L5 - Bitcoin Evolution and Challenges

Question 1

Which two parts of the network are affected by updates?

Answer 1

• software relying on full nodes (wallets)

- blockchain network (full node implementation)

Question 2

Two well-known issues with software updates

Answer 2

1. Incompatibility btw. old and new software components
2. Incompatibility between historic data and current data scheme expected by the software components

-> Bitcoin network inherits these standard problems

Question 3

3 stages in the process of Bitcoin Protocol Update

Answer 3

1. Design
2. Signaling
3. Results

Question 4

Design stage.

Which layers can proposals target?

Answer 4

• Consensus Layer
• Peer Services Layer
• API/RPC Layer
• Applications Layer

Question 5

How are proposals in Bitcoin referred to?

Answer 5

as Bitcoin Improvement Proposals (BIP)

Question 6

What does a final BIP contain?

Answer 6

detailed description and reference implementation.

Question 7

What can happen in the design stage?

Answer 7

A soft or hard fork can result.

Question 8

When is a hard fork created?

Answer 8

Structures that are invalid under old rules become valid under new rules.

Question 9

Can it happen that there is a chain split with a soft fork?

Answer 9

Yes. If a majority sticks with the old version

–> You have some people following the old and some the new vesion

Question 10

What is the disadvantage of a chain split?

Answer 10

That both chains compete for users

Question 11

How to find out whether a chain split would occur?

Answer 11

The signaling phase is used.

Question 12

What is signaling and who does it?

Answer 12

Signaling is the process that is used to vote on proposals. Miners are the only network participants who can cast their votes. They gain the right to vote only when they mine a new block. They signal their vote by including a special value in the header of the blocks they mine.

Question 13

How is a proposal accepted in the signaling phase?

Answer 13

A: If the overall support for the proposal is higher than a certain threshold (usually 1916 out of 2016 blocks = 95%) in one difficulty period. The proposal is then accepted so locked in. The rules then apply after further 2016 blocks to allow the remaining miners to update as well.

B: If the support is too low the proposal is rejected.

Question 14

What can the results be?

Answer 14

• If the signaling leads to acceptance, the proposal is automatically implemented.
• Upon a rejection the community can split (chain split)

Question 15

Two main problems with the creation of a second chain

Answer 15

1. If the community behind the hard fork has less than 50% of the computational power, the new chain will not work, as the new software will switch back to the old chain, as the old chain will probably have the higher weight.
2. One transaction can be executed on both chains –> Replay attack

Question 16

What is a hard fork?

Answer 16

A hard fork occurs when rules are removed from the protocol. This makes previously invalid blocks valid.

Question 17

What is a soft fork?

Answer 17

Adds extra rules to the protocol making some structures that were valid before now invalid.

Question 18

Changes in which layer create forks?

Answer 18

Changes in the consensus layer.

Question 19

Is the hard fork compatible with the old chain?

Answer 19

No.

Question 20

Is the soft fork compatible with the old chain?

Answer 20

Yes. The soft fork is always compatible with the old chain. The reason for this is that when you have a new block with more rules so that is more restrictive then the new structures are still valid under the previous more lenient rules. (You have to think from new to old)

Question 21

How can the two problems of a second chain be avoided?

Answer 21

The new community has to make the new chain incompatible with the old chain. This is done via the creation and adaptation of new parameters. Another possibility is to create a second genesis block which has to be contained in the longest chain. If the second block contains the new rules (rejected by the old software), the chains are split indefinitely and cannot merge together.

Question 22

Two major upgrades in the Bitcoin network (both soft forks)

Answer 22

• Segregated Witness

- Taproot

Question 23

SegWit

Answer 23

• increase transaction throughput by reducing weight of transaction in a block

Question 24

Taproot

Answer 24

Introduced a new signature scheme

Question 25

Is it possible to steal bitcoin?

Answer 25

No, since UTXOs are secured with the hash of the public key of a user. The attacker cannot generate a valid transaction spending these UTXOs.

Question 26

Is it possible to block a participant in the blockchain network?

Answer 26

Assume that a malicious node wants to block all transactions by Bob. This malicious node was selected randomly by the network to propose the new block. It does not include the transaction from Bob, blocking his transaction from getting into its block. However, the next random node (if it is honest) will include Bobs transaction.

Question 27

What is double spending?

Answer 27

When someone send money to someone else for a transaction and the same UTXO to himself. When to realities are created. Block 3a declares are reality where Bob is paid and block 3b in which Alice sends the money to herself.

Question 28

What should the receiver (Bob) do to prevent such an attack?

Answer 28

Bob should wait until it is clear that the payment to him is actually included in the longest blockchain, ideally with several confirmations

Question 29

What is a replay attack?

Answer 29

When an attacker re-submits the same transaction to the network several times and gets it executed every time.

Question 30

How does a replay attack work in practice?

Answer 30

- Alice sends coins to Bob. - The blockchain undergoes a hard fork - on the old chain A sends B bitcoin - then B replicates the transaction again on the new chain. (Since the addresses stay the same, this "repetition" is validated by the miners on the new chain.)

Question 31

Who is not vulnerable to a replay attack?

Answer 31

A person who joins the network after the hard fork is not vulnerable to the replay attack as their address has no transaction history in either of the chain.

Question 32

What is the 51% attack?

Answer 32

Means that more than 50% of the hash power belongs to one entity and this entity uses this power maliciously.

Question 33

What does the 51% enable?

Answer 33

History rewriting: - the attacker can build a blockchain with the highest accumulated value, defining all contents: - Blocking/ DoS-ing addresses/ users - collecting all mining reward - They may use this situation to activate double spending of coins, by reversing transactions that were completed while they were in control of the network

Question 34

What can the 51% attack not do?

Answer 34

- cannot invent money (propose invalid blocks or transactions as they would be rejected) - entities highly invested with large hash power have no interest in destroying the network, as they profit from it

Question 35

How does double spending work for the 51% attack?

Answer 35

A fork/double-spend attack is one where the attacker causes previously confirmed blocks to be invalidated by forking below them and re-converging on an alternate chain. With sufficient power, an attacker can invalidate six or more blocks in a row, causing transactions that were considered immutable (6 confirmations) to be invalidated. Note that a double-spend can only be done on the attacker’s own transactions, for which the attacker can produce a valid signature. Double-spending one’s own transactions is profitable if by invalidating a transaction the attacker can get a non-reversible exchange payment or product without paying for it

Question 36

Can a 51% attack be successful in the long run?

Answer 36

No, a successful attack would destroy the trust in the system and with that the value of the currency in the system.

Question 37

What is a selfish-mining attack?

Answer 37

Exploits the probability to be able to propose two blocks one after the another. Possibility A: The node finds a second block 4A building on its block 3A. The network is still at block 2. When the network finds another block 3B, the attacker publishes both block 3A and 4A, making the new 3B an orphan block. The network has worked on an old chain, practically wasting its power. Possibility B: When the network proposes a block 3B before the attacker finds a block 4A, the attacker publishes 3A, hoping the network will select block 3A with probability .

Question 38

What is the theoretical maximum transaction throughput determined by?

Answer 38

``` Block time (10 min) Block size (1MB) Transaction size (250 byte or 500 byte) ``` 144/day*(1.000.000/250) = 576K.

Question 39

How to compute the power consumption?

Answer 39

``` Current speed of the network = 18,6*10^19 hashes/s power consumption of Antminer = 1320 W for 14*10^12 hashes/s Number of Antminers to provide network speed: 18,6*10^19 / 14*10^12 = 13,285,714 Power consumed by Antminers = 13,285,714 * 1320 W = 17,5 GW (giga = billion) ```

Question 40

What results in longer waiting times for transactions?

Answer 40

More transactions in the memory pool

Question 41

Is Bitcoin limited in its expressive power?

Answer 41

Yes. Ethereum and other solutions provide a Turing complete Smart Contract language.

Question 42

Solution to Bitcoin's scaling problem?

Answer 42

Bitcoin is too slow. Second layer solutions like Lightning Network enable higher transaction throughput with lower fees.

Question 43

What can provide more stable prices?

Answer 43

Stable coins backed by other currencies