BITCOINCSC5270 Final ReportAmruta Chitloor Anjaneyalu Computer ScienceWayne State UniversityDetroit,[email protected] 1. INTRODUCTIONWith the increasing hypefor bitcoin it is really important to know how it works behind the curtain andwhat it’s really worth of. It was introduced by an anonymous founder who usesthe alias Sathoshi Nakamoto in 2009.
Essentially, Bitcoin is one of the leadingcrypto currencies without any physical form. It is generated and usedelectronically. Other examples of crypto currencies are Litecoin, Ethereum andso on. There ae plenty in the market.
The whole idea behind thebitcoin was presented in 2008, depicting the proof of concept and gaining thetrusts of many. The best part of Bitcoin is eradicating the necessity of bankin the system or a central authority. There is no requirement of governance bythird party. It is irreversible andcommitted once a transaction is approved. Bitcoin, as told earlierdoes not have a physical form. But the value can be saved in a digital wallet.This is either stored in cloud or in some other public server but connected toowner’s bank accounts.
Value for the bitcoin is higher only because people arewilling to trade to the money against their account numbers. In short, thevalue exists only because people believe it does. The concept behind bitcoin isnoting all the transactions in a ledger.
Every participant has a copy of it. Assoon as a new transaction is made it is added to a block that contains all theother transactions what happen during the specific time duration. This is referredto as blockchain.
Then, a miner takes a transaction and converts it into a hashand adds it to the existing blockchain. After this is done, nodes pass a copyof the blockchain so every node on the network is updated. Every node in thenetwork freely exchanges information not only about blocks but also abouttransactions, alerts, and IP addresses of known nodes. So, if a user tries todouble spend the same bitcoins after already spending them, the nodes rejectthe transactions after verifying the existing blockchain.The user community ofbitcoin is so huge and there no need of any approval to add yourself to it. Theuser encrypts the message using his private key and the decryption can be doneby the public key which makes it fail proof system. As the receiver is the onlyperson who would be able to decode it to a meaningful message. This featureincreases the privacy of the transaction.
Every transaction has a different keymaking it secure. Every time a transactionis made the amount from the sender’s account decreases and the receiver’saccount increases. Also, there is a new entry in the ledger which everycomputer on the network has a copy of as record of transaction. It is importantto record that everyone knows every transaction and not just the sender andreceiver. Also, since there is no “bank” as such it makes it harder toauthenticate the incoming as we receive the amount from total strangers. Thus,we should not trust anyone.There is upper limit tothe total number of bitcoins that can be and that is 21 million.
This limit isexpected to reach by miners by 2140. There is a mathematical explanation for this number too. 2. TRANSACTION MANAGEMENTOn high level, Bitcoin is just a file that contains allthe transactions with sender and receiver details with currencies like aledger. Bitcoin a currency which is made in a way it can not be copied. Thisprevents people from spending the same money twice which is usually referred toas double spending problem. There are 3 ways to earn it: earn it in return foryour goods and services, but it for money its worth or it can also be mined.
Miners are essentially the people who use high computational power and hashesto solve complicated math problems and if they are successful then awarded witha coin. With increase in number of miners, bitcoin is mostly not going to hitany inflation till about the year 2140. Thetransactions using bitcoins is carefully designed to make it hackproof as it isimplicit that we cannot trust strangers. While sending money, following are themathematical steps incorporated to authenticate the transaction and only therightful owner is sending the message. a) Publickey and private key: For encryption and decryption for confedential datab) Hash:For checking the confidential data’s integrity after trasmision. And howlegitimate it is.
c) DigitalSignatures: There are several software those can be used to Digitally sign theold transactions. Fig:ABC (Nakamoto, 2008)Transactions are likemoney transfer. A user who needs to start a new transaction to transfer a partof bitcoins to another user first needs to:1. Create an output to the new user using newowner’s public key and digitally signing with their signature along withprevious hash2. This hash can be used to look up previousownerships of the bitcoins3. Here each transaction can have multipleinputs and at most 2 outputs4. Everyoutput from a user is either a Spent Transaction Output or an UnspentTransaction Output5.
Thistransaction is spread all around the network where nodes verify it.This makes every node inthe network aware of all the all the transactions. Every ledger in the networkis this updated. But the issue here is the receiver needs to know that thebitcoin is received it is a legitimate one the sender has sent from his quotaof account and not spending when he doesn’t have. Thus he would need aconfirmation from majority nodes that it was one of the first kind to bereceived. A solution to this is as proposed by Sathoshi asfollows. The transaction also includes a timestamp server to the block. Here, atimestamp is added to the hash along with the previous timestamp.
Thus, everytimestamp hash contains the information of previous timestamps. 3.PROOF OF WORKA proof of work protocolis a vehicle really by which someone can effectively prove to you that theyhave engaged in a significant amount of computational effort. Proof of workprotocols often amount to puzzles and these puzzles that can, one the one hand,be challenging to solve by hand by that it means that it requires some serious computationaleffort and really can’t be short circuited.
In bitcoin we incorporate ablockchain concept for transaction. The main job here is for the miners to findnew coins.Bitcoin uses SHA-256 forits processing. We initially replace the block’s hash with nonce value until asuitable value is computed. Nonce is a unique set of random characters.
Nonceonce used could never be used if once used in previous answers in it’s successionas the nonce’s would be thrown back as invalid. Which means that to fake orchange previous blocs, you would have no choice but to re-do all of the work ofthe subsequent blocks.There are two types ofvoting i.e 1 CPU one vote and another is one IP one vote. Since CPUs aremeasured in Gz then the right block chain will grow fast compared to the wrongone as all the honest nodes vote. The chain with maximum approval is the onechosen for reward. The difficulty increases with more bitcoins being generated.There’s a way to controleven the inflation of bitcoins as mentioned by Shatoshi where if the price ofbitcoins gets way high then reward of mining it then the problems/puzzles levelof difficulty increases and this the number of bitcoin decreases.
In a bitcoin network, all the peers are connected toeach other by unencrypted TCP channels. In the bitcoin protocol, peerspropagate addresses to help peers discover each other. Each peer storesinformation about the known IP addresses of peers on network.
The exact stepsthat take place after the peers discover are:a) Thesender and receiver of transactions validate each other. After validation, thesender sends the transaction to receiver. After the receiver accepts thetransaction, propagates the information to all know peers.b) Afterthe nodes receive the transaction, the add it to the existing blockchain andeach node works on finding a proof-of-work.c) Aftera node finds a proof-of -work, it propagates the block along the network topeer nodes.d) For a node to accept this a block all thetransactions in it must be valid. If it finds hash with the same value existingalready, then the block is discarded. Also, if a node receives two blocksinvolving the same block, the first is accepted but the next is saved forfuture reference.
4. BLOCKCHAININGIf you say you have abitcoin it means you have private key. Having a digital signature proves yourownership on bitcoins. Public key is referred in block chain. Block chain forthe proof of work is the set of transitions that happens every now and thenwhere each of them refers to earlier record in the chain. Miners run the mostrecent block and the old blocks and using hash functions where they solve themathematical problem.
Once solved it’s added to block chain and peers areupdated to use the new block chain. His concept of block chaining makes thesystem more secure. All this requires huge computational power.There would be caseswhere two transactions are happening simultaneously and parallelly two nodesmight be working on them. In this situation the would-be conflict in blockchaining when the propagate together in the network.
There would be a nodewhich will have to encounter both of these blocks together and would beconfused which one to digest first. Thus, the choose to go after the one thatis longest which means the most accepted one reported by the honest nodes. Theother blockchain is not considered.
This prevents the hackingas if there would be a successful hacker he would have to own very high compuattuolapower i.e power greater than 50% of the network. Figure5 Fork in a BlockChain 5. DOUBLE SPENDING PROBLEMAs the name suggests, thisis where a user tries to make a dishonest transaction. A user sends the sameamount twice which is practically impossible and dishonest.
Dishonesttransaction is when the wrong transaction gets into the blockchain. This situationcan be handles in the following manner.In the the attacks, theopponent tries to propagate typically the dishonest chain as in contrast to thehonest string. For an attacker to have success, not only must he propagate thedishonest chain but additionally create a extended fork as described above forall the nodes to accept the unethical link. So, the attacker must high aextremely high computational capacity to produce a dishonest chain that may behas enough blocks to be able to overtake the honest chain.In the paper published bySatoshi Nakamoto, typically the following are the final results posted theprobability of success or failure of honest chain to be discovered by nextblock based their computation power. Probability of success ansfailure is calculayed by Sathoshi in his paper and it’s describes as follows.
p = probability anhonest node finds the next blockq = probability theattacker finds the next blockqz =probability the attacker will ever catch up from z blocks behindqz=1 if p<=qqz= if p>q Here are the results published, we can see theprobability drop off exponentially with z using Poisson Distribution.q=0.1z=0P=1.0000000z=1P=0.2045873z=2P=0.0509779z=3P=0.0131722z=4P=0.0034552z=5P=0.
0000024z=50P=0.0000006 Solving for P less than0.1%…P < 0.001q=0.
30z=24q=0.35z=41q=0.40z=89q=0.45z=340 This explains that the hopes of the attacker to catchup with the next blocks in the system drops exponentially with the number ofnumber of nodes in the network.
6. TECHNICAL THINGS TO FOCUS ONBeing a digital currency, there are several advantagesthat bitcoin bring to the table. On the time, many bitcoin systems have comeunder episodes and several features such since user anonymity have recentlybeen compromised. Also, as bitcoin started off as a good experiment, it hasdifferent challenges yet to tackled.
Below are a few of the research ofattacks, improvisations plus suggestions described from diverse researches.1.1 De-anonymizationTo understand how to deanonymize bitcoin users, in theresearch 1 , the network is analyzed in two ways: Transaction graph networkand User Graph Network. In transaction graph, all the transactions along withthe inputs and outputs are analyzed. The vertices represent the transactionsand the edges represent the flow from source to target.
Figure 6 An examplesub-network from the transaction network. Each rectangular vertex represents atransaction and each directed edge represents a flow of Bitcoins from an outputof one transaction to an input of another And the user network graph represents the users(analyzed from the transaction flows network graph) on the network. This graphwas generated by looking and analyzing the public transactions and guessing thenumber of users from the flow although a user may use multiple public keys fora transaction. In this graph, each vertex represents a user and the edgerepresents sender and receiver.Below is the graph grouped by public keys and flowbetween transactions. Figure 7 An example sub-network from theimperfect network. Each diamond vertex represents a public-key and eachdirected edge between diamond vertices represents a flow of Bitcoins from onepublic-key to anotherSo, by comparing the two graphs above, we can groupthe graph to represent the users in the network. The users U1 and U2 arederived from this analysis.
Figure 8 An example sub-network from theuser network. Each circular vertex represents a user and each directed edgebetween circular vertices represents a flow of Bitcoins from one user toanother. The maximal connected component from the ancillary network thatcorresponds to the vertex u1 is shown within the dashed grey boxAfter creating the user graphs, if at least one of thepublic keys of a user is linked to their personal details, then all the publickeys can be matched to the user. This linking is possible by one of these ways:a) Collectingthe user’s off network details such as their credit card details, emailaddresses, or home address. Bitcoin services usually store these details (becausewhen a service is requested the user reveals these details for the service). Ifthere is a security breach or these details are made public by these services,then it is easy to associate the users with their personal details.
b) Context Discovery along with flow oftransactions overtime: In this method, a service (MyBitcoin in this research 1)selected is studied over time to get the users associated to it and therelation among its users. This can help deduce the activities of all the usersand, in case of theft guess the thief. In the depiction below is the study of atheft that took place in the MyBitcoin service of 25000 Bitcoins. Here a A,Band C are three different users in the service. The edges have a depiction ofdate and time of the transaction. This analysis helps understand the flow oftheft even if it does not point to a single individual or agency involved inthe theft.This shows that the level ofanonymity in a Bitcoin network is low. It is advisable to change public key forevery transaction.
But, to also keep in mind that this does not certaincomplete anonymity. Figure9 Visualization of Bitcoin flow fromthe alleged theft. The left inset shows the initial shuffling of Bitcoins amongaccounts close to that of the alleged thief, during which all transfers happenwithin a few hours of the incident.
The right inset shows detail on the eventsof several subsequent days, where Bitcoin flows split, and then later mergeback into each other, validating that the flows found by the tool are probablystill controlled by a single party.6.2 No Third-party InterruptionsProbably the most widely publicized benefitsassociated with Bitcoin is that governments, banking institutions and otherfinancial intermediaries have got no solution to interrupt customertransactions or place interrupts on Bitcoin accounts. The system is purelypeer-to-peer; users experience a better level of freedom than together withnational currencies.6.3 TransactionMalleabilityTo date, the attacks were presumed to be fromtypically the sender’s side. But purchase malleability is actually a typeassociated with attack in the reverse direction, that is, typically thereceiver tries to strike the sender.
In this sort of attack, a sender transmitsa transaction and holds back for the confirmation. The receiver who receivestypically the transaction tries to utilize the information it receives inaddition to tries to propagate a new different transaction with typically thesame details.In this instance, if the original purchase is acceptedby the transaction network, then typically the sender is safe. If the networkaccepts the 2nd transaction, then, the fernsehsender assumes that theirtransfer failed and tries to resend the transaction hence, spending two times.
Once inside the dishonest transaction by simply the receiver and second by thesecond transaction sent by the receiver. This particular is called transactionmalleability.One such major incident took place in the Bitcoinwallet service MtGox on Feb 10,2014. Figure10 Cumulative graph of the number andvalue of malleability attacks during the MtGox press release of attacks. 7 DRAWBACKS1. Price fluctuation: Since there is no regulatory agency whichsets value for a coin, it keeps fluctuating wildly.2. Security: The format by itself is securebut it does not prevent hackers to attack banks in exchange and dealingbitcoins.
It’s again not directly a blame on bitcoin but indirectly it is goingto effect.3. Volatile: Bitcoin is getting popular butit still needs to settle down for it to be acceptable widely as a form ofcurrency like in stores, for groceries and so on.4. Limitation on the total number of bitcoin:There is a restriction to tatl number of bitcoins thee can ever be and that is21 million which is expected to hit by 2140.5.
IP address blocking: There are instanceswhen a hacker can steal an IP and IP plays an important role in case ofbitcoin. Hence securing it is an important step.