CS6262 Lecture 14 - Basics of Blockchain and Bitcoin

What is a major weakness of the hash function "length of name mod 5"?

It can easily cause collisions when different names have the same length

Do cryptographic hash functions require a key?

No, cryptographic hash functions do not have a key

What is a primary use of cryptographic hash functions?

Ensuring message integrity

What is a key property of cryptographic hash functions regarding computation?

They are easy to compute for messages of any size

What output characteristic do cryptographic hash functions have?

They produce a fixed-length output regardless of the input size

What does it mean for a hash function to be one-way?

It is computationally infeasible to determine the original message from its hash

What is weak collision resistance in hash functions?

Given a message m1, it is infeasible to find a different message m2 with the same hash value

What is strong collision resistance in hash functions?

It is infeasible to find any two distinct messages that produce the same hash value

What is a hash pointer?

A pointer that stores both the address of data and the hash of the data

What is the advantage of using a hash pointer over a regular data pointer?

It allows verification that the data has not been tampered with

How is a blockchain constructed using hash pointers?

Each block contains data and a hash pointer to the previous block, forming a linked list of hash pointers

What happens when a block in a blockchain is tampered with?

The hash pointer in the next block will not match, making the tampering detectable

What is a primary use case for blockchain as discussed?

To create a tamper-evident log that allows appending data while detecting changes

What guarantees that a digital signature cannot be forged?

Public key cryptography ensures that without the private key, a signature cannot be forged

How can a public key be used as an identity?

If a signature can be verified with a public key, it proves the owner of the private key authored the message

How is a new public key-based identity created?

By generating a public-private key pair and using the public key or its hash as an ID

What are public key-based identities called in Bitcoin?

They are called addresses

What does the security of cryptocurrency ledgers depend on?

The honesty of miners

How are most cryptocurrencies designed to control production?

They are designed to reduce production, mimicking the market behavior of precious metals

What are public key-based identities called in GoofyCoin?

Coin ownership is proven through signatures that transfer ownership between public keys

What is a double spending attack?

When a coin owner creates multiple signed statements to transfer the same coin to different recipients

Why is GoofyCoin not considered a secure cryptocurrency?

It does not prevent double spending attacks

What is a hot wallet?

A digital wallet connected to the internet

What is a cold wallet?

A digital wallet that is offline

What are hardware wallets?

Wallets that use dedicated hardware and cryptography for security

How does Scrooge Coin prevent double spending?

By using a designated entity called Scrooge who publishes an append-only ledger of all transactions

What data structure does Scrooge use to implement the append-only ledger?

A blockchain containing blocks with transaction data and a hash pointer to the previous block

What is the main problem with Scrooge Coin despite preventing double spending?

Scrooge has too much control, leading to centralization

What is the key technical challenge in creating a successful cryptocurrency?

Designing a cryptocurrency without a central authority

What problems must be solved to create a decentralized cryptocurrency?

Consensus on a ledger, transaction validation, decentralized identity assignment, and decentralized production of coins

Which cryptocurrency suffered the largest crowdfunding exploit due to a smart contract vulnerability?

DAO

What is a fundamental challenge in Bitcoin due to the absence of a centralized authority?

Achieving distributed consensus among all nodes

What are the two basic requirements for a distributed consensus protocol?

All correct nodes must decide the same value, and the value must be proposed by a correct node

Why is achieving consensus difficult in Bitcoin's peer-to-peer system?

Nodes may crash, some may be malicious, and network delays occur

How does Bitcoin achieve consensus?

By using incentives and randomness, allowing agreement to emerge over time

What is implicit consensus in Bitcoin?

Nodes accept or reject blocks by choosing which blockchain branch to extend

Why can't Alice steal bitcoins that belong to another user?

She cannot create a valid digital signature without the private key

How can a merchant protect against double-spending in Bitcoin?

By waiting for multiple confirmations before finalizing a transaction

What enforces protection against invalid transactions?

Cryptography and consensus

What enforces protection against double spending?

Consensus

Is there a 100% guarantee that a Bitcoin transaction will remain valid?

No, confirmation is probabilistic

What is true about Bitcoin's proof of work?

It is costly and time consuming to produce

How must miners complete work to earn a Bitcoin?

They must complete all necessary work in a block

Why is changing a block in Bitcoin difficult?

It requires regenerating all successor blocks and repeating their proof-of-work

How can a Bitcoin node earn a reward for creating a block?

By including a special block reward transaction in a block that becomes part of the long-term chain

How can transaction fees incentivize miners?

They collect the difference between input and output values as a fee

What is a Sybil attack?

An attacker creates many fake identities to influence voting and reputation systems

How can Sybil attacks be mitigated?

By requiring identity costs or resource-based selection

What method does Bitcoin use to select a block creator?

Proof-of-work

How does proof-of-work determine which node creates a block?

A node finds a nonce that makes the hash smaller than a target value

Why is it difficult to find a valid nonce?

The target hash value is extremely small, requiring significant computation

Who typically performs proof-of-work?

Miners with large amounts of computing power

How can proof-of-work cost be adjusted?

By recalculating difficulty periodically to maintain a target block rate

What is the target block interval in Bitcoin?

One block every 10 minutes

What is a 51 percent attacker?

Someone controlling 51% of total computing power

Can a 51 percent attacker steal bitcoins?

No, digital signatures prevent unauthorized spending

What can a 51 percent attacker do?

Suppress or reverse transactions and damage system reliability

How can a 51 percent attacker destroy confidence in Bitcoin?

By refusing to extend valid blocks and causing instability