Bitcoin's Academic Pedigree
This post contains a brief summary of the paper titled, Bitcoin’s academic pedigree
- Bitcoin converts the system for recording payments in to a currency
- How do you build a ledger that can be used on Internet?
- It should be immutable
- It should have a way to obtain a cryptographic digest of the ledger
- Bitcoin’s ledger is a global data structure collectively maintained by a mutually untrusting set of participants
- Bitcoin’s ledger data structure id borrowed, with minimal modifications, from a series of papers by Stuart Haber and Scott Stornetta, written between 1990 and 1997. Haber and Stornetta’s work addressed the problem of document timestamping
- Haber and Stornetta introduced other ideas to make the data structure more
effective
- Links between documents can be created using hashes
- Documents can be grouped into batches or blocks
- Within each block, documents can be linked together with a binary tree of hash pointers, called a Merkle tree
- Merkle tree: A change to any of the transactions will necessitate changes propagating all the way to the root of the block, and the roots of all the following blocks
- Bitcoin was the not the first application of real-world instantiation of Haber and Stornetta’s data structures. At least two companies - Surety starting in the mid-90’s and Guardtime starting in 2007 - offer document timestamping services
- Sybil attack was formalized in 2002 by John Douceur, who turned to a cryptographic construction called proof of work to mitigate it
- First proposal of POW was created in 1992 by Cynthia Dwork and Moni Naor.
Their goal was to deter spam. In their design, email recipients would process
only those emails that were accompanied by proof that the sender had
performed a moderate amount of computational work. A spammer who wants to send
millions of emails would require several weeks of proof of work before he can
send the emails
- specific to the email as well as the recipient
- pose minimal computational burden on the recipient
- trapdoor function
- Hashcash invented by Adam Back in 1997
- Used only hash functions instead of digital signatures
- viewed proof of work as cash
- The term proof of work was coined only in 1999 in a paper by Markus Jakobsson and Ari Juels
- Proof of work did not succeed in its original application as an anti-spam measure
- More coherent approaches to treating puzzle solutions as cash are found in two essays that preceded bitcoin, describing ideas called b-money and bit gold
- Putting it all together
- puzzle solutions don’t constitute cash by themselves. Instead, they are merely used to secure the ledger
- Solving proof of work is performed by specialized entities called miners
- Miners are constantly in a race with each other to find the next puzzle solution
- A miner who solves a puzzle gets to contribute the next batch, or block of transactions to the ledger, which is based on linked timestamping
- Bitcoin avoids the double-spending problem because it avoids puzzle solutions themselves having value. The amount of work required to produce a block is a floating parameter and the number of bitcoins issued per block is not fixed either
- Nakamoto’s genius was not in discovering any of the specific components of bitcoin. It was in putting together the components in an intricate way so that the entire system was feasible
- public keys are the only kinds of identities in the bitcoin system
- The idea of using anonymity in networks dates back to David Chaum in 1981
- A smart contract takes the idea of putting data in a secure ledger and extends it to computation. In other words, it is a consensus protocol for the correct execution of a publicly specified program. Users can invoke functions in these smart-contract programs, subject to any restrictions specified by the program, and the function code is executed in tandem by the miners
- Smart contracts are especially powerful when combined with a cryptocurrency platform, because the programs in question can handle money - own it, transfer it, destroy it and in some cases, even print it
- The idea of smart contracts was proposed by Nick Szabo in 1994 and so named
because he saw them as analogs of legal contracts, but with automated
enforcement
- Szabo presented smart contracts as extensions of digital-cash protocols and recognized that Byzantine agreement and digital signatures could be used as building blocks
- Much needed dose of skepticism
- Banks use ledger data structure and Byzantine agreement. This belies the claim that Blockchains are a new and revolutionary technology
- Blockchains are frequently presented as more secure than traditional registries - a misleading claim
Bitcoin stands on the shoulders of the giants. The following summarizes the various contributions that were precursors to bitcoin: