“DESIGN PRIMITIVES OF BLOCKCHAIN”

PROTOCOLS SECURITY CONSENSUS

PERMISSIONS PRIVACY

“PROTOCOLS IN BLOCKCHAIN”
In computer science, a protocol is a set of rules or procedures that govern
the transfer of data establishing how, in order for computers to exchange
information, the information must be structured and how each party will
send and receive it.

A blockchain is a network of multiple devices (nodes) — all equally

important — connected to each other through the internet. Essentially, a
blockchain is a ledger which stores the record of what has come in and gone
out in a distributed p2p manner after the transaction has been verified by
all participating nodes.

This distributed ledger works on pre-defined rules which are agreed upon
by all the participating nodes (the peers) in the network. These rules
include:
RULE 1
RULE 2
HOW TO GOVERN & RULE 3 (IN SOME
VALIDATE CASES)
USING AN ALGO THAT
TRANSACTIONS
DEFINES THE APPLICATION
MECHANISM FOR ALL PROGRAMMING
PARTICIPATING NODES INTERFACES
TO INTERACT WITH
EACH OTHER

These rules that govern a blockchain network are referred to as a protocol.

It is essentially the common communication rules that the network plays by.

Key terms for blockchain protocol

• Distributed Ledgers: Distributed ledgers are a type of database that

is spread across the multiple peers and the records are stored one
after the other in a continuous ledger.
• Smart Contracts: a set of logic rules in the form of a coded script
which can be embedded into the blockchain to govern a transaction.
• Consensus algorithm: an algorithm that defines the way consensus
will be reached on the network to verify the transactions.
• Coins and Tokens: Every blockchain protocol needs a digital asset to
keep the network running. These are also used as incentives for the
peers who participate in the network. This entails the presence of
digital assets such as coins and tokens. The two terms are often used
interchangeably in the realm of blockchain but there is a subtle
difference between the two.
Essentially, coins and tokens are the digital assets used to power a
blockchain network. Their functions are, more or less, same too. It is
 only the level in the protocol where they are defined that
differentiates them.
Coins are defined at the lowest level by the protocol itself. Coins are
the native digital asset of a blockchain network. For instance, bitcoin
protocol’s native currency is Bitcoin.
Tokens are the digital assets that are defined at a higher level not by
the protocol but by smart contracts. For instance, the Ethereum
protocol has a native coin Ether. Ethereum allows developers to build,
dApps on its protocol. The node-communication rules for one dApp
can be different from another dApp which are defined by smart
contracts. Tokens are, therefore, the native digital asset of dApps.

• 51% Attack: the ability of someone controlling more than 50% of

network nodes to revise transaction history and indulge in double
spending.
Example: The nodes on a blockchain network are supposed to
broadcast the blocks they form to the entire network. If a node, or a
group of nodes, begins to control more than 50% of the network, it can
indulge in forming blocks privately and not broadcast those to the
network. The network would still follow the public version of the
blockchain and the node can indulge in double-spending by first
spending their money on the public blockchain and then on the private
one.
After that, since they control 51% of the network, they can broadcast
their private version of the blockchain and form longer chains. Because
of the longest chain rule (which regards the longest chain to be the most
legitimate chain to mine on), the other participants will consider this to
be the correct chain. The previous transactions that were not included
 in this chain (because it was private) will be reversed giving the
malicious nodes access to other people’s money.

Examples of Blockchain Protocols

The world got introduced to the blockchain with the Bitcoin network.
Following different objectives and use cases that were envisioned, different
protocols were designed. We will look at the key features of three major
blockchain protocols.

• Bitcoin Protocol
• Ethereum Protocol
Bitcoin Protocol
Design objective: allowing crypto payment transactions over a
decentralised network.

• Public, permission less blockchain which anyone can join.

• Underlying technology components: cryptographic hash function, digital

signature, p2p network, private-and-public key encryption, and proof-
of-work (PoW) consensus algorithm.

• Decentralised because every node has access to complete information

on the blockchain.

• Users can conduct non-reversible transactions without the need to

explicitly trust a third-party.

• Native crypto currency Bitcoin

 Ethereum Protocol
Design Objective: It is a decentralized platform for programming a digital
currency.

OR

It is a blockchain platform for developers to launch their own blockchain

projects and decentralised applications.

• Public, permissionless blockchain

• Underlying technology components: cryptographic hash function, digital

signature, p2p network, private-and-public key encryption,
and proof-of-work consensus algorithm.

• Every node has access to complete information on the blockchain that’s

why it is Decentralised.

• Users can conduct non-reversible transactions without the need to

explicitly trust a third-party.

• Native cryptocurrency Ether.

The Ethereum blockchain gave a larger, wider horizon to the objectives that
blockchain could serve. Multiple cryptocurrency projects such as VeChain
and OmiseGo were launched using the Ethereum platform. It also became a
platform for dApp development and dApps such as Cryptokitties, Brave, and
PundiX were developed on it.
Essential features of a blockchain protocol
• Transactions and Smart Contracts
Blockchains are essentially ledgers and record transactions. A
transaction with respect to blockchain refers to an exchange of assets
manages under the rules (smart contracts) of the blockchain.
• Consensus and Trustlessness
All peers on a blockchain network reach a consensus to verify
transactions. This consensus is governed by an algorithm fed into the
protocol layer of the blockchain. The blockchain gives all peers an
identical copy of each transaction which eliminates trust thus making
a trust less, distributed network.

The essential features of a blockchain protocol can then be

summarized as:

• Decentralised: a blockchain must be stored in a way that it can be

accessed and copied and any node on the network.

• Immutable: blockchain records all transactions permanently. Once a

record is added, it cannot be changed.

• Consensus Driven: transactions on blockchain are verified only after all

the participating nodes have reached a consensus.
“CONSENSUS IN BLOCKCHAIN”
Consensus is a group-based protocol for reaching agreement dynamically
in a group. Compared to the majority voting, a consensus emphasizes that
the entire group as a whole could benefit by reaching a consensus. The
problem of dynamically getting a consensus in a group relies on group
based coordination. Such coordinated consensus may be tampered in the
presence of malicious actors and faulty processes. For example, a bad
actor(user) may secretly create conflicting messages to make group
members fail to act in unison, which breaks down the effectiveness of the
group to coordinate its actions. This problem is so called the “Byzantine
Generals Problem" (BGP). The failure of reaching consensus due to faulty
actors is referred to as Byzantine fault.

Proof of Work (PoW)

The consensus protocol designed by Satoshi Nakamoto for the Bitcoin is

aimed at reaching a coordinated consensus from the network on the
validity of each bitcoin transaction. It bypasses the Byzantine Generals
Problem by using the PoW protocol. We characterize the PoW with dual
properties:

(1) It should be difficult and time-consuming for any prover to produce a

proof that meets certain requirement, and

(2) It should be easy and fast for others to verify the proof in terms of its
correctness.

For the first property, one must design a proof of work challenge such that
computing a valid proof of work is difficult with low and somewhat random
probability, thus a lot of trial and error is needed.

We illustrate how the PoW works in terms of BGP. When the troops on the
east of the city want to send a message to the west side troops, it follows
the steps of the PoW protocol:

(1) Append a “nonce" (usually start with zero) to the original message,
which is a random hexadecimal value;
(2) Apply hash to the nonce augmented message and check if the hashing
result is less than or equal to a preset value (say starts with five zeros);

(3) If the hash condition is satisfied, the troops on one side of the city will
send the messenger to the troops on the other side of the city with the hash
of the message and the nonce. If not, then increase the nonce by one and
this process iterates until either the desired result is obtained. Finding the
right nonce can be time consuming and computationally expensive;

(4) Due to the collision-resistant property of hash function, it is hard to

tamper the hash of the message even if the messenger got caught, because
the hash of the tampered message will be drastically different from the
hash of the original message, and the generals on the west of the city can
verify whether the message starts with five zeros and disregard the
message if it not.

(5) Repeat the above process for multiple iterations such that multiple
messengers are sent from the east side troops to the west side troops
through the city.

This last step is to address a possible loophole with sending only one
messenger: If the city captured the messenger, got the message, tampered
with it and then accordingly by changing the nonce until the right nonce
value is found such that the desired hash result with required number of
zeros is obtained. Even though this process is computationally costly and
time consuming, it is still possible. The PoW protocol counters this loophole
by increasing strengths in numbers. First, by adding more messengers, the
probability of all of them get caught is reduced significantly. Second, even
some of them got caught, the amount of time required to tamper the
cumulative message and find the corresponding nonce for the hash will be
increased substantially. For a block to be valid in the blockchain, a miner
has to be able to hash it to a value less than or equal to the current target
and then presents its solution to the network for verification by other
nodes. The dual properties of PoW ensures that it is extremely difficult and
time consuming to find the right nonce for the appropriate hash target; and
yet it is super easy and simple to validate the hash result so that no
tampering has been made.
“Privacy and Permission”
In contrast to public blockchains, which everyone can read, write
transactions to, and participate in the consensus process, there is a wide
range of other options on how a blockchain might be designed and
implemented. As mentioned above, if only certain participants can join the
peer-to-peer network, the blockchain is considered permissioned or
private. The two main permissioned types of blockchains can be
categorised as:

• consortium based Blockchain

• Fully private Blockchain

Such blockchains would have trusted owners like government

departments, banks, etc., which make the consensus process simpler.

Consider, for example, a consortium of twenty financial institutions with a

simple consensus rule that fifteen institutions must sign every block in order
for the block to be valid and written to the blockchain. The right to read from
the blockchain can be made public, allowing everyone to read, or it can be
restricted to a group of participants.

The ability to read from the blockchain can also be restricted by different
levels of abstraction, for example, only the root hashes can be made public .

These blockchains are often seen as partially decentralised:

members of the public may be able to make a limited number of queries

and receive a cryptographic proof of the blockchain state. The fully private
blockchain means that the permission to write is centralised and managed
by a single organisation, while the read permission may still be public.

Some of the properties that are considered to be the main advantages of

private blockchains are as follows:

• The consortium or company running a private blockchain if want to can

easily change the rules of a blockchain, revert transactions, modify data
kept in the blockchain, etc.
• The trusted peers that govern the blockchain are known. This means that
the risk of a 51-percent attack arising from large-scale collusion is
mitigated.

• The private blockchain is more efficient: only trusted peers, with a very
high processing power, are used to verify transactions.

• Network infrastructure can be planned and controlled. Various network-

related problems (such as network delays and connection losses) might be
faster to fix.

• If permissions are restricted, private blockchains can provide a greater

level of privacy.

The main disadvantage, however, is the lack of immutability, i.e., the

property which makes the data written in the blockchain unchangeable.
This property is considered one of the main advantages of the public
permissionless blockchains. Indeed, the likelihood of misbehaviour by or
successful attacks on trusted peers will have a strong impact on the
guarantees provided by the private blockchain. For example, if a malicious
actor (block or peer) succeeds in controlling the trusted peers, the private
blockchain might not be able to offer any security guarantees.

“Security”
Blockchains are secured through a variety of mechanisms that include
advanced cryptographic techniques and mathematical models of behaviour
and decision-making. Blockchain technology is the underlying structure of
most cryptocurrency systems and is what prevents this kind of digital
money from being duplicated or destroyed.

The blockchain is constructed to ensure a number of inherent security

attributes, such as consistency, tamper-resistant, resistance to a
Distributed Denial-of-Service (DDoS) attack, pseudonymity, and resistance
to double-spending attack. However, to use blockchain for secure
distributed storage, additional security and privacy properties are
required.
• Consistency:
The concept of consistency in the context of blockchain as a
distributed global ledger refers to the property that all nodes have
the same ledger at the same time.
Within a blockchain network system, the strong consistency model
means that all nodes have the same ledger at the same time, and
during the time when the distributed ledger is being updated with
new data, any subsequent read/write requests will have to wait until
the commit of this update.
• Tamper-Resistance:
Tamper-resistance of blockchain means that any transaction
information stored in the blockchain cannot be tampered during and
after the process of block generation. Specifically, in a Bitcoin system,
new blocks are generated by mining nodes. There are two possible
ways that the transaction information may be tampered with:
(1) Miners may attempt to tamper with the information of received
transaction
(2) Adversary may attempt to tamper with the information stored on
the blockchain.

• Resistance to DDoS Attacks

DDoS attack refers to “distributed" DoS attack, namely, the incoming
traffic flooding attack to a victim is originated from many disparate
sources distributed across the Internet. A DDoS attacker may
compromise and use some individual’s computer to attack another
computer by taking advantage of security vulnerabilities or
weaknesses. By leveraging a set of such compromised computers, a
DDoS attacker may send huge amounts of data to a hosting website
or send spam to particular email addresses.
The serious concern in a DDoS attack is on the availability of
blockchain and is related to the question of whether a DDoS attacker
can make the blockchain unavailable by knocking out a partial or the
whole network. The answer to this question is no, thanks to the fully
decentralized construction and maintenance of the blockchain and
Bitcoin system and the consensus protocol for new block generation
and addition to the blockchain, which ensures that the processing of
 blockchain transactions can continue even if several blockchain
nodes go offline. In order for a cyber-attacker to succeed in making
blockchain offline, the attacker would have to collect sufficient
computational resources that can compromise overwhelmingly large
portion of the blockchain nodes across the entire Bitcoin. The larger
the Bitcoin network becomes, the harder it is to succeed in such
large-scale DDoS attack.
• Resistance to Double-Spending Attacks
The double-spending attack can be considered as a general security
concern due to the fact that digital information can be reproduced
relatively easily. Specifically, with transactions exchanging digital
token, such as electronic currency, there is a risk that the holder
could duplicate the digital token and send multiple identical tokens
to multiple recipients.
To prevent double-spending, Bitcoin evaluates and verifies the
authenticity of each transaction using the transaction logs in its
blockchain with a consensus protocol. By ensuring all transactions be
included in the blockchain, in where the consensus protocol allows
everyone to publicly verify the transactions in a block before
committing the block into the global blockchain, ensuring that the
sender of each transaction only spends the bitcoins that he possesses
legitimately. In addition, every transaction is signed by its sender
using a secure digital signature algorithm. It ensures that if someone
falsifies the transaction, the verifier can easily detect it. The
combination of transactions signed with digital signatures and public
verification of transactions with a majority consensus guarantees
that Bitcoin blockchain can be resistant to the double-spending
attack.
• Pseudonymity:
Pseudonymity refers to a state of disguised identity. In Bitcoin,
addresses in blockchain are hashes of public keys of a node (user) in
the network. Users can interact with the system by using their public
key hash as their pseudo-identity without revealing their real name.
Thus, the address that a user uses can be viewed as a pseudo-
identity. We can consider the pseudonymity of a system as a privacy
property to protect user’s real name. In addition, users can generate
as many key pairs (multiple addresses) as they want, in a similar way
as a person can create multiple bank accounts as she wishes.
Although pseudonymity can achieve a weak form of anonymity by
means of the public keys, there are still risks of revealing identity
information of users