1.5 A Simple Cryptocurrency
These are my notes of the fifth lecture from Coursera’s Bitcoin and Cryptocurrency Technologies during Dec 2016 – Feb 2017. This lecture covers simpler cryptocurrencies to allow one to think about the consequences of certain properties. Thus the takeaways for this post focus on these properties that are relevant to current currencies.
Questions answered in this Post:
- What happens when only one party create coins?
- What is a double spend?
- What does append only ledger mean and why does it help stop double spends
- What is an issue with Scrooge coin?
GoofyCoin
The first coin talked about was called GoofyCoin. Here are the main rules
- Only Goofy can create new coins. He owns the new coins created.
- Whoever owns the coin can spend it
- A coin is a string “CreateCoin [uniqueCoinID]” and Goofy’s signature
- One can verify the coin by looking at Goofy’s valid signature as they walk up the chain of previous signatures of a coin.
Goofy can create new coins. When he creates new coins, he generates a uniqueCoinID that is signed by pk_Goofy (public key Goofy). All new coins are owned by Goofy. Whoever owns the coin can spend it. Spending a coin means transferring the coin from one person to another which is done by cryptographic operations.
So if Goofy wants to transfer a coin to Donald, he has to go through a several steps. First steps wold create a new statement “Pay this to Donald” where this is a has pointer that references the coin in. The word “Donald” in the previous sentence refers to Donald’s public key. Goofy also signs the string since he owns the coin, he must sign that he is spending it. This statement now indicates that Donald now owns to the coin and he can spend it if he wants in a similar fashion. Each time an action is done to the coin, it gets chained together. The chain could be thought of as a linked list of hash pointers where hash pointer contains the hash of the previous coin. The initial creating pointer only contains a Create Coin uniqueCoinID statement and signature of Goofy.
Spending a coin means
Take the coins history
Donald payment
signed by pk_Goofy
pay to pk_Donald: H(head)
head
signed by pk_Goofy
CreateCoin [uniqueCoinID]
Now Donald owns the coin and she has to present the full blockchain if required.
Now let’s say Donald pays the coin to Daffy then the chain now gets another entry.
Daffy payment
signed by pk_Donald
pay to pk_Daffy: H(Donald’s payment)
Donald’s payment
signed by pk_Goofy
pay to pk_Donald: H(head)
head
signed by pk_Goofy
CreateCoin [uniqueCoinID]
This is not a decentralized coin since only Goofy can create the coins. Also, the only people who know about the passing of coins are those present in the chain. Thus if Donald tries to give coins to Porky then there would almost be a two parallel paths that would not known about each other. Porky and Daffy could both look up the block chain they were given by Donald and verify that they had a valid coin created by Goofy. However, Donald was able to “double spend” his coin which is a severe issue.
double-spending attack – someone one tries to spend a coin more than once.
Brainstorm ways to stop it:
Have a single ledger that everyone looks at. That would be similar to a bank today in that the bank holds one’s balance.
Scrooge Coin
This coin tries to prevent what happened with Goofy Coin. However it still has the property that only Scrooge creates coins. Scrooge publishes a history of all transactions (block chain, signed by Scrooge) instead of having others pass it along.
Scrooge is publishing then an append-only ledger. An append-only ledger means that any data written to the ledger will remain forever and thus only a single history will occur even if transferring of coins occurs between different people.
1 transaction per block for simplicity
Now Daffy and Porky cannot both get paid because Scrooge would have published both transactions and thus dependent on which one came first the other would be invalid. So while one person would lose, and it is not clear since it depends on which Scrooge publishes first. Having this published history helps people detect double spending and thus Porky can reject the coin if he notices that Donald is trying to send invalid coin.
Scrooge may also have the job to look for double spends as well and thus would only accept one and reject the other.
Here’s what it will look at breaking down the transactions.
Create Coins Block
transID: ## type: CreateCoins
num | value | recipient (pk)
Pay Coins Block
transID: ** type: Paycoins
consumed coinIDs:
coins created to new recipients
Validity Rules for Scrooge
- consumed coins valid
- not already consumed (Within the same block?)
- total value out == total value input
- signed by owners of all consumed coins
This transaction is signed by all owners who are payers
Coins are immutable so they’re constantly created and destroyed when you pay people.
Coins need to have at least these properties:
Some transID(num) as its identifier
Some value
Some recipient that it belongs to
When a coin is paid, the old coin is consumed and a new coin is created
What are the issues with Scrooge Coin?
Still not decentralized and you have to trust Scrooge.
If Scrooge stops creating, validating coins, and telling the truth, then the coin should no longer be trusted. He can allow for double spends as well as not meet people’s expectations in terms of how much coin they transferred.