Programming

Lecture 18: Advanced Topics Three topics are chosen by students (another three for the next lecture) Topic 1: Quantum Computing An electron has two states top and bottom spins, represented as |1> and |0>. An electron is in a superposition of those two states with wave functions Ψ0 and Ψ1, so, the combined wave function is Ψ = Ψ0. |0> + Ψ1. |1> with |Ψ0|2 + Ψ12 = 1. |Ψ0|2 is the proability of seeing state |0> and Ψ12 is the probability of seeing state |1> respectively. Thus, Ψ = [Ψ0, Ψ1] is the overall state matrix. The state evolves using a 2X2 Hamiltonian matrix H, such that, second-degree norm won’t change, || H.V || = || V ||. This ensures |Ψ0|2 + Ψ12 = 1 always holds. ...

Lecture 16: Bitcoin payment channel Visa ~ 10, 000 transactions per second Bitcoin ~ 3 transactions per second => 60 GB of blockchain data per year Waiting for 6 blocks ~ 60 mins is a huge wait for Bitcoin. Therefore, tipping or having an ongoing channel of payments on the blockchain is hard. Payment channels help with that. Funding channel - unidirectional payment channels Alice is planning to pay Bob. ...

Lecture 15: Bitcoin guest talk (Greg Maxwell & Pieter Wuille - Blockstream) on sidechains Forking does not advance Bitcoin since forks suffer from economic acceptance. UTXO model UTXO model is less intuitive, more private, and smaller persistent storage footprint. UTXO implicitly prevents a replay attack. Ethereum carries nonce around even for empty accounts to prevent replay attacks. Validation not computation Bitcoin addresses are a 160-bit hash of the public key since the public key is unusually long (512-bit). Bitcoin payments can be made to scripts. These scripts are not for computation but spendability conditions. Rather than scripts, a hash of the script is added to the blockchain as a privacy improvement. 10% of Bitcoins are stored using P2SH scripts. MAST is meant to make transactions even smaller. One does not need a Turing-complete language since one only needs to verify and not compute on the blockchain. ...

Lecture 13 - Ethereum Code: ROM (Read-only memory) calldata: arguments There are two types of instructions: Arithmetic including SHA3 and sys operations like create [contract], call [contract], and delegate call, etc. CALL - called code is executed in the context of called contract CALLLOAD - called code is executed in the context of the current contract, msg.sender is calling contract DELEGATECALL - similar to callload except for msg.sender remains unchanged ...

Lecture 14: Ethereum Governance When contracts call other contracts, there are four major parameters, g - gas, v - value, in - in size of inputs, out - out size of outputs. The gas must come from the initial transaction, the ongoing calls to different cannot refuel the gas. By default, all the gas is passed during the contract call and the value passed is 0. A contract can receive money via contract.send(<money_in_wei>) only if it defines a fallback function ...

Recap: alt-coins Bitcoin is a replicated state machine, the system moves within S States with I inputs producing O outputs. For Bitcoin, S is the set of UTXOs. For Namecoin, the state consists (name, value). Ethereum’s goal was to implement this functionality in a general way by building a “consensus computer” expressed in a Turing-complete language. Ethereum State: Great arbitrary storage space, arbitrary code (isolated memory space), and account balance. Inputs: (address, input data) Transition: update storage and change account balance ...

Lecture 11: Altcoins Three ways to improve Bitcoin Code update - This can update or change the P2P network Soft fork - To introduce a stricter verification for example P2SH Hard fork - transaction improvements and consensus change Altcoin = Any cryptocurrency except Bitcoin Launching an altcoin Sales pitch - new features Value/exchange rate Code Miners - the value of the currency will bring them or go for merge mining (explained below) Genesis block - For bootstrapping the right blockchain, it can be rooted in Bitcoin as well Examples, ...

Lecture 10: Anonymity on Blockchain (Coinjoin continued from the previous lecture) Each participant writes an input transaction (input address, change address) on say Pastebin. Over Tor, each participant writes an output address. These two entries and not linkable to each other. Now, each participant signs a CoinJoin transaction only if they like their own input and output entries. Someone sends the final transaction to the miner. DoS attacks on CoinJoin: ...

Lecture 9: Wallet & Anonymity Wallet A user has a lot of bitcoin address, each of which is H(p_k) or H(script). A wallet manages p_k/s_k, post/verify transactions, and show balances. A wallet can be Cloud wallets like Coinbase or desktop based like Electrum or hardware-based like Trezor. SPV or Simplified Payment Verification clients are not full mining nodes but can verify incoming payments. An SPV downloads all the block headers and then specifically requests a list of addresses which are in your wallet to fetch the transactions associated with those addresses from a server. The server returns the relevant transactions associated with those addresses and the corresponding Merkle proof of that. ...

Lecture 8 - Alternative consensus Puzzle solutions are probabilistic proof of work. A typical puzzle utilization function can be modeled as P(challenge, randomness - nonce, difficulty, …) -> true/false P(c, r, d) for Bitcoin is SHA256^2(c, r, d) <= 2^256-d There are many objections to this. It wastes resources on a meaningless computation, it is highly parallelizable and has returns of scale, randomness, long wait time between blocks, and leads to the creation of the mining pools. It is possible to redesign the system to make mining pools impossible but that would lead to only big players doing the mining. The centralized signing also eliminates all these issues and “private blockchain” is just a misnomer for a centralized blockchain. ...