# The Blockchain

## Introduction:

“Up next. The conversation every parent dreads. How to talk to your kids about blockchain” -Silicon Valley

Again I am starting this post by apologizing for how long it took. I really don’t want to separate posts by more than a week. But procrastination. What happened was that I procrastinated the whole week after my last post because I didn’t know what to write about and resolved to do it all on Wednesday. But on Wednesday, I watched the first episode of the second season of “13 Reasons Why” which lead to me binge watching the first half of the second season of “13 Reasons Why” which lead me to binge watching the second half of the second season of “13 Reasons Why” the next day. It wasn’t as good as the first season but the first season is amazing and I would still recommend the second season. The first couple episodes feel kind of forced but it gets a lot better after that.

Anyway, I got some of the post done on Friday but didn’t spend enough time on it to finish. Then I was busy on Saturday and Sunday. On Monday, I planned on finishing but instead I rewatched the whole first season of “13 Reasons Why”. On Tuesday, I finished most of it but was like “Is there really any difference between me publishing this today or tomorrow?” and my answer was no, so thats why this took so long.

The aim of this post is to explain cryptocurrency and blockchain in medium depth but at a non-technical level. All you really need to know to understand this is the rough definition of a function and a function inverse (If you don’t know what an inverse function is and you read the intro to the wiki page you probably understand it well enough for this post).

I only just learned about blockchain so I hope I actually understand it and don’t embarrass myself by writing complete nonsense. I think I understand it though. Anyway, my motivation to try to explain this is that there are not many resources at a non-technical level. There was almost nothing I could find that actually explained what is going on without delving into super advanced computer science details. I’m not sure why this is. The actual idea behind blockchain is not super complicated but most sources I could find were either three sentences long or are full of words I am convinced are made up. If this post contains inaccuracies, I blame that.

## Cryptography:

Cryptography is actually probably the hardest part of this post to understand. If you don’t get all of it that’s okay, you should still be able to understand the rest of this post.

As you probably know cryptography is a way of encoding and decoding messages. For example, you might want someone to send you a letter but you are worried that the letter may be intercepted and you don’t want whoever intercepts the letter to be able to understand it. This is very relevant in today’s world where you need to send entities things like your social security number, bank account numbers, and credit card numbers.

We’ll use the example that is used whenever cryptography is taught. Suppose that Alice wants to send a message to Bob but she is worried that Carl will intercept the message. We need a system where Carl will not be able to understand the message but Alice will. So Alice must possess some information that Carl does not. An easy solution would be for Alice and Bob to agree on some secret language beforehand but we want a system that will work if Alice and Bob have never met or are not able to privately come up with a code together.

So to summarize, we want a code such that Alice has more information than Carl but Carl and Bob have the same information. We need a system where anyone can send a message in code but only Alice can decode the message. So Alice must be able to announce to world publicly how to encode a message without them figuring out how to decode a message.

Once again mathematics comes to the rescue. What Alice must do is come up with a function $f$ along with its inverse $f^{-1}$ and announce the function $f$ publicly. Then if anyone wants to send Alice a message they simply apply $f$ to the message. When Alice receives the message, she applies $f^{-1}$ which will recover the original message so that Alice can read it.

The only catch is that it must be hard to figure out what $f^{-1}$ is from $f$ or else Carl could intercept the message, figure out $f^{-1}$ and decode the message. At first this does not seem hard, there are lots of functions that we don’t know the inverse of. But remember that Alice must be able to figure out $f^{-1}$. Maybe Alice is a math genius and she has found the inverse to some special mathematical function that has confounded the experts for millenia. But let’s suppose that Alice is not special, and is only medium at math. How can Alice construct a function $f$ and find its inverse without others being able to also find $f^{-1}$?

Alice does have one advantage and that is that she came up with the function $f$. Perhaps first Alice could first come up with an $f^{-1}$ where it is easy to find $f$ from $f^{-1}$ but it is difficult to find $f^{-1}$ from $f$. This is a reasonable thing to try but it is still a lot of work for Alice and such functions don’t really exist. No, we must find an easier way.

Okay, what if instead of just starting with a function $f$, Alice starts with blocks (functions) and smashes them together to obtain the function $f$. And what if it was easy to find $f^{-1}$ from the blocks but was is difficult to recover the blocks from just knowing $f$. Then Alice would know both $f$ and $f^{-1}$, she could announce $f$ publicly and no one else would be able to find $f^{-1}$. Anyone could send Alice a message but only Alice would be able to understand it. Sounds pretty dumb right? Wrong. This is the way cryptography is done and it’s fucking genius.

Usually, the function $f$ is refered to as Alice’s “public key” because she releases publicly. The function $f^{-1}$ is refered to as Alice’s “private key” because she keeps it to herself. This is important to remember because in future sections I will refer to public and private keys.

This system comes with a nice little corollary that is actually what is important for cryptocurrency and the blockchain. Suppose that Alice learns that Bob’s Mom has cancer and has one day left to live. She wants to alert Bob so that he can have one last chance to see his mom and say goodbye.

There’s only one problem and that is that Carl is a known prankster. And one of his classic pranks is sending people letters addressed from their friends telling them that the recipient’s Mom is dying of cancer and they only have one day left to live. Bob knows about this and if he received the letter from Alice, he would assume it was a prank from Carl and would miss the chance to say goodbye to his mom. Alice needs a way to prove the letter is from her.

How can she supply this proof with just a letter? Well, Bob knows that Alice is the only person in the world that knows $f^{-1}$. So Alice could write the letter and encode it with $f^{-1}$ and tell Bob to apply $f$ to the letter. Then, Bob would receive the letter, apply $f$ to it, and he would be left with the original message written in English. He would know that the letter came from Alice, because the message would only be able to be decoded with $f$ if the person who wrote the message encrypted it with $f^{-1}$. And Bob knows that Alice is the only one who knows $f^{-1}$ so it must have been from Alice.

This example is pretty cool because even though Bob doesn’t know $f^{-1}$ and has the exact information everyone else does, Alice was able to prove to him that the letter was encrypted with $f^{-1}$ and that it was from her. This is referred to as a cryptographic signature and is key to cryptocurrency and the blockchain.

### Example: RSA (Warning Contains Math)

First I need to establish a little mathematical background before I explain how RSA works. This should be review if you read my post on groups (I know you didn’t you piece of garbage). The math is built from the ground up but if you are not familiar with group theory or number theory, you are likely best served skipping this example. It was probobly a mistake to even include RSA in this post but I just thought it was too cool to leave out.

Definition: We say that $a \equiv b \text{ (mod } n)$ if $a$ leaves a remainder of $b$ when divided by $n$.

Theorem: (Multiplicative Inverses) If $p$ is a prime number, then for each integer $0 < a < p$ there exists a unique integer $0 < a^{-1} < p$ such that $a \times a^{-1} \equiv 1 \text{ (mod}p$.

proof: Take an arbitrary $0 < a < p$. Consider the list created by taking each $0 < i and writing down the remainder when $ai$ is divided by $p$. The list contains $p-1$ entries and there are only $p-1$ different remainders modulo $p$. Therefore, if we show that no two numbers on the list are the same, this must mean that every possible number occurs exactly once and in particual a $1$ appears somewhere. To see this is the case suppose that for some $0 , we have $ai \equiv aj \text{ (mod }p)$. Then, $a(j -i) \equiv 0 \text{ (mod }p)$. But this means that $p$ divides $a(j-i)$ which means that $p$ divides $j-i$ but $0 < j-i .

Theorem: (Fermat’s Little Theorem)

$a^p \equiv a \text{ (mod }p)$

Proof: Induction + Binomial Theorem

Definition: (Euler’s Totient Function) We define $\phi (n)$ for a positive integer $n$ to be the number of positive integers less $n$ that are relatively prime to it.

Theorem:

$a^{\phi (n)} \equiv 1 \text{ (mod }n)$

Proof: First we claim that for every $b$ that is relatively prime to $n$, there is unique integer $0 < b^{-1} < n$ that is relatively prime to $n$ satisfying $b \times b^{-1} \equiv 1 \text{ (mod }n)$. This proof is exactly the same as the one above for multiplicative inverses. Let $m$ be the smallest positive integer satisfying $b^{m} \equiv 1 \text{ (mod }n)$ (verify such an $m$ exists). We claim that $m$ divides $\phi (n)$. To see that it does start with the set $A = \{a, a^2, \cdots, a^{m}\}$. Now for each $0 < i < n$ that is relatively prime to $n$ add the set $\{ai, a^2i, \cdots, a^mi\}$. We claim that each step in this process either adds $m$ or zero elements to $A$. Suppose that one is already a duplicate. That is $a^{j_1}i = a^{j_2}k$. Then we have $a^{j_1 +r}i = a^{j_2 + r}k$, for each $r$ and $a$ is cyclic so we can just take its exponent to be the remainder when divided by $m$ and the term won’t change. But these terms were already in $A$. So we see that each time in the process we either add $m$ or zero elements to $A$ and at the end $A$ contains $\phi(n)$ elements, so $m$ divides $\phi (n)$.

Theorem: (Chinese Remainder Theorem) Given distinct primes $p_1, p_2, \cdots, p_k$ and congruences, $a_i \equiv b_i \text{ (mod }p_i)$ for $0 < i \leq k$, there is a unique $0 \leq c < p_1p_2\cdots p_k$ satisfying each congruence. To put it into simpler terms, a remainder modulo a product of primes can be described by the remainder divided by each individual prime. Actually, a pretty obvious statement but useful nonetheless.

Now we have established the background to get to RSA. Suppose Alice wants to encrypt something. To start Alice takes two large primes of about equal size $p$ and $q$. She chooses them large enough so that for any $a$, it is possible to compute $a^{-1}$ mod $p$ or $q$ in a reasonable amount of time (say about ten minutes). Now, Alice multiline $p$ and $q$ together to get $pq$. She then chooses some $e$ that is relatively prime to both $p$ and $q$. She computes $e^{-1}$ mod $\phi(pq)$. Notice that $\phi(pq) = (p-1)(q-1)$. This means she can easily compute $e^{-1}$ by computing $e^{-1}$ mod $p-1$, $e^{-1}$ mod $q-1$ and then using the chinese remainder theorem. For example, if $\phi(pq)$ factors into $p_1^{d_1}p_2^{d_2}\cdots p_k^{d_l}$, and we let the subscript $latex i$ of a term denote that it is considered mod $i$, then $e^{-1}$ mod $\phi (pq)$ can be computed as

$\sum_{i=1}^k ({\prod_{j\neq i} p_j^{d_j} {p_j}^{-d_j}} e^{-1})_{p_i^{d_i}}$

Which will not take too long to compute (There are actually faster ways to do this but the point is that even this won’t take an unreasonable amount of time).

Alice publicly declares $pq$, $e$ and a way to represent a message as a number (so that each number will be relatively prime to $pq$. An important note is that she only shares the product of $p$ and $q$, she keeps the individual numbers $p$ and $q$ secret). They are big enough so that it is not feasible to find $p$ and $q$ from the product $pq$. She declares that if someone wants to send her a message, they write the message, convert it to numbers using the ways she declared, take each of these numbers to the $e$th power and take the remainder when divided by $pq$.

Now lets say Bob does this. So Alice is left with a bunch of numbers. Now to decode the message, Alice simply takes each number to the power $e^{-1}$ and if the original number was $a$, she is left with

$(a^{e})^{e^{-1}} \equiv a^{ee^{-1}} \equiv a^{1 + b\phi(pq)} \equiv a \text{ (mod }pq)$

So she has recovered $a$ and then she can simply convert $a$ back into letters and decode the message.

Now, say Carl intercepts the message. His only hope to decode the message is to figure out what $e^{-1}$ is. But he doesn’t know what $p$ and $q$ are. The easiest way for him to compute the inverse is to just multiply numbers by $e$ and see if the result is $1$ mod $pq$. But since, it took Alice ten minutes to find the inverse for $p$, and mod $pq$ has $q$ times as many numbers to check as mod $p$, it will take Carl $q$ times 10 minutes to find. And $q$ is like a hundred digits long, so Cal has his work cut out for him. Now, of course there are more sophisticated attacks against RSA but it is still very secure and used all over the place today.

## Bitcoin

Okay I’m going to explain to you how bitcoin works which will motivate the idea for the blockchain nicely and then I will be able to tell you how we can apply the blockchain to other areas.

First I would like to warn you that during the process of reading this you will have a lot of questions. You’ll be like “Why this?” and “Why not that?” Just stick with it and by the end, I hope all these questions are answered.

To understand Bitcoin you need to understand the goal of Bitcoin. That goal it to create a completely decentralized currency. What does this mean? Well the traditional system is to have banks keep track of money but 2008 taught us that banks are fucking stupid. We want a system where no one entity is in charge keeping track of shit. We want all records public so people can know that no funny business is going on.

So when we say decentralized, what we mean is just a bunch of people communicating on any old public networks, sharing information, and playing by the rules because it is in everyone’s own self-interest. With this motivation, it is easy to see why cryptographic signatures are hella important. We need people to be able to prove that it is them when they declare publicly that they are making a transaction. Also, this highlights that money really doesn’t mean anything. Everyone just agrees that a person has x dollars and can spend it.

Lets try to think what a such a system would like. Okay, a naive idea is to try and look for a system that doesn’t need any party keeping track of records. Lets see where this idea takes us.

Okay, so everyone has an account and we need everyone to be able to publicly see that account’s transactions. We have already identified that cryptographic signatures are going to be needed so we can just define an account by its public key. Then, if someone wants to sign money to them, that person publicly announces their intent to give money to that public key and signs it with their private key.

An obvious question to ask is what happens if that person doesn’t have enough money in their account? The transaction should not go through. A simple solution is to simply agree to only count transactions where the person has the requisite amount of money. And the receiver of the transaction could check this. They would simply look through all the public records of transactions involving that account since the beginning of time to determine if the account had enough money. But the problem is that they would have to determine if all past transactions were valid or not. And to determine those they would have to look at other transactions and determine if they were valid. This quickly devolves into checking basically all transactions in history. This is too much checking if Bitcoin is going to be a thing. Even more troubling, there would be no records of when transactions happened, so even if Bob checked other transactions, he wouldn’t know when they were which is needed to determine if they were valid. No, we need someone to separate out all valid and invalid transactions and to organize the valid ones together. This makes to task of seeing if someone has enough money much easier. But we are left with still needing someone to track shit.

Maybe you still think there is a way of avoiding a trusted party to track shit. What if we have a more stringent definition of money? We have identified the need for tracking transactions so what if instead of defining money as just a number tied to someone’s account, we track each unit of money individually. This will have the corollary of making it virtually impossible to change the number of money you have without actually getting it from somewhere. We start with the smallest unit of money which the creators of bitcoin declare and they sell it openly. Whenever someone makes a transaction that person tags that piece of money with their cryptographic signature along with who they intend to transfer the money to and make it public. So in other words, money is just a chain of signatures and the owner of the piece of money is the last tag. All pieces of money started with the creators of bitcoin signing it as the original money, so people would know it was legitimate. Then to spend money, someone would simply point to money in the public records that show them owning it and sign it all over to the other account.

The only problem with this is double spending. For example, suppose that Bob signs his money to Alice and then tries to sign the same money over to Carl. Even after Bob has signed the money over to Alice, the records of Bob being the end of the chain still exist so he could point to those records and try to sign it over to Carl. Carl could look through all the records to see if it was spent but he would also have to look through all points in the chain to see if each of them was valid at every point and this is a lot of searching. Additionally, if Bob attempted this, there would be records of two transactions and no one would be able to differentiate between the legitimate transfer to Alice and the illegitimate transfer to Carl. No one would trust the transaction to Alice and that would leave her fucked. Very bad. Finally, without tracking the time of transactions, the creators of bitcoin could create new money out of thin air which by definition makes the money not decentralized. We still see a need for a party to organize everything, to timestamp transactions, to stop this double spending.

Okay, so we have identified the need for people to keep track of everything but how does this work? Lets first understand how this “organizing” would work. The idea of tracking money and defining it as a chain, with the owner being the last spender seemed smart, so let’s continue with that. What we could have, is every time interval, an “organizer” looks at all transactions that took place in that time interval, separates out the valid from the invalid ones and publishes the valid ones into a block. Then it is easy to see how much money someone has by checking through established blocks. If someone wants to make a transaction, they simply point to the blocks that contain their money, and the “organizer” only needs to check blocks forward to see if they did not already spend it. And others can check to make sure the “organizer” indeed verified the transactions were valid.  These “organizers” are called “miners” (Don’t ask me why). Just remember, miners are the people in charge of organizing everything, time stamping transactions and making sure everything is legit.

We’re left with only one problem, we need the network to be decentralized so we would have to let anyone who wants to become a miner (We couldn’t designate it to anyone in particular because then that person would have power and it wouldn’t be decentralized). But this begs the question: what if the miner is a prankster. If we let anyone organize the block, then a prankster could do it and fuck up the whole system. This is a big problem because it seems like if we just let anyone have access and organize we are bound to get a lot of pranksters. How can we sure that whoever becomes this miner will take it serious without designating a predetermined trusted party?

Here’s an idea. What if we made it so that there was a real cost to be the miner. If someone had to say, pay a good deal of money, but in exchange, they were allowed to allocate to themselves some bitcoin if their block is legit, we would not get pranksters because it would not be worth that much money to fuck up the system.

And if we got any pranksters, it would be a very few and there would be enough legit people monitoring the blockchain that would see the prankster pranking and could correct it with a serious miner. In other words, there are a bunch of legit people trying to make money off of mining, so if a prankster submitted a prank block, other miners would check it, see that it was horse shit, and simply ignore it and continue trying to make a legit block. You may be asking how the whole system will organize legit blocks from non-legit block. The short answer is that the legit miners will connect their new blocks to old legit blocks and people will only accept old blocks that have new blocks attached to them. But we’ll get into the specifics later.

Another clear question that arises from the above explanation is how to charge a cost? There is no central entity to process a payment. What we need is for the miner to prove that they incurred some cost when they publish a block and importantly, make it obvious to anyone who wants to check, that they incurred the cost. Then, the bitcoin community and other miners would only accept the block if they proved this.

But how can a miner prove that they incurred the cost? Lets think. What takes money? Energy. More precisely computing power. What if we generated a random number and made the miner guess that number correctly in order to publish a block. It would be a race, and whichever miner guesses the number first would get to publish the block and take the reward. The number would be in a huge range, like between 1 and 1000000000 so the miners would have to use a lot of computing power to have a chance at guessing right. But how would we pick what the right number is, and how the miners know if they got it right without a central entity? Who picks the random number, and who checks to see if they got it right?

This is where Cryptographic Hash functions come in. Cryptographic Hash functions are highly technical but you can think of them as a function that transforms an arbitrary number (or string of letters) into an integer in some interval, say between 1 and 10000000000. Cryptographic Hash functions behave very randomly and are unpredictable. They don’t contain patterns. So if you take a number, apply the Hash function to it, you are pretty much equally likely to obtain any number between 1 and 10000000000.

Another important thing about Cryptographic Hash functions is that they are easy to compute. In other words, if you have an arbitrary number, a computer program should be able to apply the hash function to the number very quickly. But the inverse must be beyond difficult. There is not easy way to define the inverse to a hash function and if I wanted to find a number that after applying the hash function, would result in say 23435 (this is just a random number), my best strategy would be to just pick a random number, apply the hash function, see if the result was 23435 and if not repeat until I eventually get lucky and picked the right number.

So now you might be getting a sense for why Cryptographic Hash Functions are relevant to blockchain. What we do is basically convert all the messages for transactions into a “message number” using the hash function and then the miner has to find a “code number”, so when the”code number” is concatenated with the “message number” and the hash function is applied to it, the result is a really small number, (like it must be less than 1000 or something).

For example, if the message number was 2435555 and the miner found a code number 132435, then if the hash function was applied to 2435555132435, the result would be a number less than 1000. This way the successful miner publishes the block which contains all the transactions and the code number (and some other stuff which we’ll get to later) and if the code number works, people will accept the block into the blockchain and build on it.

The best strategy for the miners is to just pick a random number, concatenate it with the message number, apply the hash function, and see if the result is less than 1,000. If it is, they are done and they publish the block with that as their code number. If not, they try again.

And it is in the best interest of the successful miner to make sure all transactions are valid because if they are not, the block will not be accepted and that block contains a transaction to the successful miner which is a lot of money.

This is the basic idea. To recap, say Alice wants to send money to Bob. She would publicly declare that she wants to sign over some money to Bob (or more precisely Bob’s public key), point to where that money is and encrypt it with her private key. Everyone else could decrypt her message with her public key and they would know it was her because she was the only one who could encrypt a message with her private key. Then, the miners would put her transaction together with everyone else’s valid transactions that were declared after the previous block was started, use the hash function on the transaction numbers to get a “message number” and race to find the code number. People accept the first block that is published with all valid transactions and a correct code number. The successful miner is allowed to add a transaction to themselves in the block from the void which everyone accepts as money along with transaction fees from every transaction in that block. Then the process starts all over again. A new block is created about every ten minutes. If there are too many miners, the process becomes faster because more people are trying to find the code number. But if it starts going too fast, the metric is more than a certain threshold of blocks published in a week, the challenge becomes harder. The way they make it harder is simply stipulating that the code number, when concatenated with the message number and hashed, must produce an even smaller number. For example, if they first needed to produce a number less than 1000 and too many blocks were being published, they might now need to make the number less than 500.

Side Note on payment to miners: Miners get paid in two parts.

The first is the transaction fee. This fee is decided by the person transferring bitcoin. So if Alice wanted to make a transaction to Bob, she would include a small payment to the successful miner of the block her transaction gets put in. Alice gets to choose the transaction fee, but the higher it is, the more likely a miner is to include her transaction in the next block. Currently someone needs to pay about $1.5 if they want to ensure their payment gets into the next block (i.e. will be processed in less than 20 minutes) but can pay about 30 cents if they are fine with it taking a few hours. This threshold for a transaction fee to for sure make it into the next block is very volatile and last year during the bitcoin frenzy, transaction fees rose dramatically. Even when the average fee is relatively small, with their being hundreds of thousands of transactions per day, this ends up being a big payment to the miners. Side Side note on transaction fees: It is better for everyone if transaction fees are low. If the transaction fee is higher, mining will be more profitable which will attract more miners, which will decrease the profitability of mining. And having more miners doesn’t do anyone any good. Once we have enough miners to ensure the security of bitcoin, getting more doesn’t do anything except lead to a larger pool of people competing for the same fixed resource. This, plus the fact that if people had reasonable attitudes towards bitcoin and understood it, lower transaction fees would help to grow bitcoin, which is in the best interests of miners, means that transaction fees don’t actually impact the profitability of mining as much as one would think Transaction fees have been artificially high just because bitcoin is new and is being hyped a lot. People don’t mind paying transaction fees because they are not using it as a currency, they plan on sitting on their Bitcoin and don’t mind paying a little extra to get it fast. If bitcoin stabilizes and becomes and actual currency people use in their daily lives, we can expect lower transaction fees. There is also a second way miners get paid. Miners are actually allowed to include a transaction to themselves in their block. This is the only new bitcoin that can ever be created. At the start of bitcoin, the miners were allowed to include a transaction for themselves for 50 bitcoins. But, the creators of bitcoin stipulated that every time 2,100,000 new blocks were created, this reward would be cut in half. It takes about 4 years for 2,100,000 blocks to be created, so in 2013 this reward was decreased to 25 bitcoins and is now at 12.5 bitcoins. Additionally, once there exists 21 million bitcoins, this type of reward stops altogether. So this means once there are 21 million bitcoins, no more will ever be created. So now that we understand the basic structure let’s go over the steps to make things a little more precise. First, what is this message that Alice must send to declare a transaction with Bob? Well, it depends on the money she wants to declare and it is mostly just a bunch of numbers. It has to be precise though. It being something specific that is mostly random is more insurance that it is actually Alice sending the message. For example, if she could just send the same message, then someone could copy one of her old messages and pretend to be her. What else is in the blockchain? The first thing is the header. The header is the code number along with the message number. I never completely explained how the message number is generated so I’ll do that now. Basically, we start by taking all the transaction numbers, lets just assume the number of transactions is a power of two. If not, we solve this in an analogous way to how single elimination tournaments are done when the number of competitors is not a power of two. But anyway, we start by applying the hash function to each transaction number, pair the resulting numbers up, concatenate them with their partner, and apply the hash function to each which generates a bunch of new numbers. Then we pair up those numbers, concatenate them with their partners and apply the hash function. We do this until we are left with a single number. This generates a tree like structure and we are left with the head. We concatenate that with the header of the previous block just to make sure there is no funny business going on and that the miner has to figure out which block they are linking to before they start trying to find the code number, and that becomes the message number. One nice thing about this structure is that eventually, once the money corresponding to a transaction in the block is used again, there is no need to store the transaction. For example, if Bob, signs money over to Alice, Alice signs the same money over to Carl, and Carl signs the money over the Dave, there is no need to keep the records of the original transaction with Alice and Bob because future transactions with that money have already been verified. All that is needed is the header of the blocks for people to connect new blocks to it and have a recorded history. This allows people to throw out the records of very old individual transactions in order to save space. This is not a huge thing but worth mentioning. Additionally, the header from the last block is in the new block. This connects the blocks together and reinforces the validity of the last blocks. It shows definitely what chain people are working off of and which blocks are valid. The block contains a timestamp which helps easily order the blocks and account for when the block was created and when the transactions took place. The block contains all the transactions in their tree structure so people can 1) verify transactions and 2) verify the message number is correct. The block contains a nonce number which is kind of complicated but basically just acts as an id number for the block. Finally included in the block, is the difficulty rating. Basically, there is a public computer program that when you run, will output a rough difficulty rating for how hard the code number was to come up with. These are the main components of the block. Now you know. What happens if two people solve the code number at approximately the same time? Everything is run on a network of communication with a slight delay so it is hard to determine who actually finished first. The tiebreaker ends up being the difficulty rating. The blocks will have different difficulty ratings because the blocks are actually slightly different. The transactions and their order might be slightly different and also the transaction to the miner is going to be different for different miners. The next successful miner will connect their block to the block with the higher difficulty rating so that will be the block people go off of. You might be asking what stops someone from publishing a block after someone else and hoping/colluding with the others for them to connect their new block to that block. This is where the message number being connected to the old block comes in. The other miners have already started trying to find the code number for the message number based off of the old block immediately after a new block is published. It would be suicide to start over with a the other persons block. It does actually happen fairly often that two blocks will be created at the same time. And the “wrong” block does get recorded but is not used. People are supposed to rely on the chain of blocks with the largest sum of difficulty. Once a couple new blocks become created on top of an old block, it is basically impossible to reverse the validity of that old block, because it will be in a chain with a large sum of difficulty. This is an important point so take some time to understand. I hope this diagram makes it easier. Now you might be asking, but can this system be gamed? What’s great about bitcoin is that defrauding the system is really difficult. It is impossible to change records because all the records are publicly available and downloaded on thousands of systems. So once a block gets accepted and a couple of rounds pass there is basically no way to change it. It is written into history. If you are a transactor and want to spend money you don’t have, this is basically impossible. You have to point to actual money that got recorded. The only hope you could have is to double spend. But this is really hard. Let’s suppose Alice wants to double spend. She has made a transaction to Bob for a new pair of Jordan’s. Bob has waited until the block containing the transaction was accepted before handing over the Jordan’s. So what Alice needs to do is to erase the records of her transaction to Bob if she wants to spend the same money again. Her only hope is to make a new chain of blocks growing out of the block before her transaction with Bob with a greater sum of difficulty than the current chain of blocks coming out. But to do this Alice would need to be able to find the code consistently at a much faster rate than all of the other miners combined. That’s hella hard. But let’s just say Alice is a serious G. She has found a new technique that is much faster than the competition. She could in theory redo all the blocks except leave her transaction for the Jordan’s out. Then people would accept her new blocks and those records would be used to calculate people’s money. She would have her Jordan’s and the bitcoin she spent them on all to herself, leaving Bob fucked. Having her cake and eating it too. Additionally, she would be the miner for all those old blocks so she would even get all those transaction fees as well. She’d be rolling in it. There’s only one problem. Everyone else could see what she did. They could still see the legit blocks Alice replaced and see that she rewrote them to not include her transaction. Others would technically be supposed to accept in any way but they would still be like “da fuq?” It would be obvious that bitcoin had been defrauded and this could lead to the value of bitcoin dropping like a fat guy bending over to pick up a Twinkie. But the value of bitcoin dropping fucks Alice. But instead of defrauding the system, Alice could just become a miner and since she created her hella toit new technique, she would win every time and get hella rich. And since she was honest, bitcoin would still be working perfectly well so it would retain value, which is good for Alice. Another interesting question is what keeps miners actually checking to make sure the transactions are valid? In theory everyone else is supposed to check to make sure all the transactions in their public block are valid but in reality no one really wants to do this. It takes time and energy that could be spent mining the next block. The network so far has done a pretty good job staying honest and checking each others work but there was an instance in 2015 where a bad block was published and a couple of new blocks were published before anyone realized the mistake. They were able to go back, fix everything, and since then people have been more careful about checking each others work. In general, it is in the best interest of miner’s if someone is checking the validity because they own bitcoin. I only point out this example to show that if mining gets too competitive, there are risks of no one checking and invalid blocks getting published. Can we just take a moment to appreciate how genius this system is? ### Is the Hype Real? Bitcoin is a real thing for sure, but it is not without downsides. In some sense bitcoin has been a victim of its own success. It is designed to be a stable currency that people use to pay for everything, but because of how much bitcoin is being hyped together with the fact that most people don’t understand how it works, its price behaves like a schizophrenic lion on crack. This causes people to buy bitcoin, not as a currency but as an investment. This is ironic since being secure is supposed to make it more stable than the U.S. dollar. The U.S. dollar has no rules attached to it and its quantity goes up over time. This causes inflation, but since bitcoin has fixed rules and beyond a point none of it can be created or destroyed, it is supposed to hold its value. The hope is that once all the hype dies down and people become more used to cryptocurrency, the price will stabilize. But no one knows if this will ever happen. Until this happens, bitcoin doesn’t really behave like a currency but rather an investment. Another downside is that it is slower. People have to usually wait at least ten minutes before their payment is verified whereas a payment with a credit or debit card can be verified in seconds. One interesting thing though is that there is no need for the rate of new blocks coming out to take that long. Originally, it was proposed that shorter times would take up too much energy from miners and it would make it hard to organize everything but this has proven to not be true. Ethereum’s blocks come out every 15 seconds and it works great. This long block time has not hindered bitcoin’s value yet but in the future, other cryptocurrencies that publish blocks faster may prove to be more convenient if cryptocurrencies are to be used as actual currency. Finally, bitcoin is more expensive. Even taking into account fees for checking accounts, transaction fees would make bitcoin cost more than a bank to use as a day-to-day currency. Now, the hope is that these transaction fees will go down if bitcoin becomes widely used as a currency, but again, no one knows. So to summarize, bitcoin is revolutionary technology that solves many problems of traditional banking, but it brings its own challenges along with it. So it is not just strictly better than traditional currency. ## Crypto Applications Bitcoin gave us the blockchain, but this genius idea can be applied to more than just money. It lets a create a whole class decentralized applications. Let’s take social media for example. How could we use blockchain technology to create a decentralized social network? This is actually easy. To be decentralized we just need no one entity in control. So someone would write the computer program for how the network would operate, make the code public, and let the Miners do the dirty work. Similar to how accounts would work with in bitcoin, everyone account would have a public and private key, and whenever anyone wanted to make an action, say send a message or friend request, they would simply declare their intent. Then, every time interval or so, a miner would solve the code message, run the network code on all “transactions” and publish the updated network with all transactions. Of course we would need a currency attached to the system to reward the miners but the idea is actually pretty basic. And shit could still be private. For example, anyone could create a “friend” private key, and share the key with their friends using their friends public keys. Then, they could send their updates using their “friend” private key so only friends could see what was going on. To make the above process more explicit, let me explain it in steps. First, Alice would create an account. Tied to the account would be a public and private key. Let’s call these the Alicia keys. Alice would keep the private key secret but publish the public key, well… publicly. Additionally tied to Alice’s account would be a “friend” public and private key completely separate from the Alice’s Key. Alice would release the friend public key publicly but initially keep the friend private key private. But say Bob sends a friend request to Alice and Alice thinks Bob is a cool dude so she accepts. To accept the friend request, Alice would take her friend key, encrypt it using Bob’s public key and publish the resulting number and notifying Bob. Bob could then decrypt the message using his private key and he would know Alice’s friend key. Then whenever Alice posts something, she would encrypt what she was posting with her friend public key, sign it with her private key and make it public. The miners would see this post, use Alice’s public key to verify it was her, and incorporate her post into the next block which would become the new state of the network. Only Bob (And Alice’s other friends (she doesn’t have any)) would be able to understand the post because only they have her friend private key. And people would only accept that state of the network, it the block was contained a correct code message. Of course the above process could be completed with Alice only having one key. She could simply publish a duplicate copy of her posts encrypted with each of her friend’s public keys. This would make it so people had to keep track of less keys but would take up more storage space. We can use the same idea with DMing. This is actually just the example we started with in the introduction to cryptography. If Alice sent a message to Bob, she would simply encrypt it with his public key. This process can be used to create a decentralized version of basically any application. The major upside to using crypto applications instead of centralized ones is that 1) obviously they are more secure and 2) they cannot be censored. This is super relevant in countries like China, where the government regulates the internet and what people see. In crypto applications, the whole network is just a bunch a different computers storing data and operating a code everyone has access to. This means there is nothing for the government to go after. The miners are completely anonymous and there is no central network to attack. ## Crypto Tokens Finally, I would like to share one more possible use for blockchain technology. Crypto Tokens create a whole new business model. The way Crypto Tokens work is that someone starts by creating a cryptocurrency, keeping a portion of it for themselves and selling the rest on the open market. They stipulate that no new currency can ever be created. Simultaneously, they release a decentralized app for some service based industry. It will connect service providers with customers having the price for the service be in their cryptocurrency. Then, as the app grows, the demand for the crypto currency will also grow, and since the amount of the currency on the market is fixed, the price of the currency will increase. Note that the price for the service will remain fixed in U.S. dollars, so if the price of the coin increases, the cost of the service will cost less coins. For example, at the beginning, the service might cost 1 coin, but once the business grows, the service will only cost .01 coin. Then, eventually the founder will sell their coins which will be worth a lot if the business is a success. The business will continue to operate without anyone in charge. One downside is that since these business will be decentralized, it can be something illegal and since it is completely decentralized, it is extremely hard to stop. For example, ### A Whole New Type of Pimp Eli the Entrepreneur starts by using the blockchain to create 10,000 “sex coins.” He keeps 1,000 for himself and sells the rest to anyone who wants to buy them at 1$ per coin. He then designs an app that connects prostitutes to customers.

Samuel the Sex Worker uses the app. He starts by declaring what city he lives in which is Miami and lists his services along with how much they cost. He lists them in U.S. dollars but the app converts that to the exchange rate for sex coins. Then anyone can anonymously create a cryptographically secure customer account and all they have to do is declare what city they live in. Then, they can search through sex workers in that city on the app and see what they price their services at. Harold, who also lives in Miami, is in desperate need of a hand job. Luckily, Samuel offers hand jobs for 10 sex coins (he is a pro after all). Then they can use the app to arrange where to meet and do the deed.

Harold will buy sex coins on the market and use that to pay Samuel (With an extremely small transaction fee to pay miners. Something like a cent). Soon, the app erupts so hundreds of thousands of people are simultaneously using the app. Since there is only 10,000 sex coins on the market, the demand for them rises. So now, all of a sudden each coin is worth 100$and Samuel is charging one tenth of a sex coin for a handy. Finally, at the height of the app, each coin is worth is 1,000$. Eli sells his 1,000 coins for a million dollars without ever having to do anything beyond writing the code for the app. The app and sex coins continue to be exchanged in the market with no one controlling them.

The thing about this is that it is extremely hard for the police to stop. There is no central entity for them to bust and end the whole thing. The only thing they can do is set of individual stings arresting individual prostitutes. But this requires tons of effort and doesn’t really do anything beyond discouraging people to use the app but strategies like this have never really worked in the past.

So there you go. Hopefully you now understand how blockchain works and what some of the ramifications are. If you have been finding yourself wondering “Is there a new post on the Cheese Maze” and the uncertainty has been causing you anxiety, I have a solution. Simply scroll to the top of the page, look in the lower right hand corner of your computer screen and follow this blog to get an email every time a new post comes out.