68 SECURITY BITCOIN
The blockchain cycle
Transactions
Blockchain
If first to complete, append block to chain
IN BLOCKS
2014 WAS NOT good for bitcoin as a digital
currency. After surging in value from $100
to more than $1,000 per bitcoin by the end of
2013, the price slipped and slid all the way
through last year to sink just below $200 by
mid-January. The virtual currency was hit
by a number of issues including the collapse
of the Mt Gox exchange, which saw more
than half a million bitcoins go ‘missing’.
Yet 2015 could be good for the
underlying technology. Despite these
failures of confidence, underpinning
bitcoin is a concept that could
change the nature of ensuring trust
online, using its infrastructure to
authenticate any transactions without
the need for a central authority.
Even the concept’s creator went missing
without a trace. Under the name Satoshi
Nakamoto, the inventor of the blockchain
published a paper in late 2008, titled ‘Bitcoin:
A Peer-to-Peer Electronic Cash System’, in
which he proposed the system of electronic
cash. Such a system needs to let the P2P
network’s members be autonomous, and yet
Engineering & Technology March 2015 www.EandTmagazine.com
C2201_R19862_Feature_60.BK.indd 68
The bitcoin blockchain demands
hashes of a specific form, which
demands miners work hard to
contribute
Memory pool
Miner collects
transactions
Confidence in bitcoin’s
value is sliding after a less-
than ideal 2014, but money
may not be its legacy. Now
the aim is to secure users’
funds and reduce the risk
of ‘double spending’ with
the introduction of the
blockchain.
By Danny Bradbury
Iterate hash
calculations
until one found
with the form
000....x....
Block header
Hash 000....X....
Other metadata
Transaction list
keep track of all the money in the system.
Without some form of universally-
accepted ledger, it would be easy for people to
‘double spend’ by sending money to someone
and then sending it again to someone else.
Nakamoto’s answer was the blockchain: a
growing chain of numbers that encapsulates
the history of every bitcoin ever created. But
it could also be the transactional history of
just about anything that can be traded in a
virtual space. Even if the value of the bitcoin
evaporates as quickly as it spiralled upwards
in the style of the financial manias that
preceded it, the blockchain could live on.
Writing in January for the Brookings
Institute, venture capitalists Mohit Kaushal
and Sheel Tyle put forward a number of
businesses and services that could benefit
from the blockchain’s mechanism for
ensuring trust. Several projects are already
moving beyond bitcoin’s usage model as a
blockchain for storing value.
Examples of this include Stone, which
enables people to publish their own messages
in the blockchain, and Proof of Existence,
11/02/2015 15:11
 69

Market Blockchain
price size,
(US$) (MB) Source: blockchain.info

1,300

1,200

1,100

1,000 100,000

900 10,000

800 1,000

700 100

600 10

500 1.0000

400 0.1000

300 0.0100

200 0.0010

100 0.0001

0 0

Jan 09 Jul 09 Jan 10 Jul 10 Jan 11 Jul 11 Jan 12 Jul 12 Jan 13 Jul 13 Jan 14 Jul 14 Jan 15

WE TRUST
which hashes documents uploaded by users,
creating a timestamping service that proves
they existed on a certain date. Counterparty,
a service for creating custom tokens built on
the bitcoin blockchain, says they can be used
for everything from crowdfunding to voting.
These applications all embed their
own information into transactions on
the bitcoin blockchain, often using a part
of the transaction record built to store
extraneous information. But the more
things people try to store, the bigger
the blockchain grows. Its nature means
that old data cannot simply be archived
away. Each part of the chain is based on
its predecessors – it’s one of the features
that makes it possible for many different
people to contribute to the blockchain.
The piggy-backing on the blockchain has
caused consternation among people already
concerned about its ever-increasing size.
Bitcoin’s blockchain more than doubled to
reach 26GB in 2014 – its fifth year of
existence. During its first two years, the
blockchain barely needed 1MB of space.
“The blockchain is not good at storing
and indexing arbitrary data,” warns Gavin
Andresen, chief scientist at The Bitcoin
Foundation and formerly lead developer for
bitcoin who worked online with Nakamoto
during the cryptocurrency’s early days.
Blocks on blocks
We can think of the blockchain as a
digital skyscraper, with each floor built
on top of the one beneath. Each floor is a
‘block’ of data, containing information
about the transactions that happened on
the network while that block was being
created. In bitcoin, a new block is created
roughly every 10 minutes. This creates
an ever-lengthening tower of blocks.
Detailing every single transaction ever
created in the network, the blockchain is
open and transparent. Anyone can download
and explore it using software tools to find out
which addresses transacted with each other,
when, and for how much.
If there is no central authority, who is in
charge of adding blocks to the network? This
depends on the blockchain’s most innovative
principle: its consensus algorithm.
Someone cannot simply decide to add a
new block and expect it to be accepted. The
block has to take a specific form that is
computationally difficult to create. The block
needs to be accompanied by a ‘hash’, a code
generated arithmetically from the data
inside the block. Hashes are widely used to
encode data such as passwords because it is
very difficult to calculate the source data
from its hash. By hashing a password entered
by a user against the stored hash, software
can authenticate or reject the user with a
much lower risk of exposure in the event of
the list of password hashes being stolen.
Hashes have another property – it is
extremely difficult to predict any digit in a
hash’s result from the source data except to
compute the entire hash itself. Changing a
single byte of the input information will
completely alter the hash.
Hashes are consistent, however.
Rehashing the transactions in a block should
produce the same hashing digest that is >

www.EandTmagazine.com March 2015 Engineering & Technology

C2201_R19862_Feature_61.BK.indd 69 12/02/2015 14:43

 70 SECURITY BITCOIN
The board from a
dedicated bitcoin
mining machine

MONOPOLY AVOIDANCE
POWER BASE
The blockchain sounds like an
attack-proof mechanism, but there
are potential issues. One of them is
consolidation of power.What happens
if a single actor gains control of most of
the network?
Controlling more than half of the
hashing power in the blockchain would
enable a malicious party to persuade its
nodes to accept a fraudulent version of
the blockchain instead of the real one,
effectively outvoting legitimate miners,
and resulting in what’s known as a fork
in the blockchain. This exploit, known
as a 51 per cent attack, has so far been
theoretical. But it is far from impractical.
Mining pools are a popular way for
individual miners to generate bitcoins in
the network. They join their mining power
together to hash blocks, jointly increasing
the chance of a payout, and then share the
proceeds. This puts all of their computing
power in the control of a central player.
In June 2014, CEX.IO, which runs the
Ghash.io mining pool, vowed not to run a
51 per cent attack against the network
after it approached 50 per cent power. The
pool imposed a 40 per cent cap on its own
network share to allay concerns.
Mike Hearn, a former Google engineer
and a strong contributor to bitcoin’s core
code base, has implemented a Java
version of the algorithm called BitcoinJ. He
has various solutions to the 51 per cent
problem, including using decentralised
mining pools that don’t require trust in a
single mining pool operator. However, he
has pointed out that these are fraught with
problems such as technical complexity.
Others suggest that the 51 per cent
attack, while technically doable, is a form
of mutually-assured destruction.
“Most large-miners (which happen also
to be ASIC chip manufacturers) have a
high-stake in bitcoin because of their < already stored in that block. If it doesn’t, after it to account for its altered hash digest.
investment in design and hardware,” says the transactions have been altered. As blocks age in the blockchain this becomes
Sergio Demian Lerner, the co-founder of Still, why couldn’t someone preserve the harder to do, making them increasingly
several alternative cryptocurrencies to deception by simply replacing the hash in a secure.
bitcoin, and a security auditor at bitcoin block that they wanted to alter with their Hashes such as those used to store
security consulting firm Coinspect. own, fraudulent hash? This is prevented by a passwords can be calculated very quickly.
“It is reasonable to think they will not feature in the blockchain that links the But the consensus algorithm makes
erode the public confidence in bitcoin by blocks together. miners work artificially hard for a hash
reaching a high percentage of the network that will be accepted by the network.
mining rate,” he adds. The hashing process The hash generated for each block has to
By co-opting the network, an attacker To verify any block’s transactions, have a specific format. Bitcoin demands
would destroy bitcoin’s monetary value, it isn’t enough to simply rehash its it starts with a group of zeros. Because
which would be counterintuitive for transactions and compare that hash to it is impossible to predict what digit will
someone who was earning significant the one stored in the block. The digest be at any position within a hash from the
mining rewards, paid in bitcoin. However, stored in the preceding block must be source data, the computer creating the hash
the incentive to tamper might arise if a included in the hashing process. must run the computation repeatedly to
blockchain were used for purposes other Because all blocks are linked together find the digest with the required number
than storing money, such as sending sequentially in this way, one block’s hash of zeros at the beginning by adjusting a
messages or storing other information. affects the hashes of all following blocks. value within the block’s digest known as
“It will take some time and some failed If any block’s hash were to be altered by the ‘nonce’, named after the concept of
experiments to find a solution that changing its transactions, it would alter the nonce word – a word used so rarely
combines the secure, decentralised the hash of the next block, which would, that it never enters the language proper.
ledger that is a blockchain with some in turn, alter the hash of the next block, To encourage people to devote compute
reliable, massively scalable, searchable and so on all the way through the chain. resources to running bitcoin’s network, they
data storage solution,” Lerner says. To fraudulently alter a block, an attacker are rewarded for coming up with appropriate
would need to rehash every block that came hashes with more bitcoins. The first

Engineering & Technology March 2015 www.EandTmagazine.com

C2201_R19862_Feature_60.BK.indd 70 11/02/2015 15:11


producer of each successful hash receives a
bonus transaction, known as a coinbase,
which pays a predefined number of bitcoins
to their address. They also collect any
transaction fees that people on the network
have paid to ensure that their transactions
are hashed in the block.
To ensure bitcoin ‘miners’ do not come
up with hashes too quickly by deploying
more powerful computers, the network’s
‘proof of work’ algorithm alters the
difficulty of the task to suit the amount
of available compute performance. In
bitcoin’s case, this involves changing the
number of leading zeros in the hash. More
consecutive zeros means more work.
The structure of the bitcoin network has
made hashes so hard to calculate, the
network now almost completely runs on
special-purpose computers built solely to
generate hashes.
Dealing with bloat
There are some complementary technologies
in the works to make these enhanced uses
of the blockchain more efficient and,
C2201_R19862_Feature_60.BK.indd 71
GAS GUZZLERS
DIFFERENT ALGORITHMS
Although it is effective, the bitcoin
proof-of-work mechanism has become
problematic. The mining difficulty set by
the network adjusts according to the total
computation power available. As more
people pile into the network, and begin
buying more powerful, dedicated ASIC
equipment to mine with, the difficulty
skyrockets.
Consequently, bitcoin’s proof of work
algorithm chews through computing
power. As of November 2014, the
computing power of the entire network
stood at 3,546,954 PetaFLOPs, whereas the
world’s top 500 supercomputers only used
309 PetaFLOPS. This translates to a lot of
energy usage. Back in April 2014, a single
‘The blockchain is not good
at storing and indexing
arbitrary data,’ Gavin
Andresen, chief scientist at
The Bitcoin Foundation
in some cases, some competing ones.
“Notary chains are a simple and effective
solution for proof of publication and
metadata storage,” says Ron Gross,
co-founder of Mastercoin, a protocol for
building and trading custom smart tokens on
top of the bitcoin blockchain.
Notary chain systems, such as the one
operated by Factom, enable users to record
immutable entries in a chain of their own.
These entries represent anything created by
a transaction, from a tweet to a video file or
the deeds to a house, and they are stored with
extensive metadata.
The notary chain then uses a decentralised
network of servers and nodes to successively
hash these entries into a single digest that is
then embedded into the bitcoin blockchain. A
single digest could represent thousands of
notary chain entries, which can themselves
be traced back to their original sources
through the notary chain.
An alternative is sidechains, which are
alternative blockchains designed for specific
applications. A recent white paper, with
contributors including core bitcoin
developers, proposed a system in which
bitcoin’s blockchain would be a ‘parent’
chain, from which bitcoins could be
transferred to an alternative blockchain.
There could be many of these sidechains,
each representing specific types of asset, the
paper suggested.
Some platforms have moved away from
using the bitcoin blockchain altogether.
Ethereum, led by Vitalik Buterin, uses its
own blockchain to create ‘smart contracts’.
These are contractual agreements,
written in executable code, that carry out
instructions based on predefined conditions,
such as an equity ownership contract that
changes dynamically with the proportion
71
bitcoin took the equivalent of 16 gallons of
petrol to calculate.
“I think we’ll see the idea go off in
various directions, probably by replacing
proof of work with something different, not
for bitcoin but in alternative coins,” says
Mike Hearn, one of the contributor’s to the
bitcoin code base.
What other consensus algorithms are
available? One of the most experimented
with is proof of stake, in which coins are
awarded based on the number of coins
already held.
“Ideally, [we should] eventually
deprecate the old proof of work-based
bitcoin, as it’s an environmental tragedy,”
advises Vitalik Buterin, head of Ethereum.
of hours contributed to a project.
Projects such as Ethereum, Mastercoin,
and others are still embryonic. As they move
forward, advocates believe that they will
succeed in usurping bitcoin, the incumbent
blockchain implementation.
“Bitcoin the protocol is guaranteed to be
eclipsed. It’s already outdated technology,”
warns Buterin.
History is littered with examples of
incumbent technology implementations that
have been displaced by rivals, shattering the
market into many alternative
implementations and leaving the original
trailblazers forgotten.
The Bitcoin Foundation’s Andresen is
predictably sanguine. “Bitcoin isn’t perfect,
but I think it is good enough to win, and it is
designed so it can evolve over time,” he says.
Interoperable blockchains
As people grapple with the problems
of a growing blockchain, a gaggle
of alternative implementations in a
relatively new space seems inevitable.
The important thing will be for these new
systems to interoperate, says Charles
Hoskinson. A cryptography expert and the
creator of a Udemy course on bitcoin’s inner
workings, Hoskinson is also the co-founder
and former CEO of Ethereum.
“There has to be standardisation, not
domination or assimilation,” he says,
“standardisation in terms of how
blockchains will communicate with each
other.”
The broader benefits could be immense,
Hoskinson adds, and in fields that many have
barely yet thought of, such as accounting.
“With blockchains, you have transaction
histories back to the beginning,” he says. “If
you can internalise it and merge with GAAP,
then every single penny could be accounted
for by this incorruptible identity.”
These applications, and others such as
identity management, are only beginning to
emerge as concepts in the nascent world of
the blockchain. As a fundamental step
forward in computing, it has too much
potential to fail – no matter what happens to
bitcoin as a payment network and currency. *
www.EandTmagazine.com March 2015 Engineering & Technology
11/02/2015 15:11