0000: 5b 75 70 5d 28 73 71 75 69 64 2e 6d 64 29 20 5b [up](squid.md) [
0010: 62 61 63 6b 5d 28 73 71 75 69 64 2d 6d 6f 6e 65 back](squid-mone
0020: 79 2e 6d 64 29 20 5b 6e 65 78 74 5d 28 73 71 75 y.md) [next](squ
0030: 69 64 2d 66 65 64 2e 6d 64 29 0a 0a 23 20 50 72 id-fed.md)..# Pr
0040: 6f 6f 66 20 6f 66 20 57 68 61 74 3f 20 50 72 6f oof of What? Pro
0050: 6f 66 20 6f 66 20 54 72 75 73 74 21 0a 0a 49 74 of of Trust!..It
0060: 20 69 73 20 70 72 65 74 74 79 20 6f 62 76 69 6f is pretty obvio
0070: 75 73 20 74 68 61 74 20 42 69 74 43 6f 69 6e 20 us that BitCoin
0080: 77 65 6e 74 20 62 61 63 6b 20 61 6c 6c 20 74 68 went back all th
0090: 65 20 77 61 79 20 74 68 72 6f 75 67 68 20 68 75 e way through hu
00a0: 6d 61 6e 20 6d 6f 6e 65 79 0a 68 69 73 74 6f 72 man money.histor
00b0: 79 2c 20 61 6e 64 20 75 73 65 73 20 74 68 65 20 y, and uses the
00c0: 73 61 6d 65 20 70 72 69 6e 63 69 70 6c 65 20 73 same principle s
00d0: 68 65 6c 6c 20 6d 6f 6e 65 79 20 68 61 64 20 74 hell money had t
00e0: 6f 20 67 69 76 65 20 76 61 6c 75 65 20 74 6f 20 o give value to
00f0: 61 20 63 6f 69 6e 3a 0a 74 68 65 20 6d 69 6e 65 a coin:.the mine
0100: 72 73 20 64 6f 20 61 20 70 72 6f 6f 66 20 6f 66 rs do a proof of
0110: 20 77 6f 72 6b 2e 20 20 4c 69 6b 65 20 74 68 65 work. Like the
0120: 20 73 68 65 6c 6c 73 2c 20 74 68 65 20 61 6d 6f shells, the amo
0130: 75 6e 74 20 69 73 20 6c 69 6d 69 74 65 64 2c 20 unt is limited,
0140: 61 6e 64 0a 74 68 65 20 64 69 66 66 69 63 75 6c and.the difficul
0150: 74 79 20 72 61 69 73 65 73 20 77 69 74 68 20 74 ty raises with t
0160: 68 65 20 61 6d 6f 75 6e 74 20 6f 66 20 77 6f 72 he amount of wor
0170: 6b 20 61 76 61 69 6c 61 62 6c 65 2e 20 20 54 68 k available. Th
0180: 65 20 6c 69 6d 69 74 65 64 20 61 6d 6f 75 6e 74 e limited amount
0190: 0a 6f 66 20 6d 69 6e 65 61 62 6c 65 20 42 69 74 .of mineable Bit
01a0: 43 6f 69 6e 73 20 6d 69 6d 69 63 73 20 61 6e 6f Coins mimics ano
01b0: 74 68 65 72 20 70 72 6f 70 65 72 74 79 20 6f 66 ther property of
01c0: 20 73 68 65 6c 6c 20 6d 6f 6e 65 79 2c 20 61 6e shell money, an
01d0: 64 20 77 69 74 68 20 61 0a 71 75 69 63 6b 6c 79 d with a.quickly
01e0: 20 67 72 6f 77 69 6e 67 20 65 63 6f 6e 6f 6d 79 growing economy
01f0: 20 74 68 61 74 20 61 63 74 75 61 6c 6c 79 20 75 that actually u
0200: 73 65 73 20 63 72 79 70 74 6f 63 75 72 72 65 6e ses cryptocurren
0210: 63 69 65 73 2c 20 69 74 20 62 65 63 6f 6d 65 73 cies, it becomes
0220: 20 61 0a 71 75 69 63 6b 6c 79 20 64 65 66 6c 61 a.quickly defla
0230: 74 69 6e 67 20 63 75 72 72 65 6e 63 79 2e 20 20 ting currency.
0240: 54 68 61 74 20 6d 61 6b 65 73 20 69 74 20 69 64 That makes it id
0250: 65 61 6c 20 61 73 20 73 70 65 63 75 6c 61 74 69 eal as speculati
0260: 6f 6e 20 6f 62 6a 65 63 74 2c 20 61 6e 64 0a 76 on object, and.v
0270: 65 72 79 20 62 61 64 20 61 73 20 74 72 61 64 65 ery bad as trade
0280: 20 74 6f 6b 65 6e 2e 0a 0a 54 68 65 72 65 20 69 token...There i
0290: 73 20 61 20 64 69 73 61 73 74 72 6f 75 73 20 73 s a disastrous s
02a0: 69 64 65 20 65 66 66 65 63 74 20 74 6f 20 74 68 ide effect to th
02b0: 69 73 3a 20 4d 69 6e 69 6e 67 20 62 75 72 6e 73 is: Mining burns
02c0: 20 65 6e 65 72 67 79 2c 20 41 53 49 43 73 20 61 energy, ASICs a
02d0: 72 65 0a 64 65 76 65 6c 6f 70 65 64 20 61 6e 64 re.developed and
02e0: 20 6d 61 6e 75 66 61 63 74 75 72 65 64 2c 20 69 manufactured, i
02f0: 66 20 79 6f 75 20 74 72 79 20 74 6f 20 61 76 6f f you try to avo
0300: 69 64 20 41 53 49 43 20 6d 69 6e 69 6e 67 2c 20 id ASIC mining,
0310: 61 6c 6c 20 61 76 61 69 6c 61 62 6c 65 0a 63 6f all available.co
0320: 73 74 2d 65 66 66 69 63 69 65 6e 74 20 47 50 55 st-efficient GPU
0330: 73 20 61 72 65 20 62 6f 75 67 68 74 20 61 6e 64 s are bought and
0340: 20 67 61 6d 65 72 73 20 61 72 65 20 66 72 75 73 gamers are frus
0350: 74 61 74 65 64 2c 20 62 65 63 61 75 73 65 20 74 tated, because t
0360: 68 65 79 20 73 69 6d 70 6c 79 0a 63 61 6e 27 74 hey simply.can't
0370: 20 67 65 74 20 68 6f 6c 64 20 6f 66 20 74 68 65 get hold of the
0380: 6d 2e 20 20 54 68 69 73 20 69 73 20 66 61 72 20 m. This is far
0390: 77 6f 72 73 65 20 74 6f 20 68 6f 61 72 64 69 6e worse to hoardin
03a0: 67 20 67 6f 6c 64 2c 20 62 65 63 61 75 73 65 20 g gold, because
03b0: 6e 6f 62 6f 64 79 0a 61 63 74 75 61 6c 6c 79 20 nobody.actually
03c0: 6e 65 65 64 73 20 67 6f 6c 64 20 61 6e 79 77 68 needs gold anywh
03d0: 65 72 65 20 6e 65 61 72 20 74 68 65 20 61 76 61 ere near the ava
03e0: 69 6c 61 62 6c 65 20 71 75 61 6e 74 69 74 69 65 ilable quantitie
03f0: 73 20 75 73 65 64 20 61 73 20 6d 6f 6e 65 79 2e s used as money.
0400: 0a 0a 41 6e 64 20 61 6c 6c 20 74 68 61 74 20 62 ..And all that b
0410: 69 67 20 61 6d 6f 75 6e 74 20 6f 66 20 77 6f 72 ig amount of wor
0420: 6b 20 69 73 20 63 6f 6e 76 65 72 74 65 64 20 69 k is converted i
0430: 6e 74 6f 20 76 65 72 79 20 66 65 77 20 61 63 74 nto very few act
0440: 75 61 6c 0a 74 72 61 6e 73 61 63 74 69 6f 6e 73 ual.transactions
0450: 2e 20 20 42 69 74 43 6f 69 6e 20 65 78 63 68 61 . BitCoin excha
0460: 6e 67 65 73 20 70 6f 70 20 75 70 20 74 68 61 74 nges pop up that
0470: 20 61 6c 6c 6f 77 20 70 65 6f 70 6c 65 20 74 6f allow people to
0480: 20 74 72 61 64 65 20 77 69 74 68 20 74 68 65 6d trade with them
0490: 0a 77 69 74 68 6f 75 74 20 61 63 74 75 61 6c 6c .without actuall
04a0: 79 20 6d 61 6b 69 6e 67 20 74 72 61 6e 73 61 63 y making transac
04b0: 74 69 6f 6e 73 20 69 6e 20 74 68 65 20 42 69 74 tions in the Bit
04c0: 43 6f 69 6e 20 70 72 6f 74 6f 63 6f 6c 3b 20 61 Coin protocol; a
04d0: 6e 64 20 77 69 74 68 6f 75 74 0a 74 68 6f 73 65 nd without.those
04e0: 20 74 72 61 6e 73 61 63 74 69 6f 6e 73 2c 20 74 transactions, t
04f0: 68 61 74 20 6d 6f 6e 65 79 20 69 73 20 6e 6f 74 hat money is not
0500: 20 73 65 63 75 72 65 64 2e 20 20 56 69 72 74 75 secured. Virtu
0510: 61 6c 20 62 61 6e 6b 72 6f 62 62 65 72 79 20 6f al bankrobbery o
0520: 63 63 75 72 73 2c 0a 61 6e 64 20 69 74 20 73 68 ccurs,.and it sh
0530: 6f 77 73 20 74 68 61 74 20 70 65 6f 70 6c 65 20 ows that people
0540: 77 68 6f 20 64 6f 6e 27 74 20 6b 6e 6f 77 20 68 who don't know h
0550: 69 73 74 6f 72 79 20 61 72 65 20 64 6f 6f 6d 65 istory are doome
0560: 64 20 74 6f 20 72 65 70 65 61 74 20 69 74 3a 0a d to repeat it:.
0570: 52 65 67 75 6c 61 74 69 6f 6e 20 69 73 20 74 68 Regulation is th
0580: 65 72 65 20 66 6f 72 20 67 6f 6f 64 20 72 65 61 ere for good rea
0590: 73 6f 6e 73 2e 0a 0a 4e 6f 74 65 20 74 68 61 74 sons...Note that
05a0: 20 74 68 65 20 65 6e 65 72 67 79 20 63 6f 6e 73 the energy cons
05b0: 75 6d 70 74 69 6f 6e 20 69 73 20 6e 6f 74 20 61 umption is not a
05c0: 20 66 75 6e 63 74 69 6f 6e 20 6f 66 20 68 6f 77 function of how
05d0: 20 6d 61 6e 79 20 74 72 61 6e 73 61 63 74 69 6f many transactio
05e0: 6e 73 0a 68 61 70 70 65 6e 2c 20 69 74 27 73 20 ns.happen, it's
05f0: 61 20 66 75 6e 63 74 69 6f 6e 20 6f 66 20 68 6f a function of ho
0600: 77 20 6d 75 63 68 20 72 65 77 61 72 64 20 74 68 w much reward th
0610: 65 20 6d 69 6e 65 72 73 20 67 65 74 2e 20 20 54 e miners get. T
0620: 68 61 74 20 6d 65 61 6e 73 20 68 69 67 68 65 72 hat means higher
0630: 0a 62 69 74 63 6f 69 6e 20 70 72 69 63 65 73 20 .bitcoin prices
0640: 72 65 73 75 6c 74 20 69 6e 20 68 69 67 68 65 72 result in higher
0650: 20 65 6e 65 72 67 79 20 63 6f 6e 73 75 6d 70 74 energy consumpt
0660: 69 6f 6e 2c 20 62 65 63 61 75 73 65 20 74 68 65 ion, because the
0670: 20 70 72 6f 6f 66 20 6f 66 20 77 6f 72 6b 0a 73 proof of work.s
0680: 63 61 6c 65 73 20 77 69 74 68 20 74 68 65 20 61 cales with the a
0690: 6d 6f 75 6e 74 20 6f 66 20 61 76 61 69 6c 61 62 mount of availab
06a0: 6c 65 20 77 6f 72 6b 2c 20 61 6e 64 20 74 68 61 le work, and tha
06b0: 74 20 69 6e 66 6c 61 74 65 73 20 77 69 74 68 20 t inflates with
06c0: 74 68 65 20 70 72 69 63 65 20 70 65 72 0a 63 6f the price per.co
06d0: 69 6e 2e 0a 0a 54 68 61 74 20 6d 65 61 6e 73 20 in...That means
06e0: 74 68 61 74 20 74 68 65 20 6c 69 67 68 74 6e 69 that the lightni
06f0: 6e 67 20 6e 65 74 77 6f 72 6b 2c 20 77 68 69 6c ng network, whil
0700: 65 20 69 6d 70 72 6f 76 69 6e 67 20 73 63 61 6c e improving scal
0710: 61 62 69 6c 69 74 79 2c 20 64 6f 65 73 20 6e 6f ability, does no
0720: 74 0a 63 75 74 20 64 6f 77 6e 20 74 68 65 20 68 t.cut down the h
0730: 69 64 64 65 6e 20 74 72 61 6e 73 61 63 74 69 6f idden transactio
0740: 6e 20 63 6f 73 74 73 3a 20 74 68 65 20 6c 69 71 n costs: the liq
0750: 75 69 64 69 74 79 20 72 65 71 75 69 72 65 64 20 uidity required
0760: 66 6f 72 20 74 68 65 0a 6c 69 67 68 74 6e 69 6e for the.lightnin
0770: 67 20 6e 65 74 77 6f 72 6b 20 77 69 6c 6c 20 64 g network will d
0780: 72 69 76 65 20 74 68 65 20 70 72 69 63 65 20 70 rive the price p
0790: 65 72 20 63 6f 69 6e 20 75 70 2c 20 73 6f 20 74 er coin up, so t
07a0: 68 61 74 20 6d 69 6e 69 6e 67 20 69 73 20 73 6f hat mining is so
07b0: 0a 6c 75 63 72 61 74 69 76 65 20 74 68 61 74 20 .lucrative that
07c0: 6d 69 6e 65 72 73 20 77 69 6c 6c 20 62 75 79 20 miners will buy
07d0: 6d 6f 72 65 20 41 53 49 43 73 20 61 6e 64 20 62 more ASICs and b
07e0: 75 72 6e 20 6d 6f 72 65 20 63 6f 61 6c 20 69 6e urn more coal in
07f0: 20 74 75 72 6e 2e 0a 0a 23 23 20 57 68 61 74 20 turn...## What
0800: 69 73 20 61 20 42 6c 6f 63 6b 43 68 61 69 6e 3f is a BlockChain?
0810: 0a 0a 57 65 20 6e 65 65 64 20 61 6e 20 61 63 74 ..We need an act
0820: 75 61 6c 20 64 65 66 69 6e 69 74 69 6f 6e 3b 20 ual definition;
0830: 74 65 63 68 6e 69 63 61 6c 6c 79 2c 20 65 76 65 technically, eve
0840: 6e 20 61 20 67 69 74 20 72 65 70 6f 73 69 74 6f n a git reposito
0850: 72 79 20 68 61 73 0a 73 6f 6d 65 20 69 6d 70 6f ry has.some impo
0860: 72 74 61 6e 74 20 70 72 6f 70 65 72 74 69 65 73 rtant properties
0870: 20 6f 66 20 61 20 42 6c 6f 63 6b 43 68 61 69 6e of a BlockChain
0880: 2e 20 20 54 68 65 20 63 68 61 69 6e 20 6f 66 20 . The chain of
0890: 68 61 73 68 65 64 20 62 6c 6f 63 6b 73 0a 69 73 hashed blocks.is
08a0: 20 6f 6e 65 20 61 73 70 65 63 74 2c 20 74 68 65 one aspect, the
08b0: 20 63 6f 6e 73 65 6e 73 75 73 20 61 6c 67 6f 72 consensus algor
08c0: 69 74 68 6d 20 74 68 65 20 6f 74 68 65 72 3a 0a ithm the other:.
08d0: 0a 2a 20 4d 65 72 6b 6c 65 2d 74 72 65 65 20 6f .* Merkle-tree o
08e0: 72 20 65 71 75 69 76 61 6c 65 6e 74 20 68 61 73 r equivalent has
08f0: 68 2d 69 74 2d 61 6c 6c 20 61 70 70 72 6f 61 63 h-it-all approac
0900: 68 20 28 6c 6f 6f 73 65 20 64 65 66 69 6e 69 74 h (loose definit
0910: 69 6f 6e 29 0a 2a 20 6e 6f 20 73 69 6e 67 6c 65 ion).* no single
0920: 20 70 6f 69 6e 74 20 6f 66 20 74 72 75 73 74 0a point of trust.
0930: 2a 20 63 6f 6e 73 65 6e 73 75 73 20 61 6c 67 6f * consensus algo
0940: 72 69 74 68 6d 20 62 61 73 65 64 20 6f 6e 20 74 rithm based on t
0950: 68 65 20 63 6f 6e 74 65 6e 74 73 20 6f 6e 6c 79 he contents only
0960: 20 28 6e 6f 20 65 78 74 65 72 6e 61 6c 20 61 72 (no external ar
0970: 62 69 74 65 72 29 0a 0a 23 23 20 48 6f 77 20 74 biter)..## How t
0980: 6f 20 63 68 65 61 70 6c 79 20 73 65 63 75 72 65 o cheaply secure
0990: 20 74 68 65 20 42 6c 6f 63 6b 43 68 61 69 6e 0a the BlockChain.
09a0: 0a 53 6f 20 6c 65 74 27 73 20 74 61 6b 65 20 61 .So let's take a
09b0: 20 73 74 65 70 20 62 61 63 6b 2c 20 61 6e 64 20 step back, and
09c0: 6c 6f 6f 6b 20 77 68 79 20 74 68 65 72 65 27 73 look why there's
09d0: 20 61 20 6e 65 65 64 20 66 6f 72 20 74 68 65 20 a need for the
09e0: 70 72 6f 6f 66 20 6f 66 20 77 6f 72 6b 0a 28 74 proof of work.(t
09f0: 68 65 20 63 6f 6e 73 65 6e 73 75 73 20 61 6c 67 he consensus alg
0a00: 6f 72 69 74 68 6d 29 3a 20 54 68 65 20 62 61 73 orithm): The bas
0a10: 69 63 20 69 64 65 61 20 69 73 20 74 68 61 74 20 ic idea is that
0a20: 6f 66 20 73 65 63 75 72 69 6e 67 20 74 68 65 20 of securing the
0a30: 42 6c 6f 63 6b 43 68 61 69 6e 0a 61 67 61 69 6e BlockChain.again
0a40: 73 74 20 61 6e 20 61 74 74 61 63 6b 20 74 68 61 st an attack tha
0a50: 74 20 61 6c 6c 6f 77 73 20 64 6f 75 62 6c 65 20 t allows double
0a60: 73 70 65 6e 64 69 6e 67 2e 20 20 54 68 65 20 42 spending. The B
0a70: 6c 6f 63 6b 43 68 61 69 6e 20 69 74 73 65 6c 66 lockChain itself
0a80: 20 69 73 0a 69 6d 6d 75 74 61 62 6c 65 20 69 66 is.immutable if
0a90: 20 79 6f 75 20 68 61 76 65 20 61 63 63 65 73 73 you have access
0aa0: 20 74 6f 20 74 68 65 20 6c 61 73 74 20 68 61 73 to the last has
0ab0: 68 65 64 20 62 6c 6f 63 6b 3a 20 54 68 72 6f 75 hed block: Throu
0ac0: 67 68 20 61 20 6c 69 6e 6b 20 6f 66 0a 68 61 73 gh a link of.has
0ad0: 68 65 73 2c 20 65 76 65 72 79 20 6f 74 68 65 72 hes, every other
0ae0: 20 62 6c 6f 63 6b 20 62 65 66 6f 72 65 20 63 61 block before ca
0af0: 6e 27 74 20 62 65 20 63 68 61 6e 67 65 64 20 77 n't be changed w
0b00: 69 74 68 6f 75 74 20 63 68 61 6e 67 69 6e 67 20 ithout changing
0b10: 74 68 65 20 6c 61 73 74 0a 62 6c 6f 63 6b 2c 20 the last.block,
0b20: 74 6f 6f 2e 20 20 54 68 65 20 70 72 6f 62 6c 65 too. The proble
0b30: 6d 20 69 73 3a 20 68 6f 77 20 64 6f 20 79 6f 75 m is: how do you
0b40: 20 6b 6e 6f 77 20 69 74 27 73 20 5f 74 68 65 5f know it's _the_
0b50: 20 76 61 6c 69 64 20 6c 61 73 74 20 62 6c 6f 63 valid last bloc
0b60: 6b 3f 0a 0a 42 69 74 43 6f 69 6e 27 73 20 70 72 k?..BitCoin's pr
0b70: 6f 6f 66 20 6f 66 20 77 6f 72 6b 20 63 6f 6e 63 oof of work conc
0b80: 65 70 74 20 69 73 20 74 68 61 74 20 79 6f 75 20 ept is that you
0b90: 6e 65 65 64 20 74 6f 20 69 6e 76 65 73 74 20 61 need to invest a
0ba0: 20 63 65 72 74 61 69 6e 20 61 6d 6f 75 6e 74 20 certain amount
0bb0: 6f 66 0a 77 6f 72 6b 20 74 6f 20 73 69 67 6e 20 of.work to sign
0bc0: 61 20 62 6c 6f 63 6b 2c 20 73 6f 20 74 68 65 20 a block, so the
0bd0: 6f 6c 64 65 72 20 61 20 62 6c 6f 63 6b 20 69 73 older a block is
0be0: 2c 20 74 68 65 20 6d 6f 72 65 20 77 6f 72 6b 20 , the more work
0bf0: 69 74 20 74 61 6b 65 73 20 74 6f 20 66 6f 72 67 it takes to forg
0c00: 65 0a 69 74 2c 20 61 6e 64 20 72 65 63 69 70 72 e.it, and recipr
0c10: 6f 63 61 6c 2c 20 74 68 65 20 6d 6f 72 65 20 77 ocal, the more w
0c20: 6f 72 6b 20 74 68 61 74 20 77 65 6e 74 20 69 6e ork that went in
0c30: 74 6f 20 61 20 63 68 61 69 6e 2c 20 74 68 65 20 to a chain, the
0c40: 6d 6f 72 65 20 e2 80 9c 74 72 75 65 e2 80 9d 20 more “true”
0c50: 69 74 0a 69 73 2e 20 20 54 68 61 74 20 63 6f 6e it.is. That con
0c60: 63 65 70 74 20 6f 72 69 67 69 6e 61 74 65 73 20 cept originates
0c70: 66 72 6f 6d 20 61 20 63 72 79 70 74 6f 2d 61 6e from a crypto-an
0c80: 61 72 63 68 69 63 20 64 65 73 69 67 6e 3a 20 69 archic design: i
0c90: 6e 20 74 68 65 20 42 69 74 43 6f 69 6e 0a 77 6f n the BitCoin.wo
0ca0: 72 6c 64 2c 20 65 76 65 72 79 62 6f 64 79 20 69 rld, everybody i
0cb0: 73 20 70 73 65 75 64 6f 6e 79 6d 6f 75 73 2c 20 s pseudonymous,
0cc0: 73 6f 20 65 76 65 6e 20 74 68 65 20 73 69 67 6e so even the sign
0cd0: 61 74 75 72 65 20 66 6f 72 20 74 68 65 20 62 6c ature for the bl
0ce0: 6f 63 6b 73 20 61 72 65 0a 64 6f 6e 65 20 62 79 ocks are.done by
0cf0: 20 61 6e 6f 6e 79 6d 6f 75 73 20 63 6f 77 61 72 anonymous cowar
0d00: 64 73 20 28 61 6e 64 20 74 68 61 74 20 69 73 20 ds (and that is
0d10: 6a 75 73 74 20 61 20 68 61 73 68 2c 20 74 68 65 just a hash, the
0d20: 72 65 27 73 20 6e 6f 20 69 64 65 6e 74 69 74 79 re's no identity
0d30: 0a 61 73 73 6f 63 69 61 74 65 64 20 77 69 74 68 .associated with
0d40: 20 74 68 61 74 20 68 61 73 68 29 2e 20 20 57 65 that hash). We
0d50: 20 61 72 65 20 62 61 63 6b 20 62 65 66 6f 72 65 are back before
0d60: 20 74 68 65 20 66 69 72 73 74 20 70 72 6f 6d 69 the first promi
0d70: 73 73 6f 72 79 20 6e 6f 74 65 73 2c 0a 77 68 6f ssory notes,.who
0d80: 20 61 74 20 6c 65 61 73 74 20 68 61 64 20 69 64 at least had id
0d90: 65 6e 74 69 66 79 61 62 6c 65 20 69 6e 64 69 76 entifyable indiv
0da0: 69 64 75 61 6c 73 20 6f 72 20 69 6e 73 74 69 74 iduals or instit
0db0: 75 74 69 6f 6e 73 20 61 73 20 73 69 67 6e 65 72 utions as signer
0dc0: 73 2e 0a 0a 57 65 20 68 61 76 65 20 74 6f 20 67 s...We have to g
0dd0: 6f 20 6f 6e 65 20 6d 6f 72 65 20 73 74 65 70 20 o one more step
0de0: 62 61 63 6b 2c 20 74 6f 20 73 65 65 20 77 68 65 back, to see whe
0df0: 72 65 20 74 68 61 74 20 61 74 74 61 63 6b 20 6f re that attack o
0e00: 72 69 67 69 6e 61 74 65 73 0a 69 6e 20 74 68 65 riginates.in the
0e10: 20 74 68 72 65 61 74 20 6d 6f 64 65 6c 3a 20 69 threat model: i
0e20: 74 27 73 20 61 20 6d 61 6e 20 69 6e 20 74 68 65 t's a man in the
0e30: 20 6d 69 64 64 6c 65 20 28 4d 49 54 4d 29 20 61 middle (MITM) a
0e40: 74 74 61 63 6b 20 74 6f 20 70 72 65 76 65 6e 74 ttack to prevent
0e50: 0a 74 68 65 20 70 72 6f 70 65 72 20 73 70 72 65 .the proper spre
0e60: 61 64 2d 6f 75 74 20 6f 66 20 74 68 65 20 63 75 ad-out of the cu
0e70: 72 72 65 6e 74 20 62 6c 6f 63 6b 2e 20 20 41 20 rrent block. A
0e80: 4d 49 54 4d 20 61 74 74 61 63 6b 20 74 6f 20 61 MITM attack to a
0e90: 20 50 32 50 0a 6e 65 74 77 6f 72 6b 2e 20 20 50 P2P.network. P
0ea0: 72 65 76 65 6e 74 69 6e 67 20 4d 49 54 4d 20 61 reventing MITM a
0eb0: 74 74 61 63 6b 73 20 68 61 73 20 6f 74 68 65 72 ttacks has other
0ec0: 20 61 74 74 65 6d 70 74 73 20 74 6f 20 73 6f 6c attempts to sol
0ed0: 76 65 20 74 68 65 6d 2c 0a 65 69 74 68 65 72 2c ve them,.either,
0ee0: 20 65 76 65 6e 20 74 72 75 73 74 20 6f 6e 20 66 even trust on f
0ef0: 69 72 73 74 20 75 73 65 20 28 54 4f 46 55 29 20 irst use (TOFU)
0f00: 64 6f 65 73 20 61 20 64 65 73 63 65 6e 74 20 6a does a descent j
0f10: 6f 62 2e 20 20 41 6e 64 20 74 68 61 74 27 73 0a ob. And that's.
0f20: 6c 69 6b 65 6c 79 20 74 68 65 20 65 78 70 6c 61 likely the expla
0f30: 6e 61 74 69 6f 6e 2c 20 77 68 79 20 65 76 65 6e nation, why even
0f40: 20 41 6c 74 43 6f 69 6e 73 20 77 69 74 68 20 76 AltCoins with v
0f50: 65 72 79 20 6c 69 74 74 6c 65 20 77 6f 72 6b 20 ery little work
0f60: 64 69 64 6e 27 74 0a 67 65 74 20 68 61 63 6b 65 didn't.get hacke
0f70: 64 20 6f 6e 20 74 68 61 74 20 70 61 72 74 2e 0a d on that part..
0f80: 0a 41 6e 79 20 73 61 6e 65 20 73 65 63 75 72 65 .Any sane secure
0f90: 20 70 65 65 72 20 74 6f 20 70 65 65 72 20 6e 65 peer to peer ne
0fa0: 74 77 6f 72 6b 20 6f 75 67 68 74 20 74 6f 20 68 twork ought to h
0fb0: 61 76 65 20 73 6f 6d 65 74 68 69 6e 67 20 62 65 ave something be
0fc0: 74 74 65 72 0a 74 68 61 6e 20 6e 6f 74 68 69 6e tter.than nothin
0fd0: 67 3a 20 54 4f 46 55 20 6f 72 20 50 4b 49 73 20 g: TOFU or PKIs
0fe0: 74 68 61 74 20 69 6d 70 72 6f 76 65 20 74 72 75 that improve tru
0ff0: 73 74 2e 20 20 41 6e 64 20 74 68 61 74 20 61 20 st. And that a
1000: 66 75 6c 6c 2d 62 6c 6f 77 6e 0a 50 4b 49 20 74 full-blown.PKI t
1010: 61 6b 65 73 20 61 77 61 79 20 74 68 65 20 61 6e akes away the an
1020: 6f 6e 79 6d 69 74 79 20 69 73 20 6e 6f 74 20 61 onymity is not a
1030: 20 70 72 6f 62 6c 65 6d 3a 20 41 20 62 69 67 20 problem: A big
1040: 77 61 72 65 68 6f 75 73 65 20 6f 66 0a 41 53 49 warehouse of.ASI
1050: 43 73 20 74 6f 20 6d 69 6e 65 20 42 69 74 43 6f Cs to mine BitCo
1060: 69 6e 73 20 61 6c 73 6f 20 63 6f 6d 70 6c 65 74 ins also complet
1070: 65 6c 79 20 62 6c 6f 77 73 20 74 68 65 20 61 6e ely blows the an
1080: 6f 6e 79 6d 69 74 79 20 6f 66 20 74 68 65 0a 6d onymity of the.m
1090: 69 6e 65 72 2e 20 20 54 68 65 20 6d 69 6e 65 72 iner. The miner
10a0: 20 6f 72 20 73 69 67 6e 65 72 20 64 6f 65 73 6e or signer doesn
10b0: 27 74 20 6e 65 65 64 20 61 6e 6f 6e 79 6d 69 74 't need anonymit
10c0: 79 3b 20 74 68 65 20 70 61 72 74 69 65 73 20 74 y; the parties t
10d0: 68 61 74 0a 61 63 74 75 61 6c 6c 79 20 65 78 63 hat.actually exc
10e0: 68 61 6e 67 65 20 63 6f 69 6e 73 20 61 72 65 20 hange coins are
10f0: 74 68 65 20 6f 6e 65 73 20 77 68 6f 20 77 61 6e the ones who wan
1100: 74 20 61 6e 6f 6e 79 6d 69 74 79 2e 0a 0a 53 6f t anonymity...So
1110: 20 74 6f 20 73 65 63 75 72 65 20 74 68 65 20 42 to secure the B
1120: 6c 6f 63 6b 43 68 61 69 6e 20 72 65 71 75 69 72 lockChain requir
1130: 65 73 20 74 77 6f 20 74 68 69 6e 67 73 3a 20 46 es two things: F
1140: 69 72 73 74 2c 20 74 68 65 20 6f 70 65 72 61 74 irst, the operat
1150: 6f 72 73 0a 6f 66 20 66 75 6c 6c 20 6e 6f 64 65 ors.of full node
1160: 73 20 28 74 68 6f 73 65 20 77 68 6f 20 74 61 6b s (those who tak
1170: 65 20 61 6e 64 20 76 61 6c 69 64 61 74 65 20 74 e and validate t
1180: 72 61 6e 73 61 63 74 69 6f 6e 73 29 20 6e 65 65 ransactions) nee
1190: 64 20 74 6f 20 68 61 76 65 0a 6b 6e 6f 77 6e 20 d to have.known
11a0: 6b 65 79 73 2c 20 73 6f 20 79 6f 75 20 63 61 6e keys, so you can
11b0: 20 63 6f 6e 6e 65 63 74 20 74 6f 20 74 68 65 6d connect to them
11c0: 20 77 69 74 68 6f 75 74 20 4d 49 54 4d 20 61 74 without MITM at
11d0: 74 61 63 6b 73 2e 0a 0a 53 65 63 6f 6e 64 2c 20 tacks...Second,
11e0: 79 6f 75 20 63 61 6e 20 6a 75 73 74 20 6d 61 6b you can just mak
11f0: 65 20 73 75 72 65 20 79 6f 75 20 68 61 76 65 20 e sure you have
1200: 65 6e 6f 75 67 68 20 73 61 6e 63 74 69 6f 6e 73 enough sanctions
1210: 20 61 6e 64 20 61 75 64 69 74 61 62 6c 65 0a 73 and auditable.s
1220: 69 67 6e 65 72 73 20 6f 66 20 74 68 65 73 65 20 igners of these
1230: 62 6c 6f 63 6b 73 2e 20 20 54 68 65 20 62 6c 6f blocks. The blo
1240: 63 6b 20 63 68 61 69 6e 20 77 69 74 68 20 74 68 ck chain with th
1250: 65 20 68 69 67 68 65 73 74 20 61 6d 6f 75 6e 74 e highest amount
1260: 20 6f 66 0a 74 72 75 73 74 20 77 69 6e 73 2e 20 of.trust wins.
1270: 20 48 6f 77 20 64 6f 20 79 6f 75 20 2a 2a 6d 65 How do you **me
1280: 61 73 75 72 65 2a 2a 20 74 72 75 73 74 3f 20 20 asure** trust?
1290: 43 61 6e 20 79 6f 75 20 65 6e 75 6d 65 72 61 74 Can you enumerat
12a0: 65 20 74 72 75 73 74 3f 0a 52 65 6c 69 61 62 6c e trust?.Reliabl
12b0: 65 20 73 69 67 6e 65 72 73 20 68 61 76 65 20 73 e signers have s
12c0: 69 67 6e 65 64 20 6d 61 6e 79 20 62 6c 6f 63 6b igned many block
12d0: 73 2e 20 20 47 61 6d 65 20 74 68 65 6f 72 79 20 s. Game theory
12e0: 73 68 6f 77 73 20 74 68 61 74 0a 72 65 70 65 61 shows that.repea
12f0: 74 65 64 20 63 6f 6c 6c 61 62 6f 72 61 74 69 76 ted collaborativ
1300: 65 20 69 6e 74 65 72 61 63 74 69 6f 6e 73 20 61 e interactions a
1310: 72 65 20 6d 6f 72 65 20 72 65 77 61 72 64 69 6e re more rewardin
1320: 67 20 74 68 61 6e 20 63 68 65 61 74 69 6e 67 2c g than cheating,
1330: 0a 77 68 69 63 68 20 63 61 6e 20 62 65 20 70 75 .which can be pu
1340: 6e 69 73 68 65 64 20 77 69 74 68 20 6c 6f 6e 67 nished with long
1350: 2d 74 65 72 6d 20 65 66 66 65 63 74 73 2e 20 20 -term effects.
1360: 41 6c 73 6f 3a 20 74 68 65 20 6d 6f 72 65 20 73 Also: the more s
1370: 69 67 6e 65 72 73 0a 79 6f 75 20 68 61 76 65 2c igners.you have,
1380: 20 74 68 65 20 62 65 74 74 65 72 2e 20 20 56 65 the better. Ve
1390: 72 69 66 69 65 64 20 73 69 67 6e 65 72 73 20 61 rified signers a
13a0: 72 65 20 62 65 74 74 65 72 20 74 68 61 6e 20 61 re better than a
13b0: 6e 6f 6e 79 6d 6f 75 73 0a 73 69 67 6e 65 72 73 nonymous.signers
13c0: 2c 20 62 65 63 61 75 73 65 20 61 6e 6f 6e 79 6d , because anonym
13d0: 6f 75 73 20 73 69 67 6e 65 72 73 20 63 61 6e 20 ous signers can
13e0: 62 65 20 61 20 73 79 62 69 6c 6c 20 61 74 74 61 be a sybill atta
13f0: 63 6b 2e 0a 0a 54 6f 20 61 76 6f 69 64 20 69 6e ck...To avoid in
1400: 74 72 75 64 65 72 73 20 72 65 2d 73 69 67 6e 69 truders re-signi
1410: 6e 67 20 6f 6c 64 65 72 20 62 6c 6f 63 6b 73 2c ng older blocks,
1420: 20 72 6f 74 61 74 65 20 73 69 67 6e 61 74 75 72 rotate signatur
1430: 65 20 73 75 62 6b 65 79 73 20 65 61 63 68 0a 72 e subkeys each.r
1440: 6f 75 6e 64 2e 20 20 41 20 77 65 6c 6c 2d 62 65 ound. A well-be
1450: 68 61 76 69 6e 67 20 73 69 67 6e 65 72 20 77 69 having signer wi
1460: 6c 6c 20 6c 6f 73 65 20 74 68 65 20 6f 6c 64 20 ll lose the old
1470: 6b 65 79 20 65 61 63 68 20 72 6f 75 6e 64 20 28 key each round (
1480: 6a 75 73 74 20 6b 65 65 70 20 69 74 0a 6c 6f 6e just keep it.lon
1490: 67 20 65 6e 6f 75 67 68 20 73 6f 20 74 68 61 74 g enough so that
14a0: 20 74 68 65 20 63 6f 6d 6d 69 74 6d 65 6e 74 20 the commitment
14b0: 6f 66 20 74 68 65 20 6e 65 77 20 6b 65 79 20 69 of the new key i
14c0: 6e 20 74 68 65 20 6e 65 78 74 20 62 6c 6f 63 6b n the next block
14d0: 20 69 73 0a 63 6f 6e 66 69 72 6d 65 64 29 2c 20 is.confirmed),
14e0: 61 6e 64 20 74 68 65 72 65 66 6f 72 65 20 69 73 and therefore is
14f0: 20 75 6e 61 62 6c 65 20 74 6f 20 74 61 6d 70 65 unable to tampe
1500: 72 20 6f 6c 64 20 62 6c 6f 63 6b 73 3b 20 73 69 r old blocks; si
1510: 6d 69 6c 61 72 20 74 6f 20 65 70 68 65 6d 65 72 milar to ephemer
1520: 61 6c 0a 65 6e 63 72 79 70 74 69 6f 6e 2c 20 77 al.encryption, w
1530: 68 65 72 65 20 79 6f 75 20 61 72 65 20 75 6e 61 here you are una
1540: 62 6c 65 20 74 6f 20 64 65 63 72 79 70 74 20 74 ble to decrypt t
1550: 68 65 20 74 72 61 66 66 69 63 20 79 6f 75 72 73 he traffic yours
1560: 65 6c 66 20 6c 61 74 65 72 2e 0a 0a 59 6f 75 20 elf later...You
1570: 63 61 6e 20 68 61 76 65 20 61 20 70 72 6f 6f 66 can have a proof
1580: 20 6f 66 20 77 6f 72 6b 20 74 6f 20 70 72 65 76 of work to prev
1590: 65 6e 74 20 73 79 62 69 6c 6c 20 61 74 74 61 63 ent sybill attac
15a0: 6b 73 2c 20 65 2e 67 2e 20 6d 61 6e 64 61 74 69 ks, e.g. mandati
15b0: 6e 67 20 74 68 61 74 20 74 6f 0a 65 6e 74 65 72 ng that to.enter
15c0: 20 74 68 65 20 74 72 75 73 74 20 72 69 6e 67 2c the trust ring,
15d0: 20 79 6f 75 20 6e 65 65 64 20 74 6f 20 68 61 76 you need to hav
15e0: 65 20 61 20 6b 65 79 20 77 69 74 68 20 61 20 63 e a key with a c
15f0: 65 72 74 61 69 6e 20 70 72 65 66 69 78 2e 20 20 ertain prefix.
1600: 54 68 61 74 0a 77 6f 75 6c 64 20 62 65 20 6f 6e That.would be on
1610: 65 2d 6f 66 66 20 77 6f 72 6b 2c 20 62 65 63 61 e-off work, beca
1620: 75 73 65 20 74 68 65 6e 20 79 6f 75 20 77 61 6e use then you wan
1630: 74 20 74 6f 20 73 74 61 79 20 74 68 65 72 65 20 t to stay there
1640: 77 69 74 68 20 74 68 61 74 20 69 64 65 6e 74 69 with that identi
1650: 74 79 2c 0a 61 6e 64 20 61 63 63 75 6d 75 6c 61 ty,.and accumula
1660: 74 65 20 6d 6f 72 65 20 74 72 75 73 74 20 62 79 te more trust by
1670: 20 73 69 67 6e 69 6e 67 20 69 6e 20 63 6f 6e 73 signing in cons
1680: 65 6e 73 75 73 2e 20 20 49 74 20 6a 75 73 74 20 ensus. It just
1690: 63 72 65 61 74 65 73 20 61 6e 20 65 6e 74 72 79 creates an entry
16a0: 0a 62 61 72 72 69 65 72 20 61 6e 64 20 61 76 6f .barrier and avo
16b0: 69 64 73 20 44 44 6f 53 69 6e 67 20 74 68 65 20 ids DDoSing the
16c0: 6c 65 64 67 65 72 73 20 77 69 74 68 20 61 70 70 ledgers with app
16d0: 6c 69 63 61 74 69 6f 6e 73 20 66 6f 72 20 70 61 lications for pa
16e0: 72 74 69 63 69 70 61 74 69 6f 6e 2e 0a 0a 4f 66 rticipation...Of
16f0: 20 63 6f 75 72 73 65 2c 20 65 76 65 72 79 20 74 course, every t
1700: 72 61 6e 73 61 63 74 69 6f 6e 20 77 69 74 68 69 ransaction withi
1710: 6e 20 74 68 65 20 62 6c 6f 63 6b 20 6f 75 67 68 n the block ough
1720: 74 20 74 6f 20 69 6e 63 6c 75 64 65 20 74 68 65 t to include the
1730: 0a 70 72 65 76 69 6f 75 73 20 62 6c 6f 63 6b 27 .previous block'
1740: 73 20 68 61 73 68 20 61 73 20 73 74 61 72 74 69 s hash as starti
1750: 6e 67 20 6b 65 79 20 66 6f 72 20 74 68 65 20 68 ng key for the h
1760: 61 73 68 20 63 61 6c 63 75 6c 61 74 69 6f 6e 2c ash calculation,
1770: 20 73 6f 0a 74 68 61 74 20 74 68 65 79 20 63 6f so.that they co
1780: 6e 74 72 69 62 75 74 65 20 74 6f 20 74 68 65 20 ntribute to the
1790: 75 6e 63 68 61 6e 67 65 61 62 6c 65 20 63 68 61 unchangeable cha
17a0: 69 6e 2c 20 61 6e 64 20 63 61 6e 27 74 20 62 65 in, and can't be
17b0: 20 6d 6f 76 65 64 20 74 6f 0a 61 6e 79 20 6f 74 moved to.any ot
17c0: 68 65 72 20 66 61 6b 65 20 63 68 61 69 6e 20 28 her fake chain (
17d0: 74 68 65 79 20 77 6f 6e 27 74 20 76 65 72 69 66 they won't verif
17e0: 79 20 74 68 65 72 65 29 2e 20 20 46 75 72 74 68 y there). Furth
17f0: 65 72 6d 6f 72 65 2c 20 65 61 63 68 0a 74 72 61 ermore, each.tra
1800: 6e 73 61 63 74 69 6f 6e 20 28 64 65 73 70 69 74 nsaction (despit
1810: 65 20 62 65 69 6e 67 20 61 6e 6f 6e 79 6d 6f 75 e being anonymou
1820: 73 29 20 61 64 64 73 20 74 6f 20 74 68 65 20 74 s) adds to the t
1830: 72 75 73 74 20 76 61 6c 75 65 3a 20 6d 6f 72 65 rust value: more
1840: 0a 74 72 61 6e 73 61 63 74 69 6f 6e 73 20 69 6e .transactions in
1850: 20 6f 6e 65 20 62 6c 6f 63 6b 20 6d 65 61 6e 73 one block means
1860: 20 74 68 61 74 20 69 74 20 69 73 20 6d 6f 72 65 that it is more
1870: 20 74 72 75 73 74 77 6f 72 74 68 79 2c 20 62 65 trustworthy, be
1880: 63 61 75 73 65 0a 6d 6f 72 65 20 70 65 6f 70 6c cause.more peopl
1890: 65 20 66 6f 75 6e 64 20 69 74 73 20 77 61 79 20 e found its way
18a0: 74 6f 20 74 68 69 73 20 62 72 61 6e 63 68 20 6f to this branch o
18b0: 66 20 42 6c 6f 63 6b 43 68 61 69 6e 20 72 65 61 f BlockChain rea
18c0: 6c 69 74 79 2e 0a 0a 4e 6f 74 65 20 74 68 61 74 lity...Note that
18d0: 20 74 68 65 20 70 61 72 74 69 74 69 6f 6e 65 64 the partitioned
18e0: 20 42 6c 6f 63 6b 43 68 61 69 6e 20 62 65 6c 6f BlockChain belo
18f0: 77 20 6d 61 6b 65 73 20 69 74 20 66 61 72 20 6d w makes it far m
1900: 6f 72 65 20 65 78 70 65 6e 73 69 76 65 0a 74 6f ore expensive.to
1910: 20 66 61 6b 65 20 61 20 63 68 61 69 6e 3a 20 59 fake a chain: Y
1920: 6f 75 20 6e 65 65 64 20 74 6f 20 67 65 6e 65 72 ou need to gener
1930: 61 74 65 20 73 69 67 6e 61 74 75 72 65 73 20 61 ate signatures a
1940: 6e 64 20 61 63 74 69 76 69 74 69 65 73 20 69 6e nd activities in
1950: 20 61 6c 6c 0a 6f 66 20 74 68 65 6d 3b 20 74 68 all.of them; th
1960: 65 20 66 61 6b 65 20 61 63 74 69 76 69 74 69 65 e fake activitie
1970: 73 20 79 6f 75 20 67 65 6e 65 72 61 74 65 20 61 s you generate a
1980: 72 65 20 77 69 74 68 20 74 68 65 20 63 6f 69 6e re with the coin
1990: 73 20 79 6f 75 20 6f 77 6e 3b 0a 79 6f 75 20 68 s you own;.you h
19a0: 61 76 65 20 6e 6f 20 6f 74 68 65 72 73 2e 20 20 ave no others.
19b0: 53 61 6e 63 74 69 6f 6e 73 20 66 6f 72 20 6d 69 Sanctions for mi
19c0: 73 62 65 68 61 76 6f 69 72 20 63 61 6e 20 6d 61 sbehavoir can ma
19d0: 6b 65 20 73 75 72 65 20 74 68 65 73 65 0a 63 6f ke sure these.co
19e0: 69 6e 73 20 61 72 65 20 6c 6f 73 74 3b 20 74 68 ins are lost; th
19f0: 65 20 66 61 6b 65 20 63 68 61 69 6e 20 69 73 20 e fake chain is
1a00: 74 68 65 20 70 72 6f 6f 66 20 6f 66 20 6d 69 73 the proof of mis
1a10: 62 65 68 61 76 69 6f 72 2e 0a 0a 54 68 6f 73 65 behavior...Those
1a20: 20 61 64 64 69 74 69 6f 6e 61 6c 20 63 6f 69 6e additional coin
1a30: 73 20 63 6f 75 6c 64 20 62 65 20 75 73 65 64 20 s could be used
1a40: 74 6f 20 63 6f 6d 70 65 6e 73 61 74 65 20 66 6f to compensate fo
1a50: 72 20 74 68 65 20 6c 6f 73 73 20 6f 66 20 74 68 r the loss of th
1a60: 65 0a 76 69 63 74 69 6d 20 6f 66 20 64 6f 75 62 e.victim of doub
1a70: 6c 65 20 73 70 65 6e 64 69 6e 67 2e 0a 0a 23 23 le spending...##
1a80: 20 57 68 65 72 65 20 74 6f 20 68 69 6a 61 63 6b Where to hijack
1a90: 20 74 68 65 20 70 72 6f 6f 66 20 6f 66 20 77 6f the proof of wo
1aa0: 72 6b 20 42 6c 6f 63 6b 43 68 61 69 6e 0a 0a 4c rk BlockChain..L
1ab0: 65 74 27 73 20 61 73 73 75 6d 65 20 77 65 20 63 et's assume we c
1ac0: 61 6e 20 61 74 74 61 63 6b 20 42 69 74 43 6f 69 an attack BitCoi
1ad0: 6e 73 20 62 6c 6f 63 6b 20 63 68 61 69 6e 3a 20 ns block chain:
1ae0: 57 68 65 72 65 20 77 6f 75 6c 64 20 77 65 20 61 Where would we a
1af0: 74 74 61 63 6b 20 69 74 3f 20 20 41 74 0a 74 68 ttack it? At.th
1b00: 65 20 65 6e 64 2c 20 77 68 69 63 68 20 61 6c 6c e end, which all
1b10: 6f 77 73 20 75 73 20 74 6f 20 64 6f 20 64 6f 75 ows us to do dou
1b20: 62 6c 65 20 73 70 65 6e 64 69 6e 67 20 6f 66 20 ble spending of
1b30: 74 68 65 20 63 6f 69 6e 73 20 77 65 20 6f 77 6e the coins we own
1b40: 3f 20 20 57 68 6f 20 77 6f 75 6c 64 0a 64 6f 20 ? Who would.do
1b50: 74 68 61 74 3f 20 20 50 72 6f 62 61 62 6c 79 20 that? Probably
1b60: 73 6f 6d 65 6f 6e 65 20 77 69 74 68 20 61 20 6c someone with a l
1b70: 6f 74 20 6f 66 20 63 6f 69 6e 73 20 69 6e 73 69 ot of coins insi
1b80: 64 65 2c 20 73 6f 20 70 72 6f 6f 66 20 6f 66 20 de, so proof of
1b90: 73 74 61 6b 65 20 69 73 20 61 0a 62 61 64 20 69 stake is a.bad i
1ba0: 64 65 61 20 28 65 73 70 65 63 69 61 6c 6c 79 2c dea (especially,
1bb0: 20 73 69 6e 63 65 20 74 68 61 74 20 61 6c 6c 6f since that allo
1bc0: 77 73 20 79 6f 75 20 74 6f 20 73 70 65 6e 64 20 ws you to spend
1bd0: 74 68 65 20 73 61 6d 65 20 63 6f 69 6e 20 6e 6f the same coin no
1be0: 74 20 6a 75 73 74 0a 74 77 69 63 65 2c 20 62 75 t just.twice, bu
1bf0: 74 20 6d 61 6e 79 20 74 69 6d 65 73 3b 20 65 76 t many times; ev
1c00: 65 6e 20 69 66 20 79 6f 75 20 6c 6f 73 65 20 74 en if you lose t
1c10: 68 65 20 73 74 61 6b 65 20 69 6e 20 71 75 65 73 he stake in ques
1c20: 74 69 6f 6e 2c 20 69 74 27 73 20 73 74 69 6c 6c tion, it's still
1c30: 20 61 0a 62 69 67 20 77 69 6e 29 2e 0a 0a 4f 72 a.big win)...Or
1c40: 20 61 74 74 61 63 6b 20 69 74 20 61 74 20 74 68 attack it at th
1c50: 65 20 66 72 6f 6e 74 2c 20 77 68 65 72 65 20 6d e front, where m
1c60: 6f 73 74 20 63 6f 69 6e 73 20 68 61 76 65 20 6e ost coins have n
1c70: 6f 74 20 79 65 74 20 62 65 65 6e 20 6d 69 6e 65 ot yet been mine
1c80: 64 2c 0a 61 6e 64 20 62 79 20 70 72 6f 64 75 63 d,.and by produc
1c90: 69 6e 67 20 61 20 66 61 6b 65 20 66 6f 72 6b 20 ing a fake fork
1ca0: 6f 66 20 61 6c 6c 20 74 68 65 20 74 72 61 6e 73 of all the trans
1cb0: 61 63 74 69 6f 6e 73 20 61 66 74 65 72 77 61 72 actions afterwar
1cc0: 64 73 2c 20 79 6f 75 0a 63 6f 75 6c 64 20 74 75 ds, you.could tu
1cd0: 72 6e 20 6f 76 65 72 20 61 6c 6c 20 74 68 65 20 rn over all the
1ce0: 63 6f 69 6e 73 20 69 6e 20 74 68 65 20 65 6e 74 coins in the ent
1cf0: 69 72 65 20 42 69 74 43 6f 69 6e 20 75 6e 69 76 ire BitCoin univ
1d00: 65 72 73 65 20 74 6f 20 79 6f 75 2e 0a 41 6c 6c erse to you..All
1d10: 20 79 6f 75 20 6e 65 65 64 20 69 73 20 65 6e 6f you need is eno
1d20: 75 67 68 20 70 6f 77 65 72 20 74 6f 20 63 61 6c ugh power to cal
1d30: 63 75 6c 61 74 65 20 61 20 66 75 6c 6c 20 63 68 culate a full ch
1d40: 61 69 6e 20 63 6f 6e 73 69 64 65 72 61 62 6c 79 ain considerably
1d50: 0a 66 61 73 74 65 72 20 74 68 61 6e 20 74 68 65 .faster than the
1d60: 20 6d 69 6e 65 72 73 2e 0a 0a 49 73 20 74 68 61 miners...Is tha
1d70: 74 20 76 69 61 62 6c 65 3f 20 20 49 74 20 77 6f t viable? It wo
1d80: 6e 27 74 20 67 6f 20 69 6e 20 75 6e 64 65 74 65 n't go in undete
1d90: 63 74 65 64 2c 20 62 75 74 20 73 69 6e 63 65 20 cted, but since
1da0: 74 68 65 20 65 61 72 6c 79 20 6d 69 6e 69 6e 67 the early mining
1db0: 0a 77 61 73 20 6d 6f 72 65 20 70 72 6f 66 69 74 .was more profit
1dc0: 61 62 6c 65 20 69 6e 20 6e 75 6d 62 65 72 73 20 able in numbers
1dd0: 6f 66 20 63 6f 69 6e 73 2c 20 61 6e 64 20 66 61 of coins, and fa
1de0: 72 20 65 61 73 69 65 72 20 28 62 65 63 61 75 73 r easier (becaus
1df0: 65 20 74 68 65 0a 64 69 66 66 69 63 75 6c 74 79 e the.difficulty
1e00: 20 77 61 73 20 6d 75 63 68 20 6c 65 73 73 20 74 was much less t
1e10: 68 61 6e 20 74 6f 64 61 79 29 2c 20 69 74 27 73 han today), it's
1e20: 20 74 65 63 68 6e 69 63 61 6c 6c 79 20 6e 6f 74 technically not
1e30: 20 74 68 61 74 20 68 61 72 64 2e 0a 41 6e 64 20 that hard..And
1e40: e2 80 9c 6c 6f 6e 67 65 73 74 20 63 68 61 69 6e “longest chain
1e50: e2 80 9d 20 69 73 20 6e 6f 74 20 73 75 66 66 69 ” is not suffi
1e60: 63 69 65 6e 74 20 74 6f 20 64 65 66 65 6e 64 20 cient to defend
1e70: 74 68 61 74 20 61 74 74 61 63 6b 3a 20 49 74 20 that attack: It
1e80: 6e 65 65 64 73 0a 74 6f 20 62 65 20 74 68 65 20 needs.to be the
1e90: 63 68 61 69 6e 20 77 69 74 68 20 6d 6f 73 74 20 chain with most
1ea0: 77 6f 72 6b 20 69 6e 76 6f 6c 76 65 64 20 69 6e work involved in
1eb0: 2e 20 20 54 68 65 20 66 61 6b 65 20 63 68 61 69 . The fake chai
1ec0: 6e 20 63 6f 75 6c 64 20 62 65 0a 6f 6e 65 20 77 n could be.one w
1ed0: 68 65 72 65 20 74 68 65 20 61 64 6a 75 73 74 6d here the adjustm
1ee0: 65 6e 74 20 66 6f 72 20 74 68 65 20 64 69 66 66 ent for the diff
1ef0: 69 63 75 6c 74 79 20 69 73 20 73 65 74 20 74 6f iculty is set to
1f00: 6f 20 6c 6f 77 2e 0a 0a 42 69 74 43 6f 69 6e 20 o low...BitCoin
1f10: 61 64 64 72 65 73 73 65 73 20 74 68 61 74 2c 20 addresses that,
1f20: 74 68 65 20 63 68 61 69 6e 20 6c 65 6e 67 74 68 the chain length
1f30: 20 69 73 20 74 68 65 20 73 75 6d 20 6f 66 20 74 is the sum of t
1f40: 68 65 0a 64 69 66 66 69 63 75 6c 74 69 65 73 2e he.difficulties.
1f50: 20 20 42 75 74 20 74 68 65 20 70 72 6f 62 6c 65 But the proble
1f60: 6d 20 72 65 6d 61 69 6e 73 3a 20 4c 65 74 27 73 m remains: Let's
1f70: 20 73 61 79 20 43 68 69 6e 61 20 63 6f 6e 66 69 say China confi
1f80: 73 63 61 74 65 73 0a 74 68 65 20 41 53 49 43 20 scates.the ASIC
1f90: 6d 69 6e 65 72 27 73 20 65 71 75 69 70 6d 65 6e miner's equipmen
1fa0: 74 2c 20 77 68 69 63 68 20 77 69 6c 6c 20 72 65 t, which will re
1fb0: 73 75 6c 74 20 69 6e 20 61 20 73 69 67 6e 69 66 sult in a signif
1fc0: 69 63 61 6e 74 6c 79 0a 72 65 64 75 63 65 64 20 icantly.reduced
1fd0: 64 69 66 66 69 63 75 6c 74 79 20 69 6e 20 74 68 difficulty in th
1fe0: 65 20 72 65 73 74 20 6f 66 20 74 68 65 20 77 6f e rest of the wo
1ff0: 72 6c 64 27 73 20 42 6c 6f 63 6b 43 68 61 69 6e rld's BlockChain
2000: 2e 20 20 41 6e 64 20 74 68 65 6e 20 69 74 0a 75 . And then it.u
2010: 73 65 73 20 74 68 65 20 63 6f 6e 66 69 73 63 61 ses the confisca
2020: 74 65 64 20 65 71 75 69 70 6d 65 6e 74 20 74 6f ted equipment to
2030: 20 63 6f 6e 73 74 72 75 63 74 20 61 20 63 68 61 construct a cha
2040: 69 6e 20 74 68 61 74 20 68 61 73 20 6d 6f 72 65 in that has more
2050: 0a 64 69 66 66 69 63 75 6c 74 79 20 69 6e 20 69 .difficulty in i
2060: 74 20 74 68 61 6e 20 74 68 65 20 65 6e 74 69 72 t than the entir
2070: 65 20 63 68 61 69 6e 20 66 72 6f 6d 20 74 68 65 e chain from the
2080: 20 72 65 73 74 20 6f 66 20 74 68 65 20 77 6f 72 rest of the wor
2090: 6c 64 20 e2 80 94 20 69 74 0a 6d 69 67 68 74 20 ld — it.might
20a0: 74 61 6b 65 20 61 20 79 65 61 72 20 6f 72 20 74 take a year or t
20b0: 77 6f 2c 20 62 75 74 20 69 74 27 73 20 64 6f 61 wo, but it's doa
20c0: 62 6c 65 2e 0a 0a 41 6e 64 20 74 68 65 6e 20 69 ble...And then i
20d0: 74 20 62 75 73 74 73 20 74 68 65 20 65 6e 74 69 t busts the enti
20e0: 72 65 20 42 69 74 43 6f 69 6e 20 6c 65 64 67 65 re BitCoin ledge
20f0: 72 20 62 79 20 72 65 6c 65 61 73 69 6e 67 20 74 r by releasing t
2100: 68 61 74 20 63 68 61 69 6e 2c 20 77 68 69 63 68 hat chain, which
2110: 0a 65 73 73 65 6e 74 69 61 6c 6c 79 20 68 61 73 .essentially has
2120: 20 6f 6e 6c 79 20 75 6e 73 70 65 6e 64 61 62 6c only unspendabl
2130: 65 20 63 6f 69 6e 73 20 69 6e 73 69 64 65 20 28 e coins inside (
2140: 63 6f 69 6e 73 20 6f 77 6e 65 64 20 62 79 20 74 coins owned by t
2150: 68 65 20 43 68 69 6e 65 73 65 29 2c 0a 62 65 63 he Chinese),.bec
2160: 61 75 73 65 20 69 6e 20 74 68 61 74 20 72 65 76 ause in that rev
2170: 69 73 69 6f 6e 20 6f 66 20 68 69 73 74 6f 72 79 ision of history
2180: 2c 20 74 68 65 79 20 77 65 72 65 20 61 6c 6c 20 , they were all
2190: 6d 69 6e 65 64 20 62 79 20 73 6f 6d 65 6f 6e 65 mined by someone
21a0: 20 65 6c 73 65 2e 0a 0a 59 6f 75 20 73 74 69 6c else...You stil
21b0: 6c 20 6e 65 65 64 20 74 6f 20 73 70 65 6e 64 20 l need to spend
21c0: 6d 6f 72 65 20 65 66 66 6f 72 74 20 6f 6e 20 74 more effort on t
21d0: 68 61 74 20 61 73 20 74 68 65 20 6d 69 6e 65 72 hat as the miner
21e0: 73 20 73 70 65 6e 64 2c 20 62 75 74 0a 79 6f 75 s spend, but.you
21f0: 20 74 68 65 6e 20 6f 77 6e 20 61 6c 6c 20 74 68 then own all th
2200: 65 20 63 68 65 61 70 2c 20 65 61 73 79 20 74 6f e cheap, easy to
2210: 20 65 61 72 6e 20 65 61 72 6c 79 20 63 6f 69 6e earn early coin
2220: 73 2e 0a 0a 42 75 74 20 69 6e 20 66 61 63 74 20 s...But in fact
2230: 74 68 65 20 62 79 20 66 61 72 20 65 61 73 69 65 the by far easie
2240: 73 74 20 68 69 6a 61 63 6b 20 69 73 20 74 6f 20 st hijack is to
2250: 63 72 65 61 74 65 20 61 20 73 6c 69 67 68 74 6c create a slightl
2260: 79 20 69 6e 63 6f 6d 70 61 74 69 62 6c 65 0a 70 y incompatible.p
2270: 72 6f 74 6f 63 6f 6c 2e 20 20 54 68 69 73 20 69 rotocol. This i
2280: 73 20 64 65 6c 69 62 65 72 61 74 65 6c 79 20 73 s deliberately s
2290: 70 6c 69 74 74 69 6e 67 20 74 68 65 20 6e 65 74 plitting the net
22a0: 77 6f 72 6b 2c 20 6f 75 74 20 69 6e 20 74 68 65 work, out in the
22b0: 20 6f 70 65 6e 2c 20 77 69 74 68 0a 65 66 66 65 open, with.effe
22c0: 63 74 69 76 65 6c 79 20 6e 6f 74 20 6d 75 63 68 ctively not much
22d0: 20 77 6f 72 6b 20 72 65 71 75 69 72 65 64 2c 20 work required,
22e0: 61 6e 64 20 74 68 69 73 20 61 6c 6c 6f 77 73 20 and this allows
22f0: 74 6f 20 64 6f 75 62 6c 65 2d 73 70 65 6e 64 2c to double-spend,
2300: 20 65 76 65 6e 0a 74 68 6f 75 67 68 20 74 68 65 even.though the
2310: 20 42 69 74 43 6f 69 6e 20 66 6f 72 6b 20 64 6f BitCoin fork do
2320: 65 73 6e 27 74 20 68 61 76 65 20 74 68 65 20 73 esn't have the s
2330: 61 6d 65 20 70 72 69 63 65 2e 20 42 75 74 20 74 ame price. But t
2340: 68 65 20 70 72 69 63 65 20 69 73 20 6e 6f 74 20 he price is not
2350: 74 68 65 0a 70 6f 69 6e 74 3a 20 54 68 65 20 70 the.point: The p
2360: 6f 69 6e 74 20 69 73 20 74 68 65 20 70 72 6f 6d oint is the prom
2370: 69 73 65 20 6f 66 20 74 68 65 20 75 6e 69 71 75 ise of the uniqu
2380: 65 20 61 73 73 65 74 2e 20 20 4a 75 73 74 20 74 e asset. Just t
2390: 68 69 6e 6b 20 6f 66 20 72 65 61 6c 0a 65 73 74 hink of real.est
23a0: 61 74 65 20 69 6e 20 74 68 65 20 42 6c 6f 63 6b ate in the Block
23b0: 43 68 61 69 6e 2e 20 20 42 79 20 68 61 76 69 6e Chain. By havin
23c0: 67 20 66 6f 72 6b 73 2c 20 42 69 74 43 6f 69 6e g forks, BitCoin
23d0: 20 73 68 6f 77 73 20 74 68 61 74 20 69 74 20 63 shows that it c
23e0: 61 6e 20 6f 6e 6c 79 0a 66 75 6c 66 69 6c 6c 20 an only.fulfill
23f0: 74 68 61 74 20 77 69 74 68 69 6e 20 61 20 63 6f that within a co
2400: 6e 73 65 6e 74 20 6f 66 20 74 68 65 20 70 72 6f nsent of the pro
2410: 74 6f 63 6f 6c 2c 20 61 6e 64 20 74 68 61 74 27 tocol, and that'
2420: 73 20 61 63 74 75 61 6c 6c 79 20 6f 75 74 73 69 s actually outsi
2430: 64 65 20 74 68 65 0a 63 68 61 69 6e 20 69 74 73 de the.chain its
2440: 65 6c 66 2e 0a 0a 53 6f 20 74 68 65 20 65 78 65 elf...So the exe
2450: 63 75 74 61 62 6c 65 20 70 72 6f 74 6f 63 6f 6c cutable protocol
2460: 20 73 70 65 63 2c 20 74 68 65 20 63 6f 64 65 20 spec, the code
2470: 66 6f 72 20 63 68 65 63 6b 69 6e 67 20 61 20 62 for checking a b
2480: 6c 6f 63 6b 20 66 6f 72 0a 76 61 6c 69 64 69 74 lock for.validit
2490: 79 20 69 74 73 65 6c 66 20 73 68 6f 75 6c 64 20 y itself should
24a0: 62 65 20 70 61 72 74 20 6f 66 20 74 68 65 20 63 be part of the c
24b0: 68 61 69 6e 2c 20 61 6e 64 20 6f 6e 6c 79 20 75 hain, and only u
24c0: 70 64 61 74 65 64 20 69 6e 0a 63 6f 6e 73 65 6e pdated in.consen
24d0: 73 75 73 2e 20 20 41 6e 64 20 61 6e 79 20 74 72 sus. And any tr
24e0: 61 6e 73 61 63 74 69 6f 6e 20 6e 65 65 64 20 74 ansaction need t
24f0: 6f 20 6c 69 6e 6b 20 74 6f 20 74 68 65 20 70 72 o link to the pr
2500: 6f 74 6f 63 6f 6c 20 62 6c 6f 63 6b 2c 0a 61 6e otocol block,.an
2510: 64 20 69 66 20 61 20 74 72 61 6e 73 61 63 74 69 d if a transacti
2520: 6f 6e 20 69 73 20 66 6f 75 6e 64 20 74 68 61 74 on is found that
2530: 20 6c 69 6e 6b 73 20 74 6f 20 61 20 6e 6f 74 20 links to a not
2540: 61 63 63 65 70 74 65 64 20 70 72 6f 74 6f 63 6f accepted protoco
2550: 6c 0a 62 6c 6f 63 6b 2c 20 69 74 20 77 69 6c 6c l.block, it will
2560: 20 63 61 75 73 65 20 61 20 71 75 61 72 61 6e 74 cause a quarant
2570: 69 6e 65 20 6f 66 20 74 68 65 20 63 6f 72 72 65 ine of the corre
2580: 73 70 6f 6e 64 69 6e 67 20 63 6f 69 6e 2e 20 20 sponding coin.
2590: 54 68 61 74 0a 6d 65 61 6e 73 20 79 6f 75 20 67 That.means you g
25a0: 65 74 20 70 75 6e 69 73 68 65 64 20 66 6f 72 20 et punished for
25b0: 73 70 65 6e 64 69 6e 67 20 69 74 20 69 6e 20 74 spending it in t
25c0: 68 65 20 66 6f 72 6b 2e 0a 0a 49 74 20 6e 65 65 he fork...It nee
25d0: 64 73 20 74 6f 20 62 65 20 64 6f 6e 65 20 69 6e ds to be done in
25e0: 20 61 20 77 61 79 20 74 6f 20 6b 65 65 70 20 74 a way to keep t
25f0: 68 65 20 62 61 6c 61 6e 63 65 2e 0a 0a 5b 75 70 he balance...[up
2600: 5d 28 73 71 75 69 64 2e 6d 64 29 20 5b 62 61 63 ](squid.md) [bac
2610: 6b 5d 28 73 71 75 69 64 2d 6d 6f 6e 65 79 2e 6d k](squid-money.m
2620: 64 29 20 5b 6e 65 78 74 5d 28 73 71 75 69 64 2d d) [next](squid-
2630: 66 65 64 2e 6d 64 29 0a fed.md).