The goal of this series is to understand Ethereum; how it works, what is being built on top of it, and what other projects it competes with. To understand anything, one must first understand the history of how it came about. Thus, in the first part of the series the focus will be on the projects and concepts that led to the first blockchain, bitcoin. The next part will focus on how bitcoin brought all these concepts together and what exactly a blockchain is. Then, the focus will shift to Ethereum in detail.
To accompany these posts will be tweet threads.
Brief History:
We can pick up the history the first blockchain in the early 1990’s with the publication of A Cypherpunk’s Manifesto1. The Cypherpunks were computer scientist worried about privacy in the early days of the internet. They foresaw the world becoming increasingly digital with the growth of the internet and saw privacy and security of information and transaction as paramount. The ideal was to create a sovereign, free and open internet. To achieve their aims, they turned to cryptography. Cryptography was largely illegal so the Cypherpunks had to fight to even use the technology but that is a tangent for another time2.
Cryptography is a field of mathematic techniques for encrypting and decrypting data in order to keep it private when transmitting electronically (it is the art and science of secure information). Cryptography is about privacy and aims to keep data secret from all those but the intended parties. To do this, cryptography relies on two steps: encryption and decryption. Encryption uses a cipher to encrypt data so that only another party who knows how to decrypt the data (based on the cipher) can read it. Here is a simple example3:
I want to send the message, “Go” to a friend with cryptographic privacy.
To do so we use a basic shift cipher that shifts the alphabet 3 letters.
“G” --> “J”
“O” --> “R”
The message goes from “Go” to “Jr” and only my friend can understand it.
Note: This is an example of symmetric encryption. Blockchains use asymmetric encryption in the form of public-key cryptography.
The movement increasingly focused on creating a digitally native form of money as the foundation of a digitally sovereign economy built on the internet. It is important to keep in mind Cypherpunks economics views; they were deeply skeptical of central bank control over monetary policy given the collapse of the Bretton Woods system.
Quick Economics 101 detour. Bretton Woods was the international monetary system established after WWII (at a conference in Bretton Woods, New Hampshire). Under this system fiat currencies were directly pegged to the US dollar, with the US dollar pegged to gold (which the United States held a lot of as a result of coming out of WWII in the best condition). Thus, under this system fiat currencies were indirectly pegged to gold. Currencies pegged to actual assets helps to keep governments monetary matters in check. This system came under pressure and broke in the early 1970’s as the United States spent heavily (Vietnam War, Great Society programs) while Europe and Asia had recovered from the devastations of WWII (thus the dynamics of the international monetary system had changed from the complete US hegemony following WWII)4.
The Cypherpunks skepticism of central bank control of monetary policy is well founded in the history of governments debasing their currencies for political needs5. Simplistically, when a government prints money, there is then more money chasing the same amount of real assets; each individual dollar an individual holds buys less and less as the printing continues. We seem to be living through the proof of this concern in real time. Below is a chart comparing the S&P 500 to the US Federal Reserve balance sheet since the 2008 financial crisis via (the legend) Raoul Pal6.
The Cypherpunks wanted to create a digitally native form of money and to do this it had to be free from government intervention – the internet could not be truly free unless it had its own money.
Building the Foundation for Bitcoin:
This section is going to focus on past attempts at creating a digital currency; the lessons learned from those attempts, as well as the ethos of the different projects. This will help get a better understanding of the philosophical underpinnings of “crypto culture”. Ideologies and beliefs are a fundamental part of the cryptocurrency space as many of these projects can, at times, look like religions from the outside.
In trying to create digital money, the first issue is the double spend problem: how to make sure the same monetary unit cannot be spent in two separate places at the same time. For example, if I have a dollar bill and copy the serial number “ABC” on that dollar to create digital dollar ABC. I could then copy that serial number ABC and use that same digital dollar ABC in multiple transactions (i.e. double spend that dollar). Because it is just bits on a computer, there is no way to know or define which dollar is “real” in this case. In the traditional financial system, we use centralized intermediaries (like governments, banks, and corporations) to solve this issue. This centralization of control leads to different problems (like governments having centralized control over monetary policy) but more on decentralization vs. centralization to come.
DigiCash:
Arguably the most important bitcoin predecessor was DigiCash, created in 1989 by David Chaum. DigiCash was based on the eCash algorithm which aimed to create private digital money that could not be double spent. Essentially, DigiCash would give consumers access to digital currency issued from a bank, while the bank (and anyone else) would not know how that digital currency was stored or spent7. Here is a simplified version of how it would work:
Coins (that have specific serial numbers and denominations; cryptographically signed by the bank) are issued to users by the bank.
User then uses coin to pay merchant. The merchant then sends the coin to the bank to make sure that coin is valid.
The bank verifies that the signature, serial number, and denomination are correct and that the coin has not already been spent. Then pays out the merchant to end the transaction8.
There was a privacy feature in the above DigiCash system based on the idea of “blind signatures” from David Chaum’s paper Blind Signatures for Untraceable Payments9. When the user puts one dollar into the bank, the user requests one dollar of eCash (digital money) in return. With this request, the user generates a serial number for the coin and a random “blinding factor” to hide which serial number belongs to the user.
A helpful framework is to think of the blinding factor as an envelope; the user generates a coin (serial number), signs it and puts it in an envelope (blinding factor). The bank then cryptographically confirms the envelope (serial number and blinding factor) that holds the coin using a blind signature (blind because the bank does not know who exactly owns the coin; it was sent in an envelope). The user gets the coin back and can remove the coin from the envelope and has a valid coin. The user then uses the coin to transact with a merchant; the merchant confirms with the bank who must honor the coin because the bank cryptographically signed it.
These concepts serve as the foundation of cryptographic public keys and private keys which will be an important topic in understand how exactly a blockchain works.
DigiCash thus solved the double spend problem while maintaining privacy by using a centralized third-party (bank) and cryptography. The project ultimately went bankrupt in 1998, losing out to credit cards and companies like PayPal.
e-gold:
e-gold launched in 1996 by Douglas Jackson who believed that gold-backed money was more sound economic policy. His goal was to use the power of the internet to make his ideal a reality. The e-gold system was digital money that was backed by gold. It allowed users to open an account and hold gold-backed digital dollars (a gold standard like mechanism for a payments network); then make instant transfers to other e-gold accounts10. The accounts were anonymous and allowed users to send gold-backed money across the internet (thus across the physical globe) without boundaries (permitted you had an e-gold account). By 2005, e-gold had 3.5 million accounts in 165 countries, with millions of dollars going through the system.
The problem was that given the anonymity of users and ability to transfer value across the internet, e-gold became a hotspot for illegal activity (credit card scammers, fraud, etc.). Despite Jackson helping the United States Justice Department by reporting criminal activity once he became aware of it, Jackson was charged with money laundering and money transmitter laws which led to the demise of e-gold11. It was an important lesson in a governments’ power to destroy an alternative form of money.
Both DigiCash and e-gold were collateralized systems (DigiCash was collateralized with US dollars and e-gold with gold) that ended up having centralized points within the purview of the government. This proved to be inhibiting in attempting to create an anonymous private digital money on the internet.
Hashcash:
Hashcash was invented by Adam Back in 1997 to prevent email spam. As the internet grew email spam increasingly became a problem because sending an email was free. Thus, a spammer could send spam emails abundantly with impunity. Digital currency had not yet been invented, making it difficult to simply charge on a per email basis.
The solution created by Hashcash was a “proof-of-work” (PoW) concept. In cryptography, PoW is the proof that work has been completed and takes the form of a computational puzzle. Solving for the solution to this puzzle proves that work has been completed. It is important for this puzzle to be: easy to state, hard to solve, and easy to verify12. The puzzle can be altered in difficulty to have the puzzle solver spend a certain amount in solving the puzzle (for example, a penny to send an email).
Secure Hash Algorithm 1 (SHA-1): SHA-1 is a cryptographic hash function (CHF) that was originally designed by the US National Security Agency (NSA). CHF is an algorithm that maps data of an arbitrary size (called the “message”) to a fixed size output (the “hash” or “hash value”)13. SHA-1 for example, renders a hexadecimal number that is 40 digits long as the output to the function14. Importantly CHF are one-way functions which means the 40-digit output cannot be reversed to see what the original input was.
The Hashcash PoW used SHA-1 with the difficulty of the puzzle to be solved being determined by a number. For example, if the number was five then to solve the puzzle generate a SHA-1 hash (the output from the CHF function) that starts with five zeros (in binary). For a CHF you cannot predict the output of the function and so to try to solve the puzzle there is no choice but to sequence through numbers until the answer (five zeros in binary in this case) is found. Thus, literally using computational power to run the SHA-1 algorithm, using a different number as input (the nonce), until the answer is found. Once the SHA-1 output with five zeros is found, then it is easy to verify (because you can see the five zeros) but due to the one-way functionality, the original message cannot be derived in reverse15. Bitcoin uses a similar mechanism (but a more advanced CHF – SHA-256).
This PoW concept is used by bitcoin to secure the network with the Hashcash example specifically cited in the bitcoin white paper.
The next two projects to be discussed (b-money and Bit Gold) functioned more as conceptual white papers than real world projects. However, both were important in the eventual creation of bitcoin.
b-money:
In 1998 Wei Dai published a paper for b-money which would be cited by Satoshi Nakamoto (pseudonymous creator of bitcoin white paper) ten years later in the bitcoin white paper. The b-money white paper starts by praising “crypto-anarchy” ideas in which government is, “permanently forbidden and permanently unnecessary”. Seeing a community where violence is impossible because members of the community are not linked to their true names or locations16. This community would need a medium of exchange and a way to enforce contracts. The paper presents two protocols that attempt to solve for these issues.
In the b-money white paper there are important ideas for blockchains of the future17:
Proof-of-Work (PoW): the first protocol in the b-money white paper discusses the creation of money. The creation of money is based on solving a computational problem (and broadcasting the solution to others in the network so that they can confirm the work) and being rewarded an amount commensurate with the computing effort required to solve the computational problem. Thus, b-money used a PoW protocol to mint new money.
Importantly, it must be easy to show how much computing effort was required to solve the problem (so that the payment matched the work done), and the problem and subsequent solution must have no other value (so that computational power would be used strictly for the protocol with no incentive to use it elsewhere). PoW is instrumental to bitcoin, more on that later.
Broadcasting/signing transactions and decentralized ledger: using the b-money protocol, if user A wants to send user B money, then user A broadcasts the message “I give X units to user B”. Then other network participants debit user A’s account and credits user B’s account. In this way, b-money was also a distributed ledger; meaning that network participants had a copy of the ledger to keep track of who had what. There was a second part of the protocol that mandated the current “state” of ownership was kept by a subset of “servers” (so every single individual did not have to participate but rather a certain number of servers – or “nodes”) who would verify the transactions on the network (to dis-incentivize cheating, each node had to deposit money in a special account that would pay fines for misconduct).
This concept of a decentralized ledger and transactions broadcast to the network for confirmation are fundamental to bitcoin. This forms the basis of triple-entry bookkeeping that bitcoin finalizes. The state of who owns what at a given time is presented and agreed upon by the network.
The issue with the b-money system is that the verification of transactions were voting based. Thus, a malicious user could gain control of a majority of the server votes and cheat the system. This is called a Sybil attack. Bitcoin would solve this using PoW computation.
Sybil attack: this is when a malicious user spins up many new identities (called Sybil’s after the book Sybil about dissociative identity disorder) in a pseudonymous system to exercise control. In the case of b-money, a user could create multiple identities to run multiple nodes to try to get enough control over the entire network and double spend the digital money18. This is because the protocol relies on a majority of nodes voting instead of using computing power (if 51% of the nodes need to agree on the state of the blockchain, then a malicious individual could spin up enough nodes to take control of the network (i.e. have 51% of the votes individually).
Bitcoin was able to solve for this issue using a majority of computational power method (one-CPU-one-vote instead of one-identity-one-vote); thus, if an individual wanted to take control of the network, he/she would need to have a majority of the computational power, which is much more difficult to secure given that computational power is expensive (and others have incentives to mine and maintain the value of the system).
Smart Contracts: the second part of the crypto-anarchy ideal espoused in the b-money paper was the ability to enforce contracts. This was proposed to be done by structuring a protocol that would set parameters for transaction between two parties; disputes being solved in third-party arbitration.
For example, user A must send user B the answer to homework problem #3 by tomorrow night at midnight. If this is done, user A pays user B $10. If not, user B pays user A $5; user C arbitrates in case of dispute and must pay $10 to each if user C does not perform duties. This arbitrator could try to cheat the network. Thus, the problem is that there is centralized control in the need for an arbitrator instead of pure code running the contract (which is the foundation of smart contracts).
b-money was never manifested into reality and remained a blog post that helped spawn bitcoin.
Bit Gold:
Bit Gold19 is a 2005 paper published by Nick Szabo who is considered one of the great minds within the cryptocurrency space (and rumored to be Satoshi himself). The focus is on the issues that arise from trust of a third-party in traditional financial systems; the 20th century had many inflationary and hyperinflationary episodes that destroyed the purchasing power of the currency held by citizens of a nation (showing that trusting a central bank with the value of life savings can lead to reduced purchasing power).
The idea was to replicate the economic properties of gold while improving the security properties (gold has been looted and confiscated in the past, including gold confiscation by US government in 1933). Precious metals (mainly gold) have a forced scarcity due to natural rarity and the high costs of extraction. However, there are issues, precious metals are difficult to transport and assay into small amounts for individual transactions (thus historically a centralized party has minted coins composed of a certain quantity of precious metal – this leads to the problems of a trusted third-party that Szabo wants to solve for). This led Szabo to state:
“it would be very nice if there were a protocol whereby unforgeably costly bits could be created online with minimal dependence on trusted third parties, and then securely stored, transferred, and assayed with similar minimal trust”.
This was the idea behind Bit Gold (and it sounds a lot like bitcoin) – possessing wealth first-hand is the purpose of gold but in reality, it involves trusting a third-party. There might be a way to create a trustless, digital version of gold that would allow for direct ownership.
Bit Gold was very similar to b-money – PoW, distributed ledger, public-key cryptography for identity, nodes in networking voting for consensus. Quick introduction to timestamping:
Digital timestamp: timestamping identifies the date and time in which a specific event has occurred (in this case when transactions on the network occurred and when those transactions were verified). This process helps to order transactions and set the difficulty of the hash function puzzle to be solved (this will be important for bitcoin). Bit Gold used trusted servers to order and timestamp transactions (bitcoin takes a more decentralized approach).
Bit Gold was also open to Sybil attacks and was only a white paper, though another stepping-stone towards bitcoin.
Napster & BitTorrent (P2P networking):
One of the chief objectives in creating bitcoin was to have a decentralized and censorship resistant network. To accomplish this, important lessons from the early 2000’s were learned in computer network architecture.
Computer network architecture 101: the traditional internet in its current form runs in a centralized “client-server” model. Within this architecture, a centralized computer (a server) hosts, distributes, and controls the computing resources and services that are used by the “client”20. Computers are connected through the server in a network, but the network has a centralized choke point. A simple example:
Netflix runs its application on Amazon Web Services (AWS).
AWS houses servers in a warehouse to run applications (like Netflix).
Each time I want to use Netflix, the application (Netflix) works with the AWS server to deliver the request.
Thus, there is centralization because Netflix is running on a central server that all users are using (AWS, in this simplistic example).
This is what happened to DigiCash, the network was centralized and so when the government came in it was easy to shut down.
There is another network architecture called peer-to-peer (P2P) that does not have a centralized server. Instead, in this form of network architecture, each peer carries some of the load of the network and the role of client and server is combined (i.e. each node in the network plays both roles at different times).
Napster:
Napster, founded in 1999, was a combination of client/server and P2P architecture that would come to show the power of P2P networking. Napster had a centralized repository where users could search MP3 files for download. When a user searched “Eminem”, then search results from the central Napster server would present MP3 files for download (this is the client/server aspect) hosted by all the users in the network. If the user then selected “Sing for the Moment” from the Eminem search results for download, the user would download that file directly from the other user who uploaded that file (this is the P2P aspect of the network)21.
Effectively, all the MP3 files were centralized for search, then actually shared directly between users in the network. Napster peaked in February 2001 and was subsequently “sued by everyone who’s ever been to the Grammys” for copyright violations. Due to the centralized search functionality, Napster did not survive the legal troubles because once the central server was forced to shut down the system had no way to run.
BitTorrent:
BitTorrent was initially developed in 2001 by Bram Cohen as a P2P filing sharing protocol. The protocol was based on a private network of “trackers” that provided the infrastructure through which files can be transferred (thus no direct centralization as in the Napster example). Downloading of files was done P2P with different pieces of the file simultaneously downloading from multiple computers (the concept of a “swarm”). Core to the protocol was the idea that if you give more, you get more (incentives); the more a user shares with others, the faster that users download speeds will be.
Functionally, when a user selects a file for download, the tracker helps to find other computers running BitTorrent that have (or are also downloading) the file in question. The tracker helps trade pieces of the file; the user receives multiple pieces of the file from other computers (P2P)22. If the government took out one node in the network, there were still others in the swarm to download from. If the tracker was taken down, then another would appear because it was simply the infrastructure to guide the movement of files between nodes in the network. There were bumps along the road (legal issues, ISP battles) but the resilience and success of BitTorrent was a testament to the power of P2P networking.
BitTorrent is still alive today, having been acquired by the cryptocurrency project TRON in 201823.
Quick summary of the benefits of P2P networking24:
Decentralization: this is the idea that the network is not dependent on any one single node. If a single node is taken down or leaves the network, the network still functions (crash fault-tolerance). More on the costs and benefits of decentralization later.
Censorship resistance: if any single node becomes censored then due to the decentralization of the network, the rest of the network remains unharmed.
The last topic to touch on before jumping to bitcoin itself is a fundamental problem for decentralized networks, that is the Byzantine General’s Problem.
Byzantine Fault Tolerance (BFT): BFT is a solution to the problem of consensus among participants within a decentralized network. Consensus means general agreement among parties. In a distributed network of nodes, trying to have the entire network of nodes come to a consensus (general agreement) about how to act proves difficult given the presence of malicious actors attempting to subvert the network (cheaters). This problem was conceptualized in 1982 with the creation of the Byzantine General’s Problem25 with several Generals being located around a city and needing to coordinate an attack26.
The Generals are split up and may only communicate by messenger (one message at a time).
There must be consensus on which action to take, attack or retreat.
If the Generals either all attack or all retreat, they are okay.
If some attack and others retreat, then it is a bad result for all the Generals.
It is assumed that some Generals are disloyal and will attempt to cheat.
In attempting to create a blockchain, the problem is similar: there is a decentralized group of actors who can only coordinate via message (using computers) and need to come to a consensus about what to do.
A network is BFT when the network can maintain functionality as long as two-thirds of the network reaches consensus. It is a network that solves the Byzantine General’s Problem; bitcoin and most blockchains use a proof-of-work mechanism to come to consensus (although Ethereum has plans to switch to proof-of-stake). More on this to come.
The next part of this series will focus on how all these pieces came together to form bitcoin.
https://www.activism.net/cypherpunk/manifesto.html
https://nakamoto.com/the-cypherpunks/
https://thebestvpn.com/cryptography/
https://medium.com/jvnto/how-did-the-bretton-woods-system-work-and-why-did-it-break-down-adfefb2d29f3
https://www.goldandsilver.org/government-debasement-of-coinage/
https://twitter.com/RaoulGMI
https://fintoism.com/news/cryptocurrency/the-predecessors-of-bitcoin-blind-signatures-and-digicash/
http://www.cs.kent.edu/~javed/DL/papers/web/howdigicashworks.html
https://sceweb.sce.uhcl.edu/yang/teaching/csci5234WebSecurityFall2011/Chaum-blind-signatures.PDF
https://en.wikipedia.org/wiki/E-gold
https://www.wired.com/2009/06/e-gold/
https://nakamoto.com/hashcash/
https://en.wikipedia.org/wiki/Cryptographic_hash_function
https://en.wikipedia.org/wiki/SHA-1
https://nakamoto.com/hashcash/
http://www.weidai.com/bmoney.txt
https://btcmanager.com/the-history-of-bitcoin-part-3-what-is-b-money/
https://en.wikipedia.org/wiki/Sybil_attack
https://nakamotoinstitute.org/bit-gold/
https://www.w3schools.in/what-is-client-server-architecture/
https://nakamoto.com/p2p-networking/
https://history-computer.com/companies/the-history-of-bittorrent/
https://medium.com/@simonhmorris/why-bittorrent-mattered-bittorrent-lessons-for-crypto-1-of-4-fa3c6fcef488
https://nakamoto.com/p2p-networking/
http://pages.cs.wisc.edu/~bart/739/papers/byzantine.pdf
https://decrypt.co/resources/byzantine-fault-tolerance-what-is-it-explained