submitted by D-platform to u/D-platform [link] [comments]
1. What is Bitcoin (BTC)?
2. Bitcoin’s core featuresFor a more beginner’s introduction to Bitcoin, please visit Binance Academy’s guide to Bitcoin.
Unspent Transaction Output (UTXO) modelA UTXO transaction works like cash payment between two parties: Alice gives money to Bob and receives change (i.e., unspent amount). In comparison, blockchains like Ethereum rely on the account model.
Nakamoto consensusIn the Bitcoin network, anyone can join the network and become a bookkeeping service provider i.e., a validator. All validators are allowed in the race to become the block producer for the next block, yet only the first to complete a computationally heavy task will win. This feature is called Proof of Work (PoW).
The probability of any single validator to finish the task first is equal to the percentage of the total network computation power, or hash power, the validator has. For instance, a validator with 5% of the total network computation power will have a 5% chance of completing the task first, and therefore becoming the next block producer.
Since anyone can join the race, competition is prone to increase. In the early days, Bitcoin mining was mostly done by personal computer CPUs.
As of today, Bitcoin validators, or miners, have opted for dedicated and more powerful devices such as machines based on Application-Specific Integrated Circuit (“ASIC”).
Proof of Work secures the network as block producers must have spent resources external to the network (i.e., money to pay electricity), and can provide proof to other participants that they did so.
With various miners competing for block rewards, it becomes difficult for one single malicious party to gain network majority (defined as more than 51% of the network’s hash power in the Nakamoto consensus mechanism). The ability to rearrange transactions via 51% attacks indicates another feature of the Nakamoto consensus: the finality of transactions is only probabilistic.
Once a block is produced, it is then propagated by the block producer to all other validators to check on the validity of all transactions in that block. The block producer will receive rewards in the network’s native currency (i.e., bitcoin) as all validators approve the block and update their ledgers.
Block productionThe Bitcoin protocol utilizes the Merkle tree data structure in order to organize hashes of numerous individual transactions into each block. This concept is named after Ralph Merkle, who patented it in 1979.
With the use of a Merkle tree, though each block might contain thousands of transactions, it will have the ability to combine all of their hashes and condense them into one, allowing efficient and secure verification of this group of transactions. This single hash called is a Merkle root, which is stored in the Block Header of a block. The Block Header also stores other meta information of a block, such as a hash of the previous Block Header, which enables blocks to be associated in a chain-like structure (hence the name “blockchain”).
An illustration of block production in the Bitcoin Protocol is demonstrated below.
Block time and mining difficultyBlock time is the period required to create the next block in a network. As mentioned above, the node who solves the computationally intensive task will be allowed to produce the next block. Therefore, block time is directly correlated to the amount of time it takes for a node to find a solution to the task. The Bitcoin protocol sets a target block time of 10 minutes, and attempts to achieve this by introducing a variable named mining difficulty.
Mining difficulty refers to how difficult it is for the node to solve the computationally intensive task. If the network sets a high difficulty for the task, while miners have low computational power, which is often referred to as “hashrate”, it would statistically take longer for the nodes to get an answer for the task. If the difficulty is low, but miners have rather strong computational power, statistically, some nodes will be able to solve the task quickly.
Therefore, the 10 minute target block time is achieved by constantly and automatically adjusting the mining difficulty according to how much computational power there is amongst the nodes. The average block time of the network is evaluated after a certain number of blocks, and if it is greater than the expected block time, the difficulty level will decrease; if it is less than the expected block time, the difficulty level will increase.
What are orphan blocks?In a PoW blockchain network, if the block time is too low, it would increase the likelihood of nodes producingorphan blocks, for which they would receive no reward. Orphan blocks are produced by nodes who solved the task but did not broadcast their results to the whole network the quickest due to network latency.
It takes time for a message to travel through a network, and it is entirely possible for 2 nodes to complete the task and start to broadcast their results to the network at roughly the same time, while one’s messages are received by all other nodes earlier as the node has low latency.
Imagine there is a network latency of 1 minute and a target block time of 2 minutes. A node could solve the task in around 1 minute but his message would take 1 minute to reach the rest of the nodes that are still working on the solution. While his message travels through the network, all the work done by all other nodes during that 1 minute, even if these nodes also complete the task, would go to waste. In this case, 50% of the computational power contributed to the network is wasted.
The percentage of wasted computational power would proportionally decrease if the mining difficulty were higher, as it would statistically take longer for miners to complete the task. In other words, if the mining difficulty, and therefore targeted block time is low, miners with powerful and often centralized mining facilities would get a higher chance of becoming the block producer, while the participation of weaker miners would become in vain. This introduces possible centralization and weakens the overall security of the network.
However, given a limited amount of transactions that can be stored in a block, making the block time too longwould decrease the number of transactions the network can process per second, negatively affecting network scalability.
3. Bitcoin’s additional features
Segregated Witness (SegWit)Segregated Witness, often abbreviated as SegWit, is a protocol upgrade proposal that went live in August 2017.
SegWit separates witness signatures from transaction-related data. Witness signatures in legacy Bitcoin blocks often take more than 50% of the block size. By removing witness signatures from the transaction block, this protocol upgrade effectively increases the number of transactions that can be stored in a single block, enabling the network to handle more transactions per second. As a result, SegWit increases the scalability of Nakamoto consensus-based blockchain networks like Bitcoin and Litecoin.
SegWit also makes transactions cheaper. Since transaction fees are derived from how much data is being processed by the block producer, the more transactions that can be stored in a 1MB block, the cheaper individual transactions become.
The legacy Bitcoin block has a block size limit of 1 megabyte, and any change on the block size would require a network hard-fork. On August 1st 2017, the first hard-fork occurred, leading to the creation of Bitcoin Cash (“BCH”), which introduced an 8 megabyte block size limit.
Conversely, Segregated Witness was a soft-fork: it never changed the transaction block size limit of the network. Instead, it added an extended block with an upper limit of 3 megabytes, which contains solely witness signatures, to the 1 megabyte block that contains only transaction data. This new block type can be processed even by nodes that have not completed the SegWit protocol upgrade.
Furthermore, the separation of witness signatures from transaction data solves the malleability issue with the original Bitcoin protocol. Without Segregated Witness, these signatures could be altered before the block is validated by miners. Indeed, alterations can be done in such a way that if the system does a mathematical check, the signature would still be valid. However, since the values in the signature are changed, the two signatures would create vastly different hash values.
For instance, if a witness signature states “6,” it has a mathematical value of 6, and would create a hash value of 12345. However, if the witness signature were changed to “06”, it would maintain a mathematical value of 6 while creating a (faulty) hash value of 67890.
Since the mathematical values are the same, the altered signature remains a valid signature. This would create a bookkeeping issue, as transactions in Nakamoto consensus-based blockchain networks are documented with these hash values, or transaction IDs. Effectively, one can alter a transaction ID to a new one, and the new ID can still be valid.
This can create many issues, as illustrated in the below example:
Since the transaction malleability issue is fixed, Segregated Witness also enables the proper functioning of second-layer scalability solutions on the Bitcoin protocol, such as the Lightning Network.
Lightning NetworkLightning Network is a second-layer micropayment solution for scalability.
Specifically, Lightning Network aims to enable near-instant and low-cost payments between merchants and customers that wish to use bitcoins.
Lightning Network was conceptualized in a whitepaper by Joseph Poon and Thaddeus Dryja in 2015. Since then, it has been implemented by multiple companies. The most prominent of them include Blockstream, Lightning Labs, and ACINQ.
A list of curated resources relevant to Lightning Network can be found here.
In the Lightning Network, if a customer wishes to transact with a merchant, both of them need to open a payment channel, which operates off the Bitcoin blockchain (i.e., off-chain vs. on-chain). None of the transaction details from this payment channel are recorded on the blockchain, and only when the channel is closed will the end result of both party’s wallet balances be updated to the blockchain. The blockchain only serves as a settlement layer for Lightning transactions.
Since all transactions done via the payment channel are conducted independently of the Nakamoto consensus, both parties involved in transactions do not need to wait for network confirmation on transactions. Instead, transacting parties would pay transaction fees to Bitcoin miners only when they decide to close the channel.
One limitation to the Lightning Network is that it requires a person to be online to receive transactions attributing towards him. Another limitation in user experience could be that one needs to lock up some funds every time he wishes to open a payment channel, and is only able to use that fund within the channel.
However, this does not mean he needs to create new channels every time he wishes to transact with a different person on the Lightning Network. If Alice wants to send money to Carol, but they do not have a payment channel open, they can ask Bob, who has payment channels open to both Alice and Carol, to help make that transaction. Alice will be able to send funds to Bob, and Bob to Carol. Hence, the number of “payment hubs” (i.e., Bob in the previous example) correlates with both the convenience and the usability of the Lightning Network for real-world applications.
Schnorr Signature upgrade proposalElliptic Curve Digital Signature Algorithm (“ECDSA”) signatures are used to sign transactions on the Bitcoin blockchain.
However, many developers now advocate for replacing ECDSA with Schnorr Signature. Once Schnorr Signatures are implemented, multiple parties can collaborate in producing a signature that is valid for the sum of their public keys.
This would primarily be beneficial for network scalability. When multiple addresses were to conduct transactions to a single address, each transaction would require their own signature. With Schnorr Signature, all these signatures would be combined into one. As a result, the network would be able to store more transactions in a single block.
The reduced size in signatures implies a reduced cost on transaction fees. The group of senders can split the transaction fees for that one group signature, instead of paying for one personal signature individually.
Schnorr Signature also improves network privacy and token fungibility. A third-party observer will not be able to detect if a user is sending a multi-signature transaction, since the signature will be in the same format as a single-signature transaction.
4. Economics and supply distributionThe Bitcoin protocol utilizes the Nakamoto consensus, and nodes validate blocks via Proof-of-Work mining. The bitcoin token was not pre-mined, and has a maximum supply of 21 million. The initial reward for a block was 50 BTC per block. Block mining rewards halve every 210,000 blocks. Since the average time for block production on the blockchain is 10 minutes, it implies that the block reward halving events will approximately take place every 4 years.
As of May 12th 2020, the block mining rewards are 6.25 BTC per block. Transaction fees also represent a minor revenue stream for miners.
Is quantum resistance to protect against hacking, or against “fast mining” (preventing inequality between PoW miners)? How is it possible to guarantee quantum resistance? Isn’t our understanding of quantum computing just based on theories since quantum computers are not fully functional yet?Side chains will run parallel and be interoperable with the main chain. Side chains allow for new, more efficient, consensus mechanisms as well as smart contract functionality. Eventually other major blockchains will be interoperable with Hcash, through side chains and relays, DAG EVM for ETH, and other “Layer 2” solutions (Lightning Network for BTC and BTC forked code). Side chains allow for different scalability methods, flexibility and accessibility.
What do you mean by “exchange of value and valuable information”? Is this the exchange of coins and smart contracts?Quantum resistance is the protection against attacks made by quantum computers, which is currently contrasted by what we know about classical computers. Quantum computers weaken the security assumptions of certain types of cryptography, including ECDSA. If ECDSA were broken, attackers could steal balances in addresses that have made previous spends because the ECDSA public key for the address is revealed to the blockchain. Addresses with unexposed ECDSA keys will be resistant to this type of attack, as they are secured by RIPEMD160 and their ECDSA keys have not been revealed. Quantum resistance does not mean quantum proof. Quantum resistance means that quantum-based attacks do not have a significant advantage over the computers we have today. Based on what we currently know, our signature scheme is quantum resistant. No one knows what the future holds which is why it is important to always continue research and development into quantum resistant cryptography.
Imagine that in 2 years, a kid walks up to you and asks, “What do you do and how does it help society?”The “value” you are referring is not derived from our current understanding of value (fiat). The “true value” that blockchain systems hold is stored in the hashes themselves. Data and information is king.
An uninformed businessman who has no understanding of blockchain, but has heard Bitcoin approaches you. How do you explain your product and the benefits to him so that he remembers to give you a call the next day?We are one of many projects that helped build a more secure web of connected devices, and revolutionized peoples’ opinion on value and what really matters.
After reviewing the Hcash source code on GitHub https://github.com/HcashOrg/hcashd, I've found that almost all the Hcash main chain code has been written by SJTU (Shanghai Jiao Tong University), for example https://github.com/sammy00 https://github.com/yczhangsjtu. What have other contributors, such as the Nucleus Team, done for Hcash?Tell him to do his research on blockchain first before selling him on some grand idea. Smart investors grow a stable smart economy, not dumb money.
The main chain public repo hasn’t been updated very frequently.Shanghai Jiao Tong University’s Lab of Cryptography and Computer Security is the primary contributor to the main chain code. It is no small feat to have the 4th best university in China working on this project. The Nucleus Team is working with them to finish main chain testing. After the main chain launch, the Nucleus team will focus on the future development for Hcash including our side DAG EVM and main chain Lightning interoperability.
When will the swap from Hshares to Hcash take place?Please refer to our new GitHub. The frequency of updates will increase as we approach/ pass the main chain launch.
What is the exact date of main chain launch?The swap to the main chain will take place after the main chain launch mid-February. Announcements will be made as to how and where you can swap your Hshares for Hcash.
Will you provide interoperability for all the existing blockchains?The main chain launch will take place mid-February. We are aiming for release on February 15th.
Will the interoperability between the blockchains support both transfer of data and transfer of value?We hope to provide interoperability for all blockchains in the future. That is a lot of work though. We will start with the larger chains that have healthy development and community sizes first. To make this easier, we plan to provide a back-end solution for new blockchains to make this process easier.
What is a block-less blockchain? Is this a traditional distributed system?Yes
How will Hcash bridge block-less and traditional blockchains?A block-less blockchain accomplishes the same goals as a traditional blockchain by using consensus to determine the order of transactions. A block-less blockchain, such as a DAG, allows for faster consensus without traditional block size requirements. Faster consensus means higher throughput.
What signature scheme will you use to achieve quantum resistance? Why?Through relays between our main chain and side DAG. A more technical analysis will be available in our upcoming yellow paper.
Provide an overview as to how inoperability will be achieved.Hcash is using the BLISS signature scheme. Hcash’s version of BLISS has been hardened to mitigate side channel attacks. BLISS was chosen for its efficient key and signature size.
Specifically, what is the theory behind Hcash’s interoperability?We will be using relays to Hashed Timelock Contracts for Lightning Network interop on our main chain, relays and colored coins that operate with our DAG EVM, bridges to side chains for more uncommon chains, and back-end protocols for newer blockchains.
What is the timeline for interoperability? Will this be the main focus of Hcash? When can be expect an Alpha version?This answer would be longer than the entire AMA. Unfortunately, the specifics will have to wait until the yellow paper release. In the meantime, I would read the Lightning Network whitepaper because it is an excellent source of information. You could also research BTC relays and EVMs.
How will swap values be calculated when switching between blockchains? Is it based on the current market value?We will be updating the roadmap in Q2. Interop timeframes will be easier to gauge after the main chain release. There are quite a few ideas around what we would like to tackle next, whether it would be assisting other projects on Lightning Network development, the DAG EVM implementation, or possibly both at the same time.
Will you update the whitepaper to include a comprehensive overview of interoperability, its theory and its exchange functions?Yes, it would be based on the current, real time market value.
Can you explain who will use the Hcash? I am trying to figure out where the supply and demand will come from.In the coming months we plan to do an update on the white paper. The technical analysis will be provided in our yellow paper. These will be detailed in the updated roadmap to be released after the main chain launch.
Will you be hiring an advertising team?Our target audience is everyone, from people playing mobile games to supporting business and government logic. The supply and demand will come with the need to transfer more and more data across multiple platforms. As for the economic model, this has not been outlined yet. We will be exploring all methods that fall in line with creating smart economies, including 2 token models.
What are ring signatures in cryptography? How do they work?We are already expanding Western marketing, primarily in the US. More focus on this will come soon after the main chain.
Most of us understand the interoperability of the network. What is a specific use case for Hcash? What role will Hcash have in the network? What makes it a requirement for interoperability? If someone has Bitcoin and wants to convert it to Ethereum using Hcash’s network wallet, is Hcash used as a fee for that conversion?At this time, we are exploring more efficient transaction schemes, such as bulletproofs. Bulletproofs can reduce the computational power needed for privatized/ anonymous transactions.
Here is an analogy. You walk into an arcade with 20 different machines. Each of these machines takes a different token, but you only have coins that operate with one of these machines. This would be the type of solution we hope to provide. Fees can be paid with Hcash. In the future we can explore taking fees in other denominations as well. More of this would be explained in detail with our yellow paper and economic model.
Are you willing to divulge how many apps you have in development for the Hcash main chain?Main chain release is mid-February, but we are aiming for launch on February 15th.
What is the Martian’s current relationship to Hcash? Is he still part of its team?The primary focus right now is to improve the stability of the Hcash main chain. This will ensure successful launches in the future for developers on our side DAG EVM.
Will the main chain go up according to schedule? Are there any problems with Hcash? The specialist sales team was made up of shareholders/ investors, right?The Hcash team is currently located on Earth. The last I heard the Martian was returning to Mars.
Is the code on GitHub all original? Are all developments executed on GitHub? Why is there so little original code? There are so few modifications. I also noticed there are remarkably few references to the code. Most of them are from documents that have been updated.Provided no unforeseen circumstances, we are on schedule for the main chain release. There are roadblocks and disconnects with every project. This is a new world of technology we are exploring. I think the team you may be referring to is the Hcash Foundation themselves. A lot of the Western marketing and development is being handled by the Nucleus Team.
What is scope of the Hcash R&D team?Many engineers have worked to contribute to the blockchain community over the years. We are taking advantage of the hard work and research that has been done while also making our own meaningful contributions for others to use in their code. It is important to acknowledge the contributions of others. The work completed by Decred in particular has allowed us to grow. Now we will have our chance to contribute back to them and others with our post quantum signature scheme and NG implementation. There are advantages of having similar projects that people don’t realize. For example, after our main chain launch we can explore assisting with development on the Lightning Network. As for GitHub, you will see activity increase when the main chain launches.
Hcash is currently collaborating with three universities. Shanghai Jiao Tong University has been working on the main chain quantum resistance. What are the main responsibilities of the other two universities?To assess, research and develop cutting edge decentralized consensus mechanisms and applications.
The Westerners working on Hcash don't seem very enthusiastic. They aren't following a lot of people on Twitter. Does the team have any clearer plans for increasing publicity?Building blockchain technology is a group effort. The other teams have also been researching other options for main chains, smart contracts etc. For example, Dr. Joseph Liu from Monash University is working on ring signature schemes to continue our research and development into privatized transactions. We are looking forward to taking the best efforts of all teams and bringing them to the blockchain communities at large, starting with the post quantum implementation from LoCCS at Shanghai Jiao Tong University.
Are there plans to get onto more exchanges such as Bittrex?The Westerners are primarily focused on the technology, development, and creating more content. The community management will be increasing transparency and activity in time. More Western marketing can be done after the launch of the main chain.
When will quantum resistant technology be implemented into Hcash? Where can we follow the developments being made and is there anywhere we can go to participate in the project?When moon? We are constantly considering all options to allow users to access Hcash. Currently we are listed amongst some of the top exchanges like Binance and growing exchanges like KuCoin.
Where do you download the wallet? How do you mine?Quantum resistant technology is available now on GitHub at https://github.com/HcashOrg/hcashd and will be available for use outside of the testing environment when the main chain launches in the middle of February.
When will Hshares swap Hcash? Can you announce a general time?The wallet for the new main chain can be found on GitHub at https://github.com/HcashOrg/hcashwallet. You can mine on the new main chain by joining a pool or using the hcashd node to solo-mine.
Will there be an address mapping when Hshares swaps to Hcash like there was with EOS? What other kind of mechanism will be used for the coin swap?Hshares can be redeemed for Hcash after the main chain launches in the middle of February. Announcements will be made regarding how and where to swap your Hshares for Hcash.
When will the main chain that can support smart contracts go online? When will tokenization for Hcash take place?A snapshot of Hshares will be included in the Genesis (first) block of Hcash’s launch to allow users to convert their Hshares into Hcash. An announcement will be made as to how, when and where conversions will take place.
There aren't many updates on GitHub and there aren’t many contributors. What kind of coordination is going on with the development team?Smart contract functionality will be available when our side DAG launches. Users, businesses and developers will be able to build dApps, launch tokens and more. We are making sure the main chain is a stable foundation before adding our DAG to the Hcash ecosystem.
Based on what I've been reading, Shanghai Jiao Tong University is mainly responsible for the main chain portion of the project. How is their team doing? How many research students in their labs are helping them?Both the Nucleus Team and members of Shanghai Jiao Tong University LoCCS are working together to finalize testing. Updates are being made to our GitHub at https://github.com/HcashOrg/hcashd.
Can you confirm that the main chain will finally go up in mid-February? Is it just a hypothetical date and then a further delay?Shanghai Jiao Tong is responsible for building and launching the new main chain. Their team there has been doing a great job with research and development and we look forward to seeing more of their work. The Nucleus Team is currently working with them to finish testing. After testing, the Nucleus team will focus on the future development of the project including our side DAG. I do not know the size of their team as we have not visited their lab.
What is the status of these interoperability features? When is the main chain going online?The primary responsibility is to make sure the main chain is stable and secure so that it can be used as the foundation to add other important features to the Hcash ecosystem, like smart contracts and hidden transactions. Everyone is working very hard to hit the target release date of mid-February. We are planning on mid-February for the launch unless anything unexpected comes up.
Won’t zero knowledge proofs conflict with the system’s throughput?Main chain will be released mid-February. The interoperability features depend on the stability of the network. Our side DAG EVM will be the quickest addition to the Hcash ecosystem that will allow for ETH interoperability. Lightning Network on the main chain will require further research and development.
We are currently working on more uncommon implementations of zero proof knowledge, such as bulletproofs that allow for efficient transaction speeds. We can also achieve higher throughput with our side DAG.
Key and signature-size. As with elliptic-curve cryptography in general, the bit size of the public key believed to be needed for ECDSA is about twice the size of the security level, in bits. For example, at a security level of 80 bits (meaning an attacker requires a maximum of about operations to find the private key) the size of an ECDSA public key would be 160 bits, whereas the size of a DSA ... The Bitcoin protocol currently uses a particular signature algorithm called the Elliptic Curve Digital Signature Algorithm or ECDSA. But in the not too distant future a new signature algorithm called Schnorr signatures is expected to be a valid signature type on the Bitcoin network. Schnorr signatures aid with two sensitive problems in the Bitcoin network: scaling and privacy. Scaling. There ... However, ECDSA still has some drawbacks, which can serve as a sufficient basis for its complete replacement. After several years of research and experimentation, a new signature scheme has been established to increase the confidentiality and efficiency of Bitcoin transactions: the digital signature scheme of Schnorr. Binance blockchain interoperability through Overledger by Quant Network. A brief look into the basics of Binance Blockchain and how to implement it.. I got chance to explore Binance Blockchain and ... that any subgroup of size t + 1 can sign, whereas any group with t or fewer players cannot. While there exist previous threshold schemes for the ECDSA signature scheme, we present the rst protocol that supports multiparty signatures for any t n with e cient, dealerless key generation. Our protocol is faster than previous solutions and signi cantly reduces the communication complexity as well ... Elliptic Curve Digital Signature Algorithm (ECDSA) offers a variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography. It relies on point multiplication to provide the one-way trapdoor digital signatures. This form of cryptography represents an approach based on the algebraic structure of elliptic curves over finite fields. As such, elliptic curve cryptography ...
[index]          
Pieter Wuille, Bitcoin Core Developer and Blockstream Co-Founder, spoke about Key Tree Signatures. Bitcoin supports multisig transaction outputs, which require more than a single signature to unlock. Julian Hosp - Bitcoin, Aktien, Gold und Co. 57,099 views 18:04 DE: Elliptic Curve Digital Signature Algorithm ECDSA Teil 10 Kryptographie Crashkurs - Duration: 34:11. Elliptic Curve Digital Signature Algorithm ECDSA Part 10 Cryptography Crashcourse - Duration: 35:32. Dr. Julian Hosp - Blockchain, Krypto, Bitcoin 5,773 views This video is unavailable. Watch Queue Queue Skip navigation Sign in. Search Bitcoin currently uses the following cryptographic algorithms: ECDSA, SHA-256 and RIPEMD-160. A quantum computer can crack only the elliptical ECDSA curve algorithm, which can be replaced with a ... Whereas the best current schemes for threshold-two ECDSA signing use a Diffie-Hellman Key Exchange to calculate each signature's nonce, a direct adaptation of this technique to a larger threshold ...