Nakamoto's mistakes have made Bitcoin more central. Do you understand these questions?

The "Analysis of Common Problems in Blockchain" series covers a wide range of common problems in the field of blockchain. These common problems will basically plague every blockchain developer. The basic content includes the following aspects:

Blockchain technical limitations, data redundancy, security, mining, weaknesses in various consensus agreements, transaction speed, security issues, 51% attack issues, witch attacks, exchanges, Ethereum smart contract security vulnerabilities, mining And the power dilemma, bitcoin and Ethereum transaction efficiency dilemma, bitcoin expansion, isolation verification, lightning network, sidechain, DAG technology, hard fork history, system upgrade maintenance, etc., covering the blockchain The area where problems may occur.

This article is the second part of "Analysis of Common Problems in Blockchain". The previous article introduced the technical limitations of blockchain and the security of blockchain . This article will discuss the weaknesses of mining and consensus agreements, transaction efficiency issues and systems. The upgrade and maintenance issues 3 continue to explore common problems in the blockchain.

Why do you have to understand these issues? Old iron, you will know after reading this article!

Weaknesses in mining and consensus agreements

1. Nakamoto Satoshi’s loss

Bitcoin designer Nakamoto is not a god after all. When designing bitcoin, he decentralized as the fundamental premise. He originally hoped to use discrete computing resources to solve the problem of computing power by each person's computer to complete the blockchain. The complex calculations necessary for consensus and trading, so PoW was designed to reward the nodes involved in the calculation. Based on this agreement, every Bitcoin participant in the world can start their own computers for mining and participate in fair participation to acquire Bitcoin.

But the later development should be what designers don't want to see: due to the extremely low efficiency of CPU mining, people find that GPU efficiency is relatively high, develop GPU mining, then FPGA, and finally develop into AISC (Application Specific Integrated Circuit) Mine, if the GPU mining is also inconsistent with "everyone for me and me for everyone", then the birth of the AISC professional mining machine completely deviated from the original intention of the original "one machine, one ticket".

Since then, the PoW mechanism seems to have entered the arms race. Finally, the centralized distribution of mining machines has formed a mine. The centralization of computing power has made it impossible for latecomers to participate fairly. At the same time, the excessive concentration of computing power is not conducive to the security of the entire Bitcoin network. After all, there is a potential threat of the famous "51% attack."

The so-called "mine pool" is that everyone integrates computing power and solves the same problem together. This method requires unified management. The general practice is to open the task of the mining pool and prepare appropriate incentives. Regardless of the level of power, a mining gambling gambling-like gambling is turned into a statistical reward to reduce returns. Volatility. This industrial mining revolution will gradually improve with the promotion of the PoW consensus mechanism.

2, mining and computing power concentration dilemma

The related safety topic brought about by the centralized management of the mining pool is a hot topic. There was a time when Bitcoin was a popular participation game, and people could use their own home computers to steal bitcoin. However, as the difficulty of mining increased, professional computer chips and professional bitcoin mining groups emerged and formed some large-scale mining pools. They are mainly distributed in China, as well as some countries and regions with low electricity.

Compared with the dilemma of the application of blockchain technology, Bitcoin’s “mining” business landscape is good here. What is unfolding here is an arms race of "computing power." Thanks to the bitcoin mechanism, the winner of this "power game" in the mine, the winner can even decide the fate and direction of Bitcoin.

Because of the “51% attack” problem of most blockchain consensus algorithms, and the increasing concentration of pool power, our controversy has focused on decentralized systems and centralization debates that are increasingly concentrated in computing power. . At present, there is actually no problem of 51% attack, but it is undeniable that the concentration of computing power at least violates the original intention of decentralization of Bitcoin and becomes a major hidden danger for its continued development.

3. Other consensus algorithms and their problems

The self-trust of the blockchain is mainly reflected in the fact that the users distributed in the blockchain do not need to trust the other party of the transaction, nor do they have to trust a centralized organization, and only need to trust the software system under the blockchain protocol to realize the transaction.

The premise of this self-trust is the consensus mechanism of the blockchain. In a market that is not trusting, the necessary and sufficient condition for each node to reach agreement is that each node will maximize its own interests. Spontaneously and honestly abide by the pre-set rules in the agreement, judge the authenticity of each record, and finally record the records that are judged to be true in the blockchain. In other words, if each node has its own independent interests and competes with each other, it is almost impossible for these nodes to conspire to deceive the user. This is especially true when nodes have a public reputation in the network.

01

Comparison of various consensus mechanisms in blockchain

The best design for consensus mechanisms is to provide pluggable modular consensus. The choice of consensus algorithm is highly relevant to the application scenario, and different applications should have different consensus algorithm choices.

Transaction efficiency problem

1. Bitcoin and Ethereum's trading efficiency dilemma

When it comes to transaction efficiency, we first need a measure to measure the efficiency of a system's transactions using the TPS indicator in a blockchain system.

02

TPS can be calculated based on the number of transactions completed during the test cycle. For example, the user performs 6 transactions per minute with a TPS of 0.10 TPS. At the same time, we will know the response time (or beat) of the transaction. In this example, the completion of 6 transactions in 60 seconds also represents the response time or beat of each transaction is 10 seconds.

A system throughput is usually determined by two factors, TPS and concurrency. Both values ​​for each system have a relative limit. Under the application scenario access pressure, as long as one item reaches the highest system value, the throughput of the system will not go up. If the pressure continues to increase, the throughput of the system will decrease, because the system is overloaded, context switching, Other consumption, such as memory, causes system performance to degrade.

According to this indicator, in the case of Bitcoin, the TPS is about 7, and the Ethereum is about 20, which translates to the concept of 24 hours a day, which is roughly equivalent to 300,000 pen/day for Bitcoin and 450,000/day for Ethereum.

According to Blockchain's data, investors need an average of 78 minutes to confirm a bitcoin transaction. At an individual time, the average length was as high as 1188 minutes, or nearly 20 hours. This will greatly reduce the user's interest in using Bitcoin.

2. Bitcoin expansion

A currency is not born with value, but is valuable when many people believe that it is valuable. This can also be said to be a "consensus mechanism" formed in a certain group. Bitcoin expansion has been an important issue in the community because of the slow bitcoin transaction speed mentioned earlier.

The first thing to clarify is that Bitcoin expansion is not an increase in Bitcoin, but rather an increase in Bitcoin's trading volume limit for Bitcoin trading volume. And why should we increase the trading volume limit?

Bitcoin was originally designed to dig up a block of 1MB every 10 minutes (about), and the average transaction is 250 bytes. Therefore, each block can be put into 4000 transactions, which is approximated to Equal to 7 transactions per second. This number is too small, such as Paypal is 100-per-thousands per second, and the centralized trading system like Alipay is 100,000-thousands per second in the "Double Eleven". Compared with them, Bitcoin cannot be called a trading system at all.

There are two technical problems in the expansion of Bitcoin. First, how to achieve technology, that is, how much expansion is appropriate. The second question is how to implement it. Considering that the Bitcoin system is a distributed system, it will face more problems at the implementation level, because it involves the coordination of old and new nodes at the implementation level, how old and new books are coexisting and mutual recognition.

The upgrade of the distributed system must be upgraded for each node. If someone does not upgrade, there will be a fork. Regarding the bifurcation, the foregoing has been explained in detail, and will not be described here.

3. Bitcoin isolation verification, lightning network and side chain

The scalability of the blockchain is still an academic problem. For example, the volume problem has always been the biggest problem of Bitcoin. How to realize the expansion of Bitcoin transaction volume? Simply put, there should be the following four ways.

  • Change the PoW (workload proof) consensus mechanism used by Bitcoin . This is equivalent to changing the security mechanism of Bitcoin, or using other consensus mechanisms to upgrade Bitcoin is difficult to get the approval of the original Bitcoin related personnel. Because Bitcoin already carries too many users and value, it even assumes the responsibility of the entire digital currency and blockchain banner. If you want to completely change the consensus algorithm and take the risk of unpredictable expansion, investors, miners, and developers will not easily agree.
  • The block size can be changed , but it cannot be increased too much because the data storage and transfer workload is greatly increased.
  • Change the block generation interval . This interval can be reduced, but it will cause a large number of lone blocks and forks in the Bitcoin network, resulting in a lot of power waste and security risks.
  • Modify data storage rules , blocks of the same size can carry more transactions.

Isolation verification is a way to increase transaction capacity without increasing the block size.

As mentioned above, Bitcoin's transaction is about 250 bytes. The main data includes the following two parts:

  • Transfer record , which is the transaction party and transaction amount;
  • The user has the right to make proof of the transaction , which is a set of digital signatures.

In fact, Bitcoin's signature data is large. Roughly estimated, the signature is about 2/3 of the size of the transaction.

In this way, we can pull out all the signatures in the transaction and then package all the signatures behind the data block, saving about 2/3 of the space. In other words, each transaction is divided into two parts: the transaction and the witness (signature). The transaction part is only about 100 bytes, so a 1MB block can put 10,000 transactions (the original is 4000), and then all the witness parts, about 1.5MB ~ 2MB, are placed behind.

New nodes that use isolation verification techniques can of course accept this data format, while old nodes that do not recognize the witness behind the data block still consider the previous part to be a legitimate block. In this way, the upgrade of the isolated witness can be achieved through the soft fork. With this method of isolation verification, it is possible to increase Bitcoin by 2 to 3 times the transaction volume.

In addition, quarantine verification fixes a bug in Bitcoin called "Malleability." Bitcoin's signature method is more complicated, its signature is only for UTXO, and does not contain all the information in the transaction. In this case, the attacker can change the information in the transaction, or change the transaction ID, but the signature information is still valid. The quarantine witness presents the signature information from the transaction and can sign the entire transaction so that the Bitcoin transaction cannot be changed and the transaction ID can be fixed. More importantly, a technology called "Lightning Network" can be implemented more easily.

Lightning Network is a capacity expansion mechanism of Bitcoin that does not change the structure of the main chain. Simply put, it is a chain trading mechanism that provides guarantees in the chain. In fact, it is to sign a protocol on Bitcoin, and then set up a channel outside the Bitcoin main chain. The user's coin can exist on this channel for fast payment. Lightning Network is a decentralized architecture network that is essentially different from traditional transactions.

03

For example, you often transfer money to someone, you don't have to upload the transaction to the bitcoin chain every time. Both of you can sign an agreement on Bitcoin and pay a deposit. Then, as long as the total amount of transfers between you does not exceed the margin, the transfer can be carried out privately. This agreement guarantees that if the other party is guilty, you can rely on the transfer record. Upload it to the blockchain and take away the money that belongs to you, without having to authorize it again. This method is in fact not comparable to the main chain transaction, it is completely another form of transaction, providing another means of payment. The lightning network can move some of the transactions under the chain, reducing the burden on the main chain.

During the transaction, Lightning Network allowed the creation of a “micro-payment channel”. Similar to the transaction, a transaction chain was established. Multiple Bitcoin transactions can still be carried out safely without interaction with the main chain. These payment transactions in the channel are extremely fast, and unlike current bitcoin payments, which require lengthy transaction verification times, only the last transaction in the transaction chain needs to actually enter the bitcoin blockchain. If either party terminates the cooperation, or if there is no response within the agreed time, the channel can be closed. Importantly, this payment is routable, and it is a specialized communication pipe established across multiple hop paths.

Instead of creating a channel for each new contractor, you can maintain some channels, connect with a few good security agencies, and complete transactions through them. This is the idea behind a simple payment channel. This payment channel already exists. You can always send a replaceable transaction to someone, each time the amount is a little larger than the previous one. Once a certain condition is reached, the channel is terminated and only the last payment is broadcast to the entire network.

It turns out that with only a small amount of bitcoin upgrades that are almost uncontroversial, one can generate a more versatile payment channel that allows two-way payments and allows for "conditional payments." Conditional payments allow users to build a payment network. In fact, users can set some conditions through security and non-trust dependencies, such as "If Zhang San paid Li Si, I will pay Zhang San." After some things happen, the user's wallet will automatically broadcast the conditional payment transaction to the Bitcoin network and wait.

In theory, this distributed micropayment network (Lightning Network) can expand the daily trading volume of Bitcoin to billions of pens, and rarely use the blockchain, and only a small transaction fee.

Of course, the mechanism of this lightning network also has security holes. If the transactions in this channel have security problems before they are confirmed by the main chain, some transactions will be unrecognizable, resulting in property losses.

The Lightning Network paper proposes a mechanism for generating channels and payment networks. It is also a hot spot for Bitcoin innovation today.

The side chain is a new blockchain based on anchor bitcoin, just like the dollar is anchored to the gold bar. Bitcoin is equivalent to the gold status of the monetary system in the blockchain, with the most decentralized, most distributed nodes, and the most fair blockchain. Sidechains are the goal of a cryptocurrency financial ecosystem in a convergent manner, rather than rejecting existing systems like other cryptocurrencies. With sidechains, we can easily build a variety of intelligent financial contracts, such as stocks, futures, derivatives, and more. Users can have thousands of sidechains anchored to Bitcoin, with different characteristics and purposes, all of which depend on the flexibility and scarcity of the Bitcoin main blockchain guarantee. The more famous bitcoin sidechain is the element chain launched by Rootstock and BlockStream.

4. DAG-based speed-up technology

DAG (Directed acyclic graph), a directed acyclic graph, is a commonly used data structure in the computer field. Because of the unique features of the unique topology, it is often used in scenarios such as dynamic programming, shortest paths in navigation, and data compression.

The first time DAG was introduced in conjunction with the blockchain was in the Nxt community, and it was discovered that DAG was originally created to address the efficiency of the blockchain. The efficiency of Bitcoin has been relatively low. The block-out mechanism based on the PoW consensus is one reason. Due to the chained storage structure, there can only be one chain at a time in the entire network, which makes it impossible to execute concurrently. Some people in the community have proposed to use DAG topology to store blocks. At this time, more solutions are similar to sidechains. Different chains store different types of transactions, reducing the possibility of "double flowers". After that, a node needs to be merged. At the time, several branches are merged into one block.

Through the above assumptions, we can change the chain storage structure of the block and become the block DAG. In the case that the block packing time is constant, n blocks can be packed in parallel in the network, and the transactions in the network can accommodate n times.

At this time, the combination of DAG and blockchain still stays in the side chain. Different types of transactions can be carried out in different chains in parallel to achieve the purpose of improving performance. At this time, the DAG still has the concept of block.

But the concept of block is actually a key factor that hinders us from improving efficiency. So, can you have no concept of block? Why do you need a block? Can each transaction be directly involved in maintaining the order of transactions across the network? After the transaction is initiated, it skips the stage of packing the block and directly integrates into the whole network, thus achieving the so-called "blockless" effect. This is indeed the time to save the packaged transaction. The combination of DAG and the blockchain is to solve the efficiency problem. Now, there is no need to confirm the package. After the transaction is initiated, it will directly enter the confirmation network. In theory, the efficiency is naturally improved a lot.

Since then, the prototype of the DAG blockchain, which is unique in blockless, has basically taken shape. Among them, IOTA and Byteball are the most outstanding in the market. Some concepts of the blockchain of the DAG system are interesting, and understanding these concepts makes it easier to understand DAG technology.

The essential difference between DAG and chained architecture is asynchronous and synchronous communication. DAG increases network throughput by asynchronously processing transaction operations, using some propagation algorithm to send operational logs between nodes, and through a mechanism (IOTA validates the first two transactions each time and calculates a PoW representative weight) The weight is assigned to the operation. Compared to the chain structure of synchronous operation, the DAG structure, like any asynchronous mechanism, can bring about an increase in throughput, but the problem is that it cannot effectively predict the time and period when the transaction is confirmed.

An important issue with DAG networks is the resolution of network width. In the DAG network, each transaction is confirmed and needs to be linked to a transaction that is already in the network and relatively new; if you select an earlier transaction in the network, the network width will be too wide and new transactions will be difficult to confirm. The ideal state is that when a new transaction is initiated, the existing and relatively new transactions in the network are selected for link confirmation, so that the width of the network is kept within a certain range, allowing the new transaction to have a sufficiently fast confirmation time. The main features of the DAG are as follows:

  • Fast transaction speed : DAG has abandoned the block concept and the transaction directly enters the whole network, so the transaction speed is expected to be much faster than the blockchain that needs to be blocked based on PoW and PoS;
  • No need to mine : DAG decentralizes the transaction confirmation environment directly to the transaction itself, without having to be packaged into blocks by the miners to agree to the transaction sequence. So there is no miner role in the DAG network;
  • No commission : The transaction is initiated with a simple proof of PoW workload. The PoW in the entire network is initiated by the originator, not to the miner, so no transaction fee is required to initiate the transaction;
  • Need to witness the node : DAG needs the existence of witness mechanism, this part, whether it is DPoS, PoS, PBFT, everyone will eventually seek a balance in efficiency and security.

5, other speed-up ideas

At present, the problem of blockchain efficiency is more prominent, but I believe that more new technologies will be generated as time goes by, and the speed increase can be considered from the following aspects.

Network bandwidth: The development of network bandwidth will further allow the generation of better and more advanced distributed consensus mechanisms;

Hardware speed: Continuous improvement of hardware speeds including various CPUs and GPUs will greatly improve the efficiency of the blockchain;

Consensus algorithm: The current algorithms have defects and deficiencies, which will gradually develop and the agreement will be continuously improved;

Concurrent execution: The chain structure is theoretically lacking a concurrency mechanism, and asynchronous concurrency techniques like DAG will continue to improve;

Data format: The data format stored in the blockchain can be stored by compression technology to improve the efficiency of the blockchain.

System upgrade maintenance problem

1, hard fork history

Ethereum: The successful implementation of the Byzantine hard fork in 2017, through the creation of new rules for the upgrade of the underlying protocol, to complete the performance improvement and function addition of the entire system. On October 16, 2017, Ethereum officially announced that “Byzantine” successfully implemented hard forks in the 4.37 million blocks of Ethereum. After the agreement was upgraded, the block rewards were adjusted, the block size was reduced, and the platform was The problem of including the privacy of the blockchain introduces a solution such as zero-knowledge proof, which completes the technical goal of the developer to create an ecological environment more suitable for decentralized application.

a) Ethereum (ETH) and Ether Classic (ETC)

The DAO program is based on the Ethereum Smart Contract to establish a crowdfunding platform, which was officially released in May 2016. As of June of that year, the funds raised exceeded US$160 million. Later, The DAO was exploited by hackers to exploit the vulnerability of smart contracts, transferring $50 million in Ethereum. In order to recover the investor's assets, the Ethereum community voted to change the Ethereum code and hope to recover the funds. To this end, Ethereum hard-forked in the 1st, 920,000 blocks, rolling back all Ethereum (including possessed by hackers).

However, some people think that the practice of Ethereum violates the decentralization and irreversible spirit of the blockchain, insisting on mining in the original chain, thus forming two chains: a chain that does not recognize the rollback transaction—Ether Classic (ETC), a chain that recognizes the rollback transaction—Ethernet (ETH), each representing a different community consensus and values. People who hold Ethereum at the fork will hold both ETH and ETC after the fork.

Ethereum (ETF) Ethereum's public chain on December 14, 2017, the innovative technology of the main fog calculation, increased the ability of distributed storage and distributed computing, with reduced network latency, saving computing resources, reducing The advantages of small core network pressure, while bringing higher reliability.

b) Bitcoin gold

Bitcoin Gold (BTG) is another bitcoin hard fork product around October 25, 2017. Bitcoin gold is a confrontation against the concentration of big miners. Bitcoin miners are increasingly using custom ASICs to mine, but ASICs are expensive and only reduce prices when bought in large quantities, so big miners We can get huge computing power by buying ASICs at a lower price, and the computing power of the Bitcoin network is concentrated. Bitcoin gold will use a new algorithm to avoid the situation worsening.

2, system upgrade maintenance problems and forks

The upgrade and maintenance of the blockchain system includes both hardware and software.

The hardware will gradually improve with the development of technology. With the development of blockchain, more blockchain hardware devices will emerge, including mining machines, chips, blockchain hardware nodes, and various application related classes. The hardware appears. For example, various IoT devices based on blockchain systems, smart meters, water meters, gas meters, mobile phones, and various wearable devices.

Software upgrades mainly include the following aspects.

  • Data structure : For example, the change of bitcoin cash (BCH) from 1MB block to 8MB block is an upgrade of data structure;
  • Consensus algorithm : As the system runs, the consensus algorithm originally designed can not meet the growing needs of the system, and the consensus algorithm can be modified, which will bring about the upgrade of the system;
  • Encryption algorithm : The algorithm problem is the core of blockchain security. The re-secure algorithm is also a hundred secrets. Therefore, with the advancement of hacker technology, the encryption algorithm will be continuously improved and upgraded.
  • Application upgrade : When the application of the system changes, it also faces an upgrade problem;
  • Vulnerability patching : Any software system will continue to improve, looking for its own loopholes and constantly improving.

Any of the above types of modifications will likely result in the occurrence of a fork. Of course, the fork also includes human factors, because after all, the blockchain network is controlled by people. After the fork, inevitably there will be data coordination between the new and old chains and the user's diversion problem. The above content is an analysis of common problems in the blockchain industry.

Source | Blockchain Core Technology and Applications

Author | Yu Bin

Editor | George