address which is very hard to link to the wallet itself. To spend bitcoin you must select outputs from previous transactions to be used as inputs for the current transactions

Wallet and Coin Selection Choosing outputs from previous transactions is called “coin selection” Coin Selection is a knapsack problem

Wallet and Coin Selection

Choosing outputs from previous transactions is called “coin selection” Coin Selection is a knapsack problem ●Weight -> number of transaction inputs ●Cost -> Priority Coin Selection is in the user's best interest as it tries to minimize fees per transaction.

Wallet and Coin Selection Coin Selection algorithm 1)Coins with at least 6 confirmations ~ 1 hour old 2)Minimizes the transaction size by choosing minimum inputs 3)Considers the amount of change returned 4)Selects the smallest amount that meets the the above criteria The algorithm is careful in to not create Bitcoin dust, small transactions that are considered spam.

Blockchain in depth Blockchain achieves: ●Coordination between network nodes to process transactions ●Encapsulates the value of proof of work and difficulty ●Verifies the ownership of transferred coins Since every node is working on mining the same new block what happens if two node find valid proof of work at the same time?

Blockchain in depth Since every node is working on mining the same new block what happens if two node find valid proof of work at the same time? Does it: ●Split the reward? ●Choose one at random? ●Use both? ●Invalidates one? ●Does the blockchain fork?

Blockchain in depth If two blocks are made at almost the same time it is called a “Blockchain fork” The block chain with the longest path going all the way back to the origin is considered the master chain. i.e path with the highest difficulty. But at the time of the fork they are even right? Yes, so each node will choose the path that was propagated through the network to them first and continue to min on that path.

Blockchain in depth Blockchain forks are bad! Creates a monetary system with two different databases… When bitcoind updated from to a backwards compatibility error caused the blockchain to fork, at one point almost completely invalidated the entire blockchain.

Blockchain in depth

Forks happen all the time! To eliminate the fear of invalidating the entire blockchain checkpoints were introduced. Checkpoint list is a set of predefined blocks within the chain that freeze the main blockchain from the genesis. Most recent checkpoint is at block 250,000

Blockchain in depth Naysayers: Hey this deviates from the original protocol described in the whitepaper! This also centralizes the protocol. Editor's note: Possible solution is to implement an automatic approach to detect and handle forks properly and immediately…. Nothing else mentioned how..

Alerting System When messages need to reach every client they are sent to each node in the same way that transactions are sent. Alerts: ●Critical problems ●upgrade is needed ●Older versions become obsolete Who sends updates, isn’t Bitcoin completely decentralized?

Alerting System At least the lead developer of the Bitcoin project has access to the alerting system’s private key. Since alerts are handled the same as transactions if any alert is received with any other signature other than the projects master private key is considered invalid. That sounds an awful lot like a centralized system to me. Yes, but they are only alerts the nodes/people still have the final say.

Altcoins “Altcoins are cryptocurrencies other than Bitcoin. The majority of altcoins are forks of Bitcoin with small uninteresting changes. ” - Bitcoin.it (Bitcoin Wiki) Namecoin: ●Uses bitcoin source code, instead of decentralized currency it is a decentralized DNS. ●Prevents internet censorship, and serves a new Top Level Domain (TLD) outside the control of ICANN ●Examples Zeronet

Altcoins Litecoin: ●Also uses Bitcoin source code ●Blocks are mined every 2.5 minutes rather than 10 minutes, hence “Lite” ●Scrypt as proof of work ○Supposed to be GPU and ASIC resistant… Failed in mid-2012 Faults: ●With rise in transactions the computational power needed to validate signature will exceed the 2.5 mining schedule.

Altcoins Primecoin: ●Adds real-world value by finding large prime numbers. ●Helps number theory Faults: ●As the prime chain grows it is infeasible in the long run.

Conclusion Bitcoin is financial system that is unstable and unpredictable. The value of Bitcoin comes from the system’s capability to function as a P2P medium support. %51 Percent attacks can introduce double spending. (Explained in next paper) A lot of work needs to be done for Bitcoin to get to a stable financial system.

Please read the paper for yourself p=&arnumber= &tag=1